The revised International Standard on Auditing (ISA) 315 introduces major changes in the approach to risk identification and assessment. The enhancements will affect the planning section of all audits, and audit firms of all sizes will need to revise their approach to risk assessment.
The changes will be effective for audits of financial statements for periods beginning on or after 15 December 2021. The effects of the revisions will be far-reaching and will require firms of all sizes to revise their approach to risk assessments.
This course explains how audits can be planned and performed effectively based on the 2022 version of CaseWare Probe.
The delegates will be provided with a case study including all the information necessary regarding the client to perform the planning section. They will then need to complete the following planning sections:
Programme changes and updates
• New update process
• Changes to groupings and sections
• Updated document manager
• Changes to the recording dialogue - new risk record mode
• Changes in the way controls are documented
• Use of technology in an audit which includes the understanding of the
use of IT by the entity and the understanding of IT risks and IT general
controls
• Core vs Extended options
• Probe Small - A detailed risk assessment must be performed
• New election in Probe Firm Settings whether walk through procedure
should be elected per engagement or not
• Procedures previously performed on audit programmes are moved to
the risk assessment section and are now performed as Risk Assessment
Procedures (RAP)
• Certain audit considerations such as the use of experts, other
practitioners, inventory count and obtaining confirmations were moved
to the Audit plan and strategy document (12.20)
• New document to obtain an understanding of the complexity of the
Information System
• Individual assessments of identified inherent (IR), fraud (FR) and control
(CR) risks at the financial statement level
• The overall lR, FR and CR at the financial statement level will be
automated based on the auditor's assessment of the individual IR, FR
and CR at FS Level.
• Evaluation of whether the entity's processes for the different components
of the system of internal control are appropriate
• New overall response(s) to address the assessed risks of material
misstatement at the financial statement level.
New terminology, concepts and requirements
• New assertions and combinations of assertions
• New risk assessment procedures (RAP) to obtain an understanding of the
entity and its environment
• Document the sources of information from which the understanding was
obtained
• Class of transaction or account balance ("COTAB")
• Individual Account balance, class of transaction and other disclosure
("COTABD")
• Significant classes of transactions, account balances and disclosures
(“SCOTABD)
• Transactions related to account balances (“TRAB”)
• Relevant assertions
• Controls to be identified for purposes of evaluating the design of a
control and determining whether the control has been implemented
• Identification of the risk of material misstatement at the assertion level
for COTABD and then assess only the identified risks of material
misstatement at the assertion level
• Consideration of whether automated tools and techniques should be
used to assist with obtaining an understanding of the entity and its
environment and to perform risk assessment procedures.
• Extent of work needed for indirect and direct controls
• Use of inherent risk factors
• Spectrum of inherent risk
• Likelihood and magnitude of a possible misstatement on a range from
higher to lower, when assessing risks of material misstatement
• “Stand-back" provision to evaluate the completeness of SCOTABD
• Design and perform substantive procedures for each material COTABD
• Substantive procedures for SCOTABD, i.e., those with relevant assertions
• Assertions to be tested for material COTABD.
Pre-engagement planning
• 10.20 Engagement evaluation
• 10.30 Discussion with management
• 10.50 Gathering information
• 10.51 Type and volumes of transactions
• 10.52 Preliminary analytical procedures
• 10.53 Understanding of accounting estimates (based on the new ISA
540)
• 10.55 Understanding the Information Technology Environment
• 10.60 Overall assessment.
Planning and risk assessment procedures
• 11.10 Risk assessment procedures
• 10.20 Inherent risk assessment
• 11.21 Laws and regulations
• 11.25 Fraud risk assessment
• 11.30 Evaluation of system on internal control
• 11.50 Information system and control activities
• 11.60 Risk assessment at the assertion level.
Audit planning
• 12.20 Audit plan and strategy
• 12.30 Planning memorandum.
Work programs
• New lead sheets
• New layout of work programs based on the new risk assessment process.
