Launch offer — 25% off with code LAUNCH-25 See plans →
Try now → N
📚 Learn/ Paper 5 — Auditing & Ethics/ Core Audit Concepts
Microlesson · 5-min read

SA 200 – Audit Risk: Detection Risk and Risk of Material Misstatement

## Audit Risk Components (SA 200)

### The Audit Risk Model

$$\text{Audit Risk} = \text{Risk of Material Misstatement (RMM)} \times \text{Detection Risk (DR)}$$

ComponentWho Controls ItDefinition
RMMManagement / entityRisk that F/S are materially misstated before the audit starts; = Inherent Risk × Control Risk
Detection Risk (DR)AuditorRisk that audit procedures will fail to detect a material misstatement that exists

### The Inverse Relationship (Critical Exam Point)

To keep overall Audit Risk at an acceptably low level:

If RMM is...DR must be...Auditor's response
HIGHLOWPerform more/better/extensive audit procedures
LOWHIGHFewer/less extensive procedures are acceptable

> DR is the only component the auditor can control. Auditors assess RMM; they set DR.

### Analytical Procedures as an Early Warning

Unusual fluctuations in ratios (e.g., gross profit ratio jumping from 14% to 24%) signal high RMM for affected assertions. Possible explanations:

  • Overvaluation of closing inventories
  • Overstatement of revenues
  • Understatement of direct expenses

When RMM is assessed as high for specific assertions, the auditor must lower detection risk — meaning more targeted, rigorous procedures on those assertions.

Worked example

### Example 1

Q: CA Tina observes that gross profit ratio jumped from 14% to 24% year-on-year. She assesses RMM as HIGH for revenue and direct expenses. Her junior Ms. Tisha suggests keeping detection risk at a HIGH level. Is Tisha correct?

A: No. When RMM is high, detection risk must be kept low. Audit Risk = RMM × DR; to keep Audit Risk low when RMM is high, DR must decrease — meaning the auditor must perform more extensive, rigorous procedures on revenue and direct expense assertions. Keeping DR high would mean doing less work, which is the wrong response to elevated RMM.

### Example 2

Q: A manufacturing company has strong IT-based internal controls over inventory counting. Control risk for inventory is assessed as low and inherent risk is also low. What does this imply for detection risk, and what does the auditor do?

A: RMM (= Inherent Risk × Control Risk) is LOW. Therefore, the auditor can set detection risk higher — meaning less extensive substantive testing of inventory is needed to keep overall audit risk at an acceptable level.

⚠️ Common exam mistakes

  • Getting the direction of the RMM–DR relationship backwards — when RMM is HIGH, DR must be LOW (inverse relationship).
  • Thinking management can change detection risk — DR is entirely within the auditor's control; it depends on the nature, timing, and extent of audit procedures chosen.
  • Confusing RMM with audit risk — RMM is only one component; audit risk also includes detection risk.
  • Forgetting that the auditor ASSESSES inherent risk and control risk, but SETS detection risk — these are different activities.
Reference:
← Previous
Rotation of Auditors [Section
Next →
SA 200 – Inherent Limitations
Now that you've read this — what's next?
Move from understanding → mastery in 3 clicks. Each option below picks up from this lesson's topic.
🔥 Drill 5 Qs on this → ✍️ Adaptive practice →
Start 15-min diagnostic