ISA 200

Issued January 2009;

Updated July 2022

International Standard on Auditing™

Overall Objective of the

Independent Auditor and the
Conduct of an Audit in
Accordance with International
Standards on Auditing
 INTERNATIONAL STANDARD ON AUDITING 200
OVERALL OBJE CTIVES OF THE INDEPENDENT AUDITOR AND THE CON-
DUCT OF AN AUDIT IN ACCORDANCE WITH INTERNATI ONAL STANDARDS
ON AUDITING

The Malaysian Institute of Accountants has approved this standard in July 2022 for
publication. This standard should be read in conjunction with the Preface to the
Malaysian Quality Control, Auditing, Review, Other Assurance and Related Ser-
vices Pronouncements; and the Malaysian Approved Preface to the International
Quality Cont rol, Auditing, Review, Other Assurance, and Related Services Pro-
nouncements; Glossary of Terms; and International Framework for Assurance
Engagements.

The status of International Standards on Auditing is set out in the Preface to the
Malaysian Quality Control, Auditing, Review, Other Assurance and Related Ser-
vices Pronouncements.

Applicability
International Standards on Auditing are to be applied in the audit of historical fi-
nancial information.

Notes and Exceptions

The Institute wishes to highlight that where reference is made in the Standard to
the Code of Ethics for Professional Accountants issued by the International Ethics
Standards Board for Accountants, it should be deemed as reference to the
By-Laws (on Professional Ethics, Conduct and Practice) of the M alaysian Institute
of Accountants.

Changes of substance from January 2009

1. Conforming amendments have been made to this Standard as a result of:
• ISA 610 (Revised), Using the Work of Internal Auditors and those
amendments are effective for audits of financial statements for periods
ending on or after 15 December 2013. The conforming amendments are
set out in ISA 610 (Revised) issued in September 2012.
• ISA 540 (Revised), Auditing Accounting Estimates and Relat ed Disclo-
sures and those amendments are effective for audits of financial state-
ments for periods beginning on or after 15 December 2019. The con-
forming amendments are set out in ISA 540 (Revised) issued in February
2019.
• The Revised IESBA Code.
2. Revision has been made to this Standard as a result of Addressing Disclo-
sures in the Audit of Financial Statements – Revised ISAs and Related Con-
forming Amendments and is effective for audits of financial statements for
periods ending on or after 15 Dec ember 2016. The changes are set out in
Addressing Disclosures in the Audit of Financial Statements issued in October
2015.
3. Changes made as appropriat e, for cross-referencing and other changes as
necessary.

Effective Date in Malaysia

This ISA is effective for audits of financial statements for periods beginning on or
after 1 January 2010.

Copy right © April 2021 by IFAC. All rights reserved. This publication may be
downloaded for personal and non-commercial use (i.e., professional reference or
research) or purchased from www.iaasb.org. Written permission is required to
translate, reproduce, store or transmit, or to make other similar us es of, this
document.
 INTERNATIONAL STANDARD ON AUDITING 200
OVERALL OBJECTIVES OF THE INDEPENDENT AUDITOR
AND THE CONDUCT OF AN AUDIT IN ACCORDANCE
WITH INTERNATIONAL STANDARDS ON AUDITING
(Effective for audits of financial statements for periods
beginning on or after December 15, 2009)

CONTENTS
Paragraph
Introduction
Scope of this ISA .............................................................................................. 1−2
An Audit of Financial Statements .................................................................. 3−9
Effective Date .................................................................................................... 10
Overall Objectives of the Auditor .............................................................. 11−12

Definitions ......................................................................................................... 13
Requirements
Ethical Requirements Relating to an Audit of Financial Statements ....... 14
Professional Skepticism ................................................................................... 15
Professional Judgment ..................................................................................... 16
Sufficient Appropriate Audit Evidence and Audit Risk ............................. 17
Conduct of an Audit in Accordance with ISAs ............................................ 18−24
Application and Other Explanatory Material
An Audit of Financial Statements .................................................................. A1−A13
Definitions .......................................................................................................... A14−A15
Ethical Requirements Relating to an Audit of Financial Statements ....... A16−A19
Professional Skepticism ................................................................................... A20−A24
Professional Judgment ..................................................................................... A25−A29
Sufficient Appropriate Audit Evidence and Audit Risk ............................. A30−A54
Conduct of an Audit in Accordance with ISAs ............................................ A55−A78
Introduction
Scope of this ISA
1. This International Standard on Auditing (ISA) deals with the independent auditor’s
overall responsibilities when conducting an audit of financial statements in
accordance with ISAs. Specifically, it sets out the overa ll objectives of the
independent auditor, and explains the nature and scope of an audit designed to
enable the independent auditor to meet those objectives. It also explains the scope,
authority and structure of the ISAs, and includes requirements establishin g the
general responsibilit ies of the independent auditor applicable in all audits, includin g
the obligation to comply with the ISAs. The independent auditor is referred to as
“the auditor” hereafter.
2. ISAs are written in the context of an audit of f inancial statements by an auditor.
They are to be adapted as necessary in the circumstances when applied to audits of
other historical financial information. ISAs do not address the responsibilities of the
auditor that may exist in legislation, regu lation or otherwise in connection with, for
example, the offering of securit ies to the public. Such responsibilit ies may differ
from those established in the ISAs. Accord ingly, wh ile the auditor may find aspects
of the ISAs helpful in such circumstances, it is the responsibility of the auditor to
ensure compliance with all relevant legal, regulatory or professional obligations.
An Audit of Financial Statements
3. The purpose of an audit is to enhance the degree of confidence of intended users in
the financial statements. This is achieved by the expression of an opinion by the
auditor on whether the financial statements are prepared, in all material respects, in
accordance with an applicable financial reporting framework. In the case of most
general purpose frameworks, that opinion is on whether the financial statements are
presented fairly, in all material respects, or give a true and fair view in accordance
with the framework. An audit conducted in accordance with ISAs and relevant
ethical requirements enables the auditor to form that opinion. (Ref: Para. A1)
4. The financial statements subject to audit are those of the entity, prepared by
management of the entity with oversight from those charged with governance. ISAs
do not impose responsibilities on management or those charged with governance and
do not override laws and regulations that govern their responsibilities. However, an
audit in accordance with ISAs is conducted on the premise that management and,
where appropriate, those charged with governance have acknowledged certain
responsibilities that are fundamental to the conduct of the audit. The audit of the
financial statements does not relieve management or those charged with governance
of their responsibilities. (Ref: Para. A2–A11)
5. As the basis for the auditor’s opinion, ISAs require the auditor to obtain reasonable
assurance about whether the financial statements as a whole are free from material
misstatement, whether due to fraud or error. Reasonable assurance is a high level of
assurance. It is obtained when the auditor has obtained sufficient appropriate audit
evidence to reduce audit risk (that is, the risk that the auditor expresses an
 inappropriate opinion when the financial statements are materially misstated) to an
acceptably low level. However, reasonable assurance is not an absolute level of
assurance, because there are inherent limitations of an audit which resu lt in most of
the audit evidence on which the auditor draws conclusions and bases the auditor’s
opinion being persuasive rather than conclusive. (Ref: Para. A30–A54)
6. The concept of materiality is applied by the auditor both in planning and performing
the audit, and in evaluating the effect of identified misstatements on the audit and of
uncorrected misstatements, if any, on the financial statements. 1 In general,
misstatements, including omissions, are considered to be material if, individually or
in the aggregate, they could reasonably be expected to influence the economic
decisions of users taken on the basis of the financial statemen ts. Judgments about
materiality are made in the light of surrounding circumstances, and are affected by
the auditor’s perception of the financial information needs of users of the financial
statements, and by the size or nature of a misstatement, or a comb ination of both.
The auditor’s opinion deals with the financial statements as a whole and therefore
the auditor is not responsible for the detection of misstatements that are not material
to the financial statements as a whole.
7. The ISAs contain objectives, requirements and application and other explanatory
material that are designed to support the auditor in obtaining reasonable assurance.
The ISAs require that the auditor exercise professional judgment and maintain
professional skepticism throughout the planning and performance of the audit and,
among other things:
● Identify and assess risks of material misstatement, whether due to fraud or
error, based on an understanding of the entity and its environment, including
the entity’s internal control.
● Obtain sufficient appropriate audit evidence about whether material
misstatements exist, through designing and implementing appropriate
responses to the assessed risks.
● Form an opinion on the financial statements based on conclusions drawn
from the audit evidence obtained.
8. The form of opinion expressed by the auditor will depend upon the applicable
financial reporting framework and any applicable law or regulation. (Ref: Para.
A12–A13)
9. The auditor may also have certain other communication and reporting
responsibilit ies to users, management, those charged with governance, or parties
outside the entity, in relation to matters arising from the audit. These may be
established by the ISAs or by applicable law or regulation. 2

1
ISA 320, Materiality in Planning and Performing an Audit and ISA 450, Evaluation of Misstatements
Identified during the Audit
2
See, for example, ISA 260 (Revised), Communication with Those Charged with Governance; and ISA 240,
The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements,
paragraph 44.
Effective Date
10. This ISA is effective for audits of financial statements for periods beginnin g on or
after December 15, 2009.

Overall Objectives of the Auditor

11. In conducting an audit of financial statements, the overall objectives of the auditor
are:
(a) To obtain reasonable assurance about whether the financial statements as a
whole are free from material misstatement, whether due to fraud or error,
thereby enabling the auditor to express an opinion on whether the financial
statements are prepared, in all material respects, in accordance with an
applicable financial reporting framework; and
(b) To report on the financial statements, and communicate as required by the
ISAs, in accordance with the auditor’s findings.
12. In all cases when reasonable assurance cannot be obtained and a qualified opinion in
the auditor’s report is insufficient in the circumstances for purposes of reporting to
the intended users of the financial statements, the ISAs require that the auditor
disclaim an opinion or withdraw (or resign) 3 from the engagement, where
withdrawal is possible under applicable law or regulation.

Definitions
13. For purposes of the ISAs, the following terms have the meanings attributed below:
(a) Applicable financial reporting framework – The financial reporting
framework adopted by management and, where appropriate, those charged
with governance in the preparation of the financial statements that is
acceptable in view of the nature of the entity and the objective of the financial
statements, or that is required by law or regulation.
The term “fair presentation framework” is used to refer to a financial
reporting framework that requires compliance with the requirements of the
framework and:
(i) Acknowledges explicitly or implicitly that, to achieve fair
presentation of the financial statements, it may be necessary for
management to provide disclosures beyond those specifically required
by the framework; or
(ii) Acknowledges explicitly that it may be necessary for management to
depart from a requirement of the framework to achieve fair presentation
of the financial statements. Such departures are expected to be necessary
only in extremely rare circumstances.

3
In the ISAs, only the term “withdrawal” is used.
 The term “compliance framework” is used to refer to a financial reporting
framework that requires compliance with the requirements of the framework,
but does not contain the acknowledgements in (i) or (ii) above.
(b) Audit evidence – Information used by the auditor in arriving at the
conclusions on which the auditor’s opinion is based. Audit evidence includes
both information contained in the accounting records underly ing the
financial statements and other information. For purposes of the ISAs:
(i) Sufficiency of audit evidence is the measure of the quantity of audit
evidence. The quantity of the audit evidence needed is affected by the
auditor’s assessment of the risks of material misstatement and also by
the quality of such audit evidence.
(ii) Appropriateness of audit evidence is the measure of the quality of audit
evidence; that is, its relevance and its reliability in providing support for
the conclusions on which the auditor’s opinion is based.
(c) Audit risk – The risk that the auditor expresses an inappropriate audit opinion
when the financial statements are materially misstated. Audit risk is a
function of the risks of material misstatement and detection risk.
(d) Auditor – The person or persons conducting the audit, usually the
engagement partner or other members of the engagement team, or, as
applicable, the firm. Where an ISA expressly intends that a requirement or
responsibility be fulfilled by the engagement partner, the term “engagement
partner” rather than “auditor” is used. “Engagement partner” and “firm” are
to be read as referring to their public sector equivalents where relevant.
(e) Detection risk – The risk that the procedures performed by the auditor to
reduce audit risk to an acceptably low level will not detect a misstatement
that exists and that could be material, either indiv idually or when aggregated
with other misstatements.
(f) Financial statements – A structured representation of historical financial
information, including disclosures, intended to communicate an entity’s
economic resources or obligations at a point in time, or the changes therein for
a period of time, in accordance with a financial reporting framework. The term
“financial statements” ordinarily refers to a complete set of financial
statements as determined by the requirements of the applicable financial
reporting framework, but can also refer to a single financial statement.
Disclosures comprise explanatory or descriptive information, set out as
required, expressly permitted or otherwise allowed by the applicable financial
reporting framework, on the face of a financial statement, or in the notes, or
incorporated therein by cross-reference. (Ref: Para. A14‒A15)
(g) Historical f inancial information – Information expressed in financial terms in
relation to a particular entity, derived primarily from that entity’s accounting
system, about economic events occurring in past time periods or about
economic conditions or circumstances at points in time in the past.
(h) Management – The person(s) with executive responsibility for the conduct of
the entity’s operations. For some entities in some jurisdict ions, management
includes some or all of those charged with governance, for example,
executive members of a governance board, or an owner-manager.
(i) Misstatement – A difference between the amount, classification,
presentation, or disclosure of a reported financial statement item and the
amount, classification, presentation, or disclosure that is required for the item
to be in accordance with the applicable financial reporting framework.
Misstatements can arise from error or fraud.
Where the auditor expresses an opinion on whether the financial statements
are presented fairly, in all material respects, or give a true and fair view,
misstatements also include those adjustments of amounts, classifications,
presentation, or disclosures that, in the auditor’s judgment, are necessary for
the financial statements to be presented fairly, in all material respects, or to
give a true and fair view.
(j) Premise, relating to the responsib ilit ies of management and, where
appropriate, those charged with governance, on which an audit is conducted
– That management and, where appropriate, those charged with governance
have acknowledged and understand that they have the following
responsibilit ies that are fundamental to the conduct of an audit in accordance
with ISAs. That is, responsibility:
(i) For the preparation of the financial statements in accordance with the
applicable financial reporting framework, includ ing, where relevan t,
their fair presentation;
(ii) For such internal control as management and, where appropriate,
those charged with governance determine is necessary to enable the
preparation of financial statements that are free from material
misstatement, whether due to fraud or error; and
(iii) To provide the auditor with:
a. Access to all information of which management and, where
appropriate, those charged with governance are aware that is
relevant to the preparation of the financial statements such as
records, documentation and other matters;
b. Additional information that the auditor may request from
management and, where appropriate, those charged with
governance for the purpose of the audit; and
c. Unrestricted access to persons within the entity from whom the
auditor determines it necessary to obtain audit evidence.
In the case of a fair presentation framework, (i) above may be restated as “for
the preparation and fair presentation of the financial statements in
 accordance with the f inancial reportin g framework,” or “for the preparation
of financial statements that give a true and fair view in accordance with the
financial reporting framework.”
The “premise, relating to the responsib ilities of management and, where
appropriate, those charged with governance, on which an audit is conducted”
may also be referred to as the “premise.”
(k) Professional judgment – The application of relevant training, knowledge and
experience, within the context provided by auditing, accounting and ethical
standards, in making informed decisions about the courses of action that are
appropriate in the circumstances of the audit engagement.
(l) Professional skepticism – An attitude that includes a questioning mind, being
alert to conditions which may indicate possible misstatement due to error or
fraud, and a critical assessment of audit evidence.
(m) Reasonable assurance – In the context of an audit of financial statements, a high,
but not absolute, level of assurance.
(n) Risk of material misstatement – The risk that the financial statements are
materially misstated prior to audit. This consists of two components,
described as follows at the assertion level:
(i) Inherent risk – The susceptib ility of an assertion about a class of
transaction, account balance or disclosure to a misstatement that
could be material, either individually or when aggregated with other
misstatements, before consideration of any related controls.
(ii) Control risk – The risk that a misstatement that could occur in an
assertion about a class of tra nsaction, account balance or disclosure
and that could be material, either indiv idually or when aggregated
with other misstatements, will not be prevented, or detected and
corrected, on a timely basis by the entity’s internal control.
(o) Those charged with governance – The person(s) o r organization(s) (for
example, a corporate trustee) with responsib ility for overseein g the strategic
direction of the entity and obligations related to the accountability of the
entity. This includes overseeing the financial reporting process. For some
entities in some jurisd ictions, those charged with governance may include
management personnel, for example, executive members of a governance
board of a private or public sector entity, or an owner-manager.

Requirements
Ethical Requirements Relating to an Audit of Financial Statements
14. The auditor shall comply with relevant ethical requirements, including those
pertaining to independence, relating to financial statement audit engagements. (Ref:
Para. A16–A19)
Professional Skepticism
15. The auditor shall plan and perform an audit with professional skepticism
recognizing that circumstances may exist that cause the financial statements to be
materially misstated. (Ref: Para. A20–A24)

Professional Judgment
16. The auditor shall exercise professional judgment in planning and performing an
audit of financial statements. (Ref: Para. A25–A29)

Sufficient Appropriate Audit Evidence and Audit Risk

17. To obtain reasonable assurance, the auditor shall obtain sufficient a ppropriate audit
evidence to reduce audit risk to an acceptably low level and thereby enable the
auditor to draw reasonable conclusions on which to base the auditor’s opin ion. (Ref:
Para. A30–A54)

Conduct of an Audit in Accordance with ISAs

Complying with ISAs Relevant to the Audit
18. The auditor shall comply with all ISAs relevant to the audit. An ISA is relevant to
the audit when the ISA is in effect and the circumstances addressed by the ISA ex ist.
(Ref: Para. A55–A59)
19. The auditor shall have an understanding of the entire text of an ISA, including its
application and other explanatory material, to understand its objectives and to apply
its requirements properly. (Ref: Para. A60–A68)
20. The auditor shall not represent compliance with ISAs in the au ditor’s report unless
the auditor has complied with the requirements of this ISA and all other ISAs
relevant to the audit.
Objectives Stated in Individual ISAs
21. To achieve the overall objectives of the auditor, the auditor shall use the objectives
stated in relevant ISAs in planning and performing the audit, having regard to the
interrelationships among the ISAs, to: (Ref: Para. A69–A71)
(a) Determine whether any audit procedures in addition to those required by the
ISAs are necessary in pursuance of the objectives stated in the ISAs; and
(Ref: Para. A72)
(b) Evaluate whether sufficient appropriate audit evidence has been obtained.
(Ref: Para. A73)

Complying with Relevant Requirements

22. Subject to paragraph 23, the auditor shall comply with each req uirement of an ISA
unless, in the circumstances of the audit:
 (a) The entire ISA is not relevant; or
(b) The requirement is not relevant because it is conditional and the condition
does not exist. (Ref: Para. A74–A75)
23. In exceptional circumstances, the auditor may judge it necessary to depart from a
relevant requirement in an ISA. In such circumstances, the auditor shall perform
alternative audit procedures to achieve the aim of that requirement. The need for the
auditor to depart from a relevant requirement is expected to arise only where the
requirement is for a specific procedure to be performed and, in the specific
circumstances of the audit, that procedure would be ineffective in achieving the aim
of the requirement. (Ref: Para. A76)

Failure to Achieve an Objective

24. If an objective in a relevant ISA cannot be achieved, the auditor shall evaluate
whether this prevents the auditor from achieving the overall objectives of the
auditor and thereby requires the auditor, in accordance with the ISAs, to modify the
auditor’s opin ion or withdraw from the engagement (where withdrawal is possib le
under applicable law or regulation). Failure to achieve an objective represents a
significant matter requiring documentation in accordance with ISA 230.4 (Ref:
Para. A77–A78)

***

Application and Other Explanatory Material

An Audit of Financial Statements

Scope of the Audit (Ref: Para. 3)

A1. The auditor’s opinion on the financial statements deals with whether the financial
statements are prepared, in all material respects, in accordance with the applicable
financial reporting framework. Such an opinion is common to all audits of financial
statements. The auditor’s opinion therefore does not assure, for example, the future
viability of the entity nor the efficiency or effectiveness with wh ich management
has conducted the affairs of the entity. In some jurisdictions, however, applicable
law or regulation may require auditors to provide opinions on other specific matters,
such as the effectiveness of internal control, or the consistency of a separate
management report with the financial statements. While the ISAs include
requirements and guidance in relation to such matters to the extent that they are
relevant to forming an opinion on the financial statements, the auditor would be
required to undertake further work if the auditor had additional responsibilities to
provide such opinions.

4
ISA 230, Audit Documentation, paragraph 8(c)
Preparation of the Financial Statements (Ref: Para. 4)
A2. Law or regulation may establish the responsibilit ies of management and, where
appropriate, those charged with governance in relation to financial reporting.
However, the extent of these responsibilities, or the way in which they are
described, may differ across jurisdictions. Desp ite these differences, an audit in
accordance with ISAs is conducted on the premise that management and, where
appropriate, those charged with governance have acknowledged and understand that
they have responsibility:
(a) For the preparation of the financial statements in accorda nce with the
applicable financial reporting framework, including, where relevant, their
fair presentation;
(b) For such internal control as management and, where appropriate, those charged
with governance determine is necessary to enable the preparation of financial
statements that are free from material misstatement, whether due to fraud or
error; and
(c) To provide the auditor with:
(i) Access to all information of which management and, where
appropriate, those charged with governance are aware that is relevant
to the preparation of the financial statements such as records,
documentation and other matters;
(ii) Additional information that the auditor may request from management
and, where appropriate, those charged with governance for the purpose of
the audit; and
(iii) Unrestricted access to persons within the entity from whom the
auditor determines it necessary to obtain audit evidence.
A3. The preparation of the financial statements by management and, where appropriate,
those charged with governance requires:
● The identification of the applicable financial reporting framework, in the
context of any relevant laws or regulations.
● The preparation of the financial statements in accordance with that framework.
● The inclusion of an adequate description of that framework in the financial
statements.
The preparation of the financial statements requires management to exercise
judgment in making accounting estimates that are reasonable in the circumstances,
as well as to select and apply appropriate accounting policies. These judgments are
made in the context of the applicable financial reporting framework.
A4. The financial statements may be prepared in accordance with a financial reporting
framework designed to meet:
 ● The common financial information needs of a wide range of users (that is,
“general purpose financial statements”); or
● The financial information needs of specific users (that is, “special purpose
financial statements”).
A5. The applicable financial reporting framework often encompasses f inancial reportin g
standards established by an authorized or recognized standards setting organization,
or legislative or regulatory requirements. In some cases, the financial reporting
framework may encompass both financial reporting standards established by an
authorized or reco gnized standards setting organization and legislative or regulatory
requirements. Other sources may provide direction on the application of the
applicable financial reporting framework. In some cases, the applicable financial
reporting framework may encompass such other sources, or may even consist only
of such sources. Such other sources may include:
● The legal and ethical environment, including statutes, regulations, court
decisions, and professional ethical obligations in relation to accounting
matters;
● Published accounting interpretations of varying authority issued by standards
setting, professional or regulatory organizations;
● Published views of varying authority on emergin g accounting issues issued
by standards setting, professional or regulatory organizations;
● General and industry practices widely recognized and prevalent; and
● Accounting literature.
Where conflicts exist between the financial reporting framework and the sources
from which direction on its application may be obtained, or among the sources that
encompass the financial reporting framework, the source with the highest authority
prevails.
A6. The requirements of the applicable financial reporting framework determine the
form and content of the financial statements. Although the framework may not
specify how to account for or disclose all t ransactions or events, it ordinarily
embodies sufficient broad principles that can serve as a basis for developing and
applying accounting policies that are consistent with the concepts underlying the
requirements of the framework.
A7. Some financial reporting frameworks are fair presentation frameworks, wh ile others
are compliance frameworks. Financial reporting frameworks that encompass
primarily the financial reporting standards established by an organization that is
authorized or recognized to promulgate standards to be used by entities for
preparing general purpose financial statements are often designed to achieve fair
presentation, for example, International Financial Reporting Standards (IFRSs)
issued by the International Accounting Standards Board (IASB).
A8. The requirements of the applicable financial reporting framework also determine
what constitutes a complete set of financial statements. In the case of many
frameworks, financial statements are intended to provide information about the
financial position, financial performance and cash flows of an entity. For such
frameworks, a complete set of financial statements would include a balance sheet; an
income statement; a statement of changes in equity; a cash flow statement; and related
notes. For some other financial reporting frameworks, a single financial statement and
the related notes might constitute a complete set of financial statements:
● For example, the International Public Sector Accounting Standard (IPSAS),
Financial Reporting under the Cash Basis of Accounting , issued by the
International Public Sector Accounting Standards Board states that the
primary financial statement is a statement of cash receipts and payments
when a public sector entity prepares its financial statements in accordance
with that IPSAS.
● Other examples of a single financial statement, each of which would include
related notes, are:
○ Balance sheet.
○ Statement of income or statement of operations.
○ Statement of retained earnings.
○ Statement of cash flows.
○ Statement of assets and liabilities that does not include owner’s
equity.
○ Statement of changes in owners’ equity.
○ Statement of revenue and expenses.
○ Statement of operations by product lines.
A9. ISA 210 establishes requirements and provides guidance on determining the
acceptability of the applicable financial reporting framework.5 ISA 800 (Revised)
deals with special considerations when financial statement s are prepared in
accordance with a special purpose framework. 6
A10. Because of the significance of the premise to the conduct of an audit, the auditor is
required to obtain the agreement of management and, where appropriate, those
charged with governance that they acknowledge and understand that they have the
responsibilit ies set out in paragraph A2 as a precondition for accepting the audit
engagement.7
5
ISA 210, Agreeing the Terms of Audit Engagements, paragraph 6(a)
6
ISA 800 (Revised), Special Considerations—Audits of Financial Statements Prepared in Accordance with
Special Purpose Frameworks, paragraph 8
7
ISA 210, paragraph 6(b)
Considerations Specific to Audits in the Public Sector
A11. The mandates for audits of the financial statements of public sector entities may be
broader than those of other entities. As a resu lt, the premise, relating to
management’s responsibilities, on wh ich an audit of the financial statements of a
public sector entity is conducted may include additio nal responsibilities, such as the
responsibility for the execution of transactions and events in accordance with law,
regulation or other authority.8

Form of the Auditor’s Opinion (Ref: Para. 8)

A12. The opinion expressed by the auditor is on whether the financial statements are
prepared, in all material respects, in accordance with the applicable financial
reporting framework. The form of the auditor’s opinion, however, will depend upon
the applicable financial reporting framework and any applicable law o r regu lation.
Most financial reporting frameworks include requirements relating to the
presentation of the financial statements; for such frameworks, preparation of the
financial statements in accordance with the applicable financial reporting
framework includes presentation.
A13. Where the financial reporting framework is a fair presentation framework, as is
generally the case for general purpose financial statements, the opinion required by
the ISAs is on whether the financial statements are presented fa irly, in all material
respects, or give a true and fair view. Where the financial reporting framework is a
compliance framework, the opinion required is on whether the financial statements
are prepared, in all material respects, in accordance with the fram ework. Unless
specifically stated otherwise, references in the ISAs to the auditor’s opinion cover
both forms of opinion.

Definitions

Financial Statements (Ref: Para. 13(f))

A14. Some financial reporting frameworks may refer to an entity’s economic resources or
obligations in other terms. For example, these may be referred to as the entity’s
assets and liabilit ies, and the residual difference between them may be referred to as
equity or equity interests.
A15. Explanatory or descriptive information required to be included in the financial
statements by the applicable financial reporting framework may be incorporated
therein by cross-reference to information in another document, such as a
management report or a risk report. “Incorporated therein by cross-reference”
means cross-referenced from the financial statements to the other document, but not
from the other document to the financial statements. Where the applicable financial
reporting framework does not expressly prohibit the cross-referencing of where
explanatory or descriptive information may be found, and the information has been

8
See paragraph A59.
 appropriately cross-referenced, the information will form part of the financial
statements.

Ethical Requirements Relating to an Audit of Financial Statements (Ref: Para. 14)

A16. The auditor is subject to relevant ethical requirements, including those pertaining to
independence, relating to financial statement audit engagements. Relevant ethical
requirements ordinarily comprise the provisions of the International Ethics
Standards Board for Accountants’ International Code of Ethics for Professional
Accountants (including International Independence Standards) (IESBA Code)
related to an audit of financial statements, together with national requirements that
are more restrictive.
A17. The IESBA Code establishes the fundamental principles of ethics, which are:
(a) Integrity;
(b) Objectivity;
(c) Professional competence and due care;
(d) Confidentiality; and
(e) Professional behavior.
The fundamental princip les of ethics establish the standard of behavior expected of
a professional accountant.
The IESBA Code provides a conceptual framework that establishes the approach
which a professional accountant is required to apply when identifying, evaluating and
addressing threats to compliance with the fundamental principles. In the case of
audits, reviews and other assurance engagements, the IESBA Code sets out
International Independence Standards established by the application of the
conceptual framework to threats to independence in relation to those engagements.
A18. In the case of an audit engagement it is in the public interest and, therefore, required
by the IESBA Code, that the auditor be independent of the entity subject to the
audit. The IESBA Code describes independence as comprising both independence
of mind and independence in appearance. The auditor’s independence from the
entity safeguards the auditor’s ability to form an audit opinion without being
affected by influences that might compromise that opinion. Indep endence enhances
the auditor’s ability to act with integrity, to be objective and to maintain an attitude
of professional skepticism.
A19. International Standard on Quality Control (ISQC) 1, 9 or national requirements that
are at least as demanding, 10 deal with the firm’s responsibilities to establish and

9
ISQC 1, Quality Control for Firms that Perform Audits and Reviews of Financial Statements, and Other
Assurance and Related Services Engagements
10
ISA 220, Quality Control for an Audit of Financial Statements, paragraph 2
 maintain its system of quality control for audit engagements. ISQC 1 sets out the
responsibilit ies of the firm for establishin g policies and procedures designed to
provide it with reasonable assurance that the firm and its personnel comply with
relevant ethical requirements, includin g those pertaining to independence.11 ISA
220 sets out the engagement partner’s responsibilit ies with respect to relevant
ethical requirements. These include remaining alert, t hrough observation and
making inquiries as necessary, for evidence of breaches of relevant ethical
requirements by members of the engagement team, determining the appropriate
action if matters come to the engagement partner’s attention that indicate that
members of the engagement team have breached relevant ethical requirements, and
forming a conclusion on compliance with independence requirements that apply to
the audit engagement.12 ISA 220 recognizes that the engagement team is entitled to
rely on a firm’s system of quality control in meeting its responsibilities with respect
to quality control procedures applicable to the individual audit engagement, unless
information provided by the firm or other parties suggests otherwise.

Professional Skepticism (Ref: Para. 15)

A20. Professional skepticism includes being alert to, for example:
● Audit evidence that contradicts other audit evidence obtained.
● Information that brings into question the reliability of documents and
responses to inquiries to be used as audit evidence.
● Conditions that may indicate possible fraud.
● Circumstances that suggest the need for audit procedures in addition to those
required by the ISAs.
A21. Maintaining professional skepticism throughout the audit is necessary if the auditor
is, for example, to reduce the risks of:
● Overlooking unusual circumstances.
● Over generalizing when drawing conclusions from audit observations.
● Using inappropriate assumptions in determining the nature, timing and
extent of the audit procedures and evaluating the results thereof.
A22. Professional skepticism is necessary to the critical assessment of audit evidence.
This includes questioning contradictory audit evidence and the reliability of
documents and responses to inquiries and other information obtained from
management and those charged with governance. It also includes consideration of
the sufficiency and appropriateness of audit evidence o btained in the light of the
circumstances, for example, in the case where fraud risk factors exist and a single
document, of a nature that is susceptible to fraud, is the sole supporting evidence for
a material financial statement amount.

11
ISQC 1, paragraphs 20–25
12
ISA 220, paragraphs 9–12
A23. The auditor may accept records and documents as genuine unless the auditor has reason
to believe the contrary. Nevertheless, the auditor is required to consider the reliability of
information to be used as audit evidence.13 In cases of doubt about the reliability of
information or indications of possible fraud (for example, if conditions identified during
the audit cause the auditor to believe that a document may not be authentic or that terms
in a document may have been falsified), the ISAs require that the auditor investigate
further and determine what modifications or additions to audit procedures are necessary
to resolve the matter.14
A24. The auditor cannot be expected to disregard past experience of the honesty and
integrity of the entity’s management and those charged with governance.
Nevertheless, a belief that management and those charged with governance are
honest and have integrity does not relieve the auditor of the need to maintain
professional skepticism or allow the auditor to be satisfied with less than persuasive
audit evidence when obtaining reasonable assurance.

Professional Judgment (Ref: Para. 16)

A25. Professional judgment is essential to the proper conduct of an audit. This is because
interpretation of relevant ethical requirements and the ISAs and the informed
decisions required throughout the audit cannot be made without the application of
relevant knowledge and experience to the facts and circumstances. Professional
judgment is necessary in particular regarding decisions about:
● Materiality and audit risk.
● The nature, timing and extent of audit procedures used to meet the
requirements of the ISAs and gather audit evidence.
● Evaluating whether sufficient appropriate audit evidence has been obtained,
and whether more needs to be done to achieve the objectives of the ISAs and
thereby, the overall objectives of the auditor.
● The evaluation of management’s judgments in applying the entity’s
applicable financial reporting framework.
● The drawing of conclusions based on the audit evidence obta ined, for
example, assessing the reasonableness of the estimates made by management
in preparing the financial statements.
A26. The distin guish ing feature of the professional judgment expected of an auditor is
that it is exercised by an auditor whose training, knowledge and experience have
assisted in developin g the necessary competencies to achieve reasonable judgments.
A27. The exercise of professional judgment in any particular case is based on the facts
and circumstances that are known by the auditor. Consultation on difficult or

13
ISA 500, Audit Evidence, paragraphs 7–9
14
ISA 240, paragraph 14; ISA 500, paragraph 11; ISA 505, External Confirmations, paragraphs 10–11, and 16
 contentious matters during the course of the audit, both within the engagement team
and between the engagement team and others at the appropriate level within or
outside the firm, such as that required by ISA 220, 15 assist the auditor in making
informed and reasonable judgments.
A28. Professional judgment can be evaluated based on whether the judgment reached reflects
a competent application of auditing and accounting principles and is appropriate in the
light of, and consistent with, the facts and circumstances that were known to the auditor
up to the date of the auditor’s report.
A29. Professional judgment needs to be exercised throughout the audit. It also needs to be
appropriately documented. In this regard, the auditor is required to prepare audit
documentation sufficient to enable an experienced auditor, having no previous
connection with the audit, to understand the significant professional judgments
made in reaching conclusions on signif icant matters arising during the audit.16
Professional judgment is not to be used as the justification for decisions that are not
otherwise supported by the facts and circumstances of the engagement or sufficient
appropriate audit evidence.

Sufficient Appropriate Audit Evidence and Audit Risk (Ref: Para. 5 and 17)
Sufficiency and Appropriateness of Audit Evidence
A30. Audit evidence is necessary to support the auditor’s opinion and report. It is cumulative
in nature and is primarily obtained from audit procedures performed during the cou rse
of the audit. It may, however, also include information obtained from other sources
such as previous audits (provided the auditor has determined whether changes have
occurred since the previous audit that may affect its relevance to the current audit 17 ) or
a firm’s quality control procedures for client acceptance and continuance. In addition
to other sources inside and outside the entity, the entity’s accounting records are an
important source of audit evidence. Also, information that may be used as au dit
evidence may have been prepared by an expert employed or engaged by the entity.
Audit evidence comprises both information that supports and corroborates
management’s assertions, and any information that contradicts such assertions. In
addition, in some cases, the absence of information (for example, management’s
refusal to provide a requested representation) is used by the auditor, and therefore, also
constitutes audit evidence. Most of the auditor’s work in forming the auditor’s opinion
consists of obtaining and evaluating audit evidence.
A31. The sufficiency and appropriateness of audit evidence are interrelated. Sufficiency
is the measure of the quantity of audit evidence. The quantity of audit evidence
needed is affected by the auditor’s assessment of the risks of misstatement (the

15
ISA 220, paragraph 18
16
ISA 230, paragraph 8
17
ISA 315 (Revised), Identifying and Assessing the Risks of Material Misstatement through Understanding
the Entity and Its Environment, paragraph 9
 higher the assessed risks, the more audit evidence is likely to be required) and also
by the quality of such audit evidence (the higher the quality, the less may be
required). Obtaining more audit evidence, however, may no t compensate for its
poor quality.
A32. Appropriateness is the measure of the quality of audit evidence; that is, its relevance
and its reliability in providin g support for the conclusions on wh ich the auditor’s
opinion is based. The reliability of evidence is influenced by its source and by its
nature, and is dependent on the individual circumstances under which it is obtained.
A33. Whether sufficient appropriate audit evidence has been obtained to reduce audit risk
to an acceptably low level, and thereby enable the auditor to draw reasonable
conclusions on wh ich to base the auditor’s opin ion, is a matter of professional
judgment. ISA 500 and other relevant ISAs establish additional requirements and
provide further guidance applicable throughout the audit regarding the auditor’s
considerations in obtaining sufficient appropriate audit evidence.

Audit Risk
A34. Audit risk is a function of the risks of material misstatement and detection risk. The
assessment of risks is based on audit procedures to obtain information necessary for
that purpose and evidence obtained throughout the audit. The assessment of risks is
a matter of professional judgment, rather than a matter capable of precise
measurement.
A35. For purposes of the ISAs, audit risk does not include the risk that the auditor might
express an opinion that the financial statements are materially misstated when they
are not. This risk is o rdinarily insign ificant. Further, audit risk is a technical term
related to the process of auditing; it does no t refer to the auditor’s business risks
such as loss from lit igation, adverse publicity, or other events arising in connection
with the audit of financial statements.

Risks of Material Misstatement

A36. The risks of material misstatement may exist at two levels:
● The overall financial statement level; and
● The assertion level for classes of transactions, account balances, and
disclosures.
A37. Risks of material misstatement at the overall financial statement level refer to risks
of material misstatement that relate pervasively to the financial statements as a
whole and potentially affect many assertions.
A38. Risks of material misstatement at the assertion level are assessed in order to
determine the nature, timin g and extent of further audit procedure s necessary to
obtain sufficient appropriate audit evidence. This ev idence enables the auditor to
express an opin ion on the financial statements at an acceptably lo w level of audit
risk. Auditors use various approaches to accomplish the objective of assessin g the
 risks of material misstatement. For example, the auditor may make use of a model
that expresses the general relationship of the components of audit risk in
mathematical terms to arrive at an acceptable level of detection risk. Some auditors
find such a model to be useful when planning audit procedures.
A39. The risks of material misstatement at the assertion level consist of two components:
inherent risk and control risk. Inherent risk and control risk are the entity’s risks; they
exist independently of the audit of the financial statements.
A40. Inherent risk is higher for some assert ions and related classes of transactions,
account balances, and disclosu res than for others. Fo r example, it may be h igher
for complex calculations or for accounts con sistin g of amounts derived from
accounting estimates that are subject to sign ificant est imation uncertainty.
External circumstances givin g rise to business risks may also influence inherent
risk. For example, technolo gical developments might make a particu lar product
obsolete, thereby causing inventory to be more suscept ible to overstatement.
Factors in the entity and its env ironment that relate to several or all of the classes
of transactions, account balances, or d isclosures may also influence the inheren t
risk related to a specific assert ion. Such factors may include, for example, a lack
of sufficient work in g capital to continue operations or a declinin g industry
characterized by a large number of business failures.
A41. Control risk is a function of the effectiveness of the design, implementation and
maintenance of internal contro l by management to address identif ied risks that
threaten the achievement of the entity’s objectives relevant to preparation of the
entity’s financial statements. However, internal contro l, no matter how well
designed and operated, can only reduce, but not eliminate, risks of material
misstatement in the f inancial statements, because of the inherent limitations of
internal control. These include, for example, the possib ility of hu man errors o r
mistakes, or of controls bein g circumvented by collusion or inappropriate
management override. Accord in gly, some contro l risk will always ex ist . The ISAs
provide the condit ions under wh ich the auditor is required to, or may choose to,
test the operating effectiveness of contro ls in determin ing the nature, tim ing and
extent of substantive procedures to be performed. 18
A42. The assessment of the risks of material misstatement may be expressed in
quantitative terms, such as in percentages, or in non-quantitative terms. In any case,
the need for the auditor to make appropriate risk assessments is more important than
the different approaches by which they may be made. The ISAs do not ordinarily
refer to inherent risk and control risk separately, but rather to a combined
assessment of the “risks of material misstatement.” However, ISA 540 (Revised) 19
requires a separate assessment of inherent risk and control risk to provide a basis for
design ing and performing further audit procedures to respond to t he assessed risks

18
ISA 330, The Auditor’s Reponses to Assessed Risks, paragraphs 7–17
19
ISA 540 (Revised), Auditing Accounting Estimates and Disclosures, paragraph 16
 of material misstatement, including significant risks, for accounting estimates at the
assertion level in accordance with ISA 330.20 In identifying and assessing risks of
material misstatement for significant classes of transactions, acco unt balances or
disclosures other than accounting estimates, the auditor may make separate or
combined assessments of inherent and control risk depending on preferred audit
techniques or methodologies and practical considerations.
A43. ISA 315 (Revised) establishes requirements and provides guidance on identifying
and assessing the risks of material misstatement at the financial statement and
assertion levels.

Detection Risk
A44. For a given level of audit risk, the acceptable level of detect ion risk bears an
inverse relationship to the assessed risk s of material m isstatement at the assert ion
level. For example, the greater the risks of material misstatement the auditor
believes ex ist s, the less the detect ion risk that can be accepted and, accord ingly ,
the more persuasive the audit evidence required by the auditor.
A45. Detection risk relates to the nature, timing and extent of the auditor’s procedures
that are determined by the auditor to reduce audit risk to an acceptably low level. It
is therefore a function of the effectiveness of an audit procedure and of its
application by the auditor. Matters such as:
● adequate planning;
● proper assignment of personnel to the engagement team;
● the application of professional skepticism; and
● supervision and review of the audit work performed,
assist to enhance the effectiveness of an audit procedure and of its application and
reduce the possibility that an auditor might select an inappropriate audit procedure,
misapply an appropriate audit procedure, or misinterpret the audit results.
A46. ISA 300 21 and ISA 330 establish requirements and provide guidance on planning
an audit of financial statements and the auditor’s responses to assessed risks.
Detection risk, however, can only be reduced, not eliminated, because of the
inherent limitations of an audit. Accordingly, some detection risk will always exist.

Inherent Limitations of an Audit

A47. The auditor is not expected to, and cannot, reduce audit risk to zero and cannot
therefore obtain absolute assurance that the financial statements are free from
material misstatement due to fraud or error. This is because there are inherent
limitations of an audit, which resu lt in most of the audit evidence on which the

20
ISA 330, paragraph 7(b)
21
ISA 300, Planning an Audit of Financial Statements
 auditor draws conclusions and bases the auditor’s opinion being persuasive rather
than conclusive. The inherent limitations of an audit arise from:
● The nature of financial reporting;
● The nature of audit procedures; and
● The need for the audit to be conducted within a reasonable period of time and
at a reasonable cost.

The Nature of Financial Reporting

A48. The preparation of financial statements involves judgment by management in
applying the requirements of the entity’s applicable financial reporting framework
to the facts and circumstances of the entity. In addition, many financial statement
items involve subjective decisions or assessments or a degree of uncertainty, and
there may be a range of acceptable interpretations or judgments that may be made.
Consequently, some financial statement items are subject to an inherent level of
variability wh ich cannot be eliminated by the application of additional auditing
procedures. For example, this is often the case with respect to certain accounting
estimates. Nevertheless, the ISAs require the auditor to give specific consideration
to whether accounting estimates are reasonable in the context of the applicable
financial reportin g framework and related disclosures, and to the qualitative
aspects of the entity’s accounting practices, including indicators of possible b ias in
management’s judgments.22

The Nature of Audit Procedures

A49. There are practical and legal limitations on the auditor’s ab ility to obtain audit
evidence. For example:
● There is the possibility that management or others may not provide,
intentionally or unintentionally, the complete information that is relevant to
the preparation of the financial statements or that has been requested by the
auditor. Accord ingly, the auditor cannot be certain of the completeness of
information, even though the auditor has performed audit procedures to
obtain assurance that all relevant information has been obtained.
● Fraud may involve soph ist icated and carefully o rganized schemes
design ed to conceal it. Therefo re, audit procedu res u sed to gather audit
evidence may be ineffect ive for detect in g an intent ional misstatement that
invo lves, fo r example, co llusion to falsify documentation wh ich may
cause the audito r to believe that audit ev idence is valid when it is not . The
auditor is neither t rained as no r expected to be an expert in the
authentication of documents.

22
ISA 540 (Revised), Auditing Accounting Estimates and Related Disclosures, and ISA 700 (Revised),
Forming an Opinion and Reporting on Financial Statements, paragraph 12
 ● An audit is not an official invest igation into alleged wron gdo in g.
Acco rd in gly, the audito r is not given specific legal po wers, such
as the po wer of search, wh ich may be necessary fo r such an invest igation.

Timeliness of Financial Reporting and the Balance between Benefit and Cost
A50. The matter of difficulty , t ime, o r cost invo lved is not in itself a valid basis for the
auditor to om it an audit procedure for wh ich there is no alternative o r to be
satisfied with audit ev idence that is less than persuasive. App ropriate plannin g
assists in making sufficient t ime and resources available for the conduct of the
audit. Not with standing th is, the relevance of information, and thereby its value,
tends to d imin ish over t ime, and there is a balance to be struck bet ween the
reliability of information and it s cost. Th is is reco gn ized in certain f in ancial
report in g frameworks (see, for example, the IASB ’s Framewo rk for the
Preparation and Presentation of Financial Statements). Therefore, there is an
expectation by users of financial statements that the auditor will form an opin ion
on the financial statements with in a reasonable period of time and at a reasonable
cost, reco gnizin g that it is impracticable to address all information that may exist
or to pursue every matter exhaustively on the assumption that information is in
error or fraudulent until proved otherwise.
A51. Consequently, it is necessary for the auditor to:
● Plan the audit so that it will be performed in an effective manner;
● Direct audit effort to areas most expected to contain risks of material
misstatement, whether due to fraud or error, with correspondingly less effort
directed at other areas; and
● Use testing and other means of examining populations for misstatements.
A52. In light of the approaches described in paragraph A51, the ISAs contain
requirements for the planning and performance of the audit and require the auditor,
among other things, to:
● Have a basis for the identification and assessment of risks of material
misstatement at the financial statement and assertion levels by performing
risk assessment procedures and related activities; 23 and
● Use testing and other means of examining populations in a manner that
provides a reasonable basis for the auditor to draw conclusions about the
population.24

23
ISA 315 (Revised), paragraphs 5–10
24
ISA 330; ISA 500; ISA 520, Analytical Procedures; ISA 530, Audit Sampling
Other Matters that Affect the Inherent Limitations of an Audit
A53. In the case of certain assertions or subject matters, the potential effects of the
inherent limitations on the auditor’s ability to detect material misstatements are
particularly significant. Such assertions or subject matters include:
● Fraud, particularly fraud involving senior management or collusion. See ISA
240 for further discussion.
● The existence and completeness of related party relationships and
transactions. See ISA 550 25 for further discussion.
● The occurrence of non-compliance with laws and regulations. See ISA 250
(Revised)26 for further discussion.
● Future events or conditions that may cause an entity to cease to continue as a
going concern. See ISA 570 (Revised)27 for further discussion.
Relevant ISAs identify specific audit procedures to assist in mit igating the effect of
the inherent limitations.
A54. Because of the inherent limitations of an audit, there is an unavoidable risk that
some material misstatements of the financial statements may not be detected, even
though the audit is properly planned and performed in accordance with ISAs.
Accord in gly , the subsequent discovery of a material misstatement of the financial
statements result in g from fraud or error does not by itself indicate a failure to
conduct an audit in accordance with ISAs. Ho wever, the inherent limitations of an
audit are not a justification for the auditor to be satisfied with less than persuasive
audit evidence. Whether the auditor has performed an audit in accordance with
ISAs is determ ined by the audit procedures performed in the circumstances, the
sufficiency and appropriateness of the audit ev idence obtained as a resu lt thereof
and the suitability of the auditor’s report based on an evaluation of that evidence
in light of the overall objectives of the auditor.

Conduct of an Audit in Accordance with ISAs

Nature of the ISAs (Ref: Para. 18)

A55. The ISAs, taken together, provide the standards for the auditor’s work in f ulfillin g
the overall objectives of the auditor. The ISAs deal with the general responsibilit ies
of the auditor, as well as the auditor’s further considerations relevant to the
application of those responsibilities to specific topics.
A56. The scope, effective date and any specific limitation of the applicability of a specific
ISA is made clear in the ISA. Unless otherwise stated in the ISA, the auditor is
permitted to apply an ISA before the effective date specified therein.

25
ISA 550, Related Parties
26
ISA 250 (Revised), Consideration of Laws and Regulations in an Audit of Financial Statements
27
ISA 570 (Revised), Going Concern
A57. In performing an audit, the auditor may be required to comply with legal or
regulatory requirements in addition to the ISAs. The ISAs do not override law or
regulation that governs an audit of financial statements. In the event that such law or
regulation differs from the ISAs, an audit conducted only in accordance with law or
regulation will not automatically comply with ISAs.
A58. The auditor may also conduct the audit in accordance with both ISAs and auditing
standards of a specific jurisdiction or country. In such cases, in add ition to
complying with each of the ISAs relevant to the audit, it may be necessary for the
auditor to perform additional audit procedures in order to comply with the relevant
standards of that jurisdiction or country.

Considerations Specific to Audits in the Public Sector

A59. The ISAs are relevant to engagements in the public sector. The public sector
auditor’s responsibilities, however, may be affected by the audit mandate, or by
obligations on public sector entities arisin g from law, regulation or other authority
(such as ministerial direct ives, government policy requirements, or reso lutions of
the legislature), which may encompass a broader scope than an audit of financial
statements in accordance with the ISAs. These additional responsibilit ies are not
dealt with in the ISAs. They may be dealt with in the pronouncements of the
International Organization of Supreme Audit Institutions or national standard
setters, or in guidance developed by government audit agencies.

Contents of the ISAs (Ref: Para. 19)

A60. In addition to objectives and requirements (requirements are expressed in the ISAs
using “shall”), an ISA contains related guidance in the form of application and other
explanatory material. It may also contain introductory material that provides cont ext
relevant to a proper understanding of the ISA, and definitions. The entire text of an ISA,
therefore, is relevant to an understanding of the objectives stated in an ISA and the
proper application of the requirements of an ISA.
A61. Where necessary, the application and other explanatory material provides further
explanation of the requirements of an ISA and guidance for carrying them out. In
particular, it may:
● Explain more precisely what a requirement means or is intended to cover.
● Include examples of procedures that may be appropriate in the
circumstances.
While such guidance does not in itself impose a requirement, it is relevant to the
proper application of the requirements of an ISA. The application and other
explanatory material may also provide background information on matters
addressed in an ISA.
A62. Appendices form part of the application and other explanatory material. The
purpose and intended use of an appendix are explained in the body of the related
ISAs or within the title and introduction of the appendix itself.
A63. Introductory material may include, as needed, such matters as explanation of:
● The purpose and scope of the ISA, includin g how the ISA relates to other
ISAs.
● The subject matter of the ISA.
● The respective responsibilit ies of the auditor and others in relation to the
subject matter of the ISA.
● The context in which the ISA is set.
A64. An ISA may include, in a separate section under the heading “Def init ions,” a
description of the meanings attributed to certain terms for purposes of the ISAs.
These are prov ided to assist in the consistent application and interp retation of the
ISAs, and are not intended to override defin it ions that may be established for other
purposes, whether in law, regu lation or otherwise. Un less otherwise indicated,
those terms will carry the same meanings throughout the ISAs. The Glossary of
Terms relatin g to International Standards issued by the International Auditin g and
Assu rance Standards Board in the Handbook of International Quality Control,
Auditing, Review, Other Assu rance, and Related Services Pronouncements
published by IFAC contains a complete list ing of terms def ined in the ISAs. It also
includes descript ions of other terms found in ISAs to assist in common and
consistent interpretation and translation.
A65. When appropriate, additional considerations specific to audits of smaller entities
and public sector entit ies are included within the application and other explanatory
material of an ISA. These additional considerations assist in the application of the
requirements of the ISA in the audit of such entities. They do not, however, limit or
reduce the responsibility of the auditor to apply and comply with the requirements
of the ISAs.

Considerations Specific to Smaller Entities

A66. For purposes of specifyin g additional considerations to audits of smaller entit ies, a
“smaller entity” refers to an entity which typically possesses qualitative
characteristics such as:
(a) Concentration of ownership and management in a small number of
individuals (often a single individual – either a natural person or another
enterprise that owns the entity provided the owner exhibits the relevant
qualitative characteristics); and
(b) One or more of the following:
(i) Straightforward or uncomplicated transactions;
(ii) Simple record-keeping;
(iii) Few lines of business and few products within business lines;
 (iv) Few internal controls;
(v) Few levels of management with responsibility for a broad range of
controls; or
(vi) Few personnel, many having a wide range of duties.
These qualitative characteristics are not exhaustive, they are not exclusive to
smaller entities, and smaller entit ies do not necessarily d isplay all of these
characteristics.
A67. The considerations specific to smaller entit ies included in the ISAs have been
developed primarily with unlisted entities in mind. Some of the considerations,
however, ma y be helpful in audits of smaller listed entities.
A68. The ISAs refer to the proprietor of a smaller entity who is involved in running the
entity on a day-to-day basis as the “owner-manager.”

Objectives Stated in Individual ISAs (Ref: Para. 21)

A69. Each ISA contains one or more objectives which p rovide a link between the
requirements and the overall objectives of the auditor. The objectives in indiv idual
ISAs serve to focus the auditor on the desired outcome of the ISAs while bein g
specific enough to assist the auditor in:
● Understanding what needs to be accomplished and, where necessary, the
appropriate means of doing so; and
● Decid ing whether more needs to be done to achieve them in the particular
circumstances of the audit.
A70. Objectives are to be understood in the context of the overall objectives of the auditor
stated in paragraph 11 of this ISA. As with the overall objectives of the auditor, the
ability to achieve an individual objective is equally subject to the inherent
limitations of an audit.
A71. In using the objectives, the auditor is required to have regard to the interrelationships
among the ISAs. This is because, as indicated in paragraph A55, the ISAs deal in some
cases with general responsibilities and in others with the application of those
responsibilities to specific topics. For example, this ISA requires the auditor to adopt an
attitude of professional skepticism; this is necessary in all aspects of planning and
performing an audit but is not repeated as a requirement of each ISA. At a more detailed
level, ISA 315 (Revised) and ISA 330 contain, among other things, objectives and
requirements that deal with the auditor’s responsibilities to identify and assess the risks
of material misstatement and to design and perform further audit procedures to respond
to those assessed risks, respectively; these objectives and requirements apply
throughout the audit. An ISA dealing with specific aspects of the audit (for example,
ISA 540 (Revised)) may expand on how the objectives and requiremen ts of such ISAs
as ISA 315 (Revised) and ISA 330 are to be applied in relation to the subject of the ISA
but does not repeat them. Thus, in achieving the objective stated in ISA 540 (Revised),
the auditor has regard to the objectives and requirements of other relevant ISAs.
Use of Objectives to Determine Need for Additional Audit Procedures (Ref: Para. 21(a))
A72. The requirements of the ISAs are designed to enable the auditor to achieve the
objectives specified in the ISAs, and thereby the overall objectives of the auditor.
The proper application of the requirements of the ISAs by the auditor is therefore
expected to provide a sufficient basis for the auditor’s achievement of the
objectives. However, because the circumstances of audit engagements vary widely
and all such circumstances cannot be anticipated in the ISAs, the auditor is
responsible for determining the audit procedures necessary to fulfill the
requirements of the ISAs and to achieve the objectives. In the circumstances of an
engagement, there may be particular matters that require the auditor to perform
audit procedures in addition to those required by t he ISAs to meet the objectives
specified in the ISAs.

Use of Objectives to Evaluate Whether Sufficient Appropriate Audit Evidence Has Been
Obtained (Ref: Para. 21(b))
A73. The auditor is required to use the objectives to evaluate whether sufficient
appropriate audit evidence has been obtained in the context of the overall objectives
of the auditor. If as a result the auditor concludes that the audit evidence is not
sufficient and appropriate, then the auditor may follow one or more of the followin g
approaches to meeting the requirement of paragraph 21(b):
● Evaluate whether further relevant audit evidence has been, or will be,
obtained as a result of complying with other ISAs;
● Extend the work performed in applying one or more requirements; or
● Perform other procedures judged by the auditor to be necessary in the
circumstances.
Where none of the above is expected to be practical or possible in the
circumstances, the auditor will not be able to obtain sufficient appropriate audit
evidence and is required by the ISAs to determine the effect on the auditor’s report
or on the auditor’s ability to complete the engagement.

Complying with Relevant Requirements

Relevant Requirements (Ref: Para. 22)

A74. In some cases, an ISA (and therefore all of its requirements) may not be relevant in
the circumstances. For example, if an entity does not have an internal audit function,
nothing in ISA 610 (Revised 2013)28 is relevant.
A75. Within a relevant ISA, there may be conditional requirements. Such a requirement
is relevant when the circumstances envisioned in the requirement apply and the
condition exists. In general, the conditionality of a requirement will either be
explicit or implicit, for example:

28
ISA 610 (Revised 2013), Using the Work of Internal Auditors, paragraph 2
 ● The requirement to modify the auditor’s opinion if there is a limitation of
scope29 represents an explicit conditional requirement.
● The requirement to communicate significant deficiencies in internal control
identified during the audit to those charged with go vernance, 30 wh ich
depends on the existence of such identified signif icant deficiencies; and the
requirement to obtain sufficient appropriate audit evidence regarding the
presentation and disclosure of segment information in accordance with the
applicable financial reporting framework, 31 which depends on that
framework requiring or permitting such disclosure, represent implicit
conditional requirements.
In some cases, a requirement may be expressed as being conditional on applicable
law or regu lation. For example, the auditor may be required to withdraw from the
audit engagement, where withdrawal is possible under applicable law or
regulation, or the auditor may be required to do something, unless prohibited by law
or regulation. Depending on the jurisdiction, the legal or regulatory permission or
prohibition may be explicit or implicit.

Departure from a Requirement (Ref: Para. 23)

A76. ISA 230 establishes documentation requirements in those exceptional
circumstances where the auditor departs from a relevan t requirement.32 The ISAs do
not call for compliance with a requirement that is not relevant in the circumstances
of the audit.

Failure to Achieve an Objective (Ref: Para. 24)

A77. Whether an objective has been achieved is a matter for the auditor’s professional
judgment. That judgment takes account of the results of audit procedures performed
in complying with the requirements of the ISAs, and the auditor’s evaluation of
whether sufficient appropriate audit evidence has been obtained and whether more
needs to be done in the particular circumstances of the audit to achieve the
objectives stated in the ISAs. Accord ingly, circumstances that may give rise to a
failure to achieve an objective include those that:
● Prevent the auditor from complying with the relevant requirements of an
ISA.
● Result in its not being practicable or possible for the auditor to carry out the
additional audit procedures or obtain further audit evidence as determined
necessary from the use of the objectives in accordance with paragraph 21, for
example, due to a limitation in the available audit evidence.

29
ISA 705, Modifications to the Opinion in the Independent Auditor’s Report, paragraph 13
30
ISA 265, Communicating Deficiencies in Internal Control to Those Charged with Governance and
Management, paragraph 9
31
ISA 501, Audit Evidence—Specific Considerations for Selected Items, paragraph 13
32
ISA 230, paragraph 12
A78. Audit documentation that meets the requirements of ISA 230 and the specific
documentation requirements of other relevant ISAs provides ev idence of the
auditor’s basis for a conclusion about the achievement of the overall objectives of
the auditor. While it is unnecessary for the auditor to document separately (as in a
checklist, for example) that individual objectives have been achieved, the
documentation of a failure to achieve an objective assists the auditor’s evaluation of
whether such a failure has prevented the auditor from achieving the overall
objectives of the auditor.
Dewan Akauntan, Unit 33-01, Level 33, Tower A, The Vertical, Avenue 3
Bangsar South City, No.8, Jalan Kerinchi, 59200 Kuala Lumpur, Malaysia
[phone] +603 2722 9000 [fax] +603 2722 9100
[web] www.mia.org.my [email] [email protected]