PHASES & STEPS IN AN AUDIT

PLANNING
1) PRELIMINARY ENGAGEMENT ACTIVITY/PREPLAN.

2) OBTAIN INFORMATION BACKGROUND.

3) OBTAIN INFORMATION ABOUT CLIENT’S LEGAL OBLIGATION.

4) PERFORM PRELIMINARY ANALYTICAL PROCEDURES.

5) SET MATERIALITY & ACCEPTABLE AUDIT RISK.

6) UNDERSTANDING INTERNAL CONTROL & ASSESS CONTROL

RISK.

7) DEVELOP AN OVERALL AUDIT PLAN & AUDIT

PROGRAMME(AP).
 AP STEP 1 : PREPLAN
1) CLIENT ACCEPTANCE & CONTINUANCE
Before accepting client, quality control must be establish by:
I. The audit firm only takes client that have integrity
II. The audit firm are competent to audit
III. Audit firm are proven independence & ethical

2) INVESTIGATE NEW CLIENT

 Look into the mgmt. integrity, overall risk, familiarity with the
nature of client’s business & ability to perform the audit
work.

3) EVALUATE EXISTING CLIENT

 To ensure the independence & competence can be maintain
4) CLIENT’S REASONS FOR AUDITFR
audit/special audit such as loan application, Business
acquisition, take over & mergers

5)ESTABLISH TERMS OF ENGAGEMENT

All agreement must be stated in an engagement letter

6) STAFF REQUIREMENTS FOR THE AUDIT

ENGAGEMENT
Select appropriate staff for audit (e.g : 20 auditors for
Maxis)
Factors: engagement size & complexity, level of risk,
special expertise required, timing of audit, personnel
availability
 ENGAGEMENT LETTER (EL)
Letter from auditor  client
Purpose:
a) To provide written confirmation of the acceptance of
appointment
b) To clearly define the auditor’s responsibility & scope
c) Min. possibility of misunderstanding btw client & its auditor
d) State the scope of audit work & auditor’s responsibilities
e) State directors’ responsibilities
f) Agreement btw auditor & client for the conduct of the audit &
related services
g) Sent to client upon engagement B4 commencement of the
audit
 PRINCIPAL CONTENTS OF EL
1. OBJECTIVES OF THE AUDIT OF THE FS
2. MANAGEMENT RESPONSIBILITIES FOR THE FS
3. SCOPE OF THE AUDIT (including ref. to applicable stds)
4. DEGREE OF AUDITORS ASSURANCE (auditor not responsible for
the discovery of all frauds)
5. UNAVOIDABLE RISK OF MATERIAL MISSTATEMENT MAY REMAIN
UNCOVERED
6. AUDITOR’S RIGHT TO ACCESS RECORDS, DOCUMENTS &
INFORMATION
7. FORM OF ANY REPORTS
8. AUDIT FEES
9. ACKNOWLEDGEMENT OF ACCEPTANCE OF THE TERMS BY THE
CLIENT
 AP STEP 2 : OBTAIN BACKGROUND INFO
a) HAVE BETTER UNDERSTANDING ABT CLIENT:
 Client’s history, owner & mgmt of the co.
 Major activity, org.structure, mgmt integrity
 Reliability of work done by internal auditor
b) OBTAIN KNOWLEDGE & CLIENT’S INDUSTRY & BUSINESS
 Established any unique acc.requirements
 Identify industry & any inherent risk
c) TOUR OF CLIENT’S FACILITIES
d) IDENTIFY RELATED PARTY INFORMATION
 Eg. Govt regulation
e) REQUIREMENT OF AN EXPERT WORK/OUTSIDE SPECIALISTS
AP STEP 3 : OBTAIN INFORMATION ABOUT
CLIENT’S LEGAL OBLIGATION
EXAMINE
MEMORANDUM OF ASSOCIATION (MOA)
ARTICLES OF ASSOCIATION (AOA)
MINUTES OF BOD
MINUTES OF SHAREHOLDERS’ MEETINGS
CONTRACTS
 AP STEP 4: PERFORM PRELIMINARY
ANALYTICAL PROCEDURES
PURPOSE :
To assist in planning the nature, timing & extend of AP
To identify potential errors
To determine areas that require detailed checking &
substantive tests

ANALYSE SIGNIFICANT RATIOS & TRENDS

Investigate the relationship in order to determine
whether data / acc. balances appear to be reasonable
Computation of key ratios:
Gross Profit
Current Ratio
 AP STEP 5 : SET MATERIALITY &
ACCEPTABLE AUDIT RISK
 Audit Materiality….definition ,
 The degree of importance of an item
 “Information is material if its omission/ misstatement influence
the economic decisions of users taken on the basis of FS”
 Materiality depends on the size of the item/error judged in the
particular circumstances of its omission/misstatement
 Hence, materiality provide a cut-off point rather than being a
primary qualitative characteristics which info must have if it is
to be useful
 Also, materiality is a criterion for determining the items require
attention & detail examination
 MATERIALITY….cont’d
Auditor needs to consider both the quantitative & qualitative
(nature) of the misstatement

Quantitative nature that affect materiality : -

E.g) Total Assets, Total Revenue, NPBT, GP
Qualitative nature that affect materiality:
Use of inappropriate / inadequate acc. policy
Cumulative small amt of misstatements  material mstmt
Fraud/non-compliance with laws & regulations
Amounts that affect trend in earnings
 RISK ASSESSMENTS – cont.
2 TYPES OF RISK FACED BY AN AUDITOR
1. AUDIT RISK
Risk that auditor gives inappropriate audit opinion on FS that
are materially misstated
Can be directly controlled

2. AUDITOR’S BUSINESS RISK

Auditor’s exposure to loss/injury from litigation, adverse
publicity/ other events arising in connection with audited FS.
Cannot be directly controlled
 AUDIT RISK MODEL
1) Inherent Risk (IR)
The susceptibility (exposure) of an assertion to material misstatement
in the FS in the absence of internal control (IC). {risk that has been
exposed without internal control}
Also called Auditee Risk where it is influenced by the business
characteristics of the client & the industry it operates.
The risk of such misstatement is greater for some transactions &
accounts than for others. Eg: amount derived from a complex
calculations/accounting estimates pose greater risks of material
misstatement than accounts derived from routine, factual data.
2) Control Risk (CR)
Risk that material misstatements will not be
prevented/detected on a timely basis by an entity’s IC.

3) Detection Risk (DR)

Risk that Substantive audit procedures performed will
not detect a material misstatement that exists in an acc
balances/ class of transaction.
Also it relates to the nature, timing & extent of the
auditor’s procedure. This risk can be controlled through
the design & scope of Audit Procedure.
Thus, the AUDIT RISK MODEL is =

AR = IR x CR x DR

AR=Risk that auditor may fail to modify the opinion

when the FS contains material misstatements.
IR=The susceptibility of an assertion to mat mis.
Assuming no related internal control.
CR=Risk that mat mis. will not be prevented, detected /
corrected on a timely basis by the IC.
DR=Risk that auditor will not detect mat mis. That exist
in assertion.
 RELATIONSHIP BETWEEN MATERIALITY & RISK

 AR = IR x CR x DR (IR & CR are auditee risk)

Thus, DR = AR
 IR x CR
There is an inverse relationship btw materiality & the level
of audit risk & v.v.
Eg. If materiality level is lower, AR is increased
How is the AR model used?
1. Set the AR 2. Assess the IR
3. Assess the CR 4. Determine the DR
 HOW TO ASSESS AUDIT RISK?
The Auditors assessment of AR & its components (IR/CR/DR)
represent a matter of professional judgement by the auditor.

Risk assessment procedure :-

 Inquiries of mgt & others (int aud, mgt, employees,BOD)
 Analytical Procedure (Helpful in identify the existence of
unusual transaction events & amounts)
 Observation & inspection (e.g : visit the entity premises, tracking
the transaction)
 Inherent Risk (IR)
 Knowledge of client’s business during 1st audit vs recurring
audit
 Mgmt integrity
 Client motivation to make mistake
 Client knowledge of acc.std
 Control Risk – segregation of duties & inherent limitation of IC
 Detection Risk – Decide on nature, timing & extent
i. Nature- Purpose (e.g : substantive test) & type of AP(e.g:
inspection, observation)
ii. Timing-When audit procedures perform based on period
(interim/year end audit)
iii.Extent – Qty / sample size of specific audit procedure.
 Examples of circumstances Indicating
Increased Risk of Errors & Fraud
Analytical procedures disclose major differences from
expectations

Confirmation requests disclose significant differences or a

lower than expected response rate.

Transactions lack proper documentation or authorisation

Errors known to client personnel are not voluntarily disclosed

to the auditor
 STEPS TO MINIMISE AR
1. Plan & delegate the audit with due care
2. Audit evidence are properly documented
3. Audit staff selected are competent to perform the
audit with due care
4. Sample selected should represent the population
5. Avoid misunderstanding with client
6. Use audit manual
7. Communication channel btw audit staff must be good
in order to solve problem on timely basis
8. The audit fee should be based on the work done
 AP STEP 6 : UNDERSTANDING INTERNAL
CONTROL & ASSESS CONTROL RISK
1) Auditors need to assess the client’s bus. risk (BR) i.e. by having a
thorough understanding of:
a) The industry
Critical issue facing the industry
Significant BR
Structure & profitability of the industry
Relationship btw industry & broad economic. business.
environment
b) The client’s business
Client’s position within the industry
Client’s plans for market share, profitability etc
Clients threats & competitions
Client’s measurement of performance
c) Assess the possibility of fraud & error
Plan the audit with professional. skepticism (i.e.
maintain a critical & questioning mind)
d) Understand the applicable laws & regulation that may
affect the client .
e) Review of audit work done in previous yr
Refer to Audit WP (permanent & current files)
f) Conduct preliminary analytical procedures
Analyze ratios & trends. Investigate relationships in
order to determine whether acc balance & other data
appear reasonable
g) Review Audit Strategy with Audit Committee.
AP STEP 7 : DEVELOP AN OVERALL AUDIT
PLAN,STRATEGY & AUDIT PROGRAMME
(AP)
AUDIT PROGRAMME
A document which contains audit procedures to be performed
by Audit Assistant (AA).
PURPOSE OF Audit Program:
To provide a set of detailed step by step audit procedures for
each auditable areas & a guideline for a systematic audit
approach
As a means to control & record proper execution of the work
b4 arriving at an opinion of the FS
CONTENTS : Audit obj, time budget, audit tests/results
CHANGES TO Audit Program
Revised as necessary
Continuous planning throughout the engagement
 ADVANTAGES OF Audit Program
1. Provide clear set of instructions on work to be
carried out
2. Ensure completeness of audit work
3. Ensures no duplication of audit work
4. Evidence of work done is available for use as defence
in court
5. Review of work by seniors/partners can be easily
done
6. Reduces time of audit work
SYUKRAN
JAZILAN