Assessment of compliance with international standards on auditing - UK and Ireland (ISAS)
Assessing audit files
The Senior Compliance Officers (SCOs) will assess the level of compliance with auditing standards on audit files during monitoring reviews.
It is recognised that on the majority of audit files there will be some deficiencies, often as a result of inadequate planning and recording of the auditor's work, but a conclusion has to be drawn as to whether those deficiencies render the file unsatisfactory.
Adequate planning procedures are vital to ensuring satisfactory audit quality. Some of the ISAs reviewed at the planning stage of an audit include the following:
- understanding the entity and its environment, including the entity's internal control. (ISA 315),
- compliance with laws and regulations (ISA 250),
- performing risk assessment procedures to obtain information for use in identifying the risks of material misstatement due to fraud (ISA240)
- Assessment of materiality and performance materiality (ISA 320)
- Documentation of sample techniques and sample sizes (ISA 530)
ISA 200 sets out the objectives and general principles governing the audit of financial statements. The auditor should obtain reasonable assurance that the financial statements are free from material misstatement through the accumulation of audit evidence (ISA 200.8).
In pursuing the objective of ‘reasonable assurance’ auditors should consider the possibility that the financial statements may contain misstatements and plan and perform their work to detect them. The SCOs consider the deficiencies identified in a firm's audit work and assess whether or not those deficiencies are serious enough to undermine the audit opinion.
The SCOs will also review the work completed by the auditor at the audit completion stage, which will include the following ISAs:
- Subsequent events review (ISA 560) – this should cover the period between the completion of audit testing and the date of sign off.
- Going concern review (ISA 570) – this should be forward looking: usually for at least one year from the date the accounts are approved by the directors.
- Communicating with those charged with governance (ISA 260).
A self diagnostic checklist is available on ACCA’s website which firms can use as a means to assess their own audit work. This document is for guidance purposes only and is not an exhaustive list This checklist is based on the SCO’s method of reviewing audit files.
The standard of a firm’s audit work can vary from file to file and it is possible for firms to have a mixture of satisfactory and unsatisfactory files. However, if any of the audit files are found to be unsatisfactory this casts doubts on the firm’s own quality control procedures. For this reason the outcome of a monitoring visit is almost always concluded on the basis of the least compliant file. If there are clear reasons to believe an unsatisfactory audit file is not representative of the firm’s current audit work, the SCO may consider any reasoned explanation in reaching an overall conclusion.
Summary
The message to auditors who want to ensure that the overall conclusion reached at their next monitoring visit is satisfactory is straightforward:
They need to identify the matters that could give rise to a risk of material misstatement in the financial statements and ensure that the audit file shows that the work in these areas fully complies with auditing standards.
The key is good audit planning and the only way to get it right every time is to have effective quality control procedures.