Professional Documents
Culture Documents
State and describe in detail those principles according to International Ethics Standards
Board for Accountants’ Code of Ethics for professional Accountants (IESBA Code). (25
marks).
The International Ethics Standards Board for Accountants (IESBA) operates under the
auspices of the International Federation of Accountants (IFAC). Auditors deal with a range of
issues on behalf of clients. They often have access to confidential and sensitive information
pertaining to their clients. IESBA Code establishes the fundamental principles of professional
ethics relevant to the auditor when conducting an audit of financial statements and provides a
conceptual framework for applying those principles. ISA 200 - Objective and general
principles governing an audit of financial statements. The conceptual framework explains
how all professional accountants are required to apply the Code in order to comply with the
fundamental principles of ethics, and where applicable, be independent. There are five
fundamental principles of ethics for professional accountants which are discussed as follows.
Integrity
Objectivity
The principle of professional competence and due care imposes the following obligations on
professional accountants, to maintain professional knowledge and skill at the level required to
ensure that clients or employers receive competent professional service and to act diligently
in accordance with applicable technical and professional standards when providing
professional services. Competent professional service requires the exercise of sound
judgment in applying professional knowledge and skill in the performance of such service.
Professional competence may be divided into two separate phases which are attainment of
professional competence; and maintenance of professional competence. The maintenance of
professional competence requires a continuing awareness and an understanding of relevant
technical professional and business developments. Continuing professional development
develops and maintains the capabilities that enable a professional accountant to perform
competently within the professional environments. Diligence encompasses the responsibility
to act in accordance with the requirements of an assignment, carefully, thoroughly and on a
timely basis. Where appropriate, a professional accountant should make clients, employers or
other users of the professional services aware of limitations inherent in the services to avoid
the misinterpretation of an expression of opinion as an assertion of fact.
Confidentiality
Professional Behaviour
The purpose of this International Standard on Auditing (ISA 315) is to establish standards
and provide guidance on obtaining an understanding of the accounting and internal control
systems and on audit risk and its components: inherent risk, control risk and detection risk.
The auditor should obtain an understanding of the accounting and internal control systems
sufficient to plan the audit and develop an effective audit approach. The auditor should use
professional judgment to assess audit risk and to design audit procedures to ensure it is
reduced to an acceptably low level. ISA 315 stresses Audit risk as the risk that the auditor
gives an inappropriate audit opinion when the financial statements are materially misstated.
Audit risk has three components: inherent risk, control risk and detection risk. ISA 315
requires the audit team to discuss risk factors as part of the audit planning process.
Control Risk
After obtaining an understanding of the accounting and internal control systems, the auditor
should make a preliminary assessment of control risk, at the assertion level, for each material
account balance or class of transactions. This is the risk that a material misstatement could
occur in an assertion, either individually or when aggregated with other misstatements, which
will not be prevented, or detected and corrected, on a timely basis by the entity’s internal
control. This addresses the risk that entity controls designed to mitigate a particular risk fail
to work properly resulting in a misstatement. If a company hires an auditing company, the
auditor from the external company will use the facts and figures provided by the company.
There are many companies that have poor internal controls when it comes to data. People
may misreport data or outright hide evidence of misdeeds from auditors because there were
no internal controls to stop them, and the auditor will accept the data, assuming it can from a
source of truth. When the audit is completed it will be based on the wrong numbers, which
means that the audit itself will be wrong as well.
Detection Risk
This is the risk that the auditor will not detect a misstatement that exists in an assertion that
could be material. Detection risk relates to the appropriate applicability, effectiveness, and
proper application of the audit procedures performed. Detection risk can never be reduced to
zero because of the inherent limitations in the procedures carried out, the human judgments
required, and the nature of the evidence examined. These risk factors are addressed through
adequate planning, proper assignment of audit personnel, the application of professional
skepticism, and supervision and review of the audit work performed. For a given level of
audit risk, the acceptable level of detection risk bears an inverse relationship to the
assessment of the risks of material misstatement at the assertion level. Therefore the greater
the RMM, the less the detection risk that can be accepted and the less the RMM, the greater
the detection risk that can be accepted. The auditor should consider the assessed levels of
inherent and control risks in determining the nature, timing and extent of substantive
procedures required to reduce audit risk to an acceptably low level.
Inherent Risk
b) Explain in detail the relationship between materiality and audit risk (10 marks)
The auditor should consider materiality and its relationship with audit risk when conducting
an audit as per ISA 320. Materiality and audit risk are related. Audit risk is the possibility that
an auditor expresses an inappropriate audit opinion on financial statements that are materially
misstated. Audit risk has two major components which are risks of material misstatement;
and detection risk.
The materiality level is based on the economic decisions made by a financial statement user.
This differs from audit risk, which relates to an inappropriate audit opinion being issued on
financial statements that are materially misstated.
If the audit was planned solely to detect individually material misstatements, there would be
no margin of error to identify and account for immaterial misstatements that might exist. As a
result, it would be possible for the aggregate of individually immaterial misstatements to
cause the financial statements to be materially misstated.
Do not reduce the overall materiality level based on a high level of audit risk. Avoid the
mistake of reducing the overall (financial statement) materiality level because of a high audit
risk. This has the effect of lowering the auditor’s tolerance level for finding misstatements,
which can actually make the situation worse. It implies that because of the high audit risk, the
decision of a financial statement user would be affected by a lower amount than if no audit
risk was present.
First establish the materiality level by reference to financial statement users and then use a
lower amount at the class of transaction or account balance level for designing further audit
procedures.
These risk factors are addressed through adequate planning, proper assignment of audit
personnel, the application of professional scepticism, and supervision and review of the audit
work performed. For a given level of audit risk, the acceptable level of detection risk bears an
inverse relationship to the assessment of the risks of material misstatement at the assertion
level. Therefore the greater the RMM, the less the detection risk that can be accepted and the
less the RMM, the greater the detection risk that can be accepted. In summary, the auditor
performs audit procedures to assess the risks of material misstatement and seeks to limit
detection risk by performing further audit procedures based on that assessment.
REFERENCES
International Standard on Auditing (UK and Ireland) 320 “Materiality in planning and
performing an audit” (ISA 320)