Guide to Using International Standards on Auditing in - IFAC

More documents

Recommendations

Info

24 <strong>Guide</strong> <strong>to</strong> <strong>Using</strong> <strong>International</strong> <strong>Standards</strong> on Auditing in the Audits of Small- and Medium-Sized Entities Volume 1—Core Concepts Audit Risk Components The major components of audit risk are described in the exhibit below. Exhibit 3.2-2 Nature Description Commentary Inherent Risk The susceptibility of an assertion about a class of transaction, account balance, or disclosure <strong>to</strong> a misstatement that could be material, either individually or when aggregated with other misstatements, before consideration of any related controls. This includes events or conditions (internal or external) that could result in a misstatement (error or fraud) in the financial statements. The sources of risk (often categorized as business or fraud risks) can arise from the entity’s objectives, the nature of its operations/industry, the regula<strong>to</strong>ry environment in which it operates, and its size and complexity. Control Risk The risk that a misstatement that could occur in an assertion about a class of transaction, account balance, or disclosure and that could be material, either individually or when aggregated with other misstatements, will not be prevented, or detected and corrected, on a timely basis by the entity’s internal control. Management designs controls <strong>to</strong> mitigate a specified inherent (business or fraud risk) fac<strong>to</strong>r. An entity assesses its risks (risk assessment) and then designs and implements appropriate controls <strong>to</strong> reduce its risk exposure <strong>to</strong> a <strong>to</strong>lerable (acceptable) level. Controls may be: • Pervasive in nature, such as management’s attitude <strong>to</strong>ward control, commitment <strong>to</strong> hiring competent people, and prevention of fraud. These are generally called entity-level controls; and • Specific <strong>to</strong> the initiation, processing, or recording of a particular transaction. These are often called business process, activity-level, or transaction controls.
25 <strong>Guide</strong> <strong>to</strong> <strong>Using</strong> <strong>International</strong> <strong>Standards</strong> on Auditing in the Audits of Small- and Medium-Sized Entities Volume 1—Core Concepts Nature Description Commentary Detection Risk The risk that the procedures performed by the audi<strong>to</strong>r <strong>to</strong> reduce audit risk <strong>to</strong> an acceptably low level will not detect a misstatement that exists and that could be material, either individually or when aggregated with other misstatements. The audi<strong>to</strong>r assesses the risks of material misstatement (inherent and control risk) at the financial statement and assertion levels. Audit procedures are then developed <strong>to</strong> reduce audit risk <strong>to</strong> an acceptably low level. This includes consideration of the potential risk of: • Selecting an inappropriate audit procedure; • Misapplying an appropriate audit procedure; or • Misinterpreting the results from an audit procedure. Note: The ISAs define the risk of material misstatement at the assertion level as consisting of two components: inherent risk and control risk. Consequently, the ISAs do not ordinarily refer <strong>to</strong> inherent risk and control risk separately, but rather <strong>to</strong> a combined assessment of the “risks of material misstatement.” However, the audi<strong>to</strong>r may make separate or combined assessments of inherent and control risk, depending on preferred audit techniques or methodologies and practical considerations. CONSIDER POINT Many inherent risks can result in both business and fraud risks. Where this occurs, list and assess the fraud risk fac<strong>to</strong>rs separately from the business risk fac<strong>to</strong>rs. Otherwise it is possible that the audit response will only address the business-risk element and not the fraud risk. Separating the fraud risk element from a business risk also enables the fraud <strong>to</strong> be assessed in relation <strong>to</strong> all the other fraud risks identified. This may help <strong>to</strong> reveal an unusual pattern of events/transactions for investigation, or an individual(s) with the motive, opportunity, and rationalization <strong>to</strong> commit fraud. For example, a new accounting system may create potential for errors (business risk), but may also provide an opportunity for someone <strong>to</strong> manipulate financial results or misappropriate funds (fraud risk).
Page 1 and 2: Guide to</
Page 3 and 4: 3 Guide to
Page 7 and 8: Disclaimer This Guide</stro
Page 11 and 12: 11 Guide t
Page 13 and 14: 13 2. Clarified ISAs In March 2009,
Page 19 and 20: Volume 1 Core Concepts
Page 23: 23 Guide t
Page 51 and 52: 51 5. Internal Control — Purpose
Page 75 and 76:
75 Guide t
Page 77 and 78:
77 6. Financial Statement Assertion
Page 79 and 80:
79 Guide t
Page 81 and 82:
81 Guide t
Page 83 and 84:
83 Guide t
Page 85 and 86:
85 Guide t
Page 87 and 88:
87 Guide t
Page 89 and 90:
89 Guide t
Page 91 and 92:
91 Guide t
Page 93 and 94:
93 Guide t
Page 95 and 96:
95 Guide t
Page 97 and 98:
97 Guide t
Page 99 and 100:
99 Guide t
Page 101 and 102:
101 Guide
Page 103 and 104:
103 Guide
Page 105 and 106:
105 Guide
Page 107 and 108:
107 Guide
Page 109 and 110:
109 Guide
Page 111 and 112:
111 Guide
Page 113 and 114:
113 Guide
Page 115 and 116:
115 10. Further Audit Procedures Ch
Page 117 and 118:
117 Guide
Page 119 and 120:
119 Guide
Page 121 and 122:
121 Guide
Page 123 and 124:
123 Guide
Page 125 and 126:
125 Guide
Page 127 and 128:
127 Guide
Page 129 and 130:
129 Guide
Page 131 and 132:
131 Guide
Page 133 and 134:
133 Guide
Page 135 and 136:
135 Guide
Page 137 and 138:
137 Guide
Page 139 and 140:
139 Guide
Page 141 and 142:
141 Guide
Page 143 and 144:
143 Guide
Page 145 and 146:
145 12. Related Parties Chapter Con
Page 147 and 148:
147 Guide
Page 149 and 150:
149 Guide
Page 151 and 152:
151 Guide
Page 153 and 154:
153 Guide
Page 155 and 156:
155 Guide
Page 157 and 158:
157 Guide
Page 159 and 160:
159 Guide
Page 161 and 162:
161 14. Going Concern Chapter Conte
Page 163 and 164:
163 Guide
Page 165 and 166:
165 Guide
Page 167 and 168:
167 Guide
Page 169 and 170:
169 Guide
Page 171 and 172:
171 15. Summary of Other ISA Requir
Page 173 and 174:
173 Guide
Page 175 and 176:
175 Guide
Page 177 and 178:
177 Guide
Page 179 and 180:
179 Guide
Page 181 and 182:
181 Guide
Page 183 and 184:
183 Guide
Page 185 and 186:
185 Guide
Page 187 and 188:
187 Guide
Page 189 and 190:
189 Guide
Page 191 and 192:
191 Guide
Page 193 and 194:
193 Guide
Page 195 and 196:
195 Guide
Page 197 and 198:
197 Guide
Page 199 and 200:
199 Guide
Page 201 and 202:
201 Guide
Page 203 and 204:
203 Guide
Page 205 and 206:
205 16. Audit Documentation Chapter
Page 207 and 208:
207 Guide
Page 209 and 210:
209 Guide
Page 211 and 212:
211 Guide
Page 213 and 214:
213 Guide
Page 215 and 216:
215 Guide
Page 217 and 218:
217 Guide
Page 219 and 220:
219 Guide
Page 221 and 222:
221 Guide
Page 223 and 224:
223 Guide
Page 225 and 226:
225 Guide
Page 227 and 228:
227 Guide
Page 229 and 230:
229 Guide
Page 231 and 232:
231 Guide
Page 233 and 234:
233 Guide
Page 235 and 236:
235 Guide
show all

Guide to Using International Standards on Auditing in - IFAC

Create successful ePaper yourself

Delete template?

Save as template?