1.
MASTER CLASS
AUDIT AND ASSURANCE
Clyton Musipa FMVA
Certified Financial Modeling and Valuation Analyst

2.
Audit framework and regulation
Planning and risk assessment
Internal control
Audit evidence
Review and reporting
Multiple areas
KEY FOCUS AREAS

3.
•It is important that students preparing for AA have an understanding of how laws and
regulations affect an audit, not only in terms of the work the auditor is required to do, but
also to appreciate the responsibilities of both management and the auditor where laws and
regulations are concerned
Audit framework and regulation
Focuses on consideration of Laws and Regulations in an Audit of Financial Statements,
and the objectives of the auditor. ISA key take away in relation to the objectives are;
ISA 250 (Revised),
•To obtain sufficient appropriate audit evidence regarding compliance with the provisions
of those laws and regulations generally recognized to have a direct effect on the
determination of material amounts and disclosures in the financial statements.
•To perform specified audit procedures to help identify instances of non-compliance with
other laws and regulations that may have a material effect on the financial statements.
•To respond appropriately to identified or suspected non-compliance with laws and
regulations identified during the audit.

4.
The standard defines an act of ‘non-compliance’ as follows:
‘Acts of omission or commission intentional or unintentional, committed by the entity, or
by those charged with governance, by management or by other individuals working for
or under the direction of the entity which are contrary to the prevailing laws or
regulations. Non-compliance does not include personal misconduct unrelated to the
business activities of the entity.’
Continuation
Direct and indirect laws and regulations
•There are many laws and regulations that a reporting entity may have to comply with in
order to continue in business. For example, many entities will have to comply with strict
health and safety legislation; a food manufacturer may have strict food hygiene
legislation to comply with, and an accountancy firm will have a code of ethics to follow
from its professional body. Such laws and regulations will have both a direct effect on the
financial statements and an indirect effect.

5.
Reporting identified or suspected non-compliance with laws and regulations
•Where the auditor discovers non-compliance with laws and regulations, the auditor must
notify those charged with governance. However, care must be taken by the auditor
because if the auditor suspects that those charged with governance are involved, the
auditor must then communicate with the next highest level of authority, which may
include the audit committee. If a higher level of authority does not exist, the auditor will
then consider the need to obtain legal advice.
•The auditor must also consider whether the non-compliance has a material effect on the
financial statements and, in turn, the impact the non-compliance will have on their report.
If the auditor identifies or suspects non-compliance, the auditor will need to consider
whether law, regulation and ethical requirements either require the auditor to report to
an appropriate authority outside the entity, or establish responsibilities under which this
may be appropriate.
•There may be occasions when the auditor’s duty of confidentiality may be overridden by
law or statute. This can be the case when the auditor discovers non-compliance with
legislation such as drug trafficking or money laundering.
Continuation

6.
ISA 315 (Revised 2019), Identifying and Assessing the Risks of Material Misstatement
Planning and risk assessment
The central theme throughout ISA 315 (Revised) is the assessment of risk. Questions
involving risk assessment are highly examinable at both AA and AAA, it is vital that
candidates have studied this part of the syllabus thoroughly.
A word on assertions
The auditor needs to obtain sufficient appropriate audit evidence to support the assertions
and disclosures in the financial statements made by management. These assertions are used
by the auditor when assessing the risks of misstatement on an engagement.
Objective of the audit and the assessment of risk
The objective of the auditor is to identify and assess the risks of material misstatement,
whether due to fraud or error, at the financial statement and assertion levels thereby
providing a basis for designing and implementing responses to the assessed risks of material
misstatement1.
ISA 315 (Revised) states the reasons ‘why’ risk assessment procedures should be carried out
but provides further guidance with ‘what’ needs to be tested and ‘how’ it can be tested.
Candidates are strongly encouraged to review the appendices to the revised standard for
examples of the ‘what’ and ‘how’.

7.
ISA 200, Overall objectives of the Independent Auditor and the Conduct of an Audit in
Accordance with International Standards on Auditing states that audit risk is the risk that
the auditor expresses an inappropriate opinion when the financial statements are
materiality misstated.
It should be noted that the fundamentals of the audit risk model which candidates will
often come across during their studies has not been affected by ISA 315 (Revised) and
remains as follows:
However, there have been some changes as to how risks are evaluated. ISA 315 (Revised)
enhances the requirement for the auditor to understand the audit risk of the client by
obtaining an understanding of the entity and its environment, the applicable financial
reporting standards and the entity’s system of internal control.
Using the risk model above, these can be considered as follows:
Inherent risk
Understanding the entity and its environment
Understanding the applicable financial reporting framework

8.
Control risk
Understanding the entity’s system of internal control.
Inherent risk
Inherent risk is described as the susceptibility of an assertion about a class of transaction,
account balance or disclosure to a misstatement that could be material, either individually
or when aggregated with other misstatements, before consideration of any related
controls2.

9.
The End
Up Next Part 2