Acceptence

Apppointment and Signing Engagement Letter (EL)

Plan and Audit

Understand the Entity and its environment – RAP

1. Prior Audit Knowledge

2. Read SOP and ICS
3. Enquiry the relevant personnel

Document AUDIT STRATEGY and AUDIT PLAN

Recording the ICs on Auditor’s Working paper (AWP)

- Understand the IC system in the company (CRIME)
1. Narrative notes
2. Flow charts
3. Questionnaires
4. Checklist

Evaluation of ICS – Perform Walkthrough Test (pick one trans, follow,agree)

Assess ROMM

First assessment of CONTROL RISK

TEST OF CONTROL

Final assessment of CONTROL RISK Report to Management (ML) - DIR

Satisfactory

Limited Substantive Procedure -auditor rely on IC Full Substantive approach

Overall review of financial statements

Audit report

Define and explain materiality & performance materiality

ISA 320 Materiality : Misstatements, including omissions, are considered to be material if they, individually or
aggregately could reasonable be expected to influence economic decisions of users taken on the basis of fs.

- Materiality is calculated using benchmarks such as 0.5% of revenue, 1% of TA and 5% of PBT. The assessment of
what is material is ultimately a matter of auditor’s professional judgement. It’s affected by auditor’s perception of
financial information, the needs of users of fs and perceived level of risk; the higher risk; the lower the level of
overall materiality.
 Performance materiality : The amount set by the auditor at less than materiality for fs as a whole to reduce to an
appropriately low level of probability that the aggregate of uncorrected & undetected misstatements exceeds
materiality for fs as a whole – act as guidelines to undetected missatements

- Aim : reduce the risk of the total of all the errors in balances, transactions and disclosures exceeds overall
materiality.

Quantitative Qualitative material items

0.5% of revenue Items that are immaterial quantitatively

BUT due to qualitatively material
1% of total assets
Eg : disclosure (contingent L, GC, RPT)
5% of PBT

DOCUMENTING SYSTEM

Types Description Advantages Disadvantages

Narrative - Consists written description of - Simple to record – easy - Too cumbersome if system
Notes the system. They detail what written as notes. is complex
occurs in the system at each stage - Understand by all members - Difficult to identify missing
esp jr. IC

Questionnaires - Internal Control Q (ICQ) : assess - Quick to prepare – timely - Easy to overstate the level
control exists method for recording system of control present.
- ICEQ : assess effectiveness of - Ensure all control exists – - Std list of Q may miss out
control in place. missing control highlighted unusual ore more bespoke
controls
Flow charts - Graphic illustration of IC. - Easy to view entirely - Difficult to amend as may
-in current file - Use of symbol – effective required chart to redrawn.
identify missing controls - Still need for narrative
notes to accompany charts.

Differences between interim and final audit

Interim Audit Final audit

- Take places before YE. - Take places after YE
- To carry out procedures which would be difficult to - Concludes with auditor forming and
perform at YE bcs of time pressure. expressing opinion on fs for whole year
- Factors to consider: size and complexity of co along with - Final opinion takes account conclusion both
effectiveness of IC. interim and final audit.
- Less work to be performed & fs available earlier.
Impact :
1. Assist auditors to provide audit report on time
2. Assist in identifying audit problems at early stage and thus
resolve them on timely basis
3. Reduce time taken at final audit to obtain remaining audit
evidence needed.
 Matters to consider when obtaining an Sources of information
understanding of the entity
Nature of entity Website company
Incorporation documents
Prior year audit file
Agreement with third parties
Industry Regulatory and performance Press conference related to entity
Competitor’s financial satetments
Financial reporting framework
Internal Control systems Control system’s policies/manual/SOP
Trend analysis Current year and prior ye FS
CY management accounts
Trend report prepared by management
CY budgets and forecasts
Others Discuss with management

Analytical Procedure – analysis of relationships to identify inconsistencies and unexpected relationships between
financial & non-financial information.

Provide evidence as :

Completeness (what should recorded, have recorded): Decrease – risk of understatement

Accuracy : 1. Over/understatement issue – Mathematical accuracy

Occurrence : Increase – risk of overstatement – O. testing (SOPL) – E. testing (SOFP)

Planning stage Final/Substantive procedure stage Overall review stage

1. To understand entity and its 1. Only use AP when TOD not 1. To assess whether the
environment enough to obtain SAAE. inconsistencies in the information
2. Identify ROMM *not compulsory is consistent with auditor’s
3. Assist in design appropriate understanding about the fs.
audit procedures. *compulsory
*Compulsory

Analytical procedure type of comparison :

1. Compare CY figure with prior

2. Compare CY figure with
3. Compare CY figure with industry information
4. Perform ratio analysis

Audit Risk and its components

- Is a risk that the auditor express an inappropriate audit opinion when fs are mm.

- Two main components :

1. Risk of MM :
Inherent risk : Susceptibility of an assertion abt a class of trans, acc bal, or disclosure (TAD) to a
misstatement which could be material either individually/agg with other misstatement BEFORE
consideration any related controls – usually affected by its nature.
 - Estimation account (judgement)
- Prone to misappropriation (theft, damage)
- Laws and regulation
- Motivation to manipulate figures.
Control risk : Risk that a misstatement which could occur in an assertion abt TAD which could be material
individually/agg when with other misstatement, WILL NOT BE PDC on timely basis by entity’s IC/
- No SOD
- No supervision during clock in/out.
- BRS is prepared monthly WITHOUT REVIEWED by FD.

2. Detection risk : Risk that the procedures performed/controllable by auditor to reduce AR to an acceptably
low level will not detect misstatement which exists which could be material, individually/agg with other
misstatement.
- Obtain understanding of entity - eg contact prev auditor to req working papers
Sampling risk : Risk that EA not detect mm bcs did not audit the entire population. How to reduce?
1. Increase sample size
2. Increase audit procedures – perform more testing
Non sampling risk : Risk that EA not detect mm EVEN IF they audit the entire population.

Why? How to reduce?

1. Inexperienced auditors/ lack of
industry knowledge
2. Tight audit dateline – pressure –
cannot detect SAAE.
3. Poor planning/negligence
4. New client- unfamiliar
- Put more seniors in team.
- Spend more time to understand
entity and its environment.
- Split audit into interim and final
audit.
- Have more seniors in audit tea,.
- For listed co, include EQCR.
- Have partner review (pre/post
issuance review)
- Spend more time
- Have more seniors in team.

Preconditions of audit :

Professional Scepticism definition:

An attitude that includes questioning mind, being alert to conditions that may indicate possible misstatements
due to error or fraud, and a critical assessment of audit evidence. I.e. Information brings into question the
reliability of documents and responses to enquires

Factors to consider using external service organization – see images

1. The design and implementation of internal controls over payroll

2. Undertake TOC to confirm operating effectiveness of controls

Audit strategy documentation

COMPONENT OF ICS

Components Definition
C Control Activities Refers to policy and procedures undertaken by staff in the co to ensure mgt’s
Procedures directives are carried out.

SOD Information Performance Physical Authorization

- Assigning Processing Review Control - Approval of
diff to indv to -Controls to - Review and - Physical transc/docs
responsibility check A&C analysis of actual security of by an
ou duties and performance vs assets, data appropriate
authorization budgets/forecast files person.
of transc. /prior year/ext
info

R Risk Assessment Refers how MGT identifies risk, measure the risks, and derive strategy to manage the
Process risks.
This include understanding of how entity responded to risks arising from technology.

I Information It is how depts in co, interact with each other, include software, hardware, security
system system, people and data.

M Monitoring Control A process used by mgt to assess the design & operation of controls over time so thath
ICS does not breakdown.

E Control Includes governance & mgt functions, attitudes, awareness and actions of mgt. It is
Environment where the mgt set the tone of the company by creating culture of honesty and ethical
behavior.
TYPES OF ASSURANCE ENGAGEMENT

Reasonable/Positive/High assurance Limited/Negative/Low assurance

Level of assurance High but not absolute Moderate level assurance
Evidence obtained High level of SAAE – conclusive evidence Low level of SAAE – persuasive evidence
Procedures Extensive procedures (TOC + SP) Limited procedures (TOC / SP)
performed
Example External Audit Review of fs/forecast/due diligence review
Opinion Fs shows T&F view / Fs does not shows T&F “Nothing has come to our attention that
view / Fs T&F except for… causes us to believe that the… not T&F

IAASB : ISA :
- Does not provide guidance for internal auditors - ISA issued by IAASB
- IAASB;s pronouncement apply to all audits where - ISA differ from local legislation in a specific country,
“T&F” opinion is expressed auditors are encouraged with mgt to comply with ISAs

Statutory Regulation Mechanism for Development of ISA

regulation of auditors
- Eligibility to act as company’s auditor - IAASB responsible to set
(External auditor) - National Legislation high quality auditing (ISAs)
– To establish law and assurance (ISAESs) std.
i. Members of an acc. Prof body or
ii. Hold appropriate qualification & - IFAC/IAASB – To - How? :
controlled by qualified person strengthen the global
1. Identify project
accountancy
- Appointment 2. Set up project task force
profession and
3. Consultation and
i. Appointed by s/h during AGM promote adherences
discussion
ii. To fill casual vacancy then director can to high-quality
4. Produce draft standard.
appoint. standards
5. Hands out to interest party
iii. Secretary of state
- Professional bodies; 6. Comments and feedbacks
- Removal : only s/h can remove EA ACCA – To provide 7. Changes made
education, training 8. Final standard.
- Resignation : Auditor may resign anytime and insight of ethical
+ request director to hold EGM to explain requirements.
the reasons of resignation.