Page 218 - Internal Auditing Standards
P. 218
Guide to Using International Standards on Auditing in the Audits of Small- and Medium-Sized Entities Volume 1—Core Concepts
• Engagement team members can share file documents by using electronic check-in and check-out tools;
• Certain documents can be password-protected for enhanced security; and
• Access to files can be restricted to authorized personnel.
Using Electronic Tools in Working Papers
There are three important principles to note when using electronic tools in working-paper preparation:
• All the requirements of the ISAs still apply;
• Electronic files require electronic document management. This addresses matters such as accessibility
(such as password access), data security, application management (including training), back-up routines,
edit rights, storage locations, review procedures, and decisions on what changes to files will be tracked
to provide the necessary audit trail; and
• Final documents (all documents that are required to be maintained to support the audit opinion) must
be retained and be accessible in accordance with the fi rm’s file retention policies.
16.7 File Completion
Paragraph # Relevant Extracts from ISAs
230.13 If, in exceptional circumstances, the auditor performs new or additional audit procedures or draws
new conclusions after the date of the auditor’s report, the auditor shall document: (Ref: Para. A20)
(a) The circumstances encountered;
(b) The new or additional audit procedures performed, audit evidence obtained, and
conclusions reached, and their effect on the auditor’s report; and
(c) When and by whom the resulting changes to audit documentation were made and
reviewed.
230.14 The auditor shall assemble the audit documentation in an audit file and complete the
administrative process of assembling the final audit file on a timely basis after the date of the
auditor’s report. (Ref: Para. A21-A22)
230.15 After the assembly of the final audit file has been completed, the auditor shall not delete or
discard audit documentation of any nature before the end of its retention period. (Ref: Para. A23)
230.16 In circumstances other than those envisaged in paragraph 13 where the auditor fi nds it
necessary to modify existing audit documentation or add new audit documentation after the
assembly of the final audit file has been completed, the auditor shall, regardless of the nature
of the modifications or additions, document: (Ref: Para. A24)
(a) The specific reasons for making them; and
(b) When and by whom they were made and reviewed.
The dating of the auditor’s report signifies that the audit work is complete. After that date, there is no
continuing responsibility to seek further audit evidence.
After the audit report date, the final assembly of audit files should take place on a timely basis. An appropriate
time limit within which to complete the assembly of the final audit file is ordinarily not more than 60 days
after the date of the auditor’s report. This is illustrated in the following exhibit. Refer to ISQC 1 and ISA 230 for
more details.
216
