Audit Planning and Risk Assessment

[A] Pre-Engagement Acceptance Responsibilities

1) Preconditions for an Audit – Auditor to determine that management uses

  1. Acceptable financial reporting framework
  2. Understands its responsibility for the preparation and fair presentation of financial statements
  3. Understands its responsibility for the design, implementation and maintenance of internal control and
  4. Understands its responsibility to provide access to all information

2) Client Acceptance
It is continuous evaluation of existing clients and evaluation of new clients

  1. Successor Auditor is responsible for initiating the communication and is required to communicate with the predecessor auditor BEFORE accepting the engagement
  2. Successor auditor to consider the implications in event of client’s refusal to grant permission or predecessor auditor’s failure to respond fully
  3. Establish an understanding with the client regarding services to be performed

3) Engagement Letter –
Engagement Letter to include audit scope, limitations, expectations, fees and responsibilities of  management for services

[B] Planning an Audit

Planning – Overall strategy for the audit (Size and complexity of the entity, Auditor’s experience and Auditor’s understanding and environment of the entity including internal control)

Audit Plan (Nature, timing and extent of procedures expected to reduce audit risk to an acceptably low level). Audit Plan includes a description of risk assessment procedures directed toward the risk of material misstatement. Risk assessment procedures are performed to obtain an understanding of the entity and its environment, including its internal control, to identify and assess the risks of material misstatements at the a) Financial statements as a whole and b) Relevant assertions

Supervision – 1) Directing the efforts of assistants  in accomplishing the objectives of the audit ; 2) Determine if the objectives were accomplished. – a) Instructions ; b) Informed of problems encountered ; c) Reviewing the work ; d) Resolving differences of opinion
Differences  of Opinion – a) Assistant to document his / her disagreement with the conclusion reached  b) Document the basis of final resolution

Internal Audit Plans – Internal auditor’s work is more comprehensive. They are more detailed and cover areas that normally are not considered by the independent auditor

[C] Audit Risk and Materiality

[1] Audit Risk – Risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated
3 components of Audit Risk :
a) Inherent Risk – Susceptibility of an assertion to material misstatement in absence of related controls
b) Control Risk –
Risk that internal control will not prevent or detect on a timely basis a material misstatement
c) Detection Risk –
 Auditor will not detect a material misstatement that exists. It is a function of audit effectiveness of an audit procedure and its application by the auditor.

[2] Materiality – Materiality is a matter of professional judgement about whether misstatements could reasonable influence the economic decisions of users as group.
Materiality – Planning Purpose :
1. Financial Statement level as a whole
2. Particular account balances, classes of transactions or disclosures
3. Performance Materiality
Audit Risk and Materiality have an Inverse Relationship


The risk of a large misstatement may be low, but the risk of a small misstatement may be high
Auditor is required to perform atleast one of the following:
a) Perform Effective Procedures
b) Perform Procedures nearer to year end
c) Increase the extent of certain procedures

[3] Evaluating Findings – Considers the individual and aggregate effects of misstatements. Likely misstatements not merely known misstatements.

[4] Documentation – Document a) Amount of Misstatement that are trivial ; b) All Misstatements accumulated ; c) Whether misstatements are corrected ; d) Basis of conclusion that the uncorrected misstatements are material

[D] Understanding the Entity and its Environment

1) Auditor to obtain a sufficient understanding of the entity and its environment including its internal control
2) Auditor need not acquire this understanding PRIOR to acceptance of the engagement
3) Knowledge may be obtained from a variety of sources :
a) Prior year working papers ; b) Inquiries of entity personnel ; c) Experience with the entity or its industry ; d) AICPA Accounting and Audit Guides, industry publication and periodicals etc.
4) Risk Assessment Procedures – a) Inquiries of management and others within the entity ; b) Analytical Procedures ; Observation and Inspection

[E] Analytical Procedures

1) Evaluation of financial information made by study of plausible relationship among both financial and non financial data
2) Significant differences between expectations and recorded amounts should be investigated and evaluated
3) Analytical Procedures are : 1) Required to be used as risk assessment procedures in PLANNING

4) PERMITTED but NOT REQUIRED to be applied as SUBSTANTIVE TESTS

5) REQUIRED to be used in the FINAL REVIEW STAGE of the audit

[F]  Risk Assessment Procedures
a) Improve the understanding of the client’s business and significant transactions and events since the last audit
b) Identify unusual transactions or events and amounts, ratios and trends that might indicate matters with audit planning implications
c) Auditor develops expectations of recorded balances from  a) Comparable prior periods ; b) Budgets or Forecasts ; c) Relationship among data ; d) Information from Client’s Industry ; e) Related non financial information
d) Analytical Procedures applied as Substantive Tests : a) The nature of assertion ; b) Plausibility and predictability of relationship ; c) Availability and reliability of data ; d) Precision of the expectations
e) Analytical Procedures used in Final Review Stage – a) Assess conclusions and overall financial statement presentation ; b) Read financial statement and notes – (i) Adequacy of Evidence in response to unusual balances identified in planning or conducting the audit ; (ii) Unusual or unexpected balances not previously identified

[G] Ratio Analysis – a) Unexpected changes in ratios ; b) Potential explanation of changes in ratio
1) Current Ratio = Current Assets / Current Liabilities
2) Quick (Acid Test Ratio) = (Current Assets – Inventory)/Current Liabilities
3) Receivables Turnover = Net Sales / Average Net Receivables
4) Day’s Sales in Receivables = 365, 360, 300 / Receivables Turnover
5) Inventory Turnover = Cost of Goods Sold / Average Inventory
6) Day’s Sales in Inventory = 365, 360, 300 / Inventory Turnover
7) Total Assets Turnover = Net Sales / Total Assets
8) Debt to Equity Ratio = Total Debt / Total Equity
9) Times Interest Earned = (Net Income + Int Exp + Income Tax) / Interest Expense
10) Cost of Goods Sold = Cost of Goods Sold / Net Sales
11) Gross Margin Percentage = (Net Sales – Cost of Goods Sold) / Net Sales
12) Net Operating Margin Percentage = Operating Income / Sales
13) Return on Equity = Net Income / Total Equity

[H] Consideration of Fraud in a Financial Statement

1) Management is responsible for programs and controls that prevent, deter and detect fraud
2) Management and oversight authorities must set the proper tone and maintain a culture of honesty
3) Auditor cannot obtain absolute assurance that material misstatements will be detected because of characteristics of fraud and limitations of audit evidence
4) Properly planned audit may NOT detect a material misstatement resulting from fraud because of : a) Concealment aspects of fraudulent activity ; b) Control overriding by Management; c) Altering accounting records or withholding evidence ; d) Professional Judgement in identification and evaluation of fraud risks
5) Fraud differs from Error because it is intentional – a) Fraud involves pressures or incentives to commit fraud, perceived opportunity to do so and capacity to rationalize
6) Types of Fraud – a) Fraudulent financial reporting (Intentional misstatements or omissions to deceive users) ; b) Misappropriation of Assets (Theft, embezzlement that causes Financial Statements to be materially misstated)
7) Professional Scepticism – Auditor to a) Critically assess evidence ; b) continually question whether fraud has occurred ; c) Not accept unpersuasive evidence solely because management is believed to be honest
8) Assessment of Risks –
9) Evaluation of Audit Test Results –
a) If discovered fraud is not material ; b) If discovered fraud is material or evaluation is impossible ; c) If the risk of fraud is significant.
10) Communication of Fraud – a) Inconsequential Fraud to appropriate level of management; b) Fraud involving senior management to those charged with governance

[I] Consideration of Laws and Regulations in an audit of financial statements

1) Noncompliance is a violation of laws or governmental regulations
2) Auditor to consider the laws and regulations that are having a direct and material effect on the financial statements
3) An audit provides NO assurance that they will be detected or that any contingent liabilities that may result will be disclosed
4) If the noncompliance a) has a material effect on the financial statements or b) The client does not take the remedial action , auditor express a Qualified or adverse opinion or withdraw from the engagement
5) Disclosure of possible noncompliance to outside parties is NOT the auditor’s responsibility
6) Auditor may need to disclose while : a) Complying with legal and regulatory requirements ; b) Communicating with successor auditor ; c) Responding to Subpoena ; d) Reporting to funding or other specified agency

If you have found this blog to be useful, you may share with your friends. Thanks!

Posted in Business & Finance and tagged , .