Audit is not like a box of chocolates, planning is key. A majority of the IRBA audit findings are on the planning section of an audit file, which indicates a lack of understanding of the documentation requirements. Incorrect planning can also lead to over or under auditing.
ISA 315 – risk assessment and ISA 240 – Fraud is probably 2 of the most important standards to comply with during planning.
Let us take you through the requirements in a practical manner so you can perform the planning efficiently and ensure proper documentation.
ISA 315: • Identifying what you need to understand better about an entity and its environment, and therefore what you need to document • Understanding your responsibility around internal controls, their design and implementation, whether you need to do walkthroughs/test controls • The effect of risks on the audit approach, and how to identify and assess risks
ISA 240:
To obtain an understanding of the entity and the fraud risk factors to plan the audit
To perform a fraud risk assessment
What are the presumed fraud risks
Documenting the fraud risk assessment
How can the auditor respond to the risks of fraud?
Overall responses the auditor can implement
Responses over significant risks
What if fraud is detected? Who does the auditor need to report to?
