AUE3701
Audit Planning and Tests Of Controls
Page | 0
, Topic 1 Introduction
Study Unit 1.1 Auditing Concepts
The Purpose of Performing an Audit
ISA 200: par. 3 - The purpose of an audit is to enhance the confidence of intended users in the financial statements.
This is achieved by the expression of an opinion by the auditor on whether the financial statements are prepared in
accordance with an applicable financial reporting framework. Whether the financial statements are presented fairly,
in all material respects, or give a true and fair view in accordance with the framework.
Reasonable Assurance
ISA 200: par. 5 - As the basis for the auditor’s opinion, ISAs require the auditor to obtain reasonable assurance about
whether the financial statements as a whole are free from material misstatement, whether due to fraud or error.
Reasonable assurance is a high level of assurance. It is obtained when the auditor has obtained sufficient appropriate
audit evidence to reduce audit risk (that is, the risk that the auditor expresses an inappropriate opinion when the
financial statements are materially misstated) to an acceptably low level. However, reasonable assurance is not an
absolute level of assurance, because there are inherent limitations of an audit which result in most of the audit
evidence on which the auditor draws conclusions and bases the auditor’s opinion being persuasive rather than
conclusive.
Materiality
ISA 200: par. 6 - The concept of materiality is applied by the auditor both in planning and performing the audit, and in
evaluating the effect of identified misstatements on the audit and of uncorrected misstatements, if any, on the
financial statements. In general, misstatements, including omissions, are considered to be material if, individually or
in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis
of the financial statements. The auditor’s opinion deals with the financial statements as a whole and therefore the
auditor is not responsible for the detection of misstatements that are not material to the financial statements as a
whole.
“Professional Judgment”, “Professional Scepticism” and “Risk of Material Misstatement”
ISA 200: par. 7 - The ISAs require that the auditor exercise professional judgment and maintain professional scepticism
throughout the planning and performance of the audit and, among other things:
Identify and assess risks of material misstatement, whether due to fraud or error, based on an understanding of
the entity and its environment, including the entity’s internal control.
Obtain sufficient appropriate audit evidence about whether material misstatements exist, through designing and
implementing appropriate responses to the assessed risks.
Form an opinion on the financial statements based on conclusions drawn from the audit evidence obtained.
Important Definitions
ISA 200: par. 13 - For purposes of the ISAs, the following terms have the meanings attributed below:
Applicable financial reporting framework – The financial reporting framework adopted by management and, where
appropriate, those charged with governance in the preparation of the financial statements that is acceptable in view
of the nature of the entity and the objective of the financial statements, or that is required by law or regulation.
The term “fair presentation framework” is used to refer to a financial reporting framework that requires compliance
with the requirements of the framework and:
Acknowledges explicitly or implicitly that, to achieve fair presentation of the financial statements, it may be
necessary for management to provide disclosures beyond those specifically required by the framework; or
Acknowledges explicitly that it may be necessary for management to depart from a requirement of the framework
to achieve fair presentation of the financial statements. Such departures are expected to be necessary only in
extremely rare circumstances.
Audit evidence – Information used by the auditor in arriving at the conclusions on which the auditor’s opinion is
based. Audit evidence includes both information contained in the accounting records underlying the financial
statements and other information.
Page | 1
,Audit risk – The risk that the auditor expresses an inappropriate audit opinion when the financial statements are
materially misstated. Audit risk is a function of the risks of material misstatement and detection risk.
Auditor – The person or persons conducting the audit, usually the engagement partner or other members of the
engagement team, or, as applicable, the firm.
Detection risk – The risk that the procedures performed by the auditor to reduce audit risk to an acceptably low level
will not detect a misstatement that exists and that could be material, either individually or when aggregated.
Management – The person(s) with executive responsibility for the conduct of the entity’s operations. For some
entities in some jurisdictions, management includes some or all of those charged with governance, for example,
executive members of a governance board, or an owner-manager.
Misstatement – A difference between the amount, classification, presentation, or disclosure of a reported financial
statement item and the amount, classification, presentation, or disclosure that is required for the item to be in
accordance with the applicable financial reporting framework. Misstatements can arise from error or fraud.
Premise, relating to the responsibilities of management and, where appropriate, those charged with governance, on
which an audit is conducted – That management and, where appropriate, those charged with governance have
acknowledged and understand that they have the following responsibilities that are fundamental to the conduct of an
audit in accordance with ISAs. That is, responsibility:
• For the preparation of the financial statements in accordance with the applicable financial reporting framework,
including fair presentation;
• For such internal control as management determines necessary to enable the fair preparation of financial
statements free from fraud or error; and
• To provide the auditor with:
o Access to all information that is relevant to the preparation of the financial statements such as records,
documentation and other matters;
o Additional information that the auditor may request from management and; and
o Unrestricted access to persons within the entity from whom the auditor determines to obtain audit evidence.
Professional judgment – The application of relevant training, knowledge and experience.
Professional scepticism – An attitude that includes a questioning mind, being alert to conditions which may indicate
possible misstatement due to error or fraud, and a critical assessment of audit evidence.
Reasonable assurance – In the context of an audit of financial statements, a high, but not absolute, level of assurance.
Risk of material misstatement – The risk that the financial statements are materially misstated prior to audit. This
consists of two components, described as follows at the assertion level:
Inherent risk – The susceptibility of an assertion about a class of transaction, account balance or disclosure to a
misstatement that could be material, before consideration of any related controls.
Control risk – The risk that a material misstatement could occur and will not be prevented, or detected and
corrected, on a timely basis by the entity’s internal control.
Those charged with governance – The persons or organizations with responsibility for overseeing the strategic
direction of the entity and obligations related to the accountability of the entity. This includes overseeing the financial
reporting process. For some entities in some jurisdictions, those charged with governance may include management
personnel, for example, executive members of a governance board of a private or public sector entity, or an owner-
manager.
Page | 2
, Other Definitions
ISA 200: par. 7 - The ISAs contain objectives, requirements and application and other explanatory material that are
designed to support the auditor in obtaining reasonable assurance. The ISAs require that the auditor exercise
professional judgment and maintain professional scepticism throughout the planning and performance of the audit
and, among other things:
• Identify and assess risks of material misstatement, whether due to fraud or error, based on an understanding of
the entity and its environment, including the entity’s internal control.
• Obtain sufficient appropriate audit evidence about whether material misstatements exist, through designing and
implementing appropriate responses to the assessed risks.
• Form an opinion on the financial statements based on conclusions drawn from the audit evidence obtained.
Definitions
ISQL 1: par. 12
Engagement documentation – The record of work performed, results obtained, and conclusions the practitioner
Engagement quality control review – A process designed to provide an objective evaluation, of the significant
judgments the engagement team made and the conclusions it reached in formulating the report. The engagement
quality control review process is for audits of financial statements of listed entities, and those other engagements, if
any, for which the firm has determined an engagement quality control review is required.
Communication
An auditor should establish two-way communication between “those charged with governance” (the organisation)
and him- or herself on a variety of matters:
o developing both the working relationship and the understanding of the auditor and the organisation being audited
of matters related to the audit
o obtaining information for audit purposes about the organisation
o assisting the organisation to fulfil its financial reporting duties in order to reduce the risk of material misstatement
of the financial statements
This communication occurs throughout the process of performing an audit. You must keep this in mind during your
studies. Although ISAs also contain guidelines on reporting, you should always refer to ISA 260 to see if it stipulates
additional communication duties.
The International Framework for Assurance Engagements
(Learning Unit 1 of AUE2601)
Assurance engagements
At the conclusion of an assurance engagement an auditor is expected to give the client a degree of assurance that the
information that was subjected to the audit is free of material misstatements.
Definition and objective of an assurance engagement (Framework: par 10–11).
An assurance engagement is one in which an auditor expresses a conclusion designed to enhance the degree of
confidence of the intended users, about the outcome of the evaluation.
There are two categories of assurance engagements:
Reasonable assurance engagement
An external auditor gathers sufficient appropriate evidence to be in a position to express an opinion on whether
the directors, who are responsible for the financial statements, have applied the International Financial Reporting
Framework appropriately in presenting fairly, the financial position, financial performance and cash flow
information of the company for the financial year.
Reasonable assurance relates to the entire auditing process - the collection of audit evidence and the conclusions
the auditor draws about the evidence in order to express an audit opinion (Framework: par 73).
Limited assurance engagements
Review engagements are classified as assurance engagements and sub-classified as limited assurance
engagements.
Page | 3