TOPIC 5

CLIENT EVALUATION
AUDIT RISK ASSESSMENT

Course Content
GENERAL
1)
2)
3)
4)

Introduction to auditing & auditors (Chapter 1)

The auditing environment and boundaries for financial auditing (Chapters 1 & 6)
Role of auditing in corporate governance (Chapter 2) GROUP ASSIGNMENT announced (due May 2 week)
Professional and ethical obligations of auditors and auditors legal liability (Chapters 3 & 5)

AUDITING PROCESS
PLANNING
5) Client evaluation & planning the audit (Chapter 8)
MIDTERM EXAM (APRIL 8)
6) Audit risk, materiality concepts and audit evidence (Chapters 9 & 10)
SCHOOL BREAK (April 16-May1)
DELIVERY
7)
Control risks & tests of controls and Designing substantive procedures (Chapter 11 & 12)
8)
Auditing transactions & balances 1 (Chapters 14 & 15)
9)
Auditing transactions & balances 2 (Chapters 16 & 17)
COMPLETION
10) Completing the audit (Chapter 18)
11) The Auditors report (Chapter 7)

FINAL EXAM

Objective of Financial Auditor

The main responsibility of financial audit is to perform the
annual audit of the financial accounts and reporting, providing
an opinion whether they are a true and fair reflection of the
companys position in all material respects in accordance with
some accounting framework & principles.
KEY WORDS:
To give an Opinion on financials
True and fair view
In all material respects
In accordance with a framework (IFRS)
By obtaining evidence for management assertions
By being in line with IAS and PES and in conformity with the
Regulations

Audit Risk
Audit risk is the risk that an auditor
expresses an inappropriate audit opinion
when a financial report is materially
misstated
In other words, it is the risk of not
detecting material misstatements.
Therefore, all audit work should focus on
preventing this risk. Audit planning is
critical from this perspective.

Financial Audit Process

Perform Risk Assessment Procedures
Assess the Risk of Material
Misstatement
Respond to Assessed Risks
Perform Audit Procedures
Evaluate Audit Evidence
Communicate Audit Findings

Financial Auditing Process

1. Client
Evaluation and
Getting the
Engagement

2. Planning the
Audit

Risk
Assessme
nt

3.Execution of
the Audit
Program

Risk
Response

4. Completion
of the Audit and
the Auditors
Report

Reporting

Phase 1 Getting the Engagement

Gathering information to assess the client
based on the acceptance policy

CLIENT
EVALUATION

Meeting with Previous Auditor

Engagement Letter

Phase 2 Risk Assessment

Information Gathering for the Preliminary
Risk Assessment

PLANNING THE AUDIT

Preparation of the Audit Program

Time and Resource Planning

Phase 3 Risk Response

Evaluation of the Internal Control
System
Update of the Audit Program
EXECUTION OF
THE AUDIT
PROGRAM

Testing of Transactions & Balances

Evaluation of Evidences Gathered

Phase 4 - Reporting

Forming the opinion

COMPLETION &
REPORTING
Preparation & distribution of the Audit
Report

Financial Auditing Process

1. Client
Evaluation and
Getting the
Engagement

2. Planning the
Audit

Risk
Assessme
nt

3.Execution of
the Audit
Program

Risk
Response

4. Completion
of the Audit and
the Auditors
Report

Reporting

11

Phase I - Getting the

Engagement Client Evaluation
Step 1: Assess client integrity

Step 2: Assess audit firms ability to

meet ethical requirements, service client

Step 3: Prepare client engagement letter

Steps in acceptance of a client

(1)
Client integrity &
other considerations

(2)
Ethical & legal
considerations

(3)
Engagement

Evaluate
integrity of
management

Evaluate
independence

Prepare
engagement
letter

Identify special
circumstances
and unusual risks

Assess
competence
to perform audit
Determine ability
to use due care
13

(1) Client integrity & other

considerations
Evaluating the integrity of management:
Communicating with existing auditors (PES1).
Making enquiries of other third parties.
Reviewing previous experience if any with the client.
Identifying special circumstances and unusual risks:
Identifying intended users of the audited financial
statements.
Assessing a prospective clients legal and financial
stability.
Evaluating the clients auditability.
14

(1) Client integrity & other

considerations
Client integrity - Auditor should consider:
Reputation of client, management, directors, key
stakeholders
Clients reason for switching auditor
Clients attitude to risk exposure and management
Clients attitude to using internal controls to mitigate risk
Appropriateness of the clients interpretation of
accounting rules
Clients willingness to allow auditor full access to
information required to form an opinion
Clients attitude and willingness to pay fair amount for
audit work

(2) Ethical and legal

considerations
Ethical considerations relate to whether the audit firm is
able to meet independence criteria, complete the
engagement with professional competence and perform the
audit with due care.
legal considerations relate to ensuring compliance with
the requirements of the Professional Code of Conduct
and
the Corporations Act in the evaluation of
independence and ensuring there are no conflicts of
interest.
16

(2) Ethical and legal

considerations
Ethical requirements prescribed under Corporations Act
Auditor to give written representation that there are no
contraventions of independence requirements.
Auditor should take reasonable steps to ensure any
conflicts of interest cease.
Auditor cannot play a significant role in audit of a listed
company for more than 5 consecutive years.

17

(2) Ethical and legal

considerations
Assessing competence to perform an audit
Engagement team to have appropriate
competence and capabilities to perform the audit
accordance with Auditing Standards, legal and
regulatory requirements.
Determining ability to use due care
Involves review of work done and judgements
exercised by those assisting in the audit.

18

in

(3) Engagement Letter

(ISA (NZ) 210)
Prepared by auditor, acknowledged by client
Form of contract, can expand on obligations in Companies Act
Explains scope and objective of audit, timing of various aspects
of audit, overview of client responsibilities and auditor
responsibilities
Confirms auditors right of access to information,
independence considerations
Identification of the applicable financial reporting framework.
Reference to expected form and content of reports to be
issued.
Sets fees

Financial Auditing Process

1. Client
Evaluation and
Getting the
Engagement

2. Planning the
Audit

Risk
Assessme
nt

3.Execution of
the Audit
Program

Risk
Response

4. Completion
of the Audit and
the Auditors
Report

Reporting

20

Stages of an Audit
Overview of the audit
Risk
Assessme
nt
Understandi
ng the
client

Risk
identificati
on and
strategy

Risk
Response
Risk and
materiality
assessmen
t

Test of
Controls

Substantiv
e Testing

Reporting

Conclusio
n and
forming
an opinion

Risk Assessment (Audit Planning)

Planning starts with obtaining an understanding of the entity and its
environment in order to understand events, transactions and practices
affecting the entity.
Planning also involves setting materiality levels, assessing audit risk
and its components, and obtaining an understanding of the internal
control structure .
Auditor must plan the audit to reduce audit risk to an acceptably low
level. A well planned audit ensures that sufficient appropriate evidence
is gathered for accounts that are seen as the most risky in terms of
material misstatement
(Audit risk is the risk that an auditor expresses an inappropriate audit opinion
when a financial report is materially misstated)

22

Steps in the planning process

Obtain an
understanding of
the entity and its
environment

Make preliminary
judgments about
materiality levels

Develop preliminary
audit strategies
for significant
assertions

Consider the
audit risk

Obtain an
understanding
of the entitys internal
control structure

23

Gaining an Understanding of a
Client
According to ISA (NZ) 315, gaining an
understanding of the client is necessary to
assess the risk that the financial report contains
a material misstatement due to:

The nature of the clients business

The industry in which the client operates
The level of competition within that industry
The clients customers and suppliers
The regulatory environment in which the
client operates

Gaining an Understanding of a
Client
Stages
(1) ENTITY LEVEL

(2) INDUSTRY LEVEL

(3) ECONOMIC
LEVEL

(1) Entity Level

To plan an audit, the auditor should obtain an understanding
of the entity and its environment in order to understand
events, transactions and practices that may have a significant
effect on the financial statements.
The auditor needs to gain knowledge of issues such as
products and markets, conduct of operations, and transactions
with related parties.
Need to match accounting policies with the type of business
operations based on knowledge and prior industry experience.
26

26

(1) Entity Level

Ownership
structures

Major suppliers

Sources of
financing
Client reputation
and operations

Major customers

ENTITY
LEVEL

Warranties and
discounts
Client relations
with employees

International
Transactions
Capacity to adapt
to changes in
technology

(1) Entity Level

Capital investment activities, including investments in
technology, and non-consolidated activities such as joint
ventures, are of significance from an audit perspective.
Issues such as debt structure, leasing arrangements,
guarantees etc. are also important.
Accounting principles, revenue recognition practices,
accounting for fair values and knowledge of industryspecific practices are all important .

28

28

(2) Industry Level

Understanding industry conditions includes
understanding the market for a clients
products, the
capacity of competitors relative
to market conditions, and price competition.
Certain industries may also have transactions
that increase the risks of material
misstatements.

29

29

(2) Industry Level

Level of
Competit
ion
Level of
Demand
for client
goods/serv
ices

INDUST
RY
LEVEL

Level of
Governm
ent
regulatio
n

Client
Reputati
on

Level of
Governm
ent
Support

(3) Economy Level

How do overall economic conditions affect client?
Interest rate changes, financial crises
Shareholder expectations of increasing profits in good
times
What are specific pressures on client to understate or
overstate profits in these conditions?
Economic downturns can create circumstances that
require write-offs of receivables, inventory or other
assets.

These conditions increase the inherent risk of misstatements

and require close examination by the auditor.

Additional Special
Topics that impact
Audit Planning

Regulatory issues
The regulatory environment can have direct
economic consequences or affect the accounting
and disclosure requirements.
Specific regulatory requirements for particular
industries must be considered.
The auditor should be aware that noncompliance with relevant laws and regulations
may materially affect the financial statements.
33

33

The entitys objectives, strategies

and related business risks
Some matters the auditor may consider include:
Developments in the industry.
New products and services.
Expansion of the business
Current and prospective financing requirements

34

34

Measurement and review of

financial performance
As part of gaining understanding of
client, auditor should learn how client
measures its own performance
Client uses key performance indicators
(KPIs) to monitor and assess its
performance and staff performance
Auditor needs to understand what
client focuses on, and what is
potentially at risk of misstatement

Measurement and review of

financial performance
Such measures from an audit perspective would
include:
Key ratios and operating statistics;
Key financial performance indicators;
Employee performance measures;
Industry trends;
Forecasts, budgets and variance analysis
Analyst reports and credit rating reports.
36

36

Performing analytical
procedures
Analytical procedures involve a study and comparison
of relationships among data to identify expected or
unexpected fluctuations and other unusual items.
Identify fluctuations in accounts that are inconsistent
with auditors expectations based on their understanding
of the client ISA (NZ) 520
Analytical procedures can be conducted throughout
the audit process
Risk assessment phase risk identification
Risk response phase estimating account
balances
Reporting overall37
review

37

Performing analytical procedures

The common types of analytical procedures involve a
comparison of the entitys financial information with:

Comparable information for a previous period or

periods

Expected results such as budgets, plans,

forecasts, industry benchmarks, industry averages.

Enhance the
understandi
ng of the
client

Highlight
unusual
fluctuations in
accounts

Identify accounts at
risk of material
misstatement

Performing analytical
procedures

COMMON ANALYTICAL PROCEDURES

1. SIMPLE COMPARISONS
Account balance with previous year, budget

2. TREND ANALYSIS (HORIZONTAL ANALYSIS)

Comparison of account balances over time
Select base year, restate all accounts in subsequent years as a % of
that base

3. COMMON-SIZE ANALYSIS (VERTICAL ANALYSIS)

Comparison of account balances to single line item
Balance sheet express each item as % of total assets
Income statement express each item as % of sales

4. RATIO ANALYSIS
Assess relationship between various financial report balances, and
between them and non-financial items (Profitability ratios, Liquidity
ratios, Solvency ratios)

Consideration of fraud in
planning
The importance of considering fraud in the planning of an
audit has increased in recent years
ISA 240
The auditor shall evaluate whether the information
obtained from the other risk assessment procedures
and related activities performed indicates that one or
more fraud risk factors are present.
Auditor must asses risk of material misstatement due to fraud

40

40

Fraud Risk
Auditor adopts attitude of
professional scepticism
Maintaining an independent questioning
mind
Search thoroughly for corroborating
evidence to validate information
provided by the client
Dont just rely on past experience with
client

Fraud Risk
Indicators (Red Flags) of Possible Fraud:

High turnover of key employees

Key finance personnel refusing to take leave
Overly dominant management
Poor compensation practices
Inadequate training programs
Complex business structure
No, or ineffective, internal audit
High turnover of auditors
Unusual transactions
Weak internal controls

Fraud Risk
Two Types of Fraud:
1. Financial reporting fraud

Improper asset values, unrecorded liabilities

Delaying expenses, bringing forward revenues
Fictitious revenues, understating expenses
Inappropriate application of accounting principles

2. Misappropriation of assets fraud

Using company credit card for personal items

Failure to remove ex-employees from payroll
Unauthorised discounts or refunds to customers
Theft of stock or other assets

Fraud Risk
I need to meet my monthly targets!
Incentive/
Pressure
FRAU
D
RISK
Rationalisati
Opportunity
on

Nobody really checks anyway! Everyone is doing it!

Auditing for fraud

Procedures to identify the risk of material misstatement
due to fraud:
Enquiries of management.
Consideration of any unusual or unexpected
identified.

relationships

Consideration of any other information obtained

while planning that gives an indication for possible
risk (e.g. lack of controls in cash related assets).

45

fraud

Going Concern Risk

Going concern means belief that
company will remain in business for
foreseeable future. It justifies valuing
assets on basis they will continue to be
used in business and liabilities paid
when due.
Auditor must consider whether it is
appropriate to assume that client will
remain a going concern (ISA (NZ) 570)

Judging Managements
Going Concern Assumptions

https://www.youtube.com/watch?v=yyy5Uq4zEbo

Going Concern Risk

Remaining a going concern is the
responsibility of client governance
Auditor must obtain sufficient
appropriate evidence to assess
validity of going concern assumption
Auditor makes professional
judgement about going concern risk,
based on risk indicators

Going Concern Risk

ISA (NZ) 570 has list of going concern risk
indicators, examples include:

Significant debt/equity ratio

Long term loans due, no alternative finance
Prolonged losses, inability to pay debts when due
Loss of significant customer, supplier problems
(e.g. problems obtaining raw materials, inputs)
High staff turnover, loss of key personnel, strikes
Poor growth planning, inadequate risk
management
Being under investigation for non-compliance
Competitive pressures

Going Concern Risk

Auditor is required to assess client
efforts to identify going concern risk
factors and should obtain related
evidence on this
If going concern is in doubt, undertake
additional audit procedures

Assess cash flow, revenues, expenses, interim results

Review debt contracts, board meeting minutes
Discussions with client management and lawyers

Going Concern Risk

Auditor should also consider factors
that mitigate (reduce) going concern
risk
Mitigating factors include:

Letter of guarantee from parent company

Availability of assets or segment of business
for sale for cash
Ability to raise funds through share issue or
borrowing

Consider adequacy of client

disclosures in financial report about
going concern issues

Corporate Governance
Corporate governance is the rules,
systems and processes within companies
used to guide and control activities

Used to monitor actions of staff and assess level of

risk faced
Controls used to reduce identified risks and ensure
future viability of the company

NZX principles and recommendations for

listed companies

Companies required to disclose their compliance

if not, why not?

IT Environment
Auditor should consider particular risks faced by
client related to IT (ISA (NZ) 315) such as:

Unauthorised access to computers, software, data

Need security, passwords to prevent distorted data
Errors in programs
Can occur if not thoroughly tested before
implementation, or mistakes made when changing
programs
Restrict program change rights to authorised personnel
Programs need to be suitable for client requirements
Lack of backup and loss of data

Client should have appropriate IT installation and

security procedures, and training for staff

Audit Documentation

Audit Documentation
Auditor must document each stage of
the audit in working papers (ASA 230;
ISA 230)
Provides evidence of work completed,
details evidence gathered to support
opinion
Include in a working paper

Client name, audit period

Title of contents of paper, file reference
Details of preparer, reviewer
Cross references to other documents

Audit Documentation
Purpose and function of working papers:
Demonstrate that the audit was performed in
accordance with the auditing standards.
Monitor the progress of the audit.
Provide a guide to the planning and performance
of subsequent audits.
Record the nature, timing and extent of audit
procedures performed.

56

Audit Documentation
Working paper files include:
Permanent file
Current file
Working trial balance
Schedules and analyses
Audit memoranda and corroborating information
Proposed adjusting and reclassifying entries
Audit program
57

Audit Documentation
Permanent File
Client information and documentation that apply to
more than one audit

e.g. client address, key personnel, long term contracts

Org charts, Articles of Incorporation
Main accounting policies, results of prior audits
Copies of prior period financial reports

Current File
Client information and documentation that apply to
current audit
Evidence gathered for this audit