Page 110 - Internal Auditing Standards
P. 110
Guide to Using International Standards on Auditing in the Audits of Small- and Medium-Sized Entities Volume 1—Core Concepts
Possible Overall Responses to Assessed Risks at the Financial Statement Level
Changes in the Consider the understanding obtained of the control environment.
Audit Approach
If the control environment is effective, the auditor may have more confi dence in
internal control and the reliability of audit evidence generated internally within the
entity. This could mean:
• More audit work conducted at an interim date rather than at the period end;
and
• An approach that uses tests of controls as well as substantive procedures
(combined approach).
If the control environment is ineffective, it could result in:
• Conducting more audit procedures as of the period end rather than at an
interim date;
• Obtaining more extensive audit evidence from substantive procedures; and
• Increasing the number of locations to be included in the audit scope.
Review Evaluate whether the selection and application of accounting policies by the entity,
Accounting particularly those related to subjective measurements and complex transactions, may
Policies being be indicative of fraudulent financial reporting resulting from management’s eff ort to
Used manage earnings.
CONSIDER POINT
Timing
Overall responses can be developed at the planning stage and then incorporated into the overall audit
strategy. In new engagements, the overall responses can be developed on a preliminary basis during
planning, and later confirmed or changed based on the results of the risk assessment.
Documentation
Establishing the overall audit response and audit strategy in a small entity need not be a complex
or time-consuming exercise. In some cases, both steps could be completed by preparing a brief
memorandum at the completion of the previous audit (assuming it covers all the required matters),
which can be updated later based on discussions with management.
108
