Planning
- General matters
- Materiality
- Risk: (Audit Risk
ISA 300 (ED) has new terminologies:
Previously: Audit plan = overall audit strategy
Audit program = Audit plan
(I) Understand the entity & its environment and risk assessment
The auditor should obtain and understanding of: (Entity
(Environment
(Internal controls
The areas to understand are:
- Nature of the entity
- Industry, Regulatory & other external factors
- Objectives, Strategies and other relating business risks
- Measurement & review of co’s performance
- Internal control
Methods of obtaining understanding:
- Inquiry of mng’t & others in the entity
- Analytical procedures
- Observation & inspection
- Audit team discussion
- Prior period knowledge
Steps in obtaining understanding:
- Identify risks
- Relate the risks (what can go wrong at the assertion level)
- Magnitude of the risk (could it result in material misstatement)
- Likelihood of the risk causing material misstatement
When a significant risk is identified, the auditor should evaluate the design & implementation of controls in that area.
(II) Auditor’s procedure in response to assessed risk (ISA315)
The auditor needs to bring down the assessed risk to an acceptable level by doing the foll:
(Evaluate the control environment
(Assign additional staff
(Use of experts
(Provide more supervision
(Must carry out substantive procedures on material items; Agree f/s to the acc/ records
; Examine material journal entry
; Examine other adj. in the prep of f/s
Documentation must be made off:
- Discussion among the audit team
- Key elements of understanding the entity, sources of info, risk assessment procedure carried out
- Identified and assessed risks of material misstatements
- Significant risks & controls
- Overall response to address risks
- Nature, extend & timing of further audit procedure at the assertion level
- Reliance of the auditor on effectiveness of controls from previous audit & conclusion on how this is appropriate
MATERIALITY
An item may be material due to its: Nature(eg. Transactions relating to directors)
: Value (Size, Percentages)
: Impact
Rules
Materiality is judgemental, but generally accepted rules are:
- Items relating to directors
- Percentages guidelines
RISK
RISK
(i)Audit Risk (ii)Business Risk
Risk of mater. misstat. Detection risk
in the f/s
Inherent risk Control risk
(i) AUDIT RISK
Audit risk
The risk that the auditor may give an inappropriate opinion on the f/s
Inherent risk
The suspectibility of an account or class of trans. to material misstate.; individually or when aggregated, irrespective of related internal controls
Simply, the risk that items will be misstated due to the characteristics of these items. Auditors must use their professional judgement & understanding of the entity to assess inherent risk. If no such info is available, the inherent risk is high.
Control risk
The risk that a client control system fails to detect material misstatement.
Detection risk
The risk that audit procedures will fail to detect material errors/
The inherent and control risk assessment will influence the nature, timing & extend of substantive procedures required to reduce the detection risk.
(ii) BUSINESS RISK
Business risk: ( Financial risk
( Operational risk
( Compliance risk
Business risk: The risk inherent to the company in its operations. It is the risk at all levels of the org.
Tools to identify business risk:
(SWOT analysis
(The five forces model
(The PEST analysis
(Porters value chain
Financial risk: risk arising from financial activities or financial consequences (eg cash flow issues from overtrading)
Operational risk: risk arising with regards to operations (eg. Major supplier will be lost & the co will be unable to operate)
Compliance risk: risk arising from compliance with laws & regulations surrounding the business.
After the risk has been assessed, the correct audit strategy (approach) has to be determined (at the planning stage). The most common approach used is the risk-based approach which may be used in conjunction with other approaches.
The audit strategies/approaches are:
(Risk approach (Business risk)
(Cycles approach
(Balance sheet approach
(Directional testing (test for under /overstatements)
(Analytical procedures
GENERAL PLANNING MATTERS
Administrative details
- Logistics: Date of (inventory
(manager review
(engagement partner review
(engagement partner post audit meeting with client
(audit report is due & to be signed
(AGM
- Use of IT
- Time budgets
- Subsidiary objectives of the org
No comments:
Post a Comment