Add to collection(s) Add to saved
  1. Business
  2. Accounting
  3. Financial Accounting

An Introduction to Risk Based Auditing

advertisement 
An Introduction to
Risk Based Auditing
ST UA RT H A RT LEY FCA
FOCUSROI I NC
SHARTLEY@FOCUSROI.COM
Copyright FocusROI 2014
The Audit Objective (ISA/CAS 200)
 To obtain reasonable assurance about whether the
financial statements as a whole are free from
material misstatement, whether due to fraud or error,
thereby enabling
 the auditor to express an opinion on whether the
financial statements are prepared, in all material
respects, in accordance with an applicable financial
reporting framework;
The Audit Process - in 3 steps
Risk assessment – What can go wrong?
◦ Perform risk assessment procedures to identify and assess the risks
of material misstatement in the financial statements.
Risk Response – Did it go wrong?
◦ Perform further procedures to respond to the assessed risks
and determine if material misstatements have occurred.
Reporting. – Opinion
◦ What is the appropriate wording of the audit opinion
based on the work performed?
Basic Audit Requirements
ISA/CAS 200
1. Comply with relevant ethical requirements,
2. Plan and perform an audit with professional skepticism
3. Exercise professional judgment in planning and performing an
audit
4. Obtain sufficient appropriate audit evidence to reduce audit risk
to an acceptably low level
5. Comply with all CASs relevant to the audit
Risk Assessment
What are the RMM in the F/S ?
1. Perform
preliminary
activities
4-6. Perform RAPs:
Pervasive
Risks
Controls
7. Conclude:
Assessed risks
at F/S level
Entity-Specific
Risks
Controls
Transactional
Risks
An audit
in 14
Steps
Controls
Assessed risks at
assertion level
Risk Response
Did material misstatements occur?
8. Design appropriate
audit responses:
9. Finalize audit plans
Assessed risks
at F/S level
Assessed risks at
assertion level
Further audit
procedures
Communicate audit plan to
management/TCWG
Reporting
Evaluating/communicating ?ndings, and forming an opinion
12. Communicate
(findings, misstatements and
significant control deficiencies)
13. Complete the audit file
(file and F/S reviews, final An Rev,
subsequent events and approvals)
14. Form an opinion
(appropriately word
and date auditor’s report)
Scope of Risk/Control Assessment
Entity Objective:
Information Systems
Revenue Purchasing
Payroll
Processes Processes Processes
Transactions
Other
Processes
Transactional
Pervasive
Transactional
Leadership/management
Controls
Governance
Pervasive
(entity level)
Inherent Risks
Financial Statements
that are not materially
misstated
Pervasive vs Transactional
The foundation
Information
Risk Management
Governance
Competence
Pervasive
Risks/Controls
Tone at Top
Transactional
Risks/Controls
Scope of Risk/Control Assessment –
Consider using the 3 risk/control Categories
Entity
Specific
C-PEM Form
520/522
Pervasive
C-PEM Form
530
Transactional
C-PEM Form
540 - 560
Identifying and Assessing Risk
Action Step
Scope
2. Identify Financial Reporting Risks
3. Assess Control Design
Inquire what controls address each risk
4. Assess Control Implementation
Do the identified controls actually exist
5. Test
Control
Assess
RMMEffectiveness
Identify the key controls to test and
material/significant control deficiencies
Copyright FocusROI 2013
Entity Specific
Pervasive
Transactional
Entity Specific
Pervasive
Transactional
Entity Specific
Pervasive
Transactional
Document
Results
1. Understand Entity and project Requirements
Entity Specific
Pervasive
Transactional
9
Categories of
Risk and Control
Pervasive
Transactions
Entity
Specific
Pervasive
risks/controls
Transactional
(account balance)
risks/controls
Use of Professional
Judgment to assess RMM
Risk Assessments
F/S Level
Assertion
Level
Assessed Risks...
At Financial
Statement Level
At
Assertion Level
Design/implement appropriate responses to risks
Risk
Response
Overall
Responses
Address:
- Professionalskepticism
- Level of staff assigned
- Extent of staff supervision
- Accounting policies used
- Unpredictableprocedures
- More further procedures
Further Audit
Procedures
Substantive
procedures
Tests of
detail
Tests of
control
Substantive
analytical
Result
Sufficient appropriate audit evidence
to reduce audit risk
to an acceptably low level
Reporting
12. Communicate
(findings, misstatements and
significant control deficiencies)
13. Complete the audit file
(file and F/S reviews, final An Rev,
subsequent events and approvals)
14. Form an opinion
(appropriately word
and date auditor’s report)
CPEM 2014
A practical approach to auditing
 The Canadian Professional
Engagement Manual
◦ Published by CPA Canada
◦ http://www.castore.ca/product/canadian-professional-engagement-manualmembers/5
FocusROI Services
 In house and web based Training
 Quality Control Monitoring
 Small group Coaching
www.focusroi.com
416 594 0005
info@focusroi.com
Please contact us
for further
information
info@focusROI.com
416 594 0005
Related documents
Evolution of an Automated Internal Audit Management System
Evolution of an Automated Internal Audit Management System
Audit Poster - BSG Colonoscopy Audit
Audit Poster - BSG Colonoscopy Audit
LGFMA Presentation - Internal Audit Program Model
LGFMA Presentation - Internal Audit Program Model
QUALITY ASSURANCE: Obstetrics Auditing, Records & Reports
QUALITY ASSURANCE: Obstetrics Auditing, Records & Reports
TH INSTITUTE OF CHARTERED ACCOUNTANTS OF
TH INSTITUTE OF CHARTERED ACCOUNTANTS OF
Subcommittee on Internal and External Audits Activity Report
Subcommittee on Internal and External Audits Activity Report
Trends in Assistive Technology: the big picture
Trends in Assistive Technology: the big picture
Finance & Investment Day-Audit Panel
Finance & Investment Day-Audit Panel
Download
advertisement