Professional Documents
Culture Documents
BA4 - CONTROLS - LMS - BOOK - 03 External Audit - Part 02
BA4 - CONTROLS - LMS - BOOK - 03 External Audit - Part 02
Code BA4/BK/18
CARRYING OUT AN EXTERNAL AUDIT
PLANNING
ELEMENTS
PRELIMINARY PLANNING
ENGAGEMENT ACTIVITIES
COMPLIANCE DEVELOPING
TERMS OF
WITH ETHICAL AUDIT
ENGAGEMENT
REQUIREMENTS STRATEGY
DEVELOPING
AUDIT PLAN
Planning ensures that the risk of performing a poor quality audit (and ultimately giving an inappropriate
audit opinion) is reduced to an acceptable level.
• Planning activities:
The audit strategy sets the scope, timing and direction of the audit. It allows the auditor to
determine the following:
• the resources to deploy for specific audit areas {e.g. experience level, external experts)
How the resources are managed, directed and supervised, including the timings of meetings,
debriefs and reviews.
Once the audit strategy has been established, the next stage is to dev specific, detailed plan to
address how the various matters identified in overall strategy will be applied.
The strategy sets the overall approach to the audit, the plan fills in the operational details of how
the strategy is to be achieved.
Its purpose is to
• minimise the risk of any misunderstanding between the auditor and client
• confirm acceptance of the engagement
• set out the terms and conditions of the engagement.
It should be reviewed every year to ensure that it is up to date but does need to be reissued every
year unless there are changes to the terms of' engagement. The auditor must issue a new
engagement letter if the scope or context of the assignment changes after initial appointment.
• Arrangements concerning the involvement of internal auditors and other staff of the entity.
• Limitations to the auditor's liability.
Those charged with governance' includes the directors of a company the members of its Audit
Committee where one exists.
Communication shall be in any appropriate form, although the matters that must be communicated
with regards to independence for listed clients must be communicated in writing.
A written representation is: a written statement by management pro to the auditor to confirm certain
matters or to support other audit evidence.
• to obtain evidence that management, and those charged with governance, have fulfilled
their responsibility (as agreed and acknowledged in the terms of the audit engagement) for
the preparation of the financial statements, including:
- preparing the financial statements in accordance with an applicable financial reporting
framework;
- providing the auditor with all relevant information and access records
- recording all transactions and reflecting them in the financial statements.
• to support other audit evidence relevant to the financial statements determined necessary
by the auditor.
A representation to support other audit evidence may be appropriate more reliable forms of evidence
are not available, particularly in relation to matters requiring management judgement or knowledge
restricted to management. Examples include:
• plans or intentions that may affect the carrying value of assets ex liabilities
• formal confirmation of the directors' judgement on contentious e.g. the value of assets
where there is a risk of impairment
• aspects of laws and regulations that may affect the financial statements, including
compliance.
Note that written representations cannot substitute for more reliable evidence that should be available
and do not constitute sufficient appropriate evidence on their own, about any of the matters with which
they deal.
In practice, the auditor will often draft the written representations letter but it must be printed on client
headed paper and signed by the client.
The letter must be signed by an appropriate senior member of client management, with appropriate
responsibilities for the financial statements and knowledge of the matters concerned. This would
normally be the chief executive and chief financial officer.
The date of the written representation letter should be the same as the date the financial statements
are authorised. It must be obtained (and signed) before the audit report is finalised.
As discussed above one of the objectives of an auditor is to express an opinion which is executed
through a written report.
When the auditor concludes that the financial statements are prepared, in all material respects, in
accordance with the applicable financial reporting framework they issue an unmodified opinion in the
audit report.
If there are no other matters which the auditor wishes to draw to the attention of the users, they will
issue an unmodified report.
• Modified without modifying the opinion – the financial statements show a true and fair view but there
is something that needs to be brought to the attention of the user by way of an additional paragraph.
• Modified with a modified opinion – the financial statements don’t fully show a true and fair view or
the auditor has not obtained sufficient appropriate evidence to make that conclusion.
This covers reporting deficiencies in internal control that have been identified during the course of the
audit. It is a by-product of the audit and may not be a comprehensive list of deficiencies.
This report, traditionally known as a management letter, is usually sent at the end of the audit process.
• A covering letter.
• Appendices showing, typically in tabular format, the control deficiencies, implications and
recommendations for improvement.
• Deficiency
• Consequences
• Recommendations
• The report is not a comprehensive list of deficiencies, but only those that have come to light
during normal audit procedures.
• The report is for the sole use of the company.
• No disclosure should be made to a third party without the written agreement of the auditor.
• No responsibility is assumed to any other parties.
Availability of report Publicly available Not publicly available. Usually only seen
by management or those charged with
governance
Scope of work Verifying the truth and Wide in scope and dependent on
fairness of the financial management's requirements
statements.
Appointment and By the shareholders of the By the audit committee or board of
removal company. directors
Relationship with Must be independent of May be employees (which limits
company the company independence) or s' outsourced
function (which enhances
independences)
Leadership
1. The management of a firm should be accountable to the firm's owners and no individual
should have unfettered powers of decision.
2. A firm should have effective management which has responsibility and clear authority for
running the firm.
Values
1. A firm should perform quality work by exercising judgement and upholding values of integrity,
objectivity, professional competence and due care, confidentiality and professional behaviour
in a way that properly takes the public interest into consideration.
2. A firm should publicly commit itself to this Audit Firm Governance Code.
3. A firm should maintain a culture of openness which encourages people to consult and share
problems, knowledge and experience in order to achieve quality work in a way that properly
takes the public interest into consideration.
Operations
1. A firm should comply with professional standards and applicable legal and regulatory
requirements.
2. A firm should maintain a sound system of internal control and risk management over the
operations of the firm as a whole to safeguard the owners' investment and the firm's
assets.
3. A firm should apply policies and procedures for managing people across the whole firm that
support its commitment to the professionalism, openness and risk management principles
of this Audit Firm Governance Code.
4. A firm should establish and apply confidential whistleblowing policies and procedures across
the firm which enable people to report, without fear, concerns about the firm's commitment
to quality work and professional judgement and values in a way that properly takes the public
interest into consideration.
Reporting
1. The management team of a firm should ensure that members of its governance structures,
including owners and independent non-executives, are supplied with information in a timely
manner and in a form and of a quality appropriate to enable them to discharge their duties.
3. The management of a firm should publish on an annual basis a balanced and understandable
commentary on the firm's financial performance, position and prospects.
4. A firm should publicly report how it has applied in practice each of the principles of the Audit
Firm Governance Code and make a statement on its compliance with the Code's provisions or
give a considered explanation for any non-compliance.
5. A firm should establish formal and transparent arrangements for monitoring the quality of external
reporting and for maintaining an appropriate relationship with the firm's auditors.
Dialogue
1. A firm should have dialogue with listed company shareholders, aswell as listed companies and
their audit committees, about matters covered by this Audit Firm Governance Code to enhance
mutual communication and understanding and ensure that it keeps in touch with shareholder
opinion, issues and concerns.
2. Shareholders should have dialogue with audit firms to enhance mutual communication and
understanding.
3. Shareholders should have dialogue with listed companies on the process of recommending
the appointment and re-appointment of auditors and should make considered use of votes in
relation to such recommendations.