Auditing Standards – Practical Aspects

Presented by:

CA VIJAY JOSHI

Contents of Presentation -

Introduction History Standards – Why and What are they? Evolution of Auditing Standards ICAI – Standards on Audit Current Trends Practical Aspects

History

5000 years ago, people in Mesopotamia were found to be communicating basic information on crops and taxes.

Recordings of financial transactions have been found in Egypt, Greek, Aztek, China, India etc.

In ancient Rome, one official would compare records with another, an application of duties and verification.

The ‘AUDIT’ was born.

History

From the end of 19th Century, Sweden recorded the auditing profession gaining entry in public management through the regulation of public institutions.

Institute of Chartered Accountants of India (ICAI)

Regulator of AuditingProfession in India

ANDAuthority Prescribing

Accounting and AuditingStandards

Effective Compliance with Standards

Standards – Why?

We need standards for variety reasons in every walk of life.

They represent ‘an international consensus on good quality management practices’.

Changing perception of customers has necessitated bringing about and following standards in services by professional bodies.

Remove disparity in service provided by members.

Standards – Purpose

Delineate basic principles of audit as it should be.

Provide a framework for performing and promoting a broad range of value added audit activities.

Establish the basis for the evaluation of audit and assurance performance.

Foster improved organisational processes and operations.

Standards – Purpose

Guidance to Members Codification of Current Practices Assurance of Consistent Practices

adopted across the Profession Assurance of Quality

What is a Standard?

Attributes Performance Implementation

A standard is a document that establishesuniform engineering or technical specifications,criteria, methods, processes or practices.

Why Auditing

Economic consequences – Impact of using unreliable information

Enhancing credibility of financial information

Conflict of interest – Users vs. Preparers

Remoteness – Physical, Legal

( A vital part of Economic Infrastructure)

AASB I

Initially, a part of the Research Committee. Constituted as the AUDITING

PRACTICES COMMITTEE (APC) on September 17, 1982.

Non-standing Committee of ICAI. APC converted to AASB in July, 2002.

AASB II

ICAI is the ONLY Standard setter in India

Relationship with IAASB

ICAI is a founder member of IFAC

Membership obligation – convergence with ISAs

NSS Policy Paper of IAASB on convergence with ISAs, July,2006

International Acceptance of ISAs World Bank ISAs are benchmarks for carrying

out its study on Observance of Standards and Codes

INTOSAI ISAs used by national SAIs to frame audit guidelines

IOSCO Evaluating conditions on which it can endorse ISAs for cross border purposes

European ISAs accepted subject to local due

Commission process in member countries

Size of firms - ICAIVast majority SMPs with SME clientsCost and time vis a vis detailed requirements of Standards.

32,198

7,588

3,949

880

92

Proprietary

2 partner

3 - 5 partner

6 - 10 partner

11 - 20 partner

Effective Auditing Standards - Essentials

Amenable toenforcement

Flexibility for application

Universal acceptance

Easy to understand

Principle based

AuditingStandards

Recent Developments

Towards Convergence

Revised Preface (w.e.f.April 6, 2008)New Framework: Engagement and Quality Control

StandardsRevised Due ProcessNew Format of Standards

Revised Framework of Assurance (w.e.f. April, 2008)

Standard on Quality Control (SQC) (April, 1,2009)

A New Framework

Chartered Accountants Act, 1949, Code of Ethics and other relevant pronouncements of the ICAI

Standards on Quality Control (SQCs)

Services covered by the pronouncements of AASB

Assurance Services Related Services

Framework for Assurance Engagements

Audits and reviews of historical financial information

Assurance Engagements other than audits or reviews of

historical financial information

Standards on Auditing (SAs)100 -

999

Standards on Review Engagements (SREs)

2000 - 2699

Standards on Assurance Engagements (SAEs)3000

- 3699

Standards on Related Services (SRSs)4000 -

4699

Structure of Engagement & quality Control Standards

AUDITING RELATED SERVICES

Nature of Service

Audit Review Agreed upon Procedure

Compilation

Level of Assurance

High, but not absolute

Moderate Assurance

No Assurance No Assurance

Report Provided

Positive Assurance on assertions

Negative Assurance on Assertions

Factual Findings of procedures

Identification of information compiled

New Format of SAs

Distinct sections – no more bold lettering used, instead use of “SHALL” Introduction Scope – Objective Effective Date Requirements – basic principles, “shall” Application & Explanatory Material Appendices

Application material & Appendix integral part of SA but do not impose requirement.

* w.e.f. April 1, 2008

Other Important Facts About SAs Nomenclature AASs done away with Standards on Quality Control and Engagement

Standards: Standards on Auditing Standards on Review Engagements Standards on Assurance Engagements Standards on Related Services

Standard on Quality Control (SQC) 1 is the Mother Standard.

Renumbering/ re-categorisation as per IAASB format New Format – Two Sections Differences from ISs given as “Material Modification to

ISs in SAs” Due Process made more rigorous* w.e.f. April 1, 2008

Recently IssuedSAs – An Overview200-299 General Principles & Responsibilities SA 230, “Audit Documentation” (w.e.f. April 1, 2009) SA 240, “The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial

Statements” (w.e.f. April 1, 2009) SA 250, “The Auditor’s Responsibilities relating to Laws and Regulation in an Audit of

Financial Statements” (w.e.f. April 1, 2009) SA 260, “Communication with Those Charged with Governance (w.e.f. April 1, 2009)

300 – 499: Risk Assessment SA-300 Audit Planning April 1, 2008) SA 315, “Identifying and Assessing the Risk of Material Misstatement through

understanding the Entity and its Environment”, (April 1, 2009). SA 330, “The Auditor’s Responses to Assessed Risks” (w.e.f. April 1, 2008)

Recently IssuedSAs – An Overview

500-599 Audit Evidence

600-699 Audit work of Others 700-799 Audit Conclusions & Reporting SA 510, “Initial Audit Engagements-Opening Balances” (w.e.f. April 1, 2010) SA 530, “Audit Sampling” (w.e.f. April 1, 2009) SA 540, “Auditing Accounting Estimates, Including Fair Value Accounting

Estimates, and Related Disclosures” (w.e.f. April 1, 2009) SA 550, “Related Parties” (w.e.f. April 1, 2010) SA 560, “Subsequent Events” (w.e.f. April 1, 2009) SA 570, “Going Concern” (w.e.f. April 1, 2009) SA 580, “Written Representations” (w.e.f. April 1, 2009)

Recently IssuedSAs – An Overview600 -699 – Using work of Others

700-799 – Audit Conclusions & Reporting

SA 720, “The Auditor’s Responsibilities in Relation to Other Information in Documents containing Audited Financial Statements.

800-899 - Specialized Areas

Compliance with SAs

Compliance with SAs Mandatory Departure only if alternate audit procedures achieve

objective of SAs Document reasons for departure Document alternative procedures Report to draw attention

SA not applicable if situation outlined in SA is absent. Document alternative procedures performed

Framework of Assurance Engagement

Subject matter Criteriaevaluation

Responsible party

Practitioner

outcome

Assurance Report

Opinio

n

Intended users

Enhan

ced

confi

denc

e

Evidence gathering

Elements of Assurance Engagement

I. Three party relationship

II. Appropriate subject matter

III. Suitable criteria

IV. Sufficient appropriate evidence

V. Written assurance report

I. Three Party Relationship

The three parties:

1.Practitioner

2.Responsible party

3.Intended user

II. Subject Matter

Forms: Financial performance/ conditions Non financial performance/ conditions Physical characteristics Systems and processes Behaviour

Characteristics: Qualitative/ quantitative Objective/ subjective Historical/ prospective Point in time/ covers a periodCharacteristics affect precision in evaluation against criteria and

persuasiveness of audit evidence

Can Engagement Risk be Zero?

NO. Selective testing Inherent limitations of internal controls Persuasive nature of evidence Use of judgment in gathering & evaluating

evidence Characteristics of subject matter

System of Quality Control

All firms to establish system of quality control that provides Reasonable Assurance that: Firm & personnel comply with professional standards,

regulatory & legal requirements; and Reports issued are appropriate in the circumstances

Communicate Independence Requirements Identify and Evaluate Threats to Independence Notification of Breaches Annual written independence confirmation Audit of FS of listed entities – rotation of

engagement partner – at least every 7 years

Independence

Client Relationship

Client acceptance/ continuation policies to reasonably assure: All information on client integrity Firm has capability, time & resources for

the engagement Firm can comply with ethical requirements

Withdrawal from the Engagement or Client Relationship

EngagementEngagement QC Review QC Review (EQCR)(EQCR)A Litmus test for QC!!

Process: To provide objective evaluation Before report is issued For significant judgments &

conclusions of engagement team In formulating report

Engagement DEngagement Documentation Firm to establish time limits appropriate to

nature of engagement to assemble files – not more than 60 days in case of audit

Maintain confidentiality, safe custody, integrity, accessibility and irretrievability

Policies/procedures for retention of engagement documentation is no shorter than ten years from the date of the auditor’s report, or if later, the date of the group auditor’s report

Ownership of documentation - Property of the firm

Documentation Policies/procedures for

documentation to provide evidence of operation of each element of QC system

Form & Content – factors to consider size of the firm and the number of offices Degree of authority both personnel and offices have Nature and complexity of the firm’s practice and organisation

Retention Time period sufficient to permit evaluation of firm’s

compliance with QC system Longer period, if required by law

SA 230 : Audit Documentation

Record of: audit procedures performed

relevant audit evidence obtained

conclusions reached

Also known as “working papers”, “work papers”

SA 230 : Audit File

one or more folders or other storage media

in physical or electronic form

containing records that comprise audit documentation for a specific engagement

SA 230 : Scope

Scope

To be adapted to audits

of other historicalfin info

Auditor’s responsibility to prepare audit doxfor an audit of FS

Specific dox requirements of other SAs do not

limit application of this SA

L&R may establish additional

requirements

SA 230 : Nature & PurposeAssist team in planning

& performing

Assist supervision & direction

Assist QC review

Create accountability

Record matters of continuing significance

Assist external inspection

Evidence of basis for conclusion re achievement of overall objectives

Evidence of audit planning & performance

as per SAs & L&R

Prepare documentation that provides

Sufficient & Appropriate record of basis ofauditor’s report

Evidence that audit was planned and performed

in accordance with SAs & L&R

SA 230 : Objective

SA 230 : Experienced Auditor

An individual (whether internal or external to the firm) who has practical audit experience, and a reasonable understanding of:audit processesSAs and applicable L&R reqtsbusiness environment auditing and financial reporting issues

SA 230 : RequirementsAssembly

of Final Audit File

Documentation of Audit Procedures

and Audit Evidence obtained

Timely Preparation of Audit Documentation

SA 240 Responsibility for Fraud Prevention

Those charged with governance

Oversight of management policies Consider potential for management override of controls Consider potential for management’s inappropriate

influence on financial reporting

Management Establish proper policies Emphasis on ethics and honesty

SA 240The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial

Statements Responsibility of Auditor Obtain reasonable assurance that financial statements

are free of material misstatements.

Subject to: Inherent limitations of audit Fraud – deliberately concealed so difficult to

detect

But exercise PROFESSIONAL SKEPTICISM.

SA 240:Aspects covered under Requirements

1. Professional skepticism2. Discussion among engagement team3. Risk Assessment Procedures and Related Activities4. Identification & assessment of risks of material misstatements5. Responses to assessed risks of material misstatement6. Evaluation of audit evidence7. Auditor unable to continue engagement8. Management representations9. Communications to management and those charged with

governance10. Communication to regulatory authorities11. Documentation

SA 240: Professional Skepticism Attitude that includes:

Questioning mind Critical assessment of audit evidence

Reliability of audit evidence Controls over preparation & maintenance of information

Do not take client integrity and honesty for granted

Documents may be accepted as genuine if no contrary indications. But when in doubt, may:

Confirm directly with 3rd party Engage expert to assess authenticity

SA 240:Auditor Unable to Continue the Engagement

Exceptional circumstances

Determine professional & legal responsibilities & reporting to: Appointing authority Regulator

Consider if withdrawal is appropriate

If withdraws: Discuss reasons with management & those charged with governance Determine legal/ professional requirement to report to the appointing

authority, regulator

SA 240:Communications – Management & Those Charged With Governance To management:

Fraud identified/ information indicating fraud Timely basis Appropriate level

To those charged with governance: Management fraud; OR Frauds by employees having significant role in internal

control; OR Frauds by others where they result in material

misstatement in financial statements

SA 240:Communication – Regulators

Actual/ suspected fraud Determine duty to report to regulator Legal/ regulatory responsibilities normally

override client confidentiality requirements Seek legal advice to determine appropriate

course having regard to PUBLIC INTEREST

SA 315 - Small Entity Considerations

Do not have formal processes to measure & review financial performance

Inquire management for any informal process

Since no performance/review measurement exists, it leads to increased risk of undetected & uncorrected misstatements.

SA 315 - Internal Control – Components

Monitoring

InformationSystem

Entity’s RAPs

Control Activities

Control Environment

INTERNAL CONTROL

SA 315 - Smaller Entity Considerations (para A72 – A74)

Those charged with governance may not be independent/ outside members.

Governance role undertaken by owner. No documentary evidence on existence of

control environment. Attitudes, awareness and actions of owner are of

particular importance

SA 315 - Smaller Entity Considerations(Para A89-A90)

Underlying concepts same as in larger entities, but less formal

Some controls may not be relevant due to direct owner oversight

Relate mainly to transaction cycles Understand CARA:

Necessary for assessing risk of material misstatement at assertion level and designing audit procedures responsive to risk

Response to IT risks

SA 330:The Auditor’s Responses to Assessed Risk

Tests of Controls Audit Procedure for evaluating operating effectiveness of

controls in preventing/ detecting & correcting material misstatement at assertion level

Substantive Procedures Analytical Procedures designed to detect material

misstatements at assertion level: Tests of details – classes of transactions/ account balances/

disclosures Substantive analytical procedures

SA 540: Auditing Accounting Estimates, Including Fair Value Accounting Estimates,

and Related Disclosures Scope Auditor’s responsibility for AE fair value AE.

And related disclosures Application of SA 315 and SA 330 in relation

to AE Requirement and guidance on misstatements

of individual AE, and indicators of possible management bias

SA 540

Nature of Accounting Estimates

PS items that cannot be measured precisely but can only be estimated

Measurement objective for some AE-To forecast the outcome of one or more transactions, events or conditions

Measurement objective for fair value AE Expressed in terms of the value of a current transaction or PS item

Difference between outcome of an AE and amt originally disclosed in FS does not necessarily represent a misstatement of FS, particularly for fair value AE.

SA 540:

Accounting Estimates Examples

Allowance for doubtful accounts Inventory Obsolescence Warranty obligations Depreciation method or asset useful life Provision against the carrying amount of an investment Outcome of long term contracts Financial Obligations/Costs arising from litigation settlements

and judgments

SA 540

Fair Value Accounting Estimates – Examples

Complex financial instruments, which are not traded in an active and open market

Share-based payments Property or equipment held for disposal Certain assets or liabilities acquired in a business

combination, including goodwill and intangible assets Transactions involving the exchange parties without

monetary consideration

SA 540 O b j e c t i v e Obtain SAAE in context of applicable FRF:

AE including fair value AE in the FS are reasonable

Related disclosure in the FS are adequate.

SA 580 - Smaller Entity Considerations

Not many control activities exist Extent of documentation of controls is limited

Use substantive procedures In some cases – absence of control activities or a

component of IC, obtaining appropriate audit evidence difficult

Practice Management-I

Environmental Pressure Competition Pressures

To acquire and maintain clients Cutting costs where integrity is impaired Provision of non-audit services to clients

Timing of completion of Audit Work Audit Fees Vs Cost of Compliance Heighten Regulations

Practice Management-II

Maintaining Adequate Documentation Implementation of Standards Time Management

Audit Documentation

Legal Defence for a practitioner Standardisation of working papers –

ChecklistSpecimen letter

Document profile of client Document significant observation Cost of Documentation

Implementation of Standards

Prepare a checklist Update checklist regularly

Hold group meetingAttend study circle meetingsRead literature

Record compliance in respect of each client

Time Management

Time Recording Matching actual time spent with budgeted

time Holding meetings with client after

completion of audit

Concluding Observations

Bear in mind the increasing cases before Disciplinary Board and the need to be transparent in the services provided.

Believe in documentation and not in verbal communications or relations.

An audit should be seen having been effectively carried out with documentation.

Concluding Observations

Apply Professional Judgment Technical knowledge, skill and experience Intuitive skills – To deal with any situation Nose for Truth Auditor Responds Beware of Professional Liability vis-à-vis

ICAI as well as general public & regulators

Thank You