C2:AUDITING AND ASSURANCE

Topic: Planning, Materiality and Audit

Risk

Compiled by EmmaChris
 To be covered
• Introduction to planning and audit strategy
• Audit stratergy and its contents
• Key issues in understanding the entity
• Benefits of audit planning
• Planning for initial engagements
• Introduction to materiality
• Determinants of materiality
• Materiality benchmarks
• Materiality levels
• Audit risks
• Risk assessment procedures
• Risk based audit steps as per ISA 315,
• Audit risk model
• Factors affecting audit risk
• Responses to audit risk
Compiled by EmmaChris
 Introduction to planning and audit strategy
• Audit Plan refers to the scheme formulated by the
auditor that comprises of strategy or approach,
that is followed for carrying out audit.
– Audit planning is a continuous process that starts from
the end of previous audit to the end of current audit.
• Audit strategy is an overall audit plan in terms
how the audit is to be conducted and sets the
scope, timing and direction of the audit.
– It usually comes before detailed audit plan

Compiled by IMACRIS 68
 Introduction to planning and audit strategy
• An audit programme is defined as the step by step
breakdown of the audit work to be carried out by the
auditor and members of the audit team from the
beginning of the audit up to completion of the audit work
in order to:
• Purposes of an audit Programme
i. Serve as a guidance to the professional audit work
ii. Ensure that the audit is conducted properly
iii. Potential risks promptly identified
iv. No part of the audit work has been overlooked and the
objectivity for the audit has been achieve
NBAA May 2018
Compiled by IMACRIS 69
 Introduction to planning and audit strategy
• Audit Plan is much more detailed than strategy
and should include:
1. NTE of risk assessment procedures
2. NTE of further audit procedures including
i. What audit procedures are to be carried out
ii. Who should do them
iii. How much work should be done (sample size etc..
iv. When the work should be done (interim vs final)
3. Any other procedure necessary to conform to
ISAs
Compiled by IMACRIS 70
 Introduction to planning and audit strategy
• Stages involved in planning-
• There are four stages involved in the
planning process namely of an audit:
i. Acquiring knowledge about the client
business and industry
ii. Preparing a comprehensive overall audit
plan
iii. Preparing audit programmes for the audit
iv. Drawing up time, usage and cost budget.
NBAA May 2018
Compiled by IMACRIS 71
 Specific matters when establishing the audit strategy
1. Determine the characteristics o f the engagement that
define its scope Locations of components entities, Industry
specific reporting requirement, The FR framework used,
availability of key personnel.
2. Ascertain the reporting objectives of the engagement to
plan the timing of the audit and the nature of the
communications required
Deadline for interim audit, Key dates for comm. With mgt
and those charged with governance, Deadline for final
audit
3. Considering the factors that are significant in directing
the audit team’s efforts in the auditor’s professional
judgment Materiality determination, Risk identification ,
Identification of material balances
Compiled by IMACRIS 72
 Specific matters when establishing the audit strategy
4. Consider the results of preliminary engagement
activities and knowledge gained on other engagements,
Consideration on ICs, Other relevant developments
5. Ascertain the nature, timing and extent of resources
necessary to perform the engagement One of the main
objectives of developing the audit strategy is to
effectively allocate resources to the audit team,
6. Direction, supervision and review

Compiled by IMACRIS 73
 Key issues when understanding the
entity and its environment
An auditor should obtain an understanding of:
i. Relevant industry, regulatory and other external factors
ii. The nature of the entity including
 Its operations
 Its ownership and governance structures
 The types of investment the entity makes
 The way the entity is structured and financed
iii. The entity’s selection and application of accounting policies
iv. The entity’s objectives and strategies and related business
risks that may result to MM
v. The measurement and review of entity’s financial
performance
The auditor must evaluate components of ICs to if they have
been implemented and whether they are effective in detecting
and preventing material fraud or error.
Compiled by IMACRIS 74
 Benefits of audit planning
i. Helps and auditor to devote attention to important
areas
ii. Helps an auditor to identify and resolve potential
problems timely.
iii. Helps an auditor to organise and manage the audit
engagement for effectiveness and efficiency.
iv. Assist in the selection of engagement team
members
v. Facilitating the direction and supervision of
engagement
vi. Assists in coordination of work done by experts.
Compiled by IMACRIS 75
 Planning for initial engagements
In addition to normal planning procedures:
i. Make arrangement with predecessor auditor to
review their working papers
ii. Consider matters revealed from professional
clearance
iii. Consider matters discussed with mgt during
appointment. Eg acc policies
iv. Audit procedures necessary to collect SAAE on
opening balances ISA 510: Initial opening bal
v. Consider increasing quality control procedures
vi. Consider additional time and resources
vii. Increased test of details
viii. Consider using experienced audit team
Compiled by IMACRIS 76
 Introduction to materiality
• Materiality is a concept or convention within
auditing and accounting relating to the
importance/significance of an amount,
transaction, or discrepancy.
• ISA 320 Materiality refers to the level of
misstatement that could individually or in
aggregate affect the economic decisions of the
users of the FS.
• Materiality is not an absolute term and must only
be seen in the relative context.
Compiled by EmmaChris
 Introduction to materiality
• According to ISA 320: Audit Materiality, An auditor is
expected to establish an acceptable materiality level
in designing the audit plan.
• There are no hard rules over materiality and items
can be material by nature as well as by value.
When is materiality applied?
• throughout the audit exercise i.e.
i. During the process of risk assessment and planning,
ii. To decide the sampling techniques and the sample
size
iii. Evaluating the effect of identified misstatements on
the audit
Compiled by EmmaChris
 Determinants of materiality
• Materiality is determined on the basis of
quantitative and qualitative factors.
1. Quantitative factors – have to do with size, and
depends on risk assessment. The higher the risk
the lower the materiality
2. Qualitative factors- not size alone, but because of
the nature of the item e.g.
i. Mistatements that affects compliance with regulatory
requiremnts
ii. Mistatements that affects compliance with debt
covenants
iii. Misstatements that when adjusted will turn profit into
loss
iv. Misstatements that when adjusted will turn a reported
net-asset position into net liability
Compiled by EmmaChris
 Determinants of materiality
v. Related party transactions including
transactions with director
vi. Disclosures in the FS relating to future legal
claims or GC.
vii. Comparison with the corresponding previous
year’s figures: patterns of income and expenses.
e.g. series of losses now showing small profit
viii. Transactions of abnormal and non-recurring
nature-even if amt involved is low
Compiled by EmmaChris
 Assessing the level of Materiality
In assessing the level of materiality consider:
• Both the amount (quantity) and the nature (quality) of any
misstatements
• consider that a number of errors each with a low value may
when aggregated amount to a material misstatement.
• ISAs provide no specific guidance. In practice “rule of thumb” is
normally used
• The assessment of what is material is ultimately a matter of the
auditors’ professional judgment
• The auditor should also consider setting the performance
materiality level

Compiled by EmmaChris
 Assessing the level of Materiality
Materiality and appropriate benchmark
When deciding an appropriate benchmark, the
auditor should consider:
i. The elements of FS
ii. Whether the particular item tend to be the focus
of the user
iii. The nature of the entity, its lifecycle and its
environment
iv. The ownership and financing structure
v. The relative volatility of the benchmark
Compiled by IMACRIS 82
 Assessing the level of Materiality
Benchmark Value Comments

Pre tax If users are interested in the profitability

5-10%
profit of the company
If materiality relates to the size of the
Revenue 0.5-1% business that can be measured in terms
of revenue
Total If Size can also be measured intermsof
0.5-1%
Assets asset base

• These benchmarks should be used in the initial

assessment of materialty
• The auditor will then use judgement to modify the
materiality to ensure its relevancy
Compiled by IMACRIS 83
 Materiality levels
1. Planning materiality/overall materiality/materiality for FS
as whole -the level of misstatement that could individually
or in aggregate affect the economic decisions of the users of
the FS.
2. Performance materiality- The amount or amounts set by the
auditor at less than materiality for the FS as a whole to..
…reduce to an appropriately low level the probability that
the aggregate amount of uncorrected and..
..undetected misstatements exceeds materiality for the FS as
a whole.
PM is usually set at lower than materiality in order to reduce
audit risk that total misstatements does not exceed overall
materiality
3. Tolerable mistatements (at the account level)
Is the maximum amount of mistatement the auditor will
accept in an individual class of transactions, account balance
or other disclosure. E.g. 5% of PM
Compiled by EmmaChris
 Audit risks
• Audit risk- chances that the auditor expresses an
inappropriate audit opinion when the FS are
materially misstated
ISA 315: Identifying and assessing RoMM through
understanding the entity and its environment states
that ….
…an auditor should adopt risk based approach to the
audit
ISA 330 Auditor’s responses to the assessed risk
further develops this concept by stating..
… The objective of the auditor is to obtain SAAE
regarding the assessed RoMM through….
….designing and implementing appropriate responses
to those risks
Compiled by EmmaChris
 Audit risks
Risk assessment procedures and their examples
i. Enquiries of management
a. Have any share issues occurred during the year?
b. Has the company undertaken any new investment
during the year?
c. Have there been any changes in senior management
during the year?
d. Have any new competitor or products entered the
market?

Compiled by IMACRIS 86
 Audit risks
Risk assessment procedures and their examples…
ii. Analytical procedures
a. Compare actual results to forecast to identify any
significant changes to plan
b. Compare client’s performance and position to any
available industry data to identify significant
variations
c. Compare client’s FS to PY to identify any unexpected
changes to performance or position

Compiled by IMACRIS 87
 Audit risks
Risk assessment procedures and their examples…
iii. Observe
a. Application of control over counting of inventory during
yearend
b. The performance of yearend reconciliations
c. Month end ajustments
iv. Inspect:
i. Org charts to identify changes in key staffs
ii. HR records/payroll records to identify changes in staffs
iii. News/media report to identify any significant issue such
as potential legal action
iv. Controls operating throughout the year eg montly
reconciliations
Compiled by IMACRIS 88
 Audit risks
In auditing, risks can generally be looked from three
perspectives:
i. Business risks- results from significant events,
conditions, circumstances, actions or inactions..
…that could prevent the business from achieving its
strategic objectives.
• Auditors must assess business risks inorder to:
– Develop business understanding
– Increase chances of identifying specific RoMM
– Evaluate overall audit risks
• Most business risks usually translates to RoMM eg
outdated products
Compiled by IMACRIS 89
 Audit risks
ii. Risk of material Misstatements RoMM- risk that FS
contain MM. Possible reasons:
a. Numbers are misstated
b. Disclosures are missing or inadequate
c. The basis of preparation is inappropriate
 When evaluating RoMM, it is crucial to discuss the impact
of risk on FS
 The specific account balance, transaction or disclosure affected
 Whether the item might be overstated, understated, omitted or
inappropriately recognised
 It is necessary to link with accountng standard being
violated and suggest appropriate treatment as per
standard (B2 and C1)

Compiled by IMACRIS 90
 Audit risks
ii. Audit risks- risk that the auditor expresses an
inappropriate opinion.
Audit risk is made up of RoMM and detection risk
Detection risk refers to chances that designed audit
procedures fails to uncover/detect MM. Situations:
a. First year of auditing the client
b. Client is putting the auditor under undue time pressure
c. Client operates multiple sites and the auditor and the
auditor is not able to visit each site
If no detection risks then an answer to RoMM will be
the same as an answer to audit risk

Compiled by IMACRIS 91
 Audit risks
Considerations when assessing whether the risk is
significant:
a. Whether the risk is one of the fraud
b. Whether it reletes to recent accounting
pronouncements that requires specific attention
c. The complexity of related transactions
d. Whether it involves related parties
e. Degree of subjectivity involved in measuring
financial information
f. Whether it involves transactions outside the
normal course of business
Compiled by IMACRIS 92
 Audit risks
Responses to risk assessment:
i. Allocating complex risk areas to experienced staff
ii. Placing more or less reliance on systems & control
testing
iii. Performing more substantive analytical procedures
as opposed to others
iv. Altering the volume of balances tested by changing
the sample size
v. Consulting external experts on technically complex
areas
vi. Changing time and frequency of review procedures
vii. Emphasis the need for professional scepticism

Compiled by IMACRIS 93
 Audit risk model
• Audit risk is the risk that the auditor gives an
inappropriate audit opinion when the financial
statements are materially misstated.
• The higher the audit risk, the more evidence must
be gathered in order for the auditor to obtain
sufficient assurance as a basis for expressing an
opinion on the FS.
• Audit risk model has three components:
– inherent risk,
– control risk and
– detection risk.

Compiled by EmmaChris
 Audit risk components..

1. Inherent risk is the susceptibility of an account

balance or class of transactions to
misstatements that could be material assuming
that there were no related internal controls.
2. Control risk is the risk that a misstatement could
occur after considering ICs.
3. Detection risk is the risk that an auditor’s
procedures will not detect a material
misstatement that exists

Compiled by EmmaChris
Audit risk model components..

Compiled by EmmaChris
 Using The Model

• It is important to be able to understand how

changes in one factor affect (or do not affect)
other risk model factors.
DR = AR or AR = IR x CR x DR
IR X CR

• PDR = AR ,
IR X CR
• This will result more evidence and low levels of
materiality

Compiled by EmmaChris
 Audit risk model

• When inherent and control risks are high,

acceptable detection risk needs to be:
– low to reduce audit risk to an acceptably low level.

Compiled by EmmaChris
• Factors Affecting Acceptable Audit Risk
– The likelihood that a client will have financial
difficulties after the audit report is issued the
statements
– The auditor’s evaluation of management’s
integrity
– The degree to which external users rely on FS

Compiled by EmmaChris
• Factors Affecting Inherent Risk
– Nature of the client’s business
– Results of previous audits
– Initial versus repeat engagement
– Related parties
– Non-routine transactions
– Judgment required to correctly record
– Account balances and transactions
– Makeup of the population
– Factors related to fraudulent financial reporting
– Factors related to misappropriation of assets`
Compiled by EmmaChris
 Responses to audit risks
• Responses to assessed Risks - this is achieved
through manipulating detection risk
– Risk areas to experienced staff
– More or less reliance on system and control
testing
– Altering volume of substantive procedures
– Changing sample sizes
– Less substantive analytical and more detailed ones
– Consulting experts ISA 620: Evaluate competence,
capabilities, objectivity , understand the work and
evaluate appropriateness as an evidence for
relevant assertion
– More review Compiled by EmmaChris
Audit planning and risk assessment case.
Please go through the provided case..

Compiled by IMACRIS 102

 Case answers
(i) To: Audit Partner
From: Audit Manager
Regarding: Audit planning and ethical issues in respect of
Grohl Co
Business risks faced by Grohl Co:
a. Imported goods – exchange rate fluctuations: exposes the
company to exchange rate volatility and consequentially CF
fluctuations
b. Imported goods – transportation issues: reliance on imports is
risky and transportation costs will be high
c. Reliance on single supplier - disruption to the supplier’s
operations may cause business operations to stop
d. Quality control issues: quality control issues with circuit
boards implies extra costs in relation to electrical testing of the
copper wiring
e. High-technology and competitive industry: computers and
mobile phones being subject to rapid product development.
Compiled by IMACRIS 103
 Case answers
(a) Business risks faced by Grohl Co:
f. Reliance on key customers: relies on only 20 key customers to
generate its domestic revenue
g. Regulatory issues: New regulations come into force within a
few months of the year end and production facility appears not
to comply
h. Additional finance taken out – liquidity/solvency issues: loan
representing 16·7% of total assets was taken out during the
year and overdraft of $2·5 million was converted into longterm
loan
i. Profitability: revenue has fallen by 9·4%, and operating profit
fallen by 50%. Overall, the company has made a loss for the
year.
j. Change in key management: The loss of several directors
during the year means that the company may lose important
experience and skills
Compiled by IMACRIS 104
 Case answers
(ii) Risks of material misstatement
a. Foreign currency transactions – initial recognition: copper
wiring is imported, According to IAS 21 The Effects of Changes
in Foreign Exchange Rates, foreign currency transactions should
be initially recognised having been translated using the spot
rate, or an average rate
b. Foreign currency transactions – exchange gains and losses:
balances denominated in foreign currency at the YE must be
retranslated using the closing rate
c. Product recall – obsolete inventory: corroded and cannot be
used in the production of circuit boards according to IAS 2
Inventories, measurement should be at the lower of cost and
net realisable value.
d. Product recall – refunds to customers: some customers may
have demanded a refund instead of a replacement circuit
board. a provision should be recognised for the refund IAS 37
Compiled by IMACRIS 105
 Case answers
(ii) Risks of material misstatement
d. Additional finance – capitalisation of new
production line: according to IAS 16 PPE & IAS 23
Borrowing Costs, directly attributable finance
costs must be capitalized.
e. Additional finance – measurement and
disclosure of loan: The loan taken out is a
financial liability and must be accounted for in
accordance with IFRS 9 Financial Instruments,
which states that financial liabilities must be
classified and measured at amortised cost using
the effective interest method
Compiled by IMACRIS 106
 Case answers
(iii) Ethical Issues
• audit manager interviewed for the position of financial controller
at Grohl Co. This creates a potential ethical threat.
– familiarity threat is caused by the relationship that Bob Halen will
have with the audit team, having worked at the firm.
– junior members of the audit team may also feel intimidated by him as
his previous position was as audit manager.
• Contingency fee
Mitigation:
• Foo & Co to ensure that no significant connection between the
audit firm and Bob Halen remains
• modifying the audit plan and changing the composition of the
audit team, put in place
• The audit fee must not depend on contingencies such as
whether the auditor’s report on the financial statements is
qualified or unqualified.
Compiled by IMACRIS 107
QUESTIONS?

Compiled by EmmaChris
 THE END

Compiled by IMACRIS 109

DRM Software Review