Ris Based Auditing Training March 2020.pptx

Ris Based Auditing Training March 2020.pptx
RISK BASED APPROACH TO FINANCIAL STATEMENTS AUDITING Presented by Ransford Armah ACCA, MSc, BSc, ICAG Member Manager, Audit Quality Monitoring
OBJECTIVE OF THE TRAINING Participants are expected to gain practical knowledge on • The meaning and reason for financial statements auditing • The meaning of professional skepticism • The legal & regulatory framework of auditing • Key stages of an audit • Financial Statements audit process • Planning the audit • Permanent Audit File • Audit risk assessment • Overall Materiality, Performance Materiality & Triviality • The planning meeting • Engagement Quality Control Review / Monitoring • Auditor independence • IC Systems documentation
OBJECTIVE OF THE TRAINING Participants are expected to gain practical knowledge on • Test of controls, compliance testing, substantive test using PCAS • Preparation of lead schedules and other test documentations.
Meaning and reasons for financial statements auditing A financial statements audit is the examination of an entity's financial statements and accompanying disclosures by an independent auditor. The result of this examination is a report by the auditor, attesting to the fairness of presentation of the financial statements and related disclosures. The auditor's report must accompany the financial statements when they are issued to the intended recipients. The purpose of a financial statements audit is to add credibility to the reported financial position and performance of a business
Meaning and reasons for financial statements auditing What is true and fair view?  True  information is factual and conforms with reality, not false.  In addition the information conforms with required standards and law.  The accounts have been correctly extracted from the books and records.  Fair  information is free from discrimination and bias and  in compliance with expected standards and rules.  The accounts should reflect the commercial substance of the company’s underlying transactions.
Meaning and reasons for financial statements auditing Objectives of Auditing  Primary Objective (main objective)  To produce a report by the auditor of his opinion of the truth and fairness of financial statements so that any person reading or using them can have belief in them.  Secondary  To detect errors and fraud ( Consider materiality)  To prevent errors and fraud by the deterrent effect of the audit  To provide spin- off effects. The auditor will be able to assist his clients with accounting , systems, taxation , financial , and other problems.
PROFESSIONAL SCEPTICISM  In carrying out his work the auditor should adopt an attitude of professional skepticism, recognizing that circumstances may exist which cause the financial statements to be materially misstated, i.e. professional skepticism, ISA, makes it clear that, even where auditors assess that the risk of litigation or adverse publicity are very low, they must still perform sufficient procedures according to auditing standards, i.e. there can never be a reason for carrying out an audit of a lower quality than that required by the ISA’s, not even fee pressure.  The purpose of the independent audit is to ensure that the financial statements are OBJECTIVE, FREE from BIAS and MANIPULATION and RELEVANT to the need of users.
LEGAL FRAMEWORK OF AUDITING  The work of an auditor is regulated by the following;  Statues, the Companies Act 1963 (Act 179), The New Companies Act 2019 (Act 992)  International Standards on Auditing (issued by IAASB of the IFAC)  Other standards issued by the IAASB  The professional standards and ethical principles that govern auditors’ responsibilities are  Integrity  Objectivity  Independence  Professional competence and due care  Professional behavior  Confidentiality LEGAL & REGULATORY FRAMEWORK OF AUDITING
ISA 200: Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing ISA 210: Agreeing the Terms of Audit Engagements ISA 220: Quality Control for an Audit of Financial Statements ISA 230: Audit Documentation ISA 240: The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements ISA 250: Consideration of Laws and Regulations in an Audit of Financial Statements ISA 260: Communication with Those Charged with Governance ISA 265: Communicating Deficiencies in Internal Control to Those Charged with Governance and Management ISA 300: Planning an Audit of Financial Statements ISA 315: Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment ISA 510: Initial Audit Engagements-Opening Balances ISA 520: Analytical Procedures ISA 530: Audit Sampling ISA 540: Auditing Accounting Estimates, Including Fair Value Accounting Estimates, and Related Disclosures ISA 550: Related Parties ISA 560: Subsequent Events ISA 570: Going Concern ISA 580: Written Representations ISA 600: Special Considerations-Audits of Group Financial Statements (Including the Work of Component Auditors) ISA 610: Using the Work of Internal Auditors ISA 620: Using the Work of an Auditor’s Expert ISA 700: Forming an Opinion and Reporting on Financial Statements ISA 705: Modifications to the Opinion in the Independent Auditor’s Report ISA 706 Emphasis of Matter Paragraphs and Other Matter Paragraphs in the Independent Auditor’s Report ISA 710: Comparative Information-Corresponding Figures and Comparative Financial Statements
ISA 805: Special Considerations-Audits of Single Financial Statements and Specific Elements, Accounts or Items of a Financial Statement ISA 810: Engagements to Report on Summary Financial Statements International Standard on Quality Control (ISQC) 1, Quality Controls for Firms that Perform Audits and Reviews of Financial Statements, and Other Assurance and Related Services Engagements Pronouncement Application International Standards on Auditing (ISA) Audit of historical financial information International Standards on Review Engagements (ISRE) Review of historical financial information International Standards on Assurance Engagements (ISAE) Assurance engagements dealing with subject matter other than historical financial information International Standards on Related Services (ISRS) Compilation engagements, engagements to apply agreed upon procedures to information and other related services engagements International Standards on Quality Control (lSQC) All services falling under ISAs, ISAEs and ISRSs International Auditing Practice Notes (IAPN) Provide practical assistance to professional accountants in implementing ISAs and to promote good practice by providing OTHER IAASB PRONOUNCEME NTS
KEY STAGES OF AN AUDIT Client acceptance and continuance, ISQC 1. Establish the terms of the engagement, ISA 210 Plan the audit, ISA300 - 450 Consider internal control & other regulatory frameworks, ISA 250a Obtain audit evidence, ISA500 - 620 Report findings ISA 700 – 720, ISA 250b-265 follow firm’s A&C procedures in firms ISQC 1 documentation. ToR, fees considerations, follow firms ISQC 1 engagement procedures. analytical review, risk assessment, materiality, Risk response, evaluate misstatements etc. ICQ, test of controls, consider best practice, company’s regulatory framework etc. analytical review, ledgers, transaction, acct. balances, reconciliations, confirmations, fair valuation, related parties, going concern etc. Opinion letter, management letter.
THE FINANCIAL STATEMENTS AUDIT PROCESS Planning the audit • Understanding the organisation • Risk assessment • Materiality Document accounting & internal controls systems • Systems Documentation • Gain physical assess to systems Test the accounting and internal controls systems • Test of controls • Compliance tests Test the financial statements • Substantive testing • Third party confirmations • Expert opinion Review the financial statements • Hot file review • Second reviewer • Proof reading • Disclosure checklist • EQCR Express an opinion • Unqualified • Qualified • Disclaimer / denial • Adverse
PLANNING THE AUDIT understanding the organization Planning the audit • Understanding the organisation • Risk assessment • Materiality For first time audit, complete the Permanent Audit File (PAF) and attach all relevant and available documentary evidences. For subsequent audits, update the PAF with the necessary changes and sign off. Reviewer should also sign off. All changes must be discussed at the team briefing meeting and documented. Other information such as newspaper publications, correspondences, meeting notes, extracts from board minutes must also be kept in the PAF and referenced to the “Current Audit File”. Understanding the organisation
LEGAL FRAMEWORK OF AUDITING THE PERMANENT AUDIT FILE (PAF) INDEX PERMANENT AUDIT FILE INDEX 1 General information 1.1 Background information (PAF02) 1.2 Details of bankers and professional advisors (PAF03) 1.3 Know Your Client Checklist (PAF04) 1.4 Register of laws and regulations (PAF05) 1.5 Details of related parties (PAF06) 1.6 Significant accounting policies (PAF07) 1.7 Significant accounting estimates (PAF13) 1.8 Copy of current detailed risk assessment 1.9
LEGAL FRAMEWORK OF AUDITING THE PERMANENT AUDIT FILE (PAF) 2 Engagement details 2.1 Letter of engagement 2.2 Authorisations 2.3 Special instructions from client 2.4 Special instructions from group auditors 2.5 Copy of resolution re: appointment 2.6 New client checklist (PAF08) 2.7 Register of non audit services (PAF10) 2.8 Register of involvement in the audit (PAF11) 2.9
LEGAL FRAMEWORK OF AUDITING THE PERMANENT AUDIT FILE (PAF) 3 Accounting systems 3.1 Organisation chart 3.2 Review of design and implementation of controls 3.3 Internal Control Questionnaire 3.4 Systems notes (PAF09) 3.5 Letters of comment (copies) 3.6
LEGAL FRAMEWORK OF AUDITING THE PERMANENT AUDIT FILE (PAF) 4 Statutory information 4.1 List of shareholders 4.2 Details of mortgages/charges 4.3 Directors’ interests in shares and debentures 4.4 Copy annual return 4.5 Copy elective resolutions 4.6 Memorandum and Articles of Association 4.7 Specified asset locked bodies (for CIC clients only) (PAF12) 4.8
LEGAL FRAMEWORK OF AUDITING THE PERMANENT AUDIT FILE (PAF) 5 Taxation (if no separate tax permanent file) 5.1 Direct tax elections 5.2 Indirect tax elections and certificates 5.3 Market values 6 April 1965 and 31 March 1982 5.4 Advance Corporation Tax details 5.5 PAYE dispensations 5.6 Relief claims (e.g. rollover) 5.7
LEGAL FRAMEWORK OF AUDITING THE PERMANENT AUDIT FILE (PAF) 6 Assets 6.1 Details of freehold/leasehold properties 6.2 Details of location of title deeds 6.3 Details of plant etc. (where no fixed asset register exists) 6.4 Details of intangible assets 6.5 Investments in subsidiaries and associated undertakings 6.6 Details of professional valuations 6.7 Details of insurance values and cover 6.8
LEGAL FRAMEWORK OF AUDITING THE PERMANENT AUDIT FILE (PAF) 7 Contracts and agreements 7.1 Details of contracts and agreements with index 7.2 Details of share options 7.3 Bank overdraft or loan facilities, security and covenants 7.4 Details of other loans 7.5
LEGAL FRAMEWORK OF AUDITING THE PERMANENT AUDIT FILE (PAF) 8 Correspondence and information of continuing interest 8.1 Index 9 Accounts 9.1 Signed copies of full accounts 9.2 Signed copies of abbreviated accounts 9.3 Company accounts disclosure checklist
LEGAL FRAMEWORK OF AUDITING THE PERMANENT AUDIT FILE (PAF) 10 Review Year File updated by Reviewed by
PLANNING THE AUDIT assessing risk Planning the audit • Understanding the organisation • Risk assessment • Materiality C8.1 – General Risk Assessment C8.2 – Financial Statements Risk Action Plan C8.3 - Assertions Risk Action Plan C8.4 – Risk Response Summery C9.1 – Fraud Risk Factor Risk Assessment
The Entity and Its Environment 11. The auditor shall obtain an understanding of the following: (a) Relevant industry, regulatory, and other external factors including the applicable financial reporting framework. (Ref: Para. A17–A22) Risk Assessment through Understanding of the Entity and Its Environment, Including the Entity’s Internal Control (b) The nature of the entity, including: (i) its operations; (ii) its ownership and governance structures; (iii) the types of investments that the entity is making and plans to make, including investments in special-purpose entities; and (iv) the way that the entity is structured and how it is financed, to enable the auditor to understand the classes of transactions, account balances, and disclosures to be expected in the financial statements. (Ref: Para. A23–A27) (c) The entity’s selection and application of accounting policies, including the reasons for changes thereto. The auditor shall evaluate whether the entity’s accounting policies are appropriate for its business and consistent with the applicable financial reporting framework and accounting policies used in the relevant industry. (Ref: Para. A28) (d) The entity’s objectives and strategies, and those related business risks that may result in risks of material misstatement. (Ref: Para. A29– A35) (e) The measurement and review of the entity’s financial performance. (Ref: Para. A36– A41)
PLANNING THE AUDIT assessing risk, the PCAS approach cont’d C8.1 – General Risk Assessment Any risks that are assessed as 'medium' or 'high' should normally be carried forward to C8.2 or C8.3 as appropriate. Where this is not the case a full explanation should be given as to how the risk will be managed.
PLANNING THE AUDIT assessing risk, the PCAS approach cont’d
PLANNING THE AUDIT assessing risk, the PCAS approach cont’d Note. An explanation must be given where the risk of fraud in relation to revenue recognition is not assessed as high.
PLANNING THE AUDIT assessing risk, the alternative approach PCAS UNIVERSITY FINANCIAL RISK ASSESSMENT TEMPLATES FY2013 FY2012 FS Item (Use details from notes) GH¢ GH¢ Difference %'tage change Management Response Risk (H,M,L) Justification for risk Audit Approach WP Ref. FS & assession level risks
PLANNING THE AUDIT assessing risk, the alternative approach PCAS UNIVERSITY FINANCIAL RISK ASSESSMENT TEMPLATES FY2013 FY2012 FS Item (Use details from notes) GH¢ GH¢ Difference %'tage change Management Response Risk (H,M,L) Justification for risk Audit Approach WP Ref. Tuition Revenue 1 Tuition Fees 3,000,241 2,751,747 248,494 8% Increase in fees L 8% increase in tuition fees was effected in 2013 Check number of new students admitted. Examination Fees 56,506 44,044 12,462 22% Admission Fees 28,631 10,761 17,870 62% Project Work Fees 39,090 8,413 30,677 78% Computer User Fees 52,107 28,737 23,370 45% Registration Fees 53,712 45,794 7,918 15% Graduation Fees 120,712 45,681 75,031 62% FS & assession level risks
PLANNING THE AUDIT materiality Planning the audit • Understanding the organisation • Risk assessment • Materiality According to ISA 320: Information is material if its omission or misstatement could influence the economic decisions of users taken on the basis of the financial statements. Materiality depends on the size of the item or error judged in the particular circumstances of its omission or misstatement. Thus, materiality provides a threshold or cut-off point rather than being a primary qualitative characteristic which information must have if it is to be useful. Materiality
PLANNING THE AUDIT materiality Golden rule: The higher the risk, the lower the materiality level and the higher the percentage coverage. Thus: The threshold (materiality) should be lowered for high risk areas in order to achieve a greater coverage of that particular risk area. The threshold (materiality) should be raised for low risk areas in order to avoid spending too much time on particular low-risk area.
PLANNING THE AUDIT materiality, the PCAS approach
PLANNING THE AUDIT the planning meeting, the PCAS checklist (C5.1) The engagement partner and other key members of the engagement team shall be involved in the planning, including participating in the discussion among engagement team members; ISA 300.5. The engagement team discussion must include specific consideration of the susceptibility of the financial statements to material misstatement due to fraud or error that could result from the entities related party relationships and transactions. ISA 550.12
PLANNING THE AUDIT the planning meeting, the PCAS checklist (C5.1) Comments WP Ref 1 Record the names of all audit staff in attendance. 2 Record the date of the meeting. 3 Discuss the susceptibility of the entity's financial statements to material statement, recording: a) the risks identified; b) the financial statements assertion(s) impacted; and c) its reference in the Identified Risks database. 4 Discuss the susceptibility of the entity's financial statements to material misstatement, the Fraud Risk Factors checklist if required, recording: C9.1 a) the risks identified; b) the financial statements assertion(s) impacted; and c) its reference in the Identified Risks database. 5 Confirm that the discussion included consideration of the possibility of fraud in relation a) Revenue recognition; b) Management override of controls; c) Related party relationships and transactions; 6 Record any other matters raised by the engagement team that impact the audit
PLANNING THE AUDIT the planning meeting, the PCAS checklist (C5.1)
PLANNING THE AUDIT quality control, the PCAS approach (C12) Comments WP Ref 1 Consider whether there is a need under the firm's procedures or ethical requirements for an engagement quality control review by a second partner or external consultants. 2 Agree the timing and scope of the review with the partner (or other external consultants) who will be undertaking it. 3 Confirm that the time budget and completion timetable have been updated accordingly. 4 Where applicable, have points raised in a cold review of the previous year been incorporated into this period's
PLANNING THE AUDIT sample size planning, the PCAS approach (C13.2) SAMPLE SIZE PLANNING Objectiv e number Extensive analytical review to be used? Tests of effective- ness of internal controls to be used? Effective- ness of internal controls sample size Substantiv e procedure s to be used? Substantiv e procedure s sample size Comments E Intangible assets F Tangible fixed assets G Investments to group and associated undertakings H Other investments I Stock
PLANNING THE AUDIT independence, the PCAS checklist (C2.1) Firms independence on clients: Before any engagement is agreed, the firm must assess her independence of the client and on the engagement. This can be done by using the checklist C2.1 provided in the PCAS. Audit team independence on the audit client: The team must confirm their independence on the client and the audit engagement. Employees independence on firms audit clients: All other client facing staff must complete and submit the annual independent declaration form and submit same to the managing partner.
SYSTEMS DOCUMENTATION Document accounting & internal controls systems • Systems Documentation • Gain physical assess to systems In order to document internal controls effectively, the auditors must understand the flow of transactions, how they are initiated, recorded, authorized, processed, and reported. Auditors must also identify and document the risks within the process, including fraud risk, and the controls that should be implemented to manage those risks. auditors must also determine which controls are necessary to the process, activity, or system under review in light of the risk profile.
Document accounting & internal controls systems • Systems Documentatio • Gain physical assess to systems Systems documentation SYSTEMS DOCUMENTATION Where the organisation does not have an Internal Controls Manual, document existing internal controls systems using the: 1. Internal Controls Questionnaires (PCAS C5.2) 2. Flow Charts (refer to templates) 3. Narrative Descriptions (refer to templates) (through interview with management / schedule officers) Review documented controls against standard controls or best practice in light of the organisations risk profile and note observations.
SYSTEMS DOCUMENTATION
SYSTEMS DOCUMENTATION Example of flow chart
Document accounting & internal controls systems • Systems Documentatio • Gain physical assess to systems Gain physical access to the computerized system SYSTEMS DOCUMENTATION Note: If your client uses a computerized accounting system, always, obtain a special access to the system and check the internal controls embedded in the system. If you do not have expertise in the use of your client’s accounting system, consult. If in doubt consult!!!
TESTING THE INTERNAL CONTROLS Test of controls, compliance testing Test the accounting and internal controls systems • Test of controls • Compliance tests Test documented internal controls through observation and enquiries and document any adverse findings. Review controls against statutory and standard procedures and note any adverse findings. Check controls against identified fraud risks in specific trust areas and ensure that the risks are mitigated by the controls and note any adverse findings for management discussions. Test the organization compliance with their own internal controls by testing selected transactions against the documented controls.
OBTAINING AUDIT EVIDENCE substantive testing, third party confirmations & expert opinion Test the financial statements • Substantive testing • Third party confirmations • Expert opinion In respect of audit evidence ISA 500.9 states: When using information produced by the entity, the auditor shall evaluate whether the information is sufficiently reliable for the auditor's purposes, including as necessary in the circumstances: (a)Obtaining audit evidence about the accuracy and completeness of the information; and (b) Evaluating whether the information is sufficiently precise and detailed for the auditor's purposes.
OBTAINING AUDIT EVIDENCE substantive testing, third party confirmations & expert opinion ISA 500.6: Assertions used by the auditor are as follows: 1. Assertions about classes of transactions and events for the period under audit: a. Occurrence - transactions and events that have been recorded have occurred and pertain to the entity. b. Completeness - all transactions and events that should have been recorded have been recorded. c. Accuracy - amounts and other data relating to recorded transactions and events have been recorded appropriately. d. Cut-off - transactions and events have been recorded in the correct accounting period. e. Classification - transactions and events have been recorded in the proper accounts.
OBTAINING AUDIT EVIDENCE substantive testing, third party confirmations & expert opinion ISA 500.6: Assertions used by the auditor are as follows: 2. Assertions about account balances at the period end: (i) Existence - assets, liabilities, and equity interests exist. (ii) Rights and obligations - the entity holds or controls the rights to assets, and liabilities are the obligations of the entity. (iii) Completeness - all assets, liabilities and equity interests that should have been recorded have been recorded. (iv) Valuation and allocation - assets, liabilities, and equity interests are included in the financial statements at appropriate amounts and any resulting valuation or allocation adjustments are appropriately recorded.
OBTAINING AUDIT EVIDENCE substantive testing, third party confirmations & expert opinion ISA 500.6: Assertions used by the auditor are as follows: 3. Assertions about presentation and disclosure: (i) Occurrence and rights and obligations - disclosed events, transactions, and other matters have occurred and pertain to the entity. (ii) Completeness - all disclosures that should have been included in the financial statements have been included. (iii) Classification and understandability - financial information is appropriately presented and described, and disclosures are clearly expressed. (iv) Accuracy and valuation - financial and other information are disclosed fairly and at appropriate amounts. (ISA 315.A111)
OBTAINING AUDIT EVIDENCE substantive testing, third party confirmations & expert opinion KEY POINTS: Audit objectives are the auditor's method of defining and testing those assertions. Audit tests must be designed to meet each of the above financial statements assertions. Some of these assertions are often more inherently risky than others. For example, it is often the case that the 'Completeness' and 'Valuation' assertions are more risky from an auditing point of view than (say) the 'Existence' assertion. Accordingly, specific risk assessments should not be restricted to just considering the balance as a whole. The key to an efficient audit lies in appreciating where the risks truly lie in terms of the underlying assertions within a particular balance and focussing
OBTAINING AUDIT EVIDENCE substantive testing, third party confirmations & expert opinion KEY POINTS: • At the commencement of each audit programme section there is a summary sheet setting out the audit objectives for that audit area and how the audit tests are assigned to meet those objectives. • By keeping specific audit objectives in mind, audit tests can be efficiently directed to meet them. • If any tailoring of the programme is done, the audit objectives should be cross- referenced to the tailored programme to ensure that they continue to be met by the revised/new programme. • If additional or alternative tests are carried out, these should likewise be cross- referenced to the audit objectives. • This should ensure that these tests also meet the objectives set.
OBTAINING AUDIT EVIDENCE substantive testing, third party confirmations & expert opinion KEY POINTS: • A conclusion should be drawn for each audit area. This is vitally important. Not only should the summary sheet be concluded upon, but for each main test within each area there should be stated: the aim of the tests; the work performed; the results obtained; and the conclusion reached.
OBTAINING AUDIT EVIDENCE substantive test, third party confirmations & expert opinion 1. Prepare lead schedules to agree with draft FS, trial balance and Nominal Ledgers. 2. Prepare subsidiary schedules to agree with Nominal ledgers and trial balance. 3. Conduct detailed test of transactions on ledger using the test criteria provided in the PCAS audit programme. 4. Where the need be, obtain confirmations from third party, e.g. debtors, creditors etc. 5. For highly technical areas, obtain expert opinions.
CASE STUDY

Ris Based Auditing Training March 2020.pptx

Check these out next

Ris Based Auditing Training March 2020.pptx

Recomendados

Mais conteúdo relacionado

Similar a Ris Based Auditing Training March 2020.pptx(20)

Mais de RansfordArmahACCAMSc(14)

Último(20)

Ris Based Auditing Training March 2020.pptx