AUDIT PLANNING

AUDIT PLANNING

Planning

1. General matters


2. Materiality


3. Risk:  (Audit Risk

          (Business Risk




ISA 300 (ED) has new terminologies:
Previously: Audit plan = overall audit strategy
            Audit program = Audit plan



(I)  Understand the entity & its environment and risk assessment

The auditor should obtain and understanding of: (Entity
                                    (Environment
                                    (Internal controls

The areas to understand are:

• Nature of the entity


• Industry, Regulatory & other external factors


• Objectives, Strategies and other relating business risks


• Measurement & review of co’s performance


• Internal control

Methods of obtaining understanding:

• Inquiry of mng’t & others in the entity


• Analytical procedures


• Observation & inspection


• Audit team discussion


• Prior period knowledge

Steps in obtaining understanding:

1. Identify risks


2. Relate the risks (what can go wrong at the assertion level)


3. Magnitude of the risk (could it result in material misstatement)


4. Likelihood of the risk causing material misstatement

When a significant risk is identified, the auditor should evaluate the design & implementation of controls in that area.

(II) Auditor’s procedure in response to assessed risk (ISA315)

The auditor needs to bring down the assessed risk to an acceptable level by doing the foll:
(Evaluate the control environment
(Assign additional staff
(Use of experts
(Provide more supervision
(Must carry out substantive procedures on material items; Agree f/s to the acc/ records
                                            ; Examine material journal entry
                                            ; Examine other adj. in the prep of f/s

Documentation must be made off:

1. Discussion among the audit team


2. Key elements of understanding the entity, sources of info, risk assessment procedure carried out


3. Identified and assessed risks of material misstatements


4. Significant risks & controls


5. Overall response to address risks


6. Nature, extend & timing of further audit procedure at the assertion level


7. Reliance of the auditor on effectiveness of controls from previous audit & conclusion on how this is appropriate

MATERIALITY

An item may be material due to its: Nature(eg. Transactions  relating to directors)
                            : Value (Size, Percentages)
                            : Impact

Rules

Materiality is judgemental, but generally accepted rules are:

• Items relating to directors


• Percentages guidelines

RISK

           RISK



               (i)Audit Risk               (ii)Business Risk

               

Risk of mater. misstat.            Detection risk
in the f/s
                      

Inherent risk         Control risk     

(i) AUDIT RISK

Audit risk
The risk that the auditor may give an inappropriate opinion on the f/s


Inherent risk
The suspectibility of an account or class of trans. to material misstate.; individually or when aggregated, irrespective of related internal controls
Simply, the risk that items will be misstated due to the characteristics of these items. Auditors must use their professional judgement & understanding of the entity to assess inherent risk. If no such info is available, the inherent risk is high.

Control risk
The risk that a client control system fails to detect material misstatement.


Detection risk
The risk that audit procedures will fail to detect material errors/

The inherent and control risk assessment will influence the nature, timing & extend of substantive procedures required to reduce the detection risk.








(ii) BUSINESS RISK


Business risk: ( Financial risk
                ( Operational risk
                ( Compliance risk


Business risk: The risk inherent to the company in its operations. It is the risk at all levels of the org.

Tools to identify business risk:
(SWOT analysis
(The five forces model
(The PEST analysis
(Porters value chain
Financial risk: risk arising from financial activities or financial consequences (eg cash flow issues from overtrading)
Operational risk: risk arising with regards to operations (eg. Major supplier will be lost & the co will be unable to operate)
Compliance risk: risk arising from compliance with laws & regulations surrounding the business.

After the risk has been assessed, the correct audit strategy (approach) has to be determined (at the planning stage). The most common approach used is the risk-based approach which may be used in conjunction with other approaches.

The audit strategies/approaches are:
(Risk approach (Business risk)
(Cycles approach
(Balance sheet approach
(Directional testing (test for under /overstatements)
(Analytical procedures




GENERAL PLANNING MATTERS

Administrative details

• Logistics: Date of (inventory

                       (F/s are due to been have drafted by
                    (manager review
                    (engagement partner review
                    (engagement partner post audit meeting with client
                    (audit report is due & to be signed
                    (AGM

• Use of IT


• Time budgets


• Subsidiary objectives of the org