Professional Documents
Culture Documents
Planning involves general strategy and detailed approach for the expected nature, timing and
extent of an audit.
• PURPOSES/BENEFITS
◦ To conduct audit in an efficient and timely manner
◦ To obtain sufficient & appropriate evidence
◦ To ensure adequate attention is paid to the critical aspects of the audit
◦ To help keep audit costs at reasonable minimum level
◦ To minimise legal liability
◦ To help avoid misunderstanding with the client
◦
• Generally, the first step in preparing to supervise and plan the fieldwork for an audit is to
review and/or study current and background information on the client and industry. The
most important sources in this preparatory stage are as follows:
1. Engagement letter
2. Audit permanent file
3. Last year’s audit file
4. Client correspondence file
5. Last year‘s reports including management letter and /or internal control
memorandum
6. Last year’s in-charge auditor
7. Industry and governmental publications
8. Industry audit guidelines or firm audit guidelines
• Continuing client
i. Re-evaluate acceptance if there are disputes on scope of audit, type of opinion to
issue, fees
ii. Re-evaluate the acceptable audit risk (AR). Low AR, high audit cost, thus high audit
fees
➢ ENGAGEMENT LETTER
An auditor can only carry out his duties and exercise his rights after he had been appointed
by the shareholders at AGM. Subsequent to this appointment, the auditors must issue a
letter of engagement addressed to the company’s board of directors. The letter is an
evidence of his acceptance to the appointment. The letter of engagement would be looked
upon by the court of law as prima facie evidence of the essential contractual arrangements
which subsist between auditor and client.
It should state what services will be provided, whether any restrictions will be imposed on
the auditor’s work, deadlines for completing the audit, and assistance to be provided by
client personnel. The engagement letter may also include the auditor’s fees. In addition,
the engagement letter informs the client that the auditor cannot guarantee that all acts of
fraud will be discovered.
The letter of engagement is a letter sent by the auditor to the client at the beginning of an
audit engagement. It provides information that is important to both auditor and client for
them to have a clear understanding as to their responsibilities. It serves the following
purposes:
1. To evidence acceptance
2. To avoid misunderstanding between auditors and client
3. To document contractual duties outlining the responsibility of auditor and client
4. To protect from legal liability
The principal content of engagement letter: Example of engagement letter as per page
199.
i. OBJECTIVES AND SCOPE OF THE AUDIT –to express an opinion on the truth &
fairness of FS
ii. MANAGEMENT RESPONSIBILITIES FOR THE FS – to prepare the FS, select
accounting policies, establish effective IC, design programs to prevent & detect
fraud, provide written representations, inform the auditor of subsequent events that
may affect FS, make all fin records & info available to auditor
iii. AUDITOR’S RESPONSIBILITIES – to conduct the audit in accordance with
Generally Accepted Auditing Standards & obtain an understanding of client’s IC
iv. Degree of auditor’s assurance (auditor not responsible for the discovery of all
frauds)
v. The inherent limitation of an audit engagement (material misstatements may not
be detected
vi. The basis of on which fees are computed and any billing arrangements
vii. Arrangements regarding planning & performance of audit including composition of
audit team
viii. Arrangements concerning the involvement of other auditors, specialist or internal
auditors and other staff of the company
ix. Arrangements to be made with predecessor auditor in the case of initial audit
x. A request for mgt to acknowledge receipt of the audit engagement letter and to
agree to its term
MANAGEMENT ASSERTIONS
▪ Management assertions are implied or expressed representations about classes of
transactions and the related accounts in the financial statements. The assertions are
directly related to approve accounting standards.
▪ Management may assert that the items in the financial statement (i.e assets,
liabilities, revenue, expenses, etc) are:
Completeness
There are no unrecorded A, L, transactions or other events or undisclosed items i.e.
all transactions are included in the journals & posted to the GL & all accounts
included in the FS.
Existence
Deals with whether A/L or SHE included in BS actually exist at the BS date
Valuation or Allocation
A & L are recorded at appropriate carrying value
Allocation deals with whether R&E are allocated at the proper Accounting period
Occurrence
Recorded transactions or other events occurred during the relevant period & pertain
to the entity
▪ Auditors need to obtain evidence that supports each of the assertions for every material
component of the financial report.
▪ The categories of assertions provide a framework for developing specific audit objectives.
▪ An audit objective is an assertion translated into terms that are specific to the particular
balance or class, the entity’s circumstances, nature of economic activity and the accounting
practices of its industry.
Auditors need an understanding of the client’s business and industry because the nature of
the business and industry affect business risk and the risk of material misstatements in the
financial statements. Auditors use the knowledge of these risks to determine the appropriate
extent of audit evidence to accumulate.
The auditing standards also advocate that the auditor obtain information about four (4) broad
areas of client’s business and its environment:
1. Industry conditions, regulatory environment and other external factors, including
the applicable financial reporting framework
2. Nature of the entity including business operations (eg products or services and
geographic dispersion)
3. Objectives and strategies and related business risk such as industry
developments, new products and services, expansion of the business and use
of IT, etc
4. Measurement and review of entity’s financial performance (i.e key ratios, key
performance indicators, trends, credit rating reports, competitor analysis, etc)
Step 3: OBTAIN INFO ABOUT CLIENT LEGAL OBLIGATION
➢ EXAMINE
◦ MEMORANDUM OF ASSOCIATION (MOA)
◦ ARTICLES OF ASSOCIATION (AOA)
◦ MINUTES OF BOD
◦ MINUTES OF SHAREHOLDERS’ MEETINGS
◦ CONTRACTS
➢ Analytical procedures(AP) are one of the eight types of audit evidence. ISA 520 defines
analytical procedures as “the analysis of significant ratio and trends including the resulting
investigation of fluctuations and relationship that are consistent with other relevant
information or which deviate from predicted amounts”
Types of AP:
1. Trend analysis-examine change in the account over time
2. Ratio analysis-comparison across time or to a benchmark of relationship between
financial statements items (i.e quick ratio, current ratio, average collection period,
stock turnover)
3. Reasonable analysis or test- forming an expected relationship using financial data,
non-financial data or both to test account balances or changes in account
balances.
➢ AP are performed during the planning phase of an engagement to assist the auditor in
determining the nature, extent and timing of work to be performed. Preliminary AP also
help the auditor to identify accounts and classes of transactions where misstatements are
likely. Comparisons that are useful when performing preliminary AP include:
i. Compare client and industry data
ii. Compare client data with similar prior period data
iii. Compare client data with client-determined expected result
iv. Compare client data with auditor-determined expected result
v. Compare client data with expected result, using nonfinancial data
➢ Other computations that involve non-financial data are used to estimate account balances.
The study of a number of employees could support for various payroll cost. Plausible
relationship such as between EPF Contribution account and Salary Accounts; Debtor
Control Account and Sales Account are established from client’s accounting system and
classification transactions.
➢ AP maybe performed during the planning of the audit, during the course of the audit or
near the end of the audit examination. However, normally they should be conducted on an
ongoing basis at various times during the course of the audit.
➢ Is a criterion for determining the items require attention & detail examination
➢ Needs to consider both the quantitative & qualitative (nature) of the misstatement
➢ Common bases in judging materiality (quantitative))
o Total Assets, Total Revenue, NPBT, GP
➢ Qualitative aspects that affect materiality:
o Use of inappropriate / inadequate accounting policy
o Cumulative small amount of misstatements → material mstmt
o Fraud/non-compliance with laws & regulations
o Amounts that affect trend in earnings
➢ TYPES OF RISKS
▪ CLIENT BUSINESS RISK- is the risk that client will fail to achieve its objectives.
The client’s objectives may relate to reliability of financial reporting, effectiveness
and efficiency of operations, and compliance with law and regulations.
Sources of client business risk include any of the factors affecting the client and its
environment, including competitor performance, new technology, industry
conditions, and the regulatory environment.
The auditor’s primary concern when evaluating client business risk is the risk of
material misstatement in the FS due to client business risk. For example, if the
client’s industry is experiencing a significant and unexpected downturn, client
business risk increases. This increase would most likely increase the risk of
material misstatement in the FS. The auditor’s assessment of the risk of the
material misstatement is then used to classify risks using the audit risk model to
determine the appropriate extend of audit evidence.
The three (3) categories of client objectives are (1) reliability of financial reporting,
(2) effectiveness and efficiency of operations, and (3) compliance with law and
regulations. Each of these objectives affects the auditor’s assessment of inherent
risk (IR) and evidence accumulation as follows:
1. Reliability of financial reporting- auditor may reduce IR and reduce
evidence accumulation if reliability of FR is important objective of
management and auditor determine that the FR system is accurate and
reliable.
2. effectiveness and efficiency of operations- auditor would increase IR and
gather more evidence if a client is experiencing inventory management
problem
3. Compliance with law and regulations- auditor would increase IR and
gather more evidence if the client violated the provision of the regulations.
▪ AUDIT RISK- is the risk that the auditor gives an unmodified/unqualified audit
opinion when the financial report is materially misstated
Audit risk (AR) = Inherent risk (IR) × Control risk (CR) × Planned Detection risk (PDR)
▪ INHERENT RISK- is the measure of the auditor’s assessment of the possibility that
there are material misstatement in an account balance before taking into account the
effectiveness of internal control
▪ CONTROL RISK- is the risk that material misstatement will not prevented or detected
on a timely basis by an entity’s internal control
▪ DETECTION RISK- is the risk that the substantive audit procedures performed will not
detect a material misstatement that exist in an account balance or class of
transactions.
▪ IR and CR differ from DR since IR and CR exist independently of the audit. The levels
of IR and CR are functions of the client and its environment, and the auditor has little
control over these risks. DR can be controlled by the auditor through the scope of the
audit procedures performed. Thus DR has inverse relationship with IR and CR.
▪ DR= AR
IR x CR
▪ The above formula show that there is an inverse relationship between IR and CR with
DR. If IR and CR are high, DR would be set at low level. When DR is determined to be
low, more substantive procedures should be performed so as to compensate for the
higher level of IR and CR.
▪ If the auditor determines the materiality level is low due to high level of IR and CR, more
substantive procedures should be performed so as to compensate for the higher level
of audit risk. Conversely, the auditor might reduce substantive procedures if the
materiality level is assessed as high.
▪ Assessment of audit risk is an important part of the audit planning because they
affected the amount of evidence to be accumulated and the number of staff to be
assigned to the engagement.
▪ Assessing IR
1. Knowledge of client’s business during the first audit and recurring audit
2. Integrity of management
3. Client motivation
4. Client knowledge of accounting standards
▪ Assessing CR
1. Whether the management establishes a set of clear written policy by the
management regarding code of conduct and other business practices;
2. Whether the company maintains formal or informal job description for every
employee
3. Whether the company maintains clear guidelines regarding the work
procedures systems
4. Whether the company has proper means of control to ensure compliance to
established policies and procedures.
▪ Assessing DR
1. Nature
2. Extent
3. Timing
➢ SAMPLING
▪ Since the auditor cannot examine every item, the auditor has to select a sample of
items for testing; i.e “audit sampling”
▪ Audit sampling is the application of audit procedures to less than 100% of the items
within an account balance or class of transactions, to enable auditors to obtain and
evaluate audit evidence about some characteristic of the items selected in order to
form or assist in forming a conclusion concerning the population.
(b) Allowable rate of deviation Higher acceptable rate of Lower acceptable rate of
(tolerable error) deviation for planned reliance deviation for planned reliance
on internal control on internal control
(c) Allowable risk of over- Higher risk of over-reliance Lower risk of over-reliance on
reliance on internal control internal control
(d) Likely rate of population Lower expected rate of Higher expected rate of
deviation deviation in population deviation in population
(e)Number of items in Virtually no effect on sample size unless population is small
population
(f)Reliance on internal control Higher reliance on internal Lower reliance on internal
control control
➢ AUDIT PROCEDURES
▪ Audit procedure is the detailed instruction for the collection of a type of evidence that is
to be obtained at some time during audit. Audit procedures often incorporate sample
size, items to select and timing of the procedures.
▪ The list of audit procedure for an audit area or an entire audit is called an audit program.
▪ The purpose of audit program is to provide a set of detailed step by step audit procedures
for each auditable areas & a guideline for a systematic audit approach and as a means
to control & record proper execution of the work b4 arriving at an opinion of the FS.
▪ Advantages of audit program:
i. Pv. clear set of instructions on work to be carried out
ii. Ensure completeness of audit work
iii. Ensures no duplication of audit work
iv. Evidence of work done is available for use as defense in court
v. Review of work by seniors/partners can be easily done
vi. Reduces time of audit work
▪ The evidence gather from TOC is used to assess the level of CR. If CR is assessed
as low (meaning the internal controls are affective), based on TOC, less audit work is
required (referred to substantive procedures) because the auditor has evidence that
the internal control systems are generating materially accurate financial information.
▪ Conversely, if CR is high, the auditor has to conduct more extensive audit work
because the evidence from TOC suggest that material misstatement could occur
because control do not exist or are not operating effectively.
▪ TOC can be performed separately from all other tests, but for efficiency, they are often
done at the same time as substantive test of transactions.
▪ Examples of TOC:
i. The examination of vendor invoices for indication that they have been clerically
tested, compared to a receiving report, purchase order and approved
payment.
ii. Examination of employee time cards for approval of overtime hours worked
iii. Examination of journal entries for proper approval
iv. Examination of approvals for the write-off of bad debts.
➢ SUBSTANTIVE PROCEDURES
▪ Substantive procedures are procedures designed to test for monetary (dollar)
misstatement.
▪ Substantive procedures can be applied to detect material misstatement (that is
monetary errors) in an account balance, a class of transaction, and disclosure
component of the financial statements.
▪ Categories of substantive procedures:
i. Analytical Procedures
It uses comparisons and relationships to assess whether account balances or
other data appear reasonable. The purpose of AP in the audit of account
balances are to:
▪ Indicate the presence of the possible misstatements in the financial
statements
▪ Provide substantive evidence
This means that certain test of details of balances may be eliminated if the results
of analytical procedures indicate account balances are reasonable. AP is used to
satisfy planned detection risk.
ii. Tests Of Details Of Classes Of Transactions
Substantive test of transactions are often conducted along with TOC as a dual-
purpose test. Thus this test affects both CR and DR because they are used to test
the effectiveness of IC and dollar amounts of transaction.
An example of a test of details of balances for the acquisition and payment cycle is
to physically examine a sample of the client’s fixed assets.
➢ AUDIT EVIDENCE
▪ On a typical audit, most of auditors’ work involves obtaining and evaluating evidence using
procedures such as inspection of records and confirmations to verify the true and fair view
of the financial statements.
▪ To perform this task effectively and efficiently, an auditor must thoroughly understand the
important aspects of audit evidence.
▪ Audit evidence is all the information used by auditor in arriving conclusions on which the
audit opinion is based, and includes the information contained in the accounting records
underlying the financial statements and other information.
▪ The following concepts of audit evidence are important to understanding the conduct of
the audit:
The nature of audit evidence (accounting records or other available information)
The appropriateness of audit evidence
The sufficiency of audit evidence
The evaluation of audit evidence
➢ SUFFICIENT APPROPRIATE AUDIT EVIDENCE
▪ ISA 500 requires the auditor to obtain sufficient audit evidence to be able to draw
reasonable conclusions on which to base his audit opinion on the financial statements.
▪ Appropriateness is a measure of the quality of audit evidence.
▪ Evidence, regardless of its form, is considered appropriate when it provides information
that is both relevant and reliable.
Sufficiency
▪ The quantity of audit evidence obtained determines its sufficiency. Sufficiency of
evidence is measured primarily by the sample size the auditor selects. Sample size are
influences by:
i. Auditor’s expectation of misstatement and
ii. The effectiveness of the client’s IC
Relevance
▪ The appropriateness of evidence depends on its relevance to the management assertion
being tested.
▪ If the auditor relies on evidence that is unrelated to the assertion, the auditor may reach
an incorrect conclusion about the assertion.
▪ For example, if the auditor wants to make sure the existence of a bank account, the
auditor should check the bank statement from the respective bank rather than just
checking the bank account transactions in the general ledger.
Reliability
▪ The reliability of audit evidence refers to whether a particular type of audit evidence can
be relied upon to signal the true state of an assertion.
▪ However, the auditor should consider the following factors when assessing the reliability
or validity of evidence :
i. Independence of source of the evidence
Evidence obtained directly by the auditor from an independent source outside
the entity is usually viewed as more reliable than evidence solely from within the
entity.
A confirmation of the entity’s bank balance received directly by the auditor would
be viewed as more reliable than examination of the cash receipts journal and
cash balance recorded in the general ledger.
As part of the audit, the effectiveness of the entity’s internal control is assessed.
When the auditor assesses the entity’s internal control as effective, evidence
generated by that accounting system is viewed as reliable.
v. Original documents
Audit evidence provided by original documents is more reliable than audit
evidence provided by photocopies or facsimiles. An auditor’s examination of an
original, signed copy of a lease agreement is more reliable than a photocopy.
ii. Confirmation
▪ Describes the receipt of a written or oral response from an independent third party
verifying the accuracy of information that was requested by the auditor.
▪ Example would be bank balance confirmation, trade receivables confirmation and
trade payables confirmation.
▪ Because confirmations come from sources independent of the client, they are highly
regarded and are often used type of evidence.
iii. Documentation
▪ When auditors use documentation to support recorded transactions or amounts, it is
often referred to as vouching.
▪ Documents can be conveniently be classified as internal and external.
▪ An internal document is one that has been prepared and used within the client’s
organization and is retained without ever going to an outside party such as a
customer or a supplier.
▪ Examples would be sales invoices, employees’ time card and inventory receiving
report.
▪ External document originate from outside the client’s organisation for example
supplier’s invoice and insurance policies.
iv. Observation
▪ It is the use of the senses to access certain activities.
▪ Throughout the audit there are many opportunities to exercise sight, hearing, touch
and smell to evaluate a wide range of things.
▪ For example, the auditor may tour the plant to obtain a general impression of the
facilities and watch individuals perform accounting tasks to determine whether the
person assigned a responsibility is performing it.
➢ AUDIT PROGRAMME
Audit program includes several audit procedures for each component of the audit. The audit
program also includes sample size, items to select and the timing of the test. Purposes of audit
program are:
i. Aid in guiding the audit staff in the audit work to be done
ii. Provide evidence of proper planning and a record of the work done that conformed to auditing
standards
iii. Provide a basis for coordinating and supervising the audit work and controlling the time spent
on the audit
There are 2 types of audit program; standard and tailored audit programs. The auditor may use
standard audit programs or audit completion checklists. However, when such standard programs
or checklists are used, the auditor appropriately tailors them to reflect the particular engagement
circumstances.
➢ AUDIT DOCUMENTATION
The purpose of audit documentation is to aid the auditor in providing reasonable assurance that
an adequate audit was conducted in accordance with auditing standards. Specifically, the audit
documentation provides:
i. A basis for planning the audit
ii. A record of the evidence accumulated and result of tests
iii. Data for deciding the proper audit report
iv. A basis for review by supervisors and partners
▪ The auditor should prepare working papers which are sufficiently complete and detailed to
provide an overall understanding of the audit.
▪ The auditor should record in the working papers information on planning the audit, the nature,
timing and extent of the audit procedures performed and the results thereof, and the conclusions
drawn from the audit evidence obtained.
▪ The form and content of working papers are affected by matters such as the:
i. Nature of the engagement.
ii. Form of the auditor’s report.
iii. Nature, size and complexity of the business.
iv. Nature and complexity of the entity’s internal control.
v. Needs in the particular circumstances for direction, supervision and review of work
performed by assistants.
vi. Specific audit methodology and technology used in the course of the audit.
OWNERSHIP AND CONFIDENTIALITY
▪ Audit documentation is the property of the auditor.
▪ This includes not only audit documents prepared by the auditor but also audit documents
prepared by the client at the request of the auditors.
▪ Although the auditor owns the audit documents, they cannot be shown, except under certain
circumstances, to anyone without the client’s consent.