Please enable JavaScript.
Coggle requires JavaScript to display documents.
Risk Identification & Assessment (:star:ISA 240 - The auditor’s…
Risk Identification & Assessment
:star:
ISA 330
- The auditor’s responses to assessed risks
Substantive Procedures
Test of Details
Testing a number of transactions
Substantive Analytical Procedures
Provides evidence about the
existence of misstatement
in account balance
#
Test of Controls
Provides evidence that indicates a misstatement is
likely to occur
Focuses on
contol risk
Is internal control is
strong
- this allows the auditor to say that the control risk is :arrow_down:
Is internal control is
weak
- more substantive testing is required :!:
Audit procedures designed to evaluate the effectiveness of controls in preventing, or detecting and correcting, material misstatements at the assertion level
Auditors Approach
Only perform tests of controls that achieve an effective response to the assessed risk of material misstatement for a particular reason
Perform only substantive procedures
A combined approach
Auditor will need to consider the way in which work is carried out to help address the risk of misstatement
Professional Scepticism (questioning mind)
Assigning more experienced staff or those with special skills
Provide more supervision
Making general changes to the nature (what), timing (when) or extent (how it affects the sample) of audit procedures
Material Items
Auditor shall design and perform substantive procedures for each material class of transactions, account balance and disclosure
:star:
ISA 315
- Identifying and assessing risks of material misstatement through understanding the entity and its environment
#
Risk Assessment
Observation and Inspection
Observe main activities
Examine documents (business plans, reports etc)
Analytical procedures
Use aggregate data from different sources to identify issues that are suggestive of a risk of material misstatement
Profiling
Ratio Analysis
Trend Analysis over time
Comparison of actual with budget
Comparison of one entity with another
Inquiries of management and others within the audited body
Management responsible for own assessment of organisational risk and internal control and key issues :crown:
Main requirements of :star:
ISA 315
:
Auditor perform risk assessment procedures
IR x CR
Auditor to obtain an understanding of the entity
IR
and its environment, including the entity's internal control
CR
Auditor identify and assess the risks of material misstatement
Risk of Material Misstatement
Financial Statement Level
Pervasive Risks not confined to specific elements of the accounts
Financial Statement Assertions (part of :star:ISA 315)
Auditing body makes a series of assertions about the financial statements
Risks at the assertion level are the risks that one of these assertions is materially untrue
Assertions about classes of transactions and events for the period
"COCOA""
:chocolate_bar:
Income and Expenditure
O
ccurrence - real?
C
ompleteness - all?
A
ccuracy - ££
Cut
O
ff - correct period?
C
lassification - accounts correct?
Assertions about account balances at the period end
""CRAVE""
Balance Sheet
E
xistence - real?
R
ights and obligations - rights (assets), obligations (liabilities)
C
ompleteness - all?
Va
luation and
a*
llocation - current & non current assets
#
Regularity Assertion (Practice Note 10)
Money being spent as intended?
Understanding the entity and its Environment
Auditors need to obtain an understanding of the following
"OPEN"
:
Relevant industry, regulatory and other
E
xternal factors including the applicable financial reporting framework
N
ature of the entity
Entity's application of accounting
P
olicies
Entity's
O
bjectives and strategies
Review of financial
P
erformance
Understanding the entity's internal control
Sets out 5 components on internal control
"MARIE""
"What the company does"
Control
E
nvironment
Tone set at the top
M
onitoiring
Who monitors controls?
R
isk Assessment
How risks are identified and arrangements to tackle them
Control
A
ctivities
-Understanding of controls in place
I
nformation System and Communication
How transactions are recorded
Internal Control
Assessing TCWG internal controls
5 types of internal control activities
PARIS
:
P
hysical Controls
A
uthorisation
R
eviews
I
nformation Processing
S
egregation of Duties
Classifying internal controls by design:
Preventative (Lock on door)
Detective (House Alarm)
Directive (Instructions or signs saying "keep out"
Corrective (Send burglar to prison)
:star:
ISA 240
- The auditor’s responsibilities relating to fraud in an audit of financial statements
Define Fraud
An
intentional
act by one or more individuals, involving the use if deception to obtain an unjust or illegal advantage
Fraudulent Financial Reporting (FFR)
Intentional misstatements
Omissions of amounts or disclosures
To deceive financial statements users
Such frauds can occur through:
Manipulation, falsification or alteration of accounting records
Misrepresentation or deliberate omission of items
Intentional misapplication of standards or policies
Misappropriation of Assets (MOA)
Theft of an entity's assets
Such frauds can occur through:
Diverting income to own bank account
Stealing physical assets
Deliberately causing payment for goods or services not received
Taking an entity's assets for personal use
Fraud Triangle:
Internal Fraud vs External Fraud
Internal - by individuals inside the organisation
External - by individuals outside the organisation
Management have responsibility for prevention and detection of fraud/misconduct
Presentation and Disclosure
Assertions are correct
