When managing audit risk levels, an auditor will want her overall audit risk to be reduced to a level she is wiling to accept otherwise it will not be worthwhile for her to carry out the audit at all if the risk levels are high.
Auditors should consider how risky new clients are during the engagement process and make a decision whether or not go ahead with the appointment. If they accept the appointment and the risk levels are high then they must look for ways of managing this risk.
Auditors manage the overall audit risk by manipulating the detention risk, the only element of the audit risk that the auditor has control over.
This is because the more audit work the auditor carries out the lower the detection risk. However, it can never be entirely eliminate due to inherent limitation of audit. Such limitations include:
• Collusion between the management and third parties to cover fraud
• Time constraint placed by the client
• Auditors cannot review 100% of the transactions. Ordinarily they sample which could result to sampling risk.
By inherent risk and control risk being high. It implies that the auditor will not carry out the test of controls but will increase substantive procedures.
Detection risk being low will mean that the auditors will carry out a substantial amount of substantive tests.
Managing audit risks at planning level facilitates proper audit performance.