Embed Size (px)
DESCRIPTION
An Introduction to Risk Based Auditing. Stuart Hartley FCA FocusROI Inc [email protected]. The Audit Objective (ISA/CAS 200). To obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement , whether due to fraud or error, - PowerPoint PPT Presentation
Citation preview
Copyright FocusROI 2014
An Introduction to Risk Based Auditing
STUART HARTLEY FCA
FOCUSROI INC
The Audit Objective (ISA/CAS 200)
To obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error,
thereby enabling
the auditor to express an opinion on whether the financial statements are prepared, in all material respects, in accordance with an applicable financial reporting framework;
The Audit Process - in 3 steps
Risk assessment – What can go wrong? ◦ Perform risk assessment procedures to identify and assess the risks
of material misstatement in the financial statements.
Risk Response – Did it go wrong? ◦ Perform further procedures to respond to the assessed risks
and determine if material misstatements have occurred.
Reporting. – Opinion◦ What is the appropriate wording of the audit opinion
based on the work performed?
Basic Audit Requirements ISA/CAS 200
1. Comply with relevant ethical requirements,
2. Plan and perform an audit with professional skepticism
3. Exercise professional judgment in planning and performing an audit
4. Obtain sufficient appropriate audit evidence to reduce audit risk to an acceptably low level
5. Comply with all CASs relevant to the audit
An audit in 14 Steps
Risk Assessm ent
1 . Perform preliminary activities
4-6. Perform s:RAP
Entity-Specific
Transactional
Pervasive
7. Conclude:
Assessed risksat F/S level
Assessed risks atassertion level
W hat are the in the F /S ?R M M
Risks
Risks
Risks
Controls
Controls
Controls
Risk Response
8. Design appropriate audit responses:
9 . Finalize audit plans
Did m ateria l m issta tem ents occur?
Reporting
12. Communicate (fi ndings, misst at ement s and signifi cant cont ro l defi ciencies)
13. Complete the audit fi le (fi le and F / S review s, fi nal An Rev, subsequent event s and approval s)
14. Form an opinion (appr opr iate ly w or d and dat e audi tor ’s r epor t )
Evaluating/com m unicating ?ndings, and form ing an op in ion
Assessed risksat F/S level
Assessed risks atassertion level
Further audit procedures Communicate audit plan to
management/TCW G
Scope of Risk/Control Assessment
Entity Objective: Financial Statements
that are not materiallymisstated
Governance
Leadership/ management
RevenueProcesses
OtherProcesses
Transactions
PurchasingProcesses
PayrollProcesses
Perv
asiv
e Pervasive (entity level)
Tran
sact
iona
l Transactional
Information Systems
Inher
ent
Ris
ks Con
trols
Pervasive vs Transactional
Gov
erna
nce
Co
mpe
tenc
e
Tone
at T
op
Ris
k M
ana
gem
ent
Info
rmat
ion
PervasiveRisks/Controls
TransactionalRisks/Controls
The foundation
Scope of Risk/Control Assessment – Consider using the 3 risk/control Categories
EntitySpecific
Pervasive Transactional
C-PEM Form520/522
C-PEM Form530
C-PEM Form540 - 560
Identifying and Assessing Risk
Copyright FocusROI 2013 9
Doc
umen
t Res
ults
2. Identify Financial Reporting Risks
1. Understand Entity and project Requirements
3. Assess Control Design Inquire what controls address each risk
4. Assess Control ImplementationDo the identified controls actually exist
5. Test Control EffectivenessIdentify the key controls to test and
material/significant control deficiencies
Pervasive
Pervasive
Pervasive
Pervasive
Transactional
Transactional
Transactional
Transactional
Entity Specific
Entity Specific
Entity Specific
Entity Specific
Action Step Scope
Assess RMM
F/S Level Assertion Level
Pervasive risks/controls
Transactional(account balance)
risks/controls
TransactionsPervasive
EntitySpecific
Use of Professional Judgment to assess RMM
Risk Assessments
Categories of Risk and Control
Risk Response
At Financial Statement Level
At Assertion Level
Assessed Risks...
Design/implement appropriate responses to risks
OverallResponses
Further AuditProcedures
Substantiveprocedures
Tests ofdetail
Substantiveanalytical
Tests ofcontrol
Address:- Professional skepticism- Level of staff assigned- Extent of staff supervision- Accounting policies used- Unpredictable procedures- More further procedures
Sufficient appropriate audit evidence to reduce audit risk
to an acceptably low level
Result
Reporting
1 2 . Communicate (fi ndings, misst at ement s and signifi cant cont ro l defi ciencies)
13. Complete the audit fi le (fi le and F / S review s, fi nal An Rev, subsequent event s and approval s)
14. Form an opinion (appr opr iate ly w or d and dat e audi tor ’s r epor t )
CPEM 2014A practical approach to auditing
The Canadian Professional Engagement Manual
◦ Published by CPA Canada ◦ http://www.castore.ca/product/canadian-professional-engagement-manual-mem
bers/5
FocusROI Services
In house and web based Training
Quality Control Monitoring
Small group Coaching
www.focusroi.com
416 594 0005
![Enterprise Risk Management Risk Based Internal Auditing … · Enterprise Risk Management & Risk Based Internal Auditing [ERM & RBIA] One day Seminar on 7th March 2014 Hotel Savera,](https://img.dokumen.tips/doc/110x75/5b88e6847f8b9a301e8e7a09/enterprise-risk-management-risk-based-internal-auditing-enterprise-risk-management.jpg)
