Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ASR > 5. Audit planning > Flashcards

5. Audit planning Flashcards

1
Q

What is ‘planning’ and how does it fit into the audit process?

A

Planning is when the audit team sit down and discuss how the audit is going to be carried out and the key areas of focus where there is likely to be the most incorrect information thus impacting users of the financial statements.

It is usually done before the year end and done after accepting an engagement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the key things that planning help with in an audit?

A
  • helping to ensure that sufficient and appropriate attention is directed to the important areas
    of the audit;
  • helping to ensure that potential problems are identified and resolved early;
  • assisting in the selection of appropriate engagement staff, including the assignment of work
    to them;
  • helping to complete work effectively and efficiently; and
  • facilitating direction and supervision of the audit.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the purpose of audit planning?

A

To help ensure that audit risk is reduced to an acceptably low level.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What risk assessment procedures are used to help the auditors gain an understanding of an entity?

& what do they help gain an understanding of?

A

Analytical procedures;Enquiry; Inspection; and Observation. (AEIO)

Understanding of:
* The entity and its environment, including:
− Organisational structure, ownership and governance and business model
− Industry, regulatory and other external factors
− The measures used, internally and externally, to assess the entity’s financial performance

  • The applicable financial reporting framework and the entity’s accounting policies. The auditor
    will evaluate whether the accounting policies are appropriate and consistent with the financial
    reporting framework
  • How inherent risk factors identified will affect the susceptibility of assertions to misstatement, and the degree to which they do so
  • Internal controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What analytical procedures are used commonly at the planning stage of the audit and why?

A

Comparison, ratio analysis and reasonableness test are commonly used at planning.

Comparison is evaluating financial data against prior periods, industry standards, or budgets.
Purpose: Identifies unusual trends or variances that may require further investigation.

Ratio Analysis is analysing key financial ratios (e.g., liquidity, profitability).
Purpose: Highlights areas of potential risk or concern by examining relationships between financial metrics.

Reasonableness Test is Assessing whether figures (e.g., expenses, revenue) align with expectations based on available data.
Purpose: Ensures figures are plausible and consistent with business operations, helping to detect anomalies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the risk-based approach to auditing?

A

Auditing standards require the auditor to adopt a risk-based approach to auditing.

This approach focuses attention to the areas most likely to contain a material misstatement and therefore allows for an efficient approach.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is audit risk and what must auditors do in response to this’?

A

Audit risk is the risk that the auditor gives an inappropriate opinion (effectively the risk that they fail to detect a material misstatement) when the financial statements are materially misstated.

The auditor must reduce the audit risk to an acceptably low level.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is audit strategy and how does it differ from an audit plan?

A

Audit strategy sets out the scope, timing and direction of the audit engagement (as required by the ISA UK Standards).

An audit plan is a detailed document for gathering evidence to reduce the audit risk to an acceptably low level by describing the approach to the expected nature, timing and extent of the audit procedures to be performed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the audit risk model formula?

A

Audit Risk = Risk of material misstatement x Detection Risk

where Romm = Inherent risk x Control risk

Dectection risk = Sampling risk x Non-sampling risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is business risk and why does it need to be managed?

ISA 315 

A

ISA 315 - Business risk is “a risk resulting from significant conditions, events, circumstances, actions or inactions that could adversely affect an entity’s ability to achieve its objectives and execute its strategies, or from the setting of inappropriate objectives and strategies. Directors are required to manage business risks.”

These risks need to be managed because a failure to recognise the need for change may also give rise to business risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the main categories of risk that could affect businesses?

A
  • Operational risk
  • Legal and regulatory risk
  • Reputational risk
  • Environmental risk
  • Disaster risk
  • Cybersecurity risk
  • Health and safety risk
  • Interest rate risk
  • Exchange rate risk
  • Credit risk
  • Liquidity risk
  • Refinancing risk
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the 4 main elements of the FRC’s risk management framework?

A
  1. The board’s responsibilities for risk management and internal control, and identification of factors boards should consider in order to exercise those responsibilities effectively.
  2. Establishment of risk management and internal control systems.
  3. Monitoring and review of risk management and internal control systems.
  4. The board’s financial and business reporting responsibilities.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the boards responsibilities for risk management and control?

A
  • To have appropriate systems in place to identify principal risks facing the company.
  • To determine the risk appetite (ie the extent of risks that the organisation is willing to take to achieve its objectives).
  • To agree how the principal risks should be managed or mitigated to reduce the likelihood of the risk occurring or its impact on the organisation.
  • To monitor the risk management and internal controls systems to ensure that they are functioning effectively and that corrective action is being taken where necessary.
  • To take responsibility for external communication (reporting) on risk management and internal control. The board has to ensure that shareholders and other stakeholders are well informed about the principal risks and prospects of the company.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

To exercise the boards responsibility for risk management and internal control, what should they do?

A
  1. Should create a culture which promotes risk management at all levels.
  2. Should consider whether it has the necessary skills, knowledge and experience to assess the risks the company faces and exercise its responsibilities effectively.
  3. Should review reports on risk management, internal control and compliance matters from the company’s internal audit function as well as the external auditor’s communications to the audit committee about matters it considers relevant in fulfilling its responsibilities.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a principal risk?

A

A principal risk is a risk that can seriously affect the performance, future prospects or reputation of the entity.

These should include those risks that would threaten its future performance, solvency or liquidity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Explain the establishment of risk management and internal control systems element of the FRC’s risk management framework

A

The board should ensure that sound risk management and internal control systems are in place to identify the risks facing the company and to consider their likelihood and impact if they were to materialise.

17
Q

What are the risk management and internal control systems of a business?

A

Risk management and internal control systems are the policies, culture, processes and systems in place to identify risks and safeguard the organisation’s assets.

18
Q

Explain the monitoring and review of the risk management an internal control systems element of the FRC’s risk management framework

A

The board needs to ensure that it monitors and reviews the effectiveness of risk management and internal controls systems annually to evaluate whether the systems address the company’s risks and are being developed, applied and maintained appropriately.

19
Q

Explain the boards financial and business reporting responsibilities element of the FRC’s risk management framework

A

The board should bear in mind the need for the annual report and accounts as a whole to be fair, balanced and understandable.

A number of disclosures need to be made in the annual report and accounts. The purpose of such reporting is to provide information about the company’s current position and prospects and the principal risks it faces.

These are:
1. Reporting on the principal risks facing the company and how they are managed or mitigated (as required by the Companies Act 2006 (CA 2006).

  1. Reporting on whether the directors have a reasonable expectation that the company will be able to continue in operation and meet its liabilities as they fall due.
  2. Reporting on the review of the risk management and internal control system (as required by the Code of Corporate Governance), and the main features of the company’s risk management and internal control system in relation to the financial reporting process (as required under the UK Listing Authority’s Disclosure and Transparency Rules).
20
Q

Why do external auditors need to consider client’s business risks?

A

They allow an auditor to further understand the business and evaluate the level of audit risk as a result of the business risk.

While planning the audit, the auditor has to consider whether the board has an effective system to identify and manage business risks and whether it has an effective system of internal control for risks that can be mitigated.

Auditors will always be interested in their client’s business risks because issues which pose threats to the business may in some cases also be a risk of the financial statements being misstated (which is how it leads to an audit risk).

21
Q

What is audit risk and what are its components?

A

Audit risk is the risk that the auditor gives an inappropriate opinion on the financial statements when the financial statements are materially misstated.

Components: Inherent risk, control risk, sampling risk, non-sampling risk

22
Q

What is the relationship between risk of material misstatement (RoMM) and detection risk (DR)?

A

RoMM and detection risk have an inverse relationship;

  • if RoMM is high, then detection risk must be low.
  • if RoMM is low, then detection risk may be high.

e.g. the higher the risk of misstatement, the more sufficient appropriate evidence the auditors need to gather to offset this back down to reducing the risk of not detecting misstatements to an acceptably low level.

23
Q

What is the relationship between business risk and audit risk?

A

The business risk model is a vehicle for the identification of audit risk, recognising that most business risks will eventually have financial consequences and, therefore, an effect on the financial statements and become an audit risk.

24
Q

What is materiality?

A

Materiality is a measure of significance. Where a matter is ‘material’ its omission or misstatement would impact the decisions of the users;

25
Q

How is materiality used in the audit process?

A

Materiality is used as a threshold throughout the audit process to direct the audit effort towards transactions, balances and items that are significant to the users.

26
Q

What are the types of materiality used in the audit process?

A
  1. Overall materiality represents a threshold as to what is significant to the financial statements as a whole. (This may be referred to as planning materiality or reporting materiality depending on the timing of the materiality calculation.)
  2. Performance materiality is set below overall materiality to reduce the probability that uncorrected/undetected misstatements exceed overall materiality to an acceptably low level.
  3. Special items materiality - Individual accounts or disclosures in the financial statements may have their own, lower, materiality levels as they may be judged by the auditor to be material (that is, of specific interest or concern) to the users of the financial statements in their own right.
27
Q

What is the difference between overall materiality and performance materiality?

A

Overall materiality is calculated at the overall financial statement level and so relates to the accounts as a whole. If all the misstatements in the financial statements added together are above overall materiality, the accounts are materially misstated and not true and fair.

Performance materiality is when the auditor calculates a lower testing or performance materiality to design procedures that will detect more misstatements that, together, could add up to more than the overall materiality threshold.

28
Q

What are audit data analytics? 

A

International Auditing and Assurance Standards Board defined audit data analytics (ADA) as follows:

“Audit data analytics is the science and art of discovering and analysing patterns, deviations and inconsistencies, and extracting other useful information in the data underlying or related to the subject matter of an audit through analysis, modelling and visualisation for the purpose of planning and performing the audit.”

29
Q

What are the advantages of using ADA techniques? 

A
  1. Data can be processed more quickly and accurately by automated processes which allows sampling risk to be reduced.
  2. Once suitable technology has been invested in, the use of ADA can make the audit process more cost effective.
  3. Improving audit quality, for example, through:
    - Allowing a deeper understanding of the entity
    - Improved focus of audit testing on the areas of highest risk through stratification of large populations
     - Enabling the auditor to perform tests on large or complex data sets where a manual approach would not be feasible
     - Identifying instances of fraud
30
Q

How are ADA techniques used at the planning stage?

A
  • Performing risk assessment procedures.

The results of these can then be used to focus on different areas of the audit at the planning stage etc.

31
Q

What is fraud? 

A

An intentional act involving deception to obtain an unjust or illegal advantage.

32
Q

What are the two types of fraud?

A

There are two types of fraud:
1. Fraudulent financial reporting (e.g.deliberate failure to process transactions, misapplication of accounting policies.)
2. Misappropriation of assets (An intentional theft of company assets or inappropriate and unauthorised use of company assets.)

33
Q

What are the responsibilities of directors and external auditors with respect to fraud? 

A

Directors - The directors (and management) of the company are responsible for preventing and detecting fraud by implementing a sound system of internal control at the company and encouraging an appropriate culture.

Auditors - The auditor is responsible for obtaining reasonable assurance that the financial statements are free from material misstatement, whether due to fraud or error.

34
Q

How is the risk of fraud considered at the planning stage? 

A

Fraud is considered via the fraud triangle. (Incentive, opportunity and rationalisation). Where these factors exist the auditor should perceive a higher risk of fraud and thus test more.

ISA (UK) 240 states that auditors should consider the risk of material misstatement in the financial statements due to fraud as part of the overall risk assessment.

35
Q

How does fraud affect audit risk?

A

A high risk of fraud will result in a higher RoMM (risk of material misstatement). Therefore, the detection risk will need to be lowered and the auditor will perform additional procedures to collect sufficient, appropriate evidence to offset this.

36
Q

What is the fraud triangle?

A

Models the reasons for why an individual may commit fraud.

1) incentive, 2) Opportunity and 3) Rationalisation

37
Q

What is the audit strategy memorandum?

A

The audit strategy memorandum is an internal document produced during the planning stage and summarises the key decisions made during the planning phase as set out in the audit strategy, such as the results of the risk assessment and materiality levels, and also contains administrative details such as logistics, timetables, budget and resourcing.

38
Q

Explain some of the typical contents of the audit strategy memorandum

(Section heading and small explanation)

A
  1. Understanding the client, its environment, the financial reporting framework being used and system of internal control

Explanation: Overview of the key aspects of the client. e.g. industry information, regulatory environment, key processes/systems/control framework at the client.

  1. Risk assessment findings and procedures planned in response

Explanation: Summary of the key areas of risks of material misstatements in the financial statements identified by the auditor at the planning stage. As well as the approach that the auditor will adopt in auditing the risks identified and the auditor’s intended testing strategy

  1. Analytical procedure results

Explanation: explanations provided for unusual or unexpected numbers or information.

  1. Materiality

Explanation: Overall performance and specific items materiality figures included in document. As well as methodology used to calculate these figures, including judgements.

  1. Staffing and key client contacts

Explanation: Number of audit team members required, along with their skills and competence. A list of key contacts at the client.

  1. Timetable

Explanation: The audit planning meeting, The year-end date, Dates of any key meetings with the client, including those charged with governance and Dates the audit team will be on-site at the client.

  1. Other matters

Explanation: the use of information technology in the audit process will need to be documented in the audit strategy memorandum.

ASR (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions