200 series: General principles and responsibilities
ISA 200 Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing
Objectives of the auditor [11]:
- To obtain reasonable assurance whether financial statements as a whole are free from material misstatement, whether due to fraud or error.
- To express an opinion on whether the financial statements are prepared, in all material respects, in accordance with a relevant financial reporting framework.
- To report on the financial statements, and communicate as required, in accordance with the auditor’s findings.
Responsibilities of management [A2]:
- Preparation of the financial statements in accordance with the applicable financial reporting framework, including their fair presentation.
- Internal control necessary to enable preparation of financial statements that are free from material misstatement, whether due to fraud or error.
- To provide the auditor with:
– Access to all information relevant to the preparation of the financial statements
– Unrestricted access to persons from within the entity whom the auditor determines it necessary to obtain evidence.
Risk:
- Audit: risk of issuing an inappropriate opinion. [13c]
- Inherent: susceptibility of an assertion about a class of transaction (e.g. revenue) or account balance (e.g. receivables) to material misstatement before the consideration of any related internal controls. [13ni]
- Control: risk that material misstatement not detected by entity’s internal control. [13nii]
- Detection: risk that audit procedures do not detect material misstatements. [13e]
An auditor must perform the audit with professional scepticism: an attitude that includes a questioning mind; being alert to conditions which indicate possible misstatement due to error or fraud, and a critical assessment of audit evidence. [13l]
Inherent limitations of audit [A47]:
Audit evidence is persuasive rather than conclusive because of:
- The nature of financial reporting
- The nature of audit procedures
- The need to conduct audit a within reasonable time and at reasonable cost.
ISA 210 Agreeing the Terms of Audit Engagements
The auditor should accept or renew an engagement only if the preconditions for an audit are present [6]:
- An appropriate financial reporting framework is to be applied in the preparation of the financial statements; and
- Management’s acknowledgement and understanding of its responsibilities.
Contents of engagement letter [10]:
- The objective and scope of the audit.
- The responsibilities of the auditor.
- The responsibilities of management.
- The identification of an applicable financial reporting framework.
- Reference to the expected form and content of any reports to be issued.
ISA 220 Quality Control for an Audit of Financial Statements The firm should have a system of quality control to ensure [2]:
- Compliance with professional standards, and
- Reports issued are appropriate in the circumstances.
The engagement partner takes overall responsibility for the overall quality of the engagement including the direction, supervision and performance of the engagement. [8 & 15]
An engagement quality control reviewer must be assigned for listed entities and high risk engagements focusing on significant matters and areas involving significant judgment. [19]
The firm’s quality control processes must be monitored to ensure they are relevant, adequate and operating effectively. [23]
ISA 230 Audit Documentation
Objective of documentation [2]:
- Sufficient appropriate record of basis for independent auditor’s report
- Evidence that audit planned and performed in accordance with ISAs and legal/regulatory requirements.
Content should enable an experienced independent auditor to understand [8]:
- Nature, timing & extent of audit procedures:
– Specific items tested.
– Who performed work and when.
– Who reviewed work and when.
- Results of audit procedures.
- Significant conclusions and professional judgments.
ISA 240 The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements
Objectives of the auditor [10]:
- Identify risks of material misstatement in FS due to fraud.
- Obtain sufficient appropriate evidence regarding assessed risks.
- Respond appropriately to fraud or suspected fraud identified.
Definition [11a]: An intentional act involving use of deception to obtain unjust/illegal advantage.
Two types of fraud [3]:
- Fraudulent financial reporting.
- Misappropriation of assets.
Audit procedures must be performed to identify [32]:
- Appropriateness of journal entries.
- Review of accounting estimates.
- Identify significant transactions outside normal course of business.
ISA 250 Consideration of Laws and Regulations in an Audit of Financial Statements
Auditor’s objectives [11]:
- Obtain sufficient appropriate evidence regarding compliance with provisions of laws/regulations that may materially affect FS.
- Perform audit procedures to identify instances of non-compliance that may materially affect FS.
- Respond appropriately to non-compliance identified during the audit.
ISA 260 Communication With Those Charged With Governance Those charged with governance [10a]:
- Those with responsibility for overseeing the strategic direction of the entity.
- Auditor’s responsibility in relation to the FS audit [14]
- Planned scope and timing of audit [15]
- Significant findings from audit [16]
- Auditor’s independence (listed companies). [17]
ISA 265 Communicating Deficiencies in Internal Control to Those Charged With Governance and Management
Reporting responsibilities:
- Significant deficiencies, to those charged with governance [9]
- Other deficiencies, to an appropriate level of management. [10] What makes deficiencies significant [A6]:
- Likelihood of material misstatement in FS.
- Susceptibility to loss/fraud of related asset.
- Volume of activity in related account balance.
- Interaction of deficiency with other deficiencies.
300 & 400 series: Assessment and response to assessed risks ISA 300 Planning an Audit of Financial Statements Benefits of planning [2]:
- Help auditor to devote appropriate attention to important areas of audit.
- Help identify and resolve issues on a timely basis.
- Assist in selection of suitable audit team.
- Help direction and supervision of audit team.
Content of audit strategy [8]:
- Characteristics of the engagement
- Reporting objectives (e.g. reporting timetable)
- Factors significant in directing the team’s efforts
- Results of preliminary engagement activities
- Nature/timing/extent of resources.
Content of audit plan [9]:
- Risk assessment procedures.
- Nature, timing and extent of planned further audit procedures.
ISA 315 Identifying and Assessing the Risks of Material
Misstatement Through Understanding the Entity and its
Environment
Required understanding of entity and environment [11]:
- Industry/regulatory factors affecting FS
- Nature of entity:
– operations
– ownership and governance
– financing.
- Accounting policies
- Objectives and strategy
- Review of financial performance.
Components of internal control:
- Control environment [14]
- Entity’s risk assessment process [15]
- Information system relevant to financial reporting [18]
- Control activities [20]
- [22]
Financial statement assertions [A129]:
- Account balances and related disclosures: Completeness; rights and obligations; accuracy, valuation & allocation; existence; classification; presentation.
- Transactions and events and related disclosures: Occurrence; completeness; accuracy; cut-off; classification; presentation.
ISA 320 Materiality in Planning and Performing an Audit
Materiality: Misstatements, including omissions, are considered to be material if they, individually or in the aggregate, could reasonably be expected to influence the economic decisions of users taken on the basis of the financial statements. [2]
Performance materiality: an amount set at less than materiality for the FS as a whole, to reduce to an appropriately low level the probability that the FS as a whole are materially misstated. [9]
ISA 330 The Auditor’s Responses to Assessed Risks
The auditor shall design and perform audit procedures whose nature, timing and extent are based on and are responsive to the assessed risks of material misstatement. [6]
Test of controls: to evaluate operating effectiveness of controls in preventing, or detecting and correcting material misstatements at the assertion level. [4b]
Substantive procedures: to detect material misstatements at assertion level, comprising tests of details and analytical procedures. [4a]
ISA 402 Audit Considerations Relating to an Entity Using a Service Organisation
The auditor of the user entity must obtain an understanding of the services provided by the service organisation and their effect on the user entity’s internal control relevant to audit, sufficient to identify and assess the risks of material misstatement and perform audit procedures responsive to those risks. [7]
An understanding may be obtained by [12]:
- Obtaining a type 1 or type 2 report
- Contacting the service organisation
- Visiting the service organisation and performing tests of controls
- Using another auditor to perform procedures and provide information about the relevant controls.
ISA 450 Evaluation of Misstatements Identified During the Audit
A misstatement is: A difference between the amount, classification, presentation, or disclosure of a reported financial statement item and the amount, classification, presentation, or disclosure that is required for the item to be in accordance with the applicable financial reporting framework. Misstatements can arise from error or fraud. [4a]
Requirements:
- Accumulate identified misstatements. [5]
- Determine whether audit strategy needs to be revised. [6]
- Communicate misstatements to appropriate level of management on a timely basis. [8]
- Evaluate effect of uncorrected misstatements on FS. [10]
- Request written representation that uncorrected misstatements are not material. [14]
500 series: Evidence ISA 500 Audit Evidence Characteristics:
- Sufficiency: quantity, linked to quality and to risk of material misstatement. [5e]
- Appropriateness: quality, linked to relevance and reliability. [5b] Relevance: linked to FS assertions. [A27]
Reliability [A31]:
- Independent better than internal.
- Auditor generated better than indirectly obtained.
- Documentary better than oral.
- Originals better than photocopies.
Procedures:
- Inspection [A14]
- Observation [A17]
- External confirmation [A18]
- Recalculation [A19]
- Re-performance [A20]
- Analytical procedures [A21]
- [A22]
ISA 501 Audit Evidence – Specific Considerations for Selected Items The auditor should obtain sufficient appropriate evidence regarding [3]:
- Existence and condition of inventory.
- Completeness of litigation and claims involving the entity.
- Presentation and disclosure of segment information.
ISA 505 External Confirmations
External confirmations provide more persuasive evidence as the evidence is obtained directly by the auditor from an independent source. This is important where there is a higher assessment of audit risk. [3]
Definitions:
External confirmation – audit evidence obtained by the auditor directly from a third party in paper form or by electronic or other medium. [6a]
Positive confirmation request – a request for the third party to confirm whether they agree or disagree with the information in the request, or provide the requested information. [6b]
Negative confirmation request – a request for the third party to respond directly to the auditor only if they disagree with the information provided in the request. [6c]
ISA 520 Analytical Procedures Definition [4]:
- Evaluation of financial information.
- By analysing plausible relationships.
- Among financial and non-financial data.
May be used as a substantive procedure to assess the reasonableness of the balance in the FS. [5]
Must be used at the completion stage to ensure the financial statements are consistent with the auditor’s understanding. [6]
ISA 530 Audit Sampling Definitions:
- Audit sampling: The application of audit procedures to less than 100% of population to provide auditor with reasonable basis to draw conclusions on entire population. [5a]
- Sampling risk: The risk the auditor’s conclusion based on the sample is different from the conclusion if the entire population were subjected to the same audit procedure. [5c]
- Non-sampling risk: The risk the auditor reaches an erroneous conclusion for any reason not related to sampling risk. [5d]
- Statistical sampling: random sampling plus use of probability theory to evaluate results. [5g]
- Tolerable misstatement: A monetary amount set by the auditor in respect of which the auditor seeks to obtain an appropriate level of assurance that the monetary amount set by the auditor is not exceeded by the actual misstatement in the population. [5i]
Factors increasing sample size [Appendix 2]:
- Increase in risk of material misstatement.
- Increase in tolerable misstatement.
- Increase in expected misstatement.
ISA 540 Auditing Accounting Estimates, Including Fair Value Accounting Estimates and Related Disclosures
Audit approach:
- Review events after the reporting period [13a]
- Test management’s estimate:
– Appropriateness of method [13bi]
– Reasonableness of assumptions [13bii]
- Test the effectiveness of controls over the estimate [13c]
- Develop an independent estimate [13d]
- Obtain evidence from an expert. [14]
ISA 560 Subsequent Events
Obtain sufficient appropriate evidence about whether events occurring between the date of the financial statements and the date of the auditor’s report that require adjustment of or disclosure in the financial statements are appropriately reflected in those financial statements. [4]
ISA 570 Going Concern
Auditor must [9]:
- Obtain sufficient appropriate evidence regarding the appropriateness of management’s use of the going concern basis of accounting.
- Conclude on whether a material uncertainty exists about the entity’s ability to continue as a going concern.
- Report in accordance with ISA 570.
ISA 580 Written Representations Contents [6]:
- Management responsibility for preparation of FS.
- Auditor provided with all relevant information.
- All transactions recorded in FS.
- Plans that may affect the carrying value of the assets.
- As required by other ISAs e.g. ISA 240, 250, 450, 560, 570, 580.
600 series: Using the work of others
ISA 610 Using the Work of Internal Auditors
Evaluating the internal audit function [15]:
- The extent to which the internal audit function’s organisational status and relevant policies and procedures support the objectivity of the internal auditors)
- The competence of the internal audit function
- Whether the internal audit function applies a systematic and disciplined approach, including quality control.
Evaluating the internal audit work [23]:
- The work was properly planned, performed, supervised, reviewed and documented
- Sufficient appropriate evidence has been obtained
- The conclusions reached are appropriate in the circumstances
- The reports prepared are consistent with the work performed.
Using internal audit to provide direct assistance
The external auditor may use the internal audit function to provide direct assistance with the external audit under the supervision and review of the external auditor.
- Direct assistance cannot be provided in countries where national law prohibits such assistance [26]
- Internal auditor must be objective and competent [27]
- External auditor must not assign work which is judgmental, a high risk of material misstatement or which the internal auditor has been involved with [30]
- External auditor must not use the internal auditor excessively [31]
- Management must agree not to intervene with the work [33a]
- Internal auditor must observe confidentiality. [33b]
ISA 620 Using the Work of an Auditor’s Expert
The auditor must evaluate whether the expert has the necessary competence, capability and objectivity for the purpose of the audit. [9]
The auditor must assess the expert’s work [12]:
- The consistency of the findings with other evidence
- The significant assumptions made
- The use and accuracy of source data.
700 series: Audit conclusions and reporting
ISA 700 (Revised) Forming an Opinion and Reporting on Financial
Statements
Content of an independent auditor’s report [20 – 49]:
- Title:
– reference to independent auditor
- Addressee:
– shareholders/members
- Audit Opinion:
– FS prepared in accordance with the applicable FR framework
– FS give true and fair view
- Basis for Opinion:
– Audit conducted in accordance with ISAs and ethical requirements
- Going concern
– Reference to any going concern disclosures made by management
- Key Audit Matters
– Significant matters to be drawn to the user’s attention
- Responsibilities of Management:
– Preparation of FS
– Internal controls
- Auditor responsibilities:
– To express an opinion on the FS
- Name of engagement partner
- Signature
- Location of auditor’s office
- Date
ISA 701 Communicating Key Audit Matters in the Independent Auditor’s Report
Key audit matters are those that in the auditor’s professional judgment were of most significance in the audit and are selected from matters communicated to those charged with governance. [8]
The purpose of including these matters is to assist users in understanding the entity, and to provide a basis for the users to engage with management and those charged with governance about matters relating to the entity and the financial statements. [2 & 3]
ISA 705 Modifications to the Audit Opinion in the Independent Auditor’s Report
Definitions:
- Modified: qualified, adverse or disclaimer [5b]
- Pervasive: not confined to specific elements or representing a substantial proportion of a single element [5a]
Modifications [6]:
- FS as a whole not free from material misstatement
– Material: qualified [7a]
– Pervasive: adverse [8]
- Unable to obtain sufficient appropriate evidence
– Material: qualified [7b]
– Pervasive: disclaimer [9]
ISA 706 Emphasis of Matter Paragraphs and Other Matter Paragraphs in the Independent Auditor’s Report
Emphasis of matter: refers to matters fundamental to the user’s understanding of the FS. Can only be used to highlight a matter already disclosed in the FS. [7a]
Other matter: refers to matters relevant to the audit, the auditor’s report or the auditor’s responsibilities. [7b]
ISA 720 The Auditor’s Responsibilities Relating to Other Information in Documents Containing Audited Financial Statements
Responsibilities:
- Read other information to identify material inconsistencies with the FS. [3]
- If inconsistencies identified:
– Consider whether it is the financial statements or the other information that requires amendment. [16]
– If other information is wrong, propose adjustment. [17]
– If matter remains uncorrected, describe the inconsistency in the Other Information section of the auditor’s report. [18a]