Guide to Using International Standards on Auditing in the Audits of Small- and Medium-Sized Entities Volume 1—Core Concepts




        •     The appropriate exercise of professional judgment is essential in tailoring the procedures to respond
              appropriately to the assessed risks; and
        •     Professional judgment cannot be used to avoid compliance with any ISA requirements except in
              exceptional circumstances.


        In addition, the ISAs contain a number of special paragraphs that address considerations specific to audits of
        SMEs. This material provides useful guidance material in applying specific ISA requirements in the context of

        an SME audit.
        Some suggestions for successfully implementing ISAs on smaller engagements are included in the following exhibit.

        Exhibit 3.6-1

         1.   Take time to read the clarified ISAs and to train staff .
         Failure to understand the requirements can lead to:
         •     The entire risk assessment phase of the audit becoming an “add-on” to the other substantive audit
               work performed. It should be the risk assessment that drives the selection of audit procedures to be
               performed, not a standardized listing of procedures that could be applied to any entity. The purpose
               of the risk assessment is to focus the audit effort on areas where there is a greater risk of material


               misstatement in the financial statements, and away from less risky areas.
         •     Turning what should be a simple audit into a complex and time-consuming project. This can arise if

               efforts are focused on completing needless standard audit forms and checklists, rather than using
               professional judgment to scale the work according to the size and complexity of the entity being
               audited and the risks involved.
         •     Failure to comply with an ISA (“the auditor shall”) requirement.

         2.  Take time to plan well, no matter how small the engagement.


         It has been said an hour spent in planning can save many more in execution. Effective audit planning is often the
         difference between a quality audit within budget and a poor-quality audit that goes over budget. This does not



         necessarily mean holding dedicated team meetings in the office. On very small engagements, planning can be
         achieved through brief discussions at the start of the engagement and as the audit progresses.
         Key areas to address in planning:

         •     Encourage staff to identify areas where the usual audit procedures seem excessive in relation to the
               risk of misstatement being addressed.
         •     Take time to ensure that each staff member understands the necessity and purpose of the

               documentation he or she is required to complete. Countless hours can be lost by staff attempting to

               complete forms they do not understand.

         •     Discuss the potential for fraud. Encourage staff to be skeptical and inquisitive, and empower them to
               raise issues, observations, or unexplained matters.
         •     Discuss known related parties and the nature/size of transactions.
         •     Consider whether the audit documentation prepared in previous periods can simply be updated for
               changes that have occurred, rather than be prepared all over again. Documentation and assessment

               of risk factors and relevant internal controls should be sufficient to enable auditors in subsequent

               periods to leverage their understanding of the entity and focus attention on new industry trends, key
               operational changes, new inherent risks, and revised internal controls.






     36