- Information
- AI Chat
Audit planning - notes
Auditing (AUD339)
Universiti Teknologi MARA
Recommended for you
Preview text
AUDIT PROCESS: Audit Planning
Benefits of audit planning - Helps auditor to obtain sufficient appropriate evidence - Helps to keep audit costs reasonable - Avoid misunderstanding with clients - Helps minimise legal liability and reducing the audit risk
Steps in planning
➢ Initial audit planning ▪ Decide whether to accept or continue doing the audit – to investigate new clients and to evaluate existing client
▪ Identify client’s reasons for the audit – financial audit or special audit such as for loan application, acquisition of business, take-overs & mergers
▪ Factors that should be considered by an auditor before accepting appointment from a new client: Management integrity; Overall risks in the engagement; Familiarity with the nature of client’s business; Ability to perform the audit work. (Whether we are competent or not) Ability to comply with the ethical requirements (such as MIA by-laws)
▪ Issue an engagement letter A written agreement between the auditor and the client concerning the conduct of the audit and the related terms of the engagement. Is written by the auditor to his client after accepting appointment but before starting the audit work.
Contents of an engagement letter: - The objective of the audit of financial statements. - Management’s responsibility for the financial statements. - The scope of the audit, including reference to applicable standards. - Degree of auditors assurance (the auditor is not responsible for the discovery of all frauds). - The inherent limitations of an audit (material misstatements may remain undiscovered). - Auditor’s right to access records, documents and information. - The form of auditor’s reports. - Deadlines for completing the audit. - Basis for determination of audit fees - Acknowledgement of acceptance of the terms by the client.
Purpose of engagement letter: - to provide written confirmation of the acceptance of appointment; - to clearly define the auditor’s responsibility and scope of audit; - minimise possibility of misunderstanding between the client and auditor;
➢ Determine the audit staffing requirements ▪ Select the appropriate staff for the engagement. ▪ Factors to consider: engagement size & complexity, level of risk, special expertise required, personnel availability, timing of the audit.
➢ Obtain knowledge of the client’s business and industry ▪ Have a better understanding about the client - Client’s history, major activity, organisation structure, management integrity, reliability of work done by internal auditor, owner (shareholders) and management of the business. ▪ Obtain knowledge of client’s industry and business so that unique accounting requirements can be identified and industry risks & inherent risks can be identified. ▪ Identify government regulations that affect the entity and its industry. ▪ Conduct a tour of the client’s plant and offices so as to obtain a better understanding of the client’s business and operations. ▪ Evaluate need for outside specialists.
Matters to be considered when obtaining knowledge of the business: ▪ General economic factors – recession, growth, government monetary & fiscal policy, foreign currency rates, taxation, tariff. ▪ The industry – market and competition, cyclical or seasonal activity, changes in product technology, business risk, specific accounting practices, regulatory framework, reporting requirements. ▪ The entity: Management and ownership – capital structure, organizational structure, source and methods of financing, board of directors, management experience & reputation, staff turnover, incentive plans. Business – nature of business, location of branches, product & services, customers profile, type of inventories, major suppliers, franchises, licenses, patents, R&D, foreign currency transactions, regulation affecting the entity, debt structure, going concern status Financial performance & position – profitability, working capital, liquidity.
➢ Establish materiality and audit risk, and assess inherent risk + preliminary level of control risk ▪ Assess whether there are possible auditability problems. (If there is no apparent problem, the level of inherent risk is considered low).
▪ Materiality: The degree of importance of an item (in the context of presenting fairly the financial performance and position of an enterprise). Information is material if its omission or misstatement could influence the economic decisions of users taken on the basis of the financial statements. Materiality is used as a criterion for determining the items that require attention and detail examination. Involves professional judgment. Materiality level helps auditor in determining the items that should be examined and the items that can be disregarded. In deciding materiality level, auditor has to consider both the amount (quantity) and nature (quality) of misstatements. Example of quantitative factor: transaction of RM100,000 is generally more important compared to transaction of RM1,000.
ii) DR = 0 (AR). 0 (IR) x 0 (CR)
DR = 0 @ 8%
iii) DR = 0 (AR). 1 (IR) x 1 (CR)
DR = 0 @ 5%
There is an inverse (negative) relationship between detection risk and the combined level of inherent and control risks.
CONTROL RISKS High Medium Low INHERENT RISK High LOWEST LOWER MEDIUM Medium LOWER MEDIUM HIGHER Low MEDIUM HIGHER HIGHEST
Shaded area: Detection risk
The higher the assessment of inherent and control risks (lower detection risk), the more audit evidence the auditor should obtain from the performance of substantive procedures.
▪ There is a direct relationship between audit evidence and the combined level of inherent and control risks.
High inherent and control risks Low inherent and control risks ↓ ↓ Low detection risk High detection risk ↓ ↓ Low materiality level High materiality level ↓ ↓ More audit evidence from substantive tests Less audit evidence from substantive tests
How to use the audit risk model? i. Set the acceptable level of audit risk. ii. Assess inherent risk. iii. Assess control risk. iv. Determine the detection risk.
Auditor's assessment of materiality and audit risk may be different at the planning stage and at the time of evaluating the results of audit procedures.
➢ Assess the possibility of fraud and errors ▪ Identify possibility of fraud and errors. ▪ Plan the audit with professional skepticism (maintain a critical and questioning mind)
➢ Understand the applicable laws and regulations ▪ Understand provisions of laws and regulations that affect the client.
➢ Identify related parties ▪ Identify related parties (related party refers to an affiliated company, principal owner of the client company, or any other party with which the client deals where one of the parties can influence the management of the other). ▪ How? By reviewing minutes of BOD meeting, reviewing accounting records etc.
➢ Review of audit work done in previous year ▪ Refer to Audit working paper i., permanent audit file and current audit file.
➢ Conduct preliminary analytical procedures ▪ Analyse significant ratios and trends. Investigate of their relationship in order to determine whether account balances and other data appear reasonable. ▪ Purpose: to assist in planning the nature, timing and extent of audit procedures,to identify potential errors, to determine area that require detailed checking + substantive tests.
➢ Develop an overall audit plan and prepare audit programmes ▪ To prepare audit budget which include budgeted time, staff, deadline, expenses etc. ▪ To select audit team based on qualification, skill and experience. ▪ To develop a written audit programme.
Audit programme: A document which contains audit procedures that should be performed by the audit staff. Purpose: to provide a set of detailed step-by-step audit procedures for each auditable area and to provide a systematic audit approach. Advantage: Facilitate supervisor to monitor performance of audit work by the staff. Also used to document work done + audit evidence gathered during the audit.
Matters to be considered in developing the overall audit plan (AI300): ▪ Knowledge of business ▪ Understanding the accounting and internal control systems ▪ Risk and materiality ▪ Nature, timing and extent of procedures ▪ Coordination, direction, supervision and review ▪ Other matters
Sources to obtain knowledge of the industry and entity (AI310): ▪ Previous experience ▪ Knowledgeable people within the entity ▪ Internal audit reports ▪ Knowledgeable people outside the entity ▪ Publications / reports related to the industry ▪ Legislation and regulations ▪ Visit to the entity’s premises ▪ Documents produced by the entity
Audit planning - notes
Course: Auditing (AUD339)
University: Universiti Teknologi MARA
