Financial statements auditing is normally performed by an independent and qualified audit firm or company. Audit firms are normally led by audit partners who are certified, public accountants.
Financial statements normally must be audited annually and reported to the board of directors and other related users.
The entity prepares its financial statements by complying with financial reporting standards or financial reporting frameworks.
Two important financial reporting standards are US GAAP and IFRS. Some entities might follow local accounting standards or frameworks.
Auditors use auditing standards such as ISA (International Standard on Auditing) or other local auditing standards to audit the entity’s financial statements.
The processes in performing financial statements auditing vary from firm to firm based on their internal process flow and policies. It is also depending on the policies that they are using.
In this article, we will talk about the key important processes in an audit of financial statements. Those processes include pre-audit activities, Audit Plan, Internal Control of Financial Reporting Assessment, Substantive Procedures, and Reporting.
The following is the flowchart to help you have a better picture of the audit process.
These are the first processes that are normally performed by auditors. At this stage, audit engagement is prepared and agreed upon between auditors and clients.
Key things that should be included in the engagement are audit scope, objective, reporting time frame, audit fee, and responsibilities.
Auditors should know your client procedures to see if client key management and the client’s business are involved with money laundering or terrorism. If that is the case, the auditor should not accept the engagement.
Understanding the client nature of the business to see if the audit team has enough competence and expertise to perform audit works related to the client industry. The auditor might reject the engagement because they don’t have enough resources or competency to do the work.
Responsibility should also need to clarify before performing audit works. These include the auditor’s responsibility for the financial statements and the entity’s responsibility for financial statements.
Obviously, the auditor is responsible for auditing an entity’s financial statements and expressing the opinion on the preparation and presentation of the financial statements based on the applicable standard and guidelines.
The entity is responsible for setting proper internal control over financial reporting to ensure that financial statements are prepared following the standards, risks of errors and fraud are minimized, and the statements are prepared and delivered on time.
Audit fee and logistic timeline are also important and should be clarified before performing audit works. The audit fee should be based on audit works, and the timeline should be enough for the auditor to deliver quality auditors results.
Audit planning is one of the most important audit processes. The right audit plan leads to delivering the right audit report. That means the auditor has enough resources and time to execute audit strategy and audit procedures.
There are numbers of things auditors perform during the audit planning process:
- Resources allocation: Once the auditor agrees to audit client financial statements, the audit planning process will consider starting based on the available timeline and resources. The auditor allocates the right audit team to conduct audit tasks. That means they should have enough team members to perform auditor work to have enough time to execute audit procedures, review audit workings papers, and prepare the reports. A team member should be competent enough to handle audit works. For example, if the engagement is with a Construction Company, then the audit team should contain a member who has experience auditing the construction company. Deadline and section allocation should confirm with all team members.
- Understanding key internal control: The auditor may assess the client’s internal control over financial reporting to see if the control could detect or prevent risk errors or fraud that could materially affect the financial statements. To assess this, auditors need to obtain an understanding of the client’s control environment and control activities. The result of assessing could affect the way or method of audit samplings.
- Risks assessment: Auditors need to perform risks assessment on financial statements to see if any fraud or error could happen. The auditor will need to look at the detail in the high-risk areas and be less focused on the low-risk areas.
- Materiality assessment: Planning materiality and performance materiality are normally set in the planning process.
- Conflict of interest between the audit firm and client between the audit and client management teams should be confirmed. If there is a conflict of interest, there should be the proper guideline to reduce the risks. If the conflict could not minimize, then the auditor should not accept the engagement.
Review internal control over financial reporting:
In this process, auditors review the client’s internal control over financial reporting. The review normally uses COSO frameworks for assessment.
For example, auditors use five components of COSO frameworks as Control environment, Risk Assessment, Control Activities, Information and Communication, and monitoring to document and assess the entity’s internal control.
There are many documents that auditors might need in these processes. Those documents include the company’s org chart, policies and procedures, chart of accounts, financial statements, management accounts, and other related documents for their documentation.
Auditors might also interview and inquire about the client’s personnel to obtain their documentation and assessment information.
The strength and weakness of control over financial reporting are significantly affecting substantive audit procedures. Normally, auditors might rely on the controls if the auditor concludes that the control over financial reporting sounds strong. In other words, they might perform their work less in substantive procedures.
Auditors might perform a large volume of sampling of the financial data if they conclude that internal control over financial reporting could not be relied on.
Substantive review of financial data:
It does not matter how strong internal control over financial reporting is; the auditor could not rely a hundred percent on it. And do not perform substantive testing. Detail review of financial data still needs to be done.
The audit procedures that auditors use in this audit process are Analytical review, inquiry, observation, inspection, recalculation, confirmation, etc. Audit sampling is also important to help auditors perform their work effectively.
Common documents that auditors normally need are financial statements, management accounts, and supporting documents. Original supporting documents normally include contracts, invoices, receipts, bank statements, and other related documents.
Reporting the result:
Once auditors complete their testing, auditors will issue the audit reports based on their testing results. This is the importance of audit processes.
The Audit Report includes the importance of audit scope, auditors’ rights and responsibilities, management’s responsibilities, key accounting policies, audited financial statements, and audit opinion.
Auditors normally express one of the four audit opinions: unqualified opinion, qualified opinion, disclaimer opinion, and an adverse opinion.
An unqualified opinion is good for the client. That means financial statements are true and fair view. Yet, unqualified opinion is not so good for management.
That means part of financial statements is not present a true and fair view. Adverse opinion, on the other hand, is not good. It means financial statements are not true and fair view. It is not recommended to use these financial statements for decision-making.
The auditor may express the disclaimer opinion when they could not obtain enough evidence to assure that financial statements are true and fair.