UNIT 3

AUDITING STANDARDS

3.1 Introduction

To ensure that information provided in the financial statements are of high quality and are acceptable worldwide the Auditing and Assurance Standards board under the council of Institute of Chartered Accountants (ICAI) have formulated few Standards. These are in line with the International Standards issued by the International Auditing and Assurance Board (IAASB).

Standards issued by the AASB include:

• Standards of Quality Control (SQCs): For all the services under Engagement Standards. These standards are applicable to all auditing firms which perform audits and reviews of historical financial information including assurances and related service engagements.
• Standards on Auditing (SAs): For auditing historical financial information. These apply whenever any independent Audit is carried out.

In simpler words, whenever an independent examination of financial information is carried on for ANY entity whether the business motive is to make the profit or not, whether the size of the entity is big or small or even if the entity has any legal form (unless any law specifies something else) the SAs will be applicable

All SAs are interlinked and have to apply in unity. The number given to SA is similar to the numbering system followed for International Standards on Auditing formulated by IAASB.

• Standards on Review Engagements (SREs) for reviewing historical financial information
• Standards on Assurance Engagements (SAEs) for assurance engagements other than the audits and reviews of financial information
• Standards on Related Services (SRSs) for all engagements about the application of agreed procedures to information, compilation engagements, and other related services engagements

The major standards are listed here below:

3.2 Significance of Audit & Assurance Standards

The significance of Audit & Assurance Standards is as discussed below:

1. It will help enhancing the quality and relevance of auditing practices.
2. It provides consistency and comparability in reporting.
3. It provides uniformity / standardization of practice.
4. It provides guidance in performing an audit

It helps strengthening public confidence in auditing and assurance profession

5.      In case things go awry, the onus is on auditors to “prove” that he / she was not professionally negligent in performing his duties

6.      There is significant responsibility cast on auditors under regulatory framework

7.      ASS neither favours nor discriminate based on size of the practitioner.

3.3 Responsibility of Auditor for AAS

In audit, the Chartered Accountant’s objective is to provide a high (but not absolute) level of assurance on the reliability of financial statements. Absolute assurance in auditing is not given due to the following reasons:

• The need for judgment,

• The use of test checks,

• The inherent limitations of any accounting and internal control systems and

• The fact that most of the evidence available to the auditor is persuasive, rather than conclusive, in nature.

Though any audit is not a guarantee about absence of misstatement in a set of financial statement or future viability of an enterprise, the auditors are cast with the responsibility of carrying out their assignments with utmost professional care and sincerity to uphold the faith posed by public in them.

The responsibilities of Auditor for AAS are as follows:

The auditing and assurance standards are our basic tools to conduct any audit and it has to be followed without any reservation. Compliance with the standards to be ensured whenever an audit including a tax audit is carried out. Application of auditing procedures and reporting practices appropriate to the particular situation. Auditor should show integrity, objectivity and independence. Audit should be performed and report prepared with due professional care by persons having training, experience and competence in auditing.

While discharging their attest functions, it is the duty of the members of the Institute of Chartered Accountants of India to ensure that these standards are followed in the audit of financial information covered by their reports.

If, for any reason, the member is unable to perform an audit in accordance with the generally accepted auditing standards, his report should draw attention to any material departures there from, failing which he would be held guilty of professional misconduct under clause 9 of Part I of the Second Schedule to the Chartered Accountants Act, 1949. Also, the clauses 5,6,7,8 and 9 of Part I of Second Schedule may also get attracted in case of failure of compliance Standards on Auditing.

Auditor should have specialized skills and competence to carry out audit. Auditor should ensure that all accounting information that should be recorded has in fact been recorded. Auditor should review and assess the conclusions drawn from audit evidences to arrive at an overall conclusion with regard to the following:

(a)Financial statements have been prepared using acceptable accounting policies.

(b)Such policies are consistently applied.

3.4 SA 200- Basic Principles Governing an Audit

The following is the text of the Auditing and Assurance Standard (AAS) 1*, “Basic Principles Governing an Audit”, issued by the Council of the Institute of Chartered Accountants of India. This Standard should be read in conjunction with the “Preface to the Statements on Standard Auditing Practices” issued by the Institute.

Introduction

• This Standard describes the basic principles which govern the auditor’s professional responsibilities and which should be complied with whenever an audit is carried out.
• An audit is the independent examination of financial information of any entity, whether profit oriented or not, and irrespective of its size or legal form, when such an examination is conducted with a view to expressing an opinion thereon. [2] In this Standard, the term “financial information” encompasses financial statements.
• Other Auditing and Assurance Standards to be issued by the Institute will elaborate on the principles set out herein to give guidance on auditing procedures and reporting practices.
• Compliance with the basic principles requires the application of auditing procedures and reporting practices appropriate to the particular circumstances.

Integrity, Objectivity and Independence

The auditor should be straightforward, honest and sincere in his approach to his professional work. He must be fair and must not allow prejudice or bias to override his objectivity. He should maintain an impartial attitude and both be and appear to be free of any interest which might be regarded, whatever its actual effect, as being incompatible with integrity and objectivity.

Confidentiality
The auditor should respect the confidentiality of information acquired in the course of his work and should not disclose any such information to a third party without specific authority or unless there is a legal or professional duty to disclose.

Skills and Competence

The audit should be performed and the report should be prepared with due professional care by persons who have adequate training, experience and competence in auditing.
 

The auditor requires specialized skills and competence which are acquired through a combination of general education, technical knowledge obtained through study and formal courses concluded by a qualifying examination recognized for this purpose and practical experience under proper supervision.

In addition, the auditor requires a continuing awareness of developments including pronouncements of ICAI on accounting and auditing matters, and relevant regulations and statutory requirements.

Work Performed by Others

When the auditor delegates work to assistants or uses work performed by other auditors and experts, he will continue to be responsible for forming and expressing his opinion on the financial information. However, he will be entitled to rely on work performed by others, provided he exercises adequate skill and care and is not aware of any reason to believe that he should not have so relied. In the case of any independent statutory appointment to perform the work on which the auditor has to rely in forming his opinion, such as in the case of the work of branch auditors appointed under the Companies Act, 1956, the auditor’s report should expressly state the fact of such reliance.

The auditor should carefully direct, supervise and review work delegated to assistants. The auditor should obtain reasonable assurance that work performed by other auditors or experts is adequate for his purpose.

Documentation
The auditor should document matters which are important in providing evidence that the audit was carried out in accordance with the basic principles.

Planning
The auditor should plan his work to enable him to conduct an effective audit in an efficient and timely manner. Plans should be based on knowledge of the client’s business.

Plans should be made to cover, among other things:

(a) acquiring knowledge of the client’s accounting system, policies and internal control procedures;
(b) establishing the expected degree of reliance to be placed on internal control;
(c) determining and programming the nature, timing, and extent of the audit procedures to be performed; and

(d) Coordinating the work to be performed.

Plans should be further developed and revised as necessary during the course of the audit.

Audit Evidence

The auditor should obtain sufficient appropriate audit evidence through the performance of compliance and substantive procedures to enable him to draw reasonable conclusions there from on which to base his opinion on the financial information.

Compliance procedures are tests designed to obtain reasonable assurance that those internal controls on which audit reliance is to be placed are in effect.

Substantive procedures are designed to obtain evidence as to the completeness, accuracy and validity of the data produced by the accounting system.

They are of two types:

(i) Tests of details of transactions and balances;

(ii) Analysis of significant ratios and trends including the resulting enquiry of unusual fluctuations and items.

Accounting System and Internal Control

Management is responsible for maintaining an adequate accounting system incorporating various internal controls to the extent appropriate to the size and nature of the business. The auditor should reasonably assure himself that the accounting system is adequate and that all the accounting information which should be recorded has in fact been recorded. Internal controls normally contribute to such assurance.

The auditor should gain an understanding of the accounting system and related internal controls and should study and evaluate the operation of those internal controls upon which he wishes to rely in determining the nature, timing and extent of other audit procedures.

Where the auditor concludes that he can rely on certain internal controls, his substantive procedures would normally be less extensive than would otherwise be required and may also differ as to their nature and timing.

Audit Conclusions and Reporting

The auditor should review and assess the conclusions drawn from the audit evidence obtained and from his knowledge of business of the entity as the basis for the expression of his opinion on the financial information. This review and assessment involves forming an overall conclusion as to whether:

(a) The financial information has been prepared using acceptable accounting policies, which have been consistently applied;

(b) The financial information complies with relevant regulations and statutory requirements;
(c) there is adequate disclosure of all material matters relevant to the proper presentation of the financial information, subject to statutory requirements, where applicable.

The audit report should contain a clear written expression of opinion on the financial information and if the form or content of the report is laid down in or prescribed under any agreement or statute or regulation, the audit report should comply with such requirements. An unqualified opinion indicates the auditor’s satisfaction in all material respects with the matters dealt with or as may be laid down or prescribed under the relevant agreement or statute or regulation, as the case may be.

When a qualified opinion, adverse opinion or a disclaimer of opinion is to be given or reservation of opinion on any matter is to be made, the audit report should state the reasons therefore.

3.5 SA 200A- Objectives & Scope of the audit of Financial Statements

Introduction

• This Standard describes the overall objective and scope of the audit of general purpose financial statements of an enterprise by an independent auditor. 
• According to Para 3.3 of the Preface to the Statements of Accounting Standards 2 issued by the Institute of Chartered Accountants of India, “the term ‘General Purpose Financial Statements’ includes balance sheet, statement of profit and loss and other statements and explanatory notes which form part thereof, issued for the use of shareholders/members, creditors, employees and public at large.”
• References to financial statements in this Standard should be construed to refer to general purpose financial statements.

Objective of an Audit

The objective of an audit of financial statements, prepared within a framework of recognized accounting policies and practices and relevant statutory requirements, if any, is to enable an auditor to express an opinion on such financial statements.

The auditor’s opinion helps determination of the true and fair view of the financial position and operating results of an enterprise. The user, however, should not assume that the auditor’s opinion is an assurance as to the future viability of the enterprise or the efficiency or effectiveness with which management has conducted the affairs of the enterprise.

Responsibility for the Financial Statements

While the auditor is responsible for forming and expressing his opinion on the financial statements, the responsibility for their preparation is that of the management of the enterprise. Management’s responsibilities include the maintenance of adequate accounting records and internal controls, the selection and application of accounting policies and the safeguarding of the assets of the enterprise. The audit of the financial statements does not relieve management of its responsibilities.

Scope of an Audit

The scope of an audit of financial statements will be determined by the Objective and Scope of the Audit of Financial Statements SA 200A, auditor having regard to the terms of the engagement, the requirements of relevant legislation and the pronouncements of the Institute.

The terms of engagement cannot, however, restrict the scope of an audit in relation to matters which are prescribed by legislation or by the pronouncements of the Institute.

The audit should be organized to cover adequately all aspects of the enterprise as far as they are relevant to the financial statements being audited. To form an opinion on the financial statements, the auditor should be reasonably satisfied as to whether the information contained in the underlying accounting records and other source data is reliable and sufficient as the basis for the preparation of the financial statements. In forming his opinion, the auditor should also decide whether the relevant information is properly disclosed in the financial statements subject to statutory requirements, where applicable.

The auditor assesses the reliability and sufficiency of the information contained in the underlying accounting records and other source data by:

(a) making a study and evaluation of accounting systems and internal controls on which he wishes to rely and testing those internal controls to determine the nature, extent and timing of other auditing procedures; and

(b) Carrying out such other tests, enquiries and other verification procedures of accounting transactions and account balances as he considers appropriate in the particular circumstances.

The auditor determines whether the relevant information is properly disclosed in the financial statements by:

(a) Comparing the financial statements with the underlying accounting records and other source data to see whether they properly summaries the transactions and events recorded therein; and

(b) Considering the judgments that management has made in preparing the financial statements; accordingly, the auditor assesses the selection and consistent application of accounting policies, the manner in which the information has been classified, and the adequacy of disclosure.

The auditor’s work involves exercise of judgement, for example, in deciding the extent of audit procedures and in assessing the reasonableness of the judgments and estimates made by management in preparing the financial statements. Furthermore, much of the evidence available to the auditor can enable him to draw only reasonable conclusions there from. Because of these factors, absolute certainty in auditing is rarely attainable.

Handbook of Auditing Pronouncements-SA 200A

In forming his opinion on the financial statements, the auditor follows procedures designed to satisfy himself that the financial statements reflect a true and fair view of the financial position and operating results of the enterprise. The auditor recognizes that because of the test nature and other inherent limitations of an audit, together with the inherent limitations of any system of internal control, there is an unavoidable risk that some material misstatement may remain undiscovered. While in many situations the discovery of a material misstatement by management may often arise during the conduct of the audit, such discovery is not the main objective of audit nor is the auditor’s programme of work specifically designed for such discovery. The audit cannot, therefore, be relied upon to ensure the discovery of all frauds or errors but where the auditor has any indication that some fraud or error may have occurred which could result in material misstatement, the auditor should extend his procedures to confirm or dispel his suspicions.

The auditor is primarily concerned with items which either individually or as a group are material in relation to the affairs of an enterprise. However, it is difficult to lay down any definite standard by which materiality can be judged. Material items are those which might influence the decisions of the user of the financial statements3. It is a matter in which a decision is arrived at on the basis of the auditor’s professional experience and judgement.

The auditor is not expected to perform duties which fall outside the scope of his competence. For example, the professional skill required of an auditor does not include that of a technical expert for determining physical condition of certain assets. Constraints on the scope of the audit of financial statements that impair the auditor’s ability to express an unqualified opinion on such financial statements should be set out in his report, and a qualified opinion or disclaimer of opinion should be expressed, as appropriate.

3.6 SA 210- Agreeing the Terms of Audit Engagement

Pre conditions for audit

      Determine whether applied Financial Reporting Framework (FRF) is acceptable.

      Obtain management representation regarding.

1.      Acceptable financial reporting framework is used in preparation of financial statement.

2.      Necessary internal controls are implemented to ensure that financial statements are free from fraud or error.

3.      Providing the auditor

      Access to all records and information.

      Additional information requested by the auditor

      Unrestricted access to persons within entity to enable him to get audit evidence.

      Contents of Engagement Letter- The agreed terms of the audit engagement shall be recorded in an audit engagement letter or other suitable form of written agreement and includes:

1. The objective and scope of the audit of the financial statements;
2. The responsibilities of the auditor;
3. The responsibilities of the management;
4. Identification of the applicable FRF for the preparation of the financial statements; and
5. Reference to the expected form and content of any reports to be issued by the auditor.

      Limitation imposed before accepting assignment- If the auditor believes the limitations will result in the auditor disclaiming an opinion on the financial statement, the auditor should not accept such an assignment unless required by law.

         Change in terms of audit engagement

1. When a client requests the auditor to change the terms of engagement auditor should consider whether proposed changed terms of engagement will provide lower level of assurance.
2. If the proposed terms do not convey a lower level of assurance, the auditor should not agree unless reasonable justification given by management.
3. If reasonable justification not given by management- Withdraw if legally permissible and also consider the need/ obligation to report the circumstances , which compelled him to withdraw , to board of directors or shareholders or related regulatory authority.

      Circumstances that may warrant revision in terms of audit engagement(may 2013)

1. Change in-senior management
2. Change in Financial Reporting Framework.
3. Change in reporting requirement.
4. Significant change in ownership.
5. Significant change in nature and size of entity.
6. Revised terms of audit engagement.
7. Misunderstanding of scope and objective.

FRF v/s Law-conflict- Discuss conflict with management. If additional requirement can't be met even by additional disclosure, modify audit report as per SA 705.

3.7 SA 230- Audit Documentation

The following is the text of the Auditing and Assurance Standard (AAS) 3*, “Documentation”, issued by the Council of the Institute of Chartered Accountants of India. This Standard should be read in conjunction with the “Preface to the Statements on Standard Auditing Practices”, issued by the Institute.

Introduction

Auditing and Assurance Standard (AAS)1, “Basic Principles Governing an Audit” (Paragraph 11), states, “The auditor should document matters which are important in providing evidence that the audit was carried out in accordance with the basic principles.” The purpose of this Standard is to amplify the basic principle outlined above.
Documentation, for purposes of this Standard, refers to the working papers prepared or obtained by the auditor and retained by him, in connection with the performance of his audit.
 

Working papers:

- aid in the planning and performance of the audit;
- aid in the supervision and review of the audit work; and
- provide evidence of the audit work performed to support the auditor’s opinion.

Form and Contents

• Working papers should record the audit plan, the nature, timing and extent of auditing procedures performed, and the conclusions drawn from the evidence obtained.
• The form and content of working papers are affected by matters such as:

-          The nature of the engagement.

-          The form of the auditor’s report.

-          The nature and complexity of the client’s business.

-          The nature and condition of the client’s records and degree of reliance on internal controls.

-          The needs in particular circumstances for direction, supervision and review of work performed by assistants.

• Working papers should be designed and properly organized to meet the circumstances of each audit and the auditor’s needs in respect thereof. The standardization of working papers (for example, checklists, specimen letters, and standard organisation of working papers) improves the efficiency with which they are prepared and reviewed. It also facilitates the delegation of work while providing a means to control its quality.
• Working papers should be sufficiently complete and detailed for an auditor to obtain an overall understanding of the audit. The extent of documentation is a matter of professional judgement since it is neither necessary nor practical that every observation, consideration or conclusion is documented by the auditor in his working papers.
• All significant matters which require the exercise of judgement, together with the auditor’s conclusion thereon, should be included in the working papers.
• To improve audit efficiency, the auditor normally obtains and utilizes schedules, analyses and other working papers prepared by the client. In such circumstances, the auditor should satisfy himself that these working papers have been properly prepared. Examples of such working papers are detailed analyses of important revenue accounts, receivables, etc.
• In the case of recurring audits, some working paper files may be classified as permanent audit files, which are updated currently with information of continuing importance to succeeding audits, as distinct from current audit files, which contain information relating primarily to the audit of a single period.

• A permanent audit file normally includes:
  1. Information concerning the legal and organizational structure of the entity. In the case of a company, this includes the Memorandum and Articles of Association. In the case of a statutory corporation, this includes the Act and Regulations under which the corporation functions.
  2. Extracts or copies of important legal documents, agreements and minutes relevant to the audit.
  3. A record of the study and evaluation of the internal controls related to the accounting system. This might be in the form of narrative descriptions, questionnaires or flow charts, or some combination thereof.
  4. Copies of audited financial statements for previous years.
  5. Analysis of significant ratios and trends.
  6. Copies of management letters issued by the auditor, if any.
  7. Record of communication with the retiring auditor, if any, before acceptance of the appointment as auditor.
  8. Notes regarding significant accounting policies.
  9. Significant audit observations of earlier years.

• The current file normally includes:
  1. Correspondence relating to acceptance of annual reappointment.
  2. Extracts of important matters in the minutes of Board Meetings and General Meetings, as are relevant to the audit.
  3. Evidence of the planning process of the audit and audit programme.
  4. Analysis of transactions and balances.
  5. A record of the nature, timing and extent of auditing procedures performed, and the results of such procedures.
  6. Evidence that the work performed by assistants was supervised and reviewed.
  7. Copies of communications with other auditors, experts and other third parties.
  8. Copies of letters or notes concerning audit matters communicated to or discussed with the client, including the terms of the engagement and material weaknesses in relevant internal controls.
  9. Letters of representation or confirmation received from the client.
  10. Conclusions reached by the auditor concerning significant aspects of the audit, including the manner in which exceptions and unusual matters, if any, disclosed by the auditor’s procedures were resolved or treated.
  11. Copies of the financial information being reported on and the related audit reports.
       

Ownership and Custody of Working Papers

Working papers are the property of the auditor. The auditor may, at his discretion, make portions of or extracts from his working papers available to his client.

The auditor should adopt reasonable procedures for custody and confidentiality of his working papers and should retain them for a period of time sufficient to meet the needs of his practice and satisfy any pertinent legal or professional requirements of record retention.

3.8 SA 240- Auditor’s Responsibility in relation to Fraud in an Audit of Financial Statement

Fraud means an intentional act by one or more individual among management, those charged with governance, employees, or third parties, to deceive, to mislead or at least to conceal the truth to obtain an unjust or illegal advantage.

In accordance with SA 315, auditor should identify and assess risks of material misstatement due to fraud at the financial statement level, and at assertion level for classes of transactions, account balances and disclosures.

In accordance with SA 330, the auditor should determine overall responses to address the assessed risk of material misstatement due to fraud at financial statement level.

Perform Risk Assessment Procedures, & General understanding of its entity, its environment and Internal Control System as per SA 315.

Auditor's Responsibilities relating to fraud in an audit of Financial Statement.

      Obtaining Reasonable Assurance that financial statements taken as a whole are free from material misstatement, whether due to fraud or error.

      Maintain Professional Skepticism throughout the audit.

      Obtain Written Representation.

      As per SA 200, due to inherent limitations of an audit, there is an unavoidable risk that some material misstatement of financial statement will not be detected, even though the auditor is properly planned and performed in accordance with SA's.

      Risk of not detecting a material misstatement resulting Management fraud is greater than Employee fraud, because management can easily manipulate accounting records because management is in a unique position to penetrate fraud because of Management's ability to manipulate accounting records & prepare financial statements by overriding controls.

      Perform Risk Assessment Procedures

• Enquiry of Management.
• Enquiry of Those Charged With Governance.
• Evaluation of fraud risk factor.
• Evaluation of identified unusual & unexpected relationship.

      Consider impact of fraud on financial statement.

      Consider reliability of WR if management fraud found.

      Communicate to chairman, Board of Directors.

Possible sources of Fraudulent Financial Reporting (FRAUD)

      F-Recording fictitious journal entries, particularly at the end of Accounting Year to manipulate operating results.

      R-Receipts ka Embezzlement.

      A-Assets ka misappropriation. Stealing physical Assets/IPR

Adjusting Assumptions inappropriately and changing judgments

      U-Using Entity's assets for personal use.

      D- Delaying, advancing or omitting recognition in financial statement of events and transactions that have occurred during reporting period.

Whenever any fraud is discovered, the auditor should report under Section 143(12) to Central Government. Additional reporting responsibility under CARO as per Section 143(11) issued by Central Government. The person committing the fraud shall be liable under Section 447.

Fraud has been defined in paragraph 11 (a) of SA 240, “The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial statements” as an intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception to obtain an unjust or illegal advantage.'

If Auditor is unable to continue the Engagement:

1. Determine whether its legal and professional responsibility of auditor to report to persons appointing him and to regulatory authorities.
2. Determine whether it is appropriate to withdraw, where withdrawal is legally permitted.
3. If he withdraws:

1. Discuss with management and TCWG.
2. Give reasons for withdrawal.
3. Determine whether it’s legal and professional responsibility of auditor to report to persons appointing him and to regulatory authorities.

3.9 SA 250- Consideration of Laws & Regulations in an Audit of Financial Statements

Responsibilities of an Auditor

      Auditor is not responsible for prevention/detection of non compliances. Management, with the oversight of those charged with governance, is responsible for ensuring that the entity’s operations are conducted in accordance with laws and regulations.

      The auditor should obtain general understanding of regulatory framework and how entity complies with it.

      The auditor should obtain Sufficient and appropriate audit evidence w.r.t. Laws directly effecting determination of amount and disclosure in Financial statement.

      He is not required to obtain expert understanding of other laws that do not have a direct bearing on financial statement such as compliance with environmental regulations.

      Non compliance with other laws may result in litigations, fines and other consequences .The auditor will disclose whether co. Has made provisions for such fines, litigations.

      Obtain written representation that all instances of non- compliances or suspected non- compliances with laws and regulations have been disclosed to the auditors.

      Obtain Sufficient and appropriate audit evidence that all instances of non-compliances or suspected non-compliances with laws and regulations have been disclosed to the auditors.

      Obtain Sufficient and appropriate audit evidence that whether the misstatements found is due to fraud or error. If it is done fraudulently, the auditor shall consider SA 240.

Whenever, any violations is being noticed, the Statuary Auditor's must report the same to

      Management

      Stakeholders

      Those Charged with Governance

      If Management/TCWG is involved, communicate to the next level-Supervisory Board or Audit Committee.

      If next level is not there, obtain legal advice.

If non compliances have material effect on Financial Statements, it means financial statement is not reflecting true and fair view (Required under SA 200 and Section 143(2).Hence the auditor is required to give qualified/adverse report.

Reporting to Regulatory and Enforcement Authorities

The auditor's duty of confidentiality would preclude reporting to a 3rd party. However, in certain circumstances duty of confidentiality is overridden by statute, law or by courts of law.

Indicators of Non -Compliance (Pimple)

      P-Payments made without proper authorisation/Payment of fines or penalties/Purchasing at price significantly above or below market price.

      I-Investigations made by Government department.

      M-Adverse Media Comment.

      P-Payments made to Related Parties, Loans to Consultants etc.

      L-Lax i.e weak accounting system.

      E-Extra ordinary and unauthorised transactions.

Special point:

The DRS shall disclose as to whether the directors had devised proper system to ensure compliance with all the provisions of all applicable laws and regulations and whether such system were adequate and operating effectively.

3.10 SA 300- Audit Planning

Need of Audit Plan: It is essential to plan in advance to complete audit in timely and efficient.

Who should be involved in Audit Planning?

Along with senior partner, the engagement team leader of Audit Engagement Team with his key members.

Preliminary Engagement Activities (ETC)

      E-Evaluating compliance with ethical requirements, including independence, as required by SA 220;

      T-Understanding of Terms of the Engagements as required by SA 210;

      C-Perform procedures required by SA 220, “Quality Control for an Audit of Financial Statements” regarding the continuance of the client relationship and the specific audit engagement;

What should be considered in Planning/Audit Strategy? (STD and additional points)

      S-Scope

      T-Timing

      D-Directors required for engagement team

      Characteristics of Engagement

      Reporting objectives

      Consider the results of preliminary engagement

      Nature, Time, Extent of resources.

Development of Audit Plan

While developing audit plan, the auditor shall give description of SA 315(NTE of RAP), 330(NTE of further audit procedures) and other planned audit procedures as per audit standards.

Can the Audit Plan or strategy be changed during the audit engagement?

      Audit planning is a continuous process , the auditor may change the audit plan or strategy during the performance of an audit engagement as a result of

• Unexpected events;
• Change in conditions; or
• The audit evidence obtained from the result of audit procedures.

Relationship between the Overall Audit Strategy and the Audit Plan:

1. The audit strategy provides the guidelines for developing the audit plan. It establishes the scope and conducts of the audit procedures and thereby works as basis for developing a detailed audit plan.
2. Detailed audit plan would include the nature, timing and extent of the audit procedures to obtain sufficient appropriate audit evidence.
3. The audit strategy is prepared before the audit plan.
4. The audit plan contains more details than the overall audit strategy.
5. Audit strategy and audit plan are inter-related because change in one would result into change in the other.

3.11 SA 315- Identifying & Assessing the Risk of Material Misstatement through understanding the Entity and its Environment

How will the auditor understand entity and its environment?

1. Understanding the legal structure of the entity.
2. Nature of business.
3. Laws and Regulations Applicable.
4. How is it financed
5. Management structure-TCWG,BOD
6. FRF applicable
7. Accounting policies
8. Accounting Estimates
9. Integrated or Non Integral
10. List of Related parties.

Understanding of entities internal control system

1. Internal control is a process designed ,implemented and maintained by management and TCWG to ensure

      Reliability of financial reporting.

      Effectiveness & Efficiency of operation.

      Safeguarding of Assets.

      Compliance with laws and regulation.

B.      Components of Internal Control System(ICRAM)

      Information System-There are two types of information system, manual and automated.(CIS)

      Control Environment-Understanding the control environment, whether management, with TCWG has created and maintained a culture of honesty and ethical behavior.

      Risk Assessment Procedures

      Activities-The auditor shall obtain understanding of control activities relevant to an audit. For example; Authorization , Segregation of duties, Safeguarding, Asset accountability

      Monitoring (SA-220)-Monitoring of controls is a process to assess the quality of internal control performance over time.

Identifying and assess the Risk of Material Misstatement

      The auditor shall perform risk assessment procedures to provide a basis for identification and assessment of risk of material statement at the financial statement level and assertion level.

      Risk Assessment Procedures by themselves do not provide sufficient and audit evidence on which to base the audit opinion.

Risk Assessment Procedures.

      Risk is of 3 types-Inherent risk, Control risk and Detection risk.

      Risk Assessment Procedures included the following

1. Enquiries of management and others (TCWG) who can assist in identifying risk of material misstatement.
2. Observation and Inspection.
3. Enquiry of others.
4. Analytical Procedures (SA-520).

Audit Risk (Inherent Risk vs. Control Risk vs. Detection Risk).

      Audit Risk is the risk that an auditor may issue an inappropriate opinion when there is material misstatement in financial statement(Defined in SA 200)

      There are two components of Audit Risk

a.)   Risk of material misstatement-Risk that financial statement may contain material misstatement assessed by the auditor prior to audit. There are 2 components-Inherent Risk and Control Risk.

b.)  Detection Risk.

      As per SA 315 read with SA 330, auditor exercises his professional judgement to assess audit risk and to design audit procedures to ensure that it is reduces to an acceptable low level.

      Detection Risk is the risk that even auditor's substantive procedure will fail to detect risk of material misstatement although risk existing in account balance or class of transaction could be material.

      Higher, the Inherent Risk and Control Risk, the more substantive procedures the auditor will perform, obtain more audit evidence and reduce his detection risk so as to reduce audit risk to an acceptable low level.

      Inherent Risk- There will always be risk of material misstatement existing in account balance or class of transaction or disclosure presuming that there is no internal Control. Therefore, such risk of material misstatement due to non-existence of internal controls is known as an inherent risk.

      Control Risk-The risk of material misstatement existing in account balance or class of transaction or disclosure will not be prevented, detected and timely corrected by system of internal control.

IT systems also pose specific risks to an entity's internal control? What are those risks?

      Reliance on inaccurate input, processing and output.

      Possibility of IT personnel gaining access beyond those necessary to perform their assigned duties thereby breaking down segregation of duties.

      In appropriate manual intervention.

      Unauthorised access to data that may result in destruction of data or improper changes to data.(U)

      Unauthorised changes to data in Master files.

      Unauthorised changes to systems or programs.

      Failure to make necessary changes to systems or programs.

Risks that require special consideration:

      Risk of fraud;

      Risk related to recent significant, economic, accounting or other developments lie changes in regulatory environment etc.

      Risk involved in complex transactions.

      Significant transactions with related parties.

      Risk involved in significant unusual transactions.

Conditions and indications that may indicate Risk of Material Misstatements (Give few examples)

      Significant transactions with related parties.

      Weakness in internal control.

      Changes in IT environment.

      Launch of new products or services.

      Going concern and liquidity issues.

      Significant amount of unusual transactions.

      Pending litigation and contingent liabilities.

3.12 SA 320- Audit Materiality (AAS 13)

1. SA 320 deals with the concept of materiality.

2.      Material means important from the perspective of the audit. The auditor should consider materiality when conducting an audit.

1. Any information may be considered materiality if its misstatements could influence the decision of the users of the financial statements.
2. Explaining further, an information may be considered material if it either individually or in the aggregate are relatively important for the true and fair presentation of the financial statements.
3. Materiality is subject to the professional judgement of the auditor while conducting an audit.

Example: The auditor of Infosys might  decode that only vouchers above rs.10000  need to be vouched on the other hand the auditor of a small private limited company might decide that vouchers above Rs.500 need to be vouched.

3.      The basic factor on which materiality depends is the size and nature of the item. Therefore it is not necessary that only financial information is material even non- financial information is material. The disclosure of non- financial item can be done in the notes to accounts.

4.      As mentioned earlier, materiality is subject to professional judgement. However materiality is even influenced of the certain item schedule III of the companies act. The Companies Act requires compulsory disclosure of the following item separately.

1. Any debit or credit in the P & L account on account of a transaction of exceptional nature or a non- recurring transaction.
2. Any expenditure which exceeds Rs.100000 or 1% of the turnover of the company whichever is higher ,i.e. if turnover is Rs. 2 corers than 1% of turnover is Rs 2 lacs would be material and disclosed separately.
3. If an item was material in the previous year, then its corresponding figure in the current year also has to be disclosed separately

The term “disclosed separately” means that the item of expenditure cannot be clubbed with any other item or under miscellaneous expenditure.

As per accounting standard 5 “Net profit or loss for the period, prior period items and changes in accounting policies”, the following shall be material;

1. Extraordinary items.

2. Prior – period Items

3. Change in accounting policies which has a material effect.

d.     Materiality of item has to be considered by the auditor while presenting the financial statement for a true and fair view.

3.13 SA 505- External Confirmations

      This is one of the methods of obtaining audit evidence as enumerated under sa-500.

      External confirmation is the process of obtaining and evaluating audit evidence through a direct communication from a third party w.r.t. Certain assertions made by management in financial statements.

      Process of external confirmation, ordinarily, consists of the following:

• Selecting the items for which confirmations are needed.
• Designing form of confirmation request.
• Communicating confirmation request to appropriate third party.
• Obtaining response from third party.
• Evaluating information.

      Give examples of areas in which external confirmation is required.

• Bank Balance.
• Accounts receivable balance.
• Stocks held by third parties.
• Accounts payable balances.
• Loans from lenders.

      Types of confirmation request:

a.) Positive confirmation-Response mandatory in case of agreement or disagreement. If response is not received in reasonable time, send additional confirmation request. Regarded as a better mode of confirmation request. Where risk or materiality level is high, internal control system is not so sound and exception rate is high, it is advisable to send positive confirmation request.

b.) Negative confirmation-Response from the external party is required only in case of disagreement. It is to be used when risk of material misstatement or the materiality level is low, internal control is effective and exception rate is low.

          What are the various factors to be considered while designing confirmation request?

As per SA 505, “External Confirmation”, factors to be considered when designing confirmation requests include:

(i)           The assertions being addressed.

(ii)        Specific identified risks of material misstatement, including fraud risks.

(iii)      The layout and presentation of the confirmation request.

(iv)       Prior experience on the audit or similar engagements.

(v)         The method of communication (for example, in paper form, or by electronic or other medium).

(vi)       Management’s authorisation or encouragement to the confirming parties to respond to the auditor. Confirming parties may only be willing to respond to a confirmation request containing management’s authorisation.

(vii)    The ability of the intended confirming party to confirm or provide the requested information (for example, individual invoice amount versus total balance).