Major Phases of an Audit

1. Client Acceptance and Continuance

2. Preplanning help ensure that the auditor has considered any events
and circumstances that may adversely affect the auditors ability to
plan and perform the audit engagement to reduce audit risk to an
acceptably low level
Includes:
a. Understanding of the entity and its environment is a
continuous, dynamic process of gathering, updating and
analyzing information throughout audit.
Objective: to assess business risks faced by the entity
The auditor should include info on each categories:
Industry (market and competition),
regulatory(accounting principles, govt. policies like
forex controls, trade policies) and other factors
(interest rates, inflation, economic condition)
Nature of the entity refers to the entitys
operations, ownership, types of investment it is
making and plans to make and the way the entity is
structured and how it is financed
Provides the auditor a better idea of what to
expect in the FS.
Objective and strategies and related business risks
The auditor does not have a responsibility to
identify or assess all business risks because not all
business risks give rise to risks of material
misstatement
 Business risk
Measurement and review of the entitys financial
performance is directed at whether business
performance is meeting the objectives set by the
management or third parties (3rd parties external
information such as analysts reports and credit
rating agency)
Performance measures create pressures on the
entity in turn, it may motivate management to
improve the business performance
Internal control a process designed and effected
by those charged with governance, management,
and other personnel to provide reasonable
assurance about the achievement of the entitys
objectives with regard to reliability of financial
reporting, effectiveness and efficiency of
operations and compliance with applicable laws
and regulations (PSA 315)
*Chapter 8 broad discussion
b. Determining the audit engagement team requirements
Having the proper degree of technical training,
proficiency and competence to handle the
engagement
Factor to consider: personnel availability and
timing of work, expertise
To determine whether to accept the engagement,
it is appropriate to consider the use of consultant
and specialists
An auditor is not expected to have the expertisr of
a person trained for, the practucr if another

2
 profession or occupation. (PSA 620 Using the Work
of an Expert)
*Chapter13
c. Ensuring independence of the audit team and audit firm
The engagement partner should ensure that all
individuals assigned to the engagement are
independent of the client accomplished by
reviewing the annual independence report of each
member of the audit team

3. Assess Risk and Establish Materiality

Risk assessment procedures are the audit procedures performed to
obtain an understanding of the entity and its environment, including
the entitys internal control, to identify and assess the risks of material
misstatement, whether due to fraud or error, at the financial
statement and assertion levels
Information obtained by performing risk assessment procedures and
related activities may be used by the auditor as audit evidence to
support assessment of the risk of material misstatement.
o Audit risk is the risk that the auditor expressed an
inappropriate audit opinion when the FS are materially
misstated
- Can be directly controlled by the scope of the auditors test
procedures
o Auditors business risk is the auditors exposure to loss and
injury to professional practice from litigation, adverse publicity
or other events arising in a connection with FS audited and
reported on
- Cannot be directly controlled

3
 - A thorough understanding of business risk increases the
likelihood of identifying material misstatements in the FS
o Audit risk Model helps the auditor in determining the scope of
auditing procedures for a particular account balance or class of
transactions
Formula: Audit risk = inherent risk x control risk x detection risk
Audit risk is a function of financial statement risk and detection risk
Financial statement risk components:
a. Inherent risk is the susceptibility of an assertion to a
misstatement which could be material assuming there
were no related internal controls
b. Control risk is the risk that a misstatement that could
occur in an assertion and that could be material
individually or when aggregated with other
misstatements will not be prevented or detected and
corrected on a timely basis by the internal control
The auditor has no control over the extent of either
inherent or control risk, but they have to assess them in
process if determining the extent of the detailed
substantive procedures to be carried out
Detection risk risk that the auditors procedures will not
detect a misstatement that exists in an assertion that could
be material
Detection risks results from two uncertainties:
Sampling risk the possibility that the auditors
conclusion based on sample may be different from
the conclusion that would have been reached if the
entire population were subject to the same audit
procedure

4
 Auditor can minimize sampling risk by adjusting the
sample size and using the appropriate method
Non-sampling risk risk of the auditor arising from:
Inappropriate or ineffective audit procedures
Failure to recognized errors in the sample tested
Misinterpretation of evidences obtained
It can be minimize by careful design of the audit
procedures and proper instructions, adequate
training, effective supervision, and review of the
audit team
o Detection risk can be controlled by the auditor through scope
o Steps to follow using audit risk model:
Determine planned audit risk
Assess inherent risk
Assess control risk
Determine allowable detection risk
o Risk assessment procedures are the audit procedures performed to
obtain an understanding of the entity and its environment, including
the entitys internal control, to identify and assess the risks of material
misstatement, whether due to fraud or error, at the financial
statement and assertion levels
o Information obtained by performing risk assessment procedures and
related activities may be used by the auditor as audit evidence to
support assessment of the risk of material misstatement.
o Risk assessment procedure:
Inquire of management and of others within the entity

Analytical procedures

5
 Observation and inspection
4. Plan the Audit
o Planning results in an orderly arrangement of the parts or steps
to achieve the desired objective
o Auditing standards required the auditor to plan the audit so that
engagement will be performed in an effective manner
It involves:
Establishing the overall strategy
Developing an audit plan to reduce audit risk to an
acceptably low level
o In developing the audit plan, the auditor should be guided by the ff:
The procedures performed to gain and document
an understanding of the entity
Results of risk assessment process
Assessing preliminary level for control risk by
account and assertion
Control risk is the risk that material
misstatement that could occur in an account
balance or class of transactions will not be
detected or prevented by internal controls
Considering the possibility of non compliance
with law and regulations
PSA 250 require that the auditor plans the audit
to obtain a general understanding of the legal and
regulatory framework applicable to the entity
Noncompliance with laws and regulations may
cause the entity to cease operation

6
 Noncompliance refers to acts of omission or
commission by the entity being audited,
intentional or unintentional, which are contrary
to the prevailing laws or regulations
An audit cannot be expected to detect
noncompliance with all laws and regulations.
Example: investigation by govt dept. or payment
of fines or penalties, purchasing at price
significantly above or below market price
The auditor may have to notify parties outside
the client such as regulatory and enforcement
authorities
Identify related parties
Management is responsible for identifying and
disclosing related party relationships and
transactions
Conduct preliminary analytical procedures
Objective:
To enhance the auditors understanding of the
entity and its environment
To identify unusual relationships and unexpected
fluctuations in FS accounts that may indicate
areas greater misstatement
Developing an overall strategy and prepare and
audit plan
Overall audit strategy sets the scope, timing,
and direction of the audit and guides the
development of the more detailed audit plan
Audit Plan- is more detailed than the overall audit
strategy and includes the nature, timing and

7
 extent of audit procedures to be performed by
engagement team members in order to obtain
sufficient appropriate audit evidence to reduce
audit risk to an acceptably low level
Considering additional value-added services