OVERVIEW
Objective
¾
To introduce the concepts of audit and assurance engagements.DEVELOPMENT
ASSURANCE SERVICES EXTERNAL AUDIT
¾ External audit ¾ Internal audit ¾ Assurance services
¾ As an assurance service ¾ Auditor’s report ¾ Audit process
INTERNAL AUDIT
¾ See Session 33 ¾ Definition
¾ Forms
1
DEVELOPMENT
1.1
External audit
¾
The development of joint-stock corporations during the middle of the 19th centurybrought about a need for directors to report to the shareholders whose capital they managed.
¾
This, in turn, lead to shareholders (and in today’s corporate environment, other users – “stakeholders”) requiring independent verification that what the directors reported was in fact true.¾
Statutory audits (i.e. carried out in accordance with statutory provisions) becamemandatory for companies in the UK in 1900. At this time the purpose of an audit was to detect fraud, technical errors and errors of principle. It also became a requirement that the auditor was independent of the company – hence the external audit.
¾
However, as the size and complexity of companies grew, case law developed the principle that it was unreasonable to expect auditors to detect all aspects of fraud, even though they were expected to exercise reasonable skill and care. Thus, whilst the detection of all fraud is not the primary purpose of an audit, the auditors must carry out their risk assessments and other procedures to have a reasonable expectation ofdetecting material fraud and error.
¾
As companies grew in size, with many becoming international organisations, it became impracticable for auditors to verify the 100% accuracy of financial records and so the audit of financial statements became an “attestation” (substantiation, testimony) of their “credibility” (i.e. “believability”).¾
Thus the objective of an audit devolved to enable an independent auditor to express an opinion (in terms of truth and fairness) whether the financial statements were prepared, in all material respects, in accordance with an identified reporting framework (e.g. IFRS) and relevant law.1.2
Internal audit
¾
The concept of internal auditing has been in use for centuries, whereas the term itself is relatively new. Ever since ancient Greece (if not before) checks have made byindividuals within enterprises that specific procedures had taken place, that assets were accounted for, monies allocated had been spent as expected and monies due had been collected.
¾
The modern form of internal audit was initially developed as the growth and increasing complexity of entities in the early 1900s stretched the capabilities of managers toeffectively manage.
¾
The role of the early internal auditors ranged from checking routine financial and operational functions with a heavy emphasis on compliance, security and detection of fraud, through to (in some cases) the analysis and appraisal of financial and operational activities. The Institute of Internal Auditors (IIA) was founded in 1941.¾
Internal audit, whether required by legislation (e.g. in public sectors), listing regulations and corporate governance codes (e.g. the Combined Code of the UK) or as voluntary activity, has increased rapidly since the 1970s, reflecting the economic and international growth of organisations.¾
With the introduction of corporate governance codes and the extended use of risk management within corporate management, the objective of internal audit evolved over the last ten years: to provide to management an independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations.
to help an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
1.3
Assurance services
¾
Over the last 20 years or so the auditing profession (both internal and external) has sought to broaden its role with external audit developing a wide range of assurance services (of which the financial statement audit is just one part) and internal audit becoming an essential element of strong corporate governance (note the use of ‘assurance’ within the above objective of internal audit).¾
Assurance services are independent professional services that improve the quality of information, or its context, for decision makers.¾
They are engagements in which the practitioner (eg the accountant/auditor) expresses a conclusion designed to enhance the degree of confidence of the intended users (of the information), other than the responsible party, about the outcome of the evaluation or measurement of a subject matter against criteria.¾
Factors contributing to the increasing demand for assurance services include: The rapid expansion of information available, the changing information needs of businesses and consumers and the increase in demand for relevant information for decision-makers.
Developments in IT and the growth of computerisation in businesses has led to more systems and risk-based approaches to auditing, creating opportunities to add value to the traditional audit service.
Globalisation of businesses creating worldwide needs.
The accounting profession responding to the opportunity to position the professional accountant as a primary provider of other non-audit services.
¾
Typical assurance services include: Audits of financial statements
Reviews of historical financial information Business ethics audits
Business risk assessments (including e-commerce) Performance measurement
Systems and control reliability
NOTE: Only audits and reviews are within the syllabus. The other assurance services are illustrative.
2
EXTERNAL AUDIT
¾
Gives confidence in the integrity of corporate reporting for the benefit of stakeholders and society as a whole, by providing an external and objective view on the statutory financial statements and related reports produced by management. The auditors report to the shareholders as the principal stakeholders.2.1
As an assurance service
¾
As noted above, the external audit is an assurance service. The responsible party (directors) prepare the subject matter (financial statements) for the intended users (shareholders). The auditor then provides assurance to the shareholders about those financial statements and related disclosures based on appropriate criteria (the directors’ assertions, IFRS and other statutory requirements).SUBJECT
MATTER Financial statements
prepared under IFRS
RESPONSIBLE PARTY
Prepares
INTENDED
USER PRACTIONER
Shareholders External (independent) auditor Evaluates
Assures
Directors
2.1.1
Stewardship
¾
Stewardship is the practice of managing another person’s property. Directors and other managers of an enterprise have the responsibility of stewardship for the property of that enterprise, which is owned by the shareholders.¾
Responsibilities, eg duties embodied in statute and corporate governance requirements, may include: keeping books of accounts and proper accounting records; safeguarding the assets of the enterprise;
implementing appropriate business, financial and risk management controls; producing financial statements (statement of financial position, statement of
comprehensive income, cash flow, statement of changes in equity, disclosure notes) that show a true and fair view and the results of their stewardship;
producing a directors’ report and other information (eg as required by listing rules) which is consistent with the financial statements and contains certain specified information.
2.1.2
Agency
¾
An agent is an individual (or another enterprise) employed or used to provide a particular service. The individual utilising the agent is referred to as the principal.¾
A director can be described as an agent having a fiduciary relationship (one of trust) with a principal (i.e. the company that employs them). A director is similarly an agent of the shareholders.¾
Auditors, as they are appointed by the shareholders in most jurisdictions, are also agents of the shareholders.2.1.3
Accountability
¾
Accountability is where one party is held responsible (answerable) to another party for their actions. They will be required to justify their actions and decisions to that party.¾
Directors of an enterprise are accountable to the shareholders. Many jurisdictions place legal requirements on directors as to how they are accountable and the way theycommunicate with stakeholders, e.g. director’s reports, financial statements prepared under an appropriate framework (e.g. IFRS). Directors of listed companies will also be subject to listing rules and corporate governance codes, e.g. interim financial statements, regular meetings with financial institutions, profit and going concern warnings, analysis and management of risk, audit committees, annual general meetings.
¾
The auditors of a company’s financial statements are accountable to shareholders. They act in the interest of the shareholders (the primary stakeholders) whilst also having regard to the wider public interest in that other stakeholders will read their report (but note that they are not the agents of any other stakeholder and their report is not2.2
The auditor’s report
The objective of an audit of financial statements is to enable the auditor to express an opinion whether the financial statements are prepared, in all material respects, in accordance with an identified financial reporting framework.
Reference can be by page numbers Detailed responsibilities including reference to internal controls, accounting policies, estimates and fraud
Reasonable, but not absolute, assurance
INDEPENDENT AUDITOR’S REPORT TO ………
We have audited the accompanying financial statements of ABC Company, which comprise the statement of financial position as at December 31, 20X1, and the statement of comprehensive income, statement of changes in equity and statement of cash flows for the year then ended, and a summary of significant accounting policies and other explanatory notes.
Management’s Responsibility for the Financial Statements
Management is responsible for the preparation and fair presentation of these financial statements in accordance with International Financial Reporting Standards. This responsibility includes: designing, implementing and
maintaining internal control relevant to the preparation and fair presentation of financial statements that are free from material misstatement, whether due to fraud or error; selecting and applying appropriate accounting policies; and making accounting estimates that are reasonable in the circumstances. Auditor’s Responsibility
Our responsibility is to express an opinion on these financial
statements based on our audit. We conducted our audit in accordance with International Standards on Auditing. Those standards require that we comply with ethical requirements and plan and perform the audit to obtain reasonable assurance whether the financial statements are free from material
misstatement.
An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the financial statements. The procedures selected depend on the auditor’s judgement, including the assessment of the risks of material misstatement of the financial statements, whether due to fraud or error. In making those risk assessments, the auditor considers internal control relevant to the entity’s preparation and fair presentation of the financial statements in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the
effectiveness of the entity’s internal control. An audit also includes evaluating the appropriateness of accounting policies used and the reasonableness of accounting estimates made by management, as well as evaluating the overall presentation of the financial statements.
On whose behalf audit is carried out Standards complied with Implies whether due to fraud or error
Nature of audit examination (scope)
Unqualified implies that, for example, changes in accounting principles etc have been properly determined and disclosed
We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinion.
Opinion
In our opinion, the financial statements give a true and fair view of the financial position of ABC Company as of December 31, 20X1, of its financial performance and its cash flows for the year then ended in accordance with International Financial Reporting Standards … (and comply with …).
Signature, And/or applicable GAAP
Date
Address Must include
¾
The auditor’s report is the key means of communicating to the shareholders (and indirectly to other stakeholders) of the business.¾
Understanding the end result of the auditor’s work provides an overview of the whole process. The basic concepts underlying the report need to be understood.2.2.1
Management and auditor’s responsibility
¾
Management is responsible for preparing and fairly presenting the financial statements (e.g. in accordance with the applicable financial reporting framework). What this includes is stated within the auditor’s report (see Session 30), the engagement letter between the auditors and directors (see Session 5)and the letter of representation from the directors to the auditors (see Session 20).¾
Oversight of management’s responsibilities (including those for the financial statements) is provided by those charged with governance. The structures ofgovernance will vary depending on the jurisdiction that management operates within and the applicable corporate governance code (see Session 3).
¾
An audit of financial statements does not relieve management or those charged with governance of their responsibilities.¾
The auditor is responsible for expressing an opinion on the financial statements based on their audit. The scope of their work is described within the report. They are not responsible for the financial statement’s form and content.¾
Although the auditor’s opinion enhances the credibility of the financial statements, users cannot assume that the opinion is an assurance as to the future viability of the entity nor the efficiency or effectiveness with which management has conducted the affairs of the entity.2.2.2
International Standards on Auditing (ISA)
¾
ISAs provide: standards (i.e. basic principles and essential procedures); and related guidance (i.e. explanatory and other material).
¾
An audit conducted in accordance with ISAs must have regard to the requirements of: ISAs (i.e. to plan, evaluate controls, obtain evidence, form conclusions and report); relevant professional bodies (e.g. ACCA);
legislation and regulations (e.g. Companies Acts);
2.2.3
Ethical requirements
¾
The auditor should comply with the International Federation of Accountants (IFAC) “Code of Ethics for Professional Accountants” (See Session 4). This code covers: Independence Integrity Objectivity
Professional competence and due care Confidentiality
Professional behaviour Technical standards
2.2.4
Reasonable assurance
¾
In an audit engagement, the auditor provides a high, but not absolute, level of assurance (expressed positively in the audit report as reasonable assurance) that the information subject to audit (i.e. the financial statements) is free of materialmisstatement.
¾
To provide reasonable assurance, the auditor carries out specific detailed routines, conducts relevant testing and assesses the accumulated evidence collected in respect of the financial statements as a whole (as detailed within the report’s scope paragraph). This enables the auditor to express a positive conclusion on the assertions being made by the directors (that the financial statements show a true and fair view and have been prepared in accordance with specific laws and regulations). Basically, the auditor believes that the evidence obtained is sufficient and appropriate to provide a basis for their opinion.¾
An auditor cannot obtain absolute (eg 100%) assurance because of the inherentlimitations within an audit. Such limitations may impact upon the auditor’s ability to be able to detect all material misstatements, for example:
Testing is on a sample basis (see Session 19).
Any accounting and internal control system has inherent limitations (see Session 8). Most audit evidence is persuasive rather than conclusive (e.g. an asset purchased
by an entity, though physically possessed, may no longer be owned if title has been transferred to another). See Session 15.
Specific limitations may affect the persuasiveness of available audit evidence, e.g. transactions between related parties (i.e. where one has the ability to control or exercise significant influence over the other) may not be identified as such.
2.2.5
Materiality
¾
Materiality is an expression of relative significance or importance of a matter in the context of the financial statements as a whole.Omissions or misstatements of items are material if they could, individually or collectively, influence the decisions of users taken on the basis of the financial statements.
¾
In planning their audit, the auditors must consider those areas that are material and the possibility that material errors could be contained within the (unaudited) financial statements. Their procedures must minimise the risk that such errors remainundetected by the audit. They are not responsible for the detection of misstatements that are not material to the financial statements taken as a whole.
2.2.6
Professional judgement and scepticism
¾
There are two primary areas in which professional judgement is particularly important. In gathering audit evidence (e.g. in deciding the nature, timing and extent of auditprocedures);
−
nature – e.g. whether to test controls over transactions or substantiate them “in depth” or using analytical procedures;−
extent – e.g. sample sizes;−
timing – e.g. at an interim visit during the year, the year end or after the year end at the final audit visit. In drawing conclusions based on that evidence (e.g. in assessing the persuasiveness of conflicting evidence from different source).
¾
The auditor should plan and perform (“conduct”) the audit with an attitude of “professional scepticism” recognising that circumstances may exist that will cause a material misstatement in the financial statements¾
“Professional scepticism” is an attitude that includes a questioning mind and a critical assessment of evidence. It is required throughout the audit process e.g.: for the auditor to reduce the possibility of marginalising a critical element of risk to the business during their risk assessment;
for the auditor to be alert for audit evidence that contradicts or brings into question the reliability of documents or management representations.
¾
In planning, conducting and reviewing the audit, an auditor should assume neither dishonesty nor unquestioned honesty of management.2.2.7
“True and fair”
¾
Truth relates to factual accuracy (bearing in mind materiality). The information provided conforms with required standards, regulations and law.¾
Fairness relates to the presentation of information and the view conveyed to the reader. Such information is free from bias. The financial statements reflect the commercial substance of the underlying balances and transactions.¾
“View” indicates that a professional judgement has been reached.¾
A “true and fair view” does mean that the appropriate financial framework (e.g., IFRS and IFRIC) has been complied with. Remember that IFRS does allow differentaccounting policies to be applied, eg the cost or revaluation method under IAS 16. Both show a “true and fair” view if they have been applied in accordance with the IFRS.
¾
Note that a degree of imprecision is inevitable because of inherent limitations e.g. theauditor does not inspect 100% of all of the entities transactions.
¾
That the phrase is preceded in the statutes by the indefinite article (“a”) suggests that more than one form of presentation may satisfy the requirement.2.3
The audit process
2.3.1
Overview
Agree terms of engagement
Obtain management representations
Plan Form opinion
(Auditor’s report)
Understand the entity and its environment
Assess risk and internal
control
Reliance on control effectiveness Review
Documentation
Substantiate assets, liabilities,
transactions & disclosures
¾
Planning – Planning and controlling audit work is essential to performing work to the required high standard of skill and care. Planning includes understanding the entity, its environment & business risk, internal control and the risk of material misstatements in the financial statements (see Session 7).¾
Assess risk – As part of the process to determine their audit strategy and the nature, timing and extent of audit procedures (the audit plan) auditors must understand the business risks faced by an entity and relate such risks to the possibility of material misstatements arising in the financial statements. The auditor must also understand the entity’s risk assessment procedures and how the entity’s management deal withidentified business risks (see Sessions 8 & 9).
¾
Understand internal control – Regardless of the audit approach used, auditors must obtain an understanding of the design of internal controls and if such controls have been implemented, as part of their overall risk assessment. See Sessions 8.¾
Reliance on control effectiveness – Where the auditor decides to gain audit assurance from controls within an entity, the effectiveness of such controls must be tested. See Session 13.¾
Substantiate (verify) assets, liabilities, transactions and disclosures – Balances andtransactions within the financial statements, together with disclosures must be verified based on key substantive assertions (e.g. completeness, existence, occurrence). See Session 15
¾
Review and finalisation procedures – To ensure that the audit has been carried out in accordance with ISA and that the audit working papers fully support the audit opinion. Finalisation procedures would normally also include analytical review of the financial statements, subsequent events and going concern reviews See Sessions 8 and 9.¾
Obtain management representations – The auditor asks management to formally confirm in writing that they are responsible for the fair presentation of the financial statements, the design and implementation of internal control to prevent and detect fraud; that they have recognised and carried out their legal and governance responsibilities and that they approve the financial statements. Representations may also be required from management to support audit evidence (e.g. that all obligations and liabilities have been fully disclosed; that the entity has good title to all assets). See Session 20.¾
Sign auditor’s report – After the directors have approved the financial statements, the auditors will sign their audit report. This may be unmodified (most common) but may also under certain circumstances be qualified. See Sessions 30.2.3.2
Application to internal audit
¾
Many of the methods and procedures used in external audit are also applicable to internal audit.¾
They must thoroughly understand the entity, its environment and in particular the business risks faced (in much greater depth than the external auditor as they will be dealing with the entity on a day-to-day basis). As a significant part of their work may well be testing that business and risk systems operate, a thorough understanding of systems and controls in operation and their effectiveness is essential (that is all business systems and controls, not just those that will have an impact on the financialstatements).
¾
They will need to plan their work to be efficient and effective and to obtain realistic results.¾
Control effectiveness, assets, liabilities, transactions may be part of their work, although they will also cover all aspects of management effectiveness and efficiency within an entity.¾
Whilst external auditors concentrate on the financial statements, internal auditors will consider, for example, the attributes of the information received, processed and reported by the enterprise to management and other third parties (e.g. that monthly management reports are sent to the entity’s bank or regulator).¾
Their reports will not therefore be in the form of a ‘true and fair’ view, but will be specifically related to the stated requirement of their task. This will often mean that the report is factually based.3
ASSURANCE SERVICES
¾
The International Framework for Assurance Engagements (IFAE) defines and describes the elements and objectives of an assurance engagement. The framework covers audits, reviews of historical financial information and other assurance engagements (as are within the IFAE definitions).International Framework for Assurance Engagements
Audit and Reviews of Historical Financial
Information
Assurance Engagements other than Audits or Reviews of Historical Financial Information
ISAs 100+ International Standards on
Auditing
ISREs 2000+ International Standards on
Review Engagements
ISAEs 3000+ International Standard on
3.1
Basic definition
¾
As defined by the IFAE (and discussed earlier in the context of an audit) an assurance engagement is an engagement in which a practitioner expresses a conclusion designed to enhance the degree of confidence of the intended users, other than the responsible party, about the outcome of the evaluation or measurement of a subject matter against criteria.3.2
Forms of assurance engagement
3.2.1
Assertion-based engagements
¾
The evaluation or measurement of the subject matter is performed by the responsible party.¾
An assertion is then made about the subject matter, by the responsible party, that is made available to the intended users.¾
That assertion is then tested by the practitioner who reports to the intended user.¾
An audit under ISAs is an example of an assertion-based engagement in that thedirectors of an entity make certain assertions about the financial statements to the shareholders and the auditors report to the shareholders on those assertions. In this case, the directors are also responsible for the financial statements.
3.2.2
Direct reporting engagements
¾
Assurance engagements where the practitioner either: directly performs the evaluation or measurement of the subject matter themselves;
or obtains a representation (that is not available to the intended users) from the responsible party that has performed the evaluation or measurement.
¾
The practitioner reports on issues that have come directly to their attention during the course of their work. In effect, the subject matter information is provided directly to the intended users in the assurance report given by the practitioner (rather than by the responsible party).¾
An example of a direct reporting engagement would be where the practitioner is requested to report on the ‘issues arising’ from, for example, the recent implementation of a new computerised system.3.3
Levels of assurance given
¾
Within the International Framework for Assurance Engagements, the levels of assurance specifically dealt with are reasonable assurance and limited assurance.3.3.1
Reasonable assurance
¾
The objective of a reasonable assurance engagement is a reduction in assurance engagement risk (that is, the risk that an inappropriate opinion will be given) to an acceptably low level in the circumstances of the engagement as the basis for a positive form of expression of the practitioner’s conclusion.¾
Depending on the circumstances, the easier it is to objectively measure the subject matter (eg qualitative, quantitative, historical), the more formal the measurement criteria, the more independent, reliable and persuasive the evidence that can be obtained, the greater the assurance that can be given on the subject matter.¾
In audit engagements the auditor provides reasonable assurance through obtaining sufficient appropriate audit evidence to be able to draw conclusions on which to base their opinion (see Session 15). The financial statements are prepared in accordance with IFRS and relevant law, which can be objectively measured through the application of ISAs.¾
The opinion is expressed positively, eg “In our opinion, the financial statements give a true and fair view ….”. The directors have asserted to the shareholders that the financial statements show a true and fair view and the auditors, through their work, have obtained sufficient and appropriate evidence (under ISAs) to draw a conclusion that they do show a true and fair view.3.3.2
Limited assurance
¾
For a limited assurance engagement, whilst the assurance engagement risk is acceptable in the circumstances of the engagement, it is greater than that for a reasonable assurance engagement (eg if the same level of work was carried out within a reasonable assurance assignment, there would be a high risk that an inappropriate opinion would bereached).
¾
The level of work forms the basis for a negative form of expression of the practitioner’s conclusion, eg “Based on our work …. nothing has come to our attention that causes us to believe that …. “.¾
Basically, the subject mater, criteria and evidence obtained would not be appropriate to be able to express a positive opinion. So, where the subject matter, criteria andmeasurement are subjective and informal, and the evidence obtained may not be independent, sufficiently reliable and persuasive, the auditor may conclude that reasonable assurance cannot be given and that only limited assurance is applicable.
¾
An example of a limited assurance engagement would be providing assurance on business ethics, This would be because of the subjectivity of applying any specific ethical criteria and the subjectivity of measuring the application of such criteria (eg what is not ethical to one business may be considered ethical by another).¾
In addition, specific limited assurance services have been developed to meet the needs of users, eg reviews of historic financial information. For example, in Canada audit exemption applies for appropriate companies. In place of the audit report, a limited assurance review report is given instead.3.4
Evidence gathering procedures and reports
Reasonable assurance engagementEvidence gathering
¾
Obtaining an understanding of the engagement circumstances;¾
Assessing risks and responding to those risks;¾
Performing further procedures using a combination of inspection, observation, confirmation, recalculation,reperformance, analytical procedures and inquiry.
¾
Such further procedures involve substantive procedures, including , where applicable, obtainingcorroborating information, and depending on the nature of the subject matter, tests of the operating
effectiveness of controls; and
¾
Evaluating the evidenceobtained. Reporting¾
The practitioner expresses the conclusion in the positive form, e.g. “In our opinion, internal control is effective, in all material respects, based on XYZ criteria.”NOTE: The basic guideline for a reasonable assurance engagement would be that of the nature of an audit.
Limited assurance engagement
Evidence gathering
¾
Evidence gathering procedures are deliberately limited relative to a reasonable assurance engagement.¾
Confirmations, recalculations,reperformance and test of controls, for example, are not considered as part of the work programme necessary to achieve the user’s requirements.
Reporting
¾
The practitioner expresses the conclusion in the negative form, e.g.“Based on our work described in this report, nothing has come to our attention that causes us to believe that internal control is not effective, in all material respects, based on XYZ criteria.”
3.5
Review assignments
¾
The objective of a review of historic financial information is to enable an auditor to state whether, on the basis of procedures which do not provide all the evidence that would be required in an audit, anything has come to the auditor’s attention that causes the auditor to believe that the financial statements are not prepared, in all material respects, in accordance with an identified financial reporting framework (negative form of report, limited assurance).¾
A financial statement review under International Standard for Review Engagements (ISRE) 2400 is a limited assurance engagement because of the limited nature of the work required to be carried out (by the standard) and the assurance obtained (primarily through enquiry and analytical review). Any review of financial or non-financial information that meets the criteria of ISRE 2400 must follow the requirements of the standard. Note that ISRE 2410 deals with the review of interim financial statements.¾
A review of prospective financial information, eg a projected cash flow or budgeted financial statements would primarily not be an assurance assignment as the detail relates to future information, for which no assurance could be given. The only element that could possibly be given an assurance report would be the basis of preparation (eg of the assumptions relating to past events).3.6
Other assurance assignments
¾
Assurance engagements other than audits (following ISAs) and reviews of historical financial information (following ISREs) are covered by the International Standard on Assurance Engagements, ISAE 3000.¾
The general principles and approach of ISAE 3000 are basically the same as those for an audit (which is, of course, a specific form of assurance service) eg: Comply with the ISAE and any other relevant ISAEs. Use ISAs and ISRE as necessary to provide guidance. Comply with Code of Ethics (see Session 4).
Implement quality control procedures applicable to each engagement. Agree, or update, terms of engagement with the client.
Ensure assurance team has appropriate professional competence. Plan the engagement to ensure effective performance.
Exercise professional scepticism.
Assess the appropriateness of the subject matter.
Assess the suitability of the criteria to measure or evaluate the subject matter. Consider engagement risk (to reduce it to an acceptable level) and materiality. If the work of an expert is to be used, apply the same ethical and assignment
approach to the expert as if they were a member of assignment team (see Session 18)
Consider subsequent events (events after the reporting date).
Prepare an assurance report taking into consideration the objectives of the
engagement (reasonable or limited assurance) and whether sufficient appropriate evidence has been obtained.
Consider the need to report to other parties including reporting governance matters to those charged with governance.
FOCUS
You should now be able to:
¾
explain the nature and development of audit and other assurance engagements;¾
identify and describe the objective and general principles of external auditengagements;
¾
discuss the concepts of accountability, stewardship and agency;¾
discuss the concepts of materiality, true and fair presentation and reasonable assurance;¾
explain reporting as a means of communication to different stakeholders; and