Audit planning includes deciding on the overall audit strategy and developing an audit plan.
Auditing Standard No. 9 from the PCAOB describes an external auditor's responsibility and the requirements for planning an audit. According to standard No. 9, an audit plan is expected to describe the planned nature, extent, and timing of the procedures for risk assessment and the tests to be done on the controls and substantive procedures, along with a description of other audit procedures planned to ensure the audit meets PCAOB standards.
For internal auditing, the Institute of Internal Auditors provides guidance for audit planning. Planning starts with determining the scope and objectives of the audit.
Internal auditors need to understand the business, operations, and unique characteristics of the department/unit being audited and to develop an audit plan that defines the procedures needed to do an efficient and effective audit.
The whole auditing process can generally be divided into three different phases. The audit planning phase includes procedures such as gaining an understanding of the client and its business, making risk and materiality assessments, determining an audit strategy, and determining the type of evidence to collect, based on the risk levels.
Performing the audit refers to the process of collecting evidence. Finally, the reporting phase deals with making conclusions, reporting any necessary adjustments to management, and issuing the independent auditor’s report.
Audit planning is important because auditors should plan the audit so as to reduce audit risk to an acceptably low level that is consistent with the objective of the process. The auditor should plan the nature, timing, the extent of direction and supervision of the engagement team members, and review of the work. The four main reasons for audit planning include:
· To identify areas of risk of material misstatements.
· To design audit procedures to address those risks and to obtain sufficient appropriate evidence.
· To help keep audit costs reasonable.
· To avoid misunderstandings with the client.
New Clients
Let’s picture this scenario: A potential new client approached you and asked you to be his auditor. The previous auditor of the client resigned, and the owner/manager of the company is known for being “shady.” The company needs the audit to raise money for ongoing operations. What issues come to your mind? What should you be careful/wary of?
In terms of new client matters, important issues involve legal liability, going concern issues, fee issues, and previous auditor issues. First, you will want to consider any potential integrity issues with the potential client. Is the client notorious for any sort of fraudulent manipulations? Is the client prone to making unauthorized changes? If any fraud-related issues arise, then it is not only a huge problem for the client but also for the auditor, as the auditor owes a duty of care to the clients’ known users and a foreseeable class of users.
Secondly, the auditor will want to consider the client’s overall financial state. Will the client be able to survive another year in business or is it simply struggling to break even? Thirdly, the auditing business is not some sort of volunteer or charity work. It is ultimately a business and so auditors want to make sure that the client can pay the audit fees. No auditor will want to do the work and end up not being able to collect the money for services provided.
Finally, the auditor will want to contact the former auditor and ask about specific issues that require special attention regarding the client.
Continuing Clients
In terms of continuing clients, the audit report from the previous year should not influence the approach for the new year. The auditor must consider if there are any new issues that he should be careful about. In addition, as always, he should gain an understanding of the client and make the appropriate risk assessments. This is followed by identifying transactions that need special focus (such as complex investments like convertible debentures), followed by assessing the risk of fraud, as well as going concern (financial status) issues. Gaining an understanding of the client includes:
· Obtaining knowledge of the industry/business environment.
· What regulatory or inherent risks are present? Are there unique accounting rules used?
· What is the client’s major source of revenue, its key customers/suppliers?
· Are there any related parties that the auditor should be aware of?
· General business operations and processes – review of the Board of Directors’ minutes
Example Audit Planning Scenarios – What to Consider?
James, a new employee who replaced Terry who was terminated, receives 10,000 stock options at an exercise price of $5.00.
Accounting for stock options involves a high inherent risk because there is a lot of judgment involved due to the volatility in the fair value of a stock option.
Severance issues are also an accounting issue that deserves attention.
The acquisition of a Mexican subsidiary was completed in the current quarter. A final adjustment was made to the deal. Instead of an all-cash deal, the sellers agreed to take a convertible debenture.
Acquisition of a subsidiary presents consolidation issues in accounting that are difficult.
Foreign subsidiaries involve currency issues which also have high inherent risk due to exchange rate risk and accounting for it
Accounting for convertible debt is also complex
Auditors should coordinate with foreign auditors for international situations
When planning an audit, auditors need to consider a wide variety of factors that may impact the client’s financial statements and address those risks properly to fulfil their duty of care to the users that demand and rely on it.