Chapter 02

1. Obtain reasonable assurance that financial statements are, as a whole, free from material misstatement from fraud or error.

2. Form an opinion on whether the financial statements follow the relevant reporting rules.

3. Report and communicate findings based on the financial statements as required by ISAs.

   • Reasonable assurance means a high, but not absolute, level of assurance!

1. Obtaining audit evidence of how the company's management controls and monitors their business (also for components)

2. Gaining a deeper understanding of the business, the environment and corporate risks

Tests of controls and monitoring measures with regard to assertions in the financial statements

Test of Details

• Audit procedures must align with the assessed risks of material misstatement at the assertion level.

• Tests are conducted to gather evidence for each assertion.

• Tests of controls are performed to confirm the operating effectiveness of relevant controls, with more persuasive evidence required for greater reliance on controls.

• Conduct specific substantive procedures for significant risks of misstatement.

• Regardless of assessed risks, substantive procedures are designed and performed for each material class of transactions, account balance, and disclosure.

Management makes implicit or explicit assertions regarding the recognition, measurement, and presentation of assets, liabilities, equity, income, expenses, and disclosures in financial statements.

• For example, in the balance sheet, if properties are shown, management is claiming:

  • Existence: The properties exist at the end of the reporting period, representing the company's complete financial situation.

  • Rights/obligations: The entity owns or controls the properties.

  • Accurate valuation: The properties are valued accurately based on the measurement basis.

  • Completeness: All properties owned and controlled by the entity are included in the carrying amount.

• Evaluate the client's background and reasons for the audit

• Determine whether the auditor is able to meet the ethical requirements regarding the client

• Communicate with previous auditor

• Prepare client proposal

• Select staff to perform the audit and determine if there is a need for other professionals

• Obtain an engagement letter

• Perform audit procedures to understand the entity, its environment, and the entity's internal controls

• Assess the risks of material misstatements of the financial statements

• Determine materiality

• Prepare the planning memorandum and audit program containing the auditor's response to the identified risks

• Test of internal controls

• Analytical procedures on financial information

• Tests of details of balances

• Perform procedures to identify subsequent events

• Review financial statements and other reported material

• Perform wrap-up procedures

• Prepare final documentation

• Report to the board of directors

• Prepare Audit report

Audit risk is the risk that an auditor gives an inappropriate audit opinion when the financial statements are materially misstated.

It is a measure of how reliable the information used by the accounting system is

1. Inherent risk: Risk inherent in transactions that cannot be avoided. Management is expected to mitigate inherent risk through internal controls.

2. Control risk: Risk that internal controls will not mitigate inherent risk. It refers to the risk that a material misstatement will not be prevented or detected, and corrected by the internal controls in a timely manner.

3. Detection risk

1. Risk of material misstatement: The risk of significant errors or fraud (material misstatements) in financial statements before the audit.

2. Auditor assesses risk, which cannot be changed by the auditor.

3. Assessment considers inherent risk and control risk from the client's risk assessment process.

• Audit Plan: A plan designed to detect all material misstatements in the client's financial statements.

• Detection risk: The risk that the procedures performed by the auditor to reduce audit risk to an acceptable level will not detect a material misstatement

• The effectiveness of the auditing procedures and their application by the auditor influences the level of this risk.

• The level of assurance (accepted audit risk) determines the extent of evidence that the auditor needs to gather.