Vacations normally go more smoothly when you have made good reservations and also researched your destination.
Purchasing a car is simpler when you have done all your homework on the car model and also made some early inquiries to line up the financing.
It is a fact of life that in several processes of our daily professional and personal lives, a little good planning could develop a more productive and pleasant experience.
Audits, also, could be much more effective and could provide several advantages to the firm and the client when they are planned properly.
Planning is all about developing the overall strategy for the developing and engaging an audit plan, a professional standard has listed six broad advantages to an adequate audit planning of various financial statements audits:
Advantages of audit planning:
The following are some of the advantages associated with audit planning:
- It assists the auditors to identify and devote proper attention to important areas of the audit.
- Assist the auditors to identify and also resolve relevant problems in a timely and daily basis.
- It also assists the auditor manage and organizes the engagement so that is carried out effectively and efficiently.
- Assist in choosing engagement team partners with the right capability and competency to respond to any anticipated risks and also in allocating responsibilities to a team member.
- Encourages the supervision of different engagement team partners and also helps in reviewing their work.
- Helps in proper coordination of all work carried out by specialists.
“Spending quality time during the audit planning phase might seem counterproductive at the start of the audit, but adequate audit planning certainly assists in creating more efficient and effective audits,” according to Beth Greenberg, a Sageworks senior consultant that works with different accounting firms for developing efficiency and consistency in audits.
Audit planning also makes it much easier for auditors to give appropriate documentation for any peer review and for making future engagements plans” she added. Other advantages of audit planning are
It avoids misunderstandings
A focused and well-organized audit plan can help in avoiding misunderstandings with the firm.
“spending sufficient time during the planning of an audit can bring out a more adequate and realistic picture of what the whole audit will entail,” says Greenberg. “This could avoid any misunderstandings with the firm.”
Avoids over auditing
A focused and well-organized audit plan could also help in avoiding “over auditing,” or spending unnecessary time during the substantive audit procedures by staring at areas which are irrelevant.
“Ensure you spend quality time in the audit planning phase, specifically during the preliminary analytical review and the risk assessment you undergo, to develop thought out and very focused audit plan,” Greenberg added. “This gives room for the other audit process to run well.
Disadvantages of audit planning:
The following are some disadvantages or demerits associated with audit planning:
An audit plan adheres to set patterns and standard approach. This might stifle initiative and flexibility, therefore disrupting professional judgment of the people involved.
Rigidity could make the entire process too mechanistic and undermining the audit staff’ creativity abilities, and talents. This will eventually leave them with little or no freedom for carrying out their task as well as being technically challenged.
Overlooking the capabilities of audit staffs
An audit plan will make the whole audit process automated thus loosening the sense of duties and responsibility for audit staff. It could decrease inventiveness and initiative, with fee application of audit staff abilities and talents.
Risks based audit plan is the audit plan that audit resources and audit works are deployed and focus based on clients’ risks.
This kind of planning requires the auditor to understanding the client’s nature of the business, control the environment, and then put their audit resource as well as schedule by favorite to the areas that are high risks.
This planning will include all the necessary information like audit scope, audit objective, reporting line, audit schedules as well as an audit report. The audit schedule will include all the audit areas with the timeline that the auditor will perform their review.
This schedule is the result of the risks assessment that the auditor performs at the planning stage. This planning is very important and most of the audit firms, as well as internal audits, adopt this approach.
Risks based audit plan is important for auditors for two reasons. First, it helps the auditor to minimize its risks. As we all know, audit risks are a combination of inherent risks, control risks, and detection risks. Detection risk is the risk that control by auditors.
If auditors effectively assess their client’s risks related to financial statements, the auditor will then could tailor the risks audit procedure to detect those risks. The audit risks will reduce accordingly.
Audit planning is a major part of audit works for both internal and external audits. A good audit planning will help the auditor to minimize its risks, improve audit efficiency, and meet its objective at the minimum effort.
Auditors are required to prepare a proper audit plan to ensure that all audit risks are identified and correct audit strategies are deployed to detect all concerning risk areas.
It is essential for the auditor to prepare a good strategic audit plan. If the plan is well prepared, all kind of audit risks is identified and detected.
This will help the auditor to minimize the audits risks of issuing the incorrect opinion to financial statements.
In this article, we will discuss what should auditors do during their audit planning stages and the significant tips for doing the correct audit plan.
We divide the audit plan into two main important parts according to the international standard on auditing: Pre-audit activities and Audit Activities.
In case you want to discover more, ISA 300 is the standard for the planning of audit engagement for your reference. Okay, now let start with audit pre-activities.
Before Audit (Pre-audit activities):
Pre-audit activities are also the importance of audit plan and in this stage, as require by standard, the auditor should:
- Perform client due diligent to make sure that the auditor fully understands the client’s nature of the business, sources of fund, and its major activities. This is to avoid engaging with the client that involved illegal activities or money laundering.
- Perform an understanding of client and firm to ensure that there is a major conflict of interest and independence that could affect audit works. Maintaining audit independence is very important to ensure the quality of audit opinion.
- Consider client integrity before accepting the audit engagements.
- Understand the term and condition of audit engagement before accept to avoid any conflict.
At this stage, the auditor requires establishing an overall audit strategy that sets the scope, timing and audit direction and guides the development of the audit plan.
This is to ensure that the audit plan reflects the scope, and nature of engagement. Here is the list of things that auditors should do during the audit plan.
Identify the Characteristic of Audit Engagement:
The auditor should identify the characteristics of the engagement that define its scope.
For example, Audit of the client’s financial statements or review the client’s financial statements for the specific period. This is very important.
Most of the audit firms document this in the audit engagement letter. If the audit fails to identify this in the audit plan, the audit report that the auditor releases might not the one that the client needs.
Also, the different types of audit engagement might have a different level of assurance.
For example, the reasonable assurance required the auditor to perform their testing detail and much more detail than the review or compile financial statements.
A review engagement is a limited assurance and that means less assurance is providing.
The reasonable assurance engagement might be for the purpose of the statutory requirement or shareholder requirement. Yet, the review engagement probably for the purpose of bank requests.
Defined Report Requirement:
The audit report is very important and the auditor should identify the objective of using audit reports and the time required.
For example, what are the report using? And probably who going to receive, and access the audit report. This point should also document in the engagement letter.
This is also related to the point above. Let say, the company is required by law to have financial statements audited by CPA firm annually. This engagement is called reasonable assurance engagement.
The timeline of the report is also an important part of the audit plan. If the time is not sufficient, auditors should assess the impact of audit quality as the result this.
In this planning stage, the auditor should assess if the timeline is sufficient enough for them to perform their works as well as manage their resources.
Negotiate with the client to have enough time for auditing is the best option; however, if the client does not agree then the auditor should consider whether the allowable timeline really adversely affects the quality of the report.
In case, the quality of the audit is impaired to the level that could not accept, then the auditor should consider withdrawing from the engagement.
Assess Conflict of Interest:
Consider if there any factors that could affect the audit team member’s professional judgment and subsequently the quality of the audit report.
For example, there is a conflict of interest between team members and clients. Team member uses to be staff in Finance Departments or client is the prospective employer of some of the members.
Normally, auditors request team members to sign on the Independence Confirmation Form or Conflict of Interest Form.
And if there is a conflict of interest, assessment should perform to identify how seriously it is and the assessment should document and keep properly.
In case, the result of the assessment found the conflict of interest is high, for example, the team leader of the audit team is the manager in the finance team, then he should not allow leading the team.
And all of his works related to this engagement should review again by other independent managers.
Assess Resource Requirement:
The success of audit engagement and good quality of audit reports depend significantly on the audit resources. Those include the number of audit team members, qualifications, and experiences.
There is a number of questions to be asked when assessing audit resources requirement, for example:
- How many audit team members required for the engagement?
- Does the team member have experience in auditing such industry?
- When will the audit work start and when will the report require?
- Where is the client’s office location? And do we need to have a lot of traveling?
There are many other questions to be asked depending on the characteristic of audit engagements.
The audit should also ensure that team members understand the nature of engagement or audit. This is probably done by having a team meeting.
If audit resources are not sufficient to conducts audit engagements, then the auditor should negotiate with the client to extend the timeline so that resources could properly manage, or withdraw from the engagement.
Risks assessment is also one of the most important parts of the audit plan and it is also the requirement of the International Standard of Auditing.
The auditor should perform risk assessments by reviewing from control environments which is the big picture of the control activities of each key process and procedure.
Control over financial reporting is the key area to be review and validate. If the control is not strong enough, the audit approach might be changed.
The auditor should not rely on the control and they should consider reviewing the transaction and event in detail. In such a case, auditors should consider using a substantive approach to audit financial statements.
Fraud assessment is also an important part of this planning and auditors should assess the risks of material misstatement not only because of error but also fraud.
Fraud detection is not the auditor’s primary responsibility but assessing the risks of fraud is part of the auditing requirement.
A risk assessment procedure could be adopted from the COSO framework or other frameworks as necessary.
Audit planning is a critical part of audit works and performing the correct audit plan could be the factors that lead to the success of audit engagement. The key areas to be included in the plan are:
- Conducts proper risks assessments including risks of error and fraud
- Properly assess the resources requirement
- Properly identified the engagement characteristic
- Correctly identified report requirement and timeline
- Properly assess the conflict of interest
Written by Sinra
Internal Audit Department has to prepare its Annual Internal Audit planning for the upcoming years and then getting approval from its audit committee or Board of Directors before starting audit works.
Annual Internal Audit Planning is developing by Chief of Internal Audit and it is normally taken into account the organization’s risk management framework, including using risk appetite levels set by management for the different activities or parts of the organization.
Those risks are included operational risk, business risk, program, system, and control.
Based on International Standards for the professional practice of internal audit, Annual Internal Audit Planning has to develop based on 3 points
- Annual Internal Audit Planning activities have to be build based on the documented risk assessment which is undertaking annually. The risk assessment could be input by senior management and the Board of Directors. This is probably the first stage of how risks that probably happen in the organization are included in the audit planning and is probably the best reason and answer to the question of why Internal Audit is important for risk management. One of the risks that identify by management are identified, then management will have a discussion with the internal audit by asking them for help and pay more attention to them. However, the audit has to pay more attention to the requestor risks that input by management. The reason is that management might want to turn audit attention into other areas where the problems have been done or conduct by management themself. This is the very importance of Annual Internal Audit Planning for the success of the company as a whole added by internal audit.
- Planning must be developed as the result of measurement of identification and consider the expectations of senior management, the board of directors, and other stakeholders for an internal audit opinion. The standard requires the internal audit department to design internal audit activities that are designed to add value to its company or client. In order to do so, internal audits must have proper risk assessment procedures, programs, and documentation. Data are the factors that drive internal audit planning activities, not an assumption. This is to make sure that all the activities that set for the whole years are internal audit departments have to complete to ensure that the risks are minimized to the lowest as acceptable and detected at the right time.
- The chief audit executive should consider accepting proposed consulting engagement based on the engagement’s potential to improve the management of risks, and value and improve the organization’s operation. There are many technical areas depending on the different types of the business and it is obvious that internal audit does not know every single of those areas. For the areas that internal audit does not have any expertise in, internal audit should consider seeking for assistant or consultant from the expert. Such the consultant should have been clearly put in the annual internal audit planning.