Week 3 Flashcards
The main stages of an audit are:
risk assessment phase
risk response phase
reporting phase.
Risk assessment phase:
Auditor must plan the audit to reduce audit risk to an acceptably low level. A well planned audit ensures that sufficient appropriate evidence is gathered for accounts most at risk of material misstatement.
Audit risk
Audit risk is the risk that an auditor expresses an inappropriate audit opinion when a financial report is materially misstated.
Risk response phase:
Risk response involves detailed tests of controls and substantive testing of transactions and accounts.
Concluding and reporting on an audit:
Reporting involves evaluating results of detailed testing in light of the auditor’s understanding of their client and forming an opinion on the truth and fairness of the client’s financial report.
Gaining an understanding of the client
According to ASA 315; ISA 315, gaining an understanding of the client is necessary to assess the risk that the financial report contains a material misstatement due to:
The nature of the client’s business.
The industry in which the client operates.
The level of competition within that industry.
The client’s customers and suppliers.
The regulatory environment in which the client operates.
Stages of gaining an understanding of the client:
entity level
industry level
economy level.
Entity level:
major suppliers major customers international transactions capacity to adapt to changes in technology warranties and discounts client reputation and operations client relations with employees
Industry level:
level of competition client reputation level of government support level of government regulation level of demand for client goods/services.
Economy level:
How do overall economic conditions affect client?
- interest rate changes
- financial crises
- shareholder expectations of increasing profits in good times.
What are specific pressures on client to understate or overstate profits in these conditions?
Fraud risk
Auditor must asses risk of material misstatement due to fraud (ASA 240; ISA 240). Auditor adopts attitude of professional scepticism:
Auditor adopts attitude of professional scepticism:
Maintaining an independent questioning mind.
Search thoroughly for corroborating evidence to validate information provided by the client.
Don’t just rely on past experience with client
Indicators (red flags) of possible fraud:
high turnover of key employees key finance personnel refusing to take leave overly dominant management poor compensation practices inadequate training programs complex business structure
Incentives and pressures to commit a fraud:
In assessing the risk of fraud, an auditor will consider incentives and pressures faced by their client to commit a fraud.
Examples of incentives and pressures that increase the risk of fraud include:
the client operates in a highly competitive industry
a significant decline in demand for the client’s products or services
falling profits
a threat of takeover
Opportunities to perpetrate a fraud:
After identifying one or more incentives or pressures to commit a fraud, an auditor will assess whether a client has an opportunity to perpetrate a fraud.
Examples of opportunities that increase the risk that a fraud may have been perpetrated include:
accounts that rely on estimates and judgement
a high volume of transactions close to year-end
significant adjusting entries and reversals after year-end
significant related party transactions
poor corporate governance mechanisms
Attitudes and rationalisation to justify a fraud:
An auditor will assess the attitudes and rationalisation of client management and staff to fraud.
Examples of attitudes and rationalisations used to justify a fraud include
a poor tone at the top (that is, from senior management).
the implementation of an effective internal control structure is not seen as a priority.
an excessive focus on maximisation of profits and/or share price
Going concern
Auditor must consider whether it is appropriate to assume that client will remain a going concern (ASA 570; ISA 570). Going concern justifies valuing assets on basis they will continue to be used in business and liabilities paid when due. Remaining a going concern is the responsibility of client governance.
Auditor must obtain sufficient appropriate evidence to assess validity of going concern assumption.
Auditor makes professional judgement about going concern risk, based on risk indicators.
Going concern risk — indicators:
Auditor is required to assess client efforts to identify going concern risk factors.
Auditor should obtain evidence of effect of risk factors on client and its ability to continue as going concern.
ASA 570; ISA 570 has list of going concern risk indicators.
Examples include:
significant debt/equity ratio
long term loans due, no alternative finance
prolonged losses, inability to pay debts when due
loss of significant customer, supplier problems
If going concern is in doubt, undertake additional audit procedures
Assess cash flow, revenues, expenses, interim results.
Review debt contracts, board meeting minutes.
Discussions with client management and lawyers.
Auditor should also consider factors that mitigate (reduce) going concern risk.
Letter of guarantee from parent company.
Availability of assets or segment of business for sale for cash.
Ability to raise funds through share issue or borrowing
Corporate governance
Corporate governance is the rules, systems and processes within companies used to guide and control activities.
Used to monitor actions of staff and assess level of risk faced.
Controls used to reduce identified risks and ensure future viability of the company.
ASX principles and recommendations for listed companies.
ASX principles and recommendations for listed companies.
Companies required to disclose their compliance.
Information technology
Auditor should consider particular risks faced by client related to IT (ASA 315; ISA 315), for example:
Unauthorised access to computers, software and data:
need security, passwords to prevent distorted data.
For example:
Errors in programs:
Can occur if not thoroughly tested before implementation, or mistakes made when changing programs.
Closing procedures
Client closes accounts when preparing financial reports at year-end.
Revenue and expense accounts should include all transactions for the year, and none that relate to other periods.
Accrued assets and liabilities should be complete.
Assets and liabilities should include all relevant items.
Auditor faces risk that client closing procedures are inadequate.
Audit procedures to assess adequacy of client closing procedures:
Assess adequacy of client interim reporting procedures.
Check accuracy of accrual calculations.
Analyse results to assess reasonableness.
