Luận văn xác lập mức trọng yếu và rủi ro kiểm toán (Tiếng Anh)

Graduation thesis Academic Advisor: Pham Hoai Huong, Ph.D
Student: Huynh Thi Bich Ha A
Contents
List of tables.................................................................................................. B
List of charts ................................................................................................. B
List of Appendices........................................................................................ B
Introduction....................................................................................................1
Chapter 1. Literature review on assessing materiality and audit risk in
planning stage of the financial statements audit.....................................................2
1.1. Audit risk ........................................................................................2
1.1.1. Definition and components of audit risk...................................2
1.1.2. Assessing acceptable audit risk and audit risk components......4
1.2. Materiality assessment..................................................................10
1.2.1. Definition and characteristics of materiality...........................10
1.2.2. Process of assessing materiality ..............................................14
1.2.3. Relationship between materiality and audit risk .....................18
Chapter 2. Assessing audit risk and materiality at planning stage of the
financial statements audit conducted by Auditing and Accounting Limited
Liability Company................................................................................................19
2.1. Overview about Auditing and Accounting Limited Liability
Company ......................................................................................................19
2.1.1. Historical development of Auditing and Accounting Limited
Liability Company........................................................................................19
2.1.2. AAC Missions of Auditing and Accounting Limited Liability
Company .................................................................................................19
2.1.3. Types of services provided by Auditing and Accounting Limited
Liability Company........................................................................................20
2.1.4. Management organization structure and human resources in
AAC Auditing and Accounting Limited Liability Company.......................23
2.1.5. Overview of the process of the financial statement audit
conducted by Auditing and Accounting Limited Liability Company..........25
2.2. Preliminary assessment audit risk and materiality conducted by
AAC Auditing and Accounting Limited Liability Company...........................27
2.2.1. Assessing the audit risk...........................................................28
2.2.2. Assessing materiality...............................................................40
Chapter 3. Comments and solutions to improve the assessment of audit risk
and materiality performed by Auditing and Accounting Limited Liability
Company .................................................................................................43
3.1. Comments on the assessment of audit risk and materiality
performed by AAC...........................................................................................43
3.1.1. Positive points .........................................................................43
3.1.2. Limitations...............................................................................44
3.2. Some solutions for improving the assessment of audit risk and
materiality conducted by AAC.........................................................................45
3.2.1. Solutions for the audit risk assessment ...................................45
3.2.2. Solutions for the materiality assessment .................................51

Student: Huynh Thi Bich Ha B
Conclusion ...................................................................................................53
References....................................................................................................54
List of tables
Table 1: The matrix to assessing detection risk.............................................9
Table 2: The guideline of VACPA for determine materiality:....................15
Table 3: Example for using multiple benchmarks.......................................15
Table 4: The ratio of engagement risk.........................................................16
Table 5: Balance Sheet accounts with significant changes .........................32
Table 6: Income Statement accounts with significant changes ...................33
Table 7: Conclusion about internal control system of client.......................37
Table 8: Conclusion of the auditor about control risk on cycle...................39
Table 9: Risk matrix ....................................................................................39
Table 10: Setting the materiality of ABC....................................................42
Table 11: Questionnaire to assess the inherent risk on the whole financial
statements .............................................................................................................45
Table 12: Conclusion inherent risk at ABC.................................................46
Table 13: Questionnaire to assess inherent risk at account level ................47
Table 14: The scorecard for the risk assessment of each internal control
components...........................................................................................................48
Table 15: Conclusion about co risk on the whole financial statements.......48
Table 16: Assessing control risk of revenue following each assertion........50
Table 17: Planned detection risk on each assertions for revenue................51
Table 18: The ratio to assess the performance materiality ..........................51
List of charts
Chart 1: Steps in applying materiality .........................................................14
Chart 2: The structure of AAC ....................................................................24
List of Appendices
Appendix 1: Understanding client and operating environment
Appendix 2: Preliminary analysis of financial statements
Appendix 3: Risk assessment of preliminary analysis procedures
Appendix 4: Assessment of the internal control system of the client
Appendix 5: Purchase, payable and payment cycle
Appendix 6: Sales, receivables and collection cycle

Student: Huynh Thi Bich Ha 1
Introduction
In the trend of integration with the world economy and the continuous
development of the market economy, business activities and financial situation of
enterprises are the concern of state agencies, investors, employees and especially
business owners. So the need for transparency of financial information becomes
more and more important. In the face of that trend, auditing firms further
demonstrated their roles. In auditing, the financial statement audit is the traditional
service and accounts for a large proportion of the revenue of the audit firms. In
order to improve the quality of the financial statement audits, audit firms are now
paying attention to the work carried out in an audit. Assessing a materiality and
audit risk in the planning stage is an extremely important step to help auditing
firms develop an audit plan that contributes to quality improvement as well as the
effectiveness of the audit. However, in practice, the assessment of the materiality
and audit risk in the planning stage of the companies still have many incomplete
points. Understanding the important of assessing the materiality and audit risk and
during my internship at AAC Auditing and Accounting Limited Liability
Company, I have the opportunity to learn and compare between theory and
practice. Therefore, I chose the topic: "Assessing audit risk and materiality in
the audit planning stage performed by AAC Auditing and Accounting
Company" to as the topic for my graduation thesis.
Research content of the project consists of 3 main parts:
Chapter 1: Literature review on assessing materiality and audit risk in
planning stage of the financial statement audit
Chapter 2: Preliminarily assessing materiality and audit risk conducted by
AAC Auditing and Accounting Limited Liability Company
Chapter 3: Comments and solutions to improve the assessment of materiality
and audit risk conducted by Auditing and Accounting Limited Liability Company

Chapter 1. Literature review on assessing materiality and
audit risk in planning stage of the financial statements audit
1.1. Audit risk
1.1.1. Definition and components of audit risk
1.1.1.1. Definition of audit risk
According to Vietnam Standards of Auditing No. 400 – Assessing risk and
internal control, the audit risk is defined:
“Audit risk is the risk that the auditor and auditing company make
inappropriate opinion when the audited financial statements have material
misstatements.”
Audit risk includes three parts: inherent risk, control risk and detection risk.
In fact, the audit risk usually occurs in the direction: the financial statements have
material misstatements but the auditor make unqualified opinion with financial
statements as a whole. In this case, this opinion is inappropriate about the financial
statements. It means that the auditor agrees with material misstatements. With such
an argument, audit risk is defined as the probability of occurrence of material
misstatements on the financial statements that the auditor does not detect.
Audit risk always exists due to factors such as the auditor’s ability and
capability, limited time and cost of auditing, sampling techniques in audit and
fraud detection more difficult than errors.
The users of information of course only accept low risk, which requires the
auditor to work in the effort to achieve an acceptable level of audit risk. Acceptable
audit risk is a measure of how willing the auditor accepts that the financial
statements may be materially misstated after the audit is completed and an
unqualified opinion has been issued. When the auditor decides on a lower
acceptable audit risk, it means that the auditor wants to be more certain that
financial statements are not materially misstated (Arens, 2012).
The level of audit risk is high or low that determines the amount of audit
work required to be carried out. Therefore, it is necessary to analyses insight into
the components of the audit risk and consider the impact of these components to
the amount of audit work as well as the appropriate procedures. In this relationship,
the audit risk and the auditing costs have a negative relationship.
1.1.1.2. Components of audit risk
In order to learn and assess the factors effect to the audit risk, they divide into
three components, include inherent risk, control risk and detection risk.
1.1.1.2.1. Inherent risk
According Arens (2012), inherent risk measures the auditor’s assessment of
the likelihood that there are material misstatements due to error or fraud in a
segment before considering the effectiveness of internal control.

Thus, inherent risk is the probability of the existence material misstatements
on the financial statements due to the potential problems in business, in business
environment or in the nature of accounts. This is an objective factor, belonging to
the nature of an entity, the control activities.
Inherent risk is generally considered to be higher where a high degree of
judgment and estimation is involved or where transactions of the entity are highly
complexity. In addition to increasing audit evidence for a higher inherent risk in a
given audit area, the auditor commonly assign more experienced staff to that area
and review the completed audit test more thoroughly. (Arens, 2012)
1.1.1.2.2. Control risk
According to VSA No. 400, the control risk is defined: Control risk is the
risk that material misstatements will occur in a particular transactions, accounts on
financial statements when separately or aggregated, the accounting system and
internal control system are not able to prevent or detect and repair timely.
As control risk is the probability of occurrence of material misstatements on
the financial statements that the internal control system does not detect and prevent
timely, control risk always exists due to inherent constraints of internal control
system:
- The scope of the internal control system is limited by the issue of costs.
Because the managers always require for the cost of the test to be effective, it
means that the cost must be less than the loss due to misstatement and fraud.
- Most of inspection measures focus on the commonly misstatements, so
difficultly detect the unusual misstatements.
- Operations and examination may be disabled due to collusion with staff or
outside parties.
- Control procedures may no longer be appropriate because the actual
conditions have changed.
In summary, the effective internal control system will minimize misstatement
and fraud but cannot completely eliminate the potential violations. The auditor
only bases on the internal control to reduce the workload but cannot completely
base on this system. Therefore, the auditor also conduct the test while the internal
control system is very effective.
1.1.1.2.3. Detection risk
According to VSA No. 400, “The detection risk is the risk that material
misstatements will occur in each transaction or account on the financial statements
when it is calculated separately or in aggregate that the auditing process, auditor
and audit firm fail to detect.”
In other words, planned detection risk is the risk that audit evidence for a
segment will fail to detect misstatements exceeding tolerable misstatement.

Planned detection risk determines the amount of substantive evidence that the
auditor plans to accumulate. If the planned detection risk is reduced, the auditor
needs to accumulate more evidence to achieve the reduced planned risk (Arens,
2012).
1.1.2. Assessing acceptable audit risk and audit risk components
1.1.2.1. Assessing acceptable audit risk
According to Arens (2012), as you know, a reasonably low acceptable audit
risk is always desirable, but in some circumstances an even lower risk is needed
because of engagement risk factors. Research points to several factors affecting
acceptable audit risk as follows:
- The degree to which external users rely on the statements: when external
users place heavy reliance on the financial statements, it is appropriate to decrease
acceptable audit risk. Several factors are good indicators of the degree to which
statements are relied on by external users such as client’s size, distribution of
ownership and nature & amount of liabilities.
- The likelihood that a client will have financial difficulties after the audited
financial statements is issued: If the client is forced to file for bankruptcy or
suffered a significant loss after completion of the audit, the auditor faces a greater
chance of being required to defend the quality of the audit than if the client were
under no financial strain. In this situations in which the auditor believes the chance
of financial failure or loss is high and a corresponding increase, acceptable audit
risk should be reduced.
- The auditor’s evaluation of management’s integrity: if a client has
questionable integrity, the auditor is likely to assess a lower acceptable audit risk.
To assess acceptable audit risk, the auditor must assess each of the factors
affecting acceptable audit risk. Then, the auditor assess the acceptable audit risk at
high, medium or low.
1.1.2.2. Assessing audit risk components
1.1.2.2.1. Assessing inherent risk
According to Arens (2012), the auditor must assess the factors that make up
the risk and modify audit evidence to take them into consideration. The auditor
should consider several major factors when assessing inherent risk:
- Nature of the client’s business: Business characteristics of client such as
technology process, capital structure, dependent entity, geographic scope.
Seasonal operation, etc., affect the level of inherent risk of the client. For example,
some enterprises have backward technology processes, the ability to present the
cost of inventories as finished products may not be in accordance with prudent
principles. Moreover, an enterprise with many dependent units or operating on
wide area is capable of updating and synthesizing data with many errors.

- Results of previous audits: The risk assessment on each account balance or
type of transaction may be based on the results of previous audits. If the account
balance in the previous year has many differences, in this year inherent risk of this
account will be assessed very high. Because some misstatements of the previous
year cannot be overcome.
- Related parties: Transactions between parent and subsidiary companies,
and those between management and the corporate entity, are examples of related-
party transactions actions as defined by accounting standards. Because these
transactions do not occur between two independent parties a greater likelihood
exists that they might be misstated, causing an increase in inherent risk
- Non-routine transactions: Transactions that are unusual for a client are more
likely to be incorrect recorded than routine transactions because the client often
lacks experience recording them.
- Judgment required to correctly record account balances and transactions:
Account balances and transactions which related to accounting estimation such as
provision, depreciation of fixed assets, allocating, expense accruals, etc. usually
conduct on the basic of subjective judgment of the manager and the operator, so it
is more likely to contain inherent risk on these accounts. Therefore, the auditor
should assess the high level of inherent risk for this accounts to enhance
misstatements detection.
- Factors related to misappropriation of assets: some assets sensitive to fraud
such as cash, gold, gemstone, the compact assets and easy to transport and great
value are easy to steal. Therefore, the auditor should determine the high level of
inherent risk for the balance of these accounts.
- Personnel characteristics of Board of Directors: The auditor should consider
the integrity, qualifications and experience of the Board of Directors as well as
changing in the composition of the management board in the accounting period. In
this, the auditor should pay attention to the role and characteristics of the highest
leader, because this is a person who has the power to make the majority of the
company’s policies and has a major impact on the most of the company’s
operations. If the company is led by a person who is dishonest and fraudulent; or
if the company regularly changes personnel in the Board of Directors, the auditor
must assess the inherent risk at high level.
- Personnel characteristics of accounting department: The qualifications and
experiences of the chief accountants and main accounting staffs is directly related
to the process of gathering, the processing and providing information on the
financial statements.
- The pressure of the Board of Directors and the chief accountant: The auditor
should consider and assess that the Board of Directors and the chief accountant
have been pressured to disclose the false financial statements. For example, the
enterprise, which has suffered loss continuously and is unable to pay its debt, is

not allowed to continue lending to traditional banks. Therefore, it is expected to
issue bonds to raise capital. With this pressure, the enterprise may disclose the false
financial statements about revenue, expense, profit or loss and solvency of debt.
- Outside factors: Economic fluctuations, competition, changes in the buying
and selling markets also affect the inherent risk of the enterprise. A company
operating in a fierce competitive environment, losing market share, the auditor
must assess the very high level of inherent risk to set up reasonable audit
procedures.
The auditor must evaluate the information affecting inherent risk and decide
on an appropriate inherent risk level for each cycle, account, and many items, for
each audit objectives. The auditor does not create nor control the inherent risk, but
only assesses them based on a number of sources such as the audited result of
previous years, customer economic policies, etc… Inherent risk assessment is
usually initiated by considering what the auditor knows about the business and the
nature of the client company. If the auditor does not explain the assessment about
the nature of the client company, they may not identify and determine the
important risk area.
Based on that, the auditor usually uses the following procedures to assess the
inherent risk of the client:
- Interview: Conducting interviews on the basic of well-formed questions for
the management and staff involved to collect the necessary information for the
assessing the inherent risk. Questions are set to collect the information about the
characteristics of business, the personnel of the Board of Directors and accounting
department, the unusual pressure of Board of Directors and chief accountant, the
accounting policies and changing of policies and so on.
- Observation: The observation of the actual situation, process and business
will help the auditor have the necessary knowledge in assessing inherent risk.
- Preliminary analysis the financial statements and review other related
document: The auditor analyzes preliminary the financial statements in
combination with the business plan indicators to gain an overview of the financial
situation and business trends of the client company. At the same time, the auditor
also considers other relevant documents such as internal financial regulations,
meeting minutes, tax inspection, etc. to forecast the inherent risk of the client
company.
The auditor begin their assessments of inherent risk during the planning
phase and update the assessments throughout the audit.
1.1.2.2.2. Assessing control risk
Because control risk arises from the internal control system, the components
of the internal control system are also the factors affect the control risk. Therefore,

to assess the control risk the auditor must base on the knowledge about the internal
control system. According Arens (2012), the factors affect the control risk:
- Control environment: The control environment consist of the actions,
policies, and procedures that reflect the overall attitudes of top management,
directors, and owners of an entity about internal control and its importance to the
entity.
- Risk assessment for financial statements is management’s identification and
analysis of risk relevant to the preparation of financial statements in conformity
with appropriate accounting standards. Management’s risk assessment differs from
but is closely related to the auditor’s risk assessment. While management assesses
risks as a part of designing and operating internal controls to minimize errors and
fraud, auditor assess risks to decide the evidence needed in the audit.
- Control activities: Control activities are policies and procedures, in addition
to those included in the other four control components that help ensure that
necessary actions are taken to address risks to the achievement the entity’s
objectives. There are potential many such control activities in any entity, including
both manual and automated controls.
- Information and communication: the purpose of an entity’s accounting
information and communication system is to initiate, record, process, and report
the entity’s transactions and to maintain accountability for the related assets. An
accounting information and communication system has several subcomponents,
typically made up of classes of transactions such as sales, sales return, cash receipt,
acquisitions, and so on. To understand the design of the accounting information
system, the auditor should determine the major classes of transactions of the entity,
how those transactions are initiated and recorded, what accounting records exist
and their nature, how the system captures other events that are significant to the
financial statements, and the nature and details of the financial statements process
followed, including procedures to enter transactions and adjustments in the general
ledger.
- Monitoring: Monitoring activities deal with ongoing or periodic assessment
of the quality of internal control by management to determine that controls are
operating as intended and that they modified as appropriate for changes in
conditions.
The auditor does not create and also control the control risk, the auditor only
may assess internal control system strong or weak and determine the level of
control risk (low, medium or high).
Based on that, the auditor usually uses the following procedures to assess the
control risk of the client:
- Control environment: The auditor interviews the management and staff
to understand the factors of control environment such as the integrity and
ethical values of the organization; competence commitment; the

organizational structure and assignment of authority and responsibilities;
and so on. In addition, the auditor also associates with the observation and
examination of documents.
- Risk assessment: The auditor needs to interview the management to
understand the content and the results of risk assessment process.
Understanding the client’s risk assessment can help the auditor to assess
the risk of material misstatement. The auditor must use professional
judgment to determine whether the client's risk assessment process is
appropriate or not.
- Control activities: The auditor interviews the management and staff about
the control activities applied. Then, the auditor must observe and examine
the documents to determine whether these activities have been effectively
implemented.
- Information and communication: By conducting interviews accountants
in combination with examining documents, the auditor will gain an
understanding of the information system relating to the preparation and
presentation of financial statements.
- Monitoring: Interviewing management to find out how the board
conducts an assessment of the effectiveness of the internal control
activities.
The auditor may assess the high level of control risk in the following case:
- The internal control system is not sufficient and effective
- The auditor does not have sufficient basic to assess the appropriateness,
completeness and efficiency of internal control system.
The auditor may assess the low level of control risk in the following case:
- The auditor is qualified and has plans to carry out tests of control to confirm
the risk assessment.
- The auditor has sufficient evidence and basic to conclude the effective
internal control system. That system has ability to prevent, detect and handle in
time the fraud, errors in the enterprise.
This assessment on control risk will affect the timing, content and scope of
the audit methodology.
1.1.2.2.3. Assessing planned detection risk
The detection risk is usually affected by the following factors:
- Sampling risk: The auditor make the sample which does not represent the
audited entity so the auditor’s conclusions are based on sample results different
from the overall actual results.

- Non-sampling risk:
+ The scope of the audit: If the scope of the audit is broad, the probability of
detecting frauds and errors increases. It means that the possibility of not detecting
fraud, errors decreases, so the risk of detection decreases and vice versa.
+ The auditing methods: If the auditing methods are more scientific,
appropriate and effective, the ability to detect frauds and errors increase. It means
that the frauds and errors which are not detected decrease, so the detection risk
decrease and vice versa.
+ The qualification, experience and ability of judge of the auditor: the auditor
has a high level of expertise, has a lot of experience and ability to judge well, it is
easy to detect many frauds and errors, therefore the detection risk will decrease
and vice versa. Determining the scope of the audit and selecting the audit method
depends on the qualifications, experience and the ability to judge of the auditor.
Base on the assessment of inherent risk and control risk associated with
acceptable audit risk, the auditor will adjust the planned detection risk so that the
audit risk is acceptable. Planned detection risk can be determined qualitatively and
quantitatively based on audit risk model:
𝐴𝑅 = 𝐼𝑅 𝑥 𝐶𝑅 𝑥 𝐷𝑅
 The qualitative model:
Based on the auditor’s assessment of inherent risk and control risk, the
detection risk level is determined according to the matrix as follows:
Table 1: The matrix to assessing detection risk
Detection risk
Assessing control risk of auditors
High Average Low
Assessing
inherent risk of
auditors
High Min Low Medium
Medium Low Medium High
Low Medium High Max
Each type of inherent risk and control risk is divided into three levels:
High – Average – Low
The detection risk is divided into 5 levels:
Max – High – Average – Low – Min
The matrix illustrating the relationship between the types of risks usually is
expected by the auditor in the audit planning stage. However, if the auditor has
evidences to adjust the inherent risk and control risk, the detection risk will be
adjusted by the auditor.

 The quantitative method:
Beside the qualitative method, the auditor also uses the specific percentage,
called the quantitative risk assessment method. In this model, the relationship
between the audit risk and its components is shown as follows:
𝑃𝐷𝑅 =
𝐴𝐴𝑅
𝐼𝑅 𝑥 𝐶𝑅
Where:
AAR: accepted audit risk
IR: inherent risk
CR: control risk
PDR: planned detection risk
However, this is not the purely mathematical formula, but rather a model
used to assist the auditor in judging and determining the acceptable level of
tolerable misstatements as a basic for designing the audit procedures and
conducting the audit.
The process of this model is as follows:
Step 1: Establishing an acceptable level of audit risk for each audit contract.
This level is applied on all accounts or important transactions.
Step 2: Assessing the inherent risk for the financial statements as a whole and
for the account balances and important types of transactions.
Step 3: Assessing the control risk for each account or important type of
transactions.
Step 4: Based on the audit risk, inherent risk, and control risk are assessed to
determine the acceptable detection risk. Then, the auditor bases on this to
determine content, time and substantive test scope.
1.2. Materiality assessment
1.2.1. Definition and characteristics of materiality
1.2.1.1. Definition of materiality
According to Vietnamese Standards of Auditing No. 320 – Materiality in
auditing:
“Materiality is the term used to express the importance of the information (the
accounting data) in the financial statement. Information which is considered
material, means that the lack of information or inaccuracy of information would
affect the decisions of the user of the financial statement.”
Materiality depends on the importance and the nature of the information or
errors that are assessed in a certain situation. Materiality is a threshold, a point of

division rather than the content of information required. The materiality must be
considered both quantitatively and qualitatively.
When planning, auditor must determine materiality level acceptable to the
standard for detecting the quantitative material misstatements. However, in order
to assess misstatements that are material, auditors must consider both the
quantitative and qualitative aspects of misstatements. For example: Not comply
with the current accounting system may be considered a material misstatement on
the financial statements that lead the users understanding wrong the nature of
issues.
The common definition of materiality as it applies to accounting and therefore
to audit reporting is as follow: A misstatement in financial statements can be
considered material if knowledge of the misstatement will affect a decision of a
reasonable user of the financial statements (Arens, 2012).
In other words, the materiality in the relationship with the content of audit, is
general concept that defines the scale and importance of the basic content of the
audit which affect the correctness of assessing object and using this information
for making decisions. On the perspective of the user information, a simple way,
materiality is an important information and should be presented if it is likely to
affect user decisions.
Understanding simply in the audit, materiality is a level that if a misstatement
is below that level, it shall be considered as non-material misstatement and may be
omitted during the audit process, in contract, a misstatement is over that level, it
shall be considered as material misstatement, this makes the users misunderstand
the situation of the client and make incorrect decisions.
1.2.1.2. Characteristics of materiality
1.2.1.2.1. The size of materiality
This factors is expressed in the size or scale of transactions, accounts for the
object audited. If a transaction or an account of violation is so large that it
determines the nature of the object, the transaction or account is considered
material. In contract, the scale of misstatement is not large enough to change the
perception of object, that the transaction or account is not considered material.
The size of material cannot be consider an absolute number, because a certain
transaction or account, which may be material to a small company but not material
to a large company. Therefore, the material in terms of scale should be in relation
to the whole audited entity. It means that should consider the ratio of a transaction
or an account to a calculate base, depending on the characteristics of each client
such as: total assets, total equity, total revenue or profit before tax.
Determining the materiality to aspect scale is not easy, so to be able to
identify the correct content in this respect, we need to understand the following
basic principles:

- Firstly, the material scale must be determined. It means that assessing
materiality base on certain object such as financial statements, all accounting
documents, and actual financial situation, or types of business lines of the client
company such as product, agriculture, service, bank, insurance, and so on. Because
each business line has distinctive features therefore the material scale is different.
- Secondly, the size of transactions or accounts is a relative rather than an
absolute concept. It is a ratio of size of transactions or accounts to calculate base
such as total assets, revenue, profitable before tax.
- Finally, the material scale bases on object and purpose of audit.
1.2.1.2.2. Nature of materiality
The nature of materiality is reflected in the importance or nature of
transactions or accounts (Arens, 2012).
Commonly, amounts involving fraud are usually considered more important
than unintentional errors of equal amounts because fraud reflects on the honesty
and reliability of the management or other personnel involved. Besides, there are
many cases that the amount of money is low difference, however, the nature of
difference affects material to whole of financial statements and the decisions of
users. So this is a material misstatement. Some illustrations:
 Transactions and accounts have fraud or potential fraudulent:
- Illegal bidding, contracting, and trading transactions because there may be
a collusion between parties to benefit the individual.
- Liquidating of assets transactions: there is the possibility of connecting the
liquidator and the buyer while the assessing is still in use.
- Cash transactions: these transactions occur regularly. Cash is compact and
easy to embezzle, so it is easy to cheat.
- Buying, selling and payment transactions: client firms and customer or
suppliers may conclude to report incorrect financial situation.
- Unusual transactions: These transactions rarely occur but they affect
directly to financial statements.
- The benefit distribution transactions: Transactions related benefit always
constant high levels of fraud because everyone wants to benefit themselves.
- The lefting outside deliberately the books transactions: All transactions
must be recorded into books, if the client company deliberately dropped out of the
books, this is an expression of fraud.
- Transactions occur at the end of the accounting period: commonly, at the
end of accounting period, in order to have satisfied financial statements or adjust

some difference, accountant usually change in record. Therefore, transactions
which occur at the end of the accounting period have high level of fraud.
- Accounts or documents repaired: Because these repairs may aberrant
financial information, affect financial statements.
- Violating accounting principles transactions: because it affects honest and
faith of the management and related individual.
 Transactions or accounts have material misstatements as weakness
competence and prudence of the accountant, include:
- Transactions or accounts have difference from previous year.
- Transactions or accounts have repeated misstatements: although repeated
misstatements have small size, these raises a great suspicion about capacity of
accountant as well as the problem of poor management. Moreover, total all small
misstatement may be a material misstatement which affect financial statements.
- Misstatements affect profit.
- Transactions or accounts relate to other transactions or accounts.
- An incorrect description of the accounting policy of the client company may
cause the user to misrepresent the nature of the information.
The assessment and issuance of the audit opinion depends on the transactions
or accounts related to the nature of the client company. Therefore, material
definition set out the requirement to define the audit content with the principle of
not ignoring transactions or accounts of large size and importance, reflecting the
nature of the object. So that, auditors must consider both size and nature of
problem, and then auditors make reasonable decisions about material, assure
purpose and quality of audit.
In auditing financial statements, examining all documents and transactions
of client firm is impossible because if they do so, the workload will be too large
and costly. If auditors check 100 percent of documents and transactions, they
cannot detect all misstatement due to the limited qualifications as well as the
deliberate concealment of managers.
According VSA, in planning the audit, the auditor makes judgments about
the size of misstatements that will be considered material. These judgments
provide a basis for:
- Determining the nature and extent of risk assessment procedures;
- Identifying and assessing the risks of material misstatement; and
- Determining the nature, timing, and extent of further audit procedures.

1.2.2. Process of assessing materiality
In the planning stage, the auditor should determine materiality for financial
statements as a whole and materiality for accounts. Commonly, the auditor follow
three closely related steps in applying materiality as following chart
Chart 1: Steps in applying materiality
1.2.2.1. Overall materiality assessment (PM)
The primary purpose for setting overall materiality when planning the audit
is that it is used to identify performance materiality and a clearly trivial threshold
for accumulating misstatements (IAAE, 2012)
Firstly, to determining the overall materiality, the auditor should choose the
appropriate benchmarks. According VSA 320, there are many factors to consider
when choosing the benchmarks. These include the nature of entity, the industry of
entity or the particular accounts in the financial statements.
Some examples of benchmarks which the auditor can use:
- Revenue
- Profit before tax
- Total assets
- Total equity
Secondly, the auditor should determine a level of this benchmark (usually a
percentage).
Finally, the auditor should justifying the choices for example explaining the
judgment.
In order to determine the materiality, the auditor may choose one of two
follow methods:
Method 1: The use of a benchmark.
The table below is a guideline of VACPA for determining materiality for
whole of financial statements.
Determine preliminary judgment about materiality
Determine performance materiality for entire financial statement
Allocate performance materiality to segments

Table 2: The guideline of VACPA for determine materiality:
Benchmark Percentage
Profit before tax 5% - 10%
Revenue 0,5% - 3%
Total assets 2%
Total equity 2%
Revenue might be appropriate for an entity which does not stable profit, but
revenue is stable and revenue is an important factors to assess efficiency.
Though not common, total assets might be appropriate for an entity which
likely to go bankrupt, with a large accumulated loss compared to its equity. The
user of financial statements may be more concerned about solvency, the use of
total assets is reasonable.
Total equity might be an appropriate benchmark to use for a star-up company
which has little revenue or profits.
The truth is one size does not fit all. The auditor need to use their professional
judgment to determine an appropriate benchmark and the chosen benchmark needs
to the justifiable, with the rationale clearly documented (IAAE, 2012)
Method 2: The use of multiple benchmarks.
Using this method, the auditor use multiple benchmarks with respectively
rate, and then determining materiality by choosing the largest, the smallest or the
average. For example:
Table 3: Example for using multiple benchmarks
Benchmark
Amount of money on
financial statements
(million VND)
Percentage
Amount of
money
(million VND)
Total assets 25.000 2% 500
Net revenue 15.000 1% 150
Profit before tax 2.500 10% 250
Overall materiality may be chose from:
The smallest: 150 (million VND)
The largest: 500 (million VND)
The average: 300 (million VND)
Commonly, in order to assure the prudent principles, the auditor usually uses
the smallest or the average, rarely uses the largest.

1.2.2.1.1. Performance materiality (MP)
Performance materiality is the “working materiality”. It sets a numerical level
which helps guide auditors to do enough work to support their audit opinion. It
recognizes that if auditors simply applied the overall materiality throughout the
planning and conducting stages they would be taking an undue risk that material
misstatements were not detected by their audit work.
Broadly it serves two functions:
- To reduce the engagement risk (the risk that the aggregate of uncorrected
and undetected misstatements individually below materiality will exceed
materiality for the financial statements as a whole) to an acceptable level;
- To provide a safety net against the risk of undetected misstatements.
Performance materiality must be set at a percentage of the overall materiality
so as to allow us a margin or buffer for the possible undetected misstatements that
may occur during the engagement. We use a sliding scale of % based upon an
estimate of the engagement risk associated with the client.
Table 4: The ratio of engagement risk
Engagement Risk
Low Low to Medium Medium Medium to High High
90% 85% 80% 75% 70%
1.2.2.1.2. Tolerable misstatement (TM)
When auditors allocate the performance materiality to account balances, the
materiality allocated to any given account balance is referred as tolerable
misstatement.
It is necessary to allocate the performance materiality to each account
because the auditor needs to accumulate enough evidence of the account rather
than the whole financial statements. If the auditor allocates the performance
materiality for each account, it will help them determine the appropriate audit
evidence (Arens, 2012).
Materiality for each account is also known as the omitted error for that
account. The auditor allocates the performance materiality to the accounts on the
Balance Sheet and the Income Statement. However, Balance Sheet and the Income
Statement items are related to each other. Most of the deviation of the items on the
Income Statement affect the accounts on the Balance Sheet (because, according to
the double-entry principle, all transactions involved in the Income Statement are
related to the accounts on the Balance Sheet). So it is not necessary to allocate the
performance materiality to the accounts on the Income Statement (Arens, 2012).
The auditor faces three major difficulties in allocating materiality to balance
sheet accounts:
- Auditor expects certain accounts to have more misstatements than others

- Both overstatements and understatements must be considered
- Relative audit costs affect the allocation
There are 2 methods to allocate the performance materiality to the segments.
Method 1: allocating performance materiality for each account follow value
of each account
After setting the initial materiality for the overall financial statements, the
auditor allocates this level to each account, each segment and each indicator on the
financial statements to form the materiality for each account, each segment or each
indicator. The materiality used for allocation to each account is the performance
materiality MP (Performance materiality by a certain percentage compared to
overall materiality). The auditor allocates a materiality for each account at the
performance materiality to ensure the prudence principle that all misstatements are
detected by the auditor and misstatements not detected by the auditor that do not
exceed the defined overall materiality (PM).
The materiality allocated to each account are usually performed on the
following principle bases:
+ Based on the policy of allocating the overall materiality to each account on
the financial statements
+ Inherent risk and control risk which are assessed by the auditor for each
account. If the inherent risk and control risk is assessed as high for a particular
account, this account will be allocated a low tolerable misstatement and vice versa.
+ The auditor’s experience of the misstatements and frauds in respect of such
accounts.
+ The audit cost for each account. If the account requires evidence collection
to be more costly then the tolerable misstatements are more than and vice versa.
The advantages of this method helps the auditor selects the objects in detail
and selects the appropriate test methods. After testing, the materiality for each
account is the basic to collating the misstatements of the account to form a
conclusion on this account. However, this method also has the disadvantage that
the importance allocation depends on the subjectivity of the auditor.
Method 2: Using the performance materiality for all accounts on the
financial statements
Following this method, the auditor does not allocate the materiality for each
account, the auditor only use a general materiality for all accounts on financial
statements. This materiality is different between auditing companies.
MP= (50% - 75%) x PM

The disadvantages of this method is that the materiality is applied for all
accounts; therefore, all accounts, regardless of their balance or nature differences,
are applied a general materiality for the whole audit.
1.2.3. Relationship between materiality and audit risk
Materiality and audit risk are closely related, determining the materiality is
very important for the evaluation of the audit risk. If materiality increases, the audit
risk will decrease. It means that, the auditor increases the value, when the auditor
increases the value of errors can be ignored, then the possibility of material
deviations will decrease and the audit risk will obviously decrease. In contract, if
the tolerance level is reduced, the audit risk will increase.
Besides that, the auditor should consider factors that may cause material
misstatement on the financial statements. There is not consistent rule or principle
in establishing materiality, therefore, the auditor must use the knowledge as well
as the professional judgment to perform this assignment. Considering the
possibility of material misstatements in the accounts as well as the specific
transactions will help the auditor to zone the areas to be considered, design the
content, timing and scope of auditing procedures so that the financial statements
risk are material misstated will be reduced to an acceptable level as well as
maintaining a balance between auditing costs and quality.
Applying the materiality and audit risk concepts in the audit process is an
important issue. However, in order to make good use of these issues to improve
the effectiveness and efficiency of the audit, the requirements: The auditor and
auditing firm must have a methodology to establish a materiality and a risk
assessment process that is effective and appropriate for different customers.

Chapter 2. Assessing audit risk and materiality at
planning stage of the financial statements audit conducted by
Auditing and Accounting Limited Liability Company
2.1. Overview about Auditing and Accounting Limited Liability Company
2.1.1. Historical development of Auditing and Accounting Limited Liability
Company
AAC previously named Auditing and Accounting Company attached to the
Ministry of Finance, incorporated in 1993, and restructured in 1995, is one of the
earliest audit firms established and operating in Vietnam.
AAC is a member of Prime Global, based in the United States, with more
than 300 independent accounting firms operating in 90 countries around the world.
AAC provides a full range of professional services, such as auditing, accounting,
finance and investment advisory, tax advisory, training and staffing services…
AAC was nominated by Ministry of Industry and Trade to be one of the top
five audit firms in Vietnam and awarded with honorable prize Top Trade
Services”. AAC was nominated by the Voice of Vietnam, Ministry of Industry and
Trade, Ministry of Information and Communication, Ministry of Culture, Sports
and Tourism,…and awarded with the “Typical Vietnamese Enterprises” Golden
Cup; Vietnam Association of Securities Business (VASB), Vietnam Securities
Magazine (State Securities Committee), Credit Information Center of State Bank
of Vietnam conferred the title “Prestigious Audit Organization for Listed
Companies”.
2.1.2. AAC Missions of Auditing and Accounting Limited Liability Company
AAC operates under the motto “Quality in every single service” and well
observes the principles of independence, integrity and confidentiality in our
rendered services. Our operational objective is to assist our clients and
stakeholders in protecting their legal rights and interests; providing earnest
information and optimal solutions for business management and corporate
governance.
The company’s strategic vision is to become a leading professional service
provider in Vietnam. With the professionally capable and devoted leadership team,
AAC pledges efforts to bring our clients the true value of each service the company
renders. AAC is taking steady steps in the development of a prestigious and quality
brand name in order to meet the clients’ trust and expectation their service
engagement with AAC. Moreover, AAC place great attention in creating an ideal

working place and modern corporate culture that deserve the first choice of well-
qualified and ethical professionals in their pursuit of career and talent
development.
2.1.3. Types of services provided by Auditing and Accounting Limited
Liability Company
Being a member of Prime Global, AAC has the conditions to provide
innovative services. Auditing and consulting professionals are trained with
internationally recognized standards of Prime Global. Thus, AAC has the ability
to offer customer quality related services. Our company is expanding business
lines to fulfill customers’ demands in domestic area. Our main lines are as below:
2.1.3.1. Audit and Assurance Services
Requirements for more financial transparency and information disclosure
place a great deal of challenging pressure on enterprises. The engagement by
trusted auditors with profound knowledge of the industry and strong devotion is
crucial for a company. This is because the audit results are not only for statutory
compliance purposes but also enhancing the quality of accounting and finance
work at the company.
Providing independent audit services has always been the strength of AAC.
Our audit procedures and processes are designed and applied on the basis of a
thorough understanding of business operations and environment of engaged
clients. Besides, with a wide pool of experienced, well-educated auditors,
consultants, AAC is capable of providing practical advice and solutions optimized
for business operations, as well as for the selection and making sound investment
decisions.
AAC is pleased to serve our clients with the following audit services:
- Audit of financial statements;
- Audit of investment finalization accounts;
- Audit of financial statements for tax purposes;
- Operation audit;
- Compliance audit;
- Internal audit;
- Agreed upon procedure review of financial information;
- Other audit-related services.
2.1.3.2. Tax consulting services
Vietnam’s tax legislation has been in state of constant change in recent years
caused in particularly by the need to align the country with requirements upon
entry to WTO. Several significant reforms have been implemented just recently in

order to bring tax legislation into line with international tax practices, with the aim
of closing loopholes and also to attract investment. However, Vietnam's tax law
remains complicated, and enforcement can often be unpredictable. Thus,
businesses and investors will need to stay closely in touch not only with tax law
itself, but also with the way in which it is interpreted by the tax authorities. With a
team of well-trained and experienced tax consultants, AAC offer a full range of
tax services, including:
- Full-scale tax advisory package;
- Review and assessment of tax obligations fulfillment;
- Advisory on tax declarations and returns;
- Advisory on application of double taxation avoidance regulations;
- Tax planning and structuring;
- Advisory on tax implications regarding future contracts or financial
decisions;
- Support to update changes in tax policy;
- Other tax – related services.
2.1.3.3. Accounting and Reporting services
In the process of business management, entrepreneurs need timely, accurate
and reliable information for making business decisions. The information about
financial accounting plays an important role in every single business decision of a
company. It requires that a company must establish and maintain an accounting
apparatus compatible and relevant for generating accurate and useful information.
Vietnamese legal system on accounting and auditing standards is in the
process of gradual improvement and integration to international accounting
practices and conventions. However, due to its particular business environment,
the legal framework and economic institutions, Vietnamese accounting system still
have many distinctive features. Thus, it is not a simple job to stay abreast to
changes in accounting field in Vietnam. In some cases the specific application of
specific, a company needs prompt advice and support to ensure timely financial -
accounting information suitable and reliable for business decisions.
AAC supports clients with the following professional services:
- Bookkeeping services;
- Advisory on accounting treatment;
- Advisory on preparation of financial statements;
- Conversion of financial statements in accordance with IAS, IFRS;

- Advisory on adoption of accounting methods and improvement of
accounting system;
- Other accounting – related services.
2.1.3.4. Finance and Investment Advisory Services
AAC takes pride in provision of strategic advice on governance, finance, and
investment matters to businesses. The well-qualified specialists have undertaken
several successful engagements in field of finance and investment, ranging from
corporate privatization to listing procedures, M&A, corporate restructure, design
and implementation of internal control systems…
AAC’s professional services are tailored and rendered on the basis of in-
depth knowledge of legal framework, technical requirements, and taking into
account prima interest of our clients. This approach enables entrepreneurs,
investors and stakeholders to make appropriate choices, while securing compliance
with legal requirements and fruitful investments
AAC’s advisory services on finance and investment include:
- Advisory on business start-up, corporate governance;
- Advisory on setting up internal financial regime;
- Services of asset valuation, business valuation;
- Review of financial statements prior to M&A;
- Forensic audits;
- Procedural advisory on M&A, business dissolution;
- Other advisory services on finance and investment.
2.1.3.5. Training and Staffing services
Apart from the conventional services of audit, accounting and advisory, AAC
invests greatly in broadening and diversification of rendering services.
AAC takes pride and advantages of high qualified and experienced staff in
offering value added training services. AAC constantly opts out education and
training courses in fields of accounting, auditing and taxes to regular clients and
other learners.
In addition, AAC is pleased to assist in the selection and testing applicants
for client’s company’s accounting and internal audit divisions.
Services of training and recruitment include:
- Training courses for chief accountant;
- Training courses for internal auditors;
- Updating knowledge on accounting, finance and audit;

- Training courses for accounting practice;
- Training courses on taxes;
- Recruitment assistance and testing accountants, internal auditors;
- Work permit and payroll services;
2.1.4. Management organization structure and human resources in AAC
AAC always regards the staff as the most valuable asset of the company.
AAC undertakes to create great working conditions for all staff and maximum
supports for their pursuits of higher education and career development.
The structure of AAC is as below:

Chart 2: The structure of AAC
Secretary
Head manager
General Director
Vice
director of
Financial
Statement
Audit
Vice director
of Financial
Statement
Audit
Vice director
of
Technology
Vice director
of Capital
Construction
Audit
Department of
Capital
Construction
Audit
Room
1
Quality
control
Administration
and Accounting
Department
Academic
consulting
Department
Branch
HCM
Room
1
Vice director
of Capital
Construction
Audit
Room
2
Room
3
Room
2
Room
3
Branch
HN
Room
4
Room
5
AAC Auditing and Accounting Limited Liability Company

2.1.5. Overview of the process of the financial statement audit conducted by
2.1.5.1. Client acceptance and continuance
AAC Auditing and Accounting Limited Liability Company establish policies
and procedures for deciding whether to accept new clients or retain current clients.
The purpose is to minimize the likelihood that an auditor will be associated with
clients who lack integrity. This investigation is professional judgment, having a
great influence on the whole audit process, thus AAC appoint a member of the
managers who is an experienced and highly qualified auditor directly conduct, give
the preliminary opinions then transmits to the audit team. This assessment is made
on the basis of the most general information about customers to conduct customer
rankings in one of three categories: The low risky level, normal risky level or high
level risky customers. The information considered is usually the industrial
characteristics, organizational structure, and control environment, financial
situation. There are differences between evaluating a prospective client and
continuing a current client. In the case of a continuing client, the auditor has more
knowledge about the entity’s operations and management’s integrity
After making a decision to accept the client, AAC will sign the audit contract
with client and then select the audit team for each client. The amount of members
in each team may vary because of the size of each client. Basically, one team has
6 members: 1 audit manager, 1 senior auditor, 1 auditor and 1 or 2 auditor
assistants. When AAC and their client have agreement about audit contract, AAC
will start making the audit plan.
2.1.5.2. Planning the audit
Audit planning helps auditors to gather sufficient and appropriate evidence,
as well as help the audit company calculate the reasonable costs. The audit plan
will serve as a basis for auditors to control and evaluate the quality of work that
has been performed. According to the Vietnamese auditing standard 300 "auditors
and auditors should make an audit plan to ensure that the audit has been carried
out effectively”
The audit planning sequence consists of
- Review customer acceptance and contract risk assessment.
- Make audit contract and select auditing group.
- Understand customer and operating environment.
- Understand customer and operating environment.
- Preliminary analysis of financial statements.
- General assessment of internal control system and risk of fraud.
- Determine the materiality.

- Determine the sampling method - sample size.
- Synthesis audit plan.
2.1.5.3. Performing the audit
Performing an audit is the process of using audit techniques that are
appropriate to a particular auditor to collect audit evidence. It is the process of
implementing an audit program to provide reasonable assurance about the
appropriateness of the financial statements on the basis of sufficient and reliable
audit evidence.
During this period the auditors follow the plan set up to carry out, in the
process of implementation may be adjusted to supplement the plan accordingly.
The process of performing an audit includes conducting control tests and
performing substantive testing (including detailed analysis and testing procedures,
balances).
Audit program includes
- Auditing objective: Obtaining valid audit evidence on one or more of the
financial reporting documents.
- Audit assertion: Existence, completeness, accuracy, cut-off, classification
rights and obligations, presentation and disclosure.
- Implementation procedures: general procedures, analytical procedures,
detailed examination procedures, other auditing procedures
After completing the procedures and gathering the necessary evidence
auditors concludes whether the objectives of the item have been achieved.
Auditors fully presents the work performed during this period on the working
paper. Working papers are the basis and proof of the audit report. Because audit
reports on financial statements are provided on the basis of audit evidence
gathered. Working papers are the legal basis for the audit work. The working
papers must be clear, and the work performed by auditors must be proven, not
ambiguous. A working paper must consist of 4 contents: Work done, results (audit
data, comparison with financial statement data) and auditors' conclusion.
Below are the detailed audit programs in the audit procedure:
- Cash audit program.
- Account receivable audit program.
- Advance payment for sellers audit program.
- Deducted VAT audit program.
- Other receivables audit program.
- Inventory audit program.

- Salary for employees audit program.
- Audit program of prepaid expenses.
- Program of checking account of mortgage, deposit, short term deposit.
- Fixed asset audit program.
- Financial investment audit program...
2.1.5.4. Finishing the audit process
Finishing the audit is the final process of the financial statements audit. This
is the process where auditors will review the whole audit process, communicate
with customers and issue audit reports.
In this process basically there are contents:
- Before finishing the audit the team leader's meeting members to discuss the
issues identified in the working paper together with the accountant to clarify the
remaining issues. The problem needs to be resolved.
- The team leader makes the minutes of the meeting, exchanges and
exchanges with the board of directors of the clients and related persons.
- Use an analytical procedure to review the financial statements for the last
time, agree with the adjustments made to the customer and prepare the financial
statements, audit reports, closing records.
- Review the events that occurred after the audit.
- Consider the assumption of going concern.
- The head of the auditor sends his / her preparing working file and manages
the audit report to the vice director of the section of financial statement audit for
approval.
- Once the script has been approved, the team leader makes a formal audit
report, writes the management letter, signs it and submits it to the supervisory
board and the vice director for approval, and then sends it to the board of directors.
- End audit and finalize the file.
2.2. Preliminary assessment audit risk and materiality conducted by AAC
To illustrate for my graduation thesis, I would like to present the work of
assessing the materiality and audit risk in the audit planning stage at ABC
Company conducted by AAC Auditing and Accounting Limited Liability
Company.
Outline of client information:
Company’s name: ABC Company

Business operations:
- Trading books, newspapers, magazines, stationery (details: buying
textbooks, books, stationery)
- Hotel
- Restaurant
- Real estate business
- Warehousing and storage of goods in other warehouses
- Retail in supermarkets, trade centers
- Buying and selling cultural products and cultural objects
- Producing and trading teaching and learning equipment, electronics,
computers, formation technology, informatics software and office
equipment.
- Import and export of machinery, equipment and materials for education
- Producing and trading all kinds of packaging, wooden products
- Buying and selling sports equipment, children toys
- Freight business by car
Applied accounting period: January 1st
and ends on December 31th
2.2.1. Assessing the audit risk
Before determining the content, scope of audit, designing detailed tests, the
auditor at AAC always proceeds to find out the business operation and internal
control system of client. From then the auditor assessed the overall risk for the
whole financial statements. The auditor must assess and record each type of risk
on the basic of high – medium – low levels for each account and each assertion. In
order to make this assessment, the auditor bases on the information collected
during the process of understanding about the client’s business activities, the
understanding and evaluating the internal control system and from the analytical
procedures. And then, the auditors will assess the risk for each assertion of each
account which is high, medium or low.
At AAC, the audit risk assessment process in the audit planning stage is
defined as below:
- Firstly, inherent risk will be assessed for overall financial statements and
for important balances or transactions.
- Secondly, the auditor assess control risk for the overall financial statements
and for important balances or transactions.
- Finally, based on the inherent risk and control risk assessed to determine
planned detection risk.
2.2.1.1. Assessing inherent risk
2.2.1.1.1. Assessing inherent risk at financial statement level
VSA No. 315 requires the auditor to have an understanding of the client and
the operating environment of the client. Before starting the audit, the auditor
assesses the risk of material misstatement through knowledge of the client. When

understanding about client and environment, the auditor will collect relevant
information including:
- General information about client: main businesses, the ownership
structure, the accounting methods used and so on.
- Information on the market situation and environmental factors affecting to
enterprise.
- The influence of key shareholders’ expectations on the actions of
management
- The target of management about plan and strategic
- The way that board of directors manages and supervises financial
activities.
- Operation and business situation
- Major changes in the size of client
- Knowledge about the accounting system applied.
General information about the industry, business sector as well as
information related to the accounting policies applied will help the auditor to
identify inherent risk on the financial statements as whole. Accordingly, the
auditor often assesses the inherent risk at high if the understanding of client shows
the following conditions:
- Operating in the environment with high complexity of the relevant
regulations.
- The change in business activities of the client
- There are major changes in the structure of the client such as
reorganization or unusual events.
- Lack of key financial personnel
- The change of the IT system involves reporting the financial information.
Collecting necessary information about the business situation of the client is
a continuous process of accumulation, including collecting, evaluating, and
reconciling information collected with evidence. However, the time spent
gathering this information depends on the size of client and the auditor’s prior
experience and understanding about the audited entity.
However, in actual, this step is usually performed only during the first year
audit at the client. The next year audits, the auditor often do not pay attention to
update new information about client that mainly re-use information collected in
the previous year.
For ABC client:
To help the auditor assess the inherent risk of the client in detail, the auditor
uses the form [A310] “Understanding client and operating environment”
(Appendix 1). The auditor gives the following main analysis:

- The operating environment and external factors affect the client: Through
the media as well as the general development of the local economy, the
auditor analysis:
o The auditor recognizes that Binh Dinh province has many colleges,
professional secondary schools, high schools, junior high schools
and primary schools. Therefore the demand for books and school
equipment is huge. This is the opportunity for the company
develop.
o The company purchases book from first-class distributors in the
system of Vietnam Education Publishing House.
o The business sector of the client is seasonal, focusing on the end
of 2nd
quarter and the beginning of the 3rd
quarter which us the time
of the school year of the students.
- The legal environment in which the enterprise operates: Through the
collection of establishment licenses and company charter, financial
statements, audit reports, inspections of the current year and the previous
year. The auditor documents:
o The company applies the Vietnamese accounting system in
accordance with Circular No. 200/2014/TT-BTC dated 22
December 2014 and the Vietnamese Accounting Standard issued
by the Ministry of Finance.
o In addition, the company also applied the law of accounting, tax,
and publishing law.
o VAT regulations:
 Textbooks and referenced books are non-taxable.
 Other books, teaching aids, dictionaries: the tax rate of 5%.
 Other activities are subject to the current tax rate
- Type of business and management: After reviewing the document about
the company, the minutes of the Board of Directors, the decisions of
appointing and dismissing the key positions in the company. The auditor
documents:

o The company has listed its shares with the stock code BDB at the
Hanoi Stock Exchange. The first trading day of the stock is 29th
January, 2010.
o Human resources: Board of Directors, Supervisory Board, Board
of Management and Chief Accountant have no change
- Measurement and evaluation of results: Through the audited financial
statements in the previous years, the auditor analysis:
o Revenue, profitability, dividends and payroll are assessed by
managers
o The business results have not changed much in the past 4 years
Based on these comments, the auditor makes the conclusion: There is no risk
associated with the overall financial statements.
2.2.1.1.2. Assessing inherent risk at account level
Inherent risk assessment in terms of account balance and type of transactions
depends on the following factors: the inherent risk level for whole financial
statements, the nature of account, the factors that influence the inherent risk on the
account balance and type of transaction on the basic of the auditor’s knowledge,
including the following factors:
- The nature of the account balance
- The size of the account balance
- Degree fluctuation, complexity and frequency of each type of account
- The results of the previous audit
- The economic transactions do not change frequently
At AAC, the auditor will assess the inherent risk associated with the
assertions of financial statements follow two levels: high or low. When the auditor
recognizes the material risks or other factors that cause the auditor to believe that
there is a high probability of material misstatement of the audit. The auditor will
assess the inherent risk at high level on the assertion of financial statements and
vice versa. Under AAC guidelines, the auditor should focus on the following
accounts when assessing the inherent risk at the level of accounts or assertions of
financial statements:
- Consider accounts with large balances: The auditor will focus on accounts
with large balances and identify potential violations in these accounts. By
reviewing, the auditor estimates the inherent risk in this account is high or
low, thus focusing on research.
The auditor bases on form working paper [A510] –“Preliminary analysis of
financial statements” (Appendix 2) to assess the inherent risk on each account.

After preliminary analysis of the financial statements, the auditors shall
synthesize and annotate major fluctuations or abnormal fluctuations. The auditor
then designs the underlying audit procedures for those items. Auditors expressed
in the paper [A520] - "Risk assessment of preliminary analysis procedures".
For ABC client:
The auditor calculates data on the Balance Sheet and the Income Statement
through 2015 and 2016. If any account has significant changes or unusual changes,
the auditor will focus on that account. Below, some accounts of significant change
are noted by the auditor in 2016:
 Analyzing the Balance Sheet
Table 5: Balance Sheet accounts with significant changes
Account
31/12/2016 31/12/2015 Difference
Before audit
(VND)
After audit
(VND)
%
Amount
(VND)
Cash 1,869,199,842 818,816,924 128.3% 1,050,382,918
Cash
equivalents
- 1,000,000,000 -100% (1,000,000,000)
Short-term
investments
2,500,000,000 2,000,000,000 25% 500,000,000
Provision
for
inventory
reduction
(306,010,850) (103,095,353) 196.8% (202,915,497)
Fixed
assets
4,528,607,925 4,888,740,610 -6,26% (306,132,685)
Long-term
prepaid
expenses
257,755,203 101,690,252 153.5% 156,064,951
Trade
payables
1,607,330,853 2,165,894,166 -25.8% (558,563,313)

 Analyzing Income Statement
Table 6: Income Statement accounts with significant changes
Indicators
2016 2015 Difference
Before audit
(VND)
After audit
(VND)
%
Amount
(VND)
Revenue
from sale of
goods and
rendering
of services
41,971,450,126 54,447,130,730 -22,9% (12,475,680,604)
Cost of
goods sold
36,967,317,597 49,132,981,485 -24,8% (12,165,663,888)
Other
income
885,978,000 693,784,230 27,7% 192,193,770
With data analyzed in conjunction with the audit experience of previous
audits, the auditor analyzed and commented on the following significant changes:
- Cash increase while cash equivalents decrease compared to the previous
year may be due to the company transfers 3-month term deposits into non-
current deposits, the auditor checks the existence of cash and cash
equivalent.
- Deposits with a term of up to 3 months increased from the previous year
due to the company has idle money to deposit bank. The auditor collects the
deposit contract, confirms the debt, and checks the existence of term
deposit.
- The provision for inventory increases, because the price of some books and
equipment decrease. The auditor examines the method of calculation
provision for inventory to ensure that it is estimated appropriately.
- Fixed assets decreases due to the company liquidation of fixed assets. The
auditor should inspects the company’s asset liquidation record, ensuring
that the liquidation of fixed assets is in accordance with current regulations.
- Prepaid expenses increased due to the company’s purchase of tools to serve
its business activities. The auditor examines the documents of these
transactions, ensuring that the tool account is accurately recorded.
- Trade payables decreases significantly due to the company paying the debts
for the suppliers. The auditor should examine confirms of debts, checks the
cut-off, ensuring that the amount of debts must be completely recorded.
- Revenue decreased sharply compared to last year due to the difficulties in
book trading, from 12 stores a year ago to 9 stores are operating. However,
revenue is recorded more than cost of goods sold, while the cash increased
sharply, the risk that the company has trend to overstated revenue. The
auditor analyzes the difference, examines the sample of the documents,

checks the cut-off of revenue which occurs both before and after the
accounting period to ensure revenue is recorded periodically, occurrence
and accurately.
- Revenue decreased by 22,6% but cost of goods sold decreased by 24,8%,
last year the cost of goods sold accounted for 91% of the revenue but this
year only accounted for 88% of revenue. The risk is that the company
records cost of goods sold inadequate and not consistent with revenue. The
auditor examine the method of recording the cost of goods sold, ensuring
that it is recorded coincide with revenue.
- Other incomes may increase due to the increase in income from disposal of
fixed assets. The auditor should connect with the person who work on fixed
assets to check the liquidation files to ensure record completely, accurately
and consistent with current regulations.
After preliminary analysis, the auditor has designed the audit procedures for
the accounts which is expressed at working paper [A520] (Appendix 3) as follows:
- Cash and cash equivalent: participate in cash counts, send confirmation
letters to the bank, in conjunction with detailed examination of transactions
arising before and after the end of accounting year to confirm the existence
of cash and cash equivalents.
- Short-term and long-term financial investment: Compare the balance of
financial investments this year compared to the previous year, collect the
deposit contract, send confirmation letters to confirm the existence of the
investment, check the estimated return on investments, examine the
presentation and classification of financial investments.
- Inventory: examine and evaluate the method of estimating the inventory
provision.
- Revenue: Select a sample of business arising before the end of the year,
check the document to ensure revenue really occurred.
- Cost of goods sold: Analysis the cost of goods sold by commodity group
and explains abnormal fluctuations. Select the sample to reconciliation
revenue recorded with the transferred cost of goods sold.
2.2.1.2. Assessing control risk
2.2.1.2.1. Assessing control risk at financial statement level
Internal control at the enterprise level often has a wide influence on the
operations of the client. Thus, internal control at the enterprise level sets the
standard for other components of internal control. Understanding of internal
control at the enterprise level will provide an important basis for assessing internal
control for important business cycles. The auditor judgment is used to assess
internal control at the enterprise level by interviewing, observing or examining the
documents.

The essence of the control risk assessment on the whole financial statements
is to assess the effectiveness of internal control system of client. The internal
control system review will be conducted through a questionnaire on internal
control and a review of the risk of frauds or errors and AAC has used the form
[A610] – “Assessment of the internal control system of the client” to perform this
task. In form [A610], assessment is limited to 3 components of internal control
system: control environment, risk assessment process and monitoring of control
activities, the auditor will evaluate on three factors:
Control environment: good control environment contributes to the
effectiveness of internal control system. Control environment involves
management of the Board of Directors, attitudes, perceptions and actions of the
board of directors.
The review and assessment of the control environment includes the following
key elements:
- Organizational structure and allocation of rights and responsibilities.
- Communication in business and compliance with ethics, communication
and governance practice. To address this issue, the auditor should look at
issues such as executive management philosophy, staff qualifications and
competences, human resources policies and so on.
In order to obtain an assessment of the above factors, the auditor usually
conducts an interview with the management, accountants and key staff in the
company, collects information, documents such as: Minutes of the board meeting,
documents on the organizational structure, tasks, powers of the important
individuals in the company, the rules and regulations applied in the company, the
budgeting plan, the approval procedures, and so on.
Risk assessment process: The auditor investigates and evaluates business
risk related to financial statements such as how do managers determine business
risk related financial statements? Does the company estimate the affecting of
financial? Does the company assess the likelihood of business risk? How are
detected business risks resolved?
Monitoring of control activities: The auditor asks questions about the
ongoing and periodic monitoring activities of the client. Through the process of
collecting information, the auditor documents:
- Does the client monitor the control activities?
- Is the internal control department of client has sufficient professional
experience? Has the report of missing internal control system been posted
to the Board of Directors? Have the policy, corrective measures are not?

For ABC client:
Control environment
- The company does not have regulations, policies on personnel and
administration.
- The company does not have ethical values regulations but the company is a
member of the Educational Publishing House, so ethical values are attached
much important.
- Management of the company has long experience in the field of book
business. Management meetings are held quarterly and when necessary.
- The Board of Directors has an interest in the internal control system but
does not specify in writing and regulation.
- The company has a simple structure in accordance with the law.
- The company does not have policies and standards for recruiting, training,
evaluating, promoting and dismissing employees.
Risk assessment process
After the auditor poses questions about business risk related to financial
statements. Managers do not identify business risk related to financial statements.
Monitoring control activities
The auditor poses the question of monitoring routine and periodic control
activities of client, the implementation of internal control system deficiencies.
Through the process of collecting information, the auditor commented:
- The Company has no policy to review the internal control system
periodically and to evaluate the effectiveness of the internal control system.
- The Company has a Board of Control but it is not effective.
- The Board of Directors has reviewed the recommendations related to the
internal control system launched by the independent auditor and
implemented the recommendations.
A complete set of 3 components of internal control system is provided in
working paper A610 (Appendix 4). Any "no" answer signifies the lack of adequate
and effective controls, which requires further investigation to determine whether
other control activities are being replaced. Each of the "Yes" answers will increase
the effectiveness of the client's internal control system. The auditor collected
information and completed the questionnaire.
After answering the above questions, the auditor concluded the overall
internal control system at the whole enterprise level as shown in the following
table:

Table 7: Conclusion about internal control system of client
Factors cause risk of
material misstatement at
the whole enterprise level
Controls reduce risk
Affected
account
Additional basic
audit procedures
Supervisory Board is
ineffective. Financial
statements risk is caused by
the pressure from business
results.
Comparison and assess
the reasonability.
Whole
financial
statements
Analysis business
results over time,
evaluate abnormal
fluctuations and
find out reason.
2.2.1.2.2. Assessing control risk at account level
After investigating and evaluating internal control system over the whole
financial statements, the auditor makes a preliminary assessment of control risk for
the main business cycles:
- Sales, receivables and collection cycle
- Purchase, payable and payment cycle
- Inventory, costing and cost of goods sold cycle
- Fixed assets and construction cycle
- Payroll and payables for employees cycle
The auditor does not always check all the cycles. This test depends on the
size of the business as well as the characteristics of client.
When learning about each cycle, the auditor will seek information on key
business aspects and accounting policies relevant to each specific cycle. Then, the
auditor evaluated the design and implementation of the main control procedures in
each cycle of the company.
Evaluation the design of the main control procedures: The auditor conducts
a review of the customer-provided documentation of control procedures,
interviews with relevant staff to determine whether the procedures are designed to
be appropriate, preventive, detect and correct the violations. If the control
procedure is not designed appropriately, it will be a weakness in the internal
control system.
Evaluation the implementation of the main control procedures: The auditor
will observe the operation of the internal control system as a matter of fact, as well
as sample transactions, documents and check whether the control procedures have
been carried out.
Understanding internal control system for first audit year auditors need a lot
of time and effort because the auditors do not have knowledge about client's
internal control system. As for the old client audit, understanding internal control
system will take less time. The auditor can refer to the knowledge and
understanding of client from the previous audits in combination with the changes

of the internal control system in the current year to determine the problems that
exist in the internal control system.
For ABC client:
At the company ABC, the auditor performs two cycles: "Sales, receivables
and collection cycle" and "Purchase, payable and payment cycle". I only present
the Sales, receivables and collection cycle because understanding the “Purchase,
payable and payment” cycle is same (Appendix 5).
ABC Company is old and long-term customer of AAC so the auditor used
audit records last year to assess control risks combined with interviews,
observation and review of client documents provided such as: financial statements,
accounting policies…with their experience. The auditor has some reviews as
follows:
Understanding the key business aspects of sales, receivables and collection
cycle:
- Revenue in 2016: Revenue from selling books, educational equipment and
stationery.
- Total revenue in 2016: 41,971,450,126 VND.
Understanding accounting policies:
- Revenue recognition: Revenue is recognized when the goods are delivered
to the purchaser and are not able to change the decision about the price or
the ability to return the goods.
- Accounting estimates: Provision for doubtful debts is made in accordance
with regulations
Describe the sales cycle
Step 1: Sales department works directly with customers, then submit to the
director for approval of the price, then the director will sign the contract. Based on
the contract, the customer makes an order to the sales department. After that, the
supply department invoices and sends the chief accountant to check and sign, then
transfer them to the director.
Step 2: Warehouse Departments
At ABC, use form 4 of added value invoice. Once the invoice is made and
signed, the storekeeper shall base on the invoice to be delivered to the warehouse.
Step 3: Deliver the goods to the customer
If the purchaser receives the goods and signs at the "Buyers" on invoice, the
goods are left out of the warehouse and handed over to the customer and the
storekeeper will return the receipt to the accounting department. If the purchaser
is distant or delivery through the carrier must sign the receipt.

If purchasers pay immediately in cash, sellers will issue receipts.
Step 4: Make a report and check periodically
Monthly, storekeepers will compare the total invoices issued in the month
kept at the warehouse with the accounting department. The receipts must be full
of signatures. Goods in the warehouse belong to the responsibility of storekeepers.
Monthly / quarterly, depending on the debt situation that the accounting
department sent confirm letters.
From the above analysis and understanding, the auditor concluded that the
discovery was described in the table below:
Table 8: Conclusion of the auditor about control risk on cycle
Describe risk Assertion Account Procedures
Revenue is recorded
incorrectly
Accuracy Revenue Sampling the sales transactions,
examining these transactions is
recorded in accordance with
contracts, invoices and shipping
documents.
Conclusion: Internal controls on sales, receivables and collection cycles are
generally designed in line with control and have been implemented.
The full working paper is shown in [A410]. (Appendix 6)
2.2.1.3. Assessing planned detection risk
Planned detection risks will be assessed based on the results achieved in the
inherent risk and control risk. Detection risk is calculated by the auditor through
the risk matrix.
Table 9: Risk matrix
Detection risk
Auditor assessment of control risk
High Medium Low
Auditor
assessment of
inherent risk
High Min Low Medium
Medium Low Medium High
Low Medium High Max
For ABC client:
Based on the auditor's assessment of inherent risk and control risk, use the
risk matrix to assess the risk of detection.
- The auditor assesses the inherent risk to the overall financial statements at
medium level.
- The auditor assesses the control risk for the overall financial statement at
high level.

The auditor assesses the detection risk at a low level to maintain an
acceptable level of audit risk.
The purpose of determining the planned detection risk is to establish the level
of performance of substantive tests. If the planned detection risk is at the lowest
level, the auditor will perform the substantive tests at the highest level to achieve
the desired audit risk. The work in this phase is done in the form [A910].
2.2.2. Assessing materiality
PM is a measure of the amount of materiality for the whole financial
statements and it will be used in the design of audit procedures to ensure that the
risk of undetected material misstatements had been reduced to acceptable levels.
Establishing the materiality is very significant, establishing the materiality that is
not appropriate will directly affect the detection of audit risks as well as the cost
of carrying out audits.
Therefore, to guide the auditor to evaluate the materiality, reduce the
arbitrariness of the auditor in the process of judging the materiality, AAC
establishes a policy that establishes the initial materiality for the overall financial
statement. The basic contents of this policy include the indicators for the original
and proportional brackets corresponding to each indicator. The definition of the
above indicators and proportional brackets is completely considered the
professional segment of each auditing company.
At AAC, the auditor performs the following tasks:
Step 1: Determining benchmark to assess materiality
The most commonly used benchmarks are:
- Profit before tax
- Revenue
- Total equity
- Total assets
Determining the benchmark depends on the information needs of the majority
of users use financial information and characteristics of each type of company.
AAC has provided specific guidelines for each type of company as follows:
- Non-profit organization: The auditor usually chooses total assets to assess
the materiality.
- Company newly come into operation or likely to go bankrupt: The auditor
usually chooses total assets or total equity.
- The enterprise is self-managed by the owner: The auditor usually chooses
profit before tax but appropriate adjustment because the profit before tax is
include the salary corresponding to the salary of owners.
- The company is listed on the Stock Exchange: The auditor usually chooses
profit before tax because this is an indicator which is interested by a lot of
people, especially shareholders of the company.

- The company is not listed on the Stock Exchange: The auditor usually
selects total equity or revenue because profit before tax does not reflect the
size of the company.
- Branches of transnational companies: Materiality is determined on the basis
of revenue and is 2% higher than unlisted companies on the Stock
Exchange.
Step 2: Select the appropriate ratio to determine the overall materiality:
AAC uses benchmark ratios similar to the Vietnamese Auditing Standards:
- Profit before tax: 5% - 10%
- Revenue: 0.5% - 3%
- Total equity: 1% - 5%
- Total assets: 1% - 2%
Step 3: Assessing the overall materiality (PM)
PM = Value criteria selected x the ratio used to estimate materiality
Step 4: Assessing the performance materiality (MP)
Performance materiality is a value determined by the auditor to reduce the
likelihood of errors to a reasonable low level to synthesize the effects of
unregulated and undefined errors not to exceed the materiality for the overall
financial statements.
At AAC, the auditor determines the performance materiality MP = (50% -
70%) x PM. This is the materiality used for the whole financial statements to
ensure that all errors are detected by the auditor and that errors not detected by the
auditor do not exceed the overall materiality (PM) determined.
Step 5: Determining the tolerable misstatements
The maximum level is 4% of the performance materiality. This is the level
prescribed by Vietnamese Auditing Standard. The difference less than this error
threshold does not need to be re-aggregated.
For ABC, the materiality determination is as follows:
For the ABC, the auditor determines total equity as the indicator chosen to
determine the materiality. Because as a joint stock company, the target of being
sensitive and gaining top priority is profit. However, in recent years, the profit of
the company is low. On the other hand, the auditor assess the risk in the company
at low, so the auditor should choose criteria equity to determine the materiality,
this indicator is the least volatile over the years. Materiality is calculated as
following table:

Table 10: Setting the materiality of ABC
Total equity 12,958,532,172 VND
The ratio used to assess materiality 2.0%
Overall materiality (PM) 259,170,643 VND
The ratio used to assess
performance materiality is (50% -
75%).
60%
Performance materiality (MP) 155,502,386 VND
The ratio used to calculate the
threshold for individual
misstatement (0% - 4%)
4%
Threshold for individual
misstatement
6,220,095 VND
ABC is a joint stock company. Their target is profitability. However, recent
years the client's profitability is low. Therefore, the auditor selects the total equity
to calculate the materiality as this indicator is the least volatile over the years.
The auditor assesses the client's internal control system fairly well.
Therefore, the auditor choose the average ratio of 2% to evaluate the overall
materiality.

Luận văn xác lập mức trọng yếu và rủi ro kiểm toán (Tiếng Anh)

Luận văn xác lập mức trọng yếu và rủi ro kiểm toán (Tiếng Anh)

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Luận văn xác lập mức trọng yếu và rủi ro kiểm toán (Tiếng Anh)

Similar to Luận văn xác lập mức trọng yếu và rủi ro kiểm toán (Tiếng Anh) (20)

Recently uploaded

Recently uploaded (20)

Luận văn xác lập mức trọng yếu và rủi ro kiểm toán (Tiếng Anh)