The document discusses audit planning and documentation. It explains that auditors must plan audits effectively to perform them in an efficient manner. The planning includes developing an overall audit strategy and detailed audit plan. The audit plan sets out procedures to implement the strategy. Key matters for planning include business risk assessment, risk management, and performance measurement. The document also discusses the business risk approach to risk-based auditing, which assesses general risks first before evaluating specific risks. It notes implications of using this approach, such as relying more on analytical procedures and high-level control assessments. The overall audit strategy and audit plan should address scope, timing, direction, nature and extent of procedures.
The document discusses audit planning and documentation. It explains that auditors must plan audits effectively to perform them in an efficient manner. The planning includes developing an overall audit strategy and detailed audit plan. The audit plan sets out procedures to implement the strategy. Key matters for planning include business risk assessment, risk management, and performance measurement. The document also discusses the business risk approach to risk-based auditing, which assesses general risks first before evaluating specific risks. It notes implications of using this approach, such as relying more on analytical procedures and high-level control assessments. The overall audit strategy and audit plan should address scope, timing, direction, nature and extent of procedures.
The document discusses audit planning and documentation. It explains that auditors must plan audits effectively to perform them in an efficient manner. The planning includes developing an overall audit strategy and detailed audit plan. The audit plan sets out procedures to implement the strategy. Key matters for planning include business risk assessment, risk management, and performance measurement. The document also discusses the business risk approach to risk-based auditing, which assesses general risks first before evaluating specific risks. It notes implications of using this approach, such as relying more on analytical procedures and high-level control assessments. The overall audit strategy and audit plan should address scope, timing, direction, nature and extent of procedures.
ISA 300 “ Planning the audit states: “ Auditors should plan the audit work so as to perform the audit in an effective manner” Planning entails developing a general strategy and a detailed approach for the expected nature, timing and extent of the audit. Cont’d Auditors formulate the general audit strategy in an overall audit program, which sets the direction for the audit and provides guidance for the development of the detailed audit plan. The audit plan sets out the detailed procedures required to implement the audit strategy Planning matters The following matters should be considered and addressed thoroughly at the planning stage: -Business risk assessment, risk management and performance -General planning matters Business risk assessment, Risk Management & Performance measurement
Risk based auditing
This is an approach to auditing where audit effort(time & experienced staff) is directed to areas of the financial statements where misstatements are most likely. This improves efficiency of the audit and reduces audit risk. There are two major approaches used in risk based auditing, the audit risk approach and the business risk approach. The former originated in the 1970s and is slowly becoming obsolete, while the latter emerged in the 1990s. Business risk approach This approach is also known as the top down approach. It assess general risks first and then more specific risks evaluated. The auditor gains understanding of management’s current and future business strategy ( the big picture), core business processes, key performance indicators and associated risks and controls in place. The auditor would compare the developed expectations with the actual performance as reflected in the financial reports. Cont’d
Audit program: summary of how the audit is to be conducted
at high level, whilst the detail is provided in the audit plan Implications of using the business risk approach Analytical procedures are used extensively in order to obtain a better understanding of the business. The auditor concentrates on high level control assessment (e.g control environment, corporate governance, supervision and monitoring) and reduces low level control Cont’d Detailed substantive testing is reduced since the objective is to understand the business as opposed to strictly substantiating financial statement figures. Advantages -better business advise from audit can be received -business risk is reduced, reducing audit risk and possible litigation -reduces audit time and costs -improves corporate governance Contents of overall audit strategy & audit plan
This will be updated and changed as necessary during the
course of the audit The overall audit strategy sets the scope, timing and direction of the audit, and guides the development of an audit plan Matters to consider Characteristics of the engagement -financial reporting framework -industry specific reporting requirements Cont’d -expected audit coverage -nature of business segments -effects of IT on audits Reporting objectives, timing of the audit and nature of the communications -entity timetable for reporting -organization of meetings with management and those charged with governance Cont’d -expected communication with third parties Significant factors, preliminary engagement activities, and knowledge gained on other engagements -determination of materiality -areas with higher risk of material misstatement -results of previous audits -need to maintain professional sceptiscism -significant changes in financial reporting framework Cont’d Nature, timing and extent of resources -selection of engagement team -assignment of work to team members -engagement budget The audit plan This converts the audit strategy into a more detailed plan and includes the nature, timing and extent of audit procedures to be performed by the engagement team in order to obtain sufficient, appropriate audit evidence to reduce audit risk to an acceptably low level Cont’d Audit plan includes: -description of nature, timing and extent of planned risk assessment procedures -a description of the nature, timing and extent of planned further audit procedures at the assertion level -other planned audit procedures required to be carried out for the engagement to comply with ISAs Cont’d Some items in audit plan -timetable of planned audit work -allocation of work to audit team -audit procedures for major account item -materiality