Читать книгу Wiley Practitioner's Guide to GAAS 2017 - Flood Joanne M. - Страница 33

AU-C Original Pronouncements

Objective of AU-C Section 300

AU-C Section 300.04 states that:

…the objective of the auditor is to plan the audit so that it will be performed in an effective manner.

Requirements

Preliminary Engagement Activities

It's important for the engagement partner and other key members of the engagement team to be involved in planning the audit. (AU-C 300.05) The auditor should perform the following activities at the beginning of the current audit engagement:

● Perform procedures regarding the continuance of the client relationship and the specific audit engagement. (AU-C 220)

● Evaluate the auditor's compliance with ethical requirements, including independence. (AU-C 220)

● Establish the terms of the engagement. (AU-C 210)

(AU-C 300.06)

The purpose of performing these preliminary engagement activities is to consider any events or circumstances that either may adversely affect the auditor's ability to plan and perform the audit or may pose an unacceptable level of risk to the auditor.

The Overall Audit Strategy

The auditor should establish and document the overall audit strategy for the audit. (AU-C 300.07)

The overall audit strategy involves the determination of:

● The characteristics of the audit that define its scope

● The reporting objectives of the engagement related to the timing of the audit and the required communications

● Important factors that determine the focus of the audit team's efforts

● Factors to be considered from preliminary work or previous engagements

● Nature, timing, and resources needed

(AU-C 300.08)

The audit strategy helps the auditor determine the resources necessary to perform the engagement.

Communications with Those Charged with Governance and Management

As required by AU-C 260, the auditor must discuss elements of planning and the scope with those charged with governance and the entity's management. (AU-C 300.A13)

The Audit Plan

The audit plan is a more detailed, tactical plan that addresses the various audit matters identified in the audit strategy. The auditor must develop and document an audit plan for every audit.

The audit plan should include a description of:

● The nature, timing, and extent of planned risk assessment procedures (AU-C 315)

● The nature, timing, and extent of planned further audit procedures at the relevant assertion level for each material class of transactions, account balance, and disclosure (AU-C 330)

● Other audit procedures to be carried out to comply with GAAS

(AU-C 300.09)

Developing an audit strategy and an audit plan is intended to be an iterative process. As information becomes available over the course of the audit, the auditor should reconsider the audit strategy and audit plan to determine whether they remain relevant. (AU-C 300.10) All changes to audit strategy and plan should be documented.

Establishing an audit strategy varies according to the size of the entity and the complexity of the audit. In audits of small entities, a very small audit team may conduct the entire audit. With a smaller team, coordination and communication between team members are easier. Consequently, establishing the overall audit strategy need not be a complex or time-consuming exercise.

As part of audit planning, the auditor plans the direction and supervision of engagement team members and plans for the review of their work. (AU-C 300.11)

Determining the Extent of Involvement of Professionals Possessing Specialized Skills

The auditor should consider whether specialized skills are needed in performing the audit. (AU-C 300.12) For example, the auditor may need to involve the use of an information technology (IT) specialist to:

● Determine the effect of IT on the audit

● Understand the IT controls

● Design and perform tests of IT controls or substantive procedures

In determining whether an IT professional is needed, the auditor should consider factors such as the following:

● The complexity of the entity's systems and IT controls and the manner in which they are used in conducting the entity's business

● The significance of changes made to existing systems, or the implementation of new systems

● The extent to which data is shared among systems

● The extent of the entity's participation in electronic commerce

● The entity's use of emerging technologies

● The significance of audit evidence that is available only in electronic form

(AU-C 300.A18)

Additional Considerations in Initial Audit Engagements

Before starting an initial audit, the auditor should:

● Perform procedures regarding the acceptance of the client relationship and the specific audit engagement (see AU-C 220).

● Communicate with the previous auditor, where there has been a change of auditors (see Section 210).

(AU-C 300.13)

When developing the overall audit strategy and audit plan, the auditor should consider:

● Arrangements to be made with the previous auditor – for example, to review the previous auditor's audit documentation.

● Any major issues (including the application of accounting principles or of auditing and reporting standards) discussed with management in connection with the initial selection as auditors, the communication of these matters to those charged with governance, and how these matters affect the overall audit strategy and audit plan.

● The planned audit procedures to obtain sufficient appropriate audit evidence regarding opening balances.

● Other procedures required by the firm's system of quality control for initial audit engagements (for example, the firm's system of quality control may require the involvement of another partner or senior individual to review the overall audit strategy prior to commencing significant audit procedures or to review reports prior to their issuance).

(AU-C 300.A20)

Matters to Consider in Developing an Audit Strategy

AU-C 300.A25 Appendix – Considerations in Establishing the Overall Audit

The appendix to AU-C 300 provides examples of matters the auditor may consider in establishing the overall audit strategy, and many of these matters also will influence the detailed audit plan. The examples provided cover a broad range of matters applicable to many engagements. Although some of the following matters may be required by other AU-C sections, not all matters are relevant to every audit engagement, and the list is not necessarily complete.

Characteristics of the Engagement

The following are some examples of characteristics of the engagement:

● The financial reporting framework on which the financial information to be audited has been prepared, including any need for reconciliations to another financial reporting framework

● Industry-specific reporting requirements, such as reports mandated by industry regulators

● The expected audit coverage, including the number and locations of components to be included

● The nature of the control relationships between a parent and its components that determine how the group is to be consolidated

● The extent to which components are audited by other auditors

● The nature of the business divisions to be audited, including the need for specialized knowledge

● The reporting currency to be used, including any need for currency translation for the audited financial information

● The need for statutory or regulatory audit requirements (for example, OMB Circular A-133, Audits of States, Local Governments, and Nonprofit Organizations)

● The availability of the work of the internal auditor function and the extent of the auditor's potential direct use of such work

● The entity's use of service organizations and how the auditor may obtain evidence concerning the design or operation of controls performed by them

● The expected use of audit evidence obtained in previous audits (for example, audit evidence related to risk assessment procedures and tests of controls)

● The effect of IT on the audit procedures, including the availability of data and the expected use of computer-assisted audit techniques

● The coordination of the expected coverage and timing of the audit work with any reviews of interim financial information, and the effect on the audit of the information obtained during such reviews

● The availability of client personnel and data

Reporting Objectives, Timing of the Audit, and Nature of Communications

The following examples illustrate reporting objectives, timing of the audit, and nature of communications:

● The entity's timetable for reporting, including interim periods

● The organization of meetings with management and those charged with governance to discuss the nature, timing, and extent of the audit work

● The discussion with management and those charged with governance regarding the expected type and timing of reports to be issued and other communications, both written and oral, including the auditor's report, management letters, and communications to those charged with governance

● The discussion with management regarding the expected communications on the status of audit work throughout the engagement

● Communication with auditors of components regarding the expected types and timing of reports to be issued and other communications in connection with the audit of components

● The expected nature and timing of communications among engagement team members, including the nature and timing of team meetings and timing of the review of work performed

● Whether there are any other expected communications with third parties, including any statutory or contractual reporting responsibilities arising from the audit

Significant Factors, Preliminary Engagement Activities, and Knowledge Gained on Other Engagements

The following examples illustrate significant factors, preliminary engagement activities, and knowledge gained on other engagements:

● The determination of materiality, in accordance with AU-C Section 320, Materiality in Planning and Performing an Audit, and, when applicable, the following:

● The determination of materiality for components and communication thereof to component auditors in accordance with AU-C Section 600, Special Considerations – Audits of Group Financial Statements (Including the Work of Component Auditors)

● The preliminary identification of significant components and material classes of transactions, account balances, and disclosures

● Preliminary identification of areas in which there may be a higher risk of material misstatement

● The effect of the assessed risk of material misstatement at the overall financial statement level on direction, supervision, and review

● The manner in which the auditor emphasizes to engagement team members the need to maintain a questioning mind and exercise professional skepticism in gathering and evaluating audit evidence

● Results of previous audits that involved evaluating the operating effectiveness of internal control, including the nature of identified deficiencies and action taken to address them

● The discussion of matters that may affect the audit with firm personnel responsible for performing other services to the entity

● Evidence of management's commitment to the design, implementation, and maintenance of sound internal control, including evidence of appropriate documentation of such internal control

● Volume of transactions, which may determine whether it is more efficient for the auditor to rely on internal control

● Importance attached to internal control throughout the entity to the successful operation of the business

● Significant business developments affecting the entity, including changes in IT and business processes; changes in key management; and acquisitions, mergers, and divestments

● Significant industry developments, such as changes in industry regulations and new reporting requirements

● Significant changes in the financial reporting framework, such as changes in accounting standards

● Other significant relevant developments, such as changes in the legal environment affecting the entity

Nature, Timing, and Extent of Resources

The following examples illustrate the nature, timing, and extent of resources:

● The selection of the engagement team (including, when necessary, the engagement quality control reviewer; see AU-C Section 220, Quality Control for an Engagement Conducted in Accordance with Generally Accepted Auditing Standards) and the assignment of audit work to the team members, including the assignment of appropriately experienced team members to areas in which there may be higher risks of material misstatement.

● Engagement budgeting, including considering the appropriate amount of time to set aside for areas in which there may be higher risks of material misstatement.