Professional Documents
Culture Documents
Annexure 04 - Team Planning Meeting Minutes (E) - Edited by Ruwan
Annexure 04 - Team Planning Meeting Minutes (E) - Edited by Ruwan
Objectives of the discussion - To comply with the paragraph 05 of the National Audit Act No 19 of 2018.
among audit team members
and documentation. - Discuss engagement risk consideration, audit approach to be taken and
design the audit plan so that it will be performed in an effective manner in
accordance with the paragraph 05 of the SLAuS 300.
Engagement Team Details of how the matters were communicated to the Absent Date
Members not in Team Member (Refer SLAuS 315 Paragraph 10, A21 – A24)
Attendance
Insert names here (Insert the name of the team member who communicated these Insert the date
matters and how)
1
S/No. Matters to Discuss Record of Discussion Working
File Ref:
All the members of the audit team have been complied with the
01. Ensure that all the team
relevant ethical requirements laid down in the applicable rules &
members are complied
regulations, standards and guidance. / Following team members
with relevant ethical
have not complied with the below mentioned relevant ethical
requirements. (Refer
principles. Therefore, the following measures have been taken to
Section 05 & 09 of the
mitigate those ethical issues.(as the case may be)
National Audit Act,
ISSAI 130, Paragraph
Principles Mitigating Measures
20 of the Sri Lanka
Issues Involved Affected
Standard on Quality
Control 1 – SLSQC,
Paragraph 9 & 10 of
SLAuS 220 and Internal
Circular
AGS/Circ./2019/13
dated 28 October 2019)
All the team members comply with the relevant quality control
02. Compliance with the
procedures applicable for the audit of …………….(Name of the
NAOSL’s Quality Control
Entity)/ The following improvements required to the Institutional/
Procedures established
assignment level(as the case may be) system of quality control to
to enhance Audit Quality.
ensure audit quality.
(Refer ISSAI 140, Sri
Proposed Developments
Lanka Framework for
Audit Quality,SLSQC 1 Issues Identified
& SLAuS 220)
2
S/No. Matters to Discuss Record of Discussion Working
File Ref:
Regulations significantly
affect the operations,
Taxation, Government
Policies, Environment
Requirements)
(c ). Other External Factors
(Such as general economic
conditions, interest rates,
financing, inflation and
currency revaluation)
(d). The nature of the entity.
(Which includes entity’s
operations, ownership &
governance structures)
…………
.
(f). The performance of the entity have been measured
against the budgeted/past years/industry/ similar sized
entity (as the case may be) and following inconsistencies
have been identified.
KPI’s/ Ratios Inconsistencies Identified
3
S/No. Matters to Discuss Record of Discussion Working
File Ref:
of ………………… Performance Materiality of Rs………… had
been calculated by applying ……..% hair cut to the OM. SUM
Posting (trivial) Level of Rs…………….is arrived ………% from
OM. Audit team discussed to review materiality levels during the
audit, update when required and plan further audit procedures.
06
Applicable Financial (a). Applicable FRF of ………………(Name of the Entity) is *SLAS/ N/A
Reporting SLPSAS/ SLAS for SME’s/ SLAS for Smaller Entities/ SoRP
Framework(FRF), List of for Not For Profit Organizations (as the case may be)
Accounting Standards
applicable to the entity, (b). List of Applicable Accounting Standards for the auditee
Major changes and …………
(Format No:……………) had been identified and documented
updates to the FRF and in the working file No…………..
risk of material
misstatements in relation
to financial statements (c ). Following are the list of key recognition, measurement and N/A
disclosures. (Refer disclosure requirements identified due to new or revised
Paragraph 10 & A22 of Standards/ Changes in the entity’s environment, financial
SLAuS 315) condition or activities. (as the case may be)
(i)…………………………………………………………………
(ii).………………………………………………………………
(d). Following are the list of key areas for which difficult in N/A
obtaining sufficient appropriate audit evidence in the past.
N/A
(e ). Following are the list of key complex matters which involve
significant management judgements to recognition,
measurement and disclosures in the financial statements.
(Refer SLAuS 540)
(f) Following are the list of critical areas for selection and
application of accounting policies.
Reason Transaction, events or
key disclosures
(i). Accounting for
significant and unusual
transactions.
(ii). Controversial or
emerging areas for which
lack of authoritative
guidance or practices.
(iii). Changes in
accounting policies
(iv). New financial
reporting standards, laws
and regulations.
4
S/No. Matters to Discuss Record of Discussion Working
File Ref:
The following changes have occurred since the previous audit and
08 Significant changes from
its relevance to the current year audit are as follows.
the prior year and
evaluate their effects on
Changes Effect on the Effect on the financial
the entity’s operations
operations (Business statements (Risk of
and financial statement
Risk) Material Misstatements)
risks. (SLAuS 315
paragraph 9, A12 &
A13).
5
S/No. Matters to Discuss Record of Discussion Working
File Ref:
The following significant issues were discussed during the
11 Progress of review of
COPA/COPE (as the case may be) committee was held
significant matters
on………..(Date). The current progress of which are as follows.
discussed during COPA
and COPE committees.
Present Status
(Refer Section 6(2) of the
National Audit Act) Matters
Discussed
6
S/No. Matters to Discuss Record of Discussion Working
File Ref:
audit, the audit team Proposed Response
has sufficient Risks/ Issues Identified
knowledge of IT
general controls, and
if the nature of the
entity’s control
environment requires
The following IT functions/ systems cannot be audited at the
an assessment of IT
general controls. branch level. Therefore; it is decided to obtain the
assistance from the IT Audit Division.
IT’s involvement in
the completion of key Timing of the Audit
documents including
the risk and response IT Functions/ Systems
document.
Consider whether the
audit team requires
IT Audit to be present
for walkthroughs and
consider the timing.
Cover requirements
for the timing for IT
Audit’s completion of
such procedures.
The following are both known and potential significant risks to the
14 Identification of both
entity.
known and potential
significant risks (Refer
Type of risks Impact to the Proposed
SLAuS 315 paragraph
Risks (known or F/S’s audit
25 – 29) and strategies
identified potential) procedures to
to address the risks
address
identified. (Refer SLAuS
those risks.
330)
Following client produced reports had been used/ will be used (as
16 Discuss the auditee entity
the case may be) for the audit of year…….. and following issues
produced reports for the
had been identified./ No issues had been identified in relation to
audit and how the audit
the client produced reports (as the case may be).
team will evaluate
Name of the Issue with the Proposed Audit
whether the information
is sufficiently reliable, Name of responsible report (eg: Strategy
the officer submit reliability/
including completeness
report the report. accuracy/
and accuracy or any
completeness
limitations imposed/ will
7
S/No. Matters to Discuss Record of Discussion Working
File Ref:
or specify
be imposed and auditor’s
other reasons)
response there on.
(Refer SLAuS 500
paragraph 9)
Based on the above evaluation, the following key issues had been
identified in relation to the audit of group financial statements.
Therefore, following further actions need to be taken, or further
audit works need to be carried out.
An Internal Auditor (IA) had/ had not (as the case may be) been
18 Audit Committee and use
appointed in accordance with the Section 40 of the National Audit
8
S/No. Matters to Discuss Record of Discussion Working
File Ref:
Act.
of Internal Auditor's work.
(Refer Sections 40 & 41
of the National Audit Independence of the Internal Auditor had been secured/ not
Act and SLAuS 610) secured, (as the case may be) since the Internal Auditor reported/
not reported (as the case may be) to the Chief Accounting Officer/
the Head/ the Governing Body (as the case may be).
No of reports
Area/ Operations
Audit Procedures
Criteria
-Whether IA function had been
properly planned, performed,
supervised, reviewed and
documented.
-Whether sufficient
appropriate audit evidence
had been obtained to draw
reasonable conclusions.
-Whether conclusions reached
are appropriate, reports
prepared are consistent with
the results of the work
performed.
-Evaluation of judgements
involved, risk assessment
procedure, objectivity of
internal auditor, level of
competence.
9
S/No. Matters to Discuss Record of Discussion Working
File Ref:
10
S/No. Matters to Discuss Record of Discussion Working
File Ref:
08 Perform substantive audit
procedures
09 Audit completion/ finalization
10 Scheduling a closing
meeting
Date…………… Date……………………...
11
Appendix A: Matters to be Discussed by the audit team in Relation to Fraud (Refer SLAuS 240
paragraph 15, A10-A.11)
The discussion must consider and document the following matters:
An exchange of ideas among engagement team members about how and where the entity’s
financial report may be susceptible to material misstatement due to fraud, how management could
perpetrate and conceal fraudulent financial reporting, and how assets of the entity could be
misappropriated.
Consideration of circumstances that might be indicative of earnings management and the practices that
might be followed by management to manage earnings that could lead to fraudulent financial reporting.
Consideration of the known external and internal factors affecting the entity that may create an incentive or
pressure for management or others to commit fraud, provide the opportunity for fraud to be perpetrated,
and indicate a culture or environment that enables management or others to rationalise committing fraud.
Consideration of management’s involvement in overseeing employees with access to cash or other assets
susceptible to misappropriation.
Consideration of any unusual or unexplained changes in behaviour or lifestyle of management or
employees who have come to the attention of the engagement team.
An emphasis on the importance of maintaining a proper state of mind throughout the audit regarding the
potential for material misstatement due to fraud.
A consideration of how an element of unpredictability will be incorporated into the nature, timing and
extent of the audit procedures to be performed.
A consideration of audit procedures that might be selected to respond to the susceptibility of the entity’s
financial report to material misstatements due to fraud and whether certain types of audit procedures are
more effective than others. (Refer SLAuS 240.A11)
A consideration of any allegations of fraud that have come to the auditor’s attention.
A consideration of the risk of management override of controls.
Material misstatements due to fraud or error that could result from the entity's related party relationships
and transactions (Refer SLAuS 550.12) and the sharing of relevant information about related parties with
other team members (Refer SLAuS 550 paragraph 17)
Whether the entity uses a service organisation. If the entity uses a service organisation, need to inquire of
management of the entity whether the service organization has reported to the entity, or whether the entity
is otherwise aware of, any fraud, non-compliance with laws and regulations or uncorrected misstatements
affecting the financial statements of the entity (Refer SLAuS 402 paragraph 19).
The Engagement Leader must determine which matters are to be communicated to those members not
involved in the discussion (Refer SLAuS 240 paragraph 15).
12
Appendix B: Matters to be Communicated to the Engagement Team (Refer SLAuS 300 paragraph 8(b)
and A 18)
During the meeting the following must be emphasised to the engagement team:
The importance of maintaining an attitude of professional scepticism throughout the audit and recognising
the possibility that a material misstatement due to fraud could exist (Refer SLAuS 200 paragraph 15, A20
– A 24).
The importance of maintaining a proper state of mind through-out the audit regarding the potential for
material misstatement due to fraud (Refer SLAuS 240 paragraph A11).
Unless the auditor has reason to believe the contrary, the auditor may accept records and documents as
genuine. If conditions identified during the audit because the auditor to believe that a document may not
be authentic or that terms in a document have been modified but not disclosed to the auditor, the auditor
shall investigate further (Refer SLAuS 240 paragraph 13).
Where responses to enquiries of management or those charged with governance are inconsistent, the
auditor shall investigate the inconsistencies (Refer SLAuS 240 paragraph 14).
Consideration of how an element of unpredictability will be incorporated into the nature, timing and extent
of the audit procedures to performed. (Refer SLAuS 240 paragraph 29(C ) and A 36).
Consideration of the audit procedures that might be selected to respond to the susceptibility of the entity’s
financial report to material misstatements due to fraud and whether certain types of audit procedures are
more effective than others (Refer SLAuS 240 paragraph A 11).
Auditors must be aware of the restrictions and level of protection required for the security classified
information that comprises audit evidence for your client, especially if the information is classified
overprotected. (Refer Section 9 of the National Audit Act No 19 of 2018) For example, some security
classified information may not be able to be stored in Audit Files and some documents may not be
removed from the client's premises.
13
Appendix C Matters to discuss/consider if engaging IT audit
The nature, timing and extent of IT Audit personnel participation in the audit.
The nature and extent of IT Audit review of the work performed.
Issues that should be given particular attention.
How key risks identified as a result of IT Audit work are appropriately included in the risk and response
document with an appropriate response.
How control weaknesses identified should be documented and reported.
The nature, extent and manner in which the Divisional Head (IT Audit) and SA (IT Audit) will review the
results of the work performed.
How IT Audit work will be documented in the risk and response document.
Considerations for determining participation by IT audit in the financial statement audit
Participation by IT Audit personnel normally would include completing and/or advising the assurance team on
many of the following:
Developing the audit approach, including input to the risk and response document focusing on identifying
risks and linking risks auditing responses.
Gathering and documenting information about the auditee institution objectives, related risks, systems and
controls (both application and Information Technology General Controls), including meetings with the
officers of auditee institution where appropriate e.g. with the Chief Information Officer.
Assessing and advising the team on the impact of significant system changes on the risks identified.
Testing controls (including application and Information Technology General Controls).
Validating controls (including application and Information Technology General Controls.
Evaluating Controls weaknesses.
Reviewing the risk and response document to ensure that comfort obtained from controls work is
appropriately reflected.
Supporting execution of other relevant aspects of the audit approach.
To further illustrate these points:
Complex Systems (ie Less Complex Systems
High/Medium Complexity
Rating
Possible IT Audit Participation
Auditors IT Audit Auditors IT Audit
Identify and document significant Combined team X *
processes and systems
Document and evaluate controls other Combined team X *
than Information Technology General
controls, for example application
controls
Validate controls Combined team X *
Document, evaluate and validate X Combined team
Information Technology General
Controls
* Consider using IT Audit personnel if there is uncertainty on the level of complexity and the approach to adopt
or if assistance is required in documenting, evaluating and testing of controls.
14
15