Brendan Murtagh

IAASB Board Member

IFAC-SAFA SMP Forum

New Delhi, India
October 10, 2014

Page 1
The Changing Audit Environment

The external audit underpins quality and credibility of

financial reporting and public confidence
Revolutionary change over the last 20 years in how
and when financial information is communicated
Global financial crisis has further triggered questions
Relevance of the audit and trust in the audit profession
Quality of auditing effectiveness, professional judgment,

professional skepticism
Increased complexity in financial reporting and
global business activity has increased users need
for more information
Page 2
Overview

Audit quality framework now and future

ISQC1 and the ISAs

Structure

Proportional application, including documentation

IAASB update other projects and plans

Audit efficiency
Tips
Resources

Page 3
Framework for Audit Quality

Key Elements
.

Inputs

Process

Outputs

Interactions

Contextual Factors

Page 4
Framework for Audit Quality - Objectives

Raise awareness of the key elements of audit quality

Encourage stakeholders to reflect on ways to improve
audit quality
Facilitate greater dialogue between key stakeholders on
the topic

The AQ Framework describes the input and output factors that

contribute to audit quality at the engagement, audit firm, and national
levels, and demonstrates the importance of appropriate interactions
among stakeholders and the relevance of various contextual factors.

Page 5
Framework for Audit Quality Acknowledging SMEs

Inputs
- Auditor viewed as a valued business and tax advisor
- SMPs have very direct influence on governance arrangements,
consultation, and monitoring activities
- Can you have relatively straightforward quality control policies and
procedures
- External consultation, technical support and using independent
staff in quality monitoring processes may be challenging for SMPs
- A culture of consultation may need to involve external technical
resources (e.g., professional accountancy organizations, other
firms, or suitably resourced third-party organizations)
- SMPs with only a small number of audit clients may have
difficulties retaining staff with relevant audit knowledge and
experience

Page 6
Framework for Audit Quality Acknowledging SMEs

Outputs
- Strong and frequent communications with senior management due
to close involvement in the entitys business and lengthy
relationships
- Enhanced opportunity to provide meaningful advice to clients
Contextual Factors
- Business practices and information systems, and applicable
financial reporting framework, are sometimes les complex
- Little distinction between management and those charged with
governance (e.g., an owner-manager will usually fulfil both roles)
- Audit committees are rare and, when they exist, members are
often not independent or financial literate
- Reporting deadlines can be less onerous

Page 7
Framework for Audit Quality Next Steps

All stakeholders encouraged to consider how they may use

the Framework in reflecting how they may influence
improvement in audit quality
Actions to raise awareness and promote the use of the
Framework and identify future opportunities to enhance
audit quality
Audit Quality webpage on the IAASBs website
Prominence in IAASB outreach and liaison activities
Use in revising ISQC 1 and ISA 220

Future follow-up activities after a period of time to understand how
and in what way the Framework is being used

Page 8
Overview

Audit quality framework now and future

ISQC1 and the ISAs

Structure

Proportional application, including documentation

IAASB update other projects and plans

Audit efficiency
Tips
Resources

Page 9
Understanding the ISAs Overall Structure

Preface
Scope and Authority

Glossary
Terms applicable to the standards

ISQC1
QC for firms

ISAs
37 in all, 570+ requirements (incl. ISQC1)

Page 10
Structure of the ISAs

Clarity structure in which information is presented in

separate sections: Introduction, Objective, Definitions,
Requirements and Application and other Explanatory
Material
Emphasis on professional judgment, the standards are
principles based which allows practitioners to tailor audit
procedures
Contain special considerations for smaller entity audits
Some ISAs only apply to larger entity audits
Many requirements may not be relevant to SME audits

Page 11
Proportional Application ISQC 1

ISQC 1 Quality Control for Firms that Perform Audits and

Reviews of Financial Statements and other Assurance and
Related Service Engagements
- Applies to firms of all sizes that provide services covered by the
IAASBs International Standards
- Must comply with each requirement unless, in the circumstances of
the firm, it is not relevant to the services provided
- Contains special considerations for smaller practices
- The form and content of documentation evidencing the operation of
each elements of the system of quality control is a matter of
judgment and depends on the size, nature and complexity of the
firm and number of offices

Page 12
Proportional Application ISA 200

ISA 200, Overall Objectives of the Independent Auditor and

the Conduct of an Audit in Accordance with International
Standards on Auditing
- The practitioner needs to comply with all ISAs relevant to the audit
and with all requirements in ISAs relevant to the audit
- A complete knowledge of all the standards is essential in order to
make a professional judgment as to what to leave out
- Not all ISAs are relevant to every audit as the standards are
designed to cover audits in every situation globally

Page 13
Proportional Application ISA 210

ISA 210 Agreeing Terms of Audit Engagements

- Paragraph 6, agreeing the terms of engagement with
management, and paragraphs 9 and 10, which require you to
communicate the terms in writing to management in a letter, will be
applicable in every engagement
- Paragraphs 7 and 8 deal with an imposed scope limitation and the
situation where the preconditions do not exist. Paragraphs 14-17
deal with changes to the terms of engagement in mid-audit and
paragraphs 18-21 the situation where laws and regulation
supersede the ISAs
It is important to know what the requirements are, but these situations
are also likely to be far and few between for SME audits

Page 14
Proportional Application ISA 210 (cont)

ISA 210 Agreeing Terms of Audit Engagements continued

- To summarize, of the 16 requirements in ISA 210, paragraphs 6, 9
and 10 are critical and will apply in every engagement. For SMPs,
knowing they have to deal with 3 main requirements out of 16 is a
lot less daunting than considering all 16 every time.

Page 15
Proportional Application ISA 315

ISA 315 Identifying and Assessing the Risks of Material

Misstatement through Understanding the Entity and its
Environment
- The objective of the auditor is to identify and assess the risks of
material misstatement, whether due to fraud or error, at the
financial statement and assertion levels, through understanding the
entity and its environment, including the entitys internal control,
thereby providing a basis for designing and implementing
responses to the assessed risks of material misstatement.
Focus on significant risks effectiveness and efficiency
- Understand the business important from an engagement risk
perspective
- Identify significant risks up front and focus audit effort on these

Page 16
Proportional Application ISA 315 (cont)

ISA 315 focus on significant risks effectiveness and

efficiency continued
- Substantive tests are required for each material class of
transactions, account balances and disclosures, but tests of details
only required for significant risks
- Consider analytical procedures (follow requirements of ISA 520
Analytical Procedures) for non-significant risk items where
appropriate
- Use professional judgment to determine what substantive tests to
use on items not considered significant risks
- ISAs explicitly encourage the auditor to exercise professional
judgement in determining the form and extent of documentation
they acknowledge extent may vary depending on the
circumstances
Page 17
Proportional Application some ISAs not relevant

Examples of some of the ISAs that would not be relevant

in an SME audit include:
- ISA 402 Audit Considerations Relating to an Entity Using a Service
Organization if the SME does not use a service organization
- ISA 510 Initial Audit Engagements Opening Balances if the SME
is a continuing, and not an initial, engagement
- ISA 600, Special Considerations Audits of Group Financial
Statements (Including the Work of Component Auditors) if the SME
audit engagement is not a group audit.
- ISA 610 Using the Work of Internal Auditors if the SME has no
internal audit function

Page 18
Documentation ISA 230

ISA 230 on documentation is one of the shortest ISAs

Only 9 requirements but another 22 specific requirements
in other ISAs listed in the appendix
Must be in detail (e.g. specific items sampled) and who did
what and when (paragraph 9)
Document discussions of significant matters,
inconsistencies, and departures from requirements
(paragraphs 10-12)
Remainder covers matters arising after the audit report is
signed, and assembly of the file

Page 19
Purposes of Audit Documentation

Evidence of the auditors basis for a conclusion about the

achievement of the overall objectives of the auditor (ISA
200 para 11)
A sufficient and appropriate record of the basis for the
auditors report (ISA 230 para 5)
Evidence that the audit was planned and performed in
accordance with ISAs

Page 20
Additional purposes (ISA 230 para 3)

Assist in planning/performing the audit

Assist the direction, supervision and review of the audit
work (ISA 220 para 2)
Enabling the engagement team to be accountable for its
work
Record matters relevant to future audits
Enabling EQCR/ISQC 1 review
Enabling external inspections

Page 21
Sufficient audit documentation

Oral explanations by the auditor, on their own, do not

represent adequate support for the work the auditor
performed or conclusions the auditor reached, but may be
used to explain or clarify information contained in the audit
documentation (ISA 230 para A5)
If its not documented it wasnt done!

Page 22
Documentation Regulators Observations I

Worldwide regulators complain about poor documentation

Too much documentation in some established and low risk
areas and not enough in other difficult areas
Poor evidence of link between risk analysis and
procedures performed problems identified but not
addressed
Not enough showing the thought processes but how!?
Sample sizes being cut, materiality levels being raised,
analytical procedures not being used much without
documentation for the justification of this big issues

Page 23
Documentation Regulators Observations II

ISA 200: scepticism is an attitude including a questioning

mind, being alert to conditions which may indicate possible
misstatement, and a critical assessment of audit evidence
Scepticism is not cynicism / distrusting everything: assume
documents are genuine unless reason to suspect not
Scepticism is about challenging assumptions and actively
considering the possibility of bias
Little evidence of professional scepticism
Insufficient evidence of challenge to client assumptions
(e.g., impairments, going concern): often, the challenge
took place in meetings but was not documented

Page 24
Documentation Real Problem

Excessive documentation for compliance purposes is real

problem keeps auditors from engaging with the client
Largely a product of over-engineered and inefficient audit
methodologies leading to under- or over-auditing
Poor documentation by auditors for example
- Keeping interesting but irrelevant information on the file
- Full documents rather than extracts
- Not making use of facilities for electronic cross-referencing
- Poor checklists used indiscriminately without thought

Page 25
Overview

Audit quality framework now and future

ISQC1 and the ISAs

Structure

Proportional application, including documentation

IAASB update other projects and plans

Audit efficiency
Tips
Resources

Page 26
 Projects nearing completion

Major changes to the audit report (late 2014)

- Improved auditor reporting is essential to the continued relevance of
and trust in the audit profession globally
- The audit opinion is valued, but the auditors report could be more
informative
- Users, in particular investors, want more relevant and decision-useful
information about the entity, the financial statements and the audit
thereof
- Requirements to determining and communicate Key Audit Matters
ISA 720 (early 2015?)
- Identify other information in the auditors report
- Clarify responsibilities
Auditing Financial Statement Disclosures (mid 2015?)
- Changes proposed across a number of ISAs
- Reinforce consistent and proper application of existing requirements
Page 27
 Proposed Work Program 20152016 Feedback

Initially suggested focus on three priority projects

Quality Control (QC); Special Audit Considerations Relating to
Financial Institutions; Professional Skepticism
Clear from responses that the IAASB needs to advance its
thinking in certain areas sooner than originally anticipated
Perhaps less important to complete projects on an accelerated basis
Respondents
Agreed with project on QC mixed views on how to addressed issues
Agreed with topic of Professional Skepticism further consideration as
to nature of project
Recognized importance of Financial Institutions, largely supportive,
but some caution against developing industry-specific ISAs; rather
non-authoritative material?
Expressed strong views to bring forward group audits (ISA 600)
Page 28
Encouraged timely work on agreed-upon procedures (ISRS 4400) and
 The IAASBs Innovation Working Group

Explore emerging developments in the audit, assurance and

related services fields for the purpose of assisting the IAASB in
identifying opportunities for relevant and effective standard
setting, or determining other potential actions, in a timely and
informed manner
Possible actions may include
Information gathering private outreach/ dialogue or academic research

Follow up actions Thought piece/ awareness (Staff publication/ IAASB

Position paper), public outreach or consultation paper or discussion
Standard setting
Areas of priority include integrated reporting (<IR>) and effects
of evolving use of technology on audits (including data
analytics) Page 29
 Global Adoption of Clarified ISAs

Jurisdictions Using Clarified ISAs Already, or Committed to Using Them in the Near Future
(103)
Asia and Oceania (21): Australia, Bangladesh, China, Hong Kong, India, Indonesia, Japan,
Kazakhstan, Kyrgyz Republic, Malaysia, Mongolia, Nepal, New Zealand, Pakistan, Philippines,
Singapore, South Korea, Sri Lanka, Thailand, Uzbekistan (listed entities), Vietnam

Americas (17): Argentina, Bahamas, Barbados, Brazil, Canada, Cayman Islands, Chile, Costa
Rica, El Salvador, Guyana, Jamaica, Mexico, Panama, Puerto Rico (private companies), Trinidad
and Tobago, Uruguay, USA (private companies)
Europe (39): Albania, Armenia, Austria, Belgium, Bosnia and Herzegovina, Bulgaria, Croatia,
Cyprus, Czech Republic, Denmark, Estonia, Finland, France (Experts Comptables), FYR
Macedonia, Georgia, Greece, Hungary, Iceland, Ireland, Italy, Kosovo, Latvia, Lithuania,
Luxembourg, Malta, Moldova, Montenegro, Netherlands, Norway, Romania, Serbia, Slovakia,
Slovenia, Spain, Sweden, Switzerland, Turkey, Ukraine, United Kingdom

Africa/Middle East (26): Benin, Botswana, Ghana, Jordan, Kenya, Kuwait, Lebanon, Lesotho,
Malawi, Mali, Mauritius, Namibia, Nigeria, Palestine, Rwanda, Senegal, Sierra Leone, South
Africa, Swaziland, Tanzania, Togo, Tunisia, Uganda, United Arab Emirates (Abu Dhabi and
Dubai), Zambia, Zimbabwe

Page 30
Overview

Audit quality framework now and future

ISQC1 and the ISAs

Structure

Proportional application, including documentation

IAASB update other projects and plans

Audit efficiency
Tips
Resources

Page 31
Tips for Audit Efficiency

Automation standardized templates and customized

checklists
Software utilizing commercially available products
Planning timeframe, list of deliverables, client meeting
Risk based approach in line with ISAs
Staff training / supervision
Communication

Page 32
Knowledge Sharing Implementation

ISA Guide Volume 1

Fundamental concepts of a risk-based
audit in conformance with the ISAs

ISA Guide Volume 2

Practical guidance on performing SME
audits. Includes two illustrative case
studiesone of an SME audit and one of a
micro-entity audit

Page 33
Knowledge Sharing Implementation (cont)

QC Guide
Helps SMPs apply ISQC 1
proportionately and
efficiently. Includes
guidance, case study, two
sample QC manuals and
checklists
Reference, training,
customize manuals and
checklists

Page 34
IFAC Global Knowledge Gateway

Page 35
References IAASB

Staff Q&A, Applying ISAs Proportionately with the Size and Complexity
of an Entity:
http://www.ifac.org/publications-resources/staff-questions-answers-applyi
ng-isas-proportionately-size-and-complexity-ent

Staff Q&A, Applying ISQC 1 Proportionately with the Nature and Size of
a Firm:
http://www.ifac.org/sites/default/files/publications/files/Staff%20QA%
20ISQC%201%20Proportionality_FINAL.pdf

The Clarified ISAsFindings from the Post-Implementation Review: http

://
www.ifac.org/publications-resources/clarified-isas-findings-post-implemen
tation-review

Page 36
References Knowledge Sharing - Implementation

Guide to Using International Standards on Auditing in the Audits of

Small- and Medium-Sized Entities (Third Edition) (incl. companion
manual and slides):
https://www.ifac.org/publications-resources/guide-using-international-standards-
auditing-audits-small-and-medium-sized-en

Guide to Quality Control for Small- and Medium-Sized Practices (Third

Edition) (incl. companion manual and slides):
www.ifac.org/publications-resources/guide-quality-control-small-and-medium-sized-
practices-third-edition-0

Boosting the Quality and Efficiency of Smaller Entity Audits article: https://
www.ifac.org/news-events/2013-07/boosting-quality-and-efficiency-smaller-entity-
audits
Tips for Cost-Effective ISA Application article: https://
www.ifac.org/publications-resources/tips-cost-effective-isa-application
Tips for Cost-Effective ISQC 1 Application article: https://
www.ifac.org/publications-resources/tips-cost-effective-isqc-1-application Page 37
Thank You

www.ifac.org/smp

Page 38