Audit 1 Chapter 4 - Fbyhan

Download as pdf or txt
Download as pdf or txt
You are on page 1of 10

THE ISSUES AND RELEVANT

CHAPTER 4: AUDIT CONSIDERATIONS WHEN PLANNING


PLANNING & AUDIT AN AUDIT (APA YANG AUDITOR
KENA TAHU MASA AUDIT)
RISK 1. Staff requirements and use of
LEARNING CONTENTS: experts
1. Definition 2. Considerations of materiality and
2. The purpose of audit planning risks
3. The issue and relevant consideration 3. Understand the applicable laws and
when planning an audit. regulations.
4. Steps in audit planning. 4. Identify related parties.
5. Analytical procedures in planning 5. Going concern issues
6. Risk assessment 6. Using the work of internal auditing
7. Audit risk 7. Develop overall audit strategy and
8. Materiality audit plan.
Define: The auditor should plan the audit 8. Review audit strategy with audit
work so that the audit will be performed in committee
an effective manner. Planning means 9. Additional value-added services
developing a general strategy and detailed (example: tax planning)
approach for the expected nature, timing,
and extent of the audit. 1. Staff Requirements and Use Of
THE PURPOSE OF AUDIT PLANNING Expert
Objective Achievement: - The auditor must know and have
Ensures the audit plan aligns with and helps knowledge about the client’s
achieve the intended audit objectives. industry.
Devotes adequate attention to vital areas - To performed when audit, he/she
needing audit scrutiny. should:
Problem Identification: i. Understand and have well practical
A well-crafted plan assists in spotting experience with audit engagement on nature
potential issues before they become and complexity through training.
significant problems.
Timely Completion: ii. Appropriate technical knowledge
Ensures work is finished within set of relevant information technology.
timeframes. iii. Knowledge of relevant industry in
Guarantees that all important management which the client operates.
areas receive due attention, avoiding iv. Have ability to apply professional
omissions. judgement.
Coordination and Team Efficiency: v. An understanding of the firm’s
quality control policies and procedures
Facilitates the coordination of audit tasks vi. An understanding of professional
among auditors and experts. standards and regulatory and legal
Helps in selecting the right team members requirements.
with the needed skills and assigning tasks 2. Consideration of materiality and
effectively. risks.
Enhanced Audit Quality: (auditor kena pertimbangkan materiality
Contributes to improving the overall quality dan risiko)
of audit work. - Materiality tu apo? (benda yang
Promotes promptness and accuracy in boleh diukur dalam FS; contohnya
conducting the audit. – kesalahan yang tak disengajakan)
- -kalau fraud (intentional), dia looking for events or conditions that might
bukannya materiality. Gitu. cast doubt.
- Melalui auditor punya knowledge, - Discussions with management about
auditor kenalah tentukan berapa bukti yang their assessment of going concern help in
kena ada (kena kumpul). understanding potential impacts on financial
- Semasa nak audit, auditor kena health.
faham client punya external environment, - This discussion usually occurs
(macam mana nak cari? Kena lah baca during the preliminary meeting to update
industry trade information about the entity. Discussing
publication. going concern
- Auditors have to use the knowledge issues helps auditors determine if using the
(nature and risk of the client business) to going concern assumption poses a
determine the appropriate amount of audit significant risk of misstatement.
evidence to gather.
- Auditors need to understand the - Events affecting going concern can
client external environment by reading the be financial, operational, or of other natures.
industry trade publication. 6. Using the work of internal auditing
- If the auditor follows all this, auditor - Depth of Understanding: Internal auditors
can settle down the risk in the company. have an in-depth understanding of an
3. Laws and regulation involved. organization's processes and can provide
valuable context to external auditors.
- Selain daripada itu, auditor kena - Collaboration Opportunities:
juga follow law and regulation which is Collaboration between internal and external
auditing standard. auditors fosters a holistic approach,
- Auditing standard adalah non- ensuring comprehensive coverage and more
compliance, act as of commission by the robust audit outcomes.
entity, whether intentional or unintentional
which are contrary to - Scope Expansion: External auditors
the prevailing law or regulation. can expand their audit scope by relying on
- Auditing standard ni dapat bezakan the work already performed by internal
mana satu undang undang dan peraturan audit, covering a wider range of areas.
yang ada direct effect ke
atas penentuan dekat amount material dan - Quality Assurance: Using internal
pendedahan dalam financial statement. audit work for specific areas ensures a level
4. Identify related parties. of quality and rigor, adding credibility to the
- The auditor needs to assess the external audit process.
entity's handling and disclosure of
transactions involving related parties. - Regulatory Compliance: Internal
- Identifying these parties early is audit often monitors compliance with
crucial to avoid non-arm's length regulations and standards, providing
transactions (e.g., transactions with external auditors with
significant price differences). insights into regulatory adherence.
- The auditor should understand the 7. Developing Audit Strategy and Plan:
entity's controls over related party - Documenting the overall audit
identification, transaction authorization, strategy and plan
and accounting is crucial,
disclosure. detailing decisions about audit tests' nature,
5. Going concern issue timing, and extent.
- Auditors must consider the going - This involves compiling knowledge
concern assumption early in the audit, about the entity's business
objectives, strategies, and associated proactively identify opportunities to
risks. enhance client service within limits set for
consulting services.
- The auditor documents how the
entity manages risks and plans audit STEPS IN AUDIT PLANNING
procedures, accordingly, linking risks to 1. Client acceptance and initial
audit plans. planning
2. Understanding the client’s
8. Review audit strategy with audit business and accounting system
committee 3. Assessing client’s business risk
- Alignment and Understanding: 4. Performing preliminary analytical
Presenting the audit strategy to the procedures
audit committee ensures alignment between 5. Setting materiality and assessing
the committee's expectations and the acceptable risk
planned audit approach. It fosters a shared 6. Developing an audit plan
understanding of the audit's focus areas, 7. Documentation
risks, and planned procedures.
- Transparency and Accountability:
Reviewing the audit strategy promotes 1. CLIENT ACCEPTANCE
transparency in the audit process. It allows AND INITIAL PLANNING
the audit committee to assess the adequacy Client Acceptance and Initial Planning:
of the audit plan, ensuring it addresses key Quality Control Check: Auditors must
risks and areas of concern. This process follow procedures outlined in ISA 200 to
also establishes accountability for assess whether to accept or continue a client
the audit approach and decisions made. relationship, focusing on client integrity, the
- Input and Oversight: Engaging the auditor's competence, and compliance with
audit committee in reviewing the ethical standards.
audit strategy enables them to provide Annual Review: For existing clients, audit
valuable input based on their oversight role. firms should annually assess the auditor-
Their insights, guidance, and questions can client relationship to decide whether to
enhance the effectiveness of the audit plan, continue the audit engagement.
contributing to a more robust and New Client Procedures: When taking on
comprehensive audit process. new clients, auditors need to inquire about
reasons for changing auditors as per ethical
9. Additional value – added services codes. Proper documentation of client
(eg.tax planning) acceptance processes is essential, using
- During planning, auditors seek memos or checklists.
opportunities to recommend Engagement Letter: After accepting the
additional value-added services beyond appointment, the auditor should draft an
traditional ones like tax planning or IT
consultancy. engagement letter detailing the services,
- Understanding business risks timing, fees, responsibilities (auditor and
enables auditors to suggest valuable client), and any additional services to be
recommendations related to provided.
Initial Audit Planning:
processes, strategic planning, and Client Assessment: Auditors decide whether
improvements. to accept a new client or continue with an
- Considering these services during existing one based on various factors,
planning helps the audit team including the need for an audit.
Understanding Client Needs: Identifying need this understanding to evaluate and
why the client wants or needs an audit is assess compliance.
crucial as it influences the entire planning Information Gathering Methods:
process. Reviewing Previous Audit Files: Examining
Agreeing on Engagement Terms: Auditors past audit records provides crucial historical
ensure mutual understanding with the client context.
regarding the engagement terms to prevent Consulting Published Material: Reading
misunderstandings. articles about the client and its industry
Overall Audit Strategy: Auditors develop a from trade magazines or financial press aids
comprehensive strategy for the audit, in understanding trends and industry
including staffing decisions and the dynamics.
potential requirement for specialized audit Internet Research: Using online resources
experts. helps gather additional information about
2. UNDERSTANDING THE the company and its industry.
CLIENT’S BUSINESS AND Reviewing Company Accounts: Examining
ACCOUNTING SYSTEM interim, internal, and management accounts,
Knowledge of Business Impact: Auditors if accessible, offers insight into current
must understand the business sufficiently to financial standings.
identify events, transactions, and practices Communication with Management and
affecting financial statements and the audit Audit Staff:
process. Discussions with Management: Engaging in
Assessing Risk Processes: Use gained conversations with current management
knowledge to understand the client's risk provides valuable insights into the current
assessment methods for: state of the business.
- Potential impact on financial Consulting Previous Audit Staff:
reporting Conversations with past audit staff who
- Risks of fraud and error worked on the client's audit offer historical
- Risks related to transactions with
related parties. perspectives and insights into prior audit
- Risks from complex transactions processes.
- Level of subjectivity in financial 3. ASSESSING CLIENT’S
statement information BUSINESS RISK
- Risks linked to unrecorded Understanding Accounting Systems: Before
liabilities. assessing risk, the auditor examines
accounting and internal control systems.
Reasons for Understanding the Client's These procedures yield evidence supporting
Business and Industry: assessments of financial statement
Industry-specific Risks: Different industries misstatement risks.
pose varying risks that can influence an Using Knowledge for Assessment: The
auditor's assessment of business risk and auditor leverages insights gained from
acceptable risk, potentially affecting understanding the client's business and
engagement acceptance. industry to assess the risk that the client
Common Industry Risks: Certain risks are might not achieve its objectives (client
common across industries; understanding business risk).
these helps auditors evaluate their relevance Management's Responsibility: Management
in specific industries. identifies business risks and responds to
Unique Accounting Needs: Industries have them. The auditor focuses on the risk of
unique accounting requirements (e.g., financial statement misstatements resulting
construction, financial institutions); auditors from client business risks.
Not All Business Risks Impact Statements: indicate potential misstatements or
Not all identified business risks translate irregularities, prompting auditors to dig
into material financial statement deeper into those areas.
misstatements. ISA 315 emphasizes the Materiality Assessment: Preliminary
importance of the entire audit team analytical procedures assist in assessing
understanding potential misstatement risks. materiality, determining what amounts or
Discussion of Risk Factors: ISA 315 errors might have a significant impact on
requires the audit team to discuss risk the financial statements.
factors during the planning process. Planning Further Audit Steps: Findings
Assessing Misstatement Risks: The auditor from preliminary analytics guide the auditor
evaluates risks of misstatement at two
levels: in planning subsequent audit procedures,
- Financial statement level: Risks with including where to allocate more audit
potential widespread impact across financial resources and attention.
statement items (e.g., the risk of a Documentation: Results from these
company's procedures should be documented,
inability to continue as a going concern). explaining the findings and their
implications. This documentation forms part
- Assertion level: Risks specific to of the audit trail and supports the overall
transaction classes, account balances, and audit strategy.
disclosures. 5. SETTING MATERIALITY
4. PERFORM PRELIMINARY AND ASSESSING ACCEPTABLE
ANALYTICAL PROCEDURES RISKS
The purpose: auditor get a better Understanding Key Processes:
understanding of the client’s business and Auditors need to know the main processes
assess this business risk. Also, can perform that make a company stand out or face
comparison of the client’s ratio to industry. challenges compared to others.
Understanding the Business: Analytical They gather info about these processes,
procedures are used at the start of an audit including industry factors affecting them,
to understand the client's business and how management oversees them, and their
industry. They provide an initial assessment potential impacts on operations and
of financial data and trends. finances.
Risk Assessment: They assist in risk Using Key Process Information:
assessment by identifying unusual Auditors use this information to form
fluctuations or inconsistencies in financial expectations about the company's account
information. This helps auditors focus on balances and performance.
areas that might pose higher risks of These expectations are based on:
material misstatement. i. Being independent of management's
Comparative Analysis: Preliminary views.
analytics involve comparing current ii. Documenting reasoning behind
financial data with prior periods or industry these expectations.
benchmarks. Deviations from expected iii. Sharing these expectations with the
trends are investigated further. entire audit team.
Financial Statement Relationships: These
procedures analyse relationships and ratios 6. DEVELOPING AN AUDIT PLAN
within the financial statements (like gross i. Overall Audit Strategy:
margins, expense ratios, etc.). Significant ISA 300 requires creating a strategy guiding
deviations trigger additional inquiry. the audit's scope, timing, and direction
Identifying Potential Misstatements: Large before crafting the detailed audit plan.
variances or unexpected trends could
ii. Components of the Audit Plan: - Details of key decisions, scope,
Description of procedures: timing, and how the audit will be
Risk assessment procedures: Understand conducted.
potential misstatement risks. - This can be summarized in a memo
outlining important decisions related to the
Further audit procedures: Detailed checks at audit's scope and conduct.
the assertion level. ii. Audit Plan Details:
Other required audit procedures as per Documentation should include:
standards. - Nature, timing, and extent of risk
assessment procedures.
iii. Types of Audit Tests: - Further audit procedures at the
Risk Assessment Procedure: Identifying assertion level for each important class of
material misstatement risks based on transaction, account balance, and disclosure
understanding the business and based on assessed risks.
environment. - Use of standard audit programs or
Test of Controls: Checking effectiveness of checklists tailored as necessary to suit the
client controls through inquiries, document specific engagement circumstances.
checks, observation, and testing
transactions. RISK ASSESSMENT
Substantive Test of Transactions: Verifying Components of Risk in Auditing:
accuracy of recorded transactions affecting 1. Business Risk:
financial statement balances. Definition: Impact on operations and
Analytical Procedures: Identifying potential outcomes of organizational activities.
misstatements in financial statements. Importance: Affects how the organization
Test of Details of Balances: Focusing on operates and achieves its goals.
ending balances in financial accounts using Key point: Understand operational risks for
highly reliable external sources. effective auditing.
Conclusion: Crucial to assess operational
iv. Audit Program Structure: impacts on financial statements.
Typically structured into three parts: 2. Financial Reporting Risk:
- Tests of controls and substantive Definition: Risks related to recording
transactions. transactions and financial data presentation.
- Analytical procedures. Importance: Influences accuracy and
- Test of details of balances. reliability of financial statements.
Each transaction cycle evaluated using Key point: Ensuring accurate financial data
specific sub-audit programs. presentation is essential.

v. Flexibility in Planning: Conclusion: Critical for reliable financial


The audit plan might need adjustments statement reporting.
during the audit process based on findings 3. Engagement Risk:
or changes in circumstances. Definition: Risks auditors face while
working with a client.
7. DOCUMENTATION Importance: Affects auditor-client
i. Overall Audit Strategy and Plan: association and potential financial loss.
The auditor should document: Key point: Managing risks through client
- Overall audit strategy, highlighting acceptance decisions.
significant changes made during the audit. Conclusion: Crucial for maintaining
reputation and financial stability.
4. Audit Risk:
Definition: Risk of providing an incorrect - Aspects of the entity and its
opinion on materially misstated financial environment.
statements. - Internal control components,
Importance: Impacts the credibility of audit including sources of information used to
findings and conclusions. gain this understanding.
Key point: Assessing risks of misstatements - Outline risk assessment procedures
in financial statements. performed.
Conclusion: Vital for ensuring accuracy in 3. Identified and Assessed Risks:
audit opinions. - Document identified risks of
potential material misstatements:
- At both the financial statement level
HOW TO IDENTIFY RISK and assertion level.
ASSESSMENT - Include related controls for which
1. Enquiry the auditor has gained an understanding.
2. Analytical procedures By that, auditors can:
3. Observation and inspection - Reduce their workload significantly.

RISK ASSESSMENT PROCEDURES IN - Enhance the audit's effectiveness


AUDITING: and efficiency.
1. Identification through Procedures: - Directly align the audit with the
Enquiries of management, analytical client's day-to-day operations.
procedures, observation, and inspection. - Increase the chances of identifying
Not solely sufficient for audit evidence but significant errors or misstatements.
helps in identifying potential risks.
2. Business Risk Assessment:
AUDIT RISK
Immediate impact on financial statements 1. Acceptable Audit Risk:
and controls. - Measures the auditor's willingness to
Management identifies and addresses these accept that financial statements might have
risks through internal control. material misstatements after issuing an
3. Audit Approach: unqualified opinion.
Develop an understanding of the business, - Different from business risk, which
management's risk management processes, encompasses all risks in a company's daily
and use these to develop expectations about operations.
account balances. 2. Components of Audit Risk:
Assess control quality to manage risks and - Material misstatement risk in
determine residual risks. financial statements or individual
DOCUMENTATION transactions and balances.
1. Discussion Summary: - Detection risk: The risk that auditor
- Record discussions within the procedures might miss a material error.
engagement team about the susceptibility of 3. Assessment and Planning:
the entity's financial statements to potential - Assessed using professional
material misstatements. judgment, crucial in the planning phase.
- Document significant decisions - Evaluated at the organizational level
made during these discussions. (whole financial statement) and transaction
2. Understanding Elements level (individual financial components).
Documented: 4. Setting Audit Risk:
- Capture key elements of - Often assessed after engagement
understanding: risk evaluation.
- Inversely related: High engagement 5. Audit Planning and Inherent Risk:
risk demands lower audit risk (more - Integral in developing the overall
rigorous audit), and vice versa. audit plan.
- Engagement risk guides the - At the financial statement level, it's
determination of the desired audit risk level. linked to material balances or assumed high
5. Considerations in Audit Risk Model: inherent risk for specific assertions.
- Influences the amount of evidence
- Complexity or uniqueness of gathered; higher inherent risk requires more
transactions increases the chance of error. evidence.
- Management incentives or pressures 6. Relationship with Audit Process:
may lead to earnings or asset misstatements. - Inversely linked to Detection Risk
- Stronger internal controls reduce the (DR) and directly affects the evidence
likelihood of misstatement. needed.
6. Audit Risk Model Equation: - High inherent risk demands more
AR= IR x CR x DR audit attention and evidence gathering to
AR = Audit Risk ensure accuracy and reliability.
IR = Inherent Risk (risk of material b. CONTROL RISK
misstatement before considering controls) 1. Definition:
CR = Control Risk (risk that internal - Represents the risk that a client's internal
controls won't prevent/detect control system won't catch or prevent a
misstatements) misstatement in financial statements.
DR = Detection Risk (risk that auditor 2. Key Points about Control Risk:
procedures won't catch misstatements) - Quality of controls varies across
a. INHERENT RISK different transaction types.
1. Definition: - Strong internal controls lower the
- Measures the likelihood of material risk of misstatement.
misstatements in an account balance before 3. Factors Influencing Control Risk:
considering client's internal control - Attitude of directors and
effectiveness. management towards internal control
2. Factors Influencing Inherent Risk (control environment).
(Financial Statement Level): - Effectiveness of internal controls
- Integrity of management. and staff capabilities in maintaining and
- Nature, quality, and experience of operating them.
the business management.
- Level of competition in the market. - Integrity of staff and management.
- Complexity of operations. 4. Assessment and Impact on Audit:
- Cash situation of the business. - Preliminary assessment of control
3. Factors Affecting Inherent Risk risk is done for each significant account
(Transaction Level): balance or class of transactions.
- Susceptibility to misappropriation. - Preliminary assessment is typically
- Complexity of transactions. high unless:
- Degree of judgment involved. - Relevant internal controls are
identified that could prevent or detect
4. Characteristics Elevating Inherent misstatements.
Risk: - Plans are made to perform tests of
- Complex transactions are more control to validate this assessment.
likely to have errors. 5. Relationship with Audit Process:
- Estimated balances are more prone - Inversely related to Detection Risk
to misstatement compared to fact-based (DR) and directly related to the evidence
ones. needed.
- High control risk implies more - Development of substantive tests
substantial audit procedures and evidence aligned with detection risk.
required to ensure accuracy and reliability. - Anticipating potential
c. DETECTION RISK misstatements.
1. Definition: - Adjusting the timing of audit tests.
- The risk that audit procedures might not - More comprehensive review of
catch significant misstatements in financial engagements due to heightened risk.
statements.
2. Control and Application: MATERIALITY
- Controlled by the auditor and is a 1. Definition:
key aspect of audit planning. - Information is material if its
- Sets the level of rigour for omission or misstatement could impact
substantive audit work. users' economic decisions based on
3. Influence on Audit Procedures: financial statements.
- Preliminary assessment of inherent - Acts as a threshold for significant
and control risks helps determine the nature, errors, rather than a primary characteristic.
timing, and extent of substantive 2. Auditor's Responsibility:
procedures. - Auditors must determine if financial
- Can be assessed subjectively as statements are materially misstated.
high, medium, or low, or using statistical - If material misstatements are
methods. identified and not corrected, auditors must
address them in the audit report.
3. Preliminary Judgements:
4. Relation to Audit Risk and - Auditors assess materiality early in
Engagement Risk: the audit to guide audit procedures.
- Inversely related to engagement - Professional judgment determines
risk; lower engagement risk leads to lower the level of materiality, reviewed as the
detection risk. audit progresses.
- Higher inherent or control risk leads 4. Materiality for Financial Statements:
to lower detection risk, necessitating more - Assessing the total uncorrected
robust substantive testing. errors to gauge materiality for the entire
5. Impacts on Audit Procedures: financial statement.
- Lower detection risk demands more - Planning materiality is set for the
rigorous testing: larger sample sizes, whole statement and then allocated to
reliable evidence, experienced auditors, specific accounts based on their
closer supervision, and extensive year-end susceptibility to errors.
testing. 5. Factors Influencing Materiality:
- More checks are required with - Determined by professional judgment
higher inherent or control risk to minimize based on users' needs, financial statement
overall audit risk. elements, areas of focus, entity nature,
6. Variation in Detection Risk: ownership structure, and financing.
- Table 5.1 demonstrates the acceptable 6. Relation to Audit Risk and
levels of detection risk based on evaluations Evidence:
of inherent and control risks. - Materiality and audit risk are
7. Modifying Audit Procedures: interrelated throughout the audit process.
- Changes in evidence collection and - Audit risk is a function of material
audit response: misstatement risks and detection risk;
- Deployment of experienced
personnel.
auditors consider both while planning audit
procedures and evaluating misstatements'
impact.
7. Documentation:
- Audit documentation must include:
- Materiality for the entire financial
statement.
- Materiality levels for specific
transactions or balances.
- Performance materiality.
- Any revisions in materiality as the
audit progresses.

You might also like