There are certain relationships among audit risk components. For a specified level of audit risk, there is an inverse relationship between the assessed levels of inherent and control risks for an assertion and the level of risk that the auditor can accept that assertion.
Thus, the lower the assessments of inherent and control risks, the higher the acceptable level of detection risk.
Inherent and control risks relate to the client’s circumstances, whereas detection risk is controllable by the auditor. Accordingly, the auditor controls audit risk by adjusting detection risk according to the assessed levels of inherent and control risks.
In relating the components of audit risk, the auditor may express each component in quantitative terms, such as percentages, or non-quantitative terms, such as very low, low, moderate, high, and maximum.
In either case, an understanding of the relationship expressed in the audit risk model is essential in determining the planned acceptable level of detection risk.
You May Like Also: