ISA 315: IDENTIFY AND ASSESS THE RISK OF MATERIAL MISSTATEMENT THROUGH

UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT

SCOPE: OBJECTIVE:

Auditors responsibility to identify and assess
the ROMM in the FS through:
Understanding the entity and its environment
including its internal control
The objective of the auditor is to identify and assess the
risks of material misstatement, whether due to fraud or error,
at the financial statement and assertion levels, through
understanding the entity and its environment, including the
entity’s internal control, thereby providing a basis for
designing and implementing responses to the assessed
risks of material misstatement.

PURPOSE OF OBTAINING THE

UNDERSTANDING OF THE ENTITY AND
ITS ENVIRONMENT INCLUDING ITS
INTERNAL CONTROL

Considering the
Determining appropriateness of
materiality in Responding to Evaluating the
the selection and the assessed sufficiency and
accordance Developing
application of expectations risks of material appropriateness of
with ISA 320 accounting policies, misstatement, audit evidence
for use when
and the adequacy of Identifying areas performing including obtained, such as the
financial statement where special audit analytical designing and appropriateness of
disclosures consideration may be procedures performing assumptions and of
necessary further audit management’s oral
procedures to and written
obtain sufficient representations
appropriate audit
evidence
 FIRST OBJECTIVE: How to Identify and assess the Risk of Material Misstatement

UNDERSTANDING THE ENVIRONEMNT

a. Relevant industry, regulatory and other external factors including the AFRF

INDUSTRY:
Relevant industry factors
include industry conditions
such as the competitive
environment, supplier and
customer relationships, and
technological developments.
Examples of matters the
auditor may consider include:
•The market and competition,
including demand, capacity,
and price competition.
•Cyclical or seasonal activity.
•Product technology relating
to the entity’s products.
•Energy supply and cost.
REGULATORY
Relevant regulatory factors include the regulatory OTHER EXTERNAL
environment. The FACTORS
regulatory environment encompasses, among other matters,
Examples of other external
the applicable financial reporting framework and the legal
factors affecting the entity that
and political environment.
the auditor may consider include
Examples of matters the auditor may consider include:
the general economic
•Accounting principles and industry-specific practices. conditions, interest rates and
availability of financing, and
•Regulatory framework for a regulated industry. inflation or currency revaluation.
•Legislation and regulation that significantly affect the
entity’s operations, including direct supervisory activities.
•Taxation (corporate and other).
•Government policies currently affecting the conduct of the
entity’s business, such as monetary, including foreign
exchange controls, fiscal, financial incentives (for example,
government aid programs),and tariffs or trade restrictions
policies.

b. Nature of the Entity including:

Ownership and Types of investment The way that the

Operation governance including special entity is structured
structure purpose entities and how it is
financed

c. The entity’s selection and application of d. The entity’s objectives and strategies,
accounting policies, including the reasons and those related business risks that e. The measurement and review of the entity’s
for changes thereto. The auditor shall may result in risks of material financial performance
evaluate misstatement.
whether the entity’s accounting policies
are appropriate for its
business and consistent with the
applicable financial reporting
framework and accounting policies used in
the relevant industry
 2n Step: Link the risk to assertion level financial statement level to provide a basis for designing
and performing further audit procedures

Assertion level

What is Assertion? FS level

Representations by management,
explicit or otherwise, that are embodied Risks of material misstatement at the
in the financial statements, as used by financial statement level refer to risks
the auditor to consider the different that relate pervasively to the financial
types of potential misstatements that statements as a whole and potentially
may occur. affect many assertions

Example of risk at FS level

What is risk at Assertion level
Risk at assertion level are those
which relate to specific objective of
the financial statements Management override of control
Going concern
Why risk at assertion level
Concerns over the Management
integrity
Risks of material misstatement at the assertion level for
classes of transactions, account balances, and disclosures Management lack competence
need to be considered because such consideration directly Concern about the condition and
assists in determining the nature, timing and extent of further reliability of an entity’s records
audit procedures at the assertion level necessary to obtain
sufficient appropriate audit evidence.

How to obtain UNDERSTANDING OF THE ENTITY AND ITS ENVIRONMENT INCLUDING ITS
INTERNALCONTROL

RISK ASSESSMENT PROCEDURES

The audit procedures performed to obtain an understanding of the entity and its environment, including the entity’s internal control, to
identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and assertion levels

INQUIRY ANALYTICAL PROCEDURES

Inquiries of management, of appropriate
individuals within the internal audit
function (if the function exists), and of
others within the entity who in the
auditor’s judgment may have information
that is likely to assist in identifying risks of
material misstatement due to fraud or
error
Analytical procedures may help
identify the existence of unusual
transactions or events, and amounts,
ratios, and trends that might indicate
matters that have audit implications.
Unusual or unexpected relationships
that are identified may assist the
auditor in identifying risks of material
misstatement, especially risks of
material misstatement due to fraud
OBSERVATION AND INSPECTION
Observation and inspection may
support inquiries of management and
others, and may also provide
information about the entity and its
environment.
 Additional procedure to be performed

 Engagement Partner and other team member shall discuss the susceptibility of entity’s FS to material misstatement
 Engagement partner knowledge on other clients
 Information obtained during client acceptance or continuance process

OBJECTIVE 02: How to ASSESS the ROMM?

Risk can be classified in to Normal risk and significant risk

What is significant risk?

An identified and assessed risk of material misstatement that, in the auditor’s judgment, requires special audit consideration.
In exercising judgment as to which risks are significant risks, the auditor shall consider at least the following

Whether the risk is The degree of Whether the risk

related to recent The Whether the subjectivity in involves significant
Whether the risk is significant complexity of risk involves the transactions that
a risk of fraud economic, transactions significant measurement are outside the
accounting or other transactions of financial normal course of
developments and, with related information business for the
therefore, requires parties such as entity, or that
specific attention accounting otherwise appear
estimates to be unusual
REVISION OF RISK ASSESSEMENT

The auditor’s assessment of the risks of material misstatement at the assertion level may change during the course of the audit as
additional audit evidence is obtained. In circumstances where the auditor obtains audit evidence from performing further audi t
procedures, or if new information is obtained, either of which is inconsistent with the audit evidence on which the auditor originally
based the assessment, the auditor shall revise the assessment and modify the further planned audit procedures accordingly.

WHAT TO DOCUMENT

Key elements of the

The discussion among
the engagement team
about the susceptibility
of the entity’s financial
statements to material
misstatement and
decision reached
understanding obtained
regarding each of the
aspects of the entity and its The identified and assessed
environment and each risk of material The risk identified, and
internal control component, misstatement at financial related control about which
the sources of information statement level and the auditor has obtained an
from which the assertion level understanding
understanding was obtained
and the risk assessment
procedure performed