Introduction

Scope of this Auditing Standard

1

This Auditing Standard deals with the auditor’s responsibility to identify and assess the risks of material misstatement in the financial report. 

Key Concepts in this ASA

2

ASA 200 deals with the overall objectives of the auditor in conducting an audit of the financial report,[1]  including to obtain sufficient appropriate audit evidence to reduce audit risk to an acceptably low level.[2] Audit risk is a function of the risks of material misstatement and detection risk.[3] ASA 200 explains that the risks of material misstatement may exist at two levels:[4] the overall financial report level; and the assertion level for classes of transactions, account balances and disclosures.

3

ASA 200 requires the auditor to exercise professional judgement in planning and performing an audit, and to plan and perform an audit with professional scepticism recognising that circumstances may exist that cause the financial report to be materially misstated.[5]

4

Risks at the financial report level relate pervasively to the financial report as a whole and potentially affect many assertions. Risks of material misstatement at the assertion level consist of two components, inherent and control risk:

  • Inherent risk is described as the susceptibility of an assertion about a class of transaction, account balance or disclosure to a misstatement that could be material, either individually or when aggregated with other misstatements, before consideration of any related controls.
  • Control risk is described as the risk that a misstatement that could occur in an assertion about a class of transaction, account balance or disclosure and that could be material, either individually or when aggregated with other misstatements, will not be prevented, or detected and corrected, on a timely basis by the entity’s system of internal control.

5

ASA 200 explains that risks of material misstatement are assessed at the assertion level in order to determine the nature, timing and extent of further audit procedures necessary to obtain sufficient appropriate audit evidence.[6] For the identified risks of material misstatement at the assertion level, a separate assessment of inherent risk and control risk is required by this ASA. As explained in ASA 200, inherent risk is higher for some assertions and related classes of transactions, account balances and disclosures than for others. The degree to which inherent risk varies is referred to in this ASA as the ‘spectrum of inherent risk.’

6

Risks of material misstatement identified and assessed by the auditor include both those due to error and those due to fraud. Although both are addressed by this ASA, the significance of fraud is such that further requirements and guidance are included in ASA 240[7] in relation to risk assessment procedures and related activities to obtain information that is used to identify, assess and respond to the risks of material misstatement due to fraud.

7

The auditor’s risk identification and assessment process is iterative and dynamic.  The auditor’s understanding of the entity and its environment, the applicable financial reporting framework, and the entity’s system of internal control are interdependent with concepts within the requirements to identify and assess the risks of material misstatement.  In obtaining the understanding required by this ASA, initial expectations of risks may be developed, which may be further refined as the auditor progresses through the risk identification and assessment process.  In addition, this ASA and ASA 330 require the auditor to revise the risk assessments, and modify further overall responses and further audit procedures, based on audit evidence obtained from performing further audit procedures in accordance with ASA 330, or if new information is obtained.

8

ASA 330 requires the auditor to design and implement overall responses to address the assessed risks of material misstatement at the financial report level.[8] ASA 330 further explains that the auditor’s assessment of the risks of material misstatement at the financial report level, and the auditor’s overall responses, is affected by the auditor’s understanding of the control environment. ASA 330 also requires the auditor to design and perform further audit procedures whose nature, timing and extent are based on and are responsive to the assessed risks of material misstatement at the assertion level.[9]

Scalability

9

ASA 200 states that some ASAs include scalability considerations which illustrate the application of the requirements to all entities regardless of whether their nature and circumstances are less complex or more complex.[10] This ASA is intended for audits of all entities, regardless of size or complexity and the application material therefore incorporates specific considerations specific to both less and more complex entities, where appropriate. While the size of an entity may be an indicator of its complexity, some smaller entities may be complex and some larger entities may be less complex.

Effective Date

10

 [Deleted by the AUASB. Refer to Aus 0.3]

1

See ASA 200 Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with Australian Auditing Standards.

2

See ASA 200, paragraph 17.

3

See ASA 200, paragraph 13(c).

4

See ASA 200, paragraph A36.

5

See ASA 200, paragraph 15–16.

6

See ASA 200, paragraph A38 and ASA 330 The Auditor’s Responses to Assessed Risks, paragraph 6.

7

See ASA 240 The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Report.

8

See ASA 330, paragraph 5.

9

See ASA 330, paragraph 6.

10

See ASA 200, paragraph A65