Page 30 - Internal Auditing Standards

P. 30

Guide to Using International Standards on Auditing in the Audits of Small- and Medium-Sized Entities Volume 1—Core Concepts

The various tasks involved in each of these three phases are outlined below. Each phase is addressed
in more detail in subsequent chapters of this Guide.

Risk Assessment

Paragraph # ISA Objective(s)

315.3 The objective of the auditor is to identify and assess the risks of material misstatement,
whether due to fraud or error, at the financial statement and assertion levels, through

understanding the entity and its environment, including the entity’s internal control, thereby
providing a basis for designing and implementing responses to the assessed risks of material
misstatement.

Exhibit 3.3-3
Activity Purpose Documentation 1

Listing of risk factors
Perform preliminary Decide whether to
engagement accept engagement Independence
activities Engagement letter

Develop an overall Materiality
Risk Assessment Overall audit strategy
Audit team discussions
Plan the audit
audit strategy and
2
audit plan

Business & fraud risks
Perform
through understanding
risk assessment
the entity
procedures Identify/assess RMM 3 including significant risks
Design/implementation of
relevant internal controls

3
Assessed RMM at:
t F/S level
t Assertion level

Notes:
1. Refer to ISA 230 for a more complete list of documentation required.
2. Planning (ISA 300) is a continual and iterative process throughout the audit.
3. RMM = Risks of material misstatement.

25 26 27 28 29 30 31 32 33 34 35