Chapter 6: Planning

Chapter learning objectives

When you have completed this chapter you will be able to:

  • Define and explain the concepts of materiality and performance materiality;
  • Discuss the effect of fraud on the audit strategy;    
  • Explain the auditor's responsibility to consider laws and regulations;
  • Identify and explain the need for planning an audit;
  • Identify and describe the contents of the overall audit strategy and audit plan;
  • Explain the difference between interim and final audit;
  • Describe the purpose of an interim audit, and the procedures likely to be adopted at this stage;
  • Describe the impact of the work performed during the interim audit on the final audit; and
  • Explain the need for and the importance of audit documentation.

1 Objective of the Auditor

"The objective of the auditor is to plan the audit so that it will be performed in an effective manner." (ISA 300 Planning and Audit of Financial Statements).

Audits are potentially complex, risky and expensive processes for an accountancy firm. Although firms have internal manuals and standardised procedures it is vital that engagements are planned to ensure that the auditor:

  • Devotes appropriate attention to important areas of the audit;
  • Identifies and resolves potential problems on a timely basis;
  • Organises and manages the audit so that it is performed in an effective and efficient manner;
  • Selects team members with appropriate capabilities and competencies;
  • Directs and supervises the team and reviews their work; and
  • Effectively coordinates the work of others, such as experts and internal audit.

The purpose of all this is to ensure that the risk of performing a poor quality audit (and ultimately giving an inappropriate audit opinion) is reduced to an acceptable level.

2 The planning process

Planning consists of a number of elements. However, they could be summarised as:

  • Preliminary engagement activities:
    • evaluating compliance with ethical requirements; and
    • establishing the terms of the engagement.
  • Planning activities:
    • developing the audit strategy; and
    • developing an audit plan.

3 The audit strategy

The audit strategy sets the scope, timing and direction of the audit. It allows the auditor to determine the following:

  • the resources to deploy for specific audit areas (e.g. experience level, external experts);
  • the amount of resources to allocate (e.g. number of team members);
  • when the resources are to be deployed; and
  • how the resources are managed, directed and supervised, including the timings of meetings, debriefs and reviews.

Considerations in establishing the overall strategy

In determining the audit strategy the auditor should:

(i)Identify the characteristics of the engagement;

(ii) Ascertain the reporting objectives to plan the timing of the audit and the nature of communications;

(iii)Consider the significant factors that will direct the team's efforts;

(iv)Consider the results of preliminary engagement activities; and

(v) Ascertain the nature, timing and extent of resources necessary to perform the engagement.

Audit strategy in detail

Characteristics of the engagement

  • What is the financial reporting framework for the financial statements?
  • Are there industry specific requirements? e.g. listed companies and charities;
  • The number and locations of premises, branches, subsidiaries etc;
  • The nature of the client and the need for specialised knowledge;
  • The reporting currency;
  • The effect of IT on audit procedures, including availability of data.

Reporting objectives, timing of the audit, and nature of communication

  • The timetable for interim and final reporting;
  • The organisation of meetings with management;
  • The expected types and timings of auditor's reports/communications;
  • The expected nature and timing of communication amongst team members; and
  • Whether there are any expected communications with third parties.

Significant factors and preliminary engagement activities

  • Materiality;
  • Results of risk assessment;
  • Professional scepticism;
  • Results of previous audits;
  • Evidence of management's commitment to internal controls;
  • Volume of transactions;
  • Significant business developments/changes;
  • Significant industry developments; and
  • Significant financial reporting changes.

Nature, timing and extent of resources

  • The selection of and assignment of work to the engagement team; and
  • Budgets.

4 The audit plan

Once the audit strategy has been established, the next stage is to develop a specific, detailed plan to address how the various matters identified in the overall strategy will be applied.

The audit plan is much more detailed than the overall strategy because it includes details of the nature, timing and extent of the specific audit procedures to be performed. Planning these procedures depends, largely, on the outcomes of the risk assessment process, which was discussed earlier.

The plan itself

The audit plan should include specific descriptions of:

  • the nature, timing and extent of risk assessment procedures;
  • the nature, timing and extent of further audit procedures, including:
    • what audit procedures are to be carried out
    • who should do them
    • how much work should be done (sample sizes, etc)
    • when the work should be done (interim vs. final).
  • any other procedures necessary to conform to ISA's.

The relationship between the audit strategy and the audit plan

Whilst the strategy sets the overall approach to the audit, the plan fills in the operational details of how the strategy is to be achieved.

It is vital that both the strategy and the plan - and any consequent updates to them - are fully documented as part of audit working papers.

5 Interim versus final

The auditor must consider the timing of audit procedures: whether to carry out an interim audit and a final audit, or just a final audit, or alternatively whether to audit the entity throughout the year using Computer Assisted Audit Techniques (CAATs).

Interim audits can be completed part way through a client's accounting year (i.e. before the year end). This allows the auditor to spread out their procedures and enables more effective planning for the final stage of the audit. Interim audits normally focus on:

  • documenting systems; and
  • evaluating controls.

It may be possible to:

  • test specific and complete material transactions, e.g. purchasing new non-current assets;
  • attend interim inventory counts; and
  • carry out an interim receivables circularisation.

The final audit takes place after the year-end and focuses on the remaining tests and areas that pose significant risk of material misstatement. This usually involves concentration on year-end valuations and areas where there is significant subjectivity.

For an interim audit to be justified the client normally needs to be of a sufficient size because this may increase costs. In argument to this, an interim audit should improve risk assessment and make final procedures more efficient. If there is to be an interim as well as a final audit the timing has to be:

  • Early enough:
    • not to interfere with year-end procedures at the client; and
    • to give adequate warning of specific problems that need to be addressed in planning the final audit.
  • Late enough:
    • to enable sufficient work to be done to ease the pressure on the final audit.

6 Specific planning considerations

As part of the planning process the audit must consider three specific issues to help them assess the risk of material misstatement, namely:

  • the level of materiality;
  • fraud; and
  • laws and regulations.

What is the significance of materiality?

The bottom line is that the auditor is responsible for providing "an opinion on whether the financial statements are prepared, in all material respects, in accordance with an applicable financial reporting framework."

(ISA 200 Overall Objective of the Independent Auditor.......)

If financial statements contain material misstatement they cannot be deemed to show a true and fair view and are therefore an unreliable basis for users' decision making.

As a result the focus of an audit is identifying the significant risks of material misstatement in the financial statements and then designing procedures aimed at identifying and quantifying material misstatement.

What is materiality?

Materiality is a concept, a threshold, an intangible. What makes misstatement material to one user of the accounts may not be material to another user. The precise definition is as follows:

"Misstatements, including omissions, are considered to be material if they, individually or in the aggregate, could reasonably be expected to influence the economic decisions of users taken on the basis of the financial statements"

(ISA 320 Materiality in Planning and Performing an Audit)

How is materiality determined?

The most significant misunderstanding about materiality is that it is a purely financial concern. However, disclosures in the financial statements pertaining to possible future legal claims, for example, could influence users' decisions and may be purely narrative. In this case a numerical calculation is not relevant.

The guidance in ISA 320 states that the determination of materiality is a matter of professional judgement and that the auditor must consider:

  • The circumstances surrounding the entity;
  • Both the size and nature of misstatements; and
  • The information needs of the users as a group.

This is an obviously subjective and potentially complex process but is vital in ensuring that materiality is considered in light of the client's needs, instead of just applying an arbitrary calculation. However, ISA 320 does recognise the need to establish a financial threshold to guide audit planning and procedures. For this reason it does allow the use of standard benchmarks but only as a starting point. The auditor must then consider all the factors listed above. Traditional benchmarks include:

  • ½ – 1% of turnover
  • 5 – 10% of profit before tax
  • 1 – 2% of gross assets

Material by nature

Examples of items which could be, or are generally accepted to be, material by nature include:

  • Misstatements that, when adjusted, would turn a reported profit into a loss for the year.
  • Transactions with directors e.g. salary and benefits, personal use of assets, etc.
  • Related party transactions.

The practical application of materiality

It is unlikely, in practice, that auditors will be able to design tests that identify individually material misstatements. It is much more common that misstatements in aggregate (i.e. in combination) become material. Auditors also have to consider that they can only test on a sample basis, so they have to evaluate their findings and determine how likely it is that errors identified in the sample are representative of material errors in the whole population under scrutiny.

For this reason materiality, as determined for the financial statements as a whole, may not be the best guide in determining the nature and extent of audit tests. To this end ISA's introduce two further concepts: performance materiality and tolerable misstatement that guide the way an auditor performs, and evaluates the results of, their tests.

Performance materiality is defined in ISA 320 as:

"The amount set by the auditor at less than materiality for the financial statements as a whole to reduce to an appropriately low level the probability that the aggregate of uncorrected and undetected misstatements exceeds materiality for the financial statements as a whole."

In using this lower threshold to perform audit procedures the auditor is more likely to identify misstatements, the effect of which can be considered in combination.

Case study: Performance materiality

LeJoG Co is a company that organises accommodation, luggage transportation, and support for charitable sporting enthusiasts attempting to travel from one end of the country to the other. All customers pay in full when booking their trip. LeJoG has a complicated cancellation policy; the amount refundable decreases with the length of time before the start of the trip.

The audit engagement team has planned the audit of the financial statements for the year ended 30 June 2012. The team has determined a materiality level for the financial statements as a whole, of $100,000, which has been calculated using an average of 1% of turnover, 2% total assets and 10% profit before tax. Performance materiality needs to be applied to revenue and the associated liabilities recognised when taking payment from customers in advance, as revenue recognition is an area of audit risk.

Performance materiality could be determined as a percentage of financial statement materiality, say 75%, i.e. a performance materiality of ($100,000 × 75%) $75,000 could be set for the audit of revenue and the associated liabilities. The audit team could use a higher or lower percentage, or use a different calculation, depending on their professional judgement.

The aim of performance materiality is to reduce the risk that misstatements in aggregate exceed materiality for the financial statements as a whole.  For example, if a misstatement was identified of, say $80,000, without performance materiality the auditor would conclude that revenue is not materially misstated.  However, the audit may not have detected further misstatements which when added to the $80,000 identified would result in a material misstatement.  By using performance materiality, the auditor would conclude that a misstatement of $80,000 is material, reducing the risk of giving an inappropriate opinion.

Tolerable Misstatement is defined in ISA 530 Audit Sampling as:

"A monetary amount set by the auditor in respect of which the auditor seeks to obtain an appropriate level of assurance that the monetary amount set by the auditor is not exceeded by the actual misstatement in the population."

It is the practical application of performance materiality to an audit sample. If the total of errors in the sample selected exceeds tolerable misstatement the auditor considers that the risk of a material misstatement from the whole population is high and therefore tests a greater sample size. If the total of errors in the sample is less than tolerable misstatement then the auditor may be reasonably confident that the risk of material misstatement in the whole population is low and no further testing will be required.

7 The impact of fraud

What is fraud?

Major scandals that have affected the accounting profession in recent times have usually been as a result of fraud. Therefore, in order to maintain confidence in the profession it is important for auditors and directors to understand their role in the prevention and detection of fraud.

ISA 240 the Auditor's Responsibilities Relating to Fraud in an Audit of Financial Statements recognises that misstatement in the financial statements can arise from either fraud or error. The distinguishing factor is whether the underlying action that resulted in the misstatement was intentional or unintentional.

It is important to note that fraud is a criminal activity. It is not the role of an auditor to determine whether fraud has actually occurred. That is the responsibility of a country's legal system. Auditors must be aware of the impact of both fraud and error on the accuracy of the financial statements.

Fraud can be further split into two types:

  • fraudulent financial reporting – deliberately misstating the accounts to make the company look better/worse than it actually is
  • misappropriation of assets – the theft of the company's assets such as cash or inventory.

The external auditor's responsibilities

The external auditor is responsible for obtaining reasonable assurance that the financial statements, taken as a whole, are free from material misstatement, whether caused by fraud or error. Therefore, the external auditor has some responsibility for considering the risk of material misstatement due to fraud.

In order to achieve this auditors must maintain an attitude of professional scepticism. This means that the auditor must recognise the possibility that a material misstatement due to fraud could occur, regardless of the auditor's prior experience of the client's integrity and honesty.

ISA 315 Identifying and Assessing the Risks of Material Misstatement Through Understanding the Entity and Its Environment goes further than this general concept and requires that engagement teams discuss the susceptibility of their clients to fraud. The engagement team should also obtain information for use in identifying the risk of fraud when performing risk assessment procedures.

To be able to make such an assessment auditors must identify, through enquiry, how management assesses and responds to the risk of fraud. The auditor must also enquire of management, internal auditors and those charged with governance if they are aware of any actual or suspected fraudulent activity.

Despite these requirements, owing to the inherent limitations of an audit, there is an unavoidable risk that some material misstatements may not be detected, even when the audit is planned and performed in accordance with ISAs. The risks in respect of fraud are higher than those for error because fraud may involve sophisticated and carefully organised schemes designed to conceal it.

Reporting of fraud

If the auditor identifies a fraud they should communicate the matter on a timely basis to the appropriate level of management (i.e. those with the primary responsibility for prevention and detection of fraud). If the suspected fraud involves management the auditor shall communicate such matters to those charged with governance. If the auditor has doubts about the integrity of those charged with governance they should seek legal advice regarding an appropriate course of action.

In addition to these responsibilities the auditor must also consider whether they have a responsibility to report the occurrence of a suspicion to a party outside the entity. Whilst the auditor does have an ethical duty to maintain confidentiality, it is likely that any legal responsibility will take precedent. In these circumstances it is advisable to seek legal advice.

The directors' responsibilities

The directors have a primary responsibility for the prevention and detection of fraud. By implementing an effective system of internal control they should reduce the possibility of undetected fraud occurring to a minimum.

The directors should be aware of the potential for fraud and this should feature as an element of their risk assessment and corporate governance procedures. The audit committee should review these procedures to ensure that they are in place and working effectively. This will normally be done in conjunction with the internal auditors.

Internal auditors may be given an assignment:

  • to assess the likelihood of fraud, or if a fraud has been discovered,
  • to assess its consequences and
  • to make recommendations for prevention in the future.

Practical impact of fraud

As well as adopting an attitude of professional scepticism the auditor is required to perform the following procedures in light of the risk of fraud:

  • Discussion amongst the engagement team regarding the susceptibility of the client to fraud;
  • Consider the risk of fraud when documenting and testing internal controls;
  • Enquiring of management how they: assess the risk of fraud; and identify and respond to the risks of fraud;
  • Enquiring of management whether they have any knowledge of actual or suspected frauds;
  • Enquiring of internal audit whether they have any knowledge of actual or suspected frauds;
  • Enquiring of those charged with governance how they exercise oversight of management's process for identifying and responding to the risk of fraud; and
  • Enquiring of those charged with governance whether they have any knowledge of actual or suspected frauds;

8 Laws and Regulations

Responsibilities of management

Management are responsible for ensuring the entity complies with relevant laws and regulations, including:

  • Company law, e.g. the UK Companies Act 2006;
  • Corporate Governance law, e.g. the US Sarbanes Oxley Act 2002;
  • Health and safety law;
  • Employment law;
  • Stock exchange rules; and
  • Financial reporting regulations.

This requires the monitoring of legal requirements, the development of systems of internal control to ensure compliance and an effective system of assessing the effectiveness of those control systems.

Responsibilities of the auditor

The auditor is responsible for obtaining reasonable assurance that the financial statements taken as a whole, are free from material misstatement, whether caused by fraud or error (ISA 200).

Non-compliance with laws and regulations can impact the financial statements because companies in breach of the law may need to make provisions for future legal costs and fines. In the worst case scenario this could affect the ability of the company to continue as a going concern.

In addition the auditor may need to report identified non-compliance with laws and regulations either to management or to a regulatory body, if the issue requires such action. An example of the latter would be when the client is in breach of money laundering regulations.

Therefore, in planning an audit of financial statements the auditor must take into account the applicable legal and regulatory framework.

More specifically the auditor must obtain sufficient, appropriate evidence regarding compliance with those laws and regulations generally recognised to have a direct effect on the determination of material amounts and disclosures in the financial statements.

The auditor must also perform specified audit procedures to help identify instances of non-compliance with those laws and regulations that may have a material impact on the financial statements. If non-compliance is identified (or suspected) the auditor must then respond appropriately.

Effect of laws and regulations

ISA 250 distinguishes between two types of laws and regulations: those which are generally recognised to have a direct effect on the determination of material amounts and disclosures in the financial statements; and other laws and regulations

Examples of laws and regulations with a direct effect include:

  • company law (e.g. the Companies Act in the UK).
  • taxation legislation.

The auditor must obtain sufficient, appropriate evidence regarding compliance with laws and regulations that have a direct effect on the financial statements.

Examples of other laws and regulations include:

  • environmental legislation.
  • employment laws.

Compliance with other laws and regulations that do not have a direct effect on the determination of material amounts and disclosures in the financial statements, may nevertheless be fundamental to the ability of an entity to continue to operate as a business, or to avoid material penalties, and may therefore still have a material effect on the financial statements.

The auditor must perform specified audit procedures to help identify non-compliance with laws and regulations that may have a material impact on the financial statements.


ISA 250 Consideration of Laws and Regulations in an Audit of Financial Statements requires an auditor to perform the following procedures:

  • obtaining a general understanding of the client's legal and regulatory environment;
  • inspecting correspondence with relevant licensing and regulatory authorities;
  • enquiring of management and those charged with governance as to whether the entity is compliant with laws and regulations;
  • remaining alert to possible instances of non-compliance; and
  • obtaining written representations that the directors have disclosed all instances of known and possible non-compliance to the auditor.

9 Audit documentation

As per ISA 230 Audit Documentation, auditors are required to prepare and retain written documentation that provides: a sufficient appropriate record of the basis for the audit report; and evidence that the audit was planned and performed in accordance with ISA's and other regulatory requirements.

As a general rule of thumb documentation should be sufficient to enable an experienced auditor, with no previous connection to the audit, to understand:

  • The nature, timing and extent of audit procedures performed;
  • The results of the procedures performed and the evidence obtained; and
  • The significant matters arising during the course of the audit and the conclusions reached thereon, and significant professional judgements made in reaching those conclusions.

In so doing auditors must document: the characteristics of items/matters tested; who performed the work; the date work was completed; who reviewed the work; and the dates reviews took place.

A final requirement is that the auditor must document all discussions of significant matters with management and those charged with governance.

It is vital that documentation is retained in an audit file, which should be completed in a timely fashion after the date of the audit report (normally not more than 60 days after) and retained for the period required by national regulatory requirements. Ordinarily this is no shorter than five years from the date of the auditor's report.

Types of audit documentation

Audit documentation includes:

  • Planning documentation:
    • Overall audit strategy;
    • Audit plan;
    • Risk analysis;
  • Audit programmes;
  • Summary of significant matters;
  • Letter of confirmation and representation;
  • Checklists;
  • Correspondence; and
  • Abstracts/copies of client records.

For large audits much of the KOB information may be kept on a permanent file and the audit plan may contain a summary or simply cross refer to the permanent file. Typical information on a permanent file includes:

  • Names of management, those charged with governance, shareholders.
  • Systems information.
  • Background to the industry and the client's business.
  • Title deeds.
  • Directors' service agreements
  • Copies of contract and agreements.

Example contents of an audit file

Typically, there are at least three sections, as follows:

  • planning;
  • performance; and
  • completion.


The main element of this section is likely to be the Audit Planning Memorandum.

This document is the written audit plan and will be read by all members of the audit team before work starts. Its contents are likely to include:

  • background information about the client, including recent performance
  • changes since last year's audit (for recurring clients)
  • key accounting policies
  • important laws and regulations affecting the company
  • client's trial balance (or draft Financial Statements)
  • preliminary analytical review
  • key audit risks
  • overall audit strategy
  • materiality assessment
  • timetable of procedures
  • deadlines
  • staffing and a budget (hours to be worked x charge-out rates)
  • locations to be visited.


Working papers are likely to consist of:

  • Lead Schedule – showing total figures, which agree to the financial statements
  • Back-up schedules – breakdowns of totals into relevant sub-totals
  • Audit work programme detailing:
    • the objectives being tested
    • work completed
    • how sampled items selected
    • conclusions drawn
    • who did the work
    • date work completed
    • who reviewed it


The completion (also known as review) stage of an audit has a number of standard components:

  • Going concern review
  • Subsequent events review
  • Final analytical review
  • Accounting standards (disclosure) checklist
  • Letter of representation
  • Summary of adjustments made since trial balance produced
  • Summary of unadjusted errors
  • Draft final financial statements
  • Draft report to those charged with governance (management letter).

Security and retention of working papers

Who owns the working papers?

The auditor does. This is important because:

  • Access to the working papers is controlled by the auditor, not the client, which is an element in preserving the auditor's independence.
  • In some circumstances care may need to be taken when copies of client generated schedules are incorporated into the file.


Working papers must be kept secure.

  • Audits are expensive exercises. If the files are lost or stolen, the evidence they contain will need to be recreated, so the work will need to be done again. The auditors may be able to recover the costs from their insurers, but otherwise it will simply represent a loss to the firm. Either way, prevention is better than cure.
  • By its nature, audit evidence will comprise much sensitive information that is confidential. If the files are lost or stolen, the auditor's duty of confidentiality will be compromised.
  • There have been cases of unscrupulous clients altering auditors' working papers to conceal frauds.

The implications of IT based audit systems are also far reaching.

  • By their nature, laptops are susceptible to theft, even though the thief may have no interest in the contents of the audit file. Nevertheless, all the problems associated with re-performing the audit and breaches of confidentiality remain.
  • It is more difficult to be certain who created or amended computer based files than manual files – handwriting, signatures and dates have their uses – and this makes it harder to detect whether the files have been tampered with.

This means that the following precautions need to be taken.

  • If files are left unattended at clients' premises – overnight or during lunch breaks – they should be securely locked away, or if this is impossible, taken home by the audit team.
  • When files are left in a car, the same precautions should be taken as with any valuables.
  • IT-based systems should be subject to passwords, encryption and backup procedures.


Audit files should be assembled in a timely fashion. This is, ordinarily, no longer than 60 days after the date of the auditor's report.

Once complete the files should be retained as long as required by national law. However, ISA 230 Audit Documentation, states that this period is, ordinarily, no shorter than five years from the date of the auditor's report. This should therefore be considered the minimum retention period.

All of this means that firms need to make arrangements for:

  • secure storage of recent files
  • archiving older files
  • archiving and backup of IT-based files.

Test your understanding 1

Amongst the matters the auditor is required to consider when planning an audit (in accordance with the requirements of ISA 300 Planning an Audit of Financial Statements) are those of ‘materiality' and the ‘direction, supervision and review' of the audit.

ISA 320 Materiality in Planning and Performing an Audit provides guidance on the concept of materiality in planning and performing an audit.


(a) Define materiality and explain how the level of materiality is assessed.

Real exam question: June 2011

(5 marks)

(b) Explain the nature and significance of direction, supervision and review both in planning the audit and subsequently during the performance of the audit on a particular engagement.

(5 marks)

Test your understanding 2

(1) Discuss the issues to be considered as part of the planning process for an audit.

(5 marks)

(2) List four things which need to be done during the planning process.

(2 marks)

(3) List two sources of information which enable the auditor to assess risk.

(1 mark)

(4) What is the difference between the audit strategy and the audit plan?

(1 mark)

(5) Discuss aspects of the client's business which need to be explained in the audit plan.

(1 mark)

(6) List possible sources of knowledge of the business.

(4 marks)

(7) What is the difference between materiality and tolerable misstatement?

(1 mark)

(8) List eight stages of the audit plan.

(4 marks)

(9) Why is it important for the auditor to plan?

(5 marks)

10 Chapter summary

Test your understanding answers

Test your understanding 1

(a)Materiality is defined as follows:

‘Misstatements, including omissions, are considered to be material if they, individually or in the aggregate, could reasonably be expected to influence the economic decisions of users taken on the basis of the financial statements.'

In assessing the level of materiality there are a number of areas that should be considered. Firstly the auditor must consider both the amount (quantity) and the nature (quality) of any misstatements, or a combination of both. The quantity of the misstatement refers to the relative size of it and the quality refers to an amount that might be low in value but due to its prominence could influence the user's decision, for example, directors' transactions.

In assessing materiality the auditor must consider that a number of errors each with a low value may when aggregated amount to a material misstatement.

The assessment of what is material is ultimately a matter of the auditors' professional judgement, and it is affected by the auditor's perception of the financial information needs of users of the financial statements.  In calculating materiality the auditor should also consider setting the performance materiality level. This is the amount set by the auditor, it is below materiality, and is used for particular transactions, account balances and disclosures.

As per ISA 320 materiality is often calculated using benchmarks such as 5% of profit before tax or 1% of gross revenue. These values are useful as a starting point for assessing materiality.

(b)Direction, supervision and review


An important function in planning the audit is the generation of material necessary for the direction of staff assigned to the audit. Staff need to receive adequate guidance as to the nature of the business and, in particular as to any specific matters affecting the audit determined during the planning phase, such as recent or proposed changes in the nature of the business, its management or its financial structure. Assistants assigned to an audit must receive direction as to such matters to enable them to carry out the audit work delegated to them.

A principal purpose of planning is determining the mix of tests of controls and substantive procedures and the nature, timing and extent of those procedures. The results of the plan are documented in an audit program which specifies the individual procedures to be performed in sufficient detail relative to the experience of the staff assigned to the engagement.


The assignment of staff to the audit as part of the planning process should ensure that they are subject to an appropriate level of supervision. The more junior or inexperienced the staff, the more supervision they will require. On small audits supervision is usually in the form of daily contact with the staff members at the client's premises by a supervisor, usually the audit manager; with regular visits to the clients' premises during the course of the audit.

On larger audits there will be a hierarchy of staff at different levels each with responsibility for supervising the work of assistants assigned to them. During the course of the audit supervisory staff should regularly monitor the work of assistants to ensure that:

  • they understand the requirements of each procedure in the audit programme to which they are assigned
  • they have the necessary skills and competence to perform their assigned tasks
  • the work performed is in accordance with the requirements of the audit programme.

In addition, supervision should ensure that any important matters discovered during the audit are promptly dealt with and the audit programme modified as necessary. The supervisor should also monitor the time spent on each phase of the audit against time budgeted during the planning phase. Significant variances could indicate problems in the performance of the audit.


Supervision also involves review of the work performed. All work must be reviewed to ensure that:

  • the work has been performed in accordance with the programme
  • the evidence has been properly documented
  • all outstanding matters have been satisfactorily resolved
  • conclusions drawn are consistent with the evidence and support the audit opinion.

In addition to the review of evidence obtained in accordance with the audit programme, there needs to be a review at a higher level of more significant audit decisions made. These include a review of:

  • the audit plan and audit programme
  • the assessment of inherent and control risk and the proposed audit strategy
  • reviews of the working papers undertaken by staff at an appropriate level of responsibility
  • the proposed audit opinion based on the overall results of the audit process.

On smaller engagements this review may be undertaken by the manager; with oversight by the engagement partner that the review has been properly conducted. On larger audits the final review will be carried out by the partner. On certain audits it is considered desirable for a second partner, not otherwise involved in the audit, to perform an additional review before issuing the auditors' report. This is sometimes referred to as a hot review.

Test your understanding 2

Created at 5/24/2012 2:35 PM  by System Account  (GMT) Greenwich Mean Time : Dublin, Edinburgh, Lisbon, London
Last modified at 10/3/2012 4:56 PM  by System Account  (GMT) Greenwich Mean Time : Dublin, Edinburgh, Lisbon, London

Rating :

Ratings & Comments  (Click the stars to rate the page)


Recent Discussions

There are no items to show in this view.