PART B Objective of EA To give an opinion on the FS whether it contains material misstatements due to fraud or error, so that a true and fair view opinion can be issued. Professional scepticism An attitude that includes a questioning mind, being alert to conditions which might indicate a possible misstatement due to fraud or error, a critical assessment of audit evidence. Professional judgement The application of relevant training, knowledge, and experience in making informed decisions about the courses of action that are appropriate during the audit engagement. Audit risk The risk that auditors express the wrong audit opinion when the FS is materially misstated. Inherent risk The risk that items in the FS contains mm before consideration of any controls by the client. Control risk The risk that items in the FS contains mm and it will not be prevented on a timely basis by the entity’s internal control systems. Detection risk The risk that the audit procedures performed by the auditor failed to detect actual mm in the client’s FS. This is a risk that belongs to the auditor, and they have control over it. Sampling risk The risk that auditor cannot detect mm during audit because they did not audit the entire population. The risk may be reduced by increasing the sample size. Non-sampling risk The risk that auditor cannot detect mm during audit even if they audited the entire population. Reasons could be due to carelessness, lack of experience, tight audit deadlines, lack of senior supervision. The risk may be reduced by ensuring the audit team conduct the job properly. Materiality A matter is material if its omission or misstatement could influence the economic decisions of users taken on the basis of the FS. There are 2 types of materiality level which is quantitatively and qualitatively. It uses judgement and can be revised throughout the audit. Why materiality considerations - To achieve an effective and efficient audit approach. - Whether to use sampling techniques. - How many and what items to be examined. Performance materiality The amount set by the auditor at less than the materiality for the FS as a whole to reduce the risk that the aggregate of uncorrected and undetected misstatements exceeds materiality for the FS as a whole. Understanding the entity and its environment – WHY? - To identify and assess the risks of material misstatement in the FS. - To enable the auditor to design and perform further audit procedures. - To provide a frame of reference for exercising audit judgement. HOW? By performing Risk Assessment Procedures to understand the entity and its environment. Examples of RAP: - Observe internal control system in the company - Perform analytical procedure - Inspection on relevant documents - Discuss among team members - Enquire relevant personnel Sources of information + explanation. Examples: - The website of the company to understand the nature of the entity. - The prior year audit file to investigate any significant differences. - The agreements with third parties to ensure the company has not breached it. - The internal control system’s policies to understand the ICS of the company. - Discussion with management to satisfy the doubt over going concern. Why ISAs requires Risk Assessment to be carried out at planning stage? - Help the audit team gain understanding of the entity for audit purpose - Help form the basis of the audit strategy and detailed audit plan - Help select audit team member with sufficient skills and experience to maximise the chance of addressing the risks. Objectives of planning - Enables the auditor to obtain extensive understanding of the client’s entity and environment. - Enables auditor to relate their understanding of the client’s business to their FS of client. - Helps the auditor to design the audit procedures to be perform on the high-risk areas identified in the FS. - Helps auditor to give appropriate attention to important areas of the audit. - Helps the auditor to organise and manage the audit so it is performed in an effective manner. - Helps the auditor to identify and resolve potential problems on a timely basis. Audit strategy A high-level document that sets out the scope, timing, direction of the audit and guides the development of audit plan. *general strategy of the audit Audit plan Audit plan converts the audit strategy into a more detailed plan. It sets the nature, timing, and extent of audit procedures. *more detailed than audit strategy Audit documentation/Working papers Is the record of audit procedure performed, audit evidence obtained and conclusions reached. Ex: Audit strategy, audit plan, auditor’s report, report to management, board minutes pf meetings, internal audit reports, FS. Objectives of audit documentation - Provides evidence of the auditor’s basis on the conclusions reached. - Provides evidence that the audit was done in accordance with ISAs. - Enables the auditor to be accountable for their work. - Enables the conduct of quality control reviews and inspections. - Assist in the supervision and review of the audit. How much WP needs to be documented? The WP need to be prepared as to provide an experienced auditor with no previous connection with the audit, with an understanding of the work performed, the results of audit procedures, audit evidence obtained, significant matters arising during the audit and conclusions reached. Permanent files Information of continuing importance regardless of year. Ex: Engagement letters, Legal documents, Detail history of client’s business. Current files Information that is relevant to the current year’s audit only. Ex: FS, Account’s checklists, Review notes, Notes of board minutes, Audit strategy, Audit plan. Audit WP advantages (checklists and specimen letters) - Increased efficiency – with the checklist, it ensures standardisation of work. - Less risk of overlooking key procedures - Facilitate the delegation of work - Means for quality control Disadvantages - Mechanical approach – audit team members perform just for the “sake of doing it” - Audit judgement may be compromised. Audit WP advantages (automated WP) - The risk of errors is reduced - The WP will be neater and easier to review - The time saved will be large as adjustments can be made easier - Audit WP can be transmitted for review easily. Interim audit The interim audit will take place before the year end. During the interim audit, the auditor carries out procedures which would be difficult to perform at the year end because of time constraint. There is no requirement to undertake an interim audit; factors to consider when deciding upon whether to have one include the size and complexity of the company along with the effectiveness of internal controls. Final audit The final audit will take place after the year end. It concludes with the auditor forming and expressing an opinion on the FS for the whole year subject to audit. It is important to note that the final opinion is based on conclusions formed at both interim and final audit. ANALYTICAL PROCEDURES It is an analysis of relationships to identify the inconsistencies and unexpected relationships between financial and non-financial information. It provides evidence of completeness, accuracy, and occurrence of the information. AP is performed at THREE stages: Planning stage - Compulsory - To understand the nature of the entity and its environment - To identify risk of material misstatement in the FS - Any differences arises is investigated by asking the management Substantive procedure stage - Not compulsory - Only performed if auditors feels that the test of details is not enough to obtain sufficient and appropriate audit evidence. Overall review stage - Compulsory - To confirm external auditor’s understanding on the FS and ability to explain any inconsistency differences without asking the management. PART C ICS? A process designed, implemented, and maintained by those charged with governance to provide reasonable assurance about achievement of entity’s objectives. Purpose/why/benefits (management) - Reliability of financial reporting prepared - Safeguarding of assets - Effectiveness and efficiency of operations - Prevention and detection of fraud and error - Compliance with applicable laws and regulations. Components of IC (C R I M E) 1. Control Environment It refers to the actions, attitude, and awareness of the top management in relation to the company’s ICS. It is where the management set the tone of the company. 2. Risk Assessment It refers to how top management identifies risks faced by the organization and how they intend to address the risks identified. 3. Information Communication System It refers to how different departments within a company communicate with each other. 4. Control Activities/Procedures It refers to policies and procedures undertaken by employees in the company to ensure that management directions are carried out. Categories: S I P P A - Segregation of duties Assigning different individuals to the responsibility of authorizing, recording, and maintaining custody of assets. - Information processing Controls to check accuracy, completeness, and authorisation of transactions. - Performance review Review an analysis of actual performance vs budgeted/prior year etc. - Physical control Physical security of assets, data files. - Authorisation Approval of transactions/docs by an appropriate person. 5. Monitoring It refers to how top management monitor their employees in ensuring their employees adhere to the ICS implemented. Ex: IA Benefits of ICS (auditor) - Identify types of potential misstatements - Consider factors that affect the risks of material misstatements - Design appropriate audit procedures. Limitations - Human error - Collusion between employees - Cost of maintaining good ICS not outweighing the benefits - Management overriding controls - Unforeseen circumstances - Non-routine transactions being difficult for system to cope Documenting understanding of the system 1. Narrative notes/System notes Narrative notes consist of a written description of the system. It would detail what occurs in the system and include any controls which operate at each stage. +ve ▪ Relatively simple to record ▪ Can facilitate understanding by all audit team member, especially junior members ▪ Can be used for any systems ▪ Editing in future years can be relatively easy if computerised -ve ▪ More time consuming than a simple flow chart ▪ Too burdensome, especially if the system is complex ▪ May require some writing skills in order for it to be understandable 2. Questionnaires ICQ or ICEQ contains a list of questions. ICQ are used to assess whether the control exists while ICEQ test the effectiveness of the controls. +ve ▪ Quick to prepare, timely method for recording the system ▪ All controls present within the system are considered and recorded. ▪ Missing controls or deficiencies are clearly highlighted -ve ▪ More time consuming than a simple flow chart ▪ Easy for the company to overstate the levels of controls present ▪ A general or standard questionnaire for client is not effective, may miss out unusual controls. 3. Flowcharts Flowcharts are graphic illustrations of the ICS. Lines represents the sequence of events and standard symbols are used to signify controls or documents. +ve ▪ Easy to view the system because all presented in one diagram ▪ Standard format so easy to follow and review ▪ Ensure system is recorded in its entirety ▪ ▪ ▪ ▪ -ve They can sometimes be difficult to amend, require the whole flowchart to be redrawn. Generally, only suitable for describing standard systems Flowcharts tend to be too summarised, important details may be missed out Still need for narrative notes, hence time consuming PART D SOPL TRANSACTION AND EVENTS OCCURRENCE - Transactions and events recorded in the FS, have actually occurred, during the year and belongs to the entity. CUT-OFF - Transactions and events have been recorded in the correct reporting period. COMPLETENESS - All transactions and events that should have been recorded, have been recorded. ACCURACY - All transactions and events included in the FS are recorded at appropriate amounts. CLASSIFICATION - Transactions and events have been recorded in the proper accounts. PRESENTATION - All transactions and events are presented appropriately, and disclosures are complete and accurate as per IFRS. SOFP ACCOUNT BALANCES EXISTENCE - Asset, liabilities, and equity interest exists. RIGHTS AND OBLIGATIONS - The entity holds or control the rights to assets and liabilities are the obligations of the entity. COMPLETENESS - All account balances that should have been recorded, have been recorded. ACCURACY, VALUATION AND ALLOCATION - All account balances included in the FS are recorded at appropriate amounts. CLASSIFICATION - Assets, liabilities, and equity interest have been recorded in the proper accounts. PRESENTATION - All assets, liabilities, and equity amount are presented appropriately, and disclosures are complete and accurate as per IFRS.