Date post: | 19-Dec-2015 |
Category: |
Documents |
Upload: | jayson-dixon |
View: | 220 times |
Download: | 2 times |
Planning the Audit/Assessing Risks and Response to Risks
2222
Presented by s
Mrs Marie Louise Teng Hing Voon, FCA
Partner BDO Mauritius
Member of Audit Practice Review Panel
at the
Financial Reporting Council
PLANNING
WELCOME AND INTRODUCTIONPage 3Page 3
Overall audit strategy & develop an audit plan
1.Involvement of Key Team
Members
2.Preliminary Engagement
Activities
3. Planning Activities 4.
Documentation
5. Considerations
- Initial engagements
2222
3.1 Develop Audit Plan
Ethical requirements compliance
3.0 Establish audit strategy
-Scope-Reporting objectives-Results of preliminary activities
- ResourcesUnderstanding
terms of engagement
- Nature, timing and
extent of risk assessment procedures (ISA 315)
3. Planning Activities
2.Perform Continuance Procedures –
ISA 220
1. Engagement Team
Discussion
Further procedures –
Assertion level ( ISA 330)
2222
APPROACH
• Risk Assessment Procedures
• Understand the entity and its environment, including internal control
• Identify & Assess Risks of Material Mistatements
IDENTIFY RISKPage 6
Identify and assess risk
2222
AUDIT RISK MODEL
Audit risk
Controlrisk
Inherent risk Detection risk
Risk of material misstatement
Page 7IDENTIFY RISKPage 7IDENTIFY RISK 222
2
Page 8
THE AUDIT RISK MODEL
Controlrisk
Inherent risk Detection risk
Understand the
business
Understand and assess
controls
Our response
222
IDENTIFY RISKPage 9
RISK TERMINOLOGY
Engagement level
Assertion level
Financial statement level responses /
actions
Significant RMM RMM
RMM Level
Identify
Assess
Respond
Potential RMM
Significant RMM RMM
Significant Normal
Audit Response
Audit Response
222
Engagement level AND ASSERTION LEVEL RISKSEngagement level
• Pervasively to F/S as a whole
• Not confined to specific elements, accounts or items of F/S
• Make us to change our overall behaviours and testing strategy relating to the audit as a whole
Assertion level
• Relate to classes of transactions, account balances or disclosures
IDENTIFY RISKPage 10
2222
IDENTIFY RISKPage 11
RISK ASSESSMENT PROCEDURES
• Basis for identification and assessment of risks
• Shall include:
1. Inquiries from management and others
2. Analytical Procedures
3. Observation and Inspection
Page 11IDENTIFY RISK 222
2
UNDERSTAND THE ENTITY
• Industry factors
• Regulatory factors
• Other external factors
• Business operations
• Investing activities
• Financing activities
• Financial reporting
• Fraud
Pro
fessio
nal
Jud
gem
en
tPotential RMMs?
Page 12IDENTIFY RISK 222
2
Page 13
InternalControl
MonitoringMonitoring
Control Environment
Control Environment
RiskAssessment
RiskAssessment
ControlActivities
ControlActivities
Information&
Communications
Information&
Communications
COMPONENTS OF INTERNAL CONTROL
Page 13IDENTIFY RISK 222
2
IDENTIFY RISKPage 14
UNDERSTAND INTERNAL CONTROL
•Control environment
•Risk assessment
• Information and communications- IT Environment
- IT General Controls
•Monitoring
Pro
fessio
nal
Jud
gem
en
tPotential RMMs
2222
UNDERSTAND INTERNAL CONTROL
• Visits to the client's premises
• Discussions with management and staff
• Interviews with management’s expert
• Inspection of minutes
• Review of internal audit reports
• Observation
Page 15IDENTIFY RISK 222
2
IDENTIFY RISKPage 16
UNDERSTAND INTERNAL CONTROL
• Corroborating inquiries of others within the entity
• Observing the application of specific controls
• Inspecting documents
• Reviewing reports
2222
UNDERSTAND THE INFORMATION SYSTEM
• Document information systems in use by the entity for financial reporting
• Determines if the system is ‘complex’ or not
• Obtain understanding of IS, including related business processes, relevant to financial reporting.
IDENTIFY RISKPage 17
2222
DOCUMENTATION
• ETD to susceptibility of entity’s F/S to material misstatement
• Key elements of understanding obtained – entity and control components
• Identified and assessed RMM – F/S & Assertion Level
• Risks identified and related controlsIDENTIFY RISKPage 18
2222
RESPONSES TO ASSESSED RISKS
• Audit Procedures responsive to the Assessed RMM @ F/S Level & @ Assertion Level
• Adequacy of Presentation and Disclosure
• Evaluate Sufficiency and Appropriateness of Audit Evidence
• Documentation
Page 20
DESIGN AUDIT RESPONSE 2222
• Design tests of controls - Expectation that controls are operating effectively
- Substantive procedures alone not provide enough assurance
• Timing of Tests
• Evidence obtained at interim and previous audits
• Test controls over significant risks
Page 21DESIGN AUDIT RESPONSE
TESTS OF CONTROLS
2222
SUBSTANTIVE PROCEDURES
• External confirmations?
• SAP – F/S Closure Process- F/s to underlying records
- J/entries, Other adjustments
• SAPs specifically responsive to significant risk @ assertion level
• Timing of SAPs
Page 22DESIGN AUDIT RESPONSE 222
2
RECAP – AUDIT RESPONSE
• Our audit strategy and tests should be responsive to our risk assessment and tailored to reflect the facts and circumstances of the engagement
• Audit strategy is determined by judgement and a mix of ToCs, SAPs and/or OSPs
• Document - responses to address risks-Nature, timing & extent of procedures
- results of procedures
- Effectiveness of controls
- F/S procedures
Page 25DESIGN AUDIT RESPONSE 222
2