During the client acceptance/ retention stage auditors undertake various risk assessment activities the primary objective of which is to decide whether to accept or reject an entity as a prospective client or whether to retain or relinquish an existing client. Underlying these activities is a strategic audit plan which sets out the audit firm's criteria for making this decision. In these pages, the concept of audit risk plays a significant and essential role in developing such a strategy.
Auditors evaluate existing and prospective clients. In many instances, this is based upon a preliminary knowledge of the clients business, as. for example, the auditor will not have complete access to the prospective client's staff and accounting records to obtain a detailed knowledge.
Firstly, an auditor evaluates AR1 for each financial statement item assertion. In particular, the auditor evaluates the components of AR1: IR1, CR1 and DR1, based on factors such as the competence and integrity of the client's management, unusual pressures on management, the extent to which a positive control environment exists within the entity, the independence of the auditor and the ability of the auditor to properly service the client. The evaluation of the components of audit risk allows the auditor to evaluate the overall audit risk of each financial statement item assertion [AR1 = IR1 x CR1 x DR1]. This is referred to as the achievable level of risk, as it is the risk the auditor believes s/he can achieve for each financial statement assertion.
Secondly, the auditor evaluates the acceptable level of audit risk AR*1 for each financial statement item, based on the expected reliance on the audited financial statement item by the users of statements, which can include existing and prospective shareholders, suppliers, customers, and regulatory bodies.
Finally, for each financial statement item assertion, the auditor compares the acceptable level of audit risk with the level of audit risk that the auditor believes can be achieved. If the level of audit risk that can be achieved for any financial statement item is not acceptable (i.e. if AR1 > AR*1), this means there is an unacceptable risk of material misstatement in an audited financial statement item. In this instance, the auditor does not accept/ retain the entity as a client. Where the achievable level of audit risk for all financial statement items is acceptable and the audit fee is agreeable to both parties and there are no other reasons for not accepting the engagement, then the audit is accepted/ retained.
In practice, auditors may not always apply this aspect of audit risk theory, at least consciously [fn].
