Planning An Audit (Basics) - Chapter 7 Flashcards
ISA300?
requires the auditor to plan the audit
benefits of audit planning under ISA300?
- attention is devoted to important areas
- problems are identified
- audit is organised effectively & efficiently
- appropriate staff are chosen
- aids coordination of work
- facilitates direction, supervision and review of work
ISA300 also requires the auditor to…
document an overall audit strategy and a detailed audit plan
6 key considerations when establishing the overall audit strategy?
- audit approach
- risk assessment
- preliminary analytical procedures
- materiality
- entity & its environment
- coordination of audit
does the auditor need to develop a plan that aligns with the overall audit strategy?
yes
an audit plan should include a description of…
- the nature, extent & timing of planned risk assessment procedures
- the nature, extent & timing of further audit procedures at the assertion level
how to gain an understanding of an entity?
- discussion/observation
- websites/online
- analytical procedures
- past experience
- companies’ house
can gain an understanding from the firm, myself, the company and other
what must an auditor understand about a client?
the entity
the environment
must an auditor understand the FR framework of the entity?
yes
e.g., accounting principles, revenue recognition, complex transactions etc
attention should be paid to which specific areas when understanding an entity’s accounting policies?
- methods applied to unusual transactions
- controversial areas
- environment changes
- new financial laws/standards
must sustainability / climate-related risks be considered when understanding an entity?
yes
must determine how sustainability influences the entity’s business mode, regulatory factors, industry factors etc
can sustainability risks cause material misstatements?
yes e.g., non-disclosure or greenwashing or revocation of licenses, poor internal controls etc
financial statement level?
assertion level?
FS level = risks relating to the FS as a whole (can impact many assertions)
assertion level = risks relating to specific FS assertions
materiality thresholds?
0.5-1% of rev
5% of PBT
1-2% of total assets
2-5% of net assets
5-10% of profit after tax
examples of scenarios that are material by nature?
misleading descriptions
small amounts which impact critical points
transactions by directors
related party transactions
performance materiality?
an amount set at less than materiality for the FS to reduce risks of reaching materiality threshold
why is sustainability important?
investors are becoming increasingly invested in a company’s climate-friendly nature, heavily influencing their economic decision making
double materiality?
concept that considers sustainability issues that may create financial risks but also sustainability issues
when are analytical procedures used?
- at the planning stage
- can be used as a substantive procedure
- used to help form an overall conclusion on the FS
limitations of analytical procedures?
- require sound knowledge/experience of the entity which may be limited in a 1st year audit
- experienced staff may be required to carry them out
- quality of AP’s relies on the reliability of source data
how are analytical procedures performed?
- understand the business
- develop an expectation
- compare actual to expectation
- unexpected variations = risk
gross profit margin?
(gross profit / revenue) x 100
to assess profitability
operating margin?
(operating profit / revenue) x 100
to assess profitability
operating profit AKA..
PBIT
profit before interest and tax
return on capital employed?
(operating profit / equity + debt) x 100
measures how effectively resources are in generating profit
AKA return on equity
current ratio?
current assets / current liabilities
ability to pay current liabilities with current assets
quick ratio?
(current assets - inventory) / current liabilities
ability to pay current liability from reasonably liquid assets
gearing ratio?
net debt / equity
assessing reliance on external finance
interest cover?
profit before interest payable / interest payable
assess ability to pay interest charges
trade receivables collection period?
(TR / revenue) x 365
assess the average time taken to collect cash from credit customers
inventory holding period?
(inventory / COGS) x 365
assess average length of time for which inventory is held
trade payables payment period?
TP / COGS x 365
assess the average time taken to pay suppliers
business risk?
risk that can adversely impact an entity’s ability to achieve their objectives
can business risks be caused by climate change?
yes
e.g.,
- non-compliance
- sectoral risks
- loss of investors
- business failure to adapt/evolve
- extreme climate events
two types of business risk in relation to climate change?
physical risks = risks exposed to due to climate change (e.g., severe weather)
transition risks = related to transition to low-carbon economy (e.g., new tech, stranded assets)
climate change can impact what 3 things?
- the FS
- business / audit risks
- going concern
audit risk?
risk that the auditor will express an inappropriate opinion
audit risk = risk of material misstatement + detection risk
risk of material misstatement = inherent risk + control risk
detection risk = non sampling risk + sampling risk
two levels of risk of material misstatement?
FS level = relating to the FS as a whole
assertion level = relating to specific FS assertions
risk of material misstatement?
detection risk?
ROMM = risk that FS are misstated prior to the audit commencing
detection risk = risk that the auditor doesn’t detect material misstatements in FS
risk assessment procedures are meant to help understand…
- the entity and its environment
- the FR framework
inherent risk?
risk of misstatement before consideration of controls
control risk?
the risk that a misstatement isn’t prevented by controls
detection risk?
sampling risk?
non-sampling risk?
detection = risk that the auditor won’t detect MM
sampling = risk of wrong conclusion from non-representative sampling
non-sampling = risk of drawing wrong conclusion for other reasons (e.g., 1st year audit or time pressure)
scalability?
ISA’s need to be applied to all entities regardless of size/complexity
significant risks?
risk that is close to the upper end of the spectrum of inherent risk
require special consideration
e.g., transactions involving subjectivity, complex data, accounting principles are subjective
common risks in audits?
- management override
- journals
- revenue recognition
- cyber security
in order to reduce audit risk to an acceptable level, the auditor should…
- determine overall responses to risks at FS level
- perform audit procedures to respond to assessed risks at the assertion level
examples of responses to risks at FS level?
- emphasise need for pro scepticism
- assign extra or more experienced staff
- use the work of experts, internal auditors or other auditors
- change the audit strategy
- make audit procedures more unpredictable
responses to risks at assertion level?
- adjust nature & extent of procedures
- consider risks from climate change
considerations when relying on the work of others? (e.g., internal auditors, experts, other auditors)
- competence
- independence
- whether the work is suitable for 3rd party reliance
cyber security?
protects systems, networks and data
increased use of technology makes cybersecurity more relevant
risks include:
- hacking
- fraudulent theft
- sabotage
- viruses
growth of big data results in which new business risks?
- reputational damage
- breaches of GDPR leading to fines
- misstatements in FS
IT security controls?
should be in place to cover prevention, detection and deterrence of IT risks
cloud computing?
over recent years, more businesses have adopted cloud computing services, allowing businesses to access data from any location
- creates cost savings
- danger that inadequate cyber security can lead to theft or loss of data
- auditor must consider if cloud computing software is reliable
