Audit risk is the risk that the financial statements are materially misstated and the auditor fails to detect such a misstatement.
Audit risk and materiality are closely related. Materiality must be established before audit risk has any meaning. For example, a 4% risk of a $20,000 misstatement of income has a completely different meaning than a 4% risk of a $200,000 misstatement.
Desired audit risk is the subjectively determined risk that the auditor is willing to take that the financial statements are not fairly stated after the audit is completed and an unqualified opinion has been reached. The lower the desired audit risk, the more sure the auditor wants to be that the financial statements are not materially misstated. Zero risk would be certainty, and a 100% risk would be complete uncertainty. Audit risk can range anywhere from zero to one (0 to 100 percent), but no more or less. Complete assurance (zero risk) of the accuracy of the financial statements is not economically practical. The auditor cannot guarantee the complete absence of material errors and irregularities.
The concept of desired audit risk can be more easily understood by thinking in terms of a large number of audits, say ten thousand. What portion of these audits could include material errors without having an adverse effect on society? Certainly, the portion would be below ten percent. It is probably much closer to one or one-half of 1% or perhaps even one-tenth of 1%. If an auditor feels the appropriate percentage for a given audit is one, desired audit risk is 1%.
Achieved audit risk is the actual level of risk, after the audit is completed and an unqualified opinion issued, that the statements are materially misstated. Achieved risk must be less than desired risk or the auditor should not issue an unqualified opinion.
The auditor achieves a reduction of audit risk by gathering evidence. The lower the desired audit risk, the more evidence the auditor must obtain. Since an increased amount of evidence means increased cost, the decision concerning the proper audit risk is one of cost versus benefit. The important question is : at what point does the cost of acquiring more evidence exceed the benefit obtained from the additional information? When the desired risk is reached, the auditor should stop accumulating evidence.
The auditor will have sufficient competent evidence when the achieved audit risk equals desired audit risk. Lower audit risk could be achieved, but cost would be increased.
If the auditor believes the additional cost exceeds the additional benefit from continuing the accumulate evidence, but audit risk is still not satisfactory, he has several options. He may negotiate for a higher audit fee, issue a disclaimer of opinion, bear the additional costs himself, or withdraw from the engagement (Hrd).
Source of this article : Auditing – An Integrated Approach, Alvin A.Arens & James K. Loebbecke