Requirements

Risk Assessment Procedures and Related Activities

13

When obtaining an understanding of the entity and its environment, including the entity’s internal control, as required by ASA 315,[8] the auditor shall obtain an understanding of the following matters related to the entity’s accounting estimates. The auditor’s procedures to obtain the understanding shall be performed to the extent necessary to provide an appropriate basis for the identification and assessment of risks of material misstatement at the financial statement and assertion levels. (Ref: Para. A19–A22)

The Entity and Its Environment

  1. The entity’s transactions and other events and conditions that may give rise to the need for, or changes in, accounting estimates to be recognised or disclosed in the financial report. (Ref: Para. A23)
  2. The requirements of the applicable financial reporting framework related to accounting estimates (including the recognition criteria, measurement bases, and the related presentation and disclosure requirements); and how they apply in the context of the nature and circumstances of the entity and its environment, including how transactions and other events or conditions are subject to, or affected by, inherent risk factors. (Ref: Para. A24–A25)
  3. Regulatory factors relevant to the entity’s accounting estimates, including, when applicable, regulatory frameworks related to prudential supervision. (Ref: Para. A26)
  4. The nature of the accounting estimates and related disclosures that the auditor expects to be included in the entity’s financial report, based on the auditor’s understanding of the matters in 13(a)–(c) above. (Ref: Para. A27)

The Entity's Internal Control

  1. The nature and extent of oversight and governance that the entity has in place over management’s financial reporting process relevant to accounting estimates. (Ref: Para. A28–A30).
  2. How management identifies the need for, and applies, specialised skills or knowledge related to accounting estimates, including with respect to the use of a management’s expert. (Ref: Para. A31)
  3. How the entity’s risk assessment process identifies and addresses risks relating to accounting estimates. (Ref: Para. A32–A33)
  4. The entity’s information system as it relates to accounting estimates, including:
    1. The classes of transactions, events and conditions, that are significant to the financial report and that give rise to the need for, or changes in, accounting estimates and related disclosures; and (Ref: Para. A34–A35)
    2. For such accounting estimates and related disclosures, how management:
      1. Identifies the relevant methods, assumptions or sources of data, and the need for changes in them, that are appropriate in the context of the applicable financial reporting framework, including how management: (Ref: Para. A36–A37)
        1. Selects or designs, and applies, the methods used, including the use of models; (Ref: Para. A38–A39)
        2. Selects the assumptions to be used, including consideration of alternatives, and identifies significant assumptions; and (Ref: Para. A40–A43)
        3. Selects the data to be used; (Ref: Para. A44)
      2. Understands the degree of estimation uncertainty, including through considering the range of possible measurement outcomes; and (Ref: Para. A45)
      3. Addresses the estimation uncertainty, including selecting a point estimate and related disclosures for inclusion in the financial report. (Ref: Para. A46–A49)
  5. Control activities relevant to the audit over management’s process for making accounting estimates as described in paragraph 13(h)(ii). (Ref: Para. A50–A54)
  6. How management reviews the outcome(s) of previous accounting estimates and responds to the results of that review.

14

The auditor shall review the outcome of previous accounting estimates, or, where applicable, their subsequent re‑estimation to assist in identifying and assessing the risks of material misstatement in the current period. The auditor shall take into account the characteristics of the accounting estimates in determining the nature and extent of that review. The review is not intended to call into question judgements about previous period accounting estimates that were appropriate based on the information available at the time they were made. (Ref: Para. A55–A60)

15

With respect to accounting estimates, the auditor shall determine whether the engagement team requires specialised skills or knowledge to perform the risk assessment procedures, to identify and assess the risks of material misstatement, to design and perform audit procedures to respond to those risks, or to evaluate the audit evidence obtained. (Ref: Para. A61–A63)

Identifying and Assessing the Risks of Material Misstatement

16

In identifying and assessing the risks of material misstatement relating to an accounting estimate and related disclosures at the assertion level, as required by ASA 315,[9] the auditor shall separately assess inherent risk and control risk. The auditor shall take the following into account in identifying the risks of material misstatement and in assessing inherent risk: (Ref: Para. A64–A71)

  1. The degree to which the accounting estimate is subject to estimation uncertainty; and (Ref: Para. A72–A75)
  2. The degree to which the following are affected by complexity, subjectivity, or other inherent risk factors: (Ref: Para. A76–A79)
    1. The selection and application of the method, assumptions and data in making the accounting estimate; or
    2. The selection of management’s point estimate and related disclosures for inclusion in the financial report.

17

The auditor shall determine whether any of the risks of material misstatement identified and assessed in accordance with paragraph 16 are, in the auditor’s judgement, a significant risk.[10] If the auditor has determined that a significant risk exists, the auditor shall obtain an understanding of the entity’s controls, including control activities, relevant to that risk.[11] (Ref: Para. A80)

Responses to the Assessed Risks of Material Misstatement

18

As required by ASA 330,[12] the auditor’s further audit procedures shall be responsive to the assessed risks of material misstatement at the assertion level,[13] considering the reasons for the assessment given to those risks. The auditor’s further audit procedures shall include one or more of the following approaches:

  1. Obtaining audit evidence from events occurring up to the date of the auditor’s report (see paragraph 21);
  2. Testing how management made the accounting estimate (see paragraphs 22–27); or
  3. Developing an auditor’s point estimate or range (see paragraphs 28–29).

The auditor’s further audit procedures shall take into account that the higher the assessed risk of material misstatement, the more persuasive the audit evidence needs to be.[14] The auditor shall design and perform further audit procedures in a manner that is not biased towards obtaining audit evidence that may be corroborative or towards excluding audit evidence that may be contradictory. (Ref: Para. A81–A84)

19

As required by ASA 330,[15] the auditor shall design and perform tests to obtain sufficient appropriate audit evidence as to the operating effectiveness of relevant controls, if:

  1. The auditor’s assessment of risks of material misstatement at the assertion level includes an expectation that the controls are operating effectively, or
  2. Substantive procedures alone cannot provide sufficient appropriate audit evidence at the assertion level.

In relation to accounting estimates, the auditor’s tests of such controls shall be responsive to the reasons for the assessment given to the risks of material misstatement. In designing and performing tests of controls, the auditor shall obtain more persuasive audit evidence the greater the reliance the auditor places on the effectiveness of a control.[16] (Ref: Para. A85–A89)

20

For a significant risk relating to an accounting estimate, the auditor’s further audit procedures shall include tests of controls in the current period if the auditor plans to rely on those controls. When the approach to a significant risk consists only of substantive procedures, those procedures shall include tests of details.[17] (Ref: Para. A90)

Obtaining Audit Evidence from Events Occurring up to the Date of the Auditor’s Report

21

When the auditor’s further audit procedures include obtaining audit evidence from events occurring up to the date of the auditor’s report, the auditor shall evaluate whether such audit evidence is sufficient and appropriate to address the risks of material misstatement relating to the accounting estimate, taking into account that changes in circumstances and other relevant conditions between the event and the measurement date may affect the relevance of such audit evidence in the context of the applicable financial reporting framework. (Ref: Para. A91–A93)

Testing How Management Made the Accounting Estimate

22

When testing how management made the accounting estimate, the auditor’s further audit procedures shall include procedures, designed and performed in accordance with paragraphs 23–26, to obtain sufficient appropriate audit evidence regarding the risks of material misstatement relating to: (Ref: Para. A94)

  1. The selection and application of the methods, significant assumptions and the data used by management in making the accounting estimate; and
  2. How management selected the point estimate and developed related disclosures about estimation uncertainty.

Methods

23

In applying the requirements of paragraph 22, with respect to methods, the auditor’s further audit procedures shall address:

  1. Whether the method selected is appropriate in the context of the applicable financial reporting framework, and, if applicable, changes from the method used in prior periods are appropriate; (Ref: Para. A95, A97)
  2. Whether judgements made in selecting the method give rise to indicators of possible management bias; (Ref: Para. A96)
  3. Whether the calculations are applied in accordance with the method and are mathematically accurate;
  4. When management’s application of the method involves complex modelling, whether judgements have been applied consistently and whether, when applicable: (Ref: Para. A98–A100)
    1. The design of the model meets the measurement objective of the applicable financial reporting framework, is appropriate in the circumstances, and, if applicable, changes from the prior period’s model are appropriate in the circumstances; and
    2. Adjustments to the output of the model are consistent with the measurement objective of the applicable financial reporting framework and are appropriate in the circumstances; and
  5. Whether the integrity of the significant assumptions and the data has been maintained in applying the method. (Ref: Para. A101)

Significant Assumptions

24

In applying the requirements of paragraph 22, with respect to significant assumptions, the auditor’s further audit procedures shall address:

  1. Whether the significant assumptions are appropriate in the context of the applicable financial reporting framework, and, if applicable, changes from prior periods are appropriate; (Ref: Para. A95, A102–A103)
  2. Whether judgements made in selecting the significant assumptions give rise to indicators of possible management bias; (Ref: Para. A96)
  3. Whether the significant assumptions are consistent with each other and with those used in other accounting estimates, or with related assumptions used in other areas of the entity’s business activities, based on the auditor’s knowledge obtained in the audit; and (Ref: Para. A104)
  4. When applicable, whether management has the intent to carry out specific courses of action and has the ability to do so. (Ref: Para. A105)

Data

25

In applying the requirements of paragraph 22, with respect to data, the auditor’s further audit procedures shall address:

  1. Whether the data is appropriate in the context of the applicable financial reporting framework, and, if applicable, changes from prior periods are appropriate; (Ref: Para. A95, A106)
  2. Whether judgements made in selecting the data give rise to indicators of possible management bias; (Ref: Para. A96)
  3. Whether the data is relevant and reliable in the circumstances; and (Ref: Para. A107)
  4. Whether the data has been appropriately understood or interpreted by management, including with respect to contractual terms. (Ref: Para. A108)

Management’s Selection of a Point Estimate and Related Disclosures about Estimation Uncertainty

26

In applying the requirements of paragraph 22, the auditor’s further audit procedures shall address whether, in the context of the applicable financial reporting framework, management has taken appropriate steps to:

  1. Understand estimation uncertainty; and (Ref: Para. A109)
  2. Address estimation uncertainty by selecting an appropriate point estimate and by developing related disclosures about estimation uncertainty. (Ref: Para. A110–A114)

27

When, in the auditor’s judgement based on the audit evidence obtained, management has not taken appropriate steps to understand or address estimation uncertainty, the auditor shall: (Ref: Para. A115–A117)

  1. Request management to perform additional procedures to understand estimation uncertainty or to address it by reconsidering the selection of management’s point estimate or considering providing additional disclosures relating to the estimation uncertainty, and evaluate management’s response(s) in accordance with paragraph 26;
  2. If the auditor determines that management’s response to the auditor’s request does not sufficiently address estimation uncertainty, to the extent practicable, develop an auditor’s point estimate or range in accordance with paragraphs 28–29; and
  3. Evaluate whether a deficiency in internal control exists and, if so, communicate in accordance with ASA 265.[18]

Developing an Auditor’s Point Estimate or Range

28

When the auditor develops a point estimate or range to evaluate management’s point estimate and related disclosures about estimation uncertainty, including when required by paragraph 27(b), the auditor’s further audit procedures shall include procedures to evaluate whether the methods, assumptions or data used are appropriate in the context of the applicable financial reporting framework. Regardless of whether the auditor uses management’s or the auditor’s own methods, assumptions or data, these further audit procedures shall be designed and performed to address the matters in paragraphs 23–25. (Ref: Para. A118–A123)

29

If the auditor develops an auditor’s range, the auditor shall:

  1. Determine that the range includes only amounts that are supported by sufficient appropriate audit evidence and have been evaluated by the auditor to be reasonable in the context of the measurement objectives and other requirements of the applicable financial reporting framework; and (Ref: Para. A124–A125)
  2. Design and perform further audit procedures to obtain sufficient appropriate audit evidence regarding the assessed risks of material misstatement relating to the disclosures in the financial report that describe the estimation uncertainty.

Other Considerations Relating to Audit Evidence

30

In obtaining audit evidence regarding the risks of material misstatement relating to accounting estimates, irrespective of the sources of information to be used as audit evidence, the auditor shall comply with the relevant requirements in ASA 500.

When using the work of a management’s expert, the requirements in paragraphs 21–29 of this Auditing Standard may assist the auditor in evaluating the appropriateness of the expert’s work as audit evidence for a relevant assertion in accordance with paragraph 8(c) of ASA 500. In evaluating the work of the management’s expert, the nature, timing and extent of the further audit procedures are affected by the auditor’s evaluation of the expert’s competence, capabilities and objectivity, the auditor’s understanding of the nature of the work performed by the expert, and the auditor’s familiarity with the expert’s field of expertise. (Ref: Para. A126–A132)

Disclosures Related to Accounting Estimates

31

The auditor shall design and perform further audit procedures to obtain sufficient appropriate audit evidence regarding the assessed risks of material misstatement at the assertion level for disclosures related to an accounting estimate, other than those related to estimation uncertainty addressed in paragraphs 26(b) and 29(b).

Indicators of Possible Management Bias

32

The auditor shall evaluate whether judgements and decisions made by management in making the accounting estimates included in the financial report, even if they are individually reasonable, are indicators of possible management bias. When indicators of possible management bias are identified, the auditor shall evaluate the implications for the audit. Where there is intention to mislead, management bias is fraudulent in nature. (Ref: Para. A133–A136)

Overall Evaluation Based on Audit Procedures Performed

33

In applying ASA 330 to accounting estimates,[19] the auditor shall evaluate, based on the audit procedures performed and audit evidence obtained, whether: (Ref: Para A137–A138)

  1. The assessments of the risks of material misstatement at the assertion level remain appropriate, including when indicators of possible management bias have been identified;
  2. Management’s decisions relating to the recognition, measurement, presentation and disclosure of these accounting estimates in the financial report are in accordance with the applicable financial reporting framework; and
  3. Sufficient appropriate audit evidence has been obtained.

34

In making the evaluation required by paragraph 33(c), the auditor shall take into account all relevant audit evidence obtained, whether corroborative or contradictory.[20] If the auditor is unable to obtain sufficient appropriate audit evidence, the auditor shall evaluate the implications for the audit or the auditor’s opinion on the financial report in accordance with ASA 705.[21]

Determining Whether the Accounting Estimates are Reasonable or Misstated

35

The auditor shall determine whether the accounting estimates and related disclosures are reasonable in the context of the applicable financial reporting framework, or are misstated. ASA 450[22] provides guidance on how the auditor may distinguish misstatements (whether factual, judgemental, or projected) for the auditor’s evaluation of the effect of uncorrected misstatements on the financial report. (Ref: Para. A12–A13, A139–A144)

36

In relation to accounting estimates, the auditor shall evaluate:

  1. In the case of a fair presentation framework, whether management has included disclosures, beyond those specifically required by the framework, that are necessary to achieve the fair presentation of the financial report as a whole;[23] or
  2. In the case of a compliance framework, whether the disclosures are those that are necessary for the financial report not to be misleading.[24]

Written Representations

37

The auditor shall request written representations from management[25] and, when appropriate, those charged with governance about whether the methods, significant assumptions and the data used in making the accounting estimates and the related disclosures are appropriate to achieve recognition, measurement or disclosure that is in accordance with the applicable financial reporting framework. The auditor shall also consider the need to obtain representations about specific accounting estimates, including in relation to the methods, assumptions, or data used. (Ref: Para. A145)

Communication with Those Charged With Governance, Management, or Other Relevant Parties

38

In applying ASA 260[26] and ASA 265,[27] the auditor is required to communicate with those charged with governance or management about certain matters, including significant qualitative aspects of the entity’s accounting practices and significant deficiencies in internal control, respectively. In doing so, the auditor shall consider the matters, if any, to communicate regarding accounting estimates and take into account whether the reasons given to the risks of material misstatement relate to estimation uncertainty, or the effects of complexity, subjectivity or other inherent risk factors in making accounting estimates and related disclosures. In addition, in certain circumstances, the auditor is required by law or regulation to communicate about certain matters with other relevant parties, such as regulators or prudential supervisors. (Ref: Para. A146–A148)

Documentation

39

The auditor shall include in the audit documentation:[28] (Ref: Para. A149–A152)

  1. Key elements of the auditor’s understanding of the entity and its environment, including the entity’s internal control related to the entity’s accounting estimates;
  2. The linkage of the auditor’s further audit procedures with the assessed risks of material misstatement at the assertion level,[29] taking into account the reasons (whether related to inherent risk or control risk) given to the assessment of those risks;
  3. The auditor’s response(s) when management has not taken appropriate steps to understand and address estimation uncertainty;
  4. Indicators of possible management bias related to accounting estimates, if any, and the auditor’s evaluation of the implications for the audit, as required by paragraph 32; and
  5. Significant judgements relating to the auditor’s determination of whether the accounting estimates and related disclosures are reasonable in the context of the applicable financial reporting framework, or are misstated.

8

See ASA 315, paragraphs 3, 5–6, 9, 11–12, 15–17, and 20–21.

9

See ASA 315, paragraph 25 and 26.

10

See ASA 315, paragraph 27.

11

See ASA 315, paragraph 29.

12

See ASA 330, paragraphs 6–15 and 18.

13

See ASA 330, paragraphs 6–7 and 21.

14

See ASA 330, paragraph 7(b).

15

See ASA 330, paragraph 8.

16

See ASA 330, paragraph 9.

17

See ASA 330, paragraphs 15 and 21.

18

See ASA 265 Communicating Deficiencies in Internal Control to Those Charged with Governance and Management.

19

See ASA 330, paragraphs 25–26.

20

See ASA 500, paragraph 11.

21

See ASA 705 Modifications to the Opinion in the Independent Auditor’s Report.

22

See ASA 450, paragraph A6.

23

See also ASA 700, paragraph 14.

24

See also ASA 700, paragraph 19.

25

See ASA 580 Written Representations.

26

See ASA 260 Communication with Those Charged with Governance, paragraph 16(a).

27

See ASA 265, paragraph 9.