270 likes | 702 Views
Planning the Audit/Assessing Risks and Response to Risks. Presented by s Mrs Marie Louise Teng Hing Voon, FCA Partner BDO Mauritius Member of Audit Practice Review Panel at the Financial Reporting Council. 2222.
E N D
Planning the Audit/Assessing Risks and Response to Risks Presented by s Mrs Marie LouiseTeng Hing Voon, FCA Partner BDO Mauritius Member of Audit Practice Review Panel at the Financial Reporting Council 2222
Planning - ISA 300Assessing Risks - ISA 315Responses to Risks - ISA 330 2222
PLANNING Overall audit strategy & develop an audit plan 1.Involvement of Key Team Members 3. Planning Activities 2.Preliminary Engagement Activities 4. Documentation 5. Considerations - Initial engagements 2222 WELCOME AND INTRODUCTION Page 3
3. Planning Activities 1. Engagement Team Discussion 2.Perform Continuance Procedures – ISA 220 3.1 Develop Audit Plan • 3.0 Establish audit strategy • Scope • Reporting objectives • Results of preliminary activities • - Resources Ethical requirements compliance - Nature, timing and extent of risk assessment procedures (ISA 315) Understanding terms of engagement Further procedures – Assertion level ( ISA 330) 2222
APPROACH Identify and assess risk • Risk Assessment Procedures • Understand the entity and its environment, including internal control • Identify & Assess Risks of Material Mistatements 2222 IDENTIFY RISK
Audit risk Inherent risk Control risk Detection risk AUDIT RISK MODEL Risk of material misstatement 2222 IDENTIFY RISK IDENTIFY RISK Page 7
Inherent risk Control risk Detection risk THE AUDIT RISK MODEL Understand the business Understand and assess controls Our response 222
RISK TERMINOLOGY Identify Potential RMM Assertion level Engagement level Significant Significant RMM Audit Response Significant RMM RMM RMM Normal Audit Response Assess RMM Level Respond Financial statement level responses / actions 222 IDENTIFY RISK
Engagement level AND ASSERTION LEVEL RISKS • Engagement level • Pervasively to F/S as a whole • Not confined to specific elements, accounts or items of F/S • Make us to change our overall behaviours and testing strategy relating to the audit as a whole • Assertion level • Relate to classes of transactions, account balances or disclosures 2222 IDENTIFY RISK
RISK ASSESSMENT PROCEDURES Basis for identification and assessment of risks Shall include: Inquiries from management and others Analytical Procedures Observation and Inspection 2222 IDENTIFY RISK IDENTIFY RISK Page 11
Professional Judgement PotentialRMMs? UNDERSTAND THE ENTITY • Industry factors • Regulatory factors • Other external factors • Business operations • Investing activities • Financing activities • Financial reporting • Fraud 2222 IDENTIFY RISK
COMPONENTS OF INTERNAL CONTROL Control Environment Monitoring Internal Control Risk Assessment Control Activities Information & Communications 2222 IDENTIFY RISK Page 13
Professional Judgement UNDERSTAND INTERNAL CONTROL • Control environment • Risk assessment • Information and communications • IT Environment • IT General Controls • Monitoring PotentialRMMs 2222 IDENTIFY RISK
UNDERSTAND INTERNAL CONTROL • Visits to the client's premises • Discussions with management and staff • Interviews with management’s expert • Inspection of minutes • Review of internal audit reports • Observation 2222 IDENTIFY RISK
UNDERSTAND INTERNAL CONTROL • Corroborating inquiries of others within the entity • Observing the application of specific controls • Inspecting documents • Reviewing reports 2222 IDENTIFY RISK
UNDERSTAND THE INFORMATION SYSTEM • Document information systems in use by the entity for financial reporting • Determines if the system is ‘complex’ or not • Obtain understanding of IS, including related business processes, relevant to financial reporting. 2222 IDENTIFY RISK
DOCUMENTATION • ETD to susceptibility of entity’s F/S to material misstatement • Key elements of understanding obtained – entity and control components • Identified and assessed RMM – F/S & Assertion Level • Risks identified and related controls 2222 IDENTIFY RISK
RESPONSES TO ASSESSED RISKS • Audit Procedures responsive to the Assessed RMM @ F/S Level & @ Assertion Level • Adequacy of Presentation and Disclosure • Evaluate Sufficiency and Appropriateness of Audit Evidence • Documentation 2222 DESIGN AUDIT RESPONSE
TESTS OF CONTROLS • Design tests of controls • Expectation that controls are operating effectively • Substantive procedures alone not provide enough assurance • Timing of Tests • Evidence obtained at interim and previous audits • Test controls over significant risks 2222 DESIGN AUDIT RESPONSE
SUBSTANTIVE PROCEDURES • External confirmations? • SAP – F/S Closure Process • F/s to underlying records • J/entries, Other adjustments • SAPs specifically responsive to significant risk @ assertion level • Timing of SAPs 2222 DESIGN AUDIT RESPONSE
LEVELS OF SAP ASSURANCE 2222 DESIGN AUDIT RESPONSE
GENERAL FINANCIAL STATEMENT AREAS 2222 DESIGN AUDIT RESPONSE
RECAP – AUDIT RESPONSE • Our audit strategy and tests should be responsive to our risk assessment and tailored to reflect the facts and circumstances of the engagement • Audit strategy is determined by judgement and a mix of ToCs, SAPs and/or OSPs • Document - responses to address risks • -Nature, timing & extent of procedures • - results of procedures • - Effectiveness of controls • - F/S procedures 2222 DESIGN AUDIT RESPONSE