Skip to main content

Audit Guide: Assessing & Responding to Audit Risk In a Financial Statement Audit

Audit Guide: Assessing & Responding to Audit Risk In a Financial Statement Audit


ISBN: 978-1-941-65133-9

Nov 2016

576 pages


Want to ensure effective and efficient execution of the Risk Assessment Standards? AICPA has the resources you need:

  • Audit Risk Assessment Tool (available online only)
  • Assessing and Responding to Audit Risk in a Financial Statement Audit - AICPA Audit Guide

The Audit Risk Assessment Tool walks an experienced auditor through the risk assessment procedures and documents those decisions necessary to prepare an effective and efficient audit program. Designed to be used in lieu of cumbersome checklists, it provides a top down risk-based approach to the identification of high risk areas to allow for appropriate tailoring of audit programs which will result in audit efficiencies. The tool is available in the Online Subscription format and includes access to the full Risk Assessment Guide.

The AICPA Audit Guide Assessing and Responding to Audit Risk in a Financial Statement Audit is the definitive source for guidance on applying the core principles of the risk-based audit methodology that must be used on all financial statement audits. This guide is written in an easy-to-understand style that enables auditors of all experience levels to find answers to the issues they encounter in the field. Unique insights, examples and a comprehensive case study clarify critical concepts and requirements.


This Audit Risk Assessment Tool is designed to provide illustrative information with respect to the subject matter covered and is recommended for use on audit engagements that are generally smaller in size and have less complex auditing and accounting issues. It is designed to help identify risks, including significant risks, and document the planned response to those risks. The Audit Risk Assessment Tool should be used as a supplement to a firm's existing planning module whether in a firm-based or commercially provided methodology. The Audit Risk Assessment Tool is not a complete planning module.

The AICPA recommends the Audit Risk Assessment Tool be completed by audit professionals with substantial accounting, auditing and specific industry experience and knowledge. For a firm to be successful in improving audit quality and efficiencies, it is recommended that a 5+ years experienced auditor completes the Audit Risk Assessment Tool or the engagement team member with the most knowledge of the industry and client (often Partner in small/medium firms) provides insight to whomever is completing the ARA Tool. The AICPA recommends this should not be delegated to lower-level staff and just reviewed – it should be completed under the direction of the experienced auditor (if you delegate to inexperienced auditor you will be at risk for less effectiveness and efficiencies because the tool is intended to be completed by an experienced auditor).

The Audit Risk Assessment Tool does not establish standards or preferred practices and is not a substitute for the original authoritative auditing guidance. In applying the auditing guidance included in this Audit Risk Assessment Tool, the auditor should, using professional judgment, assess the relevance and appropriateness of such guidance to the circumstances of the audit. This document has not been approved, disapproved, or otherwise acted on by a senior committee of the AICPA. It is provided with the understanding that the staff and publisher are not engaged in rendering legal, accounting, or other professional service. All such information is provided without warranty of any kind.

Part I Authoritative and Nonauthoritative Guidance on the Auditor’s Risk Assessment in a Financial Statement Audit

1 Overview of Applying the Audit Risk Standards .01-.42

2 Key Concepts Underlying the Auditor’s Risk Assessment Process .01-.122

3 Planning and Performing Risk Assessment Procedures .01-.147

4 Understanding the Client, Its Environment, and Its Internal Control .01-.89

5 Risk Assessment and the Design of Further Audit Procedures .01-.76

6 Performing Further Audit Procedures .01-.125

7 Evaluating Audit Findings, Audit Evidence, and Deficiencies in Internal Control .01-.79

Part II Additional Resources


A Considerations in Establishing the Overall Audit Strategy

B Understanding the Entity and Its Environment

C Internal Control Components

D Exhibit—Management Antifraud Programs and Controls: Guidance to Help Prevent, Deter, and Detect Fraud

E Illustrative Financial Statement Assertions and Examples of Substantive Procedures Illustrations for Inventories of a Manufacturing Company

F Consideration of Prior Year Uncorrected Misstatements

G Assessing the Severity of Identified Deficiencies in Internal Control

H Examples of Circumstances That May Be Deficiencies, Significant Deficiencies, or Material Weaknesses

I Suggestions for Conducting Inquiries

J Matters to Consider in Determining Performance Materiality

Part III Illustrative Audit Documentation Case Study


K Illustrative Audit Documentation Case Study: Young Fashions, Inc.

K-1 Young Fashions: Understanding of Entity and Its Environment

K-2 Young Fashions: Evaluation of Entity-Level Controls

K-3 Young Fashions: Understanding of Internal Control—IT General Controls

K-4 Young Fashions: Evaluation of Activity-Level Controls—Wholesale Sales

K-5 Young Fashions: Assessing Risks of Material Misstatement and Linkage to Further Audit Procedures

K-6 Young Fashions: Evaluation of Uncorrected Misstatements and Assessment of Control Deficiencies

L Schedule of Changes Made to the Text From the Previous Edition

Index of Pronouncements and Other Technical Guidance

Subject Index