9.401 Auditing Chapters 7 and 8 Audit Planning and Documentation Materiality and Risk
Audit Planning… • What? • Developing a general strategy and detailed approach for the expected nature, timing, and extent of the examination • Why? • Ensure GAAS is fulfilled • Keep costs reasonable • Avoid misunderstandings with client
Sufficient Appropriate Evidence in Auditing General audit procedures Sufficient appropriate evidence Management assertions and audit objectives Sufficiency of evidence: determined by materiality, acceptable audit risk, inherent risk and control risk… Appropriateness of evidence: determined by its relevance and reliability
Key Audit Planning Decisions • Materiality • Acceptable Audit Risk • Inherent risk, control risk and detection risk • Nature, timing and extent of audit evidence • What kind? • How much? • When?
Preliminary Assessment of Planning Materiality • How is materiality used? • In planning: • accounts or transactions that are “material” , or likely to contain “material misstatements” will require more and better evidence • In evidence evaluation and reporting decisions: • to decide if an error is material or not / if financial statements are materially misstated.
PROS: reduce inappropriate judgments more consistency greater awareness of audit limitations provide basis for discussions with client CONS: de-emphasize judgment possibility of misinterpretation or misapplication Quantitative Materiality Guidelines
Preliminary Assessment of Planning Materiality • AuG 7 contains quantitative guidelines for assessing materiality: • 5%-10% of NIBT* • .5%-1% of assets • .5%-5% of equity • .5%-1% of revenue • .5%-5% of gross profit • *NIBT is frequently adjusted for abnormal or X items, mgmt bonuses and related party transactions
Preliminary Assessment of Planning Materiality • Steps for assessing materiality: • Who are the users? What decisions will they make? What are their circumstances? • What base to use? Any adjustments necessary? • What % to apply to the base? • The materiality level chosen will then affect the extent of work that the auditor plans to do.
Preliminary Assessment of Planning Materiality • At end of audit, auditor will decide if the errors discovered in total result in a material misstatement of f/s. Consider: • Known errors (errors actually seen in sample) • Most likely errors (errors that most likely exist in population if it is exactly like the sample) • Possible errors (errors that could exist in population if it differs from the sample) In relation to materiality. See AuG7.
Preliminary Assessment of Planning Materiality • In addition to relative size, auditors must also consider other aspects when assessing if something is material: • Absolute Size • Nature of the Item or Issue • Circumstances • Cumulative Effects
Audit Risk Model • In addition to materiality, the auditor needs to consider RISK when determining the nature, timing and extent of work • Risk affects extent through the audit risk model: Acceptable Audit Risk = Inherent risk * Control risk * Detection risk • Auditors need to assess AAR, IR, and CR to calculate DR
Basic Goal of The Audit • To gather sufficient appropriate audit evidence • to reduce the risk to an acceptable level. • that the auditor fails to detect a material misstatement in the financial statements • To gather sufficient appropriate audit evidence • to provide reasonable assurance • that the financial statements do not contain a material misstatement
Assessment of Acceptable Audit Risk • Extent of user reliance on FS • Publicly traded company or private? • Significant creditors? • Size of company? • Special reliance on report? • Likelihood of fraud • Likelihood of financial difficulties after issuance of FS • Competence of management • Industry • Financial results, key ratios
Assessment of Acceptable Audit Risk • As risk of engagement increases, level of assurance to provide increases, so acceptable audit risk will decrease • as audit risk is reduced, more work must be done and fees will be higher. So, auditors usually can’t set audit risk too low or they will lose clients.
Appropriate Levels of Audit Risk • Auditors must perform sufficient audit procedures to reduce audit risk to an “appropriate level” • AuG 7 suggests that the highest limit should not exceed 5% • protects consumers of audit reports • protects the profession • protects the auditors • Typically the lowest achievable level of audit risk is 1%. Why do you think that is?
Components of Audit Risk • AR = Audit Risk = probability of material error in FS remaining undetected after the audit. This will occur if the following three events occur. • IR = inherent risk = probability of material error occurring in the first place. For a list of factors affecting see HB5135A. • CR = control risk = probability of control system failing to detect material error after it occurs. • DR = detection risk = probability that auditor fails to detect material error given that internal controls fail to detect the material.
Preliminary Assessment Of Audit Risks • Audit risk: determine acceptable level • Inherent risk: assess and justify • Control risk: assess and test if required • Detection risk: perform sufficient work to result in audit risk being reduced to desired level • AR = IR * CR * DR for each assertion for each f/s item
Factors affecting inherent risk • Nature of business, industry, products • economic conditions, regulations, technological changes, location • Nature of data processing systems • Management incentives and integrity • Related party transactions • Amounts involving estimates • Assets susceptible to misappropriation • Complex or non-routine transactions or those involving complex calculations • History
Importance of assertions • Audit programs are lists of procedures to recognize management assertions and produce related evidence • so, within each transaction cycle, the auditor gathers evidence regarding each assertion for each of the financial statement accounts. • For each assertion of each account, use audit risk model to determine detection risk (which determines amount of work
Preliminary Definitions of Key Concepts • Internal Controls related to f/s audit • the system of methods and procedures to help assure the accuracy of accounting records. • Compliance Tests • Tests of the internal control system. Used to justify a CR < 100% • Substantive Tests • Direct tests of transaction and balances to detect errors. There are two general types: • Analytical Review • Tests of Details (if detection risk is low, sample size increases)
The Audit Planning Steps • Preplan • Obtain Background Information • Client legal obligations • Preliminary Analytical Procedures • Set Materiality and elements of risk model • Understand IC and assess control risk • Develop overall audit plan and audit program
1: Preplanning • Client acceptance or continuance • Identify reasons for audit • Obtain engagement letter • Select staff for engagement
Purpose of client acceptance or continuance • Integrity of client • Availability/quality of audit evidence • Avoiding lawsuits, violating rules of P.C. • Financial health of client • Going concern • Avoiding lawsuits • Payment of fees • assessment of your ability to conduct audit • competence, resources,independence
Information for client selection and retention decision • Communication Between Predecessor and Successor Auditors • required by Rules of Professional Conduct • must obtain client consent to release predecessor from obligation of confidentiality. If client refuses (danger!!!!) communication is still required but information conveyed by predecessor will be limited.
Information for client selection and retention decision • Other sources of information: • financial information regarding client and industry • communication with bankers, lawyers and others who do business with client • Internet • Private investigations
Other Pre-engagement Activities: • Identify reasons for audit • Will affect nature, timing and extent of evidence • Engagement Letter • = the audit contract • reduces risk of misunderstanding, legal liability • May contain: • description of audit and other services • agreement about fee • other arrangements eg. Deadlines, work to be performed by client
Other Pre-engagement Activities: • Select staff for audit, need for specialists • If specialists are needed, must: • Evaluate objectivity • Ensure professional rules such as confidentiality are maintained • Review specialist’s work • Methods, data, assumptions, findings appear reasonable • Accounting data used is accurate
2. Obtain Background Information • Purpose: • Determining materiality levels and assessing risk model components • Understanding nature of IC • Nature and sources of audit evidence • Designing procedures • Assessing sufficient apppropriate audit evidence • Understanding substance of transactions • Understanding accounting principles of industry and assessing appropriateness • Evaluating overall f/s presentation
2. Obtain Background Information • Where to look: • Tour of plant • Visualize assets and operations • Identify problem areas, risks • Identify related parties
3. Information about client legal obligations • Purpose: • Understand client operations • Commitments and contingencies requiring disclosure • Corporate form • Need for audit • Taxation issues • F/S disclosure • Risks to stakeholders, use of f/s
3. Information about client legal obligations • What to look for: • Contracts • Minutes of meetings • Articles of incorporation and corporate by-laws
3. Performing Preliminary Analytical Procedures • Purpose: • Required by GAAS • Understanding client’s industry and business • Assess going concern • Indicating possible misstatements, (areas of high inherent risk) • Reducing substantive tests in some instances
Working Papers • Used throughout audit to document work done • Purpose: • Required by GAAS • Basis for planning audit • Record evidence accumulated, results of tests and conclusions • Data for determining proper type of report • Basis for review by managers and partners
Working Papers • Characteristics of typical working paper: • Properly identified: company, period, description of contents, initials of preparer, date of preparation, and index code • Indexed and cross referenced • Statement of work performed (often by written statement and/or tick marks) to ensure goals were fulfilled • Results and conclusion reached