RISK RESPONSE PHASE

Steps in the Risk Response Phase

Now that we have gained

an understanding of the
entity including the risks,
we respond to those risks.
Key Audit Matters
• In responding to risks, auditor determines Key Audit Matters (‘KAM’).
They are;

• Those areas of higher assessed risk of material misstatement

• Areas involving significant auditor judgments and management
judgment, including accounting estimates with high estimation
uncertainty; and
• Significant events or transactions that occurred during the period.
Potential examples of Key Audit Matters
• Certain complex areas relating to revenue recognition
• Provisions and contingencies
• Taxation matters (multiple tax jurisdictions, uncertain tax positions,
deferred tax assets)
• Assessment of impairment
• Put arrangements over non-controlling interests
• IT systems and controls
Benefits for the stakeholders from Reporting of
Key Audit Matters in Auditor’s Report
• Greater Transparency
• Increased communication between auditors and Those Charged with
Governance
• Increased usefulness of disclosures in financial statements
• Better and clear information on significant areas
• Meaningful information for decision making and increased confidence
• Lenders can be made aware of how the company is managed
Communicating KAM
• Now, when doing the audit report, there is a section for Key Audit
Matters. You will communicate those to the board and management
and users.

• Why such matter was determined to be significant in the audit and

consequently considered to be the key audit matter
• How such matter was addressed in the audit
The Response Audit Plan
• The objective is to obtain sufficient appropriate audit evidence
regarding the assessed risks.
• By designing and implementing appropriate responses to the
assessed risks of material misstatement at the financial statement
and assertion levels.
• The starting point for designing an effective audit response is the
listing of assessed risks.
Overall Response
• Pervasive risks at the financial statement level (risks such as a
deficient control environment and/or the potential for fraud that
could affect many assertions) are addressed through the design and
implementation of an overall response.
Detailed Audit Plan or Tailored Audit Plan
• This is the plan developed for specific account balances and
transactions to be tested
• They contain the tailored procedures to conduct the tests
• The documents to obtain and what tests to conduct
• Whom to talk to
The Auditor’s Toolbox
• In developing the detailed audit plan, the auditor would use his/her
professional judgment to select the appropriate types of possible
audit procedures.
• An effective audit program will be based on an appropriate mix of
procedures that collectively reduce audit risk to an acceptably low
level.
Substantive Procedures
include Tests of Details
and Analytical Procedures
Substantive Tests
• Substantive tests comprise tests of details and analytical procedures
• These are the core activities that the auditor does to obtain evidence
• They are the gist of the audit plan
• Substantive tests generally include;

✓Obtaining & examining documentation

✓Re-performing procedures
✓Inquiring
✓Observing
Test of Controls
• An audit procedure designed to evaluate the operating effectiveness
of controls in preventing, or detecting and correcting, material
misstatements at the assertion level.
• Tests of control are usually short, quick tests which generate either a
‘yes’ or a ‘no’ answer,
• Where ‘yes’ is favourable (confirming the operation of an internal
control),
• And ‘no’ is unfavourable (indicating that an internal control is not
operating satisfactorily).
Example
• When auditing a company’s purchases system and internal controls,
and the assertion of occurrence (that recorded purchases represent
goods and services received and which pertain to the entity). An
appropriate internal control would be that purchase orders are raised
for each purchase and are authorized by appropriate senior
personnel.
• A test of control would be to examine a sample of purchase orders to
ensure that they have been appropriately authorised. A ‘yes’ answer
would confirm that the internal control requiring authorisation of
purchase orders is working, whereas a ‘no’ answer would indicate
that the internal control does not appear to be working, hence
requiring further audit investigation.
Example
• Another example of a test of control for a purchases system would be
to inspect a sample of goods received notes to confirm that stores
inwards staff sign for goods received. Once again, a ‘yes’ answer is
positive, confirming that staff have signed the goods received note
and a ‘no’ answer would be negative, requiring further audit work to
be carried out to determine why the goods received note had not
been signed. This test of control would also help to confirm the
occurrence assertion.
Substantive Tests of Details
• The auditor shall always carry out substantive procedures on material
items irrespective of the assessed risks of material misstatement
• They are time consuming, requiring more detailed audit work to be
carried out.
• Substantive procedures will invariably tend to involve more work than
tests of control.
Example 1
• Consider once again the example of the purchases system and the
assertion of existence for account balances in the statement of
financial position.
• Typical tests of detail would involve verification of year-end balances,
• This would include selecting a sample of supplier accounts in the
purchase ledger and agreeing the closing balance figure to the
supplier’s statement
• or even possibly requesting third party confirmation by the supplier
of the amount outstanding.
Example 2
• Cut-off testing would also be typically carried out on year-end
purchase ledger balances, which would involve obtaining a sample of
pre- and post - year-end goods received notes and agreeing these to
the matching pre- or post-year-end purchase invoices, to ensure that
only goods received before the end of the accounting period were
included. This test would also help to confirm the assertion of
existence.
Substantive Analytical Procedures
• While tests of details are planned and carried out at this stage only,
• Analytical procedures are carried out at the planning stage, fieldwork
stage and reporting stage.
• At the planning stage, analytical procedures are basically ratio analysis
• to see the relationships and differences that exist in order to identify
areas of potential misstatement
• In most cases, these relationships should remain consistent over time
Example
• Reviewing the current ratio over several reporting periods. This
comparison of current assets to current liabilities should be about the
same over time, unless the firm has altered its policies related
to accounts receivable, inventory, or accounts payable. This is a form
of ratio analysis.
• Current ratio is the ability of the company to use its current assets
(cash, receivable and inventory) to offset its current liabilities.
• If the ratio is 4 then it means the company has the ability to settle its
current liabilities 4 times over when they fall due
Key ratios used in analytical procedures
• The financial ratios used by the auditor will fall into 3 general categories:

• Profitability/Return
• Gross Margin
Net Margin
ROCE

• Liquidity/Efficiency
• Receivables/Payables/Inventory Days
Current Ratio
Quick Ratio

• Gearing
• Financial Gearing
Operational Gearing
Substantive Analytical Procedures in
Fieldwork
• It involves a four-step process;
• Form an expectation. The auditor develops an expectation of an account balance or
financial relationship. Developing an independent expectation helps the auditor apply
professional skepticism when evaluating reported amounts.
• Identify differences between expected and reported amounts. The auditor must
compare her expectation with the amount recorded in the company’s accounting system
and then compare the result to the auditor's threshold for analytical testing. If the
difference is greater than the threshold, the next step is to investigate the source of the
discrepancy.
• Investigate the reason. The auditor brainstorms all possible causes and then determines
the most probable cause(s) for each discrepancy. Sometimes, the analytical test or the
data itself is problematic, and the auditor needs to apply additional analytical procedures
with more precise data.
• Evaluate differences. The auditor evaluates the likelihood of misstatement and then
determines the nature and extent of any additional auditing procedures.
Example
• An auditor may do a rough depreciation estimate using the method
and useful life and value of the assets to come up with a rough
estimate and then compare that to the client actual.
• And again if this is a low risk account and it's smaller in value you
might say that that provides sufficient and appropriate audit evidence
to say that the valuation assertion for depreciation is appropriate
now.
• Its normally applied to account balances and transactions that are
smaller in value and low risk of material misstatement
Substantive Analytical Procedures at End of
the Audit
• Substantive Analytical Procedures are performed again at the end of
the audit to see if the differences still exist
• When you conducted the audit, you would have identified what
caused those misstatements and reported to management and it was
corrected
• However, if it still remains then you need to go back and do more
work
• If it doesn’t then you are good to sign off on the report