audit documentation isa 230 and quality working papers ... · audit, to understand: – the nature,...
Post on 07-May-2019
215 Views
Preview:
TRANSCRIPT
© 2012 Grant Thornton LLC. All rights reserved.
Audit Documentation – ISA 230
and Quality Working Papers
Amer Ali, FCCA
June 2012
© 2012 Grant Thornton LLC. All rights reserved.
ISA 230 - Audit documentation is…
• …the record of audit procedures performed , relevant audit evidence obtained, and conclusions the auditor reached.
• terms such as ‗working papers‘ or ‗work papers‘ are sometimes used and may vary within different firms.
© 2012 Grant Thornton LLC. All rights reserved.
Why is documentation important to support
conclusions?
• required by ISA – 230
• required by firms policies and procedures to comply with ISA
• required by applicable legal and regulatory requirements
© 2012 Grant Thornton LLC. All rights reserved.
Why is documentation important to support
conclusions?
• internal reviews (manager, partner, practice reviews)
• professional bodies review
• regulators reviews like PCOAB in US
© 2012 Grant Thornton LLC. All rights reserved.
Audit documentation meeting ISA
requirements provides…
• evidence of the auditor‘s basis for a conclusion about the achievement of the overall objectives of the auditor; and
• evidence that the audit was planned and performed in accordance with ISAs and applicable legal and regulatory requirements.
© 2012 Grant Thornton LLC. All rights reserved.
Audit documentation additional purposes
• assisting the engagement team to plan and perform the audit
• assisting members of the engagement team responsible for supervision to direct and supervise the audit work, and to discharge their review responsibilities
• enabling the engagement team to be accountable for its work
• retaining a record of matters of continuing significance to future audits
© 2012 Grant Thornton LLC. All rights reserved.
Objective of Audit documentation
• a sufficient and appropriate record of the basis for the auditor‘s report; and
• evidence that the audit was planned and performed in accordance with ISAs and applicable legal and regulatory requirements.
© 2012 Grant Thornton LLC. All rights reserved.
Content of Audit documentation
• The auditor should prepare the audit documentation in order to enable an experienced auditor, having no previous connection with the audit, to understand:
– The nature, timing, and extent of the audit procedures performed to
comply with the ISAs and applicable legal and regulatory
requirements.
– The results of the audit procedures and audit evidence obtained.
– Significant matters arising during the audit and conclusions reached
thereon.
Working papers should be sufficiently completed and detailed.
© 2012 Grant Thornton LLC. All rights reserved.
Significant matters
• Significant matters are matters that are judged through objective analysis of the facts and circumstances to be significant to our audit and include, among others:
– Significant risks (pervasive or specific risks).
– Results of audit procedures indicating:• Material misstatement.• Revision of our assessment of risk.
– Significant difficulty in performing necessary audit procedures.
– Findings that could modify our audit report.
© 2012 Grant Thornton LLC. All rights reserved.
Documentation – Key messages
Sufficient evidence to allow an experienced auditor with no previous connection to the audit engagement to understand:
– What was done.
– The evidence obtained.
– Significant matters arising during the audit.
– The conclusion reached.
– Who performed the work and when.
Work NOT Documented is
Work NOT Done!
© 2012 Grant Thornton LLC. All rights reserved.
What to document?• The audit procedures applied
• Objective, procedures, results, conclusion.
• Details of the tests performed
• Describe in detail the work performed.
• Identify the person who performed the work and those who reviewed it, including
the date when these were performed.
• Identify significant matters arising during the audit.
• State conclusions reached and the basis for them.
• Show the source of the amounts and other information.
• Properly index and cross reference.
• Audit procedures performed according to instructions in the audit
program
– Ensure all procedures in the audit program are addressed in our audit working
papers.
© 2012 Grant Thornton LLC. All rights reserved.
What to document?
• Only the work we have actually performed!
• Only what is relevant to the audit:
Contains analyses, opinion, conclusions.
Supports the overall audit opinion.
© 2012 Grant Thornton LLC. All rights reserved.
Form, content and extent of audit
documentation depends on factors such as:
• size and complexity of the entity.
• nature of the audit procedures to be performed.
• identified risks of material misstatement.
• significance of the audit evidence obtained.
• nature and extent of exceptions identified.
• need to document a conclusion or the basis for a conclusion not readily determinable from the documentation of the work performed or audit evidence obtained.
• audit methodology and tools used.
© 2012 Grant Thornton LLC. All rights reserved.
Nature of audit documentation
• Can be electronic, manual, or other media.
• Examples include:
– Audit programs.
– Emails with the client.
– Analyses.
– Evidence of test of details on samples of items.
– Letters of confirmation and representation.
– Abstracts or copies of the entity‘s records (e.g., significant and
specific contracts and agreements).
– Substantive analytical procedures, including development of
expectations and investigation of differences.
© 2012 Grant Thornton LLC. All rights reserved.
What is not audit documentation
• Entity records (e.g., invoices looked at in testing).
• Superseded working papers/drafts.
• Notes that reflect incomplete or preliminary thinking.
• Duplicate documents.
• Review points (raised as part of our internal review processes).
© 2012 Grant Thornton LLC. All rights reserved.
Audit documentation retention policy
• ISQC 1 requires firms to establish policies and procedures for the timely completion of the assembly of audit files.
• An appropriate time limit within which to complete the assembly of the final audit file is ordinarily not more than 60 days after the date of the auditor‘s report.
• retention period for audit engagements vary based on legal requirements (not shorter than 5 years)
• statutory and group reporting issues
© 2012 Grant Thornton LLC. All rights reserved.
Electronic work papers control
• Regulations require that we ensure electronic working papers are adequately maintained and controlled.
• In practice this means:
– Regular back-ups.
– Computers and manual files are locked if unattended.
– Extra care taken with the control of confidential information (e.g.,
payroll, bonus schedules).
– Use of passwords to protect confidential information.
© 2012 Grant Thornton LLC. All rights reserved.
Documentation for stages of an audit
• Perform pre-engagement activities
• Planning stage
• Perform the audit plan
• Conclude and report
• Asses and manage risk – continuous process
© 2012 Grant Thornton LLC. All rights reserved.
Stages of an audit - perform pre-engagement
activities
• Client acceptance procedures (evaluate
compliance with ethical requirements, including
independence)/assess engagement risk
• Establish terms of engagement
© 2012 Grant Thornton LLC. All rights reserved.
Stages of an audit - Planning stage
• Strategic audit planning
• Understand the entity and its environment
• Understand internal control/accounting process
• Perform preliminary analytical review
• Develop planning materiality
• Asses risk at account balance
• Plan to test operating effectiveness of controls vs.
substantive procedures
© 2012 Grant Thornton LLC. All rights reserved.
Stages of an audit - Perform the audit plan
• Perform tests of operating effectiveness of controls
• Perform substantive procedures (test of details
and/or substantive analytical procedures)
• Perform financial statements review
© 2012 Grant Thornton LLC. All rights reserved.
Stages of an audit - conclude and report
• Perform subsequent event review
• Obtain management representation letter
• Audit summary memorandum
• Report
© 2012 Grant Thornton LLC. All rights reserved.
Specific Audit Documentation Requirements
in Other ISAs• ISA 210, ―Agreeing the Terms of Audit
Engagements‖ – paragraphs 10-12
• ISA 220, ―Quality Control for an Audit of Financial
Statements‖ – paragraphs 24-25
• ISA 240, ―The Auditor‘s Responsibilities Relating to
Fraud in an Audit of Financial Statements‖ –
paragraphs 44-47
• ISA 250, ―Consideration of Laws and Regulations
in an Audit of Financial Statements‖ – paragraph
29
© 2012 Grant Thornton LLC. All rights reserved.
Specific Audit Documentation Requirements
in Other ISAs (continued)• ISA 260, ―Communication with Those Charged with
Governance‖ – paragraph 23
• ISA 300, ―Planning an Audit of Financial
Statements‖ – paragraph 12
• ISA 315, ―Identifying and Assessing the Risks of
Material Misstatement through Understanding the
Entity and Its Environment‖ – paragraph 32
• ISA 320, ―Materiality in Planning and Performing
an Audit‖ – paragraph 14
• ISA 330, ―The Auditor‘s Responses to Assessed
Risks‖ – paragraphs 28-30
© 2012 Grant Thornton LLC. All rights reserved.
Specific Audit Documentation Requirements
in Other ISAs (continued)• ISA 450, ―Evaluation of Misstatements Identified
During the Audit‖ – paragraph 15
• ISA 540, ―Auditing Accounting Estimates, Including
Fair Value Accounting Estimates, and Related
Disclosures‖ – paragraph 23
• ISA 550, ―Related Parties‖ – paragraph 28
• ISA 600, ―Special Considerations—Audits of Group
Financial Statements (Including the Work of
Component Auditors)‖ – paragraph 50
• ISA 610, ―Using the Work of Internal Auditors‖ –
paragraph 13
top related