AUDIT PLANNING

PSA 300
AUDITOR’S OBJECTIVE

“The objective of the auditor is to plan the audit so that it

will be performed in an effective manner.”

 The overall audit strategy

 The overall audit plan
 Draft of the preliminary audit program
Planning Memorandum
 Summary of planning procedures
 Considerations
Audit or review
Need for specialists
Staff assignment and timing schedules
Assessed level of control risk
Significant client or industry risks
Utilization of internal auditors
Identification of unusual accounting principle problems
 Basis for audit program
Goals of Planning
• Obtain (or update) an
understanding of IMPORTANT
EVENTS that have affected the
client and its operations
• Identify areas of the audit
engagement that may represent
SPECIAL RISKS to the auditor
• Ensure that the audit is
completed in a TIMELY fashion

McGraw-Hill/Irwin ©2005 by the McGraw-Hill Companies, Inc. All rights reserved.

Understanding the Client’s Business
(PSA 315)

 Understand Industry, regulatory, and

applicable financial framework
 Nature of the entity
 Objectives, strategies and other risks
 Entity’s financial performance
 Internal control

McGraw-Hill/Irwin ©2005 by the McGraw-Hill Companies, Inc. All rights reserved.

Understanding the Client’s Business(PSA 315)

RISK ASSESSMENT PROCEDURES

►Inquiry
►Inspection
►Observation
►Analytical Procedures (PSA 520)
Analytic Procedures: Stages of Use

Preliminary - required
Substantive testing - optional
Final Review - required
Planning considerations
Extent to which computers are used
Complexity of computer operations
Organizational structure of computer
processing
Availability of data
Use of CAATS
Need for specialized skills
Audit Documentation Files

 Current
 Permanent
 Prior Year Working
Papers
Audit Documentation
 Information on Workpaper
Name, date, purpose, page
number
Procedures performed and
conclusions reached by the
auditor
Evidence that auditor
followed general
standards and standards
of field work
Audit Mark Legend
Reviewers’ initials
Other Issues Related to Audit Documentation
Ownership
Auditors maintain ownership, even after auditor-client
relationship is over.
Confidentiality
Only can be made public with permission, or if
subpoenaed, or as part of a peer review of firm practices,
or as part of an ethics investigation of firm personnel.
Review
Hierarchical review process.
Retention
Sarbanes-Oxley requires that most records be kept for 7
years.
Internal Control
A process, effected by an entity's board of directors,
management, and other personnel, designed to provide
reasonable assurance regarding the achievement of
objectives in the following categories:

 (1) Reliability of financial reporting,

 (2) Compliance with applicable laws and regulations,
 (3) Effectiveness and efficiency of operations.
UNDERSTANDING AND CONSIDERATION OF
INTERNAL CONTROL

Components of internal control

•Control environment
•Risk assessment
•Control activities
•Information & communication
•Monitoring
Phase 1: Understand and Document
 Understand the Client’s Internal Control
 Document the Internal Control understanding
 Internal Control questionnaire
 Narrative
 Accounting and Control System Flowcharts
Phase 2: Assess Control Risk (Preliminary)
Phase 3: Testing - Perform Test of Controls Audit Procedures
 Document the assessed level of control risk
Phase 4: Reassessment - Re-Assess Control Risk
Phase 5: Determine the nature, timing and extent of
substantive testing
Phases of a Control Evaluation
Inquiry
Inspection
Observation
Reperformance

Nature, timing and extent of Test of Control

 Unreliable Informal Standardized Monitored Optimized

Unpredictable Controls are Standardized controls Integrated internal

Controls are designed,
environment designed and in with periodic testing for controls with real-time
in place, and are
where controls are not place but are effective design and monitoring by
adequately documented.
designed or in place. not adequately operation with reporting management and
documented. to management. . continuous
improvement. .

Internal Controls Maturity Framework

Source: PricewaterhouseCoopers, The Sarbanes-Oxley Act of 2002: Strategies for Meeting New Internal Control
Reporting Challenges: A White Paper.
Audit Materiality (PSA 320)
“Information is material if its omission or
misstatement could influence the economic
decisions of users taken on the basis of the
financial statements.”
• The largest amount auditor could tolerate
• The smallest aggregate amount that could
misstate the financial statements
Materiality
• Materiality refers to an amount (or transaction) that would
influence the decisions of users (i.e., an amount (or event) that
would make a difference).
• Materiality Criteria:

Quantitative Criteria: Qualitative Criteria

 Absolute size  Nature of the item or
issue
 Relative size
 Circumstances
 Cumulative effects
 Uncertainty

• Ultimately, materiality is a matter of professional judgment.

Materiality should be considered by the auditor when:
(a) During planning stage; and
(b) Completion phase

Determine the Tolerable Misstatement (Performance

Materiality)
“ The lower the tolerable misstatement, the more
extensive the required audit procedures.”
Add a Slide Title - 5