Why is an Audit Plan needed?
- “Planning” means:
– Development of the audit strategy and
– Development of the audit program
- The audit plan helps to ensure that the audit process may be conducted in a targeted, effective, and timely manner
- The scope of the audit plan depends on the size of the company, the complexity of the audit, and on the previous experience of the auditor with the audited company and his knowledge about the company’s business and environment
- An important component of the audit plan is the acquisition of knowledge about the business and the environment of the organization. This knowledge serves the external auditor to identify events, transactions or practices that may have a significant influence on the financial statements
- It may be useful to discuss parts of the audit strategy or certain procedures with the management, the supervisory board, the internal audit or other employees of the organization in order to:
− Increase the effectiveness and efficiency of the audit
− Coordinate audit procedures within the organization
ISA 300
Audit Strategy
- The external auditor has to develop and document an audit strategy which focuses on the expected scope and the expected procedures of the audit
- The audit strategy has to be documented in a sufficient manner so that the auditor may develop the audit program based on this documentation
- Aspects which must be considered regarding the development of the audit strategy:
− Knowledge of the business and the environment of the organization
− Understanding of the organization’s accounting and its internal control system
− Risk and probability
− Type, time and scope of procedures
− Coordination, guidance, supervision and control
− Further related aspects (e.g., going concern criterion)
Audit Program
- The auditor has to develop and document an audit program which comprises the type, time and scope of audit procedures required by the audit strategy
- The audit program serves as a guidance for involved employees and as a means of control and documentation of adequate auditing
- When developing the audit program, the external auditor regards the respective evaluation of inherent risk and control risk as well as the degree of persuasiveness of evidence
- Furthermore, the external auditor takes account of the point of time on which tests of controls and substantive tests of transactions are conducted, the availability of employees involved in the audit, the coordination with the audited client, and the involvement of experts or other auditors
Audit Program – Regulatory Requirements
PCAOB Auditing Standard No 9:
- The objective of the auditor is to plan the audit so that the audit is conducted effectively.
- The auditor should properly plan the audit.
- The nature and extent of planning activities that are necessary depend on the size and complexity of the company, the auditor’s previous experience with the company, and changes in circumstances that occur during the audit.
- The auditor should establish an overall audit strategy that sets the scope, timing, and direction of the audit and guides the development of the audit plan.
- The auditor should develop and document an audit plan.
Five Types of Tests the auditor has to consider during the audit
The auditor may consider five types of tests during the audit
- Procedures to Obtain an Understanding of Internal Control
- Tests of Controls
- Substantive Tests of Transactions
- Analytical Procedures
- Tests of Details of Balances
Procedures to Obtain an Understanding of Internal Control
Procedures to understand the internal control:
– Update and evaluate results from previous years
– Interview personnel / management
– Review of guidelines, manuals etc.
– Review of client’s documentation
– Observations
What are Tests of Controls ?
- Tests of Controls are used to audit the appropriateness and effectiveness of the internal control system
- Influencing factors:
– Quality of information systems
– Size of auditee
– Experience from previous years
– Knowledge of audit teams
– Efficiency / economic aspects
– Agreement / Contract with client
– Agreement with stakeholders / Certification / Confirmation
Substantive Tests of Transactions
- Substantive Tests of Transactions are used to test for monetary misstatements that directly affect the correctness of financial reporting
- The objective of Substantive Tests of Transactions is the audit of transaction-related audit objectives for each class of transaction (i.e., occurrence, completeness, accuracy, posting and summarization, classification, timing)
- Substantive Tests of Transactions influence CR as well as PDR
Analytical Procedures
- Analytical procedures include comparisons of recorded amounts to the auditor’s expectations
- Objectives:
– Better understanding of the client’s business
– Detect possible misstatements
– Reduce substantive testing
– Evaluate Going Concern
- Differentiate between analytical procedures in planning and testing phase
Tests of Details of Balances
- Tests of Details of Balances test the final balances of accounts in first place in the balance sheet and in second place in the income statement
- The scope of this test strongly depends on the results of the previous four types of tests (i.e., understanding of internal control, test of controls, substantive tests of transactions and analytical procedures)
- Tests of Details of Balances are very reliable as they usually deliver audit evidence from a source independent from the client
Relationship between Test of Controls and Substantive Tests of Transactions:
- A deviation in the Test of Controls is only an indication for a possible misstatement in the financial reporting
This deviation only becomes material if it is identified repeatedly
- An omission is a misstatement
Relationship between Analytical Procedures and the Substantive Tests of Transactions:
Analytical Procedures merely provide an indication regarding the probability of misstatements
Substantive Tests of Transactions or Tests of Details of Balances are conducted in order to ascertain if misstatements actually occurred
Name the three parts of an audit program
I. Tests of Controls and Substantive Tests of Transactions
This part contains a description that documents the understanding of the internal control system as well as a description of procedures performed to obtain an understanding of the internal control system.
II. Analytical Procedures
- Analytical procedures may be conducted in a cost-efficient manner, which is why they are used very often
- Analytical procedures in phases II and III are more focused (on single accounts, on a monthly basis etc.) and more extensive than they are in phase I and IV
III. Tests of Details of Balances
- The preparation of Tests of Details of Balances is carried out in the planning phase
- The preparation of Tests of Details of Balances depends on the results of the Tests of Controls, the Substantive Tests of Transactions, and the Analytical Procedures, which have not been conducted to this point. Hence, the results of these tests have to be estimated
- In the case that these estimations should not prove to be true, the Tests of Details of Balances have to be adjusted accordingly
Part of audit programme
I. Tests of Controls and Substantive Tests of Transactions
Which “rules” do you have to follow when you use Tests of Controls and Substantive Tests of Transactions?
- Adequate segregation of duties
– E.g., responsibility for the accounting of sales must be separated from the responsibility for cash balances
- Appropriate authorization
– Authorization of credit sales prior to their actual sale
– Order delivery after authorization
– Authorization of prices
- Adequate documentation and accounting
– Numbered documents
– Internal procedures of verification
Name the steps used to develop an audit plan an the audit program
- At the end of the planning phase, the external auditor should have an audit plan as well as an audit program for the entire audit
- The four final steps in the planning phase are:
– Set materiality
– Assess acceptable audit risk and inherent risk
– Understand internal control and assess control risk
– Gather information to assess fraud risk
These steps are used to develop the audit plan and the audit program (Step 8).
