To determine maximum aggregate component materiality levels, we first use the cumulative binomial distribution to derive the maximum number of components that can be allowed to simultaneously contain undetected misstatements that are material at the component level. The maximum allowable number of misstated components takes into account the number of components in the group audit as well as the desired levels of component and group audit risk, and thereby constrains the risk of a material misstatement at the group level to be less than or equal to the level of desired audit risk.
It is important to note that the model reflects audit risk—the risk that an undetected misstatement that is material at the component level remains undetected in the financial statements after all audit procedures have been performed—as opposed to expected or projected misstatement—which are concepts used in audit sampling.
The CRITBINOM function in Excel can be used to calculate the maximum allowable number of failed components (refer to Excel help for a description of this function). To illustrate the calculations of the model, we use an example of a group audit with five components and group overall materiality of $5 million. The inputs to the CRITBINOM function are: (1) the number of components in the group—five, (2) the desired audit risk at the component level—5%, and (3) the complement of the desired audit risk at the group level—98% (1 − 0.02).
Based on the inputs, the function indicates the maximum number of components that can be allowed to simultaneously contain undetected misstatements that are material at the component level while still achieving the desired level of audit risk at the group level—2 components in our example. Given the planned risk of undetected misstatement of 5% at each component, the probability that more than the maximum allowable number of two components out of five simultaneously will have a material undetected misstatement is 0.12%, which is well within the acceptable level of overall group audit risk of 2%.
The benchmark multiple used to calculate maximum aggregate component materiality is determined by dividing the total number of components by the maximum allowable number of simultaneous component failures; the benchmark multiple in our example is 2.5 (5 ÷ 2). Finally, the benchmark multiple is applied to group overall materiality to determine maximum aggregate component materiality.
The benchmarks presented in Exhibit 2 are based on a model of multicomponent group audits ranging from 2 to 150 components, desired audit risk at the component level ranging from 4% to 10%, and desired audit risk at the group level of 2%. The model can accommodate other inputs deemed reasonable by the group engagement partner. Higher planned assurance at component level or lower desired assurance at the group level increases the multiple.
The groupings and benchmark multiples presented in Exhibit 2 are based on somewhat conservative approximations of the model’s outputs. That simplifies application of the model in practice and recognizes the practical limitations of the audit risk model. While the concept of audit risk can be easily modeled mathematically, there are inherent limitations in the auditor’s ability to precisely measure or evaluate achieved audit risk.
This probabilistic model does not attempt to incorporate all aspects of a multicomponent audit. For instance, the model does not explicitly consider the possibility that misstatements across components might be systematic rather than independent, or the risk that multiple components might contain undetected misstatements that are immaterial at the component level but aggregate to an amount that is material at the group level, or the need for redistribution of materiality between components due to statutory audits or substantial variability in the size of components.
There are several mitigating factors for each of these possibilities. Effective entity-level controls and communication between audit teams diminishes the risk at the group level of undetected systematic misstatements existing in multiple components or immaterial undetected misstatements aggregating to a material amount (see ISA 600, paragraphs 41 and A45).
However, component materiality levels should be reconsidered to the extent the auditor believes there is a heightened risk of fraud. Redistribution or large variability in component materiality is generally not likely to be a concern so long as the group engagement partner follows the two allocation guidelines discussed in this article and applies professional judgment in determining whether the nature and extent of testing across all components combined still achieves an acceptable level of overall audit risk.