Chapter 9

Download as pdf or txt
Download as pdf or txt
You are on page 1of 44

Chapter 9– Auditor’s

Response to Assessed
Risk Rick Hayes, Hans Gortemaker and
Philip Wallage
1. Introduction
Let’s start with the first set of slides
2
“ The objective of the auditor is to obtain
sufficient appropriate audit evidence
regarding the assessed risks of material
misstatement, through designing and
implementing appropriate response to
those risks

3
1. Audit procedures responsive to the assessed risks of
material misstatement

The auditor must design and perform further audit


procedures whose nature, timing and extent are based
on, and are responsive to, the assessed risks.

4
1. Nature, Timing and Extent

□ The nature of an audit procedure: refers to its purpose


(that is, test of controls or substantive procedure) and its type
(that is, inspection, observation, inquiry, confirmation,
recalculation, re-performance or analytical procedure).
□ Timing of an audit procedure: refers to when it is
performed, or the period or date to which the audit evidence
applies.
□ Extent of an audit procedure: refers to the quantity to be
performed, for example, a sample size or the number of
observations of a control activity.

5
1. Overall responses to address the assessed risks of material
misstatement include

• Emphasising to the engagement team the need to maintain


professional skepticism.
• Assigning more experienced staff or those with special skills or using
experts.
• Providing more supervision.
• Incorporating additional elements of unpredictability in audit
procedures.
• Making general changes to the nature, timing
or extent of audit procedures.

6
1. Reasons for Risk Assessment

When auditor designs audit procedures to be performed, the auditor


should consider the reasons for the assessment, including: likelihood of
material misstatemnet due to inherent risk and whether the risk
assessment takes account of relevant control (control risk), thereby
obtaining audit evidence to determine whether the control are operating
effectively.

7
1. Reasons for Risk Assessment

8
1. Reasons for Risk Assessment

The auditor may respond to an ineffective control environment by:


• Conducting more audit procedures as of the period end rather than
at an interim date.
• Obtaining more extensive audit evidence from substantive
procedures.
• Increasing the number of locations to be included in the audit
scope.

9
1. Persuasive evidence

□ The higher the auditor’s assessment of risk,


the more persuasive audit evidence she needs.
□ When obtaining more persuasive audit evidence because of a
higher assessment of risk, the auditor may increase the quantity of
the evidence, or obtain evidence that is more relevant or reliable.

10
1. Documentation requirement

The auditor must include in the audit documentation


- the overall responses to address the assessed risks of material
misstatement and
- the nature, timing and extent of the further audit procedures
performed.
- the linkage of those procedures with the assessed risks at the
assertion level;
- and the results of the audit procedures, including the conclusions.

11
2. The Basis of Evidence
Let’s start with the first set of slides
12
2. Evidence

□ Evidence is anything that can make a person believe that a


fact, proposition or assertion is true or false.
□ Audit evidence is information used by the auditor in
arriving at the conclusions on which the auditor’s opinion
is based.
(ISA 500)
■ It includes the accounting records and other
information underlying the financial statements.

13
2. Audit evidence is different from the legal evidence

• In a civil lawsuit, evidence must be strong enough to


incline a person to believe one side or the other.
• In a criminal case evidence must establish proof of a crime
beyond a reasonable doubt.
• Audit evidence provides only reasonable assurance.

14
2. Electronic Evidence

Some of the entity’s accounting data and other information


(communication links between entity and suppliers to transact
business electronically) may be available only in electronic
form.
This nature of accounting documentation usually requires that
the auditor use CAAT.

15
3. Financial Statement Assertions
Let’s start with the first set of slides
16
3. Financial Statement Assertions

Assertions are representations by management, explicit or


otherwise, that are embodied in the financial statements, as
used by the auditor to consider the different types of potential
misstatements that may occur. => criteria to make financial
statement used by management = criteria used by auditor

17
3. Financial Statement Assertions

Auditor assess risk of potential misstatement


based on these assertions and design audit
procedures to discover sufficient appropriate
evidence.

18
3. Management Assertions

Management makes assertions that can be grouped into three


groups:
1) Assertions about classes of transactions and events for the
period under audit
2) Assertions about account balances at the period end
3) Assertions about presentation and disclosure.

19
3. Management Assertions

Illustration 9.2 Financial Statement Assertions Grouped by Substantive Test Areas


20
3. Assertions about classes of transactions and events for
the period under audit (from Chapter 1)
Occurrence Transactions and events that have been
recorded have occurred and pertain to the
entity.
Completeness All transactions and events that should have
been recorded have been recorded.
Accuracy Amounts and other data relating to recorded
transactions and events have been recorded
appropriately.
Cut-off Transactions and events have been recorded
in the correct accounting period.

Classification Transactions and events have been recorded


in the proper accounts.

21
3. Assertions about account balances at the period end
(from Chapter 1)

Existence Assets, liabilities and equity interests


exist
Rights and The entity holds or controls the rights to
obligations assets and liabilities are the obligations
of the entity.
Completeness All assets, liabilities and equity interests
that should have been recorded have
been recorded.
Valuation and Assets, liabilities and equity interests
allocation are included in the financial statements
at appropriate amounts and any
resulting valuation adjustments are
appropriately recorded.

22
3. Assertions about presentation and disclosure
(from Chapter 1)

Occurrence and Disclosed matters have occurred and


rights and pertain to the entity.
obligations
Completeness All disclosures that should have been
included in the financial statements
have been included.
Classification Financial information is appropriately
and presented and described, and
understandability disclosures are clearly expressed.
Accuracy and Financial and other information are
valuation disclosed fairly and at appropriate
amounts.

23
4. Test of Control
Let’s start with the first set of slides
24
4. Test of Control

Test of controls are audit procedures designed to evaluate the


operating effectiveness of controls in preventing, or detecting
and correcting, material misstatements at the assertion level.
The greater the reliance the auditor places on the
effectiveness of a control, the more persuasive the audit
evidence (for control effectiveness) the auditor must obtain. –
ISA 330.

25
4. Designing and performing test of controls

The auditor must design and perform tests of controls to


obtain sufficient appropriate audit evidence as to the
operating effectiveness of relevant controls if:
□ the auditor’s assessment of risks of material misstatement at the
assertion level includes an expectation that the controls are
operating effectively (the auditor will rely on the operating
effectiveness of controls in determining substantive
procedures); or
□ substantive procedures alone cannot provide sufficient
appropriate audit evidence at the assertion level., eg. When
entity conduct its business using IT and no other documentation
is maintained

26
4. Test of control vs test of design

The auditor may test the operating effectiveness of controls at the


same time as evaluating their design and implementation.
For example, the auditor’s risk assessment procedures may have
included inquiring about management’s use of budgets, observing
management’s comparison of monthly budgeted and actual expenses,
and inspecting reports about the variances between budgeted and
actual amounts. These audit procedures provide knowledge about
budgeting policies and whether they have been implemented, but may
also provide audit evidence about the effectiveness of the operation of
budgeting policies in preventing or detecting material misstatements in
the classification of expenses.

27
4. Using previous audit evidence

□ In certain circumstances, audit evidence obtained from previous


audits may provide audit evidence where the auditor may
perform audit procedures to establish its continuing relevance.
□ Changes may affect the relevance of the audit evidence obtained
in previous audits so there may no longer be a basis for
continued reliance.
■ A change that causes data to be accumulated or calculated
differently does affect it.
□ However, ISA 330 requires controls to be retested at least once in
every third year.

28
5. Substantive Procedures
Let’s start with the first set of slides
29
5. Substantive procedures

Defined
A substantive procedure is an audit procedure designed
to detect material misstatements at the assertion level.
Two types – (1) tests of details of classes of transactions,
account balances and disclosures and (2) substantive
analytical procedures.

30
5. Nature of substantive procedures

□ Tests of details of transactions are audit procedures


related to examining the processing of particular classes
of transactions through the accounting systems.
□ Tests of balances are substantive tests that provide either
reasonable assurance of the validity of a general ledger
balance or identifies a misstatement in the account.
□ Analytical procedures.

31
5. Tests of balances

• Tests of balances are used to examine the actual details


making up high turnover accounts such as cash, accounts
receivable, accounts payable, etc.

Why is tests of balances so important?


• Because the auditor’s ultimate objective is to express an
opinion on financial statements that are made up of
account balances.

32
5. Tests of balances (Cont’d)

In tests of balances the auditor is concerned with


overstatement or understatement of the line item in the
financial statement.
• Test makes use of the inherent properties of double-entry
accounting systems.
• From the auditor’s perspective, this means that
a test of one side of the transaction simultaneously tests
the other side of the transactions.

33
5. Interim testing using substantive procedures

• In some instances, primarily as a practical


matter, substantive procedures may be performed at an
interim date. Only using interim testing procedures will
increase the risk that misstatements existing at the period
end will not be detected.
• Performing audit procedures at an interim date may
assist the auditor in identifying and resolving issues at an
early stage of the audit.

34
5. Search for unrecorded liabilities

□ A substantive test usually performed on accounts payable is a


search for unrecorded liabilities. This test provides evidence as a
completeness and some evidence as to valuation.
□ To search for unrecorded liabilities, the auditor reviews
disbursements made by the client for a period after the balance
sheet date.
□ Due to pressure from vendors, most unrecorded accounts payable
are paid within a reasonable time after the balance sheet date. By
reviewing cash disbursements subsequent to the balance sheet
date, the auditor has a good idea of the potential population of
unrecorded accounts payable.

35
6. Sufficient Appropriate Audit
Evidence
Let’s start with the first set of slides
36
6. Sufficient appropriate audit evidence

□ The objective of the auditor is to design and perform audit


procedures in such a way as to enable the auditor to obtain
sufficient appropriate audit evidence to be able to draw
reasonable conclusions on which to base the auditor’s opinion.
– ISA 500
□ Reasonable assurance is obtained when the auditor has
obtained sufficient appropriate audit evidence to reduce
audit risk to an acceptably low level. – ISA 200

37
6. Sufficient appropriate audit evidence (Cont’d)

□ Sufficiency is the measure of the quantity of audit evidence.


□ Appropriateness is the measure of quality of audit evidence;
that is, its relevance and reliability its in providing support for
the conclusions on which the auditor’s opinion is based.

38
6. Sufficient appropriate audit evidence (Cont’d)

The auditor’s judgement as to what constitutes sufficient appropriate audit


evidence is influenced by:
• the significance of the potential misstatement and the likelihood of having a material
effect on the financial statements: the more material the item, the greater the sufficiency
and appropriateness of evidence;
• the effectiveness of management’s responses and controls to address the risks;
• results of audit procedures performed, including whether such audit procedures
identified specific instances of fraud or error;
• source and reliability of the available information;
• the experience gained during previous audits with respect to similar potential
misstatements;
• persuasiveness of the audit evidence;
• understanding of the entity and its environment, including its internal control.

39
6. Sufficient appropriate audit evidence (Cont’d)

40
Illustration 9.4 Sufficient Appropriate Audit Evidence
6. Relevant and Reliability

□ Relevance of evidence is the appropriateness (pertinence) of the


evidence to the audit objective being tested.
□ Reliability is the quality of information when it is free from material
error and bias and can be depended upon by users to represent
faithfully that which it either purports to represent or could reasonably
be expected to represent.

41
6. Reliability of audit evidence

While recognising that exceptions may exist, the following generalisations


about the reliability of audit evidence may be useful.
• Audit evidence is more reliable when it is obtained from independent sources
outside the entity.
• The effectiveness of the client’s internal control structure has a significant impact
on reliability of evidence.
• Audit evidence obtained directly by the auditor (e.g. observation, re-performance)
is more reliable than audit evidence obtained indirectly or by inference.
• Audit evidence is more reliable when it exists in documentary form, whether
paper, electronic, or other medium.
• Audit evidence provided by original documents is more reliable than audit
evidence provided by photocopies or facsimiles.

42
6. Persuasive evidence

 Unlike legal evidence, audit evidence does not have to be conclusive to


be useful. Ordinarily, the auditor finds it necessary to rely on audit
evidence that is persuasive rather than conclusive and will often seek
audit evidence from different sources or of a different nature to support
the same assertion.
 Not all the information available is examined. Conclusions can be
reached about controls, transactions, or the account balance by using a
sample of the available information that is analysed by statistical
sampling or judgement.

43
🍔 Any questions?

44

You might also like