The correct answers are: Audit risk is a function of the risk of material misstatement and detection risk; Inherent risk is the susceptibility of an assertion to a misstatement that could be material, assuming that there were no related internal controls; Detection risk is a function of the effectivness of an audit procedure and of its application by the auditor; Control risk is the risk that internal controls will fail to prevent or detect material errors.

ISA 200 Overall objectives of the independent auditor and the conduct of an audit in accordance with International Standards on Auditing states that audit risk is the function of the risk of material misstatement of the financial statements (inherent risk and control risk) and the risk that the auditor will not detect such misstatement (detection risk).

It also states that inherent risk is the susceptibility of an assertion to material error, regardless of the controls applied, that detection risk is a function of the effectiveness of an audit procedure and of its application by the auditor and that control risk is the risk that internal controls will fail to prevent or detect material errors.

Audit risk, including inherent risk does affect the nature and extent of the work to be performed. One of the key objectives of risk analysis is to focus audit effort on those areas that are likely to be misstated.