AUDIT PLANNING

OVERVIEW

Objective

To establish the objectives, scope and critical aspects of an audit.

PLANNING Essential procedure

Objectives
Definition

KNOWLEDGE OF Basic principle

THE BUSINESS Sources of knowledge
Using the knowledge

ENGAGEMENT NEW AUDITS EXISTING

LETTERS CLIENTS

See Session 5 Matters to consider Documentation

Information needs

Audit risk model

ANALYTICAL RISK Audit risk
PROCEDURES ASSESSMENTS Inherent risk
Control risk
Planning stage Detection risk
Financial condition
Overall audit plan
DOCUMENTATION Typical contents
Audit approach
Tests of control
Substantive procedures

AUDIT Essential procedures

PROGRAM Contents
Detailed examples

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0701

 AUDIT PLANNING

1 PLANNING [ISA 300]

1.1 Essential procedure

Audit work should be planned so that the audit will be performed in an effective
manner.

1.2 Definition

Planning entails developing:

a general strategy (the “overall audit plan”); and

a detailed approach for the nature, timing and extent of audit procedures “the
“audit program.

1.3 Objectives

To devote To identify To complete To assist in

appropriate potential work assigning/
attention to problems expeditiously coordinating
important area audit work

2 KNOWLEDGE OF THE BUSINESS [ISA 310]

2.1 Basic principles

A knowledge of the business should be sufficient to identify and understand the events,
transactions and practices that may have a significant impact on:

the financial statements;

the audit examination;
the audit report.

Audit assistants should have sufficient knowledge to enable them to perform the work
delegated to them. The following should also be considered:

how knowledge affects the financial statements as a whole; and

its consistency with financial statement assertions (see Session 14).

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0702

 AUDIT PLANNING

2.2 Sources of knowledge

Example 1

Suggest examples of the sources which provide background knowledge.

Client Auditor External

2.3 Using the knowledge

To assess components of risk.

To develop the overall audit plan and audit program.
To determine materiality levels (see Session 8).
To evaluate audit evidence (see Session 11) including management
representations (see Session 18).
To identify related parties and related party transactions.
To recognize conflicting information and unusual circumstances.
To make informed enquiries and assess the reasonableness of responses.
To appraise the appropriateness of accounting policies and financial
statements disclosures.
To provide a better service to clients and be responsive to their needs.

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0703

 AUDIT PLANNING

3 NEW AUDITS

3.1 Matters to consider

BEFORE AFTER
ACCEPTING ACCEPTING
APPOINTMENT APPOINTMENT

Capability and resources Obtain more detailed knowledge/

information sufficient to plan audit
− size, location
⇒ effective audit approach
− nature of business
− timing
− staffing
− current commitments

Independence

Problems eg professional
reasons (“enquiry” letter ).

3.2 Information needs

Example 2

For a new client suggest, under the following headings, what information will you
require.

Solution

GENERAL ECONOMIC INDUSTRY

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0704

 AUDIT PLANNING

MANAGEMENT AND OWNERSHIP BUSINESS

FINANCIAL PERFORMANCE REPORTING ENVIRONMENT

4 EXISTING CLIENTS

4.1 Documentation

In the case of companies audited in prior years, most of the information required for
planning will be available in the working papers (“WPs”) and other files.

Example 3

For an existing client, what changes will you need to document?

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0705

 AUDIT PLANNING

Solution

Internal External

5 ANALYTICAL PROCEDURES

ISA 520 “Analytical Procedures“

5.1 At the planning stage

Meaning Purpose Based on

The analysis of To assist in under- Interim financial

significant ratios and standing business information
trends including the
resulting investigation To identify areas of Budgets/forecasts and
of fluctuations and potential risk eg management accounts
relationships financial condition
Draft financial
− that are To plan nature, timing statements
inconsistent with and extent of other
other relevant audit procedures
information or
− which deviate
from predictable
amounts.

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0706

 AUDIT PLANNING

5.2 Financial condition

5.2.1 Importance

Deterioration potentially increases inherent risk as deliberate

misstatement/manipulation is more likely.

Ability to meet debts as they fall due underlies the going concern basis of
preparation of financial statements.

5.2.1 How assessed

Short-term – liquidity indicators

Long-term – gearing and profitability indicators

6 RISK ASSESSMENTS

6.1 Basic principles and essential procedures

6.1.1 Internal control

Understanding of the accounting and internal control systems should be sufficient to

plan the audit and develop an effective audit approach.

6.1.2 Risk assessment

Audit risk should be reduced to an acceptably low level by the exercise of professional
judgement in assessing it and in the design of audit procedures.

ISA 400 “Risk Assessments and Internal Control”

6.2 “Audit risk model”

Basic principle

Assessed levels of inherent and control risks should be assessed in determining the
nature, timing and extent of substantive procedures required to reduce audit risk to an
acceptably low level.

Components

Audit Inherent Control Detection

Risk = Risk (IR) × Risk (CR) × Risk (DR)

(Ultimate risk) Auditor manages/manipulates to

achieve acceptable audit risk
Auditor assesses
exist independently of audit

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0707

 AUDIT PLANNING

6.3 Audit risk

Definition

The risk that the auditor gives an inappropriate audit opinion when the financial
statements are materially misstated.

For example, issuing an unmodified opinion where, in fact, a modified

opinion was appropriate.

An overall acceptable level of audit risk may be quantified as a matter of

practice (ie audit firm) policy (eg 5%). This % may provide the basis for
mathematical derivation of detection risk and sample sizes.

6.3 Inherent risk

6.3.1 Definition

The susceptibility of an account balance (or class of transactions) to misstatement that

could be material (individually or in aggregate) assuming no related internal controls.

Basic principle

Inherent risk should be:

assessed at the financial statement level – in developing the overall audit

plan;

assessed at the assertion level (see below) or otherwise assumed to be high –

in developing the audit program.

6.3.1 Financial statement vs assertion levels

Auditor assesses

At financial At account balance

statements level and class of
⇒ Overall audit plan transactions level
⇒ Audit program

Financial statement assertions (see Session 14) concern account balances and
classes of transactions. Thus the “assertion level” is a more concise way of
referring to the “account balance and class of transactions level”.

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0708

 AUDIT PLANNING

Example 4

State at which level (financial statements or assertion) the following factors would be
evaluated.

Solution

(1) Doubts about the integrity of management

(2) Management inexperience in the preparation of the financial statements

(3) Accounts which involve a high degree of estimation

(4) Entity lacks sufficient capital to continue operations

(5) Potential for technological obsolescence of products and services

(6) Complex underlying transactions and events which might require using the work
of an expert

(7) Complex capital structure

(8) Highly desirable and movable assets (eg cash) susceptible to loss or
misappropriation (eg theft, embezzlement)

(9) Unusual and complex transactions completed at or near the period end

(10) Numerous locations and geographical spread of production facilities

(11) Changes in consumer demand

(12) Transactions not subject to ordinary processing

6.3.2 Lower risk factors

Established stable industry, little influenced by external conditions.

Strong control environment, control conscious management – little chance of
management override.
Long-standing audit client, requiring few adjustment with unmodified opinions.
Low labour turnover (of management and employees).
Experienced, competent management.
Restricted share owner (ie private limited companies).

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0709

 AUDIT PLANNING

6.4 Control risk

6.4.1 Definition

The risk that a misstatement that could occur (at the assertion level) and be material
will not be:

prevented; or
detected and corrected on a timely basis;

by the accounting and internal control system.

Example 5

Suggest factors may indicate high control risk.

Solution

6.4.1 Preliminary assessment

The evaluation of the effectiveness of the accounting and internal control systems.

Basic principles and essential procedures

The preliminary assessment of control risk should be:

assessed at the assertion level for each material account balance or class of
transactions;
assumed to be high UNLESS:
internal controls which are likely to prevent/detect/correct material
misstatement relevant to the assertion are identified; and
tests of control are planned to be performed to support the
assessment.

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0710

 AUDIT PLANNING

CR will be assessed as high when:

accounting and internal control systems are not effective; or

evaluating the effectiveness of accounting and internal control

systems would not be an efficient audit approach.

6.5 Detection risk

6.5.1 Definition

That the auditor’s substantive procedures will not detect a misstatement that exists (in
an account balance or class of transactions) that could be material.

The level of DR relates directly to the auditor’s substantive procedures.

IR and CR assessments influence the nature, timing and extent of substantive

procedures to be performed to reduce DR (and therefore audit risk) to an
acceptably low level.

Some DR would always be present even if examining 100% of an account

balance or class of transactions.

DR may be further analysed, eg between sampling risk and non-sampling

risk.

Methods of varying detection risk Egs where inherent/control risk are high

1 Change nature of audit work ⇒ Direct tests toward independent parties rather than
documentation within entity.

⇒ Use tests of detail in addition to analytical procedures.

2 Change extent of audit work ⇒ Use a larger sample size.

3 Change timing of audit work ⇒ Perform a procedure at the period end rather than at an
earlier (interim) date.

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0711

 AUDIT PLANNING

Illustration
Audit risk: Say 5% risk of drawing the wrong conclusion is acceptable. (Most firms
operate between 1% and 5%.)

Inherent risk: Assessed at 75% risk that material problems could arise.

Control risk: Assessed at 20% risk that controls may miss material errors.

Required:

Calculate detection risk.

Solution

Using the model ⇒ 0.05 = 0.75 × 0.2 × DR

Therefore DR = 0.33.

This means that substantive testing levels will be adequate even if there is a 33%
chance of them failing to detect material errors or omissions.

Example 6

Audit risk is accepted as 5%. A new client company undertakes research and
development for the pharmaceutical industry. The client is seeking a listing on the
Stock Exchange. Inherent risk is assessed as high (100%). However, the client
appears to have strong accounting systems and internal controls. Control risk is
assessed at 40%.

Required:

Calculate detection risk and comment on how it compares with that calculated in the
preceding illustration.

Solution

DR =

Comment:

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0712

 AUDIT PLANNING

6.5.2 Basic principles

Some substantive procedures should always be carried out for material account
balances and classes of transactions.

More evidence should be obtained from substantive procedures the higher the inherent
and control risk assessments.

A qualified opinion (or a disclaimer of opinion) should be expressed if detection risk

cannot be reduced to an acceptable level.

Forms of audit opinions are illustrated in Session 17.

7 DOCUMENTATION

Planning entails developing

a general strategy ⇒ the “overall audit plan”

a detailed approach for the nature, timing and extent of the audit procedures
⇒ the “audit program”

7.1 The overall audit plan

An overall audit plan describing the scope and conduct of the audit should be
developed and documented.

Example 7

Suggest 10 matters to be considered in developing the overall audit plan, using the
following five headings as prompts.

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0713

 AUDIT PLANNING

Solution

Co-ordination, direction, supervision and review

Knowledge of the business

Risk and materiality

Accounting and internal control systems

Nature, timing and extent of procedures

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0714

 AUDIT PLANNING

7.2 Form and content

Must be sufficiently detailed to facilitate the development of the audit program.

Will depend on the:

entity (eg a multi-national engineering group, a small retailer)

complexity of the audit and methodology used (eg audit or business risk
approach and the use of IT in automating the audit process).

Terms of the engagement

The work to be done ie audit work, accounting work to be done for the client, tax work, letters to be
sent. Including reports required and client expectations.

The client and its background

History, products, locations, especially noting factors like a new managing director/computer
system/product.

Group structure

Important figures and ratios (analytical procedures)

From previous years audit working papers and if available, from management and draft accounts.

Audit approach
Extent of reliance on internal control, the use of tests of controls and substantive procedures.

Critical audit objectives and risk areas

These might include intangibles, inventories contract work in progress, contingent liabilities, revenue
recognition, foreign currency, related party transactions.

Preliminary estimate of materiality

The maximum amount of error acceptable to be satisfied that financial statements show a true and fair
view.

Client assistance
Client contacts. Assistance from the client may be required in providing documents and analyses,
providing computer time, arranging visits to branches. Also the extent to which internal audit may be
involved.

Timetable

Key audit dates (interim, year-end and final audit visits), draft management letter and reporting
deadlines.

Staffing requirement
Offices and audit staff – including associated practices.

Time budget and audit fee estimate

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0715

 AUDIT PLANNING

7.3 Audit approach

The audit approach will usually depend on the perceived strength of internal
controls. Evaluating and testing the internal controls within a system is
optional (see Session 9). This is because a wholly substantive audit (where
no reliance is placed on internal controls) can be performed if it provides a
more cost-effective audit approach.

However, if the auditor does decide to consider the client’s internal controls
as part of the audit approach the controls will be ascertained and evaluated
prior to obtaining audit evidence. This is because the way in which evidence
is obtained will differ.

Evidence about the operation of internal controls is obtained by

tests of controls.

Other evidence is obtained by substantive procedures.

7.4 Tests of control

Aim

To obtain audit evidence about the effectiveness of the

− design of A & IC systems – ie whether they are suitably designed to prevent
or detect and correct material misstatements.
− operation of the ICs throughout the period.

7.5 Substantive procedures

Aim

To obtain audit evidence to detect material misstatements in financial statements. Two

types
− tests of details of transactions and balances
− analytical procedures.

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0716

 AUDIT PLANNING

8 THE AUDIT PROGRAM

8.1 Essential procedures

An audit program setting out the nature, timing and extent of planned audit procedures
should be developed and documented.

A set of instructions

The overall audit plan and audit program should be revised as necessary during the
audit.

8.2 Typical contents

Audit objectives

Audit procedures

Time budget

Timing of tests of control and substantive procedures

8.3 Detailed examples

See Appendix 3

§1 Revenue
§2 Purchases
§3 Wages and salaries
§4 Property, plant and equipment
§5 Inventory
§6 Receivables and prepayments
§8 Bank
§9 Trade payables and accrued expenses

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0717

 AUDIT PLANNING

FOCUS

You should now be able to

describe the components of risk

illustrate the application of risk analysis (ie determine areas of audit risk and
consider inherent risk, control risk and detection risk

develop the audit plan.

describe the sources and nature of information gathered (eg to obtain

knowledge of the business) in planning assignments

describe the purpose of analytical procedures in planning

describe and illustrate the contents of work plans and work programs (see
also Appendix 3).

EXAMPLE SOLUTIONS

Solution 1 – Sources

Client Auditor External

− Directors/senior − Previous relevant − Predecessor auditor

operating personnel experience
− Legal advisors
− Internal audit
− Specialist publications − Industry regulators
− Visit to premises and (eg on hotel audits)
plant facilities − Government data
− Technical experts (eg IT) − Customers
− Minutes of meeting
− Documents sent to − Suppliers
shareholders/filed − Competitors
with authorities
− Trade journals
− Financial budgets
− Financial press
− Management reports
− Chart of accounts
and Job descriptions

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0718

 AUDIT PLANNING

Solution 2 – Information

GENERAL ECONOMIC FACTORS THE INDUSTRY

Recession/growth Market/competition
Interest rates Cyclical/seasonal trade
Sources of finance Technology/fashion
Inflation Key ratios
Government policy (eg monetary, fiscal, Specific accounting practices
trade) and incentives (eg regional
Environmental requirements
development grants)
Regulatory framework
Foreign currency (rates and controls)

MANAGEMENT & OWNERSHIP BUSINESS

Corporate structure Nature (manufacturer, exporter)

Owners and related parties Locations (office, warehouse)
Local/foreign Employment (union contracts)
Capital structure Products/services/markets
Organizational structure Suppliers (delivery methods eg JIT)
Philosophy and strategic plans Inventories
Acquisitions and disposals Research and development
Sources of finance Information systems
Board of directors Debt structure (including covenants)
Operating management
Internal audit
Attitude to internal control environment

FINANCIAL PERFORMANCE REPORTING ENVIRONMENT

Key ratios Legislation

Trends Regulations and requirements
Accounting policies Taxation
Earnings/cash flow Audit reporting requirements
Leasing commitments Users of financial statements
Lines of credit
Off-balance sheet finance
Foreign currency and interest rates

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0719

 AUDIT PLANNING

Solution 3 – Changes

Internal External
business developments (in e- new legislation and regulation (eg environmental,
commerce) health and safety)

new products, services latest accounting standards (eg IAS 39 Financial

Instruments: Recognition and Measurement)
key personnel (starters and
leavers) specialist regulators (and trade unions)

accounting systems and extent of competitors and their products

computerisation
economic (interest/foreign exchange/ tax rates etc)
administration and IT functions
industry practices

Solution 4 – Inherent risk factors

Financial statements level

1 (see Discussion below), 2, 4, 5, 7, 10 (see Discussion) & 11

Assertion level
3, 6, 8 (see Discussion), 9 & 12

Discussion
(1) Consider doubts about the integrity of management, could that inherent risk affect the
financial statements as a whole or just a few individual account balances? Suppose
management wanted to overstate profit (in order to pay themselves bonuses say). To increase
profit management could

overstate revenue (eg by bringing forward next year’s sales revenue into the current
year – ie a deliberate cutoff error)
understate costs (eg by suppressing purchase and expense invoices)

Because every Dr has a Cr there are then implications for the balance sheet

overstatement of trade receivables (because they do not owe the money at the year
end)
understatement of trade payables (because liabilities are not recorded).

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0720

 AUDIT PLANNING

Profit could also be increased by understating provisions against assets

obsolescence provisions against inventory

depreciation provisions against tangible long-term assets
B&DD provisions against trade receivables.

In conclusion then, doubts about management integrity has a pervasive effect on the financial
statements as a whole and so this risk is assessed at the financial statement level.

(8) Consider cash balances (ie physical money rather than bank balances). These balances may be
very small in relation to the assets as a whole (eg cash floats in the till/register of a shop). At
the financial statement level the auditor may take no account of these and so ignore them in
the overall audit plan. However, cash is inherently risky (because it can be stolen if
safeguards are not adequate) and cannot be ignored at the account balance level.

However, in a cash-based business (ie cash revenue, purchases and assets paid for in cash) this
would be considered at the financial statement level (ie in the preparation of the overall audit
plan) because, again, it has a pervasive effect.

(10) Numerous locations is likely to involve one or more of

“consolidation”
transfer pricing
inventory/tangible asset movements.

Solution 5 – Control risk factors

History of errors found by auditor

Management attitude/dominance
Inexperienced/incompetent staff
Lack of segregation of duties/inadequate supervision
Size of entity/accounting systems

Solution 6 – Detection risk

AR 0.05
AR = IR × CR × DR DR = DR = = 0.125
IR × CR 1.0 × 0.4

DR must be rendered lower than in the Illustration . (We should have anticipated this as both
IR and CR have been assessed as higher.) The level of substantive procedures is therefore
relatively higher.

Another way of expressing this is that the level of audit assurance required from
substantive procedures is

100 – 12.5 = 87.5%

ie a relatively high level of assurance is required.

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0721

 AUDIT PLANNING

Solution 7 – Developing the overall audit plan

Co-ordination, direction, supervision and review

number of locations and staffing requirements

involvement of others (eg internal audit, experts, other auditors)
audit timetable and reporting deadlines
terms of engagement (eg provision of other services such as system reviews)

Knowledge of the business

state of the economy – global, national and local

factors affecting the industry (eg skills shortages)
technological developments (eg use of e-commerce)
competence and business acumen of key management personnel

Risk and materiality

known risk areas (eg if the entity is a target for a takeover bid or
there are significant doubts about going concern)

likelihood of material error or fraud

significance of related parties and related party transactions

materiality threshold of transactions and balances to the balance

sheet and income statement

Accounting and internal control systems

previous knowledge and experience of the adequacy of accounting

information as a basis for the preparation of the financial statements

accounting policies and practices (eg to account for leases)

links (if any) between “shop front” and “back office” systems
(especially in e-commerce)

extent to which the auditor expect to rely on the system of controls

Nature, timing and extent of procedures

extent of computerisation and availability of computer-assisted

audit techniques

work and findings of internal audit

extent of reliance on internal controls

use of substantive analytical procedures

reporting deadlines (eg to meet very tight reporting deadlines, audit

procedures may be carried out before the year end and “rolled-forward”)

 Accountancy Tuition Centre (Overseas Courses) Ltd 2001 0722