CHAPTER 9

RISK ASSESSMENT - PART I

PHASE I-A PERFORMANCE OF PRELIMINARY ENGAGEMENT ACTIVITIES

Introduction

At the beginning of the current audit engagement, the auditor should perform the following activities:

a. Perform procedures required by PSA 220, "Quality Control of an Audit of Financial Statements"
regarding the continuance of the client relationship and the specific audit engagement.

b. Evaluate compliance with ethical requirements, including independence as required by PSA 220.

c. Establish an understanding of the terms of engagement as required by PSA 210, "Agreeing the Terms
of Audit Engagements."

Client Selection and Retention

The auditor's consideration of client continuance and ethical requirements, including independence, occurs
throughout the performance of the audit engagement as conditions and changes in circumstances occur.
However, the auditor's initial procedures on both client continuance and evaluation of ethical requirements
(including independence) are performed prior to performing other significant activities for the current audit
engagement. For continuing audit engagements, such initial procedures often occur shortly after (or in
connection with) the completion of the previous audit.

The purpose of performing these preliminary engagement activities is to help ensure that the auditor has
considered any events or circumstances that may adversely affect the auditor's ability to plan and perform the
audit engagement to reduce audit risk to an acceptably low level.

Performing these preliminary engagement activities helps to ensure that the auditor plans an audit engagement
for which:

• The auditor maintains the necessary independence and ability to perform the engagement
• There are no issues with management integrity that may affect the auditor's willingness to
continue the engagement.
• There is no misunderstanding with the client as to the terms of the engagement.
Most CPA firms are desirous and anxious to obtain new clients. Some new engagements are easily obtained
through business transactions such as the acquisition of a company by an existing client and the client's desire to
have the entire audit performed by one CPA firm. Others are obtained competitively through social contacts
which lead to a request that the CPA firm submit a proposal for performing the company's annual audit. Such
prospective clients may range from start-up companies seeking a first audit to long-established companies
seeking replacement of their current auditor.

Client Acceptance/Retention Decisions

Another element of quality-control deals with accepting and retaining clients. This decision should involve
more than just a consideration of management's integrity. Strict client acceptance/continuance guidelines should
be established to screen out the following:

• Clients that are in financial and/or organizational difficulty - For example, clients that could go
bankrupt or clients with poor internal accounting controls and sloppy records
• Clients that constitute a disproportionate percentage of the firm's total practice - Clients may
attempt to influence the auditor into allowing unacceptable accounting practices or issuing
inappropriate opinions.
• Disreputable clients - External audit firms cannot afford to have their good reputation tarnished
by serving a disreputable client or by associating with a clear that has disreputable management.
• Clients that offer an unreasonably low free for the auditor's services-In response, the auditor may
attempt to cut corners imprudently or lose money on the engagement. Conversely, auditors may
bid for audits at unreasonably low prices.

Audit Firm Limitations

An external audit firm should not undertake an engagement that it is not qualified to handle. Doing so is
especially important for smaller, growing firms that may be tempted to agree to conduct an audit for which they
are not qualified or not large enough to perform. Statistics show that firms covered by a professional liability
insurance plan that are most susceptible to litigation are those with staffs of eleven to twenty-five auditors. They
appear to become overzealous, leading to low audit quality and exposure to subsequent litigation,

It is essential for a CPA firm to maintain its integrity, objectivity and reputation for providing high quality
services. No auditor can afford to be regularly associated with clients who are engaging in management fraud or
other unlawful activities. Before accepting an engagement, the CPA should investigate the history of the
prospective client, including such matters as the identities and reputation of the directors, officers, and major
shareholders. To help assess engagement risk, the auditors generally obtain management's permission to make
inquiries of other third parties (eg, client's banker or legal counsel) about a prospective client. Generally, CPAs
choose to avoid engagements entailing a relatively high engagement risk; others may accept such engagements,
recognizing the need to expand audit procedures to offset the unusually high levels of risk.

To reduce their own business risk, public accounting firms try to carefully manage their audit engagements. An
important element of a public accounting firm's quality control policies and procedures is a system for deciding
whether to accept a new client and, on a continuing basis, deciding whether to continue providing services to
existing clients. Public accounting firms are not obligated to accept undesirable clients, nor are they obligated to
continue to serve clients when relationships deteriorate or when the management comes under a cloud of
suspicion.

In addition to evaluating engagement risk, the auditor should assess whether they can complete the audit in
accordance with the Philippine Standard: on Auditing which are based on international Standards on Auditing.
The CPA must determine whether there are conditions that would prevent them from performing an independent
audit of the client. Consideration will also be given to whether the partners and staff have the necessary
competence and capability to conduct the audit.

In summary, before accepting an engagement with a new client, the CPA firm shall assess whether it

1. is competent to perform the engagement and has the capabilities, including time and resources to do so,

2. can comply with the relevant ethical requirements, and

3. has considered the integrity of the client and does not have information that would lead it to conclude that
the client lacks integrity

The CPA firm shall likewise establish whether the preconditions for an audit are present such as:

• Whether the financial reporting framework to be applied in the financial statements are
acceptable;
• Agreement of management that it acknowledges and understands its responsibility,
o 1. for the preparation of financial statements in accordance with applicable financial
reporting framework including where relevant to their fair presentation,
o 2. for such internal control as management determines is necessary to enable the
preparation of financial statements that are free from material misstatement whether due
to fraud or error, and
o 3. to provide the auditor with:
 ▪ (a) Access to all information of which management is aware that is relevant to the
preparation of financial statements such as records, documentation and other
matters
▪ (b) Additional information that the auditor may request from management for the
purpose of the audit, and
▪ (c) Unrestricted access to persons within the entity from whom the auditor
determines it necessary to obtain audit evidence.

Engagement letter

The engagement letter, which includes the audit free, also includes a description of the timing of the external
auditor's work and a description of documentation that the client is expected to provide to the external auditor.
In writing an engagement letter, care should be taken when describing the degree of responsibility the auditor
takes with respect to discovering fraud and misstatements. If the client wants its auditors to go beyond the
requirements of the auditing standards, the auditors should have their attorneys review the wording to make sure
that it says not only what is intended but also what is possible.

As a final step, the CPA firm will confer and agree with management or those charged with governance the
appropriate terms of the audit engagement

The agreed terms of the audit engagement shall be recorded in an audit engagement letter or other suitable form
of written agreement and shall include:

(a) The objective and scope of the audit of the financial statements;

(c) The responsibilities of the auditor,

(e) The responsibilities of management,

(d) Identification of the applicable financial reporting framework for the preparation of the financial
statements, and

(e) Reference to the expected form and content of any reports to be issued by the auditor and a statement
that there may be circumstances in which a report may differ from its expected form and content.

Figure 9-1 shows an illustration of an Audit Engagement Letter.

Recurring Audits

On recurring audits, the auditor shall assess whether circumstances require the terms of the audit engagement to
be revised and whether there is a need to remind the entity of the existing terms of the audit engagement. The
auditor shall not agree to the change in the terms of the audit engagement where there is no reasonable
justification for doing so.

If the terms of audit engagement are changed, auditor and management shall agree on and record the new terms
of the engagement in an engagement letter or other suitable form of written agreement.

If the auditor is unable to agree to a change in the terms of the audit engagement and is not permitted by
management to continue the original audit engagement, the auditor shall:

(a) Withdraw from the audit engagement where withdrawal is possible under applicable law or
regulation; and

(b) Determine whether there is any obligation, either contractual or otherwise, to report the
circumstances to other parties, such as those charged with governance, owners or regulators.

Figure 9-1: Illustrative Engagement Letter

PHASE I-B: PLANNING THE AUDIT TO DEVELOP AN OVERALL AUDIT STRATEGY AND AUDIT
PLAN

PHASE I-B

Introduction

Once the client has been obtained and the engagement letter signed by both parties (auditor and client), the
planning process intensifies as the auditors concentrate their efforts in obtaining a detailed understanding of the
client's business in developing an overall audit strategy and assess the risks of material misstatement of the
financial statements.

PSA 300, "Planning an Audit of Financial Statements" establishes standards and provides guidance on the
considerations and activities applicable to planning and audit of financial statements. It states that the auditor
should plan the audit so that the engagement will be performed in an effective manner.

The auditor-in-charge must develop a "plant of action" to organize, coordinate, and schedule activities of the
audit staff. An audit plan is normally drafted prior to starting the work at the client's offices.

Nature and Scope of Audit Planning

Audit planning involves the establishment of the overall audit strategy for the engagement and developing an
audit plan, in order to reduce audit risk to an acceptably low level. Planning involves the engagement partner
and other key members of the engagement team to benefit from their experience and insight and to enhance the
effectiveness and efficiency of the planning process.

The nature and extent of planning activities will vary according to the size and complexity of the entity, the
auditor's previous experience with the entity, and changes in circumstances that occur during the audit
engagement

Planning is a continuous and iterative process that often begins shortly after or in connection with the
completion of the previous audit and continues until the completion of the current audit engagement. However,
in planning an audit, the auditor considers the timing of certain planning activities and audit procedures that
need to be completed prior to the performance of further audit procedures. For example, the auditor plans the
discussion among engagement team members, the analytical procedures to be applied as risk assessment
procedures, the obtaining of a general understanding of the legal and regulatory framework applicable to the
entity and how the entity is complying with that framework, the determination of materiality, the involvement of
experts and the performance of other risk assessment procedures prior to identifying and assessing the risks of
material misstatement and performing further audit procedures at the assertion level for classes of transactions,
account balances, and disclosures that are responsive to those risks.

The auditor may decide to discuss elements of planning with the entity's management to facilitate the conduct
and management of the audit engagement (for example, to coordinate some of the planned audit procedures
often occur, the overall audit strategy and the audit plan remain the auditor's responsibility

Benefits of Audit Planning

Audit planning generally involves the determination of the expected nature, timing and extent of the audit.
Among the benefits derived from audit planning are the following:

(a) It helps ensure that appropriate attention is devoted to important areas of the audit.

(b) It aids in identifying potential problems and resolving them on a timely basis.

(c) It helps ensure that the audit is properly organized, managed and performed in an effective and efficient
manner.

(d) It assists in the proper assignment and review of the work of the engagement team members.

(e) It helps coordinate the work to be done by auditors of components and other parties involved such as
experts, specialists, etc.

The Overall Audit Strategy

PSA 300 requires that the auditor establishes the overall strategy for the audit. This overall audit strategy sets
the scope, timing and direction of the audit and guides the development of the more detailed audit plan. In
developing the audit strategy, the auditor considers the results of the preliminary activities described in the
preceding section. The process of establishing the audit strategy involves

a. Identifying the characteristics of the engagement that define its scope.

Examples are:

1. The financial reporting framework

2. Industry specific reporting requirements, and

3. The locations of the components of the entity.

 b. Ascertaining the reporting objectives of the engagement to plan the timing of the audit and the nature
of the communication required such as:

1. Deadlines for interim and final reporting, and

2. Key dates and organization of meetings with management and those charged with governance
to discuss the nature and extent of audit work.

3. Discussion with management regarding the expected communication on the status of audit
work throughout the engagement.

c. Considering the important factors that will determine the focus and direction of the engagement teams
efforts, such as

1. Determination of appropriate materiality levels

2. Preliminary identification of areas where there may be higher risks of material misstatement

3. Preliminary identification of material components and account

balances

4. Evaluation of whether the auditor may plan to obtain evidence

regarding the effectiveness of internal control, and

5. Identifications of recent significant entity-specific, industry, financial

reporting or other relevant developments

d. Considering the results of preliminary engagement activities and, where applicable, whether
knowledge gained on other engagements performed by the engagement partner for the entity is relevant,
and

e. Ascertaining the nature, timing and extent of resources necessary to perform the engagement

Benefits of Developing the Audit Strategy

• The resources to deploy for specific audit areas, such as the use of appropriately experienced team
members for high risk areas of the involvement of experts on complex matters
• The amount of resources to allocate to specific audit areas, such as the number of team members
assigned to observe the inventory count at material locations, the extent of review of other auditors'
work in the case of group audits, or the audit budget in hours to allocate to high risk areas:
 • When these resources are to be deployed, such as whether at an interim audit stage or at key cut-off
dates, and
• How such resources are managed, directed and supervised, such as when team briefing and debriefing
meetings are expected to be held, how engagement partner and manager reviews are expected to take
place (for example, on-site or off-site), and whether to complete engagement quality control reviews

Once the overall audit strategy has been established, an audit plan can be developed to address the various
matters identified in the overall audit strategy. taking into account the need to achieve the audit objectives
through the efficient use of the auditor's resources. The establishment of the overall audit strategy and the
detailed audit plan are not necessarily discrete or sequential processes, but are closely inter-related since
changes in one may result in consequential changes to the other.

In audits of small entities, the entire audit may be conducted by a very small audit team. Many audits of small
entities involve the engagement partner (who may be a sole practitioner) working with one engagement team
member (or without any engagement team members). With a smaller team, co-ordination of and communication
between, team members are easier. Establishing the overall audit strategy for the audit of a small entity need not
be a complex or time consuming exercise, it varies according to the size of the entity the complexity of the
audit, and the size of the engagement team. For example, a brief memorandum prepared at the completion of the
previous audit, based on a review of the working papers and highlighting issues identified in the audit just
completed, updated in the current period based on discussions with the owner manager, can serve as the
documented audit strategy for the current audit engagement if it covers the matters noted in paragraph 7 of PSA
300.

A. Application of the Concept of Materiality to Audit

PSA 320, "Materiality in Planning and Performing an Audif establishes standards and deals with the auditor's
responsibility to apply the concept of materiality in planning and performing an audit of financial statements.

To reiterate the importance of the concept of materiality to audit, the definition of materiality in accordance with
the FRSC's "Framework for the Preparation and Presentation of Financial Statements" follows:

"Information is material if its omission or misstatement could influence the economic decisions of users taken
on the basis of the financial statements. Materiality depends on the size of the item or error judged in the
particular circumstances of its omission or misstatement. Thus, materiality provides a threshold or cut-off point
rather than being a primary qualitative characteristic which information must have if it is to be useful."

This definition emphasizes the importance of materiality to reasonable users who rely on the statements to make
decisions. Auditors, therefore, must have knowledge of the likely uses of their client's statements and the
decisions that are being made.

Materiality involves both quantitative and qualitative considerations. In assessing the quantitative importance of
a misstatement, it is necessary to relate the peso amount of the error to the financial statements under
examination, Qualitative considerations, on the other hand, relate to the causes of misstatement. An error that
may not be material quantitatively. may be material qualitatively. This may occur, for instance, when the
misstatement is attributed to an irregularity or an illegal act by the client.

The objective of an audit of financial statements is to enable the auditor to express an opinion whether the
financial statements are prepared, in all material respects, in accordance with an identified financial reporting
framework. The assessment of what is material is a matter of professional judgment.

In planning the audit, materiality should be considered by the auditor when:

(a) determining the nature timing and extent of audit procedures;

(b) identifying and assessing the risks of material misstatement, and

(c) determining the nature, timing and extent of further audit.

The auditor's determination of materiality is a matter of professional judgment and is affected by the auditor's
perception of the financial information needs of users of the financial statements. In this context, it is reasonable
for the auditor to assume that users:

(a) Have a reasonable knowledge of business and economic activities and accounting and a willingness to study
the information in the financial statements with renewable diligence;

(b) Understand that financial statements at prepared mud and audited to levels of materiality,

(c) Recognize the uncertainties inherent in the measurement of amounts based on the use of estimates, judgment
and the consideration of future events; and

(d) Make reasonable economic decisions on the basis of the information in the financial statements.
Levels of Materiality

The auditor assesses materiality at two levels:

• First is the overall materiality (or materiality level for the financial statements as a whole)
• Second is the specific materiality (or materiality level for particular classes of transactions, account
balances or disclosures)

The auditor considers materiality at both the overall financial statement level and in relation to individual
account balances, classes of transactions and disclosures. Materiality may be influenced by considerations such
as legal and regulatory requirements and considerations relating to individual financial statement account
balances and relationships. This process may result in different materiality levels depending on the aspect of the
financial statements being considered.

1. Overall materiality

Materiality for the financial statements as a whole (overall materiality) is based on the auditor's professional
judgment as to the highest amount of misstatement(s) that could be included in the financial statements without
affecting the economic decisions taken by a financial statement user. If the amount of unconnected
misstatements, either individually or in the aggregate, is higher than the overall materiality established for the
engagement, it would mean that the financial statements are materially misstated.

Overall materiality is based on the common financial information needs of the various users as a group.
Consequently, the possible effect of misstatements on specific individual users, whose needs may vary widely,
is not considered.

2. Specific materiality

In some cases, there may be a need to identify misstatements of lesser amounts than overall materiality that
would affect the economic decisions of financial statement users. This could relate to sensitive areas such as
particular note disclosures (i.c., management remuneration or industry-specific data), compliance with
legislation or certain terms in a contract, or transactions upon which bonuses are based. It could also relate to
the nature of a potential misstatement.

PSA 320 likewise requires that performance materiality be set.

Performance Materiality

Performance materiality is used by the auditor to reduce the risk to an appropriate low level that the
accumulation of uncorrected and unidentified misstatements exceeds materiality for the financial statements as
a whole (overall materiality), or materiality levels established for particular classes of transactions, account
balances, or disclosures (specific materiality).

Performance materiality is set at a lower amount (or amounts) than overall specific materiality. The objective is
to perform more audit work than would be required by the overall or a specific materiality to:

• Ensure that misstatements less than overall or specific materiality are detected, so as to appropriately
reduce the probability that the aggregate of uncorrected errors and undetected misstatements exceed
materiality for the financial statements as a whole; and thus
• Provide a margin or buffer for possible undetected misstatements. This buffer is between detected but
uncorrected misstatements in the aggregate and the overall or specific materiality.

The margin provides some assurance for the auditor that undetected misstatements, along with all uncorrected
misstatements, will not likely accumulate to reach an amount that would cause the financial statements to be
materially misstated.

Performance materiality is set in relation to overall materiality or specific materiality. For example, a specific
performance materiality can be set at a lower amount than overall performance materiality for testing repairs
and maintenance expenses if there is a higher risk of assets not being capitalized. Specific performance
materiality may also be used to perform additional work in areas that may be sensitive due to the nature of
potential misstatements and their occurrence, rather than their monetary size.

For example, if overall materiality was set at P200,000 and the audit procedures were planned to detect all
errors in excess of P200,000, it is quite possible that an error of say P80,000 would go undetected. If three such
errors existed totaling to P240,000, the financial statements would be materially misstated. If performance
materiality was set at P120,000, it would be much more likely that at least one or all of the P80,000 errors
would be detected. Even if only one of the three errors is identified and corrected, the remaining P160,000
misstatement would still be less than P200,000 and the financial statements as a whole would not be materially
misstated.
How to Determine Materiality

Auditors make a preliminary assessment of materiality of the financial statements as a whole by determining the
amount by which they believe the financial statements could be misstated without affecting users' decisions.
This amount is called "preliminary judgment about materiality" or "planning materiality" This judgment need
not be quantified but often is It is called a preliminary judgment about materiality because it is a professional
judgment and may change during the engagement if circumstances change. The reason for determining
"planning materiality is to help the auditor plan the appropriate evidence to accumulate. If the auditor sets a low
peso amount, more evidence is required than for a high amount.

In establishing planning materiality or preliminary judgment about materiality, an auditor must also consider
any potential effect a misstatement might have which may be greater than the peso amount involved. A
misstatement which may not be material based on quantitative factors but that does not allow a client to meet a
condition in a contractual obligation or expectations of a financial statement user may be considered material. In
these instances, amount of planning materiality based on the users expectations of income or alter those
working on the engagement to the potential for these types of material misstatement.

Rules of Thumb (For Use as a Starting Point)

Overall Specific Performance

Materiality is a matter of Establish a lower, specific No specific guidance is

professional judgment rather
than a mechanical existence.
As a result, no specific
guidance is provided in the
PSA. However, profit from
continuing profit from
continuing operations (3% to
7%) is often used in practice as
having the greatest
significance to financial
statement users. If this is not a
useful measure (such as for a
not-for-profit entity or where
materiality amount (based on provided in the PSAs.
professional judgment) for the Percentages range from 60%
audit of specific or sensitive (of overall or specific
financial statement areas. materiality). where there is a
higher risk of material
misstatement, up to 85% where
the assessed risk of material
misstatement is less.
 profit is not a stable base), then
consider other bases such as:
• Revenues or
expenditures-1% to 3%
• Assets-1% to 3% .
• Equity-3% to 5%

Other Considerations

• When accepting new audit engagement, inquire about the overall materiality used by the previous
auditor. If available, this would help in determining whether further audit procedures may be required on
the opening asset and liability balances.
• Ensure that any experts employed by the entity (to assist the entity in preparing the financial statements)
or used by the audit team are instructed to use an appropriate materiality level in relation to the work
they perform.

Relationship between Materiality and Audit Risk

When planning the audit, the auditor considers what would make the financial statements materially misstated.
The auditor's assessment of materiality, related to specific account balances and classes of transactions, helps
the auditor decide such questions as what items to examine and whether to use sampling and analytical
procedures. This enables the auditor to select audit procedures that, in combination, can be expected to reduce
audit risk to an acceptably low level.

There is an inverse relationship between materiality and the level of audit risk, that is, the higher the materiality
level, the lower the audit risk and vice versa. The auditor takes the inverse relationship between nateriality and
audit risk into account when determining the nature, timing and extent of audit procedures For example, if, after
planning for specific audit. procedures, the auditor determines that the acceptable materiality level is lower,
audit risk is increased.
The auditor would compensate for this by either:

(a) reducing the assessed level of control risk, where this is possible, and supporting the reduced level by
carrying out extended or additional tests of control; or

(b) reducing detection risk by modifying the nature, timing and extent of planned substantive procedures.

B. Audit Plan

The auditor should develop an audit plan for the audit in order to reduce audit risk to an acceptably low level.

The audit plan shall include a description of:

(a) The nature, timing and extent of planned risk assessment procedures, as determined under PSA 315,
"Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its
Environment."

(b) The nature, timing and extent of planned further audit procedures at the assertion level, as determined under
PSA 330, "The Auditor's Responses to Assessed Risks."

(c) Other planned audit procedures that are required to be carried out so that the engagement complies with
PSAs.

The auditor shall update and change the overall audit strategy and the audit plan as necessary during the course
of the audit.

The auditor shall plan the nature, timing and extent of direction and supervision of engagement team members
and the review of their work.

The auditor shall document:

(a) The overall audit strategy:

(b) The audit plan; and

(c) Any significant changes made during the audit engagement to the overall audit strategy or the audit plan, and
the reasons for such changes.

Once the audit strategy has been established, the auditor is able to start the development of a more detailed audit
plan to address the various matters: identified in the audit strategy, taking into account the need to achieve the
objectives through the efficient use of the auditor's resources. Although the auditor ordinarily establishes the
audit strategy before developing the detailed audit plan, the two planning activities are not necessarily discrete
or sequential processes but are closely inter-related since changes in one may result in consequential changes to
the other.

The audit plan is more detailed than the audit strategy and includes the nature, timing and extent of audit
procedures to be performed by engagement team members in order to obtain sufficient appropriate audit
evidence to reduce audit risk to an acceptably low level. Documentation of the audit plan also serves as a record
of the proper planning and performance of the audit procedures that can be reviewed and approved prior to the
performance of further audit procedures.

Direction, Supervision and Review

The auditor should plan the nature, timing and extent of direction and supervision of engagement team members
and review of their work.

The nature, timing and extent of the direction and supervision of engagement team members and review of their
work vary depending on many factors, including:

• The size and complexity of the entity.

• The area of the audit.
• The assessed risks of material misstatement (for example, an increase in the assessed risk of material
misstatement for a given area of the audit ordinarily requires a corresponding increase in the extent and
timeliness of direction and supervision of engagement team members, and a more detailed review of
their work).
• The capabilities and competence of the individual team members performing the audit work. PSA 220
contains further guidance on the direction, supervision and review of audit work.

Changes to Planning Decisions during the Course of the Audit

The overall audit strategy and the audit plan should be updated and changed as necessary during the course of
the audit.

Planning an audit is a continual and iterative process throughout the audit engagement. As a result of
unexpected events, changes in conditions, or the audit evidence obtained from the results of audit procedures,
the auditor may need to modify the overall audit strategy and audit plan, and thereby the resulting planned
nature, timing and extent of further audit procedures. Information may come to the auditor's attention that
differs significantly from the information available when the auditor planned the audit procedures. For example,
the auditor may obtain audit evidence through the performance of substantive procedures that contradict the
audit evidence obtained with respect to the testing of the operating effectiveness of controls. In such
circumstances, the auditor reevaluates the planned audit procedures, based on the revised consideration of
assessed risks at the assertion level for all or some of the classes of transactions, account balances or
disclosures.

Consideration Specific to Smaller Entities

In audits of small entities, an audit may be carried out entirely by the audit engagement partner (who may be a
sole practitioner). In such situations, questions of direction and supervision of engagement team members and
review of their work do not arise as the audit engagement partner, having personally conducted all aspects of the
work, is aware of all material issues. The audit engagement partner (or sole practitioner) nevertheless needs to
be satisfied that the audit has been conducted in accordance with PSAS. Forming an objective view on the
appropriateness of the judgments made in the course of the audit can present practical problems when the same
individual also performed the entire audit. When particularly complex or unusual issues are involved, and the
audit is performed by a sole practitioner, it may be desirable to plan to consult with other suitably- experienced
auditors or the auditor's professional body.

A suitable, brief memorandum may serve as the documented strategy for the audit of a smaller entity. For the
audit plan, standard audit programs or checklists (see paragraph A18 of PSA 300) drawn up on the assumption
of few relevant control activities, as is likely to be the case in a smaller entity, may be used provided that they
are tailored to the circumstances of the engagement, including the auditor's risk assessments.

Documentation

The auditor should document the overall audit strategy and the audit plan, including any significant changes
made during the audit engagement.

The auditor's documentation of the overall audit strategy records the key decisions considered necessary to
properly plan the audit and to communicate significant matters to the engagement team. For example, the
auditor may summarize the overall audit strategy in the form of a memorandum that contains key decisions
regarding the overall scope timing and conduct of the audit.

The auditor's documentation of any significant changes to the originally planned overall audit strategy and to
the detailed audit plan includes the reasons for the significant changes and the auditor's response to the events,
conditions, or results of audit procedures that resulted in such changes. For example, the auditor may
significantly change the plan. overall audit strategy and the audit plan as a result of a material business
combination or the identification of a material misstatement of the financial statements. A record of the
significant changes to the overall audit strategy and the audit plan, and resulting changes to the planned nature,
timing and extent of audit procedures, explains the overall strategy and audit plan finally adopted for the audit
and demonstrates the appropriate response to significant changes occurring during the audit.

The form and extent of documentation depend on such matters as the size and complexity of the entity,
materiality, the extent of other documentation, and the circumstances of the specific audit engagement

Additional Considerations in Initial Audit Engagements

The auditor should perform the following activities prior to starting an initial audit;

(a) Perform procedures regarding the acceptance of the client relationship and the specific audit engagement
[see PSA 220 for additional guidance]

(b) Communicate with the previous auditor, where there has been a change of auditors, in compliance with
relevant ethical requirements.

Other Critical Matters in Engagement Planning

1. Application of Analytical Procedures in Planning the Audit

The purpose of applying analytical procedures in planning the audit is to assist in understanding the business
and in identifying areas of potential risk. It will therefore assist the auditor in planning the nature, time, and
extent of auditing procedures that will be used to obtain evidential matter for specific account balances or
classes of transactions. By identifying such things as the existence of unusual transactions and events, and
amount ratios and trends, matters that have financial statement and audit planning ramifications might be
brought to light. Likewise, relevant non-financial information such as number of employees, area of selling
Space, volume of goods produced may also contribute to the accomplishment of the purpose of the
analytical procedures. PSA 520 requires the auditors to perform analytical procedures as a part of the
planning process for every audit.

2. Establishment of an Engagement or Audit Team

An audit team consists of people with different levels of expertise and experience. The team usually is
composed of an engagement partner, a manager, at least one senior, and one or more staff auditors. In
determining the number of people who will be assigned to an engagement, an auditor normally considers the
audit's size and complexity, the availability and experience of personnel, the necessity for special expertise,
and the opportunity to train personnel, and the continuity and rotation of personnel. The audit team
assembled for a larger engagement typically is larger than that needed for a smaller engagement. An
engagement involving an entity in a regulated industry, such as banking, also requires that the major
members of the audit team have necessary knowledge and experience in that industry.

3. Consideration of Work Performed by Other Auditors/Parties

The following factors should be considered in assessing the work performed by other auditors/parties:

• The involvement of other auditors in the audit of components. for example, subsidiaries, branches
and divisions.
• The involvement of experts.
• The number of locations.

a. Predecessor Auditor

The successor auditor's examination may be greatly facilitated by consulting with the predecessor
auditors and reviewing the predecessor's working papers. Communication with the predecessor auditors
can provide the successor CPA with background information about the client, details about the client's
system of internal control, and evidence as to the account balances at the beginning of the year under
audit.

Auditors are ethically prohibited from disclosing confidential information obtained in the course of
an audit without the consent of the client. The successor auditor should therefore obtain the client's
consent before making inquiries from the predecessor auditors.

If the auditor is unable to obtain cooperation from the preceding auditors, or if he feels that the work
done by the preceding auditors does not meet the requirements of generally accepted auditing standards,
he may have to treat the audit of the new client, previously audited by other accountants, just as he
would the first audit of a client who has never been audited before.

b. Other CPAs

Large companies generally consist of divisions and subsidiaries located in many different parts
of the country or the world. For a variety of reasons, one or several of the subsidiaries or divisions may
have different auditors.

To be able to report on the statements of the combined entity, an auditor must determine that she
or he is able to be the principal auditor. Principal auditor means the auditor with responsibility for
reporting on the financial statements of an entity when those financial statements include financial
information of one or more components audited by another auditor. Other auditor means an auditor,
other than the principal auditor, with responsibility for reporting on the financial information of a
component which is included in the financial statement audited by the principal auditor. Other auditors
include affiliated firms whether using the same name or not, correspondents as well as unrelated
auditors, Component means a division, branch, subsidiary, joint venture, associated company or other
entity whose financial information is included in financial statements audited by the principal auditor.

c. Specialists

CPAs may lack the qualifications necessary to perform certain technical tasks relating to the
audit. A specialist brings unique knowledge and judgment in a field other than accounting and auditing.
An auditor might decide to have an art appraiser place values on works of art, a mineralogist determine
the physical characteristics of mineral reserves, or an actuary provide data related to a group's life
expectancy. Effective planning involves arranging for the appropriate use of specialists both inside and
outside of the client organization.

d. Use of Client's Staff

The client's staff should have the accounting records up-to-date when the auditors arrive, In
addition, many audit working papers can be prepared for the auditors by the client's staff, thus reducing
the cost of the audit and freeing the auditors from routine work. The auditors may set up the columnar
headings for such working papers and give instructions to the client's staff as to the information to be
gathered. These working papers should bear the label Prepared by Client, or PBC, and also the initials of
the auditor who verifies the work performed by the client's staff.

Working papers prepared by the client should never be accepted at face value; such papers must
be reviewed and tested by the auditors. Among the tasks that may be assigned to the client's employees
are the preparation of a trial balance of the general ledger, preparation of an aged trial balance of
accounts receivable, analyses of accounts receivable written off, lists of property additions and
retirements during the year, and analyses of various revenue and expense accounts. Many of these
"working papers" may be in the form of computer spreadsheets and other computerized data files.

e. Internal Auditors

Internal auditors can affect the audit in two ways. First, they can enhance internal control. In
deciding whether to reduce the amount of testing for specific assertions because of work performed by
internal auditors, the independent auditor should consider (1) the materiality of the amount, (2) the risk
 of misstatement, and (3) the degree of subjectivity involved in evaluating the accumulated audit
evidence. As these factors increase, the auditor is less likely to rely on the internal auditor's work.

The second way internal auditors affect an audit is by assisting independent auditors in
performing specific audit procedures For example, an internal auditor may observe client personnel
taking the inventory.

4. Assessment of Going Concern Assumption

PSA 570 requires auditors to evaluate whether substantial doubt exists about an entity's ability to continue as a
going concern, based on procedures planned and performed to obtain evidence about the management assertions
embodied in e financial statements. That is, an auditor is not required to design specific procedures to evaluate
whether an entity is a going concern.

When planning and performing audit procedures and in evaluating the results thereof, the auditor should
consider the appropriateness of management's use of the going concern assumption in the preparation of the
financial statements.

Examples of events or conditions, which individually or collectively, may cast significant doubt about the going
concern assumption are set out below. This listing is not all-inclusive nor does the existence of one or more of
the items always signify that a material uncertainty exists.

Financial

• Net liability or net current liability position.

• Fixed-term borrowings approaching maturity without realistic prospects of renewal or repayment; or
excessive reliance on short-term borrowings to finance long-term assets.
• Indications of withdrawal of financial support by debtors and other creditors.

Operating

• Loss of key management without replacement.

• Loss of a major market, franchise, license, or principal supplier.
• Labor difficulties or shortages of important supplies.

Other

• Non-compliance with capital or other statutory requirements.

• Pending legal or regulatory proceedings against the entity that may, if successful, result in claims that
are unlikely to be satisfied.
 • Changes in legislation or government policy expected to adversely affect the entity.

The significance of such events or conditions often can be mitigated by other factors. For example, the effect of
an entity being unable to make its normal debt repayments may be counter-balanced by management's plans to
maintain adequate cash flows' by alternative means, such as by disposal of assets, rescheduling of loan
repayments, or obtaining additional capital. Similarly, the loss of a principal supplier may be mitigated by the
availability of a suitable alternative source of supply.

5. Identification of Related Parties

A related party is defined as an affiliated company, a principal owner of the client company, or any other party
with which the client deals where one of the parties can influence the management or operating policies of the
other. A related party transaction is any transaction between the client and a related party. Common examples
include sales or purchase transactions between a parent company and its subsidiary, exchanges of equipment
between two companies owned by the same person, and loans to officers. A less common example is the
exercise of significant management influence on an audit client by its most important customer.

Because material related party transactions must be disclosed, it is important that all related parties be identified
and included in the permanent files early in the engagement. Finding undisclosed related party transactions is
thereby enhanced. Common ways of identifying related parties include inquiry of management, review of SEC
filings, and examination of stockholders' listings to identify principal stockholders.

6. Client's Legal Obligations

Pertinent current-year information that auditors should review includes (1) minutes of directors' and
stockholders' meetings, (2) changes to articles of incorporation or by-laws, and (3) any significant contracts
executed during the year. By reading the minutes, an auditor will obtain information about significant events
that have or will have an impact on the client.

For new clients for which historical information relating to these matters is unavailable, the auditor should
review information relating to prior years,

7. Completion of the Initial Audit Program

An audit program is a set of audit procedures specifically designed for each audit. The program which includes
both substantive tests and tests of controls will enable the auditor to express an opinion on the financial
statements taken as a whole.

The auditor should develop and document an audit program setting out the nature, timing and extent of planned
audit procedures required to implement the overall audit plan. The audit program serves as a set of instructions
to assistants involved in the audit and as a means to control and record the proper execution of the work. The
audit program may also contain the audit objectives for each area and a time budget in which hours are
budgeted for the various audit areas or procedures. Considering materiality, risk of misstatement, and the
relative cost of performing audit procedures, auditors determine the procedures to test the assertions embodied
in the financial statements.

Auditing standards require that a written audit program be prepared as a part of each engagement.

In preparing the audit program, the auditor would consider the specific assessments of inherent and control risks
and the required level of assurance to be provided by substantive procedures. The auditor would also consider
the timing of tests of controls and substantive procedures, the coordination 0 any assistance expected from the
entity, the availability of assistants and the involvement of other auditors or experts. Other matters may also
need to be considered in more detail during the development of the audit program,

On initial engagements, the audit program typically will develop in three Stages:

(1) the broad phases of the program can be outlined at the time of engagement;

(2) other details of the program can be identified after the review of internal control structure and
accounting procedures has begun; and

(3) procedures on specific phases of the audit can be further challenged and revised as the work
progresses.

On recurring engagements, the program for the preceding audit should be studied before preparing the program
for the current audit. The program for the current audit should reflect modifications or are required by the
experience gained in the business, internal control or accounting methods of the client.

8. Preparation of a Time Budget

A time budget is an estimate of the total hours an audit is expected to take. It is based on the information
obtained in the first major step in the audit that is, obtaining an understanding of the client. It takes into
consideration such things as:
 (a) the client's size as indicated by its gross assets, sales, number of employees

(b) location of client facilities

(c) the anticipated accounting and auditing problems

(d) the competence and experience of staff available.

The total time must be allocated by the preparation of work schedules indicating who is to do what and how
long it should take. Thus, total hours are budgeted by major categories and may be scheduled on a weekly basis.
Time budget also serves as the basis for estimating fees. [t is also an important tool to communicate to the audit
staff those areas the manager or partner believes are critical and require more time. Furthermore, a time budget
is used to measure the efficiency of the staff and to determine at each stage of the engagement whether the work
is progressing at a satisfactory rate. An illustration of an Audit Budget and Time Summary is shown in Figure 9-

Figure 9-2: Portion of an Audit Budget and Time Summary

For repeat engagement, the development of time budgets is facilitated by reference to the preceding year's
detailed time records.

Managing time is an important consideration because billing is often based on the amount of time charged to the
engagement. Indeed, the most costly element of an engagement is the auditor's time. Time budgets can motivate
staff to perform efficiently, and one criterion by which audit personnel are evaluated is their ability to complete
assignments within the allotted time. (However, placing too much emphasis on time management can lower the
quality of the audit.)

A periodic accounting of time and budget may be prepared as a basis for determining the cause(s) of the
variance between actual and budgeted hours. This is illustrated in Figure 9-2. This report will also serve as a
guide in projecting the audit time for the succeeding audits.

9. Assignment of Personnel to the Engagement

Staff must, therefore, be assigned with that standard in mind. On larger engagements, there are likely to be one
or more partners and staff at several experience levels doing the audit. Specialists in such technical areas as
statistical sampling and computer auditing may also be assigned. On smaller audits there may be only one or
two staff members.

A major consideration affecting staffing is the need for continuity from year to year. An inexperienced staff
assistant is likely to become the most experienced non-partner on the engagement within a few years.
Continuity helps the CPA firm maintain familiarity with the technical requirements and closer interpersonal
relations with client personnel.

Another consideration is that the persons assigned be familiar with the client's industry.

In PSA 220, "Quality Control for an Audit of Financial Statements." the auditor, and assistants with supervisory
responsibilities, will consider the professional competence of assistants performing work delegated to them
when deciding the extent of direction, supervision and review appropriate for each assistant.

Any delegation of work to assistants would be in a manner that provides reasonable assurance that such work
will be performed with due care by persons having the degree of professional competence required in the
circumstances.

10. Scheduling of Work

Audit work that can always be performed during the interim period includes the consideration of internal
control, issuance of management letter, and substantive tests of transactions that have occurred to the interim
date.

Interim tests of certain financial statement balances, such as accounts receivable, may also be performed, but
this results in additional risk that must be controlled by the auditors. Significant errors or irregularities could
arise in these accounts during the remaining period between the time that the interim test was performed and the
statement of financial position date. Thus, to rely on the interim test of a significant account balance, the
auditors must perform additional tests of the account during the remaining period.

Performance of other substantive tests is scheduled near at, and after year end. Consideration should be given to
such factors as:

a) Deadline for submitting final audit report and filing of income tax returns

b) Ability of the client's staff to submit required schedules

c) Other audit clients

Documentation of Audit Plan/Audit Program

Documentation of the planning process is done through the preparation of working papers showing:

(1) Audit Plans (discussed in this section)

(2) Audit Programs

(3) Time Budget (refer to page 245)

An audit plan contains the overview of the engagement, outlining the nature and characteristics of the client's
business operations and the overall audit strategy.

The following information are included in a typical audit plan:

1. Description of the client company its structure, nature of business and organization.

2. Audit objectives (ie., if the audit is for stockholders, creditors or it is special-purpose audit)

3. Description of the nature and extent of other services such as tax returns preparation, etc,

4. Timetable of the audit work 5. Work to be done by the client's employer

6. Assignment of audit staff

 7. Target completion dates of the major segments of the engagement

8. Preliminary evaluation and judgment about materiality level for the engagement

9. Any special problems to be resolved during the engagement particularly those revealed by analytical
procedures

10. Conditions that may require changes in audit test

Normally, the audit plan is prepared starting work at the client's office. It may, however be modified throughout
the engagement as the auditor deems necessary depending on his consideration of internal control or as special
problems are encountered.

The auditor may wish to prepare a memorandum setting forth the preliminary audit plan, particularly for large
and complex entity.

Planning a Repeat Engagement

It is far easier to plan for a repeat engagement than planning for a first audit of a new client. The working papers
in the previous year's audit provide a wealth of information useful in planning the recurring engagement. Of
course, the auditor-in-charge of a repeat engagement would have a good working knowledge of the client's
business. The auditor however should not merely duplicate last year 5 audit program but should modify his
approach to the audit for any changes in the client's operations, internal control structure, or business
environment.