|
© Matti Mattila, CPFA, CISA, CIA |
Audit's Operative Planning
|
|
| | | |
Basic objectives in the Operative Planning of the Audit of Financial Statements
|
ISA 330 (The Auditor’s Responses to Assessed Risks)
|
- |
The auditor designs responses to the risks of material misstatement [identified and assessed during strategic planning]
in order to obtain sufficient appropriate audit evidence about realization of those risks.
Risk responses consist of two types of audit procedures:
substantive procedures [1] and tests of controls [2].
The auditor shall document the risk responses, and their nature and timing,
and what further audit procedures will be performed, and to what extent,
and what is their linkage with the assessed risks at the assertion level.
The audit evidence comes from performance of audit procedures during previous audits,
and during the year in question, and the evidence covers the whole reporting period and
addressing especially risks of material misstatement.
|
- |
In design of audit procedures the auditor shall consider the inherent risks [3]
contributing to the risk of material misstatement and the control risks [4]
in accordance with the severity of each risk of material misstatement.
Substantive procedures alone cannot provide sufficient appropriate audit evidence at the assertion level.
When considering tests of controls, changes in controls and cirmustances must be observed.
|
- |
The greater the reliance of the auditor on the effectiveness of a controls the more persuasive audit evidence he/she must have.
Evidence is obtained using various audit procedures, in combination with inquiry:
were the controls applied as planned: each time as planned, consistenly time after time;
and were the controls relevant in the existing circumstances.
Controls against significant risks shall be tested in the current period.
|
- |
The auditor shall always design substantive procedures for each material class of transactions, account balance, and disclosure.
He/she considers whether external conformations are needed, and
examines whether the financial statements can be traced to accounting records; and
whether adjustments in preparing financial statements are justified.
|
- |
The auditor shall perform audit procedures to evaluate whether the overall
presentation of the financial statements, including the related disclosures, is in
accordance with the applicable financial reporting framework.
|
|
Application of The ECAR Model
|
|
- |
Application of the ECAR model offers new points of view to be incorporated in the strategic planning:
wider accountability (including efficiency), exploitation of opportunities, and collection and exploitation of control information.
|
|
|
|
Basic Objectives are achieved and opportunities are exploited |
Rules are respected |
Adequate information about the achievement of the objectives is obtained |
| [Control] Environment |
Each auditor [in the team] knows the requirements of the audit standards for the tests of controls and substantive tests (the tests);
the team is committed to find as cost-effective solutions as possible in obtaining sufficient appropriate audit evidence in
the operationalization of the strategic plan
|
Auditors respect the standards, audit strategy and the known facts about the requirements and underlying assumptions of the tests;
operational audit plan is prepared according to the procedures of the audit firm
|
Information is collected about the performance of the team and each auditor in terms of achievement of objectives, exploitation of
opportunities and compliance with the rules for the operational planning process of the audit
|
| Controls |
Checks are made [e.g.]: are there clear links between audit strategy and the tests; do the tests address areas and matters in
the audit strategy in right width and depth; are the limitations of the auditors' knowledge and the tests (including tools and data)
understood; are the calculations correct; are the resources timely available for the tests; are the opportunities in coordinating
the audit work exploited; is there big enough reserve of resources for unexpected and/or additional audit work
|
Checks are made [e.g.]: is there compliance with the following: assumptions underlying the tests, limitations for resources available,
and procedures for operational planning; is there reasonable assurance that sufficient appropriate audit evidence as a whole will be
obtained - as the standards demand - after making the planned tests
|
Information is collected whether the controls have been applied properly, and whether the controls been effective, and if compromises
have been made, what are the compromises and what are the safeguards because of them
|
| Accounting Systems |
There is information available about the criteria: [e.g.] linkage from assertions to the tests; alternatives and good practices
in making the tests; and facts [e.g.]: the count, and the characteristics of the transactions, balances and disclosures subject to the tests,
and recent changes in these objects; historical data about effectiveness and costs of past tests
|
There is information available about the criteria [e.g.]: the audit firm's rules for applying the tests; the assumptions underlying the
tests; and about the facts [e.g.]: incidents of non-compliance with the procedures and with the underlying assumptions of the tests
|
There is information about the criteria and the facts: does the audit firm collect the information that it should collect; and what is
the confidentiality, integrity and availability of the information collected and stored in the accounting systems
|
| Determination Of Risks |
Continuous monitoring exists, whether [control] environment, controls, and acconting systems are effective and whether they work well
in order to make a good strategic plan within the limits of the resources and in compliance with the rules
|
|
|
| | | = Elements of Internal Control | |
| | = Objectives of Internal Control |
| |
[1] Tests of details (of classes of transactions, account balances, and
disclosures) and substantive analytical procedures designed to detect material
misstatements at the assertion level.
[2] An audit procedure designed to evaluate the operating effectiveness of controls
against occurance of material misstatements at the assertion level.
[3]
The likelihood of material misstatement due to the particular characteristics of the class of transactions,
account balance, or disclosure.
[4]
The noteworthy likelyhood that the inherent risk exists after application of existing controls.
|
|