4-3 Risk oriented audit planning Flashcards
Three reasons for audit planning:
– enable the auditor to obtain sufficient appropriate evidence for the circumstances to minimize legal liability and maintain a good reputation
– help to keep audit costs reasonable
– avoid misunderstandings with the client, e.g., scope of the service
Acceptable and inherent audit risk
- Acceptable audit risk and inherent risk significantly influence the conduct and cost of audits: Much of the early planning of audits deals with obtaining information to assess these risks
- Acceptable audit risk: Measure of how willing the auditor is to accept that the financial statements may be materially misstated after the audit is completed and an unqualified opinion has been issued
- Lower acceptable audit risk means that the auditor wants to be more certain that the financial statements are not materially misstated
- Inherent risk: Measure of the auditor’s assessment of the likelihood that there are material misstatements in an account balance before considering the effectiveness of internal control
- Acceptable audit risk and inherent risk help determine the amount of evidence that will need to be accumulated and the experience level of staff assigned to the engagement
The first four steps in the planning phase…
- Accept client and perform initial planning
- Understand the client’s business and industry
- Assess client business risk
- Perform preliminary analytical procedures
…have significant influence on the execution and the costs of the audit. The planning phase helps the auditor to assess the acceptable audit risk and the inherent risk.
Accept Client and Perform Initial Audit Planning
New client investigation
– Communication with predecessor auditor (required by auditing standards):
permission from the client needed
– Investigations by gathering information from local attorneys or other businesses
Continuing clients
– Annual review
– Long-term risk of the audit > short-term benefits? Drop the client
Identify client’s reasons for audit: Likely statement users and intended use of the statement
- Obtain an understanding with the client: Engagement letter
- Develop overall audit strategy
– Select staff for engagement
– Evaluate need for outside specialists
Accept Client and Perform Initial Audit Planning – Engagement Letter (I/III)
- Goal: Understanding of the terms of the engagement between the client and the audit firm
- Content and form of the engagement letter may vary; possible contents are:
– Engagement’s objectives and information that the auditor cannot guarantee that all acts of fraud will be discovered
– Responsibilities of the auditor and management
– Identification of the financial reporting framework used
– Reference to the expected form and content of the audit report
– Engagement’s limitations
– Agreement to provide other services, e.g., management consulting
– Restrictions to be imposed on the auditor’s work, e.g., deadlines for completing the audit
– Agreement on fees
Understand the Client’s Business and Industry (I/II)
The Auditor identifies and assesses risks of material misstatement, whether due to fraud or error, based on an understanding of the entity and its environment, including the entity’s internal control.
- Understand the impact of major economic downturns on the client’s financial statements and ability to continue as a going concern
- Knowledge about major customers, suppliers and related risks
- Global operations, e.g., through strategic alliances
- Increased importance of intangible assets has increased accounting complexity and the importance of management judgments
- ISA 315 – Identifying and assessing the risks of material misstatement through understanding the entity and its environment
Understand the Client’s Business and Industry (II/II)
- Industry and external environment
– Risks associated with specific industries may affect the assessment of client business risk and acceptable audit risk
– Inherent risks depending on industry
– Unique industry accounting requirements
- Business operations and processes
– Tour client facilities and operations
– Identify related parties
- Management and governance
– Code of ethics
– Minutes of meetings
- Client objectives and strategies
– Reliability of financial reporting
– Effectiveness and efficiency of operations
– Compliance with laws and regulations
- Measurement and performance
Assess Client Business Risk
The client business risk is the risk that the client will fail to achieve its objectives.
Understand Client’s Busniess and Industry
- Industry and External Environment
- Business Operations and Processes
- Management and Governance
- Objectives and Strategies
- Measurement and Performance
step 4: Perform Preliminary Analytical Procedures
Analytical procedures…
- Are conducted in several phases of the audit process
- Enhance the auditor’s understanding of the client’s business and assess client business risk
- Reveal unusual changes as compared to prior years or industry average
- Are used to assist in determining the nature, timing and extent of auditing procedures
- Help the auditor identify areas that may represent specific risks of material misstatements
- Often based on aggregate, company-wide data, i.e., key financial ratios such as:
– Short-term debt-paying ability, e.g., cash ratio
– Liquidity activity ratios, e.g., accounts receivable turnover
– Ability to meet long-term obligations, e.g., debt to equity
– Profitability ratios, e.g., profit margin
step 4: Types of Audit Procedures ( tests)
Tests of controls:
- Gain an understanding of internal controls
- Assess effectiveness of internal controls
Substantive tests: Procedures designed to test for dollar misstatements that directly affect the correctness of financial statement balances
-Substantive tests of transactions: determine whether transaction-related audit objectives are satisfied
-Analytical procedures: comparisons of recorded amounts to expectations developed by the auditor
- Evaluations of financial information through analysis of plausible relationships among financial and nonfinancial data
- Use comparisons and relationships to assess whether account balances or other data appear reasonable compared to the auditor’s expectations
- Analysis of significant key figures and trends
- Analytical procedures range from simple comparisons to complex
- calculations and comprehensive analyses of own or competitor data
- Furthermore, analytical procedures comprise the evaluation of unexpected deviations
-Tests of details of balances :
− Focus on the monetary correctness of the ending general ledger
balances for balances sheet and income statement accounts
− Evidence usually obtained from a source independent of the client
Analytical Procedures – Important Hints Regarding Application (I/III)
- risk of analytical procedures and 4 aspects to reduce it
The most important risk of analytical procedures lies in the conclusion that an account is represented correctly although there are actually material misstatements.
In order to reduce this risk, one has to consider the following aspects:
- Relevance of the information
- Calculability of data
- Explanation for unexpected or missing changes/deviances
- Reliability of data
Analytical Procedures – Important Hints Regarding Application (II/III)
- Relevance of information:
- Calculability of data:
- Explanation of unexpected or missing changes/deviances:
Relevance of information:
- It is not reasonable to compare very different/heterogeneous data (e.g.different branches)
- It is not reasonable to use unreliable, non-comparable branch data based on different accounting standards
- Possibly considerable rises in prices
- A comparison between actual and target state is only feasible with well-controlled budgeting and financial planning
Calculability of data:
Predict expected results
Explanation of unexpected or missing changes/deviances:
Depends on materiality and the impact on the conclusions. A missing change/deviance does not automatically imply that the account is appropriate
Analytical Procedures – Important Hints Regarding Application (III/III)
-reliability of data
• Reliability of data: The data reliability may be assessed by considering a sample:
– E.g.: Regarding write-downs of receivables the age structure of debitors is taken into account. Thus, the age structure has to be assessed by a sample in order to have a reliable data base
• Reliability of data is influenced by:
– Independence of the source
– Independence of the person in charge from the source
– Well-controlled accounting function
Definition of Materiality
The magnitude of an omission or misstatement of accounting information that, in the light of surrounding circumstances, makes it probable that the judgment of a reasonable person relying on the information would have been changed or influenced by the omission or misstatement.
Materiality and Audit Risk
In conducting an audit of financial statements, the overall objectives of the auditor are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, thereby enabling the auditor to express an opinion on whether the financial statements are prepared, in all material respects, in accordance with an applicable financial reporting framework; and to report on the financial statements, and communicate as required by the ISAs, in accordance with the auditor’s findings.The auditor obtains reasonable assurance by obtaining sufficient appropriate audit evidence to reduce audit risk to an acceptably low level.Audit risk is the risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated.
Audit risk is a function of the risks of material misstatement and detection risk. Materiality and audit risk are considered throughout the audit, in particular, when:
a) Identifying and assessing the risk of material misstatement;
b) Determining the nature, timing and extent of further audit procedures; and
c) Evaluating the effect of uncorrected misstatements, if any, on the financial statements and in forming the opinion in the auditor’s report.
The Relationship Between the Risks
Risk-oriented Audit and Audit Risk Model
( formula)
