Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Audits of SMEs - Sometimes Less is More

2,365 views

Published on

Keeping up with standards and regulation is biggest challenge facing SMPs. Insight from IFAC SMP Quick Poll Findings and tips for audit efficiency are discussed in this presentation by Mats Olsson, Member, IFAC Small and Medium Practices Committee, at the KibR Seminar in Warsaw on November 7, 2013.

Published in: Business
  • Be the first to comment

Audits of SMEs - Sometimes Less is More

  1. 1. Page 1 | Confidential and Proprietary Information Audits of SMEs – Sometimes Less is More Mats Olsson Member, IFAC Small and Medium Practices Committee KibR Seminar, Warsaw November 7, 2013
  2. 2. Page 2 | Confidential and Proprietary Information Agenda • Insights from IFAC SMP Quick Poll • SMP Committee – Input to Standard Setting (IAASB) • Proportional application of ISAs and ISQC 1 – ISAs 200, 210, 315 and ISQC 1 • Tips for Audit Efficiency • IFAC Resources – Knowledge Sharing / Implementation
  3. 3. Page 3 | Confidential and Proprietary Information IFAC SMP Quick Poll Findings • Keeping up with standards and regulation is biggest challenge facing SMPs • Pace of change was that aspect of standards and regulation that posed the greatest challenge for SMPs • Audit & assurance were the types of standards and regulation that posed the 2nd greatest challenge for SMPs
  4. 4. Page 4 | Confidential and Proprietary Information Input to Standards (IAASB) • Robust and regular input on key projects – Proportionality/scalability is key consideration – Comment letter on A Framework for Audit Quality CP (May) – Comments on ISA Implementation Monitoring project (April) • Response to IAASB strategy survey (April) – Need for stable platform but….. – Internal controls and documentation may be insufficiently scalable – ISQC 1 needs to be more risk-based and proportionate – Need for impact analysis and post-implementation reviews
  5. 5. Page 5 | Confidential and Proprietary Information Proportional Application of ISAs and ISQC 1 I • ISAs - Overview – New structure in which information is presented in separate sections: Introduction, Objective, Definitions, Requirements and Application and Other Explanatory Material – Emphasis on professional judgment, the standards are principles based which allows practitioners to tailor audit procedures – Contain special considerations for smaller entity audits – Some ISAs only apply to larger entity audits – Many requirements may not be relevant to SME audits
  6. 6. Page 6 | Confidential and Proprietary Information Proportional Application of ISAs and ISQC 1 II • ISA 200, Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing – The practitioner needs to comply with all ISAs relevant to the audit and with all requirements in ISAs relevant to the audit – A complete knowledge of all the standards is essential in order to make a professional judgment as to what to leave out
  7. 7. Page 7 | Confidential and Proprietary Information Proportional Application of ISAs and ISQC 1 III • Examples of some of the ISAs that would not be relevant in an SME audit include: – ISA 402 Audit Considerations Relating to an Entity Using a Service Organization if the SME does not use a service organization – ISA 510 Initial Audit Engagements – Opening Balances if the SME is a continuing, and not an initial, engagement – ISA 600, Special Considerations – Audits of Group Financial Statements (Including the Work of Component Auditors) if the SME audit engagement is not a group audit – ISA 610 Using the Work of Internal Auditors if the SME has no internal audit function
  8. 8. Page 8 | Confidential and Proprietary Information Proportional Application of ISAs and ISQC 1 IV • ISA 200 continued: – Not all ISAs are relevant to every audit as the standards are designed to cover audits in every situation globally. For example, it is possible that there are requirements which are not relevant to some SME audits including: – requirements to test the expectation that controls are operating effectively (ISA 330) – requirements when an engagement needs an engagement quality control review (ISA 220)
  9. 9. Page 9 | Confidential and Proprietary Information Proportional Application of ISAs and ISQC 1 • ISA 210 Agreeing the Terms of Audit Engagements – Paragraph 6, agreeing the terms of engagement with management and paragraphs 9 and 10 which require you to communicate the terms in writing to management in a letter will be applicable in every engagement – Paragraphs 7 and 8 deal with an imposed scope limitation and the situation where the preconditions do not exist. Paragraphs 14 – 17 deals with changes to the terms of engagement in mid-audit and paragraphs 18 - 21 the situation where laws and regulation supersede the ISAs • It is important to know what the requirements are, but these situations are also likely to be far and few between for most SME audits
  10. 10. Page 10 | Confidential and Proprietary Information Proportional Application of ISAs and ISQC 1 V • ISA 210 Agreeing the Terms of Audit Engagements continued – To summarize, of the 16 requirements in IAS 210, paragraphs 6, 9 and 10 are critical and will apply in every engagement. For SMPs, knowing they have to deal with 3 main requirements out of 16 is a lot less daunting than considering all 16 every time.
  11. 11. Page 11 | Confidential and Proprietary Information Proportional Application of ISAs and ISQC 1 VI • ISA 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment – The objective of the auditor is to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and assertion levels, through understanding the entity and its environment, including the entity’s internal control, thereby providing a basis for designing and implementing responses to the assessed risks of material misstatement. • Focus on Significant risks – effectiveness and efficiency – Understand the business – important from an engagement risk perspective – Identify significant risks up front and focus audit effort on these
  12. 12. Page 12 | Confidential and Proprietary Information Proportional Application of ISAs and ISQC 1 VII • ISA 315 focus on Significant risks – effectiveness and efficiency continued – Substantive tests are required for each material class of transactions, account balances and disclosures, but tests of details only required for significant risks – Consider analytical procedures (follow requirements of ISA 520 Analytical Procedures) for non-significant risk items where appropriate – Use professional judgment to determine what substantive tests to use on items not considered significant risks – ISAs explicitly encourage the auditor to exercise professional judgment in determining the form and extent of documentation – they acknowledge extent may vary depending on the circumstances
  13. 13. Page 13 | Confidential and Proprietary Information Proportional Application of ISAs and ISQC 1 VIII • ISQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Statements and Other Assurance and Related Services Engagements – Applies to firms of all sizes that provide services covered by the IAASB’s International Standards – Requirement for the firm to comply with each requirement of the standard unless, in the circumstances of the firm, the requirement is not relevant to the services provided… – Contains special considerations for smaller practices – Indicates that the form and content of documentation evidencing the operation of each of the elements of the system of quality control is a matter of judgment and depends on the size, nature and complexity of the firm and number of offices
  14. 14. Page 14 | Confidential and Proprietary Information Tips for Audit Efficiency • Automation – standardized templates and customized checklists • Software – utilizing commercially available products • Planning – timeframe, list of deliverables, client meeting • Risk based approach – in line with ISAs • Staff training/ supervision • Communication
  15. 15. Page 15 | Confidential and Proprietary Information Knowledge Sharing – Implementation • Building and sharing knowledge, including access to resources and tools, amongst member bodies and SMPs – Implementing standards (incl. ISAs, ISQC 1) – Insight articles (e.g., efficiently auditing SMEs, review engagements) – Comprehensive guides on how to efficiently implement ISAs and ISQC 1 (guidance, case studies, checklists etc.) – Guide to Review Engagements (Dec. 2013) – Suite of links to free resources from member bodies
  16. 16. Page 16 | Confidential and Proprietary Information Knowledge Sharing – Implementation II ISA Guide Volume 1 • Fundamental concepts of a risk- based audit in conformance with the ISAs ISA Guide Volume 2 • Practical guidance on performing SME audits. Includes two illustrative case studies—one of an SME audit and one of a micro-entity audit
  17. 17. Page 17 | Confidential and Proprietary Information Knowledge Sharing – Implementation III • QC Guide • Helps SMPs apply ISQC 1 proportionately and efficiently. Includes guidance, case study, two sample QC manuals and checklists • Reference, training, customize manuals and checklists
  18. 18. Page 18 | Confidential and Proprietary Information References – General  IFAC SMP Committee website: http://www.ifac.org/smp  IFAC SMP Twitter: https://www.twitter.com/IFAC_SMP (please follow us)  IFAC SMP Community: http://www.linkedin.com/groups?home=&gid=4542841&trk=anet_ug_hm (please join us)  IFAC SMP Quick Poll: Mid-Year 2013: http://www.ifac.org/publications-resources/ifac-smp- quick-poll-mid-year-2013 (please take the Nov./Dec. 2014 poll)  Resources and tools (all): http://www.ifac.org/about-ifac/small-and-medium-practices- committee/smp-resources-and-tools  IFAC Translations and Permissions: http://www.ifac.org/about-ifac/translations-permissions • Links to implementation of ISAs resources: https://delicious.com/#ifacsmpcommittee/Implementation,Audit • Links to implementation of ISQC 1 resources: https://delicious.com/#ifacsmpcommittee/Implementation,Quality%20Control
  19. 19. Page 19 | Confidential and Proprietary Information References – IAASB • Staff Q&A, Applying ISAs Proportionately with the Size and Complexity of an Entity: http://www.ifac.org/publications-resources/staff-questions-answers-applying-isas- proportionately-size-and-complexity-ent • Staff Q&A, Applying ISQC 1 Proportionately with the Nature and Size of a Firm: http://www.ifac.org/sites/default/files/publications/files/Staff%20QA%20ISQC%201%20Prop ortionality_FINAL.pdf • The Clarified ISAs—Findings from the Post-Implementation Review: http://www.ifac.org/publications-resources/clarified-isas-findings-post-implementation- review
  20. 20. Page 20 | Confidential and Proprietary Information References – Knowledge Sharing - Implementation • Guide to Using International Standards on Auditing in the Audits of Small- and Medium- Sized Entities (Third Edition) (incl. companion manual and slides): https://www.ifac.org/publications-resources/guide-using-international-standards-auditing- audits-small-and-medium-sized-en • Guide to Quality Control for Small- and Medium-Sized Practices (Third Edition) (incl. companion manual and slides): www.ifac.org/publications-resources/guide-quality-control- small-and-medium-sized-practices-third-edition-0 • Boosting the Quality and Efficiency of Smaller Entity Audits article: https://www.ifac.org/news-events/2013-07/boosting-quality-and-efficiency-smaller-entity- audits • Tips for Cost-Effective ISA Application article: https://www.ifac.org/publications- resources/tips-cost-effective-isa-application • Tips for Cost-Effective ISQC 1 Application article: https://www.ifac.org/publications- resources/tips-cost-effective-isqc-1-application
  21. 21. Page 21 | Confidential and Proprietary Information Thank You www.ifac.org/smp

×