ISA (UK) 530: Audit Sampling

 Audit sampling is the practice of applying audit methods to a subset of the items in a population that are relevant to the audit so that all sampling units have a chance of being chosen and the auditor has a solid foundation from which to infer information about the complete population. The goal of the audit procedure and the characteristics of the population from which the sample will be formed must both be taken into account by the auditor when creating an audit sample. The auditor must choose a sample size large enough to lower sampling risk to a tolerable level. The sample's items must be chosen by the auditor in a way that gives each sampling unit in the population a chance to be chosen.

ISA (UK) 530 recognizes that there are many methods of selecting a sample, but it considers five principal methods of audit sampling which are as follows:

§  random selection: This method of sampling ensures that all items within a population stand an equal chance of selection by the use of random number tables or random number generators.

§  systematic selection: The method divides the number of sampling units within a population into the sample size to generate a sampling interval.

§  monetary unit sampling: The method of sampling is a value-weighted selection whereby sample size, selection and evaluation will result in a conclusion in monetary amounts.

§  haphazard selection: When the auditor uses this method of sampling, he does so without following a structured technique.

§  block selection: This method of sampling involves selecting a block (or blocks) of contiguous items from within a population.

On each chosen item, the auditor must conduct audit methods suited to the purpose. The auditor must undertake the audit procedure on a different item if the chosen item does not fall inside the purview of the audit procedure. The auditor must treat a particular item as a deviation from the required control in tests of controls or as a misstatement in tests of details if the auditor is unable to apply the specified audit procedures or appropriate alternative procedures to it.

Any deviations or misstatements must be investigated for their nature and origin by the auditor, who must also assess any potential impact on the audit's overall objective and other audited areas. The auditor must establish with a high degree of certainty that any misstatement or deviation found in a sample that the auditor deems to be an anomaly is not indicative of the population, which happens in very few cases. The auditor must execute extra audit processes to collect adequate, relevant audit proof that the error or deviation does not influence the rest of the population in order to reach this level of assurance.

In designing samples, the auditors identify acceptable misstatements to address the risk that a combination of individual material misstatements may lead to material misstatements in the financial statements and provide a margin of error for misstatements that may go undetected. Tolerable error is the application of performance materiality to a particular sampling procedure. Acceptable misstatement may be equal to or less than the materiality of the performance.

Practice:

When designing an audit sample, the auditor should consider objectives to be achieved and the combination of audit procedures likely to best achieve this goal. Consideration of the nature of the audit evidence sought and possible deviation or misstatement conditions or other characteristics relating to that audit evidence will assist the auditor in defining what constitutes a deviation or misstatement and what population to use for sampling.

 

Reference:     https://bit.ly/3NFhcqk

https://bit.ly/3yhGPYu

ISA (UK) 520: Analytical Procedures

 The term "analytical procedures" refers to financial data evaluations based on the examination of plausible links between financial and non-financial data. Analytical procedures also include any necessary study of discovered variations or associations that are inconsistent with other relevant information or that deviate significantly from predicted values. Analytical procedures may entail making comparisons between the entity's financial data and, for example:

§  Data from previous times that can be compared.

§  Expected results of the entity, such as budgets or projections, or auditor expectations, such as a depreciation estimate.

§  Similar industry data, such as a comparison of the entity's sales-to-accounts-receivable ratio to industry averages or other comparable-sized companies in the same industry.

The auditor's goals are to:

(a) obtain relevant and reliable audit evidence when using substantive analytical procedures; and

(b) design and perform analytical procedures near the end of the audit to help the auditor form an overall conclusion about whether the financial statements are consistent with the auditor's understanding of the entity.

If analytical procedures carried out in accordance with this ISA (UK) identify fluctuations or relationships that are inconsistent with other relevant information or that differ by a significant amount from expected values, the auditor shall investigate such differences by:

(a) questioning management and obtaining appropriate audit evidence relevant to management's responses; and

(b) carrying out other audit procedures as necessary in the circumstances.

At the assertion level, the auditor's substantive processes may include tests of details, substantive analytical procedures, or a mix of the two. The auditor's judgment regarding the predicted efficacy and efficiency of the various audit procedures to reduce audit risk at the assertion level to an acceptable level is used to choose which audit procedures to execute, including whether to utilize substantive analytical procedures.

The auditor may question management on the availability and reliability of data needed to perform significant analytical procedures, as well as the outcomes of any such procedures performed by the entity. Using analytical data prepared by management may be effective if the auditor is convinced that the data was appropriately prepared.

 

Practice:

The conclusions made from the outcomes of analytical procedures devised and carried out are meant to back up the conclusions reached during the audit of particular financial statement components or elements. This aids the auditor in reaching plausible inferences on which to base his or her findings.

 

Reference:     https://bit.ly/3H3YneV

ISA (UK) 510: Initial Audit Engagements—Opening Balances

 The auditor's objective with respect to opening balances during an initial audit engagement is to obtain sufficient appropriate audit evidence about whether: (a) opening balances contain misstatements that materially affect the current period's financial statements; and (b) appropriate accounting policies reflected in the opening balances have been consistently applied in the current period's financial statements, or changes thereto are appropriately accounted for.

Initial audit engagement: An engagement in which either the prior period's financial statements were not audited or the prior period's financial statements were audited by a predecessor auditor.

Opening balances: Account balances at the start of the term are known as opening balances. Opening balances are calculated using the prior period's closing balances and reflect the effects of past period transactions and events, as well as accounting policies used in the prior period. Contingencies and obligations, for example, are included in opening balances as items that need to be disclosed at the start of the period.

Predecessor auditor: An auditor from a separate audit firm who audited an entity's financial statements in a previous period and has been replaced by the present auditor.

When auditors take on a new client, according to ISA 510 Initial Engagements - Opening Balances, they must ensure that:

§  There are no major misstatements in the opening balances;

§  Prior period closing balances have been accurately brought forward or, where necessary, restated; and

§  Acceptable accounting policies have been consistently used, or changes have been adequately disclosed.

The kind and scope of audit processes required to gather adequate appropriate audit evidence about opening balances are determined by factors such as:

§  The entity's accounting policies.

§  The nature of account balances, transaction types, and disclosures, as well as the risks of substantial misstatement in the financial statements for the current period.

§  The importance of the opening balances in relation to the financial statements for the current period.

§  Whether the financial statements from the previous period were audited and, if so, whether the previous auditor's opinion was modified.

 

If the auditor is unable to gather sufficient appropriate audit evidence on the opening balances, ISA (UK) 705 requires the auditor to offer a qualified opinion or disclaim an opinion on the financial statements. If the auditor concludes that the opening balances contain a misstatement that materially affects the current period's financial statements, and the effect of the misstatement is not properly accounted for, presented, or disclosed, the auditor shall express a qualified or adverse opinion, as appropriate, in accordance with ISA (UK) 705.

 

Practice:

If the previous period was audited by another auditor or was not audited at all, the auditors will need to do more work to satisfy themselves on the opening position. If auditors are unable to satisfy themselves on the previous period, they may have to revise the present audit report.

 

Reference:      https://bit.ly/37IhyxG

https://bit.ly/3l3ZAbU

ISA (UK) 505: External Confirmations

 The trustworthiness of audit evidence is influenced by its source and nature and is reliant on the unique conditions under which it is gathered, according to ISA (UK) 500. The following generalizations about audit evidence are included in the ISA (UK):

·         When audit evidence is collected from independent sources outside the company, it is more dependable.

·         Direct audit evidence obtained by the auditor is more reliable than indirect or inferred audit evidence.

·         When audit evidence is in documentary form, whether on paper, electronic media, or another medium, it is more dependable.

As a result, audit evidence in the form of external confirmations received directly by the auditor from confirming parties may be more reliable than evidence generated internally by the entity, depending on the conditions of the audit. The purpose of this ISA (UK) is to assist auditors in creating and executing external confirmation procedures in order to collect relevant and credible audit evidence. When implementing external confirmation methods in response to a risk of material misstatement, an auditor's goal is to develop and implement such procedures in order to collect relevant and credible audit evidence.

External confirmation is the process of acquiring and analyzing audit evidence directly from a third party in response to a request for information on a specific item from the auditor. Such audit evidence, when combined with audit evidence from other audit techniques, may help to reduce the evaluated risk to a level that is acceptable. External confirmations are of two types.

Positive confirmation request - A request for the confirming party to react directly to the auditor, either by agreeing or disagreeing with the information in the request or by giving the desired information.

Negative confirmation request — A request that the confirming party reacts immediately to the auditor only if the information provided in the request is incorrect.

·         External confirmations are frequently used to confirm the following:

·         bank balances, loans, guarantees, and other information from bankers;

·         bank accounts opened in connection with imprests (e.g. delegations);

·         amounts held at financial intermediaries at year-end;

·         accounts receivable or accounts payable balances.

Practice:

The auditor should determine if the results of the external confirmation process, along with the results of any other audit processes completed, provide sufficient, relevant, and credible audit evidence for the assertion under scrutiny, or whether more audit procedures are required.

 

 

Reference:      https://bit.ly/3v28dJI

                        https://bit.ly/3K7Vg5o

ISA (UK) 500: Audit Evidence

 The primary goal of an auditor's job in an audit engagement is to achieve reasonable assurance that the financial statements as a whole are free of material misstatement so that the auditor can make an opinion on the financial statements and reflect accordingly in the auditor's report. The auditor must develop and implement audit processes to acquire sufficient relevant audit evidence to be able to draw reasonable inferences on which to base the auditor's opinion, which is a high but not absolute level of certainty.

Audit evidence — Information used by the auditor to reach the conclusions that constitute the basis of the auditor's opinion. Information from the accounting records that underpin the financial statements, as well as information gathered from other sources, are included in audit evidence.

The relevance and reliability of the information on which all audit evidence is based have an impact on its quality. The logical link with, or impact on, the goal of the audit method and, where appropriate, the assertion under consideration is referred to as relevance. The source and nature of the information to be used as audit evidence, as well as the conditions under which it is received, including the controls over its production and maintenance if applicable, all influence the audit evidence's reliability.

Obtaining and assessing audit evidence, which is generally produced from audit processes carried out during the engagement but can also be obtained from other sources, is a substantial component of the effort involved in performing an audit. For example, past audits; provided that any modifications that have occurred in the meantime have been properly considered; or the firm's quality control methods, particularly those relating to customer acceptance and continuation.

The auditor obtains audit evidence by performing: 

(a) risk assessment procedures; and 

(b) additional audit procedures, which include:

(i)         controls tests, when required by the ISAs (UK) or when the auditor chooses to do so; and

(ii)   substantive procedures, including tests of details and substantive analytical procedures.

The auditor must decide how to pick things for testing that are successful in satisfying the purpose of the audit method while creating controls and detail tests. If: (a) audit evidence obtained from one source differs from that obtained from another, or (b) the auditor has doubts about the reliability of information to be used as audit evidence, the auditor must determine what changes or additions to audit procedures are required to resolve the issue, as well as the impact of the issue, if any, on other aspects of the audit.

Practice:

The auditor may use inspection, observation, external confirmation, recalculation, reperformance, analytical procedures, inquiry, etc. as risk assessment procedures, tests of controls, or substantive procedures, depending on the context in which they are applied by the auditor.

 

Reference:      https://bit.ly/37TwybO

https://bit.ly/3M7quLh

ISA (UK) 402: Audit Considerations Relating to an Entity Using a Service Organization

 When a user entity utilizes the services of one or more service organizations, this International Standard on Auditing (UK) (ISA (UK)) addresses the user auditor's responsibilities to gather adequate appropriate audit evidence. It explains how the user auditor can use ISA (UK) 315 and ISA (UK) 330 to gain a sufficient understanding of the user entity, including relevant internal controls, to identify and assess the risks of material misstatement, and to design and perform additional audit procedures in response to those risks. When services provided by a service organization, as well as the controls over them, are part of the user entity's information system, including related business activities, relevant to financial reporting, they are relevant to the audit of the user entity's financial statements. The user auditor must comprehend how a user entity uses the services of a service organization in the user entity's activities when developing an understanding of the user entity in accordance with ISA (UK) 315.

When a user entity uses the services of a service organization, the user auditor's objectives are to:

(a) gain a sufficient understanding of the nature and significance of the service organization's services and their impact on the user entity's internal control relevant to the audit to identify and assess the risks of material misstatement; and

(b) design and perform audit procedures responsive to those risks.

Maintenance of the user entity's accounting records is an example of a service organization service that is important to the audit. Regardless of the controls in place at the service organization, the user entity may establish controls over the service organization's services that the user auditor can test, allowing the user auditor to conclude that the user entity's controls are operating effectively for some or all of the related assertions. If a user entity, for example, hires a service organization to conduct its payroll transactions, the user entity can set up controls over the submission and receipt of payroll data to prevent or identify serious misstatements.

 

Practice:

The user auditor shall evaluate the design and implementation of relevant controls at the user entity that relates to the services provided by the service organization, including those that are applied to the transactions processed by the service organization, when obtaining an understanding of internal control relevant to the audit in accordance with ISA (UK) 315.

 

 

Reference:      https://bit.ly/3Mm0kVB

ISA (UK) 450: Evaluation of Misstatements Identified During the Audit

 A difference between the reported amount, classification, presentation, or disclosure of a financial statement item and the amount, classification, presentation, or disclosure that is required for the item to be in compliance with the applicable financial reporting framework is referred to as a misstatement. Errors or fraud can lead to misstatements. When the auditor expresses an opinion on whether the financial statements are presented fairly, in all material respects, or give a true and fair view, misstatements also include any adjustments to amounts, classifications, presentation, or disclosures that the auditor believes are required for the financial statements to be presented fairly, in all material respects, or to give a true and fair view. Except for those that are manifestly inconsequential, the auditor must keep track of any misstatements discovered throughout the audit.

The auditor's goals, according to ISA 450, are to examine the following: The impact of recognized misstatements on the audit, and the impact of uncorrected misstatements, if any, on the financial statements. A misrepresentation happens when anything in the financial accounts is not treated appropriately, implying that the applicable financial reporting framework, particularly IFRS, has not been applied effectively.

The following are some examples of misstatement that can occur as a result of human error or fraud:

§  An inaccurate amount was recognized, such as when an asset was not appraised in compliance with the appropriate IFRS requirement.

§  An item is misclassified - for example, finance costs are included in cost of sales in the profit and loss statement.

§  The presentation is ineffective; for example, the results of discontinued operations are not displayed individually.

§  A contingent liability disclosure is missing or inadequately detailed in the notes to the financial statements, for example a disclosure related to contingent liability is not correct or deceptive disclosure has been added as a result of management bias.

Management is responsible for correcting any errors brought to their attention by the auditor. If management refuses to rectify any or all of the misstatements, ISA 450 requires the auditor to learn about management's reasons for not making the corrections and to include that information when determining whether the financial statements are free of material misrepresentation as a whole.

 

Practice:

According to ISA 450, the auditor must inform those in charge of governance of uncorrected misstatements and the impact they would have on the auditor's report's conclusion, either individually or collectively. The auditor's communication should identify important uncorrected misstatements one by one, and it should request that the misstatements be addressed. The auditor may examine the reasons for, and the ramifications of, a failure to correct misstatements with those in charge of governance, as well as probable repercussions for future financial statements.

 

Reference:      https://bit.ly/3wRCcpe

https://bit.ly/3wVJNTA