Tuanakotta Chapter 15-25

AUDITING 1
AUDITING PROCEDURES (Tuanakotta Chapter
15-20)
• Accepting Audit Engagement or Continuing the Audit
Engagement
• Overall Audit Strategy
• Materiality desicion and implementation
• Audit team discussion
• Identify the inherent risk
• Assesing the Inherent Risk
AUDITING PROCEDURES (Tuanakotta Chapter
21-25)
• Significant Risk
• Understanding the Internal Control
• Evaluating Internal Control
• Communicating the weaknesess of Internal Control
• Completing the risk assesment
Accepting an Audit Engagement

Steps in Accepting an Audit

Engagement
Accepting Audit Engagement or Continuing the
Audit Engagement
• Engagement with the audit client: first engagement
or engagement continuance
• How’s the process ?? (Chart 15-1 Tuanakotta)
• In the process of accepting or rejecting clients,
auditors gather information that answers the
questions that exist
• ISAs : ISA 210, 220, 300 and ISQC 1
• ISCQ : International Standart on Quality
Accepting Audit Engagement or Continuing the
Audit Engagement
• Important concepts in audit engagement process:
a. Audit preconditions (ISA 210.4)
b. Scope limitations
c. Engagement terms (Auditor, management, and
TCWG): ISA 210.7 – 210.17
d. Competency and Indepedency
e. Conflict of Interest
f. Acceptable risk
Accepting Audit Engagement or Continuing the
Audit Engagement
• Understanding Entity and Environment (Hayes, pg
184) : Inquiry, Analytical procedures, Observation
and inspection
• Audit team Discussion: ISA 315 require team wide
discussions
• Continuing Client : Client permanent audit file
contains informations and records
Accepting Audit Engagement or Continuing the
Audit Engagement
Discussion Questions:
What about accepting the engagement
towards little entity compare to the larger
entity? What kind of differences among
those entities?
Overall Audit Strategy
• Audit planning: to ensure that the implementation
of tasks take place efficiently and effectively so as to
achieve acceptably low level
• The benefit of audit planning: (Tuanakotta pg. 273)
Overall Audit Strategy
• Set the overall audit strategy : How to initiate and do
the risk assesment and respond
• Communicating the Audit Plan : ISA 260 al. 15
• Documenting the Audit Strategy : ISA 300 al. 12
Materiality desicion and implementation
• ISA 320 al. 8 and ISA 450 al. 3
• Related concepts: Overall Materiality, Perfromance
materiality
• Implementation of Materiality: Table 17-2
• Other things related to materiality
Materiality desicion and implementation
• QUESTION TO DISCUSS :
a. Can auditor revised the materiality?
b. Can client get the information about the
materiality set by the auditor?
c. How to set the materiality on first engagement?
Audit team discussion
• ISA 315
• The benefit of audit team discussion (Table 18-1)
• How’s the process? (Table 18-1)
Identify the inherent risk
• Relevant ISAs : ISA 200.13; ISA 240.10, 11, 12, 13, 15,
17, 18, 22, 23, 24, 44; ISA 315.3, 11
• Risk Identification is foundation of audit based on
understanding the entity and its bussiness
environtment, (ex: high sales in competitive industry
or
Identify the inherent risk
• Risks : Bussines Risk and Fraud Risk
• Bussines Risk (BR) : the possibility a company will
have lower than anticipated profits or experience a
loss rather than taking a profit. It is influenced by
numerous factors, including sales volume, per-unit
price, input costs, competition, the overall economic
climate and government regulations
• Example BR : failed new product, narrow market,
legal claim, etc
Identify the inherent risk
• Bussiness Risk Sources (Tuanakotta, pg 318):
- External factors
- Nature of Entity
- Performance Indicator
- Accounting Policy
- Internal Control
Identify the inherent risk
• Fraud Risk (FR) significant amount of assets due to fraud.
• Fraud: Fraudulent Financial Reporting and
Missappropriation of Assets
• Fraud Tree and fraud Triangle
• Identify the risk (Tuanakotta, pg. 323):
a. Gathering the basic informations about entity
b. designing, implementing, and documenting risk
assessment procedures
c. Relate the identified risk with areas in the financial
statements
Identify the inherent risk
• Information Sources about the entity
Internal – Financial Information External – Financial Information

Internal – Non Financial Information External – Non Financial Information

Interrelationships among Materiality, Detection Risk, and
Substantive Audit Evidence
Assesing the inherent risk
• Relevant ISAs : ISA 240.25,26,27, ISA 315.25,26
• Attributes to assess the risk: The Impact and the
likelihood (refer to pic. 21-1 also)
HIGH impact HIGH impact
LOW Likelihood HIGH Likelihood

LOW impact LOW impact

LOW Likelihood HIGH Likelihood
Tuanakotta Chapter 20 - 25

AUDITING 1
Assesing the inherent risk
• Relevant ISAs : ISA 240.25,26,27, ISA 315.25,26
• What auditor do? pg. 335
• Attributes : pg. 335 (refer to pic 20-3)
• Documenting the risk (Table 20-1)
Assesing the inherent risk
• Attributes to assess the risk: The Impact and the
likelihood (refer to pic. 21-1 also)

HIGH impact HIGH impact

LOW Likelihood HIGH Likelihood

LOW impact LOW impact

LOW Likelihood HIGH Likelihood
Significant Risk
• Relevant ISAs : ISA 240.26, ISA 315.4, 25, 27, 28, 29,
21, ISA 550. 18, 19
• Significant risk?  ISA 315.4
• Significant Risk is assesed without considering
mitigation controls
• Based on Inherent risk only
• Example of significant risk sources : Table 21-1
Significant Risk
• Risk Sources : High Risk Activity, Non-Routine
Activity, Need Judgment, Fraud Potential
• How to identified? (refer to Tuanakotta pg. 346)
• How to respond? (pg. 346-347)
a. Internal Control Evaluation
b. Audit Respond towards significant Risk
c. Prior year audit evidence
d. Not only analytical subtantive
Understanding Internal Control
• IR and CR ( pg. 353)
• Control: not all control(s), relevant with audit 
control to mitigate the risk
• IR mitigate with CR : residual Risk (RMM)
• Control : PERVASIVE (general) and SPESIFIC
(transactional) : pg 354
• Question: What about internal control at little
entities and what about there’s no control? Pg. 357
• IC relevant to audit : what is the criteria? Pg 359
Evaluating The Internal Control
• Relevant ISAs : ISA 315.13, 29, 32
• Steps to Evaluate the IC: pg. 362 - 367
a. What kind of risk that need to mitigate? Table 23-1
b. Does designed IC can mitigate the risk?  pg 365:
whether IC can prevent, detect and correct
c. Does designed IC functional?  what tod do? Pg. 375
d. Does the relevant IC has been documented? Good
documentation  Benefit? Pg 377 ; Form of
documentation: Pg. 378
• Updating then documentation: pg 379
Evaluating The Internal Control
• Approach : pg 366 - 369
a. One Risk to Many Controls
b. Many Risk to many Controls
c. How to identified relevant control?  Table 23-6
Communicating the Weaknesess of The Internal
Control
• Relevant ISAs : ISA 260.10, 265.6, 7, 8, 9, 10, 11
• IC weaknesess example : Exhibit 24-1 pg 384
• Fraud  communicate with the management
• IC weaknesess consideration : pg 385
• Communicate with the management : pg 389
 Continuing Risk? Unsignificant Risk?
Completing Risk Assesment
• Relevant ISAs : ISA 315.25, 26, 32
• Summary : Exhibit 25-2
• Revised asessment
• Documentation
• Example : Table 25-3