SUMMARY AUDITING 1

CHAPTER 6

Disusun oleh:

1. Afra Hasanah 1406578501

2. Dwi Rilvina Suci 1406534393
3. Husna Laili 1406534090

FAKULTAS EKONOMI DAN BISNIS

UNIVERSITAS INDONESIA
DEPOK
2016

Planning Objective and Procedures

Every action should be planned before to achieve the expected result or to get things done
in a correct way. The same thing goes for audit. Planning in audit will help auditor in determine
timing and scope of the audit and the amount and type of evidence and review required to assure
the auditor that there is no material misstatement of the financial statements. The planning
procedures are:

1. Perform audit procedures to understand the entity and its environment, including
the entitys internal control.
2. Assess the risks of material misstatements of the financial statements.
3. Determine materiality.
4. Prepare the planning memorandum and audit program containing the auditors
response to the identified risks.

Understanding the Entity and its Environment

ISA 315 distinguishes the following relevant aspects in the understanding of the entity and its
environment:

industry, regulatory and other external factors, including the applicable financial
reporting framework;
nature of the entity, including the entitys selection and application of accounting
policies;
objectives and strategies, and the related business risks that may result in a material
misstatement of the financial statements;
measurement and review of the entitys financial performance;
internal control (discussed in Chapter 7 Internal Control and Control Risk).

The Entitys Objectives, Strategies and Related Business Risks

The auditor will also consider the entitys objectives and strategies, and the related
business risks that may affect the financial statements. The entitys objectives are the overall
plans for the company as determined by those charged with governance and management.
Strategies are the operational approaches by which management intends to achieve its
objectives. Significant conditions, events, circumstances or actions that could adversely affect
the entitys ability to achieve its objectives and execute its strategies create business risks. The
concept of business risks is broader than the concept of risks of material misstatements in the
financial statements. However, most business risks will typically have a financial consequence,
and hence will find their way into the financial statements.
One could compare a business entity to a living system. The communications network (formal
and informal) is like a central nervous system where important direction is given from the brain
to the body to perform work. In an organization, management or those responsible for
governance (e.g. the board of directors) formulate a strategy which, in turn, influences how
employees perform work. Any living organism has a symbiotic relationship with the
environment. Events such as severe weather may engender survival risks for an entity. Searching
for food in the environment modifies the work an organism does and shapes its survival strategy.
Similarly, in business organizations there exists a symbiotic alliance between the business
processes of the organization and external economic agents. Customers, suppliers, shareholders,
and the general public are external economic agents who impact on a companys profitability and
ultimate survival. Financial statements are the communications that describe, on a monetary
level, the companys dynamic interrelationship with external agents.

Audit Risk Model

The Risk Assessment Process

Auditor must perform procedures to obtain an understanding of accounting and internal

control systems to assess the risk. It is important to do this procedure because some of the results
may be used by the auditor as audit evidence to support the assessments of the risks of material
misstatement of the financial statements.

The auditor examines the risks of material misstatement at the financial statement level
and at the financial statement assertion level for classes of transactions, account balances, and
disclosures. Risks that exist at the financial statement level are pervasive. This risk would not
just have an impact on one item of the financial statements, but would be of importance on the
recognition and valuation of many items.

Assessment Tasks

To assess the risks of misstatement of the financial statements, the auditor performs four tasks.
1. Identify risks by developing an understanding of the entity and its environment, including
relevant controls that relate to the risks. Analyze the strategic risks and the significant
classes of transactions.
 2. Relate the identified risks to what could go wrong in managements assertions about
completeness, existence, valuation, occurrence, and measurement of transactions or
assertions about rights, obligations, presentation, and disclosure.
3. Determine whether the risks are of a magnitude that could result in a material
misstatement of the financial statements.
4. Consider the likelihood that the risks will result in a material misstatement of the
financial statements and their impact on classes of transactions, account balances and
disclosures.

Business Risk, Audit Risk and its Components

Business risks result from significant conditions, events, circumstances, or actions that
could adversely affect the entitys ability to achieve its objectives and execute its strategies. Not
every business risk will translate directly in a risk of a material misstatement in the financial
statements; its called as audit risk.

Audit risk is the risk that the auditor gives an inappropriate audit opinion when the
financial statements are materially misstated. Audit risk is a measure the reliability of the
information used by the accounting system is, i.e. how much reliance can be put on it. The higher
the audit risk, the more evidence must be gathered in order for the auditor to obtain sufficient
assurance as a basis for expressing an opinion on the financial statements.

Audit risk has three components: inherent risk, control risk and detection risk. The three
components are traditionally defined as follows:
1. Inherent risk is the susceptibility of an account balance or class of transactions to
misstatements that could be material, individually or when aggregated with
misstatements in other balances or classes, assuming that there were no related internal
controls. The assessment of inherent risk is discussed in more detail later in this chapter.
2. Control risk is the risk that a misstatement that could occur in an account balance or class
of transactions and that could be material individually or when aggregated with
misstatements in other balances or classes will not be prevented or detected and
corrected on a timely basis by accounting and internal control systems.
3. Detection risk is the risk that an auditors substantive procedures will not detect a
misstatement that exists in an account balance or class of transactions that could be
 material, individually or when aggregated with misstatements in other balances or
classes.

Significant risks are audit risks that require special audit consideration. Significant risks
generally relate to judgmental matters and significant non-routine transactions. Judgment is used,
for example, in the development of significant accounting or fair value estimates. Non-routine
transactions are transactions that are unusual, either due to size or nature, and that therefore
occur infrequently. Risks of material misstatement may be greater for significant judgmental
matters requiring accounting estimates or revenue recognition and for assumptions about the
effects of future events (e.g. fair value) than for ordinary transactions.

As part of risk assessment, the auditor may determine some of the risks identified are
significant risks that require special audit consideration. Classification of a risk as requiring
special consideration is important in the context of the auditors response to the risk. Significant
risks arise on most audits, but their determination is a matter for the auditors professional
judgment. In determining what a significant risk is the auditor considers a number of matters,
including the following:
Whether the risk is a risk of fraud.
The likelihood of the occurrence of the risk.
 Whether the risk is related to recent significant economic, accounting, or other
developments and, therefore, requires specific attention.
The complexity of transactions that may give rise to the risk.
Whether the risk involves significant transactions with related parties.
The degree of subjectivity in the measurement of financial information related to the risk.
Whether the risk involves significant transactions that are outside the normal course of
business for the entity, or that otherwise appear to be unusual given the auditors
understanding of the entity and its environment.

Inherent Risk Assessment

The risk that the financial statements are materially misstated prior to the audit consists of
two components, control risk, and inherent risk. Inherent risk and control risk are the entitys
risks which exist independently of the audit of the financial statements. Inherent risk is the
susceptibility of an assertion about a class of transaction, account balance or disclosure to a
misstatement that could be material, either individually or when aggregated with other
misstatements, before consideration of any related controls.

Inherent risk is higher for some assertions and related classes of transactions, account
balances, and disclosures than for others. Business risk is a risk resulting from significant
conditions, events, circumstances, actions or inactions that could adversely affect an entitys
ability to achieve its objectives and execute its strategies, or from the setting of inappropriate
objectives and strategies. An understanding of the business risks facing the entity increases the
likelihood of identifying inherent risks, since most business risks will eventually have financial
consequences and, therefore, an effect on the financial statements.

Other Planning Activities

Other planning activities include planning discussions with those charged with
governance (like the board of directors) and preparing the audit planning memorandum. As part
of the planning process, it may be appropriate to have discussions with those charged with
governance. The auditor should understand where the entity has an internal audit function, the
extent to which the auditor will use the work of internal audit, and how the external and internal
auditors can best work together in a constructive and complementary manner. Discussion with
those charged with governance will be helpful in planning audit procedures. The attitudes,
awareness, and actions of those charged with governance concerning the entitys internal control
and its importance in the entity, including how they oversee the effectiveness of internal control,
and the detection or possibility of fraud will shape the assessment of control risk and planned
procedures for fraud detection.

The final step in the planning process is to prepare an audit planning memorandum and
an audit plan. The audit planning memorandum summarizes the overall audit strategy and
contains the decisions regarding the overall scope, emphasis, and conduct of the audit, planned
audit responses at the overall financial statement level, along with a summarization of significant
matters documented in the audit plan.

Typically, an audit planning memorandum would contain the following sections:

Background information describing the client companys structure, business, and

organization. This should include significant matters affecting the client, cross-
referenced as required to the audit files to enable a member of the audit team to
gain an overview of the client.
The objectives of the audit showing whether it is an audit for stockholders, the
national government filings, or some special purpose audit.
The assessment of engagement risk and potential follow-up on identified
increased engagement risks, as identified during the client acceptance phase.
An identification of other auditors or experts that will be relied upon in the audit
and a recap of the instructions provided to them.
An assessment of materiality.
Inherent risks, emerging from insight into the clients industry and business,
specified for each important combination of financial statement account and audit
objective.
Conclusions regarding the control environment, including the possible reliance on
internal auditors.
Classification of the clients CIS environment and the level of reliance on the
clients CIS systems.
 An evaluation of the quality of the accounting and internal control systems, in
particular an identification of internal control procedures mitigating the identified
inherent risks.
Summary of the audit approach for addressing each account balance and related
audit objective for which an inherent risk has been identified.
The timing and scheduling of audit work, including determining which
procedures may be performed before the balance sheet date. Also considered is
what audit work must be done on or after the balance sheet date. Dates are shown
for such critical procedures as cash counts, accounts receivable confirmations, and
inventory observation.
Audit budget, detailed for each level of expertise available in the audit team.

Materiality
Materiality is defined in IFACs Glossary Of Terms:
Information is material if its omission or misstatement could influence the economic decisions
of users taken on the basis of the financial statements. Materiality depends on the size of the item
or error judged in the particular circumstances of its omission or misstatement. Thus, materiality
provides a threshold or cutoff point rather than being a primary qualitative characteristic which
information must have if it is to be useful.
The auditor should consider materiality and its relationship with audit risk when
conducting an audit. It is the auditors responsibility to determine whether financial statements
are materially misstated. The auditor considers materiality at both the overall financial statement
level and in relation to individual account balances, classes of transactions, and disclosures.

Reliability, Precision and Amount of Evidence

The auditor should consider materiality and its relationship with audit risk when
conducting an audit, according to ISA 320. What does this mean? In statistical sampling, there is
a fixed relationship between:

the reliability of an assertion based on the sampling (in auditing this is determined by
audit risk);
the precision of this statement (in auditing it is determined by materiality);
the amount of evidence that should be gathered in order to make this assertion.
Changes in one of these three items have implications for (one of) the other two.