Embed Size (px)
DESCRIPTION
Brendan Murtagh IAASB Board Member IFAC-SAFA SMP Forum New Delhi, India October 10, 2014. The Changing Audit Environment. The external audit underpins quality and credibility of financial reporting and public confidence - PowerPoint PPT Presentation
Citation preview
Page 1
Brendan Murtagh
IAASB Board Member
IFAC-SAFA SMP Forum
New Delhi, India
October 10, 2014
Page 2
The Changing Audit Environment
• The external audit underpins quality and credibility of financial reporting and public confidence• Revolutionary change over the last 20 years in how and when financial information is communicated• Global financial crisis has further triggered questions
– Relevance of the audit and trust in the audit profession
– Quality of auditing – effectiveness, professional judgment, professional skepticism
• Increased complexity in financial reporting and global business activity has increased users’ need for more information
Page 3
Overview
• Audit quality framework – now and future
• ISQC1 and the ISAs
• Structure
• Proportional application, including documentation
•IAASB update – other projects and plans
•Audit efficiency
• Tips
• Resources
Page 4
Framework for Audit Quality
.
Key Elements
• Inputs
• Process
• Outputs
• Interactions
• Contextual Factors
Page 5
Framework for Audit Quality - Objectives
• Raise awareness of the key elements of audit quality• Encourage stakeholders to reflect on ways to improve
audit quality• Facilitate greater dialogue between key stakeholders on
the topic
The AQ Framework describes the input and output factors that contribute to audit quality at the engagement, audit firm, and national levels, and demonstrates the importance of appropriate interactions among stakeholders and the relevance of various contextual factors.
Page 6
Framework for Audit Quality – Acknowledging SME’s
• Inputs- Auditor viewed as a valued business and tax advisor- SMPs have very direct influence on governance arrangements,
consultation, and monitoring activities- Can you have relatively straightforward quality control policies and
procedures- External consultation, technical support and using independent
staff in quality monitoring processes may be challenging for SMPs- A culture of consultation may need to involve external technical
resources (e.g., professional accountancy organizations, other firms, or suitably resourced third-party organizations)
- SMPs with only a small number of audit clients may have difficulties retaining staff with relevant audit knowledge and experience
Page 7
Framework for Audit Quality – Acknowledging SME’s
• Outputs- Strong and frequent communications with senior management due
to close involvement in the entity’s business and lengthy relationships
- Enhanced opportunity to provide meaningful advice to clients
• Contextual Factors- Business practices and information systems, and applicable
financial reporting framework, are sometimes les complex- Little distinction between management and those charged with
governance (e.g., an owner-manager will usually fulfil both roles)- Audit committees are rare and, when they exist, members are
often not independent or financial literate- Reporting deadlines can be less onerous
Page 8
Framework for Audit Quality – Next Steps
• All stakeholders encouraged to consider how they may use the Framework in reflecting how they may influence improvement in audit quality
• Actions to raise awareness and promote the use of the Framework and identify future opportunities to enhance audit quality
– Audit Quality webpage on the IAASB’s website– Prominence in IAASB outreach and liaison activities– Use in revising ISQC 1 and ISA 220– Future follow-up activities after a period of time to understand how
and in what way the Framework is being used
Page 9
Overview
• Audit quality framework – now and future
• ISQC1 and the ISAs
• Structure
• Proportional application, including documentation
•IAASB update – other projects and plans
•Audit efficiency
• Tips
• Resources
Page 10
Understanding the ISAs – Overall Structure
PrefaceScope and Authority
GlossaryTerms applicable to the standards
ISQC1QC for firms
ISAs
37 in all, 570+ requirements (incl. ISQC1)
Page 11
Structure of the ISAs
• Clarity structure in which information is presented in separate sections: Introduction, Objective, Definitions, Requirements and Application and other Explanatory Material
• Emphasis on professional judgment, the standards are principles based which allows practitioners to tailor audit procedures
• Contain special considerations for smaller entity audits• Some ISAs only apply to larger entity audits• Many requirements may not be relevant to SME audits
Page 12
Proportional Application – ISQC 1
• ISQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Statements and other Assurance and Related Service Engagements- Applies to firms of all sizes that provide services covered by the
IAASB’s International Standards- Must comply with each requirement unless, in the circumstances of
the firm, it is not relevant to the services provided- Contains special considerations for smaller practices- The form and content of documentation evidencing the operation of
each elements of the system of quality control is a matter of judgment and depends on the size, nature and complexity of the firm and number of offices
Page 13
Proportional Application – ISA 200
• ISA 200, Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing- The practitioner needs to comply with all ISAs relevant to the audit
and with all requirements in ISAs relevant to the audit- A complete knowledge of all the standards is essential in order to
make a professional judgment as to what to leave out- Not all ISAs are relevant to every audit as the standards are
designed to cover audits in every situation globally
Page 14
Proportional Application – ISA 210
• ISA 210 Agreeing Terms of Audit Engagements - Paragraph 6, agreeing the terms of engagement with
management, and paragraphs 9 and 10, which require you to communicate the terms in writing to management in a letter, will be applicable in every engagement
- Paragraphs 7 and 8 deal with an imposed scope limitation and the situation where the preconditions do not exist. Paragraphs 14-17 deal with changes to the terms of engagement in mid-audit and paragraphs 18-21 the situation where laws and regulation supersede the ISAs• It is important to know what the requirements are, but these situations
are also likely to be far and few between for SME audits
Page 15
Proportional Application – ISA 210 (con’t)
• ISA 210 Agreeing Terms of Audit Engagements continued - To summarize, of the 16 requirements in ISA 210, paragraphs 6, 9
and 10 are critical and will apply in every engagement. For SMPs, knowing they have to deal with 3 main requirements out of 16 is a lot less daunting than considering all 16 every time.
Page 16
Proportional Application – ISA 315
• ISA 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment - The objective of the auditor is to identify and assess the risks of
material misstatement, whether due to fraud or error, at the financial statement and assertion levels, through understanding the entity and its environment, including the entity’s internal control, thereby providing a basis for designing and implementing responses to the assessed risks of material misstatement.
• Focus on significant risks – effectiveness and efficiency - Understand the business – important from an engagement risk
perspective
- Identify significant risks up front and focus audit effort on these
Page 17
Proportional Application – ISA 315 (con’t)
• ISA 315 focus on significant risks – effectiveness and efficiency continued - Substantive tests are required for each material class of
transactions, account balances and disclosures, but tests of details only required for significant risks
- Consider analytical procedures (follow requirements of ISA 520 Analytical Procedures) for non-significant risk items where appropriate
- Use professional judgment to determine what substantive tests to use on items not considered significant risks
- ISAs explicitly encourage the auditor to exercise professional judgement in determining the form and extent of documentation – they acknowledge extent may vary depending on the circumstances
Page 18
Proportional Application – some ISAs not relevant
• Examples of some of the ISAs that would not be relevant in an SME audit include: - ISA 402 Audit Considerations Relating to an Entity Using a Service
Organization if the SME does not use a service organization- ISA 510 Initial Audit Engagements – Opening Balances if the SME
is a continuing, and not an initial, engagement- ISA 600, Special Considerations – Audits of Group Financial
Statements (Including the Work of Component Auditors) if the SME audit engagement is not a group audit.
- ISA 610 Using the Work of Internal Auditors if the SME has no internal audit function
Page 19
Documentation – ISA 230
• ISA 230 on documentation is one of the shortest ISAs • Only 9 requirements but another 22 specific requirements
in other ISAs listed in the appendix• Must be in detail (e.g. specific items sampled) and who did
what and when (paragraph 9)• Document discussions of significant matters,
inconsistencies, and departures from requirements (paragraphs 10-12)
• Remainder covers matters arising after the audit report is signed, and assembly of the file
Page 20
Purposes of Audit Documentation
• Evidence of the auditor’s basis for a conclusion about the achievement of the overall objectives of the auditor (ISA 200 para 11)
• “A sufficient and appropriate record of the basis for the auditor’s report” (ISA 230 para 5)
• Evidence that the audit was planned and performed in accordance with ISAs
Page 21
Additional purposes (ISA 230 para 3)
• Assist in planning/performing the audit• Assist the direction, supervision and review of the audit
work (ISA 220 para 2)• Enabling the engagement team to be accountable for its
work• Record matters relevant to future audits• Enabling EQCR/ISQC 1 review • Enabling external inspections
Page 22
‘Sufficient’ audit documentation
• “Oral explanations by the auditor, on their own, do not represent adequate support for the work the auditor performed or conclusions the auditor reached, but may be used to explain or clarify information contained in the audit documentation” (ISA 230 para A5)
• If it’s not documented … it wasn’t done!
Page 23
Documentation – Regulators’ Observations I
• Worldwide regulators complain about poor documentation • Too much documentation in some established and low risk
areas and not enough in other difficult areas• Poor evidence of link between risk analysis and
procedures performed – problems identified but not addressed
• Not enough showing the thought processes – but how!?• Sample sizes being cut, materiality levels being raised,
analytical procedures not being used much – without documentation for the justification of this – big issues
Page 24
Documentation – Regulators’ Observations II
• ISA 200: scepticism is an attitude including a questioning mind, being alert to conditions which may indicate possible misstatement, and a critical assessment of audit evidence
• Scepticism is not cynicism / distrusting everything: assume documents are genuine unless reason to suspect not
• Scepticism is about challenging assumptions and actively considering the possibility of bias
• Little evidence of professional scepticism• Insufficient evidence of challenge to client assumptions
(e.g., impairments, going concern): often, the challenge took place in meetings but was not documented
Page 25
Documentation – Real Problem
• Excessive documentation for compliance purposes is real problem – keeps auditors from engaging with the client
• Largely a product of over-engineered and inefficient audit methodologies – leading to under- or over-auditing
• Poor documentation by auditors – for example- Keeping interesting but irrelevant information on the file- Full documents rather than extracts- Not making use of facilities for electronic cross-referencing- Poor checklists used indiscriminately without thought
Page 26
Overview
• Audit quality framework – now and future
• ISQC1 and the ISAs
• Structure
• Proportional application, including documentation
•IAASB update – other projects and plans
•Audit efficiency
• Tips
• Resources
Page 27
• Major changes to the audit report (late 2014)- Improved auditor reporting is essential to the continued relevance of –
and trust in – the audit profession globally- The audit opinion is valued, but the auditor’s report could be more
informative- Users, in particular investors, want more relevant and decision-useful
information about the entity, the financial statements and the audit thereof
- Requirements to determining and communicate Key Audit Matters• ISA 720 (early 2015?)
- Identify “other information” in the auditor’s report - Clarify responsibilities
• Auditing Financial Statement Disclosures (mid 2015?)- Changes proposed across a number of ISAs- Reinforce consistent and proper application of existing requirements
Projects nearing completion
Page 28
• Initially suggested focus on three priority projects– Quality Control (QC); Special Audit Considerations Relating to
Financial Institutions; Professional Skepticism• Clear from responses that the IAASB needs to advance its
thinking in certain areas sooner than originally anticipated– Perhaps less important to complete projects on an accelerated basis
• Respondents– Agreed with project on QC – mixed views on how to addressed issues– Agreed with topic of Professional Skepticism – further consideration as
to nature of project– Recognized importance of Financial Institutions, largely supportive,
but some caution against developing industry-specific ISAs; rather non-authoritative material?
– Expressed strong views to bring forward group audits (ISA 600) – Encouraged timely work on agreed-upon procedures (ISRS 4400) and
risk assessment (ISA 315)
Proposed Work Program 2015–2016 – Feedback
Page 29
• Explore emerging developments in the audit, assurance and related services fields for the purpose of assisting the IAASB in identifying opportunities for relevant and effective standard setting, or determining other potential actions, in a timely and informed manner
• Possible actions may include – Information gathering – private outreach/ dialogue or academic research
– Follow up actions – Thought piece/ awareness (Staff publication/ IAASB
Position paper), public outreach or consultation paper or discussion – Standard setting
• Areas of priority include integrated reporting (<IR>) and effects of evolving use of technology on audits (including data analytics)
The IAASB’s Innovation Working Group
Page 30
Global Adoption of Clarified ISAs
Jurisdictions Using Clarified ISAs Already, or Committed to Using Them in the Near Future (103)
Asia and Oceania (21): Australia, Bangladesh, China, Hong Kong, India, Indonesia, Japan, Kazakhstan, Kyrgyz Republic, Malaysia, Mongolia, Nepal, New Zealand, Pakistan, Philippines, Singapore, South Korea, Sri Lanka, Thailand, Uzbekistan (listed entities), Vietnam
Americas (17): Argentina, Bahamas, Barbados, Brazil, Canada, Cayman Islands, Chile, Costa Rica, El Salvador, Guyana, Jamaica, Mexico, Panama, Puerto Rico (private companies), Trinidad and Tobago, Uruguay, USA (private companies)
Europe (39): Albania, Armenia, Austria, Belgium, Bosnia and Herzegovina, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France (Experts Comptables), FYR Macedonia, Georgia, Greece, Hungary, Iceland, Ireland, Italy, Kosovo, Latvia, Lithuania, Luxembourg, Malta, Moldova, Montenegro, Netherlands, Norway, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey, Ukraine, United Kingdom
Africa/Middle East (26): Benin, Botswana, Ghana, Jordan, Kenya, Kuwait, Lebanon, Lesotho, Malawi, Mali, Mauritius, Namibia, Nigeria, Palestine, Rwanda, Senegal, Sierra Leone, South Africa, Swaziland, Tanzania, Togo, Tunisia, Uganda, United Arab Emirates (Abu Dhabi and Dubai), Zambia, Zimbabwe
Page 31
Overview
• Audit quality framework – now and future
• ISQC1 and the ISAs
• Structure
• Proportional application, including documentation
•IAASB update – other projects and plans
•Audit efficiency
• Tips
• Resources
Page 32
Tips for Audit Efficiency
• Automation – standardized templates and customized checklists
• Software – utilizing commercially available products• Planning – timeframe, list of deliverables, client meeting• Risk based approach – in line with ISAs• Staff training / supervision• Communication
Page 33
Knowledge Sharing – Implementation
ISA Guide Volume 1• Fundamental concepts of a risk-based
audit in conformance with the ISAs
ISA Guide Volume 2• Practical guidance on performing SME
audits. Includes two illustrative case studies—one of an SME audit and one of a micro-entity audit
Page 34
Knowledge Sharing – Implementation (cont)
• QC Guide• Helps SMPs apply ISQC 1
proportionately and efficiently. Includes guidance, case study, two sample QC manuals and checklists
• Reference, training, customize manuals and checklists
Page 35
IFAC Global Knowledge Gateway
Page 36
References – IAASB
• Staff Q&A, Applying ISAs Proportionately with the Size and Complexity of an Entity: http://www.ifac.org/publications-resources/staff-questions-answers-applying-isas-proportionately-size-and-complexity-ent
• Staff Q&A, Applying ISQC 1 Proportionately with the Nature and Size of a Firm: http://www.ifac.org/sites/default/files/publications/files/Staff%20QA%20ISQC%201%20Proportionality_FINAL.pdf
• The Clarified ISAs—Findings from the Post-Implementation Review: http://www.ifac.org/publications-resources/clarified-isas-findings-post-implementation-review
Page 37
References – Knowledge Sharing - Implementation
• Guide to Using International Standards on Auditing in the Audits of Small- and Medium-Sized Entities (Third Edition) (incl. companion manual and slides): https://www.ifac.org/publications-resources/guide-using-international-standards-auditing-audits-small-and-medium-sized-en
• Guide to Quality Control for Small- and Medium-Sized Practices (Third Edition) (incl. companion manual and slides): www.ifac.org/publications-resources/guide-quality-control-small-and-medium-sized-practices-third-edition-0
• Boosting the Quality and Efficiency of Smaller Entity Audits article: https://www.ifac.org/news-events/2013-07/boosting-quality-and-efficiency-smaller-entity-audits
• Tips for Cost-Effective ISA Application article: https://www.ifac.org/publications-resources/tips-cost-effective-isa-application
• Tips for Cost-Effective ISQC 1 Application article: https://www.ifac.org/publications-resources/tips-cost-effective-isqc-1-application
