Error: Errors are unintentional misstatements or omissions of amounts or disclosures in the financial statements.
Fraud: Fraud is an intentional act by one or more individuals among management, those charged with governance, employees, or third parties involving the use of deception that results in a misstatement of the financial statements.
Fraudulent financial reporting: Fraudulent financial reporting involves intentional misstatements or omissions of amounts or disclosures in the financial statements that are designed to deceive financial statement users.
Misappropriation of assets: Misappropriation of assets, or defalcation, involves theft of an entity's assets when the effect of the theft causes the financial statements not to be presented in conformity with GAAP.
Incentives: A reason to commit fraud.
Opportunity: A lack of effective controls.
Rationalization/attitude: An attempt to justify fraudulent behavior.
Even a properly planned and executed audit may fail to detect fraud. In expressing an audit opinion, the auditor provides only reasonable (not absolute) assurance that the financial statements are free of material misstatements resulting from errors or fraud.
Management is responsible for designing and implementing programs and controls to prevent, deter, and detect fraud.
The auditor has a responsibility to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or fraud.
The auditor should maintain an attitude of professional skepticism, which includes a questioning mind and a critical assessment of audit evidence, including the consideration of whether unconscious or conscious biases may impact auditor judgment.
The auditor should perform the following procedures:
Discuss fraud risk with engagement personnel.
Obtain information to identify specific fraud risks.
Assess fraud risk and develop an appropriate response.
Evaluate audit evidence regarding fraud.
Make appropriate communications about fraud.
Document the auditor's consideration of fraud.
A discussion of the potential for material misstatement as the result of fraud is required as part of planning. The discussion should include:
Brainstorming
An emphasis of professional skepticism
Consider incentives, opportunities, and rationalization/attitude issues
Consider override of internal controls
Consider how audit might respond
The auditor should perform the following procedures to obtain information useful in identifying potential fraud risks.
Inquire of Entity Personnel Regarding Their Views of Fraud Risk
Consider the Results of Analytical Procedures
Evaluate Fraud Risk Factors
The auditor should use the information gathered to identify risks that may result in a material misstatement (at either the financial statement or relevant assertion level) due to fraud.
The auditor is required to respond to the results of the fraud risk assessment on three levels.
Overall, General Response
Response Encompassing Specific Audit Procedures
Response Addressing Risks Related to Management Override
The auditor is required to assess fraud risk throughout the audit and to evaluate, at the completion of the audit, whether accumulated audit results affect this assessment.
Management and those charged with governance: Generally, any indication of fraud (even immaterial fraud) should be discussed with an appropriate level of management at least one level above those involved.
Parties outside the entity: Ordinarily, the disclosure of fraud to parties outside of senior management and those charged with governance is not part of the auditor's responsibility. However, in certain circumstances, a duty to disclose outside the entity may exist (e.g., to comply with legal and regulatory requirements, to a successor auditor).
Which of the following statements best describes an auditor's responsibility to detect errors and fraud?