(c) CA Campus

Auditing
The Planning stage
- Obtaining an understanding of the entity and its environment
Candice De Nobrega CA(SA)
[email protected]

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

Recap of the Pre-engagement activities

Clients integrity?
Ethical Engagement
requirements? letter?

Staff
competence,
capabilities, Vacancy?
resources &
time?

Decision on Recurring audit,

Client pay fee?
whether to significant
accept the matters in PY or
CY
engagement?

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

1
(c) CA Campus

Planning
Objective of an audit is to:
Obtain reasonable assurance about whether the financial statements as a whole are free
from material misstatement, whether due to fraud or error, thereby enabling the auditor
to express an opinion on whether the financial statements are prepared, in all material
respects, in accordance with an applicable financial reporting framework

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

Planning
What happens during the planning stage of the audit process?

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

2
(c) CA Campus

Planning

1. Obtaining an understanding of the entity and its environment including

internal control;

2. Develop the audit strategy

- Calculate materiality
- Identify and assess the risks of material misstatement at the overall financial
statement level and at the assertion level
- Respond to risks of material misstatement at the overall financial statement level

3. Develop the audit plan

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

Obtaining an understanding the entity and its

environment
ISA 315: Identifying and assessing the risks of material misstatement through
understanding the entity and its environment
The entity and its environment
1. Organisational structure

2. Ownership, governance & business model

3. Industry and regulations

4. Measures to assess financial performance

5. Financial reporting framework

6. Accounting policies
FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

3
(c) CA Campus

Obtaining an understanding the entity and its

environment
ISA 315: Identifying and assessing the risks of material misstatement through
understanding the entity and its environment
The entity and its environment

❖Information we gather from understanding the entity and its environment will help us
to identify risks of material misstatement in the AFS. Example:

❖Therefore in understanding the entity and environment the auditor is required

to consider how these inherent risk factors affect the susceptibility of assertions
to misstatement.
FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

Obtaining an understanding of internal control

ISA 315: Identifying and assessing the risks of material misstatement through
understanding the entity and its environment
Internal control:

The process the business follows to ensure:

1. Fair presentation of the financial statements
2. Compliance with laws and regulations
3. Effective and efficient operations

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

4
(c) CA Campus

Obtaining an understanding of internal control

ISA 315: Identifying and assessing the risks of material misstatement through
understanding the entity and its environment
Internal control

Control environment
Entity’s risk Monitoring of
assessment process controls
Information Control
system activities

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

Obtaining an understanding of internal control

Information system
SD’s
JNL/
AFS MF

TB GL
FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

10

5
(c) CA Campus

Obtaining an understanding of internal control

Control activities:
Control activities are put in place to address the risks of misstatements in
recording transactions.

What are the risks of misstatements in recording transactions:

1
2
3

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

11

Obtaining an understanding of internal control

Control activities:

▪ Authorisation
▪ Reconciliation
▪ Segregation of duties
▪ Access controls
▪ Good source document design

NB!!! You need to be able to link each control activity to an assertion

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

12

6
(c) CA Campus

Obtaining an understanding of internal control

Inherent Risks Control objective Control activity Assertion

1. Record 1. To ensure 1. Authorisation, 1. Occurrence
fictitious/ occurrence and pre# docs & and
duplicates authorisation reconciliation authorisation
2. Don’t record 2. To ensure 2. Pre# docs, 2. Completeness
& completeness reconciliation a
3. Record 3. To ensure 3. Reconciliation, 3. Accuracy, cut
incorrectly accuracy/cut segregation of off &
(amount, off and duties & IT classification
date, details) classification controls -
4. Theft 4. Safeguarding of 4. Access controls 4. Existence
assets
FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

13

Internal control and business cycles

Use the business cycles document for your cycles:

❖Revenue and receipts cycle

❖Acquisitions and payments cycle
❖Payroll and personnel cycle
❖Inventory and production cycle
❖Finance and investment cycle

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

14

7
(c) CA Campus

Internal control and business cycles

Legend for the cycles:

# Pre-numbered documents
Reconciliation
A Access controls (Physical and logical)
Authorisation
Segregation of duties

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

15

Class example 1
Refer to the class example document for the class question

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

16

8
(c) CA Campus

Obtaining an understanding the entity, its

environment and internal control
What can we as auditors do, to gather information about the client’s entity, it’s
environment and internal control?

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

17

Class example 2
Refer to the class example document for the class question

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

18

9
(c) CA Campus

Summary
We perform risk assessment procedures in order to understand the entity,
its environment and its internal control, including its business cycles,
therefore we can:

1. Start to develop the audit strategy

2. Identify inherent risks of misstatement
3. Identify control risks of misstatement and deficiencies in internal control

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

19

Questions you can expect

• Design a system of internal control for a specific transaction
• Identify weaknesses/control deficiencies in the business cycle and provide
recommendations to address the weaknesses
• Identify the appropriate assertion affected by the control deficiency
• Describe the impact of controls on the audit approach

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

20

10
(c) CA Campus

Lecture Preparation:
Next Week lecture pre-reading:

• Overall audit Strategy

• Materiality in planning and performing
• Assessment of risks of material misstatement at the financial
statement level
• Assessment of risks of material misstatement at the assertion level

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

21

Copyright © CA Campus

These notes enjoy copyright under the Berne Convention. In terms of the Copyright Act, no 98 of 1978, no part of this
material may be reprinted or reproduced, in any form whatsoever, either in whole or in part or by any electronic or
other means including the making of photocopies thereof, without the express prior written consent of the proprietor,
CA Campus.

No individual may share any CA Campus content or material with any other person.

The proprietor will not hesitate to prosecute any such offenders to the fullest extent of the law and to report their
details to:
• UNISA
• The South African Institute of Chartered Accountants (SAICA) for purposes of barring such persons from registering
as chartered accountants (SA), as such actions constitute a gross transgression of ethical principles, which is a
violation of the code of professional conduct of SAICA
• South African Police Service
• Any other relevant professional body / organisation including any employer

FOR USE BY CA CAMPUS STUDENTS ONLY © CA Campus

22

11