“Risk assessment is at the core of every audit. The goals of identifying, assessing, and responding to risks of material misstatement (“risks”) drive every audit procedure, from gaining an understanding of the entity and its internal control to vouching transactions back to vendor invoices.

However, more than a decade after the 2006 Risk Assessment Standards (Statements on Auditing Standards Nos. 104—111) provided a new road map for executing the audit, some auditors continue to struggle with implementing these standards.

Data collected by the AICPA Peer Review Program in 2016 show that more than 1 in 10 firms failed to comply with AU-C Section 315, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement, or AU-C Section 330, Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained.”

To read more of this article written by Carl R. Mayes Jr., CPA; Charles E. Landes, CPA; and Hiram Hasty, CPA, CGMA in the Journal of Accountancy, visit the website linked below: