Guide to Using International Standards on Auditing in - IFAC

More documents

Recommendations

Info

60 <strong>Guide</strong> <strong>to</strong> <strong>Using</strong> <strong>International</strong> <strong>Standards</strong> on Auditing in the Audits of Small- and Medium-Sized Entities Volume 1—Core Concepts Risk Assessment A risk assessment process provides management with the information needed <strong>to</strong> determine what business/ fraud risks should be managed, and the actions (if any) <strong>to</strong> be taken. Management may initiate plans, programs, or actions <strong>to</strong> address specific risks, or it may decide <strong>to</strong> accept a risk because of cost or other considerations. If the entity’s risk assessment process is appropriate <strong>to</strong> the circumstances, it will assist the audi<strong>to</strong>r in identifying risks of material misstatement. A risk assessment process would normally address such matters as: • Changes in operating environment; • New senior personnel; • New or revamped information systems; • Rapid growth; • New technology; • New business models, products, or activities; • Corporate restructurings (including divestitures and acquisitions); • Expanded foreign operations; and • New accounting pronouncements. In smaller entities where a formal risk assessment process is unlikely <strong>to</strong> exist, the audi<strong>to</strong>r would discuss with management how business risks are identified and how they are addressed. Matters the audi<strong>to</strong>r should consider are how management: • Identifies risks relevant <strong>to</strong> financial reporting; • Estimates the significance of the risks; • Assesses the likelihood of their occurrence; and • Decides upon actions <strong>to</strong> manage them. If the audi<strong>to</strong>r identifies risks of material misstatement that management failed <strong>to</strong> identify, he/she should consider: • Why did management’s processes fail? • Are the processes appropriate <strong>to</strong> the circumstances? If a significant deficiency exists in the entity’s risk assessment process (or there is no process at all), it would be communicated <strong>to</strong> management and those charged with governance.
61 <strong>Guide</strong> <strong>to</strong> <strong>Using</strong> <strong>International</strong> <strong>Standards</strong> on Auditing in the Audits of Small- and Medium-Sized Entities Volume 1—Core Concepts Conditions and Events That May Indicate Risks of Material Misstatement Appendix 2 of ISA 315 contains a useful list of possible conditions and events that may indicate the existence of risks of material misstatement. 5.5 Information System Paragraph # Relevant Extracts from ISAs 315.18 The audi<strong>to</strong>r shall obtain an understanding of the information system, including the related business processes, relevant <strong>to</strong> financial reporting, including the following areas: (a) The classes of transactions in the entity’s operations that are significant <strong>to</strong> the financial statements; (b) The procedures, within both information technology (IT) and manual systems, by which those transactions are initiated, recorded, processed, corrected as necessary, transferred <strong>to</strong> the general ledger and reported in the financial statements; (c) The related accounting records, supporting information and specific accounts in the financial statements that are used <strong>to</strong> initiate, record, process and report transactions; this includes the correction of incorrect information and how information is transferred <strong>to</strong> the general ledger. The records may be in either manual or electronic form; (d) How the information system captures events and conditions, other than transactions, that are significant <strong>to</strong> the financial statements; (e) The financial reporting process used <strong>to</strong> prepare the entity’s financial statements, including significant accounting estimates and disclosures; and (f) Controls surrounding journal entries, including non-standard journal entries used <strong>to</strong> record non-recurring, unusual transactions or adjustments. (Ref: Para. A81-A85) 315.19 The audi<strong>to</strong>r shall obtain an understanding of how the entity communicates financial reporting roles and responsibilities and significant matters relating <strong>to</strong> financial reporting, including: (Ref: Para. A86-A87) (a) Communications between management and those charged with governance; and (b) External communications, such as those with regula<strong>to</strong>ry authorities. Information System Management (and those charged with governance) requires reliable information <strong>to</strong>: • Manage the entity (such as planning, budgeting, moni<strong>to</strong>ring performance, allocating resources, pricing, and preparing financial statements for reporting purposes); • Achieve objectives; and • Identify, assess, and respond <strong>to</strong> risk fac<strong>to</strong>rs.
Page 1 and 2:
Guide to</
Page 3 and 4:
3 Guide to
Page 5 and 6:
5 Guide to
Page 7 and 8:
Disclaimer This Guide</stro
Page 9 and 10: 9 Guide to
Page 11 and 12: 11 Guide t
Page 13 and 14: 13 2. Clarified ISAs In March 2009,
Page 19 and 20: Volume 1 Core Concepts
Page 51 and 52: 51 5. Internal Control — Purpose
Page 59: 59 Guide t
Page 77 and 78: 77 6. Financial Statement Assertion
Page 101 and 102: 101 Guide
Page 111 and 112:
111 Guide
Page 113 and 114:
113 Guide
Page 115 and 116:
115 10. Further Audit Procedures Ch
Page 117 and 118:
117 Guide
Page 119 and 120:
119 Guide
Page 121 and 122:
121 Guide
Page 123 and 124:
123 Guide
Page 125 and 126:
125 Guide
Page 127 and 128:
127 Guide
Page 129 and 130:
129 Guide
Page 131 and 132:
131 Guide
Page 133 and 134:
133 Guide
Page 135 and 136:
135 Guide
Page 137 and 138:
137 Guide
Page 139 and 140:
139 Guide
Page 141 and 142:
141 Guide
Page 143 and 144:
143 Guide
Page 145 and 146:
145 12. Related Parties Chapter Con
Page 147 and 148:
147 Guide
Page 149 and 150:
149 Guide
Page 151 and 152:
151 Guide
Page 153 and 154:
153 Guide
Page 155 and 156:
155 Guide
Page 157 and 158:
157 Guide
Page 159 and 160:
159 Guide
Page 161 and 162:
161 14. Going Concern Chapter Conte
Page 163 and 164:
163 Guide
Page 165 and 166:
165 Guide
Page 167 and 168:
167 Guide
Page 169 and 170:
169 Guide
Page 171 and 172:
171 15. Summary of Other ISA Requir
Page 173 and 174:
173 Guide
Page 175 and 176:
175 Guide
Page 177 and 178:
177 Guide
Page 179 and 180:
179 Guide
Page 181 and 182:
181 Guide
Page 183 and 184:
183 Guide
Page 185 and 186:
185 Guide
Page 187 and 188:
187 Guide
Page 189 and 190:
189 Guide
Page 191 and 192:
191 Guide
Page 193 and 194:
193 Guide
Page 195 and 196:
195 Guide
Page 197 and 198:
197 Guide
Page 199 and 200:
199 Guide
Page 201 and 202:
201 Guide
Page 203 and 204:
203 Guide
Page 205 and 206:
205 16. Audit Documentation Chapter
Page 207 and 208:
207 Guide
Page 209 and 210:
209 Guide
Page 211 and 212:
211 Guide
Page 213 and 214:
213 Guide
Page 215 and 216:
215 Guide
Page 217 and 218:
217 Guide
Page 219 and 220:
219 Guide
Page 221 and 222:
221 Guide
Page 223 and 224:
223 Guide
Page 225 and 226:
225 Guide
Page 227 and 228:
227 Guide
Page 229 and 230:
229 Guide
Page 231 and 232:
231 Guide
Page 233 and 234:
233 Guide
Page 235 and 236:
235 Guide
show all

Guide to Using International Standards on Auditing in - IFAC

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?