Module 15: Planning 2 - responding to audit risk and adapting audit plan Flashcards
Journals testing - identifying journal entries that exhibit fraud characteristics
Page 319 in the Tolley.
In addition:
- large amounts
- posted in one period and reversed in the following period
- key words (such as miscellaneous)
- targeted at particular balances, in particular revenue
Audit tests over journals
- evaluate the PURPOSE and APPROPRIATENESS of the journal
- agreeing the journal posted in GL to SUPPORTING DOC
- inspecting journal posting sheet to confirm the posting and journal was AUTHORISED by an INDEPENDENT PARTY
- Enquire of mgmt WHY they were posting journals and what their access rights are
Exam tip: Question will ask you to identify and explain audit risks and possibly the impact
Determine whether it is a financial statement level risk or assertion level risk
Where risks are identified at the FINANCIAL STATEMENT LEVEL RISK - use the prescribed ISAs
- weak control environment (ISA 330, A1-3)
- Fraud across FS (ISA 240, 28-29, A33-36)
- Going concern - ISA 570, 10-4, 12-2, A8-12
Assertion level risk, consider whether their is a specific ISA that provides guidance or ALTERNATIVELY two elements to your approach:
- Mgmt’s PROCEDURES AND CONTROLS the auditor would understand and test
- A high level of SUBSTANTIVE TEST that the auditor would undertake in relation to the risks identified.
Test of Controls (ToC)
Auditor gains an UNDERSTANDING of the CONTROL ACTIVITIES the entity has in place to manage risks that can result in a misstatement in the FS or sig classes of transactions
Operation of these controls during the period must be tested.
Determine the NET of substantive procedures
Based on the REVISED risk assessment, auditor will DETERMINE the LEVEL OF SUBSTANTIVE TESTING REQUIRED to collate sufficient, appropriate evidence.
Audit strategy memorandum: use BSSMART headings
- BACKGROUND of the client (1-1.5marks)
- SYSTEMS and controls info (1-1.5)
- STAFFING of audit engagement and key client contacts (1-1.5) - detail name, role and area of responsibility. Include experts
- MATERIALITY (5 steps if asked to calc => 4 marks or 1 mark if given)
- ANALYTICAL procedure results (10-15 marks)
- RISK assessment findings and procedures planned in response (audit risk and audit approach table) = 15 marks)
- TIMETABLE (1-1.5)
Timetable of an audit
Audit planning visit
Meet with mgmt to communicate the planned scope and timing of the audit
Interim audit visit
Year-end date
Final audit
Meet with mgmt to communicate sig findings from audit
Board meeting to approve accounts and audit report signed
Response to assessed ROMM: Stages of the auditor’s risk assessment
- IDENTIFY audit risks through obtaining an UNDERSTANDING OF THE ENTITY
- Assess the SIGNIFICANCE of the risks, whether misstatement is likely and the magnitude could be material
- Identify the IMPACT on the FS at the FS or ASSERTION level
- plan the AUDIT APPROACH and identify the processes to be documented
- Identify, document and ASSESS the DESIGN of the INTERNAL CONTROLS which mitigate the risks
- perform initial ROMM assessment
- TEST the operating effectiveness of the controls
- REVISE the ROMM assessment
- DETERMINE NET of substantive procedures
Exam tips: assertion level risks approach is less prescribed. Follow specific ISAs e.g. fraud, laws and regs or RP OR include the following two elements in your approach:
- Mgmt’s procedures and controls the auditor would understand and test
- A high-level substantive procedure that the auditor would undertake in relation to the risks identified