2008年审计英语讲义 The Audit Planning
减小字体
增大字体
Audit planning is a vital area of the audit, primarily conducted at the beginning of the audit process to ensure the audit is conducted in an effective manner. The plan developed will be revised as necessary during the course of the audit.
In undertaking effective planning, the auditor needs to understand the different stages of the audit and make judgments on the level and detail of the work to be undertaken.
The stages of audit
The Audit Process
Planning materiality
Concept of materiality
The concept of materiality was examined in an earlier chapter. It was concluded that an item is material if its omission or misstatement could influence the economic decisions of users taken on the basis of the financial statements.
Materiality is considered in planning audit procedures and in evaluating the effect of misstatements.
In planning the audit, the auditor therefore needs to establish materiality levels to ensure that any matcrial misstatement or omissions in the accounting records are discovered.
Notes:
Materiality:
Omission
Misstatement
Materiality level:
Establishing materiality levels
There are two levels of materiality to be considered:
Materiality at the overall financial statement level
Material for individual balances and classes of transactions
The latter is usually derived from the former.
There is an inverse relationship between materiality and the level audit risk. The higher the materiality level, the lower the audit risk, and vice versa.
Where, for example, materiality is low, audit risk is increased and the auditor can compensate for this by either carrying out additional test of control, or by increasing substantive procedures. Either will have the effect of reducing the assessed level of control risk.
Notes:
Inverse:
Vice versa:
Compensate for:
Derive from:
Materiality at the planning stage is often set at a lower level than is strictly necessary in order to reduce the risk of undiscovered misstatements. This also helps to deal with the potential problem of having to adjust materiality levels at a later date in the light of evidence obtained.
The most common bases used are a percentage of sales (1-2%), pre-tax profit (5-10%) or asset values (2-5%).
Notes:
Potential problem
Percentage:
Total audit risk, the risk of giving an inappropriate opinion when financial statements are materially misstated, has three components:
·inherent risk(or IR)
·control risk(or CR)
·detection risk(or DR).
These three risks multiplied together give total audit risk. Thus:
AR=IR×CR×DR
These risks are explained below. Remember, though, that it is the auditor’s judgement that is always used to determine the value to be placed on these items-there is no rule that the auditor can follow.
Broadly, the lower the risk level required, the greater the audit work required.
In most cases, internal auditors will operate a risk-based approach to auditing, making decisions based on impact and probability of risks occurring and therefore directing attention towards highest impact and highest probability risks.
·Impact of risk-If the risk materialised, what would be the scale of effect, how far could it affect the area under review? For example, if the company breached regulatory requirements resulting in fines and negative publicity, that could be assessed as high impact because of the adverse financial and reputational effect.
·Probability of risk-This looks at how likely is the risk to materialize. A risk may have a high impact(e.g. complete loss of a building due to fire), but much lower probability.
Assessing impact and probability helps prioritization and understanding of the nature of the risks involved.
Inherent risk, control risk and detection risk
Inherent risk is assessed at both the financial statement (entity) level, and at the level affected by such items as how much the company is subject to market forces, the cash situation of the company, the trading history of the company, and the nature and incidence of unusual transactions. A business in the construction industry is more risky than a food retailer, as it is more volatile.
At the account balance or class of transactions level, factors affecting inherent risk will include the susceptibility to misappropriation, the complexity of the underlying transactions or the degree of judgment involved in determining account balances.
Inventory, for example, is more inherently risky than cash, as there is greater scope for manipulation and error.
Notes:
Inherent risk:
Control risk:
Detection risk:
The more…the more:
Subject to:
Incidence of unusual transaction:
Susceptibility: 易感性, 感受性, 感情, [物]磁化系数
Misappropriation: 据为己有, 占有, 挪用(只指定用途的一笔), 拨款
Control risk
Control risk will be affected by such factors as the control environment at the company including, for example, the integrity of the staff operating the system, the extent of supervisory controls, and the strength of controls in particular account areas.
The preliminary assessment of control risk should always be high unless the auditor can either identify controls that are likely to prevent or detect misstatements in each area, or plans to perform tests of control to support the assessment.
There should be full documentation of the accounting and internal control system in the auditor’s records, and full documentation of the auditor’s assessment of control risk.
Evidence should be obtained through tests of control to support any assessment of control risk that is less than high; the lower the assessment of control risk, the more evidence is needed to show that systems are suitably designed and operating effectively.
When tests of control are complete, auditors should review their preliminary assessment of control risk.
Notes:
Integrity:正直,诚实;
Preliminary assessment:初步评估
Detection risk
This is the ‘variable’ and is determined by re-arranging the audit risk equation:
DR=AR÷(IR×CR)
The auditor determines the level of total audit risk that is acceptable and estimates the inherent and control risks by assessing the factors referred to previously. Detection risk can then be calculated, as shown in the following example:
AR=5% IR=50% CR=20%
DR=0.05÷(0.5×0.2)=0.5 i.e. 50%
If control risk and inherent risk are high then detection risk will be low. The lower the level of detection risk that is acceptable, the greater the level of testing required.
Client risk evaluation questionnaire
Inherent risk (financial statement and account balance)
Control risk (control environment and specific controls)
Notes:
Control environment
ISA300 Planning an audit of financial statements that the main objective of planning is to enable the audit to be performed in an effective manner.
The purposes of planning are as follows:
To ensure that appropriate attention is paid to the different areas of the audit
To ensure that potential problem areas are identified
To facilitate review
Planning also assist in the proper allocation of work to the audit team and the coordination of work done by other auditors and experts.
Notes:
Facilitate
Coordination
Expert
ISA300 key points
·Auditors should plan the audit work so as to perform the audit in an effective manner.
· Auditors should establish the overall audit strategy for the audit.
· Auditors should develop and document an overall audit plan describing the expected scope and conduct of the audit, in order to reduce audit risk to an acceptably low level.
· Auditors should develop and document the nature, timing and extent of planned audit procedures required to implement the overall audit plan.
· The audit work planned should be reviewed and, if necessary, revised during the course of the audit.
Notes:
Nature
Timing
Extent
Review
Revise
Audit strategy to Audit plan to audit procedures
When planning an audit, the auditor must first establish the overall audit strategy, setting the scope, timing and direction of the audit, and guiding the development of the more detailed audit plan. The audit strategy will consider:
·Scope
·What is the applicable financial reporting framework
·What industry-specific factors are relevant
·Timing
·What are the deadlines for completion of the audit
Notes:
Audit strategy
Scope
Direction
Applicable
Deadline
Direction
·What areas are likely to have the highest risks?
·Is internal control likely to be effective
Once the audit strategy has been established, the auditor can then start developing a more detailed audit plan addressing the various matters, identified in the audit strategy. The purpose of the audit plan is to ensure that the audit objectives can be achieved through efficient use of the auditor’s resources while reducing audit risk to an acceptably low level. The audit plan will include:
·A description of the planned risk assessment procedures designed to assess the risks of material misstatement.
·A description of the planned substantive audit procedures judged necessary depending on the risks assessed. This leads from the relative emphasis expected to be placed on tests of control as opposed to substantive procedures.
Typical planning procedures
Planning procedures vary from one audit to the next, but auditors should take an organized, step-by-step approach to the planning process.
Upgrade the auditors’ understanding of the entity and its environment
·Outline plan
·Review audit of the previous year
·Changes in legislation or accounting practice
·Management or interim accounts
·Meet the senior management
·Timing
·Client’s employees
·Expert help
·Number and grade of audit staff
·Audit team
·Budget
·Expected date of attendance
Notes:
Step-by-step
Interim account:临时账户
Legislation
Designing, documenting and recording of the audit strategy
ISA300 requires that auditors must document the overall audit strategy to cover the following areas:
·The scope of the audit engagement
·Reporting objectives, timing of the audit and communications required
·The direction of the audit
The timing of audit work
Auditing may be:
·Performed at or after the year end
·Divided into interim and final audits
·Continuous
The work of planning is a continuous process throughout the audit.
查看更多评论
