8 – Audit Planning, Risk Assessment & Documentation

Contents

• Audit Planning

– Overall Audit Strategy

– Audit Plan

• Risk Assessment

• Documentation

Audit planning

• Audit Planning is the et of predefined processes and procedures that must take place to ensure successful and timely completion off the audit.

• It involves development of:

1. Overall Audit Strategy• Sets the scope, timing and

direction of the audit, and guides the development of the more detailed audit plan.

2. Audit Plan• Sets the nature, timing and

extent of audit procedures necessary to obtain sufficient appropriate audit evidence.

Benefits of Planning

• Appropriate attention to important areas,• Timely identify and resolve problems, • Organize and manage the audit, • Select appropriate teams, • Facilitate direction, supervision and review, • Coordination with experts and other auditors

How much time to spend?

• Nature and extent of planning depends on:– Size and complexity of the audit– Auditor’s previous experience– Changes in circumstances

• Planning often begins shortly after the completion of the previous audit and continues until completion of current year audit.

Things to Do in Planning!• Understanding the entity and its environment including internal

controls

• Auditor’s risk assessment procedures

• Materiality definition

• Setting scope, timing and direction of the audit including:– Assess the need for specialist.

– Assess the possibility of illegal acts and fraud risk.

– Identify related parties.

– Conduct preliminary analytical procedures.

• Document Audit Strategy and

• Plan and Prepare Audit Programs

Understanding the Entity & its Environment

• Nature of business and entity’s operations

• Studying the environmental factors (LePEST)

• Accounting and internal control system

• Financial performance of the entity

• Market and competitors

Entity’s Business Risk

• Risk associated with the entity's survival and

profitability

• But yet, entity's business risk has not been formally

recognized in a statement on auditing standards

• However, the auditor’s risk assessment virtually starts

from identification of entity’s business risk

Audit Risk • The risk that the auditor expresses an

inappropriate audit opinion when the financial statements are materially misstated.

• Audit risk is a function of: – the risk of material misstatement

• Inherent risk• Control risk

– The risk that material misstatement may not be detected• Sampling risk• Non-sampling risk

Components of Audit Risk Detection

Risk

1

2

3

4

Using the Audit Risk Model

AR= IR × CR × DR

Assess the client’s business risks.

Auditee risk

Assess the risk of materialmisstatement

due to error or fraud.

APs couldn’t detect the

error or fraud

Auditor risk

Environment

The entity The Auditor

Audit Risk Equation & Its Application

AR = IR × CR × DR

DR = ARIR × CR

Set a planned level of audit risk such that an appropriate opinion can be issued on the financial statements.

Assess inherent risk and control risk.

Use the audit risk equation to solve for the appropriate level of detection risk:

Materiality

The magnitude of an omission or misstatement of accounting information that makes it probable

that the judgment of a reasonable person relying on the information would be changed or

influenced by the omission or misstatement.

The concept of materiality is applied by the auditor in: •Planning •Performing •Evaluating the effect of identified misstatements •Forming the opinion in the auditor’s report

Other Matters

• Assess the need for specialist.

• Assess the possibility of illegal acts.

• Identify related parties.

• Conduct preliminary analytical procedures.

• Document Audit Strategy and

• Plan and Prepare Audit Programs

Overall Audit Strategy• Establishment of overall audit strategy includes:

– Determine characteristic of engagement that define its scope i.e. financial reporting framework, industry specific reporting, location of components of the entity

– Ascertaining the reporting objectives to plan the timing of audit and nature of communication (such as reporting deadlines)

– Considering the important factor that will determine the focus of team’s effort (such as materiality, high risk areas)

– Evaluation of whether to obtain evidence regarding effectiveness of controls

• Although overall audit strategy is established before developing the detailed audit plan, the two planning activities are not necessarily discrete or sequential process but are closely inter-related.

Audit Plan• Audit plan includes:– Description of nature, timing and extent of risk

assessment procedures– Description of nature, timing and extent of audit

procedures at assertion level– Other audit procedures to be carried out (e.g.

communication with entity’s lawyers)• Planning for these audit procedures takes place

over the course of the audit as the audit plan for the engagement develops e.g. planning the further audit procedures depends on the outcome of risk assessment procedures.

Documentation Auditor should document:

• Overall audit strategy– Key decisions considered necessary to properly plan for – Communication of significant matter to the team

• Audit plan– Risk assessment procedures– Further audit procedures

• Significant changes during engagement– Reasons for such changes and – Auditor’s response thereon.

Thank You !

!