Beruflich Dokumente
Kultur Dokumente
Chap 1
Definition of auditing:
- It is the accumulation and evaluation of evidence regarding declarations/claims about
information to determine the degree of correspondence between the declarations and
the established criteria (IFRS, ASPE) and to report the results to the interested users.
Now, it is hard to reduce the risk of the first 2 factors, but by annual auditing, the banks can
have accurate financial information, which reduces the information risk factor, ultimately
resulting in a lower interest charge to the business. This can have a large impact on savings in
terms of interest.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- Biases and motives of the provider: When the information is given by someone whose
goals are not aligned with those of the company or decision maker. The information can
be biased depending on the motive of that person. For instance a company making their
financial statements look good to obtain a loan or gain investors.
- Voluminous data: This occurs as the company gets larger and there is a large amount of
transactions happening. In those transactions, there is a chance that some are not
properly accounted for. Even if the transaction improperly recorded is not a big one and
left undiscovered, over a long period of time, multiple transactions like these can have a
material impact.
Reducing information risk depends on a company’s size, as to a small company it might be too
expensive to reduce risk. 3 ways to reduce the information risk:
1. User verifies information: The company may send a special audit to independently verify
and evaluate the key information of a specific company. Very costly.
2. Users share information risk with management: It is regarding the management sharing
reliable information to users. In case they fail to do so and the users incur losses, they
can be pursued in lawsuit. But the downside is the difficulty to collect losses incurred.
3. Audited financial statements are provided: Using the service of an external auditor to
provide assurances to users that the financial statements are reliable.
External users rely on financial statements to make business decisions. Therefore, having an
independent auditor indicating the reliability of the reports are used often. The decision makers
use the audited financial statements based on the assumption that it is reasonably complete,
accurate, and unbiased. They value the auditor’s assurance because of the auditor’s integrity,
independence, expertise, and knowledge of financial statement reporting matters.
Common types of Audits: Refer to table 1-1 on page 9
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
1. Financial statement audit: Conducted to determine whether the financial statements are
stated in accordance with specified criteria.
3. Operational audit: Review of a company’s operating procedures and methods for the
purpose of evaluating economy, efficiency, and effectiveness.
Types of auditors:
Internal auditors:
- Work for individual companies, banks, hospitals, universities, and governments. The
institute of internal auditors (IIA) defines internal auditing as an independent, objective
assurance and consulting activity designed to add value and improve an organization’s
operations. They help the company achieve its objectives by bringing a systematic,
disciplined approach to evaluate and improve the effectiveness of risk management,
control, and governance processes.
- To effectively perform assurance engagements, an internal auditor must be independent
of the line functions in an organization but will not be completely independent of the
company as long as an employer-employee relationship exists. In order to maintain
independence, internal auditors report directly to the audit committee of the board of
directors and senior management.
- Even though the internal auditors provide valuable information to internal users, it is not
reliable for external users due to lack of independence. As the company can direct the
internal auditors to focus on specific areas of the company where an external auditor is
independent to focus on whichever area he/she finds more valuable for external users.
Government Auditors:
- These auditors have the general responsibility of auditing the ministries, departments,
and agencies that report to that government. They are appointed by either bipartisan
legislative committee or by the government in that jurisdiction.
- The primary responsibility of the government auditor is to generally perform the
following:
1. Internal audits into financial matters or compliance with regulations, and whether
or not the operations are conducted in an efficient, effective, and economic
manner.
2. External audits of the financial statements.
3. Special examinations of efficiency, effectiveness, and economy (every 5 years)
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- In Canada, audits generally perform a performance audits (value for money audits),
which are based on the purpose of determining if the company or program is achieving
its objectives effectively, economically, and efficiently.
CRA auditors:
- These auditors deal with the federal tax laws as defined by Parliament and interpreted in
courts.
- They solely perform compliance audits.
- It can vary from simple individual tax return audits to multinational corporations.
Public accountants:
- They provide services of assurance in terms of accounting and tax advice to the public
on their financial statements.
- Only public accounting firms can conduct financial statement audits or reviews and only
Canadian CPAs with a public accountant’s license can sign an assurance report related
to financial statements.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Chap 2
Main areas in which the auditing frameworks focus on to improve the quality of auditing are:
Professional Skepticism (Art), Quality Control and Group Audits.
The quality is composed of many factors such as firm leadership, independence, integrity,
objectivity, personnel management, client acceptance and continuation procedures,
engagement performance, and monitoring.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Important term:
- Professional Skepticism: Auditors are to remain alert for the presence of material
misstatements, whether due to fraud or error, throughout the planning and performance
of an audit.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Quality control:
- Policies put in place by PA firms to ensure that they meet its professional
responsibilities.
- Canadian Standard on Quality Control (CSQC) is close to CAS, but the fact that CSQC
policies are established for the entire firm rather than CAS applies to individual
engagements.
- It is monitored annually as the quality partner tests the quality control procedures to
ensure that the firm is in compliance.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Management’s responsibilities:
- Here are some responsibilities that rest with management rather than auditor:
- Additional responsibility over the preparation of financial statements and internal control
of management that must be provided to auditor under CAS 200:
1. Access to all information that is relevant to the preparation of the financial
statements such as records, documentations and other matters
2. Any additional information that the auditor may request.
3. Unrestricted access to persons within the entity from whom the auditor
determines it necessary to obtain audit evidence.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Auditor’s responsibility:
CAS 200 highlight the overall objectives of the audit of the financial statements as:
1. To obtain reasonable assurance about whether the financial statements as a whole are
free from material misstatement, whether due to fraud or error, thereby enabling the
auditor to express an opinion on whether the financial statements are prepared, in all
material aspects, in accordance with an applicable financial reporting framework.
2. To report on the financial statements and communicate are required by CASs, in
accordance with the auditor’s findings.
Below are the important terms and phrases about the auditor’s responsibility to detect
material misstatements.
Reasonable assurance:
- Assurance is a measure of the level of certainty that the auditor has obtained at the
completion of the audit.
- Auditing standards indicate that reasonable assurance is a high, but not absolute, level
of assurance that the financial statements are free of material misstatements.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- The auditor is responsible for reasonable, but not absolute, assurance for the following
reasons:
1. Most audit evidence results from testing a sample and this contains the risk of
not uncovering a material misstatement. Other factors that require auditor
judgement include: The areas to be tested - The type, extent, and timing of those
tests - The evaluation of test results.
2. Accounting presentations contain complex estimates, which involve uncertainty
and can be affected by future events. As a result, the auditor has to rely on
evidence that is persuasive, but not convincing.
3. Fraudulently prepared financial statements are very difficult if not impossible to
detect for the auditor.
Auditor is mainly concerned with any fraud that may cause a material misstatement in the
financial statements. 2 types of intentional misstatements are:
1. Misappropriation of assets (employee fraud): A fraud involving the theft of an entity's
assets.
2. Fraudulent financial reporting (management fraud): Intentional misstatements or
omissions of amounts or disclosures in financial statements to deceive users.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- Fraudulent financial reporting is mostly done by management, as they have the power to
make accounting and reporting decisions without the knowledge of employees.
- Misappropriation of assets are mostly done by employees and the amounts are often
immaterial. But an accumulation of the immaterial amounts can have a material impact
on the financial statements.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- The reason why auditors have a hard time with responsibilities with laws and regulations
is to understand whether these non-compliance acts (illegal acts) have a direct or
indirect impact on the amounts and disclosures in the financial statements.
- Laws and regulation with a Direct Effect: These laws and regulations have a direct
impact on the amounts and disclosures of the financial statements. For example,
violation of federal tax laws will affect the amounts and disclosures of the income taxes.
Therefore to obtain sufficient (quantity) and appropriate (relevant) audit evidence about
the company’s compliance with laws and regulation. The auditor must perform a variety
of procedures to obtain reasonable assurance.
If the auditor finds out that the company is in non-compliance, he/she is required to
obtain an understanding of the nature of the act and how it occured, and obtain
information to evaluate its possible impact on the financial statements.
- Laws and Regulations with an Indirect Effect: This is where the compliance is
fundamental to the operating aspects of the company, to its ability to continue its
business, or to avoid material penalties. Examples are: expulsion of the company or
its assets due to bribery, this impacts both balance sheet and income statement. Failure
to respect the environmental laws could lead to fines and penalties.
Note: Even if the magnitude of the illegal act itself is not material, the consequences
could be.
The auditor is only responsible to perform specified audit procedures to help identify
non-compliance with the indirect laws and procedures. They are as follow:
1. Inquiring of management and those charged with governance about whether the
entity is in compliance with such laws and regulations.
2. Inspecting correspondence, if any, with the relevant licensing or regulatory
authorities.
- CAS 250 states that, other than inquiry of management, the auditor should not search
for illegal acts unless there is a reason to believe they may exist.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Also, based on the evidence obtained, the auditor is responsible for concluding whether
there is a material uncertainty about the company’s ability to continue as a going-
concern.
- Limitations to the auditor’s ability to detect material misstatement are linked with the fact
that future events are based on assessments.
- CAS 570.7, states that the auditor cannot predict future events and that the absence
of any reference to going-concern uncertainty in the auditor's report is not a
guarantee of the company’s ability to continue as a going-concern.
- Professional judgment is important to perform a quality audit. The auditors must make
quality judgments about the evidence, probabilities, options.
- By definition professional judgment is analytical and systematic, objective, prudent and
carried out with integrity and recognition of responsibility to those affected by its
consequences.
- In simple terms, it is a well thought-out, objective, meets the underlying principles of
GAAP and GAAS, has evidence to support the decision, maximizes the likelihood of
good consequences, carried out with truthfulness and forthrightness and considers
the impact on the financial statement users.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- Stage 4 and 5: This is an important stage as the auditor reviews the relation between
the evidence and the conclusion. The documentation process can help the auditor make
quality decisions as he/she will look at the information which was discarded and why it
was discarded. This process helps with confirmation bias, which means that the
auditor might have given more importance to an evidence that might not have been that
valuable.
- Judgment traps: Common systematic judgment tendencies and biases that can lower
the quality of the professional judgment process.
- Common judgment traps are:
1. Confirmation: Putting more weight on info that is consistent with initial belief or
preferences and avoiding looking at the other side of things or alternatives.
2. Overconfidence: Overestimating his/her own ability to perform tasks or to make
accurate risk assessments.
3. Anchoring: This happens when auditors are simply referring to the initial
numerical info provided by the management and not adjusting those numbers to
form their final judgment. Ultimately leading to the same mistake as the
management.
4. Availability: This happens when auditors rely on a recent case they have handled
by themselves or someone else to make a judgment of the case at their hand.
This can lead to a biased conclusion as the new case might be rare to the auditor
but he/she tries to find similarities, which can impact the professional judgment.
- The work environment such as time pressure, can contribute to applying less than
ideal professional skepticism.
Approach:
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- Relationships among cycles: Simply explains the links between the cycles, Refer to
figure 4-4 on page 102.
- Entity-Level controls: Controls that have a pervasive effect (or spreading effect) on
multiple processes, transactions, accounts and assertions.
- Audit objective: For all assertions, the audit objective is to prove with sufficient and
appropriate evidence that the assertion is true.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- Management assertions: Are to help the auditor to focus his/her attention on all the
various aspects of the transactions, account balances, and required disclosures that
need to be considered. In other words, they help pinpoint the most relevant assertions.
- Relevant assertions: assertions that have a meaningful bearing on whether an account
is fairly stated and are used to assess the risk of material misstatement and the design
and performance of audit procedures. To determine the relevant assertions, consider the
following:
1. Management bias, incentive and pressure.
2. The complexity or nature of the assertion. ( is it subjective, such as inventory
obsolescence?)
3. The risk of fraud and error.
2. Completeness :
- Management asserts that all transactions that should be included in the
financial statements are included.
- The auditor must ask: “ Are all the transactions included and recorded?”,
the auditor’s objective is to gather evidence that all transactions that
should be included in the files or journals have actually been included.
- Error in completeness results in understating the transaction, as the
management did not record what they should have.
3. Accuracy:
- Management asserts that all the transactions have been recorded at
correct amounts.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
4. Cutoff:
- Management asserts that all transactions are recorded in the proper
accounting period.
- The auditor must ask: “Are transactions recorded on the correct dates?”,
the auditor’s objective is to gather evidence that cutoff transactions, those
that occur close to period end, correctly accounted for.
- Error in cutoff can lead to either understatement or overstatement of
accounts and for this reason they are closely related to the occurrence
and existence assertions.
5. Classification:
- Management asserts that all transactions are recorded in the appropriate
accounts.
- The auditor must ask: “Are the transactions included in the client’s
journals properly classified?”, the auditor’s objective is to gather evidence
that the transactions are properly classified.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
1. Existence:
- Management asserts that all assets, liabilities and equity interests
included on the balance sheet are genuine and actually existed on
balance sheet date.
- The auditor must ask: “Do all amounts included exist?”, the objective is to
gather info that proves the inventory actually physically exists.
- An important procedure when it comes to prove the existence of assertion
is the actual physical observation, as if the inventory is counted twice, it
would be overstated, which is an existence error.
3. Completeness:
- Same as the transactions related to audit objectives.
5. Allocation:
- To develop allocation balance-related audit objectives, the auditor must
ask: “Are all amounts included appropriate?”.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
2. Completeness:
- Management asserts that all required disclosures have been included in
the financial statements.
- All material transactions have been disclosed with the related parties.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Client Acceptance:
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- Before accepting the engagement, the audit firms considers the following factors about
themselves: the competence, capabilities and resources to take on the engagement.
- The firm will also assess the integrity of the client, as well as any threats to
independence and possible risks to the audit firm associated with accepting the specific
client.
Audit planning:
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- The nature of the audit varies with the objectives of the phase and it refers to their
purpose (Risk assessment, test of controls, or substantive procedure) and type
(Inspection, observation, inquiry, confirmation, recalculation, reperformance or
analytical procedure).
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
The Why, What, How and When of the audit procedures: (LO-2)
- Audit procedures need to be detailed and specific, as:
1. Why is it being done?
2. What is being done?
3. How is it being done?
4. When it is to be done?
- Which items to select: This choice depends on the auditor and the size of the audit
procedure to determine the most effective way of completing the audit by selecting the
items. The choice can be one of the following or a combination, as to:
1. Select all items in the population
2. Select Specific items in the population
3. Use audit sampling
4. Use the combo of the first 3.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- Timing: Normally, the financial statement audit is completed one to three months after
year-end. The timing decision is affected by client deadlines. The timing can influenced
by the following factors:
1. When the evidence will be the most effective, for example, periodic inventory
means the auditor will observe the inventory count at year-end to effectively
identify errors.
2. The availability of the audit staff.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
5. Persuasiveness and Cost: Auditor must consider the cost to obtain the effective
evidence. The auditor’s goal is to obtain a sufficient amount of timely, reliable
evidence to the information being verified and to do so at reasonable cost.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
2. Observation:
- Simply the auditor is looking at a process or procedure being performed
by others
3. External confirmation:
- It is when the auditor’s receipt of a written or oral response from an
independent third party verifying the accuracy of information.
- CAS 500 states that External Evidence is considered more reliable than
evidence obtained from within the company.
- But the auditor must make sure that the information is being provided
from a third party, which has the competence, are careful and not related
in any way to the company.
- Also the auditor must have full control in the preparation of the
confirmation, this is from; performing the mailing or receiving the
responses. If not this will defeat the purpose of independence and will
lower the reliability of the evidence.
4. Recalculation:
- Repeating or checking the mathematical accuracy of calculations
completed by the client.
5. Reperformance:
- It is simply a verification of the company’s procedures and internal control
system. An example would be comparing an approved price list with the
price on an invoice. Or the auditor reperforms the transfers of the same
information into more than one place to verify if it is recorded the same
way.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
6. Analytical procedures:
- It is the use of comparisons and relationships to determine whether
account balances or other data appear reasonable.
- This procedure is used throughout the audit process, as part of planning
and assessing risk of material misstatement, in performing risk
response and in the completion phase of the audit.
- In order to perform the analytical procedures, you must:
1. Understand the client’s industry and business. This will help you
pinpoint the changes that can influence the audit planning.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
1. In audit planning:
- This is the preliminary analytical review, which assist in determining the
nature, extent and timing of audit procedures
- This also helps the auditor identify significant matters requiring special
consideration later in the engagement.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
2. Data reliability:
- The more reliable the data, the more precise the expectation, which is
based on the source of info, quality of controls in producing the info
and the independence of the source.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Documentation: (LO-6)
- Audit documentation: The written or electronic audit documentation kept by the auditor to
support audit conclusions. This includes risk assessments, procedures or tests
performed, information obtained and conclusions reached.
2. Record of the evidence Accumulated and the Results of the tests: The working
papers are the primary means of documenting that an adequate audit was done
in accordance with Canadian GAAS. If need be, the working papers can be used
to prove that the audit was planned and adequately supervised and the evidence
accumulated was appropriate, sufficient and timely and the auditor’s report was
proper considering the results of the examination.
3. Support for determining the proper type of Auditor’s report: The working papers
provide an important source of info to assist the auditor in choosing the
appropriate auditor’s report to issue in a given set of circumstances. The data in
the papers are useful for evaluating the adequacy of audit scope and the fairness
of the financial statements.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- Ownership of Working papers: They stay with the public accounting firm at the
completion of the engagement, unless the client has been subpoenaed by a court, the
client has the right to examine the working papers as legal evidence. Or if they are
required by the public accountants professional organization in connection with
disciplinary proceedings or practice inspection.
- Confidentiality of Working papers: The auditor cannot share any info in the working
papers. It can only be done with the express written permission of the client or if the
working papers are subpoenaed by a court or used in connection with disciplinary
hearings or practice inspection conducted by the auditor’s professional body.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Main focus of this chapter will be on detailed audit planning, which includes gaining an
understanding of the client’s business and industry, performing preliminary analytical
procedures, developing an overall audit strategy and making a preliminary judgement about
materiality.
Here are the 3 risk terms that influence the conduct and cost of the audit:
1. Acceptable risk: A measure of how willing the auditor is to accept that the financial
statements may be materially misstated after the audit is completed and an unqualified
opinion has been issued.
2. Client business risk: The risk that the client will fail to achieve its objectives related to:
- Reliability of financial reporting
- Effectiveness and efficiency of operations
- Compliance with laws and regulations
-This can arise from factors such as regulatory changes or setting inappropriate objectives or
strategies.
3. Risk of material misstatement: The risk that the financial statements are materially
misstated prior to audit. It is based on the following 2 components:
- Inherent risk: A measure of the auditor’s assessment of the likelihood of material
misstatement.
- Control risk: It is the risk that material misstatement will not be prevented or
detected and corrected on a timely basis.
- Assessing these 3 risks is a vital part of audit planning as it helps determine the amount
of evidence that will need to be accumulated and the experience level of staff assigned
to the engagement.
- CAS 300.9 states that the auditor must develop an audit plan that includes the following
components:
1. The nature, timing and extent of audit procedures for the purpose of risk
assessment.
2. The nature, timing and extent of additional audit procedures, linked to the
individual audit assertions.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
3. Any other audit procedures that are needed for the audit to be conducted in
accordance with GAAS.
4. Obtain an understanding with the client about the terms of the engagement:
- CAS 210 requires that auditors obtain an understanding with the client in an
engagement letter.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- Engagement letter is a written agreement between the public accounting firm and
the client as to the terms of the engagement for the conduct of the audit and
related services.
- For possible scope limitations that would cause the auditor to decline an
engagement refer to TABLE 6-2 on page 171.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
company. To assess the legal and political environment, the auditor would
consider factors such as legislation and regulation that significantly affect the
client’s operations, taxation and environmental requirements. You should
review the direct and indirect laws and regulation from chapter 4.
3. The auditor must understand the other external factors, such as general
economic conditions, interest rates and availability of financing and inflation or
currency revaluation.
- Tour of client’s facilities and Operations: It can be helpful to the auditor in obtaining a
better understanding of the client’s business operations, as it provides an opportunity to
observe operations firsthand and to meet key personnel.
- Identify related Parties: These transactions are important to identify, as there is a risk
that they were not valued at the same amount as they would have been if the
transactions had been with an independent party. This increases the inherent risk, which
means there is a high chance of material misstatements, because of both the accounting
disclosure requirement and the lack of independence between the parties.
- Code of ethics: The auditor should become knowledgeable about the company’s code of
ethics and examine any changes and waivers of the code that have implications for the
governance system and related integrity and ethical values of senior management.
- Minutes of Meetings: The corporate minutes are the official record of the meetings of the
BOD and shareholders. They include summaries of the most important topics discussed
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
at these meetings and the decisions made by the directors and shareholders. This
information affects the inherent risk.
- Despite management’s best efforts, business risks come up that threaten management’s
ability to achieve its objectives. This can influence the financial statements.
- As for Laws and regulations, the auditor should be familiar with the terms of client
contracts and other legal obligations.
- Auditors are required to perform prelim analytical procedures as part of the risk
assessment procedures to better understand the client’s business and industry and to
assess the client’s business risk.
- An example would compare the client’s ratios with those of industry to identify the areas
with increased risk of material misstatements that require further attention during audit.
- Another procedure is :
1. Horizontal Analysis: In which the account balance is compared to the last period
and the percentage change in the account is evaluated.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- Evaluate the need for outside Specialists: CAS 620, requires the auditors for selecting
specialists and reviewing their work (i.e lawyers). Keep in mind that the use of a
specialist does not affect the auditor’s responsibility for the audit and the audit report
should not refer to the specialist unless the specialist’s report impacts the audit opinion.
- Evaluate Whether Internal Audit Work can contribute: If the company has internal
auditors, the external auditor can ask them to either use their internal audit report or
direct assistance. (CAS 610) But the auditor must make sure that the internal auditors
have the competence, integrity and objectivity about their work. The general guideline is
that the higher the risk of RMM the more restricted the nature and extent of work should
be given to the internal auditors.
- Evaluate Reliance on Other Auditors: In cases where the client has multiple locations or
subsidiaries the audit firm may need to engage other auditors.
3. Materiality: (LO-6):
- If a misstatement or omission changes the economic decision of the users, then
it is considered material.
- The materiality is very much subjective as one item could be material for a client
and the same item could be immaterial for another. Therefore it depends on the
size of the organizations. CAS 320.2 states in determining overall materiality:
1. Judgments are made in light of circumstances surrounding the company
and are affected by the size and nature of the misstatement or combo of
both.
2. Judgments about what is material to users of the financial statements are
based on a consideration of the common financial information needs of
users as a group, not each user individually.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Additional steps:
- Determining trivial amounts: Matters that are clearly inconsequential, whether taken
individually or in aggregate and whether judged by any criteria of size, nature or
circumstances.
- Revise Overall Materiality
- This is an amount less than overall materiality that the auditor uses to plan and conduct
the financial statement audit engagement, to reduce the likelihood that uncorrected
errors exceed materiality. It serves for the following to functions:
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- The auditor sets a performance materiality as a percentage of overall materiality and the
auditor must be careful as if it is set too high, the auditor might not perform enough
procedures to detect material misstatements, vice-versa.
- It is used in the planning stage to identify what areas need to be audited and how much
and what type of work is needed and to calculate sample sizes.
- Refers to materiality level based upon a specific group of users’ needs and determined
for a particular class of transactions, account balance or disclosure.
- In this section we learn the relationship of applying the materiality to the decisions
related to evaluating the results, completing the audit, and reporting.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- CAS 450, requires the auditor to request that uncorrected misstatements be corrected,
while clearly trivial amounts can be ignored when proposing adjustments to the client
management.
- Here the 3 categories of misstatements:
1. Factual misstatements: The ones that are backed up by facts and are clear
misstatements.
2. Judgmental misstatements: The differences in management judgments about
recognition, measurement, presentation and disclosure in the financial
statements and the auditor’s judgment.
3. Projected misstatements: The auditor’s best estimate of misstatements in
populations, involving the projection of misstatements identified in audit samples
to the entire populations from which the samples were drawn.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
1. Inquiries of Management and Others Within the entity: Communicating with Staff
members, those charged with governance, internal auditors and others to receive a
variety of information about the entity and its environment.
2. Analytical Procedures: Refer to Chapter 6, but in general the analytical procedures help
the auditor identify unusual amounts, ratios, trends that might reveal unusual
transactions or events having audit implications.
3. Observation and inspections: Refer to Chapter 5, in general this procedure is about the
auditor going to the entity and observing the work firsthand and the inspection of
documents such as the organization’s strategic plans. This procedure helps the auditor
learn about the business and its environment.
4. Discussions Among Engagement Team Members: This helps to brainstorm ideas and
get insight from the engagement partners and key team members about the entity and
its environment. The underlying factor is building the right team and providing the right
support.
5. Other Risk Assessment Procedures: This procedure is in reference with using external
sources such as predecessor auditors, credit agencies, etc.
Significant Risk: It is an identified and assessed risk of material misstatement that, in the
auditor’s professional judgment, requires special audit consideration.
1. Risk fraud
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
6. Non-routine Transactions and Related Party transactions: Transactions that are unusual,
either due to size or nature, and that are infrequent in occurrence.
As we know detecting material misstatements due to fraud are very hard, if not impossible.
Therefore, CAS 240 outlines the following procedures in order to assess fraud risk:
1. Discuss with audit team members the risks of material misstatement due to fraud: simply
discussing with more experienced audit team members and asking the right questions.
They should include the external and internal factors of committing fraud such as:
- An incentive or pressure for management to commit fraud
- Provide the opportunity for fraud to be perpetrated
- Indicate a culture or environment that enables management to rationalize
fraudulent acts.
4. Evaluate the risk for revenue fraud and management override and understand period-
end.
CAS 240, presents the fraud triangle, which represents the 3 conditions under which the fraud
can be committed: (these are risk factors for fraudulent reporting)
1. Incentives/Pressures: Management or other employees have incentives or pressures to
commit fraud
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Once the RMM due fraud is identified, it need to be respond at 3 levels (CAS 240):
1. Overall responses:
- This is relating the adjustments to the overall audit strategy. If RMM due to has
increased, the audit team might need to add a fraud specialist.
- The auditors should give more importance to professional skepticism, in terms of
selection and extent of documentation examined in support of transactions.
- BE CAREFUL about the management’s choice of accounting principles as most
fraud is done in the revenue recognition.
- Fraud perpetrators are often knowledgeable about audit procedures and for this
reason, the auditors need to incorporate unpredictability factors in the audit
strategy.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
DR: The risk that the audit evidence for an audit assertion will fail to detect misstatements
exceeding performance materiality.
AAR: how willing the auditor is to accept that the financial statements may be materially
misstated after the audit is completed and an unqualified opinion has been issued.
- AAR: The auditor decides the risk the PA firm is willing to take that the financial
statements are misstated after the audit is completed, based on certain client-related
factors.
- Inherent and Control risk are based on auditor’s expectations or predictions of client
conditions
- The auditor needs to consider the factors related to engagement risk, which is the risk
that the auditor will suffer harm after the audit is finished even if the audit report is
correct. (i.e the client declares bankruptcy and therefore there is a likelihood of a lawsuit
against PA firm)
1. The degree to which external users rely on the statements: If the external rely heavily on
the financial statements, the auditor must decrease AAR. To judge the degree to of
reliance, consider the following factors:
- Client’s size
- Distribution of ownership
- Nature and amount of liabilities
2. The likelihood that a client will have financial difficulties after the audit report is issued:
In case the auditor thinks that the client will fail financially or suffers heavy losses, then the
engagement risk will increase, and AAR will decrease. Because if the client has to declare
bankruptcy, the auditor might need to defend his quality of the audit report. Here are some
factors that help the auditor to assess the entity’s ability to continue as going concern:
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
Factors affecting inherent risk or simply increasing inherent risk at assertion level:
1. Nature of the client’s business: (i.e obsolescence of assets and client business risk)
2. Results of previous Audits: Misstatements found in the last year’s audit have a high
chance of recurring as many types of misstatements are systemic in nature and
company’s are often slow to make changes.
3. Related parties
9. Initial Versus repeat engagement: Refers to the experience in the field of auditing for
auditors. New versus Old auditors.
Downloaded by mo mo (joram998@outlook.com)
lOMoARcPSD|3243319
- Here are the other ways an auditor can change the audit to respond to risks:
1. The engagement may require more experienced staff, if the AAR is low.
2. The engagement will be reviewed more carefully than usual when AAR is low.
Measurement Limitations:
- The difficulty in measuring the components of the model, as the risk factors are highly
subjective. Refer to table 7-5 on page 233.
Downloaded by mo mo (joram998@outlook.com)