Page 213 - Internal Auditing Standards
P. 213
Guide to Using International Standards on Auditing in the Audits of Small- and Medium-Sized Entities Volume 1—Core Concepts
Typical audit documentation would include the items listed below.
Exhibit 16.4-1
Risk Assessment Phase Comments
• Pre-engagement (client acceptance) procedures. Remember to update
• Independence and ethics assessments. risk assessment
documentation for:
• Terms of engagement.
• Any new risks
• Materiality considerations. identified later in the
• Overall audit strategy. audit; and
• Audit team discussions, including possible causes of material • Changes needed in
misstatement due to fraud. risk assessments or
materiality identifi ed
• Risk assessment procedures performed, and the results.
as a result of
• Assessed risks of material misstatement identified (at overall and performing further
assertion levels), based on the understanding of the entity obtained and audit procedures.
related internal control (if any).
• Signifi cant risks.
• Communications with management and those charged with governance.
Risk Response
Ris k Resp ons e
Paragraph # Relevant Extracts from ISAs
230.9 In documenting the nature, timing and extent of audit procedures performed, the auditor shall record:
(a) The identifying characteristics of the specific items or matters tested; (Ref: Para. A12)
(b) Who performed the audit work and the date such work was completed; and
(c) Who reviewed the audit work performed and the date and extent of such review. (Ref: Para. A13)
240.45 The auditor shall include the following in the audit documentation of the auditor’s responses
to the assessed risks of material misstatement required by ISA 330:
(a) The overall responses to the assessed risks of material misstatement due to fraud at the
financial statement level and the nature, timing and extent of audit procedures, and the
linkage of those procedures with the assessed risks of material misstatement due to fraud
at the assertion level; and
(b) The results of the audit procedures, including those designed to address the risk of
management override of controls.
330.28 The auditor shall include in the audit documentation:
(a) The overall responses to address the assessed risks of material misstatement at the
financial statement level, and the nature, timing, and extent of the further audit
procedures performed;
(b) The linkage of those procedures with the assessed risks at the assertion level; and
(c) The results of the audit procedures, including the conclusions where these are not
otherwise clear. (Ref: Para. A63)
330.30 The auditors’ documentation shall demonstrate that the financial statements agree or
reconcile with the underlying accounting records.
211
