Application and Other Explanatory Material

A1

ASA 220 deals with the specific responsibilities of the auditor regarding quality management at the engagement level for an audit of financial reports, and the related responsibilities of the engagement partner. Information obtained from complying with the requirements of ASA 220 is relevant to this ASA. For example, in accordance with ASA 220, the engagement partner is required to determine that sufficient and appropriate resources to perform the engagement have been assigned or made available to the engagement team, taking into account the nature and circumstances of the audit engagement. Such a determination is directly relevant when ascertaining the nature, timing and extent of resources necessary to perform the engagement in the overall strategy, as required by paragraph 8 of this ASA.

The Role and Timing of Planning

A2

The nature and extent of planning activities will vary according to the size and complexity of the entity, the key engagement team members’ previous experience with the entity, and changes in circumstances that occur during the audit engagement. In planning the audit, the auditor may use project management techniques and tools. ASA 220 [10] describes how such techniques and tools may support the engagement team in managing the quality of the engagement.  

A3

Planning is not a discrete phase of an audit, but rather a continual and iterative process that often begins shortly after (or in connection with) the completion of the previous audit and continues until the completion of the current audit engagement.  Planning, however, includes consideration of the timing of certain activities and audit procedures that need to be completed prior to the performance of further audit procedures.  For example, planning includes the need to consider, prior to the auditor’s identification and assessment of the risks of material misstatement, such matters as: 

  • The analytical procedures to be applied as risk assessment procedures. 
  • Obtaining a general understanding of the legal and regulatory framework applicable to the entity and how the entity is complying with that framework. 
  • The determination of materiality. 
  • The involvement of experts. 
  • The performance of other risk assessment procedures.

A4

The auditor may decide to discuss elements of planning with the entity’s management, or those charged with governance, to help the auditor manage and achieve quality at the engagement level (for example, to co‑ordinate some of the planned audit procedures with the work of the entity's personnel).  Although these discussions often occur, the overall audit strategy and the audit plan remain the auditor's responsibility.  When discussing matters included in the overall audit strategy or audit plan, care is required in order not to compromise the effectiveness of the audit.  For example, discussing the nature and timing of detailed audit procedures with management, or those charged with governance, may compromise the effectiveness of the audit by making the audit procedures too predictable.

Involvement of Key Engagement Team Members

A5

The involvement of the engagement partner and other key members of the engagement team in planning the audit draws on their experience and insight, thereby enhancing the effectiveness and efficiency of the planning process.[11]

Preliminary Engagement Activities

A6

Performing the preliminary engagement activities specified in paragraph 6 at the beginning of the current audit engagement assists the auditor in identifying and evaluating events or circumstances that may adversely affect the auditor’s ability to manage and achieve quality at the engagement level in accordance with ASA 220.

A7

Performing these preliminary engagement activities enables the auditor to plan an audit engagement in order to, for example: 

  • Maintain the necessary independence and ability to perform the engagement. 
  • Determine that there are no issues with management integrity that may affect the auditor’s willingness to continue the engagement. 
  • Determine that there is no misunderstanding with the client as to the terms of the engagement.

A8

Performing initial procedures on both client continuance and evaluation of relevant ethical requirements[*] (including independence) at the beginning of the current audit engagement means that they are completed prior to the performance of other significant activities for the current audit engagement.  For continuing audit engagements, such initial procedures often occur shortly after (or in connection with) the completion of the previous audit.

Planning Activities

The Overall Audit Strategy (Ref: Para. 7‑8)

A9

The process of establishing the overall audit strategy, subject to the completion of the auditor’s risk assessment procedures, may include such matters as: 

  • The nature of resources (human, technological or intellectual) to be deployed for specific audit areas. For example, the deployment of experienced team members for high risk areas or the assignment of experts to address complex matters; 
  • The amount of resources to be allocated to specific audit areas. For example, the number of team members assigned to attend the physical inventory count at multiple locations, the extent of review of other auditors’ work in the case of group audits, or the audit budget in hours to allocate to high risk areas; 
  • When these resources are to be deployed, such as whether at an interim audit stage or at key cut‑off dates; and 
  • How such resources are directed, supervised or used. For example, when team briefing and debriefing meetings are expected to be held, how engagement partner and manager reviews are expected to take place (for example, on‑site or off‑site).

A10

ASA 220 contains requirements and guidance on engagement resources and engagement performance (including direction and supervision of the members of the engagement team and the review of their work).

A11

Appendix 1 lists examples of considerations in establishing the overall audit strategy.

A12

Once the overall audit strategy has been established, an audit plan can be developed to address the various matters identified in the overall audit strategy, taking into account the need to achieve the audit objectives through the efficient use of the auditor’s resources.  The establishment of the overall audit strategy and the detailed audit plan are not necessarily discrete or sequential processes, but are closely inter‑related since changes in one may result in consequential changes to the other.

Considerations Specific to Smaller Entities

A13

In audits of small entities, the entire audit may be conducted by a very small audit team.  Many audits of small entities involve the engagement partner (who may be a sole practitioner) working with one engagement team member (or without any engagement team members).  With a smaller team, co‑ordination of, and communication between, team members are easier.  Establishing the overall audit strategy for the audit of a small entity need not be a complex or time‑consuming exercise; it varies according to the size of the entity, the complexity of the audit, and the size of the engagement team.  For example, a brief memorandum prepared at the completion of the previous audit, based on a review of the working papers and highlighting issues identified in the audit just completed, updated in the current period based on discussions with the owner‑manager, can serve as the documented audit strategy for the current audit engagement if it covers the matters noted in paragraph 8.

The Audit Plan (Ref: Para. 9)

A14

The audit plan is more detailed than the overall audit strategy in that it includes the nature, timing and extent of audit procedures to be performed by engagement team members.  Planning for these audit procedures takes place over the course of the audit as the audit plan for the engagement develops.  For example, planning of the auditor's risk assessment procedures occurs early in the audit process.  However, planning the nature, timing and extent of specific further audit procedures depends on the outcome of those risk assessment procedures.  In addition, the auditor may begin the execution of further audit procedures for some classes of transactions, account balances and disclosures before planning all remaining further audit procedures.

A15

Determining the nature, timing and extent of planned risk assessment procedures, and the further audit procedures, as they relate to disclosures is important in light of both the wide range of information and the level of detail that may be encompassed in those disclosures.  Further, certain disclosures may contain information that is obtained from outside of the general and subsidiary ledgers, which may also affect the assessed risks and the nature, timing and extent of audit procedures to address them.

A16

Consideration of disclosures early in the audit assists the auditor in giving appropriate attention to, and planning adequate time for, addressing disclosures in the same way as classes of transactions, events and account balances.  Early consideration may also help the auditor to determine the effects on the audit of: 

  • Significant new or revised disclosures required as a result of changes in the entity’s environment, financial condition or activities (for example, a change in the required identification of segments and reporting of segment information arising from a significant business combination); 
  • Significant new or revised disclosures arising from changes in the applicable financial reporting framework; 
  • The need for the involvement of an auditor’s expert to assist with audit procedures related to particular disclosures (for example, disclosures related to superannuation or other retirement benefit obligations); and 
  • Matters relating to disclosures that the auditor may wish to discuss with those charged with governance.[12]

Changes to Planning Decisions during the Course of the Audit (Ref: Para. 10)

A17

As a result of unexpected events, changes in conditions, or the audit evidence obtained from the results of audit procedures, the auditor may need to modify the overall audit strategy and audit plan and thereby the resulting planned nature, timing and extent of further audit procedures, based on the revised consideration of assessed risks.  This may be the case when information comes to the auditor’s attention that differs significantly from the information available when the auditor planned the audit procedures.  For example, audit evidence obtained through the performance of substantive procedures may contradict the audit evidence obtained through tests of controls.

Direction, Supervision and Review (Ref: Para. 11)

A18

ASA 220 deals with the engagement partner’s responsibility for the nature, timing and extent of direction and supervision of the members of the engagement team and the review of their work.[13]

Documentation

A19

The documentation of the overall audit strategy is a record of the key decisions in managing quality at the engagement level and a means to communicate significant matters to the engagement team.  For example, the auditor may summarise the overall audit strategy in the form of a memorandum that contains key decisions regarding the overall scope, timing and conduct of the audit.

A20

The documentation of the audit plan is a record of the planned nature, timing and extent of risk assessment procedures and further audit procedures at the assertion level in response to the assessed risks.  It also serves as a record of the proper planning of the audit procedures that can be reviewed and approved prior to their performance.  The auditor may use standard audit programs or audit completion checklists, tailored as needed to reflect the particular engagement circumstances.

A21

A record of the significant changes to the overall audit strategy and the audit plan, and resulting changes to the planned nature, timing and extent of audit procedures, explains why the significant changes were made, and the overall strategy and audit plan finally adopted for the audit.  It also reflects the appropriate response to the significant changes occurring during the audit.

A22

Documentation of the direction and supervision of engagement team members and the review of their work in accordance with ASA 220 may also provide a record of significant changes to the planned nature, timing and extent of the direction, supervision and review.

Considerations Specific to Smaller Entities

A23

As discussed in paragraph A11, a suitable, brief memorandum may serve as the documented strategy for the audit of a smaller entity.  For the audit plan, standard audit programs or checklists (see paragraph A17) drawn up on the assumption of few controls[14], as is likely to be the case in a smaller entity, may be used provided that they are tailored to the circumstances of the engagement, including the auditor’s risk assessments.

Additional Considerations in Initial Audit Engagements

A24

The purpose and objective of planning the audit are the same whether the audit is an initial or recurring engagement.  However, for an initial audit, the auditor may need to expand the planning activities because the auditor does not ordinarily have the previous experience with the entity that is considered when planning recurring engagements.  For an initial audit engagement, additional matters the auditor may consider in establishing the overall audit strategy and audit plan include the following: 

  • Unless prohibited by law or regulation, arrangements to be made with the predecessor auditor, for example, to review the predecessor auditor’s working papers. 
  • Any major issues (including the application of accounting principles or of auditing and reporting standards) discussed with management in connection with the initial selection as auditor, the communication of these matters to those charged with governance and how these matters affect the overall audit strategy and audit plan.  
  • The audit procedures necessary to obtain sufficient appropriate audit evidence regarding opening balances.[15] 
  • Other responses designed and implemented by the firm for initial audit engagements (e.g.,the firm’s system of quality management may include responses that require another partner or individual with appropriate authority to review the overall audit strategy prior to commencing significant audit procedures or to review reports prior to their issuance).

8

ASA 315, paragraph 17, establishes requirements and provides guidance on the engagement team's discussion of the susceptibility of the entity to material misstatements of the financial report. ASA 240 The Auditor's Responsibilities Relating to Fraud in an Audit of a Financial Report, paragraph 16, provides guidance on the emphasis given during this discussion to the susceptibility of the entity's financial report to material misstatement due to fraud.

*_1

See ASA 102 Compliance with Ethical Requirements when Performing Audits, Reviews and Other Assurance Engagements.

9

See ASA 260 Communication with Those Charged with Governance, paragraph A12.

10

See ASA 220, paragraphs A73-A74.

11

ASA 315, paragraph 17, establishes requirements and provides guidance on the engagement team's discussion of the susceptibility of the entity to material misstatements of the financial report. ASA 240 The Auditor's Responsibilities Relating to Fraud in an Audit of a Financial Report, paragraph 16, provides guidance on the emphasis given during this discussion to the susceptibility of the entity's financial report to material misstatement due to fraud.

12

See ASA 260 Communication with Those Charged with Governance, paragraph A12.

Considerations in Establishing the Overall Audit Strategy

Appendix 1

This appendix provides examples of matters the auditor may consider in managing quality at the engagement level. Many of these matters will influence the auditor’s overall audit strategy and detailed audit plan. The examples provided cover a broad range of matters applicable to many engagements. While some of the matters referred to below may be required by other Auditing Standards, not all matters are relevant to every audit engagement and the list is not necessarily complete.

Characteristics of the Engagement

  • The financial reporting framework on which the financial information to be audited has been prepared, including any need for reconciliations to another financial reporting framework.
  • Industry-specific reporting requirements such as reports mandated by industry regulators.
  • The expected audit coverage, including the number and locations of components to be included.
  • The nature of the control relationships between a parent and its components that determine how the group is to be consolidated.
  • The extent to which components are audited by other auditors.
  • The nature of the business segments to be audited, including the need for specialised knowledge.
  • The reporting currency to be used, including any need for currency translation for the financial information audited.
  • The need for a statutory audit of a stand-alone financial report in addition to an audit for consolidation purposes.
  • [Deleted by the AUASB. Refer Aus 0.4]#
  • Aus 0.4 - Whether the entity has an internal audit function and if so, whether, in which areas and to what extent, the work of the function can be used for purposes of the audit.
  • The entity’s use of service organisations and how the auditor may obtain evidence concerning the design or operation of controls performed by them.
  • The expected use of audit evidence obtained in previous audits, for example, audit evidence related to risk assessment procedures and tests of controls.
  • The effect of information technology on the audit procedures, including the availability of data and the expected use of computer-assisted audit techniques.
  • The co-ordination of the expected coverage and timing of the audit work with any reviews of interim financial information and the effect on the audit of the information obtained during such reviews.
  • The availability of client personnel and data.

Reporting Objectives, Timing of the Audit, and Nature of Communications

  • The entity's timetable for reporting, such as at interim and final stages.
  • The organisation of meetings with management and those charged with governance to discuss the nature, timing and extent of the audit work.
  • The discussion with management and those charged with governance regarding the expected type and timing of reports to be issued and other communications, both written and oral, including the auditor's report, management letters and communications to those charged with governance.
  • The discussion with management regarding the expected communications on the status of audit work throughout the engagement.
  • Communication with auditors of components regarding the expected types and timing of reports to be issued and other communications in connection with the audit of components.
  • The expected nature and timing of communications among engagement team members, including the nature and timing of team meetings and timing of the review of work performed.
  • Whether there are any other expected communications with third parties, including any statutory or contractual reporting responsibilities arising from the audit.

Significant Factors, Preliminary Engagement Activities and Knowledge Gained on Other Engagements

  • The determination of materiality in accordance with ASA 320[13] and, where applicable:
    • The determination of materiality for components and communication thereof to component auditors in accordance with ASA 600.[14]
    • The preliminary identification of significant components and material classes of transactions, account balances and disclosures.
  • Preliminary identification of areas where there may be a higher risk of material misstatement.
  • The impact of the assessed risk of material misstatement at the overall financial report level on direction, supervision and review.
  • The manner in which the auditor emphasises to engagement team members the need to maintain a questioning mind and to exercise professional scepticism in gathering and evaluating audit evidence.
  • Results of previous audits that involved evaluating the operating effectiveness of internal control, including the nature of identified deficiencies and action taken to address them.
  • The discussion of matters that may affect the audit with firm personnel responsible for performing other services to the entity.
  • Evidence of management's commitment to the design, implementation and maintenance of sound internal control, including evidence of appropriate documentation of such internal control.
  • Changes within the applicable financial reporting framework, such as changes in accounting standards, which may involve significant new or revised disclosures.
  • Volume of transactions, which may determine whether it is more efficient for the auditor to rely on internal control.
  • The process(es) management uses to identify and prepare the disclosures required by the applicable financial reporting framework, including disclosures containing information that is obtained from outside of the general and subsidiary ledgers.
  • Importance attached to internal control throughout the entity to the successful operation of the business.
  • Significant business developments affecting the entity, including changes in information technology and business processes, changes in key management, and acquisitions, mergers and divestments.
  • Significant industry developments such as changes in industry regulations and new reporting requirements.
  • Other significant relevant developments, such as changes in the legal environment affecting the entity.

Nature, Timing and Extent of Resources

  • The human, technological and intellectual resources assigned or made available to the engagement (e.g., assignment of the engagement team and the assignment of audit work to the team members, including the assignment of appropriately experienced team members to areas where there may be higher risks of material misstatement).
  • Engagement budgeting, including considering the appropriate amount of time to set aside for areas where there may be higher risks of material misstatement.

#_1

See ASA 610 Using the Work of Internal Auditors, paragraph Aus 1.2. The use of internal auditors to provide direct assistance is prohibited in an audit or review conducted in accordance with the Australian Auditing Standards.

13

See ASA 220, paragraphs 29-31.

14

See ASA 315, paragraph 26(a).

15

See ASA 510 Initial Audit Engagements—Opening Balances.