SAICA Frequently

Asked Questions
Application of the
requirements of the
International Standards
on Auditing in relation
to matters arising from
monitoring findings and
other in-practice
challenges
Updated August 2022

Issued July 2017 Page | 0

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 SAICA FREQUENTLY ASKED QUESTIONS
Application of the requirements of the International Standards on Auditing in relation to
matters arising from monitoring findings and other in-practice challenges

Please note:
• Every effort has been made to ensure that the information in this document is complete and accurate.
Nevertheless, information is given purely as guidance with respect to the subject matter and SAICA will
have no responsibility to any person for any claim of any nature whatsoever which may arise out of or
related to the contents of this document.

• The information provided in this document does not constitute legal advice and should be read in that
context.

• Where the document suggests a particular view, such a view is based on SAICA’s interpretation at that
point in time, of the relevant laws, regulations, standards, codes and related pronouncements. Although
SAICA has consulted with the Independent Regulatory Board for Auditors (IRBA) and the Assurance
Guidance Committee (AGC) of SAICA, it is possible that a different view may ultimately be followed in
practice.

• This document has not been subject to any formal process of the IRBA or SAICA and merely outlines the
outcome of the engagements between the IRBA and the AGC.

• This is a live document that is subject to change and is non-authoritative.

• This document does not impose requirements on auditors beyond those included in the International
Standards on Auditing (ISAs) and does not change the auditor’s responsibility to comply with all ISAs
relevant to the audit and with each requirement of an ISA (unless, in the circumstances of the audit, an
entire ISA is not relevant, or a requirement is not relevant because it is conditional and the condition
concerned does not exist).

• Although specific references to the ISAs have been included in this document, the auditor is still required
to have an understanding of the entire text of the ISAs to assess whether or not any particular FAQ is
relevant to an engagement, and if so, to enable the auditor to apply all the requirements of the particular
ISAs properly.

• The concepts of professional scepticism and professional judgement should be applied in all the
scenarios described in the FAQs. The different approaches presented are not necessarily the only
acceptable approaches. The auditor must obtain sufficient appropriate audit evidence in the
circumstances of a particular audit in accordance with the requirements of the ISAs relevant to the audit.

• The auditor is required to prepare documentation that provides a sufficient and appropriate record of the
basis for the auditor’s conclusions and report, and evidence that the audit was planned and performed in
accordance with the ISAs and applicable legal and regulatory requirements. Auditors are alerted to pay
specific attention to the documentation requirements in accordance with ISA 230, Audit documentation,
and all other ISAs relevant to the audit.
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref #773360
Contents
1. Risk assessment at assertion level .......................................................................................... 3
2. The presumption of risks of fraud in revenue recognition......................................................... 5
3. Substantive procedures for each material class of transactions, account balance and
disclosure (i.e. for each material financial statement item)....................................................... 8
4. Testing of journal entries and other adjustments ................................................................... 11
5. Opening balances – Recurring engagements ........................................................................ 14
6. Approval of Financial Statements by the entity, the dating and signing of the auditor’s report
and the related documentation thereof .................................................................................. 16
7. When information to be used as audit evidence involves the work of experts ........................ 22
8. Using the work of other auditors ............................................................................................ 32
9. ISA 450, Evaluation of misstatements identified during the audit ........................................... 35
10. The auditor’s consideration of the relevance of information to be used as audit evidence:
Testing the completeness assertion from an appropriate source ........................................... 45
11. The auditor’s consideration of the reliability of information to be used as audit evidence:
Obtaining audit evidence about the accuracy and completeness of information produced by
the entity ............................................................................................................................... 50
12. Auditing the completeness of revenue: An illustrative example focusing on the relevance and
reliability of the population from which items are selected for testing ..................................... 59

Issued July 2017

Updated October 2018, January 2020, December 2021 and August 2022
Ref #773360
1. Risk assessment at assertion level
When identifying and assessing risks of material misstatement at the assertion level, is the
auditor required to perform the risk assessment per individual assertion for classes of
transactions, account balances and disclosures?

Further context to the problem / challenge / uncertainty

There is uncertainty whether the assessment of risks of material misstatement ‘at the assertion level’
means that the assessment has to be performed per individual assertion for classes of transactions,
account balances and disclosures. Monitoring findings have also indicated instances where this was
not done.

Specific references in the ISAs

The auditor has to comply with all ISAs relevant to the audit, including all relevant requirements read
together with the related application material. The following specific references are relevant in
considering the specific question presented here (but are not intended to be exhaustive):

• ISA 315 (Revised), Para. 25, A122 – A131

Application of the requirements of the ISAs

ISA 315 (Revised).25 requires the auditor to identify and assess the risks of material misstatement
at:

(a) The financial statement level; and (Ref: Para. A122 – A125)
(b) The assertion level for classes of transactions, account balances, and disclosures, (Ref: Para.
A126 – A131)
to provide a basis for designing and performing further audit procedures.

Although ISA 315 (Revised).25 only makes reference to the “assertion level” in general, the
application and other explanatory material contained in ISA 315 (Revised).A128 provides clarity in
stating that all aspects contained in ISA 315 (Revised).A129 (a) – (b), being the individual assertions,
must be covered, as follows:

“The auditor may use the assertions as described in paragraph A129 (a) – (b) below or may express
them differently provided all aspects described below have been covered. For example, the auditor
may choose to combine the assertions about classes of transactions and events, and related
disclosures, with the assertions about account balances and related disclosures.”

Conclusion

When identifying and assessing risks of material misstatement at assertion level each individual
assertion must be considered. The assertions applied by the auditor may be those contained in ISA

Issued July 2017 Page | 3

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
315 (Revised).A129 (a) – (b) or other assertions in accordance with the firm’s audit methodology,
provided that all the aspects contained in ISA 315 (Revised) are covered.

Issued July 2017

Issued July 2017 Page | 4

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
2. The presumption of risks of fraud in revenue recognition
When identifying and assessing risks of material misstatement due to fraud in revenue
recognition, does the significant risk presumption in terms of ISA 240.26 relate to all assertions
and what are the implications for the auditor’s documentation if the presumption is to be rebutted
in the circumstances of a particular engagement?

Further context to the problem / challenge / uncertainty

Revenue for an entity may include different types of revenue or revenue transactions, and there are
individual assertions that underlie each of these types of revenue or revenue transactions.

There is uncertainty whether the practitioner, having identified and assessed risks of material
misstatement of revenue, can conclude that the significant risk presumption is not applicable for a
type of revenue or class of revenue transactions as a whole. Furthermore, considering individual
assertions for a particular type of revenue or class of revenue transactions, there is uncertainty
whether the documentation requirement relating to the rebuttal of the significant risk presumption
applies to each individual assertion.

Monitoring findings have indicated instances where practitioners do not properly document the
reasons for their assessment of risks of material misstatement due to fraud at the assertion level,
including the rebuttal of the significant risk presumption.

Specific references in the ISAs

The auditor has to comply with all ISAs relevant to the audit, including all relevant requirements read
together with the related application material. The following specific references are relevant in
considering the specific question presented here (but are not intended to be exhaustive):

• ISA 230, Para. 8

• ISA 240, Para. 25
• ISA 240, Para. 26, A28 – A30
• ISA 240, Para. 47
• ISA 315 (Revised), Para. 25, A122 – A131

Application of the requirements of the ISAs

ISA 240.25 requires the auditor, inter alia, in accordance with ISA 315 (Revised), to identify and
assess the risks of material misstatement due to fraud at the assertion level for classes of
transactions, account balances and disclosures. Based on FAQ 1 in this document, it is concluded
that this risk assessment must be performed per assertion.

In relation to revenue recognition, ISA 240.26 continues to require the following: “When identifying
and assessing the risks of material misstatements due to fraud, the auditor shall, based on a
presumption that there are risks of fraud in revenue recognition, evaluate which types of revenue,
revenue transactions or assertions give rise to such risks.”

Issued July 2017 Page | 5

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
Therefore, the auditor would in the normal course of identifying and assessing risks of material
misstatement in accordance with the requirements of ISA 315 (Revised) and ISA 240 take cognisance
of the presumption in ISA 240.26 and evaluate which types of revenue, revenue transactions or
assertions give rise to risks of fraud and, therefore, represent significant risks.

ISA 240.A28 states that material misstatements due to fraudulent financial reporting relating to
revenue recognition often results from an overstatement of revenue, but may also result from an
understatement of revenue. Overstatement could relate to all assertions relating to particular revenue
transactions, excluding completeness and understatement could relate to all assertions relating to
particular revenue transactions, excluding occurrence. Therefore the risk of fraud could relate to one,
some or all assertions pertaining to certain types of revenue or revenue transactions.

By way of illustration, the auditor may have identified risk factors relating to a motivation for
management to overstate a certain type of revenue linked to profit targets and performance
measurement applicable to management. The auditor has determined that there are risks relating to
fictitious transactions and pre-invoicing. In these circumstances the auditor, in accordance with ISA
240.26, evaluates that the occurrence assertion and cut-off assertion give rise to risks of material
misstatement due to fraud and are therefore significant risks. Therefore, for this type of revenue
(revenue stream) at the specific client, the significant risk presumption has not been rebutted, since
it applies to the occurrence and cut-off assertions. Had no assertions been identified as significant
risks, the auditor would be required to rebut the presumption for the particular type of revenue
(revenue stream).

To further clarify the illustration above, the auditor is required to pay particular attention to the following
matters relating to the application of the requirements of the ISAs in the circumstances:

• For the type of revenue (revenue stream) in this scenario, the auditor is required to perform an
assessment of risks of material misstatement at the assertion level for each individual assertion
(as would normally be the case – also refer to FAQ 1 in this document). Referring to the assertions
in ISA 315 (Revised).A129(a), the risk assessment will relate to, and will be documented for the
following assertions: Occurrence, completeness, accuracy, cut-off, classification and
presentation.
• In the normal course of performing the risk assessment, the auditor has identified risk factors that
give rise to risks of material misstatement due to fraud in relation to the occurrence and cut-off
assertions and, therefore, these two assertions have also specifically been identified and
assessed as significant risks (the identification and assessment of which are clearly indicated and
documented as part of the risk assessment).

• ISA 230.8(c) requires the preparation of audit documentation that is sufficient to enable an
experienced auditor, having no previous connection with the audit to understand, amongst other
things, the significant professional judgements made in reaching conclusions. The auditor’s
judgements relating to revenue recognition in this scenario will be supported by the auditor’s risk
assessment at assertion level, documented in sufficient detail to enable an experienced auditor to
understand such judgements and the conclusions reached.

ISA 240.A30 provides an example of when the presumption can be rebutted per type of revenue or
class of revenue transactions as a whole, namely: “there is a single type of simple revenuetransaction,

Issued July 2017 Page | 6

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
for example leasehold revenue from a single unit rental property”.

ISA 240.47 requires that if the auditor has concluded that the presumption that there is a risk of
material misstatement due to fraud related to revenue recognition is not applicable in the
circumstances of the engagement, the reasons for that conclusion be included in the audit
documentation.

Conclusion

ISA 240.26 refers to “types of revenue”, “revenue transactions” or “assertions” and is therefore not
prescriptive that the significant risk presumption must be rebutted per assertion. It would however not
be appropriate for the auditor to consider revenue for an entity in total/ overall when the entity’s
revenue comprises different types of revenue (revenue streams) or revenue transactions.

When identifying and assessing risks of material misstatement due to fraud, the auditor could
conclude, based on the understanding obtained, that the risk of fraud is not applicable to a type of
revenue (revenue stream) or class of revenue transactions, and document the reasons for the rebuttal.

If none of the assertions are considered to be significant risks in the circumstances (i.e. no risks of
material misstatement due to fraud have been identified in relation to any of the assertions), the
auditor has to document why the significant risk presumption does not apply (i.e. rebut the
presumption) to revenue recognition related to the type of revenue (revenue stream) or class of
revenue transactions concerned (or to revenue overall, if the entity’s revenue does not comprise
different types of revenue (revenue streams) or revenue transactions). The auditor’s judgements
relating to revenue recognition will be supported by the auditor’s risk assessment at assertion level,
documented in sufficient detail to enable an experienced auditor to understand such judgements and
the conclusions reached.

Issued July 2017

Issued July 2017 Page | 7

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
3. Substantive procedures for each material class of transactions, account
balance and disclosure (i.e. for each material financial statement item)
At what level should materiality be applied in identifying material classes of transactions,
account balances and disclosures when designing and performing substantive procedures?

Further context to the problem / challenge / uncertainty

The ISAs require the auditor to design and perform substantive procedures for each material class of
transactions, account balance and disclosure (ISA 330.18). There is uncertainty about the level at
which materiality should be applied when testing items, for example, whether it is appropriate to apply
materiality to the level at which the items are presented in the financial statements; to each individual
account or item that is presented in a lead schedule that ultimately makes up the item presented in
the financial statements; or to each individual transaction or event included in the general ledger.

Specific references in the ISAs

The auditor has to comply with all ISAs relevant to the audit, including all relevant requirements read
together with the related application material. The following specific references are relevant in
considering the specific question presented here (but are not intended to be exhaustive):

• Glossary of Terms: Financial statements; Population

• ISA 200, Para. 11
• ISA 230, Para. 8
• ISA 330, Para. 18, A42 - A47
• ISA 500, Para. 10, A52 – A56
• ISA 530, Para. 1 – 2, A4 – A9, Appendix 1

Application of the requirements of the ISAs

The Glossary of Terms defines Financial statements as “A structured representation of historical

financial information, including disclosures, intended to communicate an entity’s economic resources
or obligations at a point in time, or the changes therein for a period of time, in accordance with a
financial reporting framework …” A complete set of International Financial Reporting Standards
(IFRS) compliant financial statements per IAS 1.10 comprise:

• A statement of financial position;

• A statement of profit or loss and other comprehensive income;
• A statement of changes in equity;
• A statement of cash flows; and
• Notes.

IAS 1.54 and .82 contain requirements of the line items which the statement of financial position and
statement of profit or loss and comprehensive income must consist of and how these line items should
be presented. The term “line items” are similar to the terms “financial statement items” and “classes
of transactions, account balances and disclosures”, used throughout the ISAs, and are interpreted to

Issued July 2017 Page | 8

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
have the same meaning.

To determine at what level materiality should be applied in identifying material classes of transactions,
account balances and disclosures / material financial statement items / line items, it is relevant to
consider the definition of a “population” and the different means of selecting items for testing.

The Glossary of Terms defines Population as “The entire set of data from which a sample is selected
and about which the auditor wishes to draw conclusions”. Stratification is defined as “The process of
dividing a population into sub-populations, each of which is a group of sampling units which have
similar characteristics (often monetary value).”

ISA 500.10 requires the auditor to “determine means of selecting items for testing that are effective in
meeting the purpose of the audit procedure” (for example, when designing tests of details). The
application material in ISA 500.A52 indicates that the means available to the auditor for selecting
items for testing are the following:

• Selecting all items;

• Selecting specific items; and
• Audit sampling.

ISA 500.A52 continues to state that the application of any one or combination of these means may
be appropriate. The auditor shall also take cognisance of ISA 500.A55 that emphasises, in relation to
selecting specific items for testing, that the results of audit procedures applied to items selected in
this way cannot be projected to the entire population; accordingly, selective examination of specific
items does not provide audit evidence concerning the remainder of the population. Accordingly, the
auditor has to consider and document in accordance with the requirements of ISA 230.8 whether and,
if so, what further work is required in relation to the remainder of the population in order to reduce the
risk of material misstatement to an acceptable low level.

The same definition of a Population should apply equally to all of the means of selecting items for
testing in terms of representing the entire set of data from which the auditor will select items for testing.

Line items or individual financial statement items may be found in the separate statements that make
up the financial statements and in the notes that form an integral part of the financial statements. In
terms of the auditor obtaining reasonable assurance about the financial statements as a whole (ISA
200.11) (i.e. the complete set of financial statements), it would be appropriate for the auditor to use
the notes (where applicable) to determine the relevant populations for purposes of selecting items for
testing. For example, the auditor uses the note relating to Property, plant and equipment (PPE) which
is further broken down into its different classes, rather than the single figure on the face of the
statement of financial position to determine means of selecting items for testing.

If each class of PPE is a population, such population can be further stratified to more effectively test
the population. The strata can, for example, be based on the value of the items making up the
population or on identified characteristics that represent risks of material misstatement. ISA 530
Appendix 1 provides additional guidance relating to stratification.

Issued July 2017 Page | 9

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
Conclusion

“Classes of transactions, account balances and disclosures” are interpreted as the line items making
up, or the individual financial statement items presented in the separate statements and the notes in
a complete set of financial statements.

Materiality in terms of testing each material financial statement item should be applied at the level of
the individual financial statement items as presented in the separate statements and in the notes.
Based on the discussion in the above paragraphs, there is no requirement in the ISAs to test:

• Each individually material account or item that is presented in a schedule that ultimately makes
up the item presented in the financial statements; or
• Each individually material transaction or event included in the general ledger (excluding journal
entries and other adjustments in certain instances, as discussed in FAQ 4 in this document).

Notwithstanding the above, the auditor must ensure an appropriate response to identified and
assessed risks of material misstatement at the assertion level, and is required to exercise professional
scepticism and professional judgement in determining the nature and extent of the audit procedures
to be performed in order to obtain sufficient appropriate audit evidence in the circumstances.

Issued July 2017

Issued July 2017 Page | 10

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
4. Testing of journal entries and other adjustments
To what extent is the auditor required to test journal entries and other adjustments, taking into
account that the risk of management override of controls is present in all entities, and that it is
a risk of material misstatement due to fraud and thus a significant risk?

Further context to the problem / challenge / uncertainty

Journal entries and other adjustments are intrinsically linked to the auditor’s consideration of the risks
of material misstatement due to fraud in management override of controls as addressed in ISA 240.
There is uncertainty about whether all material journal entries and other adjustments made as part of
the financial statement closing process should be tested; the extent of testing required in relation to
journal entries and other adjustments made as part of the closing process that are not material and
whether there is a requirement to test journal entries and other adjustments made throughout the
reporting period.

Specific references in the ISAs

The auditor has to comply with all ISAs relevant to the audit, including all relevant requirements read
together with the related application material. The following specific references are relevant in
considering the specific question presented here (but are not intended to be exhaustive):

• ISA 230, Para. 8

• ISA 240, Para. 44
• ISA 240, Para. 31, 32(a), 33, A41 – A44
• ISA 315 (Revised), Para. 18, A93 – A94
• ISA 315 (Revised), Para. 29
• ISA 330, Para. 20, A52

Application of the requirements of the ISAs

In terms of ISA 240.31, “Management is in a unique position to perpetrate fraud because of their ability
to manipulate accounting records and prepare fraudulent financial statements by overriding controls
that otherwise appear to be operating effectively. Although the level of risk of management override
of controls will vary from entity to entity, the risk is nevertheless present in all entities. Due to the
unpredictable way in which such override could occur; it is a risk of material misstatement dueto fraud
and thus a significant risk”. One of the ways management override may occur is through the
processing of journal entries.

Owing to the significant risk presumption above, in terms of ISA 315 (Revised).29, the auditor is
required to obtain an understanding of the entity’s controls, including control activities, relevant to the
risk. This would relate to the entity’s information system and business processes surrounding journal
entries, including non-standard journal entries used to record non-recurring, unusual transactions or
adjustments (refer to ISA 315 (Revised).18, A93 – A94 for further information in this regard).

Issued July 2017 Page | 11

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
In designing and performing audit procedures to test journal entries and other adjustments, the
following requirements of the ISAs are particularly relevant:

ISA 240.32(a): “Irrespective of the auditor’s assessment of the risks of management override of
controls, the auditor shall design and perform audit procedures to test the appropriateness of journal
entries recorded in the general ledger and other adjustments made in the preparation of the financial
statements. In designing and performing audit procedures for such tests, the auditor shall:

(i) Make inquiries of individuals involved in the financial reporting process about inappropriate or
unusual activity relating to the processing of journal entries and other adjustments;
(ii) Select journal entries and other adjustments made at the end of a reporting period; and
(iii) Consider the need to test journal entries and other adjustments throughout the period. (Ref: Para.
A41 – A44)”.

ISA 330.20: “The auditor’s substantive procedures shall include the following audit procedures related
to the financial statement closing process:

(a) Agreeing or reconciling the financial statements with the underlying accounting records; and
(b) Examining material journal entries and other adjustments made during the course of preparing
the financial statements. (Ref: A52)”.

ISA 330.20(b) makes reference to material journal entries and other adjustments made during the
course of preparing the financial statements. Since the heading of the introductory sentence to ISA
330.20 refers to the financial statement closing process, it is clear that the requirements relate to
matters that the auditor should focus on at the end of the reporting period when the accounting records
are closed off and balanced.

In considering and applying the requirements of the ISAs, it is important to draw the distinction as
highlighted above. Reference will be made here to “End of reporting period/ Financial statement
closing process journal entries and adjustments”, which incorporates journal entries and other
adjustments made at the end of a reporting period. Journal entries and other adjustments made
throughout the reporting period are referred to as “Other journal entries and adjustments”.

Conclusion

In the context that management override of controls is a risk of material misstatement due to fraud
and thus a significant risk, ISA 240 requires the auditor to design and perform certain audit procedures
pertaining to, amongst other matters, journal entries and other adjustments, as well as to determine
whether any other procedures in addition to those specifically referred to may be required in the
circumstances of a particular audit (refer to ISA 240.31 – 33).

Testing of End of reporting period/ Financial statement closing process journal entries and
adjustments

Both ISA 240.32(a)(ii) and ISA 330.20(b) refer to End of reporting period/ Financial statement closing
process journal entries and adjustments and therefore need to be read together in understanding the
requirements relating to the testing of these journal entries and adjustments.

Issued July 2017 Page | 12

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
Irrespective of the auditor’s assessment of the risk of management override of controls, the auditor
shall make a selection of journal entries and adjustments made at the end of a reporting period. The
auditor, therefore, ensures that all these journal entries and adjustments are identified to make up a
complete population, and then proceeds as follows:

• Examine material End of reporting period/ Financial statement closing process journal entries and
adjustments by designing and performing appropriate substantive procedures. There is no
requirement contained in the ISAs for the auditor to test all material journal entries but the auditor’s
testing shall include the examination of material End of reporting period/ Financial statement
closing process journal entries. In terms of ISA 330.A52 and ISA 240.A44, the auditor is permitted
to exercise professional judgement in determining the nature and extent of testing of journal
entries and adjustments made at this time, taking into account the nature and complexity of the
entity’s financial reporting process and the related risks of material misstatement; the
consideration of which shall be documented in accordance with the requirements of ISA 230.8
and ISA 240.44 (as applicable); and

• In addition to material journal entries and adjustments, the auditor exercises professional
judgement to decide which non-material journal entries and adjustments may need to be tested;
the consideration of which shall be documented in accordance with the requirements of ISA 230.8
and ISA 240.44 (as applicable). The auditor exercises professional judgement in determining the
nature, timing and extent of testing performed on journal entries and other adjustments. ISA
240.A43 provides guidance on the matters that are of relevance when identifying and selecting
journal entries and adjustments for testing and determining the appropriate method of examining
the underlying support for the items selected.

Testing of Other journal entries and adjustments

In terms of ISA 240.32(a)(iii) the auditor shall consider the need to test journal entries and other
adjustments throughout the period. This consideration shall be documented in terms of ISA 230.8 and
ISA 240.44 (as applicable). Again, the auditor exercises professional judgement in determining the
nature, timing and extent of testing to be performed on journal entries and other adjustments. There
is, however, no requirement contained in the ISAs for the auditor to specifically examine material
Other journal entries and adjustments, as there is for material End of reporting period/ Financial
statement closing process journal entries and adjustments. In response to the risk of fraud, the auditor
applies the guidance in ISA 240.A43 with respect to the matters that are of relevance when identifying
and selecting Other journal entries and adjustments for testing and determining the appropriate
method of examining the underlying support for the items selected.

Issued July 2017

Issued July 2017 Page | 13

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
5. Opening balances – Recurring engagements
What audit work should the auditor perform in relation to opening balances in a recurring
engagement?

Further context to the problem / challenge / uncertainty

There is uncertainty around the procedures that have to be performed on the closing balances that
are carried forward as opening balances in the current period for a recurring audit and whether the
procedures in ISA 510 are applicable to a recurring engagement. It is important to note that this
question only relates to the auditor’s work effort in terms of confirming that those balances that existed
at the beginning of the period represent the closing balances of the prior period, and does not deal
with the current period work effort in testing the closing balance that is made up, cumulatively, of items
from the current period and previous periods.

Specific references in the ISAs

The auditor has to comply with all ISAs relevant to the audit, including all relevant requirements read
together with the related application material. The following specific references are relevant in
considering the specific question presented here (but are not intended to be exhaustive):

• ISA 510, Para. 4(a)

• ISA 710, Para. 1 and 7
• General risk assessment and response procedures in ISA 315 (Revised) and ISA 330
• Special consideration requirements in ISA 240

Application of the requirements of the ISAs

ISA 510 deals with the auditor’s responsibilities relating to opening balances in an initial audit
engagement. ISA 510.4(a) defines an initial engagement as “an engagement in which either the
financial statements for the prior period were not audited, or the financial statements for the prior
period were audited by a predecessor auditor”.

Although ISA 710 deals with the auditor’s responsibilities relating to comparative information in an
audit of financial statements, the scope of ISA 710 also confirms that the requirements relating to
opening balances, as contained in ISA 510 are applicable, in addition to those contained in ISA 710,
when the financial statements of the prior period have been audited by a predecessor auditor or were
not audited. Therefore, ISA 710 applies to initial engagements and recurring engagements, and is
relevant in terms of how those prior period balances, reflected as corresponding figures in the current
period financial statements, have been carried forward in the current period.

Issued July 2017 Page | 14

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
Conclusion

The ISAs do not contain specific requirements and guidance on testing closing balances that are
carried over as opening balances in the current year for a recurring engagement.

In the absence of specific requirements and guidance with respect to recurring engagements, the
auditor applies the general risk assessment and risk response requirements in ISA 315 (Revised) and
ISA 330, together with special considerations requirements contained in ISA 240, with respect to the
consideration of fraud in an audit of financial statements. The auditor needs to ensure that proper
identification and assessment of risks of material misstatement at the financial statements level and
at the assertion level are performed and that further procedures whose nature, timing and extent are
responsive to the assessed risks of material misstatement are designed and performed.

For additional practical context, it would be prudent to ensure that the auditor’s procedures relating to
opening balances at least cover the following key aspects (subject to a proper risk assessment and
risk response, as discussed above):

• Whether opening retained income and other reserves in the general ledger agrees to closing
retained income and other reserves as per the prior period’s financial statements.
• Agreement between the comparative information as included in the current period’s financial
statements and the information in the prior period’s financial statements. Also refer to the auditor’s
responsibilities with respect to comparative information in ISA 710.
• The composition of balances, totals and disclosures (i.e. their composite elements in terms of
items / categories of items or ledger accounts or similar) in the current period and their composition
at the end of the previous period, and any changes or discrepancies in relation thereto. This
information may be reflected in lead schedules of the current and prior periods.
• The effect of any changes in accounting policies, prior period errors and/or reclassifications in the
current period (also refer to ISA 710.7 – 9).
• The results of current period audit procedures on balances and disclosures that may raise issues
or questions relating to those balances or disclosures in the prior period and how they have been
rolled forward or brought forward to the current period.

The auditor would evaluate any differences or discrepancies relating to opening balances and
consider the appropriate response required. The nature and extent of the audit procedures to be
performed are ultimately determined by the auditor in applying professional judgment in response to
the assessed risks of material misstatement.

Issued July 2017

Issued July 2017 Page | 15

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 6. Approval of Financial Statements by the entity, the dating and signing of the
auditor’s report and the related documentation thereof
(a) How does the auditor assess whether the “act of approval” of the financial statements1
has taken place?

(b) What are the requirements with respect to the dating and signing of the auditor’s report
that signifies that the auditor has obtained sufficient appropriate audit evidence on which
to base the auditor’s opinion?

(c) What should the auditor include in the audit file to ensure that the audit documentation is
sufficient to enable an experienced auditor, having no previous connection with the audit,
to understand the results of the audit procedures performed and audit evidence obtained
in respect of the approved financial statements and final versions of the entity’s financial
statements?

(d) What is the auditor’s responsibility in relation to issued Annual Financial Statements2?

Further context to the problem / challenge / uncertainty

Note: These matters are relevant to all situations where financial statements are required to be
approved by law or regulation, or in terms of an entity’s founding documents or a deed, agreement,
resolution or similar document. Furthermore, the dating and signing of the auditor’s report is applicable
where the auditor has been engaged to perform an audit of financial statements, whether it is a
mandatory audit or a voluntary audit, and irrespective of the nature and form of the audited entity. For
purposes of this FAQ, the matters concerned have been framed in the context of the audit of a
company’s annual financial statements in accordance with the Companies Act, No. 71 of 2008 (the
Companies Act). Users may also find this FAQ, if adapted as necessary, useful when dealing with
these matters in different circumstances.

Monitoring findings in relation to completed engagements have identified instances where the auditor
did not prepare audit documentation that was sufficient to enable an experienced auditor, having no
previous connection with the audit, to understand the results of the auditing procedures performed
and audit evidence obtained in respect of the approved and final versions of the company’s financial
statements. In certain instances, there have been uncertainty about whether the final version of the
financial statements have been included in the audit file. Monitoring findings have also identified
instances where it is unclear whether the final version of the auditor’s report has been included in the

1In line with the terminology contained in the ISAs, when outlining the auditor’s responsibilities applicable in this
FAQ, reference is made to the term “financial statements”.

2In line with the terminology contained in section 30 of the Companies Act, when referring to the requirements
of the Companies Act and the publication of results of the entity in this FAQ, reference is made to the term
“Annual Financial Statements”.

Issued July 2017 Page | 16

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 audit file.

Specific references in the ISAs3, the Companies Act, the Auditing Profession Act and the IRBA
Code of Professional Conduct for Registered Auditors (the IRBA Code)

The auditor has to comply with all ISAs relevant to the audit, including all relevant requirements read
together with the related application material. The following specific references are relevant in
considering the specific questions presented here (but are not intended to be exhaustive):

• ISA 230, Para. A4

• ISA 560, Para. 5(b),5(c), 5(d),10 – 17, A2 and A4
• ISA 700 (Revised), Para. 20, 46,47,49, A18, A62, A64, A65, A67 and A68
• Companies Act, sections 30(1), 30(3)(a) and 30(3)(c)
• Audit Profession Act, section 41(8)
• The IRBA Code, paragraphs R115.6 SA and R115.8 SA

Application of the requirements of the ISAs, the Companies Act, the Auditing Profession Act
and the IRBA Code

a. Act of approval of financial statements

Specific requirements relating to the individual/(s) or body/(ies) that are responsible for the preparation
of the financial statements and the necessary approval process are included in relevant laws and
regulations, founding documents, deeds, agreements, resolutions or similar documents. In the case
of a company, these requirements are contained in the Companies Act.

The Companies Act requires a company to prepare annual financial statements (AFS) (section 30(1)),
which must include an auditor’s report if the AFS are audited (section 30(3)(a)). Furthermore, the AFS,
whether audited or not, must be approved by the board and signed by an authorised director (section
30(3)(c)). These provisions of the Companies Act are unalterable provisions, as defined. Therefore,
a company is required to comply with these provisions and cannot remove or diminish these
provisions through its Memorandum of Incorporation (MOI). The MOI may, however impose on the
company more onerous requirements.

The ISAs require that the auditor’s report be dated no earlier than the date on which the auditor has
obtained sufficient appropriate audit evidence on which to base the auditor’s opinion on the financial
statements. This includes evidence that:

(a) All the statements and disclosures that comprise the financial statements have been prepared;
and
(b) Those with the recognised authority have asserted that they have taken responsibility for those
financial statements (ISA 700 (Revised).49).
Since the auditor’s opinion is provided on the financial statements and the financial statements are

3This FAQ reflects references in the 2020 edition of the International Auditing and Assurance Standards Board’s
Handbook of International Quality Control, Auditing, Review, Other Assurance, and Related Services
Pronouncements.

Issued July 2017 Page | 17

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
the responsibility of management, the auditor is not in a position to conclude that sufficient appropriate
audit evidence has been obtained until evidence is obtained that all the statements and disclosures
that comprise the financial statements have been prepared and that management has accepted
responsibility for them (ISA 700 (Revised).A67).

The application and other explanatory material of ISA 560 and ISA 700 (Revised) recognise that in
some jurisdictions, law or regulation identifies the individuals or bodies that are responsible for
concluding that all the statements and disclosures that comprise the financial statements have been
prepared, and specifies the necessary approval process. In such cases, evidence is obtained of that
approval before dating the auditor’s report on the financial statements. (ISA 560.A2; ISA 700
(Revised).A68).

In the case of a company in South Africa, the law or regulation that identifies the individuals or bodies
that are responsible for concluding that all the statements and disclosures that comprise the AFS
have been prepared and that specifies the necessary approval process, is the Companies Act (refer
to section 30(3)(c) as described above). In essence, the act of approval of the AFS requires the
completion of two steps, namely (1) the board of directors must approve the AFS and (2) the AFS
must be signed by a director who has been authorised by the board to do so. If any of these steps
are not completed, the act of approval has not occurred.

b. Dating and signing of the auditor’s report

The date of the approval of the financial statements is defined in ISA 560.5(b) as “The date on which
all the statements that comprise the financial statements, including the related notes, have been
prepared and those with the recognised authority have asserted that they have taken responsibility
for those statements”.

The date of the auditor’s report is defined in ISA 560.5(c) as “The date the auditor dates the report on
the financial statements in accordance with ISA 700”.

Once the AFS are approved by the board of directors and signed by an authorised director, the auditor
is able to date and sign the auditor’s report on the financial statements provided that the auditor has
obtained sufficient appropriate audit evidence on which to base the auditor’s opinion.

ISA 700 (Revised) contains the following requirements specific to the auditor’s report:

• The auditor’s report shall be in writing (ISA 700 (Revised).20). A written report encompasses
reports issued in hard copy and those using electronic medium (ISA 700 (Revised).A18);
• ISA 700 (Revised).46 requires the name of the engagement partner to be included in the auditor’s
report of financial statements of listed entities unless, in rare circumstances, such disclosure is
reasonably expected to lead to a significant personal security threat. Law, regulation or national
auditing standards may require that the auditor’s report include the name of the engagement partner
responsible for audits other than those financial statements of listed entities. The auditor may also
be required by law, regulation or national auditing standards, or may decide to include additional
information beyond the engagement partner’s name in the auditor’s report to further identify the
engagement partner, for example, the engagement partner’s professional license number that is
relevant to the jurisdiction where the auditor practices. (ISA 700 (Revised).A62).
• The auditor’s report shall be signed (ISA 700 (Revised).47). The application and other explanatory

Issued July 2017 Page | 18

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 material of ISA 700 (Revised) expands on this in stating that in some cases, law or regulation may
allow for the use of electronic signatures in the auditor’s report (ISA 700 (Revised).A65).

The auditor’s signature is either in the name of the audit firm, the personal name of the auditor or
both, as appropriate for the particular jurisdiction. In addition to the auditor’s signature, in certain
jurisdictions, the auditor may be required to declare in the auditor’s report, the auditor’s professional
accountancy designation or the fact that the auditor or firm, as appropriate, has been recognised by
the appropriate licensing authority in that jurisdiction (ISA 700 (Revised).A64).

In South Africa, section 41(8) of the Auditing Profession Act, No. 26 of 2005 determines that a
registered auditor is not prevented from signing the firm name or title under which the registered
auditor practises. Therefore, the auditor would be able to sign the auditor’s report in his/her personal
name or in the name of the firm or both.

In addition to the requirements of ISA 700 (Revised), the signing convention for reports as contained in
paragraph R115.6 SA of the IRBA Code is a regulatory requirement applicable in South Africa. The
signing convention states that the individual registered auditor responsible for the audit, review or
other assurance engagement shall, when signing any audit, review or other assurance report, reflect
the following:

(a) The individual registered auditor’s full name;

(b) If not a sole proprietor, the capacity in which they are signing4;
(c) The designation ‘Registered Auditor’ underneath their name; and
(d) If not set out on the firm’s letterhead, the name of the registered auditor’s firm.

The IRBA Code furthermore addresses the use of electronic signatures5. Paragraph R115.8 SA of the
IRBA Code states that the individual registered auditor responsible for the audit, review or other
assurance engagement shall, when signing any audit, review or other assurance report, make use of
either:
(a) A wet-ink signature;
(b) A secure ordinary electronic signature; or
(c) An advanced electronic signature

that is/are the firm’s authorised means of signing any audit, review, or other assurance report.

c. Audit Documentation

Sufficient appropriate audit evidence of the approval process and the final set of financial statements
signed by the authorised director has to be obtained and the auditor must prepare and retain sufficient
audit documentation in this regard, in accordance with the requirements of ISA 230. Such
documentation could include a copy of minutes of meetings or a working paper that documents the
auditor’s inspection of the minutes of meetings and a clearly marked “final version” of the financial
statements on which the auditor has performed procedures as part of the audit completion process.

It is encouraged that the auditor’s documentation be clear in terms of identifying the final signed

4 For example “partner” or “director”.

5 The IRBA Code, paragraphs 115.7 A1 SA to 115.11 A2 SA.

Issued July 2017 Page | 19

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
version of the auditor’s report that has been issued by the auditor and audit firm in relation to the
approved audited AFS of the company concerned.

In finalising the contents of the audit file, it should be noted that the auditor is not required to include
superseded drafts of financial statements in the audit documentation (ISA 230.A4). It is encouraged
that superseded documentation be removed from the file as this can complicate the monitoring
reviews of the audit file. If this is not possible, the version control in relation to the various sets of
financial statement included in the audit file becomes an important consideration in ensuring that the
audit documentation is sufficient in respect of the final version of the company’s financial statements.

d. Auditor’s responsibility in relation to issued AFS

With the move towards a paperless environment, entities are choosing to include the AFS on their
website or making use of other electronic means to communicate with stakeholders. This gives rise
to an increased risk that the incorrect version of the AFS is issued and this is not identified and
addressed by the auditor.

ISA 560.5(d) defines the date the financial statements are issued as “The date that the auditor’s report
and audited financial statements are made available to third parties”. The application and other
explanatory material in ISA 560.A4 indicates that the date the financial statements are issued
generally depends on the regulatory environment of the entity. In some circumstances, the date the
financial statements are issued may be the date that they are filed with a regulatory authority. Since
audited financial statements cannot be issued without an auditor’s report, the date that the audited
financial statements are issued must not only be at or later than the date of the auditor’s report, but
must also be at or later than the date the auditor’s report is provided to the entity.

ISA 560.10 states that the auditor has no obligation to perform any audit procedures regarding the
financial statements after the date of the auditor’s report. ISA 560.14 states that after the financial
statements have been issued, the auditor has no obligation to perform any audit procedures regarding
such financial statements. From a risk management point of view, however, it would be prudent for
firms to develop internal policies and procedures to mitigate the risk of the incorrect version of the
financial statements or auditor’s report being issued.

If, after the date of the auditor’s report but before the date the financial statements are issued, a fact
becomes known to the auditor that, had it been known to the auditor at the date of the auditor’s
report, may have caused the auditor to amend the auditor’s report, the auditor is required to take
action as set out in paragraphs 10 - 13 of ISA 560.

If, after the financial statements have been issued, the auditor becomes aware of a fact that, had it
been known to the auditor at the date of the auditor’s report, may have caused the auditor to amend
the auditor’s report, the auditor is required to take action as set out in paragraphs 14 - 17 of ISA 560.

Conclusion

The Companies Act contains two components relating to the approval of the AFS namely, their
approval by the board and the signing thereof by an authorised director. The auditor is required to
obtain sufficient appropriate audit evidence of the approval process of the financial statements and

Issued July 2017 Page | 20

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
ensure that this is clearly documented, before the auditor’s report is signed. The audit documentation
must be sufficiently clear to mitigate the risk that an experienced auditor, having no previous connection
with the audit, is unable to identify the final and approved version of the company’s financial statements
and the final signed version of the auditor’s report in the audit file.

Issued October 2018

Updated August 2022

Issued July 2017 Page | 21

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 7. When information to be used as audit evidence involves the work of experts
What does an “expert” mean in the context of a management’s expert and an auditor’s expert;
what is the difference between these experts; and what do the ISAs require of the auditor in an
audit engagement when information to be used as audit evidence involves the work of experts?

Further context to the problem / challenge / uncertainty

There is uncertainty about the meaning of a management’s expert and an auditor’s expert, the
differences between these experts and the differing levels of work effort to be applied by the auditor
in complying with the requirements of the ISAs when information to be used as audit evidence involves
the work of these experts. Such uncertainty could result in the non-application or the application of
requirements of the incorrect ISAs, which could result in deficiencies in audit documentation or a lack
of sufficient appropriate audit evidence to support the auditor’s opinion on the financial statements.

Specific references in the ISAs6

The auditor has to comply with all ISAs relevant to the audit, including all relevant requirements read
together with the related application material. The following specific references are relevant in
considering the specific question presented here (but are not intended to be exhaustive):

In general
• ISA 200, Para. 7, 15, 16
• ISA 500, Para. 5(e), 8, A45
• ISA 620, Para. 6(a), 6(b), A1, A7, A11 and A12

When a management’s expert is applicable

• ISA 260(Revised), Para. 16(a)
• ISA 500, Para. 8, A45 – A59
• ISA 540(Revised), Para.13, 13(f), 30, 37, 38, A31, A130, A131, A145 and Appendix 2 paragraphs
(e), (r) and (s)

When an auditor’s expert is applicable

• ISA 220, Para. 7(d)
• ISA 540(Revised), Para.15, A61- A63
• ISA 620

Documentation
• ISA 230, Para. 8 – 11
• ISA 540 (Revised), Para. 39, 39(a) and A151

6This FAQ reflects ISA references in the 2020 edition of the International Auditing and Assurance Standards
Board’s Handbook of International Quality Control, Auditing, Review, Other Assurance, and Related Services
Pronouncements. This FAQ contains references to ISA 315 (Revised 2019) Identifying and Assessing the Risks
of Material Misstatement and includes the conforming and consequential amendments to other International
Standards as a result of the approval of ISA 315 (Revised 2019).

Issued July 2017 Page | 22

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
When expertise in accounting or auditing is applicable
• ISQC 1, Para. 34, 43, 44, A36 – A40
• ISA 220, Para. 18, A22 – A23
• ISA 540(Revised), Para.15, A61 and A63

Interaction between information obtained from an external information source and a management’s –
or auditor’s expert
• ISA 500, Par. 5(d), 7, A1, A3, A4, A39 – A44

Application of the requirements of the ISAs

General

It is important to first determine what an expert is in the context of the ISAs. ISA 620.6(b) defines
expertise as: skills, knowledge and experience in a particular field.

Expertise in the context of a management’s expert and an auditor’s expert relates to expertise in a
field other than accounting or auditing, as indicated in the definitions below and as covered by the
relevant requirements of ISA 500 and ISA 620, respectively. If the auditor consults on matters that
require expertise in the field of accounting or auditing, the auditor refers to the relevant requirements
and application material pertaining to consultation in ISQC 1 and ISA 220. This is addressed in the
sub-section “Expertise in the field of accounting or auditing”, below.

• ISA 500.5(e) defines a management’s expert as an individual or organisation possessing

expertise in a field other than accounting or auditing, whose work in that field is used by the entity
to assist the entity in preparing the financial statements.

• ISA 620.6(a) defines an auditor’s expert as an individual or organisation possessing expertise in

a field other than accounting or auditing, whose work in that field is used by the auditor to assist
the auditor in obtaining sufficient appropriate audit evidence. An auditor’s expert may be either an
auditor’s internal expert (who is a partner or staff, including temporary staff, of the auditor’s firm
or a network firm), or an auditor’s external expert.

The ISAs require that the auditor exercise professional scepticism and professional judgement
throughout the planning and performance of the audit, and recognise that circumstances may exist
that cause the financial statements to be materially misstated (ISA 200.7, 15, 16). Planning and
performing the audit with professional scepticism and exercising professional judgement is particularly
important when considering the work of experts. This work often relates to significant matters that are
integral to the audit and may involve subjectivity, uncertainty and complex judgements, and result in
a higher risk of material misstatement.

Issued July 2017 Page | 23

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
Examples of expertise that could be applicable to either an auditor’s expert or a management’s expert

Paragraph A1 of ISA 620 includes the following examples of expertise in a field other than accounting
or auditing:

• The valuation of complex financial instruments, land and buildings, plant and machinery,
jewellery, works of art, antiques, intangible assets, assets acquired and liabilities assumed in
business combinations and assets that may have been impaired;
• The actuarial calculation of liabilities associated with insurance contracts or employee benefit
plans;
• The estimation of oil and gas reserves;
• The valuation of environmental liabilities, and site clean-up costs;
• The interpretation of contracts, laws and regulations; and
• The analysis of complex or unusual tax compliance issues.

Although these examples are included in the context of an auditor’s expert, they can also be applied
by the auditor when identifying a management’s expert and using the work thereof.

Difference between a management’s expert and an auditor’s expert

Based on the above-mentioned definitions, a key difference between a management’s expert and an
auditor’s expert is that the auditor’s expert is employed or engaged by the auditor to assist the auditor in
obtaining sufficient appropriate audit evidence on management’s assertions; whereas a
management’s expert is employed or engaged by the entity (i.e. the auditee) to assist them in
preparing financial information to be included in the financial statements.

In the management’s expert scenario, the auditor will be presented with evidence of a valuation of
land and buildings, for example, that management did not prepare themselves; i.e. they used the work
of an expert to assist the entity in calculating amounts that are included in the financial statements.
Apart from performing any other audit procedures that would be required in the circumstances to
obtain sufficient appropriate audit evidence, the auditor shall, to the extent necessary, having regard
to the significance of that expert’s work for the auditor’s purposes, also test the reliability of the work
of the expert by performing the procedures contained in ISA 500.8.

The auditor may also decide to use his / her own expert (an auditor’s expert) to determine the value
of land and buildings in assisting the auditor to obtain sufficient appropriate audit evidence. In this
case ISA 620 will have to be applied.

Different scenarios may arise in practice, for example:

• the entity uses a management’s expert and the auditor uses the work of that management’s
expert without using an auditor’s expert;
• the entity uses a management’s expert and the auditor deems it necessary to also engage an
auditor’s expert; or
• management does not use a management’s expert, but the auditor decides it is necessary to use
an auditor’s expert.

Issued July 2017 Page | 24

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
An auditor who is not an expert in a particular field other than accounting or auditing may nevertheless
be able to obtain sufficient understanding of that field in order to perform the audit without an auditor’s
expert. This understanding may be obtained through, for example:

• Experience in auditing entities that require such expertise in the preparation of their financial
statements.
• Education or professional development in the particular field. This may include formal courses,
or discussions with individuals possessing expertise in the relevant field for the purpose of
enhancing the auditor’s own capacity to deal with matters in that field. Such discussion differs
from consultation with an auditor’s expert regarding a specific set of circumstances encountered
on the engagement where that expert is given all the relevant facts that will enable the expert to
provide informed advice about the particular matter.
• Discussions with auditors who have performed similar engagements (ISA 620.A7).

Difference between internal experts and external experts

In the section above, when explaining the difference between a management’s expert and an auditor’s
expert, reference is made to the fact that both of these experts can either be employed or engaged
by management or the auditor, as the case may be.

An auditor’s expert may be either an auditor’s internal expert, or an auditor’s external expert (ISA
620.6(a)). ISA 620 explains the difference between an auditor’s internal expert and auditor’s external
expert as follows:
• An auditor’s internal expert may be a partner or staff, including temporary staff, of the auditor’s
firm, and therefore subject to the quality control policies and procedures of that firm in accordance
with ISQC 1 or national requirements that are at least as demanding. Alternatively, an auditor’s
internal expert may also be a partner or staff, including temporary staff, of a network firm, which
may share common quality control policies and procedures with the auditor’s firm (ISA 620.A11).
• An auditor’s external expert is not a member of the engagement team and is not subject to quality
control policies and procedures in accordance with ISQC 1. In some jurisdictions, however, law
or regulation may require that an auditor’s external expert be treated as a member of the
engagement team, and may therefore be subject to relevant ethical requirements, including those
pertaining to independence, and other professional requirements, as determined by that law or
regulation (ISA 620.A12).

Although ISA 500 does not specifically address a management’s internal expert and a management’s
external expert, the application and other explanatory material indicates that the entity may employ or
engage experts in fields other than accounting or auditing to obtain the needed expertise to prepare
the financial statements (ISA 500.A45). Therefore, the reference to a management’s expert includes
both an internal expert and an external expert.

Examples of management’s internal experts include those employees that have been employed by
the entity for the expertise that they possess and such expertise is unrelated to accounting or auditing.
The management’s internal expert may have no involvement in the preparation of the financial
statements as such, but the work performed by these employees assist the entity in preparing the
financial statements. Examples of management’s internal experts include:

• Engineers or quantity surveyors in the employment of a construction entity who estimate the

Issued July 2017 Page | 25

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 contractual costs relating to construction contracts;
• Engineers in the employment of a mining entity who estimate the environmental liabilities and
other site clean-up costs; and
• Actuaries in the employment of an insurance company who estimate the value of liabilities that
are used in preparing the financial statements.

When experts such as those mentioned above are not employed by the entity, but rather engaged
from outside of the entity so that their work in the particular field can be used by the entity in preparing
the financial statements, they are management’s external experts.

Requirements when using the work of a management’s expert

When information to be used as audit evidence has been prepared using the work of a management’s
expert, the requirements in paragraph 8 of ISA 500 apply as follows:

The auditor shall, to the extent necessary, having regard to the significance of that expert’s work for
the auditor’s purposes:

(a) Evaluate the competence, capabilities and objectivity of that expert;

(b) Obtain an understanding of the work of that expert; and
(c) Evaluate the appropriateness of that expert’s work as audit evidence for the relevant assertion.

Paragraphs A45 to A59 of ISA 500 provide guidance on how to comply with the above-mentioned
requirements.

Specific considerations in relation to accounting estimates and related disclosures

ISA 540(Revised).13 requires the auditor to obtain an understanding of a number of matters related
to the entity’s accounting estimates when obtaining an understanding of the entity and its
environment, the applicable financial reporting framework and the entity’s system of internal control,
as required by ISA 315 (Revised 2019). With regard to obtaining an understanding of the entity’s
system of internal control, ISA 540(Revised).13(f) requires the auditor to obtain an understanding of
how management identifies the need for, and applies, specialised skills or knowledge related to
accounting estimates, including with respect to the use of a management’s expert. ISA
540(Revised).A31 indicates that the auditor may consider whether the circumstances, as set out in
paragraph A31, increase the likelihood that management needs to engage an expert.

ISA 540(Revised).30 states that when using the work of a management’s expert, the requirements in
paragraphs 21-29 of ISA 540(Revised) may assist the auditor in evaluating the appropriateness of the
expert’s work as audit evidence for a relevant assertion in accordance with paragraph 8(c) of ISA 500.
In evaluating the work of the management’s expert, the nature, timing and extent of the further audit
procedures are affected by the auditor’s evaluation of the expert’s competence, capabilities and
objectivity, the auditor’s understanding of the nature of the work performed by the expert, and the
auditor’s familiarity with the expert’s field of expertise.

ISA 540(Revised).A130 states that assumptions relating to accounting estimates that are made or
identified by a management’s expert become management’s assumptions when used by

Issued July 2017 Page | 26

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
management in making an accounting estimate. Accordingly, the auditor applies the relevant
requirements in ISA 540(Revised) to those assumptions.

ISA 540(Revised).A131 indicates that if the work of a management’s expert involves the use of
methods or sources of data relating to accounting estimates, or developing or providing findings or
conclusions relating to a point estimate or related disclosures for inclusion in the financial statements,
the requirements in paragraphs 21-29 of ISA 540(Revised) may assist the auditor in applying
paragraph 8(c) of ISA 500.

ISA 540(Revised).38 read with ISA 260(Revised).16(a) requires the auditor to communicate with
those charged with governance certain matters, including the auditor’s views about significant
qualitative aspects of the entity’s accounting practices, including accounting policies, accounting
estimates and financial statement disclosures. Appendix 2 to ISA 540(Revised) lists matters that the
auditor may consider communicating with those charged with governance with respect to the auditor’s
views about significant qualitative aspects of the entity’s accounting practices related to accounting
estimates and related disclosures. This includes:
• Whether management has applied appropriate specialised skills or knowledge or engaged
appropriate experts (ISA 540 (Revised), Appendix 2 paragraph (e)).
• Significant difficulties encountered when obtaining sufficient appropriate audit evidence
relating to data obtained from an external information source or valuations performed by
management or a management’s expert (ISA 540(Revised), Appendix 2 paragraph (r)).
• Significant differences in judgments between the auditor and management or a
management’s expert regarding valuations (ISA 540(Revised), Appendix 2 paragraph (s)).

ISA 540(Revised).37 requires the auditor to also consider the need to obtain representations about
specific accounting estimates, including in relation to the methods, assumptions or data used. ISA
540(Revised).A145 explains that written representations about specific accounting estimates may
include representations that appropriate specialised skills or expertise has been applied in making the
accounting estimates.

Requirements when using the work of an auditor’s expert

When the auditor uses the services of an auditor’s expert, irrespective of whether the expert is an
internal expert or an external expert, the auditor is required to apply ISA 620 in its entirety.

Some additional guidance to note includes the following:

• ISA 220.7(d) defines an engagement team as all partners and staff performing the engagement,
and any individuals engaged by the firm or a network firm who perform audit procedures on the
engagement. This excludes an auditor’s external expert engaged by the firm or a network firm.
Therefore, when an auditor’s external expert is used, he/she/the organisation does not form part
of the engagement team.
• Subject to any agreement to the contrary, the working papers of an external expert belong to the
external expert and do not form part of the audit documentation. The auditor may, in terms of an
agreement, have access to, and retention of these working papers (ISA 620.A29).
• When the auditor’s expert is a member of the engagement team, that expert’s working papers
form part of the audit documentation (ISA 620.A29).

Issued July 2017 Page | 27

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
Specific considerations in relation to accounting estimates and related disclosures

With respect to accounting estimates, ISA 540(Revised).15 requires the auditor to determine whether
the engagement team requires specialised skills or knowledge to perform the risk assessment
procedures (note that ISA 540(Revised)’s required risk assessment procedures relate to accounting
estimates and related disclosures), to identify and assess the risks of material misstatement, to design
and perform audit procedures to respond to those risks, or to evaluate the audit evidence obtained.
ISA 540(Revised).A61 contains examples of matters that may affect the auditor’s determination of
whether the engagement team requires specialised skills or knowledge. This paragraph further
indicates that the nature, timing and extent of the involvement of individuals with specialized skills and
knowledge may vary throughout the audit.

As indicated in ISA 540(Revised).A62, the auditor may not possess the specialized skills or knowledge
necessary when the matter involved is in a field other than accounting or auditing (for example,
valuation skills), and may need to use an auditor’s expert. ISA 540(Revised).A63 however
acknowledges that many accounting estimates do not require the application of specialised skills or
knowledge.

Documentation

Neither ISA 500 nor ISA 620 contain specific documentation requirements. The auditor has to refer
to the general documentation requirements in ISA 230. ISA 230.8 to 11 are of particular importance
to management’s experts and auditor’s experts.

The documentation must be sufficient to enable an experienced auditor, having no previous

connection with the audit, to understand:

(a) The nature, timing and extent of audit procedures performed to comply with the ISAs and
applicable legal and regulatory requirements;
(b) The results of the audit procedures performed and the audit evidence obtained; and
(c) Significant matters arising during the audit, the conclusions reached thereon, and significant
professional judgements made in reaching those conclusions.

The auditor shall document discussions of significant matters with management and those charged
with governance, and others (this includes discussions with experts), including the nature of the
significant matters discussed and when and with whom the discussions took place (ISA 230.10).

If the auditor identified information that is inconsistent with the auditor’s final conclusions regarding a
significant matter, the auditor shall document how the auditor addressed the inconsistency (ISA
230.11).

Specific considerations in relation to accounting estimates and related disclosures

With regard to auditing accounting estimates and related disclosures, ISA 540 (Revised).39 contains
specific documentation requirements, which includes a requirement on the auditor to include in the
audit documentation key elements of the auditor’s understanding of the entity and its environment,

Issued July 2017 Page | 28

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
including the entity’s internal control related to the entity’s accounting estimates (ISA
540(Revised).39(a)).

ISA 540(Revised).A151 states that the auditor may also consider documenting: When the selection
and application of methods, significant assumptions, or the data is affected by complexity to a higher
degree, the auditor’s judgements in determining whether specialised skills or knowledge are required
to perform the risk assessment procedures responsive to those risks, or to evaluate the audit evidence
obtained. In these circumstances, the documentation also may include how the required skills or
knowledge were applied.

Expertise in the field of accounting or auditing

When expertise in the field of accounting or auditing is involved, the auditor’s considerations are not
around experts as defined and described in the previous sections, but rather on consultation as
addressed in ISQC 1 (paragraphs 34 and A36-A40) and ISA 220 (paragraphs 18 and A22-A23).

The engagement partner has to ensure that the engagement team consulted on difficult or contentious
matters in terms of the firm’s ISQC 1 policies and procedures regarding Engagement Performance –
Consultation. In terms of ISA 220.18 the engagement partner shall:

(a) Take responsibility for the engagement team undertaking appropriate consultation on difficult or
contentious matters;
(b) Be satisfied that members of the engagement team have undertaken appropriate consultation
during the course of the engagement, both within the engagement team and between the
engagement team and others at the appropriate level within or outside the firm;
(c) Be satisfied that the nature and scope of, and conclusions resulting from, such consultations are
agreed with the party consulted; and
(d) Determine that the conclusions resulting from the consultation have been implemented.

ISQC1.43 requires the firm to establish policies and procedures for dealing with and resolving
differences of opinion within the engagement team, with those consulted and, where applicable,
between the engagement partner and the engagement quality control reviewer. Such policies and
procedures are required by ISQC 1.44 to require that conclusions reached be documented and
implemented and the report not be dated until the matter is resolved.

Specific considerations in relation to accounting estimates and related disclosures

With respect to accounting estimates, ISA 540(Revised).15 requires the auditor to determine whether
the engagement team requires specialised skills or knowledge to perform the risk assessment
procedures (note that ISA 540(Revised)’s required risk assessment procedures relate to accounting
estimates and related disclosures), to identify and assess the risks of material misstatement, to design
and perform audit procedures to respond to those risks, or to evaluate the audit evidence obtained.
ISA 540(Revised).A61 contains examples of matters that may affect the auditor’s determination of
whether the engagement team requires specialised skills or knowledge. This paragraph further
indicates that the nature, timing and extent of the involvement of individuals with specialised skills and
knowledge may vary throughout the audit. ISA 540(Revised).A63 however acknowledges that many
accounting estimates do not require the application of specialised skills or knowledge.

Issued July 2017 Page | 29

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
Interaction between information obtained from an external information source and from a
management’s – or auditor’s expert

ISA 500.7 states that when designing and performing audit procedures, the auditor shall consider the
relevance and reliability of the information to be used as audit evidence, including information obtained
from an external information source. The application material in ISA 500.A39 – A44 explain how the
requirement of ISA 500.7, as it relates to external information source, may be complied with.

ISA 500.5(d) defines “external information source” as an external individual or organisation that
provides information that has been used by the entity in preparing the financial statements, or that has
been obtained by the auditor as audit evidence, when such information is suitable for use by a broad
range of users. When information has been provided by an individual or organisation acting in the
capacity of a management’s expert, service organisation, or auditor’s expert the individual or
organisation is not considered an external information source with respect to that particular information.

ISA 500.A1 provides the following examples of information that may be obtained from external
information sources:
• Prices and pricing related data;
• Macro-economic data, such as historical and forecast unemployment rates and economic
growth rates, or census data;
• Credit history data;
• Industry specific data, such as an index of reclamation costs for certain extractive industries,
or viewership information or ratings used to determine advertising revenue in the
entertainment industry; and
• Mortality tables used to determine liabilities in the life insurance and pension sectors.

ISA 500.A3 explains that an external individual or organisation cannot, in respect of any particular set
of information, be both an external information source and a management’s expert, or service
organisation or auditor’s expert.

ISA 500.A4 however explains that an external individual or organisation may, for example, be acting
as a management’s expert when providing a particular set of information, but may be acting as an
external information source when providing a different set of information. In some circumstances,
professional judgement may be needed to determine whether an external individual or organisation is
acting as an external information source or as a management’s expert with respect to a particular set
of information. In other circumstances, the distinction may be clear. ISA 500.A4 provides a number of
examples to illustrate this point. One such an example is the following:
• An external individual or organisation may be providing information about real estate prices that
is suitable for use by a broad range of users, for example, information made generally available
pertaining to a geographical region, and be determined to be an external information source
with respect to that set of information. The same external organisation may also be acting as a
management’s or auditor’s expert in providing commissioned valuations, with respect to the
entity’s real estate portfolio specifically tailored for the entity’s facts and circumstances.

Issued July 2017 Page | 30

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
Conclusion

An expert in the context of a management’s expert and auditor’s expert relate to expertise in a field
other than accounting or auditing. Such fields of expertise may, for example, relate to actuarial,
valuation, mining, engineering, laws and regulations, tax compliance etc. matters.

A management’s expert’s work is used by the entity to assist the entity in preparing the financial
statements. An auditor’s expert’s work is used by the auditor to assist the auditor in obtaining sufficient
appropriate audit evidence.

If an expert in accounting and auditing is used in a particular engagement, the requirements in ISA
500 and ISA 620 in respect of management’s experts and auditor’s experts, respectively, are not
applicable. The firm’s ISQC 1 policies and procedures regarding Engagement Performance –
Consulting and ISA 220.18 regarding Consultation are applicable in respect of difficult or contentious
matters.

The auditor is required to comply with ISA 500.8, and need to consider the guidance in paragraphs
ISA 500.A45-A59, when management used a management’s expert to assist the entity in preparing
the financial statements and the auditor intends to use the work of the management’s expert to
contribute to sufficient appropriate audit evidence in the circumstances. ISA 620 in its entirety is
applicable when the auditor decides to use the work of an auditor’s expert in obtaining sufficient
appropriate audit evidence in the circumstances.

ISA 540(Revised) deals with the auditor’s responsibilities relating to accounting estimates and related
disclosures and expands on how other relevant ISAs are to be applied in relation to accounting
estimates and related disclosures. This Standard includes specific requirements regarding the use of
a management’s expert and a consideration of the engagement team’s need for specialised skills or
knowledge, which may indicate a need for the audit team to use an auditor’s expert.

Auditors should be cognisant of the source of information to be used as audit evidence. ISA 500
contains specific requirements regarding information to be used as evidence which has been:
• obtained from an external information source;
• prepared using the work of a management’s expert; and
• produced by the entity (refer to FAQ 11 in this document).

The documentation requirements in ISA 230 and ISA 540(Revised) are applicable and auditors should
ensure that their considerations regarding experts are sufficiently and appropriately documented in
the audit file.

Issued October 2018

Updated December 2021

Issued July 2017 Page | 31

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
8. Using the work of other auditors
What is “another auditor” or “other auditors” and what is required of the auditor when using the
work of another auditor or other auditors in an audit engagement?

Further context to the problem / challenge / uncertainty

There is uncertainty about what “another auditor” or “other auditors” mean and what is required of the
auditor when using their work in an audit engagement. The meaning of another auditor or other auditor
further serves to clarify the uncertainties about whether the auditor is using the work of an auditor’s
expert or “another auditor”/ “other auditors”. Refer to FAQ 7 which addresses the former in more
detail. Such uncertainty could result in the non-application or the application of requirements of the
incorrect ISAs, which could result in deficiencies in audit documentation or a lack of sufficient
appropriate audit evidence to support the auditor’s opinion on the financial statements.

Specific references in the ISAs

The auditor has to comply with all ISAs relevant to the audit, including all relevant requirements read
together with the related application material. The following specific references are relevant in
considering the specific question presented here (but are not intended to be exhaustive):

• ISA 402, Para. 8(d), A19

• ISA 600, Para. 2, 9(b)

Application of the requirements of the ISAs

The terms “another auditor” or “other auditors” are not defined in the ISAs, but are used in a number
of instances throughout the ISAs, as follows:

Another auditor:
• ISA 402.12(d); 15 (b); 16(c); A11; A15; A19; A26(b); A27; A28; A30; A32; A37;
• ISA 501.A16;
• ISA 510, Appendix: Illustrations of Auditor’s Reports with Modified Opinions, Illustration 1 and 2,
Other matter paragraph;
• ISA 600.2;
• ISA 706 (Revised). Appendix 3: Illustration of an Independent Auditor’s Report that Includes a Key
Audit Matters Section, an Emphasis of Matter Paragraph, and an Other Matter Paragraph, Other
matter paragraph;
• ISA 710. Appendix: Illustrations of Independent Auditors’ Reports, Illustration 3, Other matter
paragraph; and
• ISA 810 (Revised). 24.

Issued July 2017 Page | 32

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
Other auditors:
• ISA 210.A26;
• ISA 240. 8a (b), A5a;
• ISA 250 (Revised).9(b); A8; A26
• ISA 300.A8; Appendix: Considerations in Establishing the Overall Audit Strategy,
Characteristics of the Engagement;
• ISA 501.A3;
• ISA 600.2;
• ISA 620.A15; and
• ISA 810 (Revised). A24.

There is no specific ISA that applies to the scenario where the auditor uses the work of another auditor
or other auditors. Instead, the following terms are defined and referred to in the ISAs and if the auditor
uses these practitioners to perform work on his/ her behalf or uses the work they have already
performed, the requirements and guidance of the ISA concerned have to be applied.

• ISA 402.8(d) “service auditor” – An auditor who, at the request of the service organisation,
provides an assurance report on the controls of a service organisation.
• ISA 600.9(b) “component auditor” – An auditor who, at the request of the group engagement team,
performs work on financial information related to a component for the group audit.
• Defined in the Glossary of Terms and used in ISA 610 “internal auditors” – Those individuals who
perform the activities of the internal audit function. Internal auditors may belong to an internal audit
department or equivalent function.

ISA 402.A19 and ISA 600.2 state that ISA 600 could be useful when the auditor uses other auditors
and under these circumstances the requirements of the standard (ISA 600) would have to be
appropriately adapted.

Although ISA 600 includes requirements that address using the work of component auditors in audits
of group financial statements, the principles contained in the following paragraphs, adapted as
necessary in the circumstances, may be relevant in providing the auditor with guidance on additional
procedures that can be performed in ensuring that sufficient appropriate audit evidence is obtained
when using the work of another auditor or other auditors in other instances:

• ISA 600.19 - 20, Understanding the Component Auditor;

• ISA 600. 24, Responding to Assessed Risk
• ISA 600.40; 41, Communication with the Component Auditor;
• ISA 600.44; 45, Evaluating the Sufficiency and Appropriateness of Audit Evidence Obtained; and
• ISA 600.50, Documentation.

Conclusion

The requirements of ISA 600 may be adapted as necessary when the work of another auditor or other
auditors is used. Although there is no specific ISA that applies to the scenario where the auditor uses

Issued July 2017 Page | 33

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
the work of another auditor or other auditors, it is prudent for the auditor to perform additional
procedures as he/she considers necessary and appropriate in the interest of ensuring that sufficient
appropriate audit evidence has been obtained. The nature, timing and extent of such procedures will
involve the application of the auditor’s professional judgement, taking into account the specific client
and engagement circumstances.

The documentation requirements in ISA 230 are applicable and auditors should ensure that their
considerations regarding the work of another auditor or other auditors are sufficiently and
appropriately documented in the audit file.

Issued October 2018

Issued July 2017 Page | 34

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
9. ISA 450, Evaluation of misstatements identified during the audit

(a) Evaluation of misstatements that are individually material

The ISAs require the auditor to determine whether uncorrected misstatements are
material, individually or in aggregate. At what point does the auditor assess whether an
uncorrected misstatement is individually material, and at what point is it appropriate for
the auditor to consider the aggregate effect of uncorrected misstatements?
(b) Level of aggregation in assessing uncorrected misstatements
In assessing whether uncorrected misstatements are material in aggregate in relation to
particular classes of transactions, account balances or disclosures and the financial
statements as a whole, at what level is the auditor required to aggregate individual
uncorrected misstatements?

Further context to the problem / challenge / uncertainty

There is uncertainty about the point at which the auditor considers and evaluates the aggregate effect
of individual uncorrected misstatements. In accordance with the requirements of ISA 450.5, the
auditor accumulates all misstatements identified during the course of the audit, other than those that
are clearly trivial. Does the auditor consider both the individual uncorrected misstatements and the
aggregated effect of misstatements at the same time; or are individual uncorrected misstatements
evaluated and assessed first, and if they are neither quantitatively or qualitatively material, then
aggregate the misstatements that are individually not material to determine whether they are material
in aggregate?

There is further uncertainty about the level/(s) at which misstatements are required to be aggregated
in determining whether uncorrected misstatements are material. Does the auditor aggregate
misstatements for:

• Classes of transactions, account balances or disclosures as summarised and aggregated on the

lead sheets in the audit file;
• Individual line items as presented on the face of a statement as part of the complete set of financial
statements, such as property, plant and equipment, trade and other receivables and inventory on
the face of the statement of financial position;
• Sub-classifications of line items presented in the individual statements or in the notes to the
financial statements, such as classes of property, plant and equipment, disaggregation of trade
and other receivables and disaggregation of inventories; or
• Asset, liability or equity categories classified as either non-current or current, as applicable and
presented on the face of the statement of financial position; various totals as presented on the
face of the statement of profit or loss and other comprehensive income; as well as cash flows from
operating activities, cash flows from investing activities and cash flows from financing activities as
presented on the face of the statement of cash flows?

Issued July 2017 Page | 35

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
The level of aggregation is dependent on the requirements of the applicable financial reporting
framework (e.g. IFRS or the IFRS for SMEs) which determine how line items/financial statement items
are to be categorised or grouped to present certain totals in the individual statements or in the notes
to the financial statements.

In considering the above, it is important to understand the process to be followed by the auditor in the
evaluation and assessment of uncorrected misstatements, recognising that this could be done in
different ways depending on preferred audit techniques or methodologies. The evaluation and
assessment will be appropriate if it satisfies the relevant requirements of the ISAs.

It is important to note that the auditor is also required to consider the effect of uncorrected
misstatements related to prior periods on the relevant classes of transactions, account balances or
disclosures, and the financial statements as a whole (ISA 450.11(b)).

Specific references in the ISAs

The auditor has to comply with all ISAs relevant to the audit, including relevant requirements read
together with the related application material. The following specific references are relevant in
considering the specific questions presented here (but not intended to be exhaustive):

• ISA 240, Para 35

• ISA 450, Para 4; 8; 11 - 15; A16 - A22
• ISA 700 (Revised), Para 10, 11(b), 12

Application of the requirements of the ISAs

In forming an opinion on whether the financial statements are prepared, in all material respects, in
accordance with the applicable financial reporting framework (ISA 700 (Revised).10), the auditor is
required to conclude as to whether reasonable assurance has been obtained about whether the
financial statements as a whole are free from material misstatement, whether due to fraud or error.
This conclusion shall take into account inter-alia, the auditor’s conclusion in accordance with ISA 450,
whether uncorrected misstatements are material, individually or in aggregate (ISA 700
(Revised).11(b)).

In evaluating whether the financial statements are prepared, in all material respects, in accordance
with the requirements of the applicable financial reporting framework, the auditor must include
consideration of the qualitative aspects of the entity’s accounting practices (ISA 700 (Revised). 12).

ISA 450 requires the auditor to determine whether uncorrected misstatements are material,
individually or in aggregate. In making this determination, the auditor shall consider the size (i.e.
quantitative effect) and nature (i.e. qualitative effect) of misstatements, both in relation to particular
classes of transactions, account balances or disclosures and the financial statements as whole, and
the particular circumstances of their occurrence (ISA 450.11 (a)).

ISA 450 defines a misstatement as “A difference between the amount, classification, presentation or
disclosure of a reported financial statement item and the amount, classification, presentation, or

Issued July 2017 Page | 36

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
disclosure that is required for the item to be in accordance with the applicable financial reporting
framework” (ISA 450.4(a)) (emphasis added).

ISA 450 defines uncorrected misstatements as “Misstatements that the auditor has accumulated
during the audit and that have not been corrected”. (ISA 450.4(b))

Accumulation of misstatements during the audit

During the audit, the auditor accumulates individually identified misstatements relevant to each
financial statement item, other than those that are clearly trivial, as required by ISA 450.5. The term
“financial statement item” is similar to “line item/(s)” and “classes of transactions, account balances
and disclosures”. Refer to FAQ 3, Substantive procedures for each material class of transaction,
account balance and disclosure (i.e. for each material financial statement item) where these terms
are discussed. The conclusion includes that “Classes of transactions, account balances and
disclosures” are interpreted as the line items making up, or the individual financial statement items
presented in the separate statements and in the notes in a complete set of financial statements.

In the course of an audit, misstatements could be identified as a result of performing the planned or
additional audit procedures as part of the auditor’s response to the assessed risks of material
misstatement at the assertion level for individual financial statement items. The results of such audit
procedures enable the auditor to determine the total identified misstatement in a particular financial
statement item, for example the total by which the item trade payables, as presented in the disclosure
note, Trade and other payables, is misstated.

If the total identified misstatement equals or is less than the clearly trivial threshold, no further action
is required. If the clearly trivial threshold is exceeded, the total identified misstatement relating to a
particular financial statement item and its components (i.e. on or more misstatements), representative
of its size and nature (cause and circumstances) are documented (ISA 450.5, 15(b)). The auditor
must then report all misstatements accumulated during the audit to the appropriate level of
management, and request management to make adjustments to correct those misstatements (ISA
450.8). The correction process does not form part of this FAQ.

After the process of reporting identified misstatements to management and requesting these to be
corrected, the auditor would ordinarily prepare a summary of uncorrected misstatements in order to
separate corrected misstatements from uncorrected misstatements and to determine whether the
effect of uncorrected misstatements are material individually or in aggregate.

When individual uncorrected misstatements are transferred to the summary of uncorrected

misstatements, it is common practice to indicate the rand value of the individual misstatements in
terms of their debit effect and credit effect on the groups or categories in the financial statements
representing the totals of various line items or financial statement items that are required to be
presented in the separate statements in accordance with the requirements of the applicable financial
reporting framework. An illustration of such groups or categories is provided under subheading
b., below.

The ISAs are not prescriptive in terms of how the auditor operationalises the requirements of ISA 450
regarding the accumulation of identified individual misstatements and the evaluation of uncorrected

Issued July 2017 Page | 37

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
misstatements, for example, by way of using a summary of uncorrected misstatements and its form
and content. This is a matter that each firm deals with in their audit methodology, which must comply
with the requirements of ISA 450. The important principle is to ensure that the effect of uncorrected
misstatements is considered at the appropriate levels in accordance with the requirements of the
applicable financial reporting framework relating to various line items and groups of line items
presented in the separate statements and as disclosed in the notes to the financial statements.
Furthermore, the auditor must comply with the specific documentation requirements contained in ISA
450.15.

Other disclosures, including qualitative disclosures will not have a debit and credit effect and can
therefore not be aggregated in assessing whether misstatements of this nature are quantitatively
material. Each qualitative misstatement must therefore be assessed individually. Such individual
misstatements must, however, also be considered in aggregate (the impact on the financial
statements as a whole) by the auditor in assessing whether they result in a misstatement that is
qualitatively material. For example, depending on the misstatements identified in disclosures, the
auditor may consider whether identified errors are persistent or pervasive, or whether a number of
identified misstatements are relevant to the same matter and considered collectively may affect users’
understanding of that matter (ISA 450.A18) (extract).

e. Evaluation of misstatements that are individually material

Once the auditor has transferred all uncorrected misstatements to the summary of uncorrected
misstatements, these uncorrected misstatements are evaluated to determine whether they are
individually material. Prior to evaluating the effect of uncorrected misstatements, the auditor is
required to reassess materiality to confirm whether it remains appropriate (ISA 450.10); effectively
determining final materiality.

The auditor then evaluates whether the uncorrected misstatements in relation to a particular class of
transactions, account balance or disclosure is material or not (ISA 450.11(a)), thereby concluding on
whether each individual financial statement item is free from material misstatement. For example,
Trade payables is an individual line item that is disclosed in the note “Trade and other payables” to
the financial statements; therefore, the auditor is considering whether any related uncorrected
misstatements have a material effect on the individual line item, Trade payables (the net effect of
relevant misstatements in Trade payables).

The auditor should also take cognisance of the following application material in ISA 450.A19 in relation
to the off-setting of misstatements: “If an individual misstatement is judged to be material, it is unlikely
that it can be offset by other misstatements. For example, if revenue is materially misstated, the
financial statements as whole will be materially misstated even if the effect of the misstatement on
earnings is completely offset by an equivalent misstatement of expenses. It may be appropriate to
offset misstatements within the same account balance or class of transactions; however, the risk that
further undetected misstatements may exist is considered before concluding that offsetting even
immaterial misstatements is appropriate”.

Line items or individual financial statement items may be found in the separate statements that make
up the financial statements as well as in the notes that form an integral part of the financial statements.
In terms of the auditor evaluating identified individual misstatements, it would be appropriate for the

Issued July 2017 Page | 38

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
auditor to accumulate misstatements in the various line items and groups of line items that are
required by the applicable financial reporting framework to be presented in the separate statements
and disclosed in the notes to the financial statements.

Illustration of line items / financial statement items

• Line items presented in the separate statements

Statement of financial position

o Property, plant and equipment
o Inventory
o Trade and other receivables
o Bank and cash
o Trade and other payables
o Ordinary share capital
o Retained earnings

Statement of profit or loss and other comprehensive income

o Revenue
o Cost of sales
o Depreciation and amortisation
o Finance income
o Finance costs

Statement of cash flows

o Cash generated by operations
o Changes in working capital
o Property, plant and equipment - Additions to maintain operations
o Decrease in long term loans payable

• Line items disclosed in the notes to the financial statements

In the notes to the Statement of financial position

o Classes of property, plant and equipment
o Disaggregation of inventories
o Disaggregation of trade and other receivables
o Disaggregation of trade and other payables

In the notes to the Statement of profit or loss and other comprehensive income
o Disaggregation of revenue
o Disaggregation of cost of sales
o Disaggregation of finance income or finance costs
o Individual disclosable items included as part of Results from Operating activities

For the quantitative evaluation, the auditor compares the rand value of each uncorrected
misstatement with the relevant materiality figure.

Issued July 2017 Page | 39

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
• If a specific materiality figure has been determined for the particular financial statement item, that
materiality figure must be used (ISA 450.A16). Otherwise, the overall materiality figure is used.

• If the misstatement exceeds the relevant materiality figure, the misstatement is individually
quantitatively material.

There is an exception in this regard, namely in the case of classification misstatements. This
involves the evaluation of qualitative considerations, such as the effect of the classification
misstatement on covenants, the effect on individual line items or sub-totals, or the effect on key
ratios. There may be circumstances where the auditor concludes that a classification
misstatement is not material in the context of the financial statements as a whole, even though it
may exceed the materiality level or levels applied in evaluating other misstatements. For example,
a misclassification between balance sheet line items may not be considered material in the context
of the financial statements as whole when the amount of the misclassification is small in relation
to the size of the related balance sheet line items and the misclassification does not affect the
income statement or any key ratios (ISA 450.A20).

This evaluation should be supported by the auditors understanding of the entity and the risk
assessment performed during the planning and performance of the audit. The exercise of
professional scepticism, professional judgement and any other relevant considerations must be
clearly documented to enable an experienced auditor to understand these considerations made
in reaching the conclusion. The auditor should therefore exercise caution in evaluating and
assessing whether a classification misstatement is material or not.

• If the misstatement does not exceed the relevant materiality figure, the misstatement is not
quantitatively material, however the auditor would continue to consider whether the misstatement
is qualitatively material.

For purposes of evaluating whether uncorrected misstatements are qualitatively material, ISA 450
provides guidance on a number of matters and factors that may be relevant in the circumstances, as
indicated below. It would be prudent to incorporate these into a firm’s audit methodology and working
papers in order to ensure that audit teams give due consideration not only to the quantitative effect of
uncorrected misstatements, but also whether they may be qualitatively material.

• When considering the implications of uncorrected misstatements in classes of transactions,

account balances and disclosures, the auditor exercises professional scepticism in accordance
with ISA 200 (ISA 450.A22).

• Each individual misstatement of a qualitative disclosure is considered to evaluate its effect on the
relevant disclosure(s), as well as its overall effect on the financial statements as a whole. The
determination of whether a misstatement(s) in a qualitative disclosure is material, in the context
of the applicable financial reporting framework and the specific circumstances of the entity, is a
matter that involves the exercise of professional judgement (ISA 450.A17). Paragraph A17 of ISA
450 contains examples of where such misstatements may be material.

Issued July 2017 Page | 40

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
• In determining whether uncorrected misstatements are qualitatively material, consideration is
given to the individual misstatement or when taken in combination with other misstatements. For
example the auditor may consider whether identified errors are persistent or pervasive, or a
number of identified misstatements are relevant to the same matter and in considering these
collectively, may affect the users’ understanding of that matter (ISA 450.A18).
• Furthermore, the circumstances related to some uncorrected misstatements may cause the
auditor to evaluate these as material even if they are lower than the materiality for the financial
statements as a whole (ISA 450.A21). Paragraph A21 of ISA 450 includes a list of circumstances
that may affect the evaluation.

• ISA 240, paragraph 35 explains that when there is an indication that a misstatement may be as
a result of fraud, the auditor shall evaluate the implications of the misstatement in relation to other
aspects of the audit, even if the size of the misstatement is not material in relation to the financial
statements (ISA 450.A22).

Once the auditor is satisfied that each individual uncorrected misstatement is neither quantitatively or
qualitatively material, the auditor can commence with the process of evaluating and assessing
whether they are material in aggregate.

f. Level of aggregation in assessing uncorrected misstatements

The auditor considers whether individual uncorrected misstatements are material in aggregate, both
quantitatively and qualitatively.

From a quantitative perspective, aggregation refers to determining the cumulative quantitative effect
of the uncorrected misstatements on the totals of different groups or categories of line items or
financial statement items as presented and disclosed in the financial statements. The information
needs of the users are paramount in assessing whether the financial statements present fairly, in all
material respects. The manner in which information is collated, summarised and presented is a key
consideration in assessing whether the financial statements as a whole “present fairly, in all material
respects” in that the financial statements is the means used to present information to the users and
these encapsulate certain messages that are conveyed, such as relationships between items, trends
and totals used for calculating ratios.

The requirements of the applicable financial reporting framework determines which individual items
need to be presented and disclosed in the separate statements and in the notes, as well as how these
are to be categorised or grouped in order to present certain totals in the financial statements.
Therefore, uncorrected misstatements that have been evaluated and assessed as being individually
not material quantitatively and qualitatively are aggregated and further assessed.

Illustration of groups or categories of line items / financial statement items which represent the levels
for aggregation of uncorrected misstatements (i.e. considering the aggregate effect)

Statement of financial position

• Current assets
• Non-current assets

Issued July 2017 Page | 41

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
• Total assets
• Current liabilities
• Non-current liabilities
• Total liabilities
• Equity

Statement of profit or loss and other comprehensive income

• Gross profit
• Total income (if applicable)
• Total expenses (if applicable)
• Results from operating activities
• Profit or loss for the year
• Other comprehensive income for the year
• Total comprehensive income for the year

Statement of cash flows

• Cash flows from operating activities
• Cash flows from investing activities
• Cash flows from financing activities

When determining the aggregate effect of individual uncorrected misstatements that are not material,
these are offset in determining the net effect on the total of a particular group or category (such as
those indicated above). This offsetting must not be confused with offsetting in evaluating and
assessing individual uncorrected misstatements where ISA 450 paragraph A19 is of relevance. This
is addressed under subsection a. above.

If the net effect of misstatements in relation to any of the above-mentioned totals (groups or
categories) exceed the overall materiality figure, the aggregate effect of those misstatements is
quantitatively material and, therefore, material to the financial statements as a whole. For example, if
Accounts Receivable is overstated by an amount that is individually not material and Inventory is
overstated by an amount that is individually not material and the total of these two overstatements are
quantitatively material, then Current assets will be materially misstated. If however the total was not
quantitatively material and Property Plant and Equipment was also overstated by an amount thatis
individually not material, the auditor would consider the total of these three overstatements. If the total
of these three amounts are quantitatively material, then Total assets would be materially misstated.

If the aggregate effect does not exceed the overall materiality figure, the misstatements are not
quantitatively material, but in line with the assessment of individual identified misstatements (refer to
subsection a. above), the auditor continues to evaluate relevant qualitative factors to make a final
determination on whether the uncorrected misstatements are material.

ISA 240, paragraph 35 requires the auditor to evaluate whether identified misstatements are indicative
of fraud. If there is such an indication, the auditor shall evaluate the implications of the misstatement
in relation to other aspects of the audit, particularly the reliability of management representations,
recognising that an instance of fraud is unlikely to be an isolated occurrence.

Issued July 2017 Page | 42

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
Conclusion

Only once the auditor is satisfied that each individual uncorrected misstatement is neither
quantitatively or qualitatively material, can the auditor commence with the evaluation and assessment
of the aggregate effect of uncorrected misstatements.

Although the auditor first evaluates individual misstatements, there is a level of accumulation of
identified misstatements that takes place for items that are required by the applicable financial
reporting framework to be presented in the separate statements and disclosed in the notes to the
financial statements, as follows, in order to determine whether each such individual item is free from
material misstatement:

• Individual line items as presented on the face of a statement as part of the complete set of financial
statements, such as property, plant and equipment, trade and other receivables and inventory on
the face of the statement of financial position; and
• Sub-classifications of line items presented in the individual statements or in the notes to the
financial statements, such as classes of property, plant and equipment, disaggregation of trade
and receivables and disaggregation of inventories.

The process involved and relevant considerations are discussed in subsection a. of this FAQ.

There are various levels in the aggregation process where the net effect of individual uncorrected
misstatements that are not material are considered. This is dependent on the requirements of the
applicable financial reporting framework which determine how line items/financial statement items are
to be categorised or grouped to present certain totals in the financial statements. Such totals represent
the levels of aggregation to be applied.

The process involved and relevant considerations are discussed in subsection b. of this FAQ.

Uncorrected misstatements at individual and aggregate level are evaluated against quantitative and
qualitative materiality determined in accordance with ISA 320 (ISA 450.10).

The auditor is reminded about the responsibility to communicate with those charged with governance
uncorrected misstatements and the effect that they, individually or in aggregate, may have on the
opinion in the auditor’s report (ISA 450.12). Such communication shall include the effects of
uncorrected misstatements related to prior periods (ISA 450.13).

The auditor is further reminded about the responsibly to obtain written representation from
management, and where appropriate those charged with governance indicating whether they believe
that the effects of uncorrected misstatements are immaterial, individually and in aggregate to the
financial statements as a whole. A summary of such items must be included or attached to the written
representation (ISA 450.14).

Auditors should ensure that their evaluation of misstatements for an audit engagement is sufficiently
and appropriately documented in the audit file, taking cognisance of the specific documentation
requirements in ISA 450, paragraph 15. In particular, the audit documentation is required to include

Issued July 2017 Page | 43

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
the auditor’s conclusion as to whether uncorrected misstatements are material, individually or in
aggregate, and the basis for that conclusion.

Issued October 2018

Issued July 2017 Page | 44

Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 10. The auditor’s consideration of the relevance of information to be used as audit
evidence: Testing the completeness assertion from an appropriate source
With information systems relevant to financial reporting evolving, questions are being raised
around whether the use of system-generated information (accounting system, financial
reporting system or related sub system) is an appropriate source that will result in relevant
information to be used as audit evidence in performing tests of details for understatement of a
particular class of transactions, account balance or disclosure, in response to the identified risks
of material misstatement (RoMM) relating to the completeness assertion?

Further context to the problem / challenge / uncertainty

Testing for understatement of a particular class of transaction, account balance or disclosure and the
identification of a source that is appropriate continues to be a challenging area for the auditor. The
challenges in this area are further exacerbated by continuous changes in the environment in which
an audit is performed. Over the years, information systems have evolved from manual processes to,
in many instances, fully automated processes, resulting in manual sources of information becoming
redundant. The auditor is therefore challenged when identifying an appropriate source that will result
in relevant information used to test for understatement in response to the identified RoMM.

An example of a deficiency identified through regulatory inspections and monitoring activities in

relation to this challenge is that there is no documented audit evidence in the audit file to verify the
appropriateness of the system-generated source from which a sample was selected and used for the
purposes of testing for understatement (for example, revenue).

Specific references in the ISAs7

The auditor has to comply with all ISAs relevant to the audit, including all relevant requirements read
together with the related application material. The following specific references are relevant in
considering the specific question presented here (but are not intended to be exhaustive):

• Preface to the International Quality Control, Auditing, Review, Other Assurance, and Related
Services Pronouncements (Preface to the International Standards), Para. 17
• Glossary of Terms - Information system relevant to financial reporting
• ISA 200, Para. 16
• ISA 230, Para. 8
• ISA 315 (Revised 2019), Para. 25, A94, A190 (a)(ii) and (b)(iii) and Appendix 5
• ISA 330, Para. 5, 6 and A45
• ISA 500, Para. 7, and A31

7 This FAQ reflects references in the 2020 edition of the International Auditing and Assurance Standards Board’s
Handbook of International Quality Control, Auditing, Review, Other Assurance, and Related Services
Pronouncements. This FAQ also contains references to ISA 315 (Revised 2019) Identifying and Assessing the
Risks of Material Misstatement and includes the conforming and consequential amendments to other
International Standards as a result of the approval of ISA 315 (Revised 2019). Conforming and consequential
amendments are shown with marked changes from the latest approved versions of the ISAs that are amended.
Issued July 2017 Page | 45
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 Application of the requirements of the ISAs

The Glossary of Terms defines an information system relevant to financial reporting as a component
of internal control that includes the financial reporting system, and consists of the procedures and
records established to initiate, record, process and report entity transactions (as well as events and
conditions) and to maintain accountability for the related assets, liabilities and equity.

Information systems may comprise a number of different yet integrated elements that provide for
reporting on various matters. This may, for example include a module relating to the management of
inventory that is linked to the inventory and payables general ledger, as well as the revenue and
receivables general ledger. Although any information generated from such a module is system
generated, this may relate to the initiation of the transaction, account balance or disclosure.

ISA 315 (Revised 2019).A94 explains that the overall objective and scope of an audit does not differ
whether an entity operates in a mainly manual environment, a completely automated environment, or
an environment involving some combination of manual and automated elements (i.e., manual and
automated controls and other resources used in the entity’s system of internal control).

ISA 500.7 states that when designing and performing audit procedures, the auditor shall consider the
relevance and reliability of the information to be used as audit evidence, including information obtained
from an external information source. The focus of this FAQ is on the relevance of information to be
used as audit evidence, in that, if the auditor does not identify an appropriate source for testing the
completeness assertion, the audit procedure may not give rise to relevant information to be used as
audit evidence.

The ISAs remain principles based and therefore do not dictate what an appropriate source is. In
accordance with paragraph 17 of the Preface to the International Standards, as well as ISA 200.16, the
auditor is required to exercise their professional judgement in identifying an appropriate source, which
will give rise to relevant information to be used as audit evidence in testing for understatement.

The auditor is reminded of the documentation requirements contained in ISA 230.8 which states that
the auditor shall prepare audit documentation that is sufficient to enable an experienced auditor,
having no previous connection with the audit, to understand:

(a) The nature, timing and extent of the audit procedures performed to comply with the ISAs and
applicable legal and regulatory requirements;
(b) The results of the audit procedures performed, and the audit evidence obtained; and
(c) Significant matters arising during the audit, the conclusions reached thereon, and
significantprofessional judgments made in reaching those conclusions.

Direction of testing

ISA 500.A31 specifically expands on the relevance of information to be used as audit evidence and
indicates that relevance deals with the logical connection with, or bearing upon, the purpose of the
audit procedure and, when appropriate, the assertion under consideration and that the relevance of
Page | 46
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 information to be used as audit evidence may be affected by the direction of testing. The application
material uses the example of testing accounts payable and states that when testing for
understatement, testing the recorded amounts would not be relevant but testing information such as
subsequent disbursements, unpaid invoices, supplier’s statements and unmatched receiving reports
may be relevant.

The completeness assertion is described as: all transactions and events that should have been
recorded have been recorded, and all related disclosures that should have been included in the
financial statements have been included; and all assets, liabilities and equity interests that should have
been recorded have been recorded, and all related disclosures that should have been included in the
financial statements have been included (ISA 315 (Revised 2019).A190(a)(ii) and (b)(iii)).

Further to the requirement in ISA 330.5 for the auditor to design and implement overall responses to
address RoMM at the financial statement level, ISA 330.6 requires the auditor to design and perform
audit procedures whose nature, timing and extent are based on and are responsive to the assessed
RoMM at the assertion level.

ISA 330.A45 explains that the nature assessment of the risk and or the nature of the assertion is
relevant to the design of tests of details and states that tests of details related to the completeness
assertion may involve selecting from items that are expected to be included in the relevant financial
statement amount and investigating whether they are included.

The auditor is therefore tasked with identifying what should have been recorded in the financial
statements and to use this as the source in the design of tests of details to obtain relevant information
to be used as audit evidence in response to the identified RoMM related to the completeness
assertion.

Using system-generated information in the performance of audit procedures

The auditor may determine that the use of system-generated information is an appropriate source in
gathering relevant information that can be used as audit evidence in testing for understatement. Such
information may therefore provide the auditor with an appropriate source for selecting items to test in
gathering relevant information to be used as audit evidence in relation to the completeness assertion.

The purpose of the test of detail must be at the forefront of the auditor’s mind at all times. Once the
auditor has identified an appropriate source for selecting items for testing, the auditor must then
ensure that the item(s) selected for testing is ultimately recorded in the financial statements.

To design tests of details that result in the auditor gathering relevant information to be used as audit
evidence, the auditor needs to demonstrate, through documentation, an understanding of the
information system relevant to financial reporting, such that an experienced auditor will understand
why the chosen source is considered appropriate in selecting items to test in gathering relevant
information to be used as audit evidence in responding to the identified RoMM relating to the
completeness assertion.

Refer to FAQ 12 in this document for a worked example illustrating the principles above.

Page | 47
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 Understanding the information system

ISA 315 (Revised 2019) sets out what is required of the auditor with regard to obtaining an
understanding of the entity and its environment, the applicable financial reporting framework and the
entity’s system of internal control. This includes a requirement on the auditor to obtain an
understanding of the entity’s information system and communication relevant to the preparation of the
financial statements, through performing risk assessment procedures, as described in. ISA 315
(Revised 2019).25.

Appendix 5 to ISA 315 (Revised 2019) provides matters that the auditor may consider in
understanding the entity’s use of IT in its system of internal control. As explained in paragraph 2 of
Appendix 5, the characteristics of manual or automated elements are relevant to the auditor’s
identification and assessment of the RoMM, and further audit procedures based thereon. Automated
controls may be more reliable than manual controls because they cannot be as easily bypassed,
ignored, or overridden, and they are also less prone to simple errors and mistakes. Automated
controls may be more effective than manual controls in the following circumstances:
• High volume or recurring transactions, or in situations where errors that can be anticipated or
predicted can be prevented, or detected and corrected, through automation.
• Controls where the specific ways to perform the control can be adequately designed and
automated.

Paragraph 3 in Appendix 5 to ISA 315 (Revised 2019) explains that the entity’s information system may
include the use of manual and automated elements, which also affect the manner in which transactions
are initiated, recorded, processed, and reported. In particular, procedures to initiate, record, process
and report transactions may be enforced through the IT applications used by the entity, and how the
entity has configured those applications. In addition, records in the form of digital information may
replace or supplement records in the form of paper documents.

The table in paragraph 4 in Appendix 5 to ISA 315 (Revised 2019) includes examples of matters that
the auditor may consider in obtaining the understanding of the IT environment and includes examples
of typical characteristics of IT environments based on the complexity of IT applications used in the
entity’s information system. However, such characteristics are directional and may differ depending on
the nature of the specific IT applications in use by an entity.

Refer to FAQ 11 in this document, section 11.4, Consideration of controls over the preparation and
maintenance of IPE for a discussion on the consideration and testing of controls over the preparation
and maintenance of system generated information when considering the reliability thereof. While
recognising that exceptions may exist, in general, the reliability of audit evidence that is generated
internally is increased when the related controls, including those over its preparation and maintenance,
imposed by the entity are effective.

Conclusion

Although the auditing environment continues to evolve, the basic principles of auditing remain. The
auditor is required to consider and document the relevance and reliability of information to be used as
audit evidence. The focus of this FAQ is on the relevance of such information.

Page | 48
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 The relevance of information to be used as audit evidence may be affected by the direction of testing.
When testing the completeness assertion, the direction of testing should be such that the auditor is
selecting from items that are expected to be included in the relevant financial statement amount and
investigating whether they are so included.

The auditor is required to obtain an understanding of the entity and its environment, the applicable
financial reporting framework and the entity’s system of internal control, including the information
system and communication relevant to the preparation of the financial statements. Based on such an
understanding, the auditor should apply their professional judgement in identifying an appropriate
source in gathering relevant information that can be used as audit evidence for tests of details
performed in response to the identified RoMM relating to the completeness assertion.This source may
either be manual information or system-generated information, depending on the unique business
process relevant to financial reporting that the entity under audit has implemented.

The reliability of audit evidence that is generated internally (discussed in FAQ 11 in this document) is
increased when the related controls, including those over its preparation and maintenance, imposed by
the entity are effective.

The understanding obtained by the auditor and the professional judgement applied in identifying an
appropriate source in gathering relevant information that can be used as audit evidence must be
sufficiently documented to enable an experienced auditor to understand why the chosen source is
considered appropriate in gathering relevant information that can be used as audit evidence.

Issued January 2020

Updated December 2021

Updated August 2022

Page | 49
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 11. The auditor’s consideration of the reliability of information to be used as audit
evidence: Obtaining audit evidence about the accuracy and completeness of
information produced by the entity

The auditor is tasked with obtaining sufficient appropriate audit evidence to be able to draw
reasonable conclusions on which to base the auditor’s opinion (ISA 500.4). When designing and
performing audit procedures, the auditor is required to consider the relevance and reliability of
the information to be used as audit evidence, including information obtained from an external
information source (ISA 500.7). Information is used as audit evidence when it is sufficiently
relevant and reliable, otherwise it may not support the conclusions upon which our auditor’s
opinion is based. This FAQ deals with information to be used as audit evidence that is produced
by the entity (IPE) and how the auditor evaluates whether the information is sufficiently reliable
for the auditor’s purposes, specifically focusing on the accuracy and completeness of that
information. FAQ 10 in this document deals with the auditor’s evaluation of the relevance of
information produced by the entity to be used as audit evidence.

Specific topics covered in this FAQ are:

11.1 The implications of using IPE as audit evidence – ISA 500.9 requirements
11.2 Obtaining audit evidence about the accuracy and completeness of IPE vs. testing the
accuracy or completeness assertions relating to a class of transactions and events, account
balances and related disclosures
11.3 Obtaining audit evidence about the accuracy and completeness of IPE vs. obtaining audit
evidence about accuracy or completeness of IPE
11.4 Consideration of controls over the preparation and maintenance of IPE
11.5 Obtaining audit evidence about the accuracy and completeness of IPE - drawing on audit
evidence obtained from other relevant audit procedures
11.6 Documenting the auditor’s consideration of IPE
11.7 The possible impact on the auditor’s report if the auditor is unable to obtain audit evidence
about the accuracy and completeness of IPE

Further context to the problem / challenge / uncertainty

ISA 500.6 requires the auditor to design and perform audit procedures that are appropriate in the
circumstances for the purpose of obtaining sufficient appropriate audit evidence. ISA 500.5(f) defines
sufficiency (of audit evidence) as the measure of the quantity of audit evidence. The quantity of the audit
evidence needed is affected by the auditor’s assessment of the risks of material misstatement and also
by the quality of such audit evidence. ISA 500.5(b) defines appropriateness of audit evidence as the
measure of the quality of audit evidence; that is, its relevance and its reliability in providing support for
the conclusions on which the auditor’s opinion is based. When designing and performing audit
procedures, the auditor is required to consider the relevance and reliability of the information to be used
as audit evidence, including information obtained from an external information source (ISA 500.7). When
using IPE, the auditor is required to evaluate whether the information is sufficiently reliable for the
Page | 50
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
auditor’s purposes, including, as necessary in the circumstances, obtaining audit evidence about the
accuracy and completeness of the information (ISA 500.9(a)) and evaluating whether the information is
sufficiently precise and detailed for the auditor’s purposes (ISA 500.9(b)).

The requirement in ISA 500 paragraph 9(a) in relation to the accuracy and completeness of IPE is
expanded on in ISA 530 where the Application and Other Explanatory Material indicates that in fulfilling
the requirement of ISA 500 paragraph 9, when performing audit sampling, the auditor performs audit
procedures to obtain evidence that the population from which the audit sample is drawn is complete (ISA
530.A5).
The evaluation of the completeness of a population could be challenging, especially when auditing an
entity with complex systems, source documents are not sequentially numbered or entities where paper
documents are not used.

Note that, while the terms relevance and reliability are explained separately in the ISAs, they are both
required to be considered by the auditor to conclude on the sufficiency and appropriateness of audit
evidence.

Specific references in the ISAs8

The auditor has to comply with all ISAs relevant to the audit, including all relevant requirements read
together with the related application material. The following specific references are relevant in
considering the specific question presented here (but are not intended to be exhaustive):

• ISA 230
• ISA 315 (Revised 2019), Para. 25, 26, 33, and A190
• ISA 330, Para. 8, 10, 26, 27, A24, A29a and A30
• ISA 500, Para. 2, 4 – 7, 9, A13, A35, A60 and A61
• ISA 505, Para. 10
• ISA 530, Para. A5

Application of the requirements of the ISAs

11.1. The implications of using IPE as audit evidence – ISA 500.9 requirements
Information to be used as audit evidence may be obtained from a variety of sources, including from an
external information source and information generated internally by the entity. ISA 500 paragraph 7
requires the auditor to consider the relevance and reliability of the information to be used as audit
evidence irrespective of the source of the information. When using IPE, ISA 500 paragraph 9 contains
a requirement in addition to that of ISA 500 paragraph 7 for the auditor to evaluate whether the

8 This FAQ reflects references in the 2020 edition of the International Auditing and Assurance Standards Board’s
Handbook of International Quality Control, Auditing, Review, Other Assurance, and Related Services
Pronouncements. This FAQ also contains references to ISA 315 (Revised 2019) Identifying and Assessing the
Risks of Material Misstatement and includes the conforming and consequential amendments to other
International Standards as a result of the approval of ISA 315 (Revised 2019). Conforming and consequential
amendments are shown with marked changes from the latest approved versions of the ISAs that are amended.
Page | 51
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
information is sufficiently reliable for the auditor’s purposes, including, as necessary in the
circumstances, obtaining audit evidence about the accuracy and completeness of the information
(ISA 500.9(a)) and evaluating whether the information is sufficiently precise and detailed for the auditor’s
purposes (ISA 500.9(b)).
The requirement to evaluate the accuracy and completeness of information contained in ISA 500.9(a)
and expanded on in ISA 530.A5 only applies to IPE. Common examples of such information are:
• Trial balance / subledger
• Listing of transactions
• Analysis of sub-ledgers or balances
• Roll forward schedules
• Budgets / forecasts
• Minutes of meetings
• Internal audit reports
• Fixed asset registers
• Schedule of contractual agreements, such as lease agreements, construction contracts and other
contracts to deliver goods or services
• Inventory listings
• Debtors’ age analysis
• Creditors’ listings
• A schedule of provisions
• A listing of newly hired employees and contractors over a specified period of time
• A listing of all employees
• A listing of terminated employees and contractors over a specified period of time
• A listing of all changes to the relevant systems (operating system, database, application, network
devices)
• A listing of administrative users in relevant systems (operation systems, database, application)

Examples of information not produced by the entity but that may provide relevant and reliable information
to be used as audit evidence are:
• External confirmations, including bank confirmations and legal confirmations
• Analysts’ reports
• Benchmarking data about competitors (ISA 500.A13)
• Purchase orders from customers
• Invoices from vendors
• Agreements with third parties e.g. sales contracts, lease agreements
• Information from third-party providers e.g. foreign exchange rates, prices and pricing related data,
macro-economic data such as historical and forecasted unemployment rates or economic growth
rates, credit history data.

In terms of ISA 505.10, if the auditor identifies factors that give rise to doubts about the reliability of the
responses to a confirmation request, the auditor is required to obtain further audit evidence to resolve
those doubts.
The auditor therefore needs to understand the origin of the information in determining whether the ISAs
prescribe specific procedures for the evaluation of the reliability thereof, over and above the general
requirement in ISA 500.7. The remainder of this FAQ is focused on the auditor’s evaluation of the
reliability of IPE with reference to the accuracy and completeness of that information.
Page | 52
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
11.2 Obtaining audit evidence about the accuracy and completeness of IPE vs. testing the
accuracy or completeness assertions relating to a class of transactions and events,
account balances and related disclosures

Accuracy and completeness are two of the assertions used by the auditor in considering the different
types of potential misstatements that may occur (ISA 315 (Revised 2019).A190).

As an assertion about classes of transactions and events, and related disclosures, for the period under
audit, accuracy means amounts and other data relating to recorded transactions and events have been
recorded appropriately, and related disclosures have been appropriately measured and described
(ISA 315 (Revised 2019).A190(a)(iii)).

As an assertion about account balances, and related disclosures, at the period end, accuracy, valuation
and allocation means assets, liabilities and equity interests have been included in the financial
statements at appropriate amounts and any resulting valuation or allocation adjustments have been
appropriately recorded, and related disclosures have been appropriately measured and described
(ISA 315 (Revised 2019).A190(b)(iv)).

As an assertion about classes of transactions and events, and related disclosures, for the period under
audit, completeness means that all transactions and events that should have been recorded have been
recorded, and all related disclosures that should have been included in the financial statements have
been included (ISA 315 (Revised 2019).A190(a)(ii)).

As an assertion about account balances, and related disclosures, at the period end, completeness
means all assets, liabilities and equity interests that should have been recorded have been recorded,
and all related disclosures that should have been included in the financial statements have been included
(ISA 315 (Revised 2019).A190(b)(iii)).

The requirement in ISA 500 paragraph 9(a) for the auditor to obtain audit evidence about the accuracy
and completeness of IPE, including obtaining evidence that the population from which an audit sample
is drawn is complete, is linked to the auditor’s evaluation of whether that information is sufficiently reliable
for the auditor’s purposes (i.e. the quality of information which is to serve as audit evidence is being
evaluated). Obtaining audit evidence about the accuracy and completeness of IPE isn’t only relevant
when testing the accuracy and completeness assertions – it applies to the testing of any assertions
(occurrence, completeness, accuracy, valuation and allocation, cutoff, classification, presentation,
existence and rights and obligations).

The requirement to determine the sufficiency and reliability of IPE is in addition to the requirement to test
specific assertions related to risks of material misstatement identified. The purpose of obtaining audit
evidence about the accuracy and completeness of IPE is to evaluate whether the information to be used
in performing audit procedures is correct (i.e. is accurate) and contains all the necessary information
(i.e. is complete), and does not provide sufficient appropriate audit evidence on whether classes of
transactions, balances and disclosures are recorded accurately and completely.

Page | 53
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
11.3 Obtaining audit evidence about the accuracy and completeness of IPE vs. obtaining audit
evidence about the accuracy or completeness of IPE

Questions have arisen about whether the auditor is required to obtain audit evidence about the accuracy
and completeness of IPE in all instances or whether the auditor is only required to obtain audit evidence
about the accuracy or the completeness of IPE.

ISA 500.9 states (words in bold indicate our own emphasis): “When using information produced by the
entity, the auditor shall evaluate whether the information is sufficiently reliable for the auditor’s
purposes, including, as necessary in the circumstances:

(a) Obtaining audit evidence about the accuracy and completeness of the information; and

(b) …”

The Explanatory and Other Application Material in ISA 500.A60 explains that in order for the auditor to
obtain reliable audit evidence, information produced by the entity that is used for performing audit
procedures needs to be sufficiently complete and accurate. For example, the effectiveness of auditing
revenue by applying standard prices to record sales volume is affected by the accuracy of the price
information and the completeness and accuracy of the sales volume data. Similarly, if the auditor intends
to test a population (for example, payments) for a certain characteristic (for example, authorisation), the
results of the test will be less reliable if the population from which the items are selected for testing is
not complete.

The purpose of the IPE is therefore paramount as it determines whether the accuracy and/or
completeness would need to be evaluated by the auditor, as illustrated in the paragraph above. When
selecting items for testing from a population, however, the auditor performs procedures to obtain
evidence that the population from which the audit sample is drawn is complete (as a minimum) in order
to meet the requirement of ISA 500 paragraph 9 (ISA 530.A5).

11.4 Consideration of controls over the preparation and maintenance of IPE

The Application and Other Explanatory Material in ISA 500.A35 explains that the reliability of information
to be used as audit evidence, and therefore of the audit evidence itself, is influenced by its source and
its nature, and the circumstances under which it is obtained, including the controls over its preparation
and maintenance where relevant. Therefore, generalisations about the reliability of various kinds of audit
evidence are subject to important exceptions. Even when information to be used as audit evidence is
obtained from sources external to the entity, circumstances may exist that could affect its reliability. For
example, information obtained from a source independent of the entity may not be reliable if the source
is not knowledgeable, or a management’s expert may lack objectivity. While recognising that exceptions
may exist, the following generalisations about the reliability of audit evidence may be useful:
• The reliability of audit evidence is increased when it is obtained from independent sources
outside the entity.
• The reliability of audit evidence that is generated internally is increased when the related
controls, including those over its preparation and maintenance, imposed by the entity are
effective.

Page | 54
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
ISA 315 (Revised 2019) sets out what is required of the auditor with regard to obtaining an
understanding of the entity and its environment, the applicable financial reporting framework and the
entity’s system of internal control. This includes a requirement on the auditor to obtain an
understanding of the entity’s information system and communication relevant to the preparation of the
financial statements, through performing risk assessment procedures, to provide a basis for designing
and performing further audit procedures, as described in ISA 315 (Revised 2019).25.

Refer to the subsection Understanding the information system in FAQ 10 in this document for a
discussion on matters that the auditor may consider in understanding IT.

ISA 315 (Revised 2019) furthermore includes a requirement on the auditor to obtain an understanding
of the control activities component, through performing risk assessment procedures, by identifying
controls that address risks of material misstatement at the assertion level in the control activities
component, as described in ISA 315 (Revised 2019).26(a). Based on controls identified through
application of ISA 315 (Revised 2019).26(a), the auditor is required to identify the IT applications and
the other aspects of the entity’s IT environment that are subject to risks arising from the use of IT (ISA
315 (Revised 2019).26(b)). For such IT applications and other aspects of the IT environment identified
through application of ISA 315 (Revised 2019).26(b), the auditor is required to identify
i) The related risks arising from the use /of IT; and
ii) The entity’s general IT controls that address such risks (ISA 315 (Revised 2019).26(c)).

ISA 315 (Revised 2019).33 requires the auditor to determine whether substantive procedures alone
cannot provide sufficient appropriate audit evidence for any of the risks of material misstatement at the
assertion level.

ISA 330.8(a) requires the auditor to design and perform tests of controls to obtain sufficient appropriate
audit evidence as to the operating effectiveness of relevant controls if the auditor’s assessment of risks
of material misstatement at the assertion level includes an expectation that the controls are operating
effectively (that is, the auditor intends plans to test to rely on the operating effectiveness of controls in
determining the nature, timing and extent of substantive procedures):

ISA 330.8(b) requires the auditor to design and perform tests of controls to obtain sufficient appropriate
audit evidence as to the operating effectiveness of relevant controls if substantive procedures alone
cannot provide sufficient appropriate audit evidence at the assertion level. The application material in
ISA 330.A24 explains that in some cases, the auditor may find it impossible to design effective
substantive procedures that by themselves provide sufficient appropriate audit evidence at the
assertion level. This may occur when an entity conducts its business using IT and no documentation
of transactions is produced or maintained, other than through the IT system. In such cases, ISA 330
paragraph 8(b) requires the auditor to perform tests of relevant controls that address the risk for which
substantive procedures alone cannot provide sufficient appropriate audit evidence.

ISA 330.10(a) states that in designing and performing tests of controls, the auditor shall perform other
audit procedures in combination with inquiry to obtain audit evidence about the operating effectiveness
of the controls including:
(i) How the controls were applied at relevant times during the period under audit;
(ii) The consistency with which they were applied; and
(iii) By whom or by what means they were applied.

Page | 55
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
ISA 330.10(b) requires the auditor, to the extent not already addressed, to determine whether the
controls to be tested depend upon other controls (indirect controls), and, if so, whether it is necessary
to obtain audit evidence supporting the effective operation of those indirect controls. The Application
and Other Explanatory material in ISA 330.A29a explains that the auditor may perform tests of controls
that address risks of material misstatement related to the integrity of the entity’s data, or the
completeness and accuracy of the entity’s system-generated reports, or to address risks of material
misstatement for which substantive procedures alone cannot provide sufficient appropriate audit
evidence. These tests of controls may include tests of general IT controls that address the matters in
paragraph 10(a). When this is the case, the auditor may not need to perform any further testing to
obtain audit evidence about the matters in paragraph 10(a).

The Application and Other Explanatory material in ISA 330.A30 furthermore explains that, in some
circumstances, it may be necessary to obtain audit evidence supporting the effective operation of
indirect controls (e.g., general IT controls). As explained in [ISA 330] paragraphs A29 to A29b, general
IT controls may have been identified in accordance with ISA 315 (Revised 2019) because of their
support of the operating effectiveness of automated controls or due to their support in maintaining the
integrity of information used in the entity’s financial reporting, including system-generated reports. The
requirement in [ISA 330] paragraph 10(b) acknowledges that the auditor may have already tested
certain indirect controls to address the matters in ISA 330 paragraph 10(a). For example, when the
auditor decides to test the effectiveness of a user review of exception reports detailing sales in excess
of authorised credit limits, the user review and related follow up is the control that is directly of relevance
to the auditor. Controls over the accuracy of the information in the reports (for example, general IT
controls) are described as “indirect” controls.

The use of IPE as audit evidence is therefore subject to the risks relating to the generation of that
information being adequately addressed.

Using IPE as audit evidence without consideration of controls over the preparation and maintenance
of IPE may not provide the auditor with a basis to conclude on the appropriateness of the source of the
information.

11.5 Obtaining audit evidence about the accuracy and completeness of IPE – drawing on audit
evidence obtained from other relevant audit procedures

The Application and Other Explanatory Material in ISA 500.A61 explains:

• Obtaining audit evidence about the accuracy and completeness of IPE may be performed
concurrently with the actual audit procedure applied to the IPE when obtaining such audit
evidence is an integral part of the audit procedure itself.
• In other situations, the auditor may have obtained audit evidence of the accuracy and
completeness of the IPE by testing controls over the preparation and maintenance of the IPE.
• In some situations, however, the auditor may determine that additional audit procedures are
needed.

ISA 500.2 states that ISA 500 is applicable to all the audit evidence obtained during the course of the
audit. Other ISAs deal with specific aspects of the audit (for example ISA 315 (Revised 2019)), the audit
evidence to be obtained in relation to a particular topic (for example ISA 570 (Revised)), specific
procedures to obtain audit evidence (for example ISA 520), and the evaluation of whether sufficient
Page | 56
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
appropriate audit evidence has been obtained (ISA 200 and ISA 330). ISA 500 therefore interrelates
with other ISAs. As explained and illustrated in the paragraph above, the auditor may obtain evidence
about the accuracy and completeness of IPE in a number of ways, including drawing on relevant audit
evidence obtained from other audit procedures.

Refer to FAQ 12 in this document for a worked example illustrating the principles above.

11.6 Documenting the auditor’s consideration of IPE

Auditors are reminded to consider the documentation requirements contained in ISA 230 in documenting
how the auditor concluded that the IPE is sufficiently complete and accurate to be reliable. This includes
documenting the link between testing performed elsewhere in the audit file that supports the accuracy
and completeness of a population.

11.7 The possible impact on the auditor’s report if the auditor is unable to obtain audit evidence
about the accuracy and completeness of IPE
If the auditor is unable to obtain audit evidence about the accuracy and completeness of IPE, this may
have an impact on the auditor’s ability to obtain sufficient appropriate evidence related to a relevant
assertion about a class of transactions, account balance or disclosure.
ISA 330.26 requires the auditor to conclude whether sufficient appropriate audit evidence has been
obtained. In forming an opinion, the auditor shall consider all relevant audit evidence, regardless of
whether it appears to corroborate or to contradict the assertions in the financial statements.
If the auditor has not obtained sufficient appropriate audit evidence as to related to an material financial
statement relevant assertion about a class of transactions, account balance or disclosure, the auditor
shall attempt to obtain further audit evidence. If the auditor is unable to obtain sufficient appropriate audit
evidence, the auditor is required to express a qualified opinion or disclaim an opinion on the financial
statements (ISA 330.27).

Conclusion

The ISAs are not prescriptive in the specific procedures that auditors are required to perform in
evaluating the relevance and reliability of IPE. Rather, the ISA are principles-based and require the
auditor to exercise professional judgement in applying the requirements.
The auditor is required to evaluate whether IPE to be used as audit evidence is sufficiently reliable for
the auditor’s purposes, including as necessary in the circumstances, obtaining audit evidence about the
accuracy and completeness of the IPE.
The use of IPE as audit evidence is subject to the risks relating to the generation of that information
being adequately addressed.

Using IPE as audit evidence without consideration of controls may not provide the auditor with a basis
to conclude on the appropriateness of the source of the information.

Page | 57
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
The auditor may obtain audit evidence about the accuracy and completeness of IPE in a number of
ways, including drawing on relevant audit evidence obtained from other audit procedures.

Issued December 2021

Updated August 2022

Page | 58
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
12. Auditing the completeness of revenue: An illustrative example focusing on the
relevance and reliability of the population from which items are selected for testing

Regulatory inspections have found that auditors failed to perform procedures that adequately
address the completeness assertion for revenue.

Previous inspection reports indicated the following findings:

1. No or insufficient documented audit evidence on the audit file that completeness of

revenue had been tested for all material revenue streams.*
2. Source documents or source data from which samples were selected to perform the
completeness test were inappropriate and did not achieve the objective of the test that all
transactions were recorded. (Refer to FAQ 10 in this document for guidance on testing
the completeness assertion from an appropriate source)
3. Not assessing the completeness and accuracy of the population from which the sample
was selected when testing for the completeness of revenue. (Refer to FAQ 11 in this
document for guidance on addressing information produced by the entity)
4. Auditors often perform an analytical review procedure to review the completeness of
revenue; however, this procedure is not predictive in nature and, therefore, does not
achieve the objective. The analysis is often simply a year-on-year comparative that does
not achieve the objective of the test, and these reviews do not meet the definition of a
substantive analytical procedure as per the standards, resulting in insufficient audit
evidence being obtained.*

*The finding is not addressed in this FAQ.

This FAQ addresses findings 2 and 3 above, being the appropriateness of the population from which
items are selected for testing (referred to as the reciprocal population in this FAQ) and testing the
completeness and accuracy thereof.

The completeness assertion is described as:

• all transactions and events that should have been recorded have been recorded and all related
disclosures that should have been included in the financial statements, have been included (ISA
315 (Revised 2019).A190(a)(ii)); and
• all assets, liabilities and equity interests that should have been recorded have been recorded
and all related disclosures that should have been included in the financial statements, have been
included (ISA 315 (Revised 2019).A190(b)(iii)).

ISA 330.A45 explains that “the nature assessment of the risk and or the nature of the assertion is relevant
to the design of tests of details” and states that “tests of details related to the completeness assertion
may involve selecting from items that are expected to be included in the relevant financial statement
amount and investigating whether they are included.” In practice this is done by selecting items from an
appropriate reciprocal population.

The Illustrative example below has been developed to illustrate the various considerations when
determining the relevance and reliability of the reciprocal population when testing the completeness of

Page | 59
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
revenue. This example illustrates the practical application of concepts from FAQ 10 and FAQ 11 in this
document and should be read in conjunction with those FAQs.

The principles described through this illustrative example would be applicable to all audits regardless of
the nature and size of the entity being audited. Client specific facts and circumstances would need to be
considered in applying these principles.

Specific references in the ISAs9

The auditor has to comply with all ISAs relevant to the audit, including all relevant requirements read
together with the related application material. The following specific references are relevant in
considering this illustrative example (but are not intended to be exhaustive):

• ISA 315 (Revised 2019), Para. A190(a)(ii) and A190(b)(iii)

• ISA 330, Para. 7(b), 18, A19 and A45
• ISA 500, Para. 7, A31, A35, A60 and A61

Background to the entity and its revenue process

ABC (Pty) Ltd. (“ABC”) operates in the automotive industry and has a 31 December financial year-end.
The entity manufactures automotive body parts. The automotive body parts are supplied to local original
equipment manufacturers (“OEMs”). All sales are made locally and no goods are exported. Sales terms
are free-on-board destination (“FOB”). Revenue is recognised when control of the goods has transferred,
being at the point when goods are delivered to the customer.

Due to the “just-in-time” requirements of the OEMs, both the customer and supplier make use of a third
party operated service, “EasySupply”, to allow for a seamless ordering and delivery process.
Each party has their own user accounts to log in through either the customer or supplier portals.

The OEM will log in to the “EasySupply” system using the customer portal and upload their orders. The
system requires two authorised users to approve the order before it will be placed with the supplier.

The “EasySupply” system will send an automated e-mail with a batch file to ABC’s sales manager with
the details of the order placed.

The sales manager will upload the batch file into SAP, the Enterprise Resource Planning (ERP) software
used for financial reporting purposes. The SAP system will then automatically perform two functions:
- Check the inventory levels to determine whether sufficient stock is available; and
- Check the customer’s available credit facility to ensure sufficient credit is available.

9 This FAQ reflects references in the 2020 edition of the International Auditing and Assurance Standards Board’s
Handbook of International Quality Control, Auditing, Review, Other Assurance, and Related Services
Pronouncements. This FAQ also contains references to ISA 315 (Revised 2019) Identifying and Assessing the
Risks of Material Misstatement and includes the conforming and consequential amendments to other
International Standards as a result of the approval of ISA 315 (Revised 2019). Conforming and consequential
amendments are shown with marked changes from the latest approved versions of the ISAs that are amended.
Page | 60
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
If both criteria have been met, the order would automatically be approved within the SAP system and a
sequentially-numbered picking slip will be generated.
If the criteria have not been met, a second approval will be generated within SAP routed to the production
and credit manager for further investigation and approval.

On a weekly basis the sales manager will log in to the “EasySupply” system using the supplier portal
and download the orders placed for the week. A reconciliation will then be performed between the
EasyPay download and the SAP system to ensure all orders placed were uploaded. Any differences
are investigated and resolved.

Once the inventory items have been picked, the order would be marked as “Complete” on the SAP
system and a sequentially numbered invoice and delivery note will be generated automatically.

Deliveries are made in one of two ways:

- For customers within a 100 km radius of the manufacturing plant, goods are delivered by ABCs
own delivery vehicles (Own deliveries).
- For customers outside of the 100 km radius of the manufacturing plant ABC makes use of a
dedicated transport company, WeDeliver. WeDeliver’s delivery systems interface directly with
ABCs SAP system (WeDeliver deliveries).
Own deliveries:

A daily delivery schedule is printed from SAP of all delivery notes scheduled for delivery on that day per
customer. Delivery dates are generated automatically within SAP based on the timing of the delivery
note being generated. No goods are allowed to leave the premises without the invoice and two copies
of the delivery note. Security checks that all the documentation is in place before the goods are
dispatched and stamps the delivery schedule as evidence of the check performed.

A copy of the delivery note must be signed by the receiving department of the OEM.

The daily customer delivery schedules and signed delivery notes are returned to the invoicing
department. The invoicing clerk will reconcile the delivery schedule to the signed delivery notes to ensure
a copy of every delivery note has been received after which the delivery schedule is signed as evidence
of review. The invoicing clerk will then open the delivery note on SAP and enter any differences identified
after which the delivery is marked as “Delivered”.

Deliveries made by WeDeliver:

Each delivery to be made by WeDeliver will have a unique barcode allocated to it. The barcode is printed
on each delivery note by ABCs SAP system.

Once the driver collects the goods to be delivered, the barcode on each delivery note is scanned using
the WeDeliver scanners. The driver will also sign the delivery schedule as evidence of receipt of the
goods.

Once the goods have been delivered the driver will get the customer to sign the delivery note and scan
the barcode again to record the delivery.

The data from the barcode scanners are uploaded into WeDeliver’s delivery systems after which the
Page | 61
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
sales manager will perform a reconciliation between the codes scanned and the physical signed delivery
notes received. Once the reconciliation has been completed the day’s deliveries will be batch processed
for invoicing. The batch of deliveries will then automatically be recorded in SAP via the automated
interface between SAP and the WeDeliver delivery systems using the barcode information.

Open orders:

The sales manager reviews a SAP listing of all open orders on a weekly basis and follows up with the
production department as to the reasons therefor.

Receivable process:

On a monthly basis the OEM will send ABC a remittance schedule using their “Self-billing systems” with
the details of supplier invoices generated for goods received. The self-generated supplier invoice will
include the invoice details of ABC.
A reconciliation is performed by the accounts receivable clerk of ABC between the remittance schedule
and invoices recorded to ensure all deliveries are settled.

The audit process

The audit team may follow the process below in determining an appropriate audit approach when
auditing completeness of revenue for all material revenue streams:

1. Identify the risks of material misstatement relating to the completeness assertion and design an
appropriate response to the assessed risk.

When the audit response consists of tests of detail:

2. Determine the relevant populations from which to select items for testing.
3. Consider the reliability of the reciprocal populations.
4. Select the reciprocal population to use for testing.
5. Obtain evidence regarding the reliability of the reciprocal population, including consideration of
its completeness and accuracy.
6. Design further audit procedures to test the completeness of revenue.

1. Identify the risks of material misstatement relating to the completeness assertion and design
an appropriate response to the assessed risk
This FAQ does not cover the risk assessment process and response in terms of ISA 315 (Revised 2019)
and ISA 330. However, it is imperative that these processes precede the remaining steps described as
part of this illustrative example.

The auditor’s assessment of risk and understanding of the entity’s processes should be performed for
all material revenue streams.

Depending on the assessment of risk and understanding of the entity’s processes, the auditor may
determine that tests of detail are not required, and sufficient and appropriate audit evidence may be

Page | 62
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
obtained from substantive analytical procedures. Where this is the case, such substantive analytical
procedures should comply with the requirements of ISA 520 (the detail of which falls outside the scope
of this FAQ). The concepts outlined in the illustrative example below with respect to relevance and
reliability of information produced by the entity may also be applied by the audit team with respect to
data inputs into the analytical procedure.

How would the response vary for the auditor’s assessment of risk?

ISA 330.7(b) states that in designing the further audit procedures to be performed, the auditor shall
obtain more persuasive audit evidence the higher the auditor’s assessment of risk.

ISA 330.A19 explains that when obtaining more persuasive audit evidence because of a higher
assessment of risk, the auditor may increase the quantity of the evidence, or obtain evidence that is
more relevant or reliable, for example, by placing more emphasis on obtaining third party evidence or
by obtaining corroborating evidence from a number of independent sources.

Considering the guidance provided ISA 330.A19, the auditor would apply their professional judgement
regarding the audit evidence required.

As such, less extensive audit evidence may be appropriate where the assessed risk of material
misstatement related to the completeness of revenue is lower.
In a scenario where less extensive evidence is required, the auditor may consider alternative sources of
evidence derived from other substantive procedures performed during the audit, such as:

• Evidence obtained through controls testing performed. Note however that control testing alone
would not be sufficient to address the requirements of ISA 330.18. When controls testing is
performed, it must be supplemented with substantive testing; and/or
• The results from inventory stock counts performed at year-end and the level of inventory write-
offs during the year; and/or
• Completeness testing of accounts receivable at year-end; and/or
• Bank reconciliation testing at year-end; and/or
• Early cut-off testing of revenue; and/or
• Testing debits posted against revenue (E.g. credit notes, journal entries); and/or
• Testing of unmatched order listings; and/or
• Testing the sequence of invoices.

In using these alternative sources of controls and substantive audit evidence, the auditor would need to
consider whether the cumulative audit evidence in aggregate would be appropriate to address the
identified risk. The individual examples provided above, if used in isolation, may not provide sufficient
and appropriate evidence to address the identified risk.

In addition, the auditor would need to clearly demonstrate in their documentation the interrelationship
between the risk being addressed (the completeness of revenue) and the testing performed including
whether the testing addresses the risk throughout the year and not just at year end. An example of this
would be to follow through the transactions from initiation to recording and proving the association
through the debits and credits posted to the related accounts.

Page | 63
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
In contrast in a scenario where more persuasive evidence is required, the auditor may need to increase
the quantity of the evidence or obtain evidence that is more relevant and reliable such as third party
evidence or by obtaining corroborating evidence from a number of independent sources. Examples of
this are included under steps 2 to 6 below.

Regardless, ISA 330.18 states that irrespective of the assessed risks of material misstatement, the
auditor shall design and perform substantive procedures for each material class of transactions, account
balance, and disclosure.

2. Determine the relevant populations from which to select items for testing
Determining an appropriate reciprocal population is based on the auditor’s understanding of the flow of
revenue transactions specific to the entity.

ISA 500.7 states that when designing and performing audit procedures, the auditor shall consider the
relevance and reliability of the information to be used as audit evidence, including information obtained
from an external information source.

ISA 500.A31 expands on the relevance of information to be used as audit evidence and indicates that
relevance deals with the logical connection with, or bearing upon, the purpose of the audit procedure
and, where appropriate, the assertion under consideration. The relevance of information to be used as
audit evidence may be affected by the direction of testing.

In the context of this illustrative example, the assertion being tested is the completeness of revenue and
therefore a selection of items from recorded sales would not be a relevant population.

The examples of possible sources presented below are not derived from recorded sales and therefore
would be considered a relevant source from which to test completeness of revenue.
Considering the background and understanding of the revenue process at ABC, the following examples
of reciprocal populations may be appropriate in the circumstances, namely:

• Source 1: Proof of deliveries – Own deliveries and WeDeliver

• Source 2: Order listing
As an alternative, the auditor may also consider information obtained directly by the auditor through
substantive tests of details, such as:

• Source 3: Reconciliation of inventory on hand to quantities sold, being information driven from
other account balances and transactions audited. *
*The reconciliation is generally performed based on volumes of inventory on hand and manufactured
during the year (E.g. Opening inventory + manufactured inventory – closing inventory = Theoretical sales
volumes). It may not be suitable for entities with multiple products.

Page | 64
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 3. Consider the reliability of the reciprocal population

ISA 500.7 states that when designing and performing audit procedures, the auditor shall consider the
relevance and reliability of the information to be used as audit evidence, including information obtained
from an external information source.

ISA 500.A35 explains that the reliability of information to be used as audit evidence, and therefore of the
audit evidence itself, is influenced by its source and its nature, and the circumstances under which it is
obtained, including the controls over its preparation and maintenance where relevant.

The standard goes on to describe certain generalizations about the reliability of audit evidence which
may be useful:
- The reliability of audit evidence is increased when it is obtained from independent sources
outside the entity.
- The reliability of audit evidence that is generated internally is increased when the related controls,
including those over its preparation and maintenance, imposed by the entity are effective.
- Audit evidence obtained directly by the auditor (for example, observation of the application of a
control) is more reliable than audit evidence obtained indirectly or by inference (for example,
inquiry about the application of a control).
- Audit evidence in documentary form, whether paper, electronic, or other medium, is more reliable
than evidence obtained orally (for example, a contemporaneously written record of a meeting is
more reliable than a subsequent oral representation of the matters discussed).
- Audit evidence provided by original documents is more reliable than audit evidence provided by
photocopies of facsimiles, or documents that have been filmed, digitized or otherwise
transformed into electronic form, the reliability of which may depend on the controls over their
preparation and maintenance.

Source 1: Source 2: Source 3:

Proof of deliveries Proof of deliveries Order listing Reconciliation of
– Own deliveries – WeDeliver quantities sold to
inventory on hand
What is the Proof of deliveries Proof of deliveries The order listing The information
source and are signed by the are generated by could be internally used in this type of
nature of the customer to WeDeliver and or externally reconciliation is
information? acknowledge the interfaces directly generated generally
receipt of the with ABCs SAP information. It is dependent on
goods. Due to this, system. The important to information
the proof of reliability of the understand the obtained directly by
deliveries would be information would source of the the auditor. The
an external source depend on ABCs information to reconciliation is
of information. ability to manipulate understand whether performed by
the information it is an appropriate comparing
received from reciprocal theoretical sales
WeDeliver. population. volumes to actual

Page | 65
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 Source 1: Source 2: Source 3:
Proof of deliveries Proof of deliveries Order listing Reconciliation of
– Own deliveries – WeDeliver quantities sold to
inventory on hand
In this example recorded sales
orders are initiated volumes.
on the “EasySupply”
system operated by Note: If the
a third-party. reconciliation is
done on the basis
If the order listing is of value rather than
derived from the volume, then
“EasySupply” further procedures
system directly, then and considerations
the order listing may be required.
would be externally
generated
information and thus
more reliable**.

If, however, the

order listing is
derived directly from
the SAP system,
then it would be
internally generated
information and
further consideration
should be given to
the appropriateness
of the reciprocal
population.

** For purposes of
this example it is
assumed that
EasyPay does not
meet the definition
of a Service
organisation as
defined by ISA 402.
Are there Yes. Yes. Yes.
controls that
may There are two The source of the The controls would Controls may be
enhance the controls that may be information in this vary depending on relevant, depending
reliability of relevant. example is heavily the source of the on the extent of
the 1. Proof of reliant on the IT order listing. information
information? deliveries are systems. As such, produced by the
reconciled on a the controls over entity used in
Page | 66
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 Source 1: Source 2: Source 3:
Proof of deliveries Proof of deliveries Order listing Reconciliation of
– Own deliveries – WeDeliver quantities sold to
inventory on hand
daily basis to the IT systems Order listing derived performing the
the delivery would be relevant, from SAP: reconciliation.
schedules. for example:
2. The sales 1. The sales
manager 1.General IT manager
reviews a SAP controls over the performs a
listing of all interface and SAP weekly
open orders on system including reconciliation
a weekly basis user access between the
controls. EasyPay
2. Application download and
controls over the the SAP system
generation of the to ensure all
listings. orders placed
were uploaded.
Note: The example
procedures above Order listing derived
include only those from the
IT systems referred “EasySupply”
to in the system:
background to the
illustrative example 1. The
and does not “EasySupply”
provide a system is
comprehensive operated by a
overview of all third party.
GITCs, data and Access to the
application controls system is
that may be controlled
relevant. through separate
portals. Two
authorised users
are required to
approve an
order.

4. Select the reciprocal population to use for testing

Once the auditor has considered the understanding obtained through step 2 (relevance) and step 3
(reliability), the auditor would select a reciprocal population for further testing.

Page | 67
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 5. Obtain evidence regarding the reliability of the reciprocal population, including consideration
of its completeness and accuracy
The considerations in step 3 above are however not the only considerations when evaluating the
reliability of the information.

ISA 500.A60 states that in order for the auditor to obtain reliable audit evidence, information
produced by the entity that is used for performing audit procedures needs to be sufficiently complete
and accurate.
ISA 500.A61 explains:
• Obtaining audit evidence about the accuracy and completeness of such information
(referring to information produced by the entity that is used for performing audit procedures)
may be performed concurrently with the actual audit procedure applied to the information
when obtaining such audit evidence is an integral part of the audit procedure itself.
• In other situations, the auditor may have obtained audit evidence of the accuracy and
completeness of such information by testing controls over the preparation and maintenance
of the information.
• In some situations, however, the auditor may determine that additional audit procedures are
needed.

The auditor’s ability to rely on information is therefore heavily dependent on the auditor’s ability to
determine whether the information is sufficiently complete and accurate.

When the auditor is unable to obtain evidence concurrently with audit procedures already planned, the
additional procedures contemplated by ISA 500.A61 may be independent test of controls and/or
substantive procedures on the population itself. Some examples of these are set out in the table below.

Source 1: Source 2: Source 3:

Proof of deliveries Proof of deliveries Order listing Reconciliation
– Own deliveries – WeDeliver of quantities
sold to inventory
on hand
Example 1 – 1. Performing a Listing of all Order listing derived
Performing sequence deliveries made from SAP:
tests of check of the by WeDeliver
controls delivery from the SAP 1. Perform a
schedules system: sequence check of
printed for the 1. Test the the order numbers.
year. Note: The General IT
delivery controls over 2. Test the weekly
schedules are the interface control whereby the
used as an and delivery orders on SAP are
input into the module within reconciled to the
control under SAP including orders on the
point 2 below access controls. EasySupply
and system.
practitioners
Page | 68
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 Source 1: Source 2: Source 3:
Proof of deliveries Proof of deliveries Order listing Reconciliation
– Own deliveries – WeDeliver of quantities
sold to inventory
on hand
would need to
design further
procedures to Order listing derived
test the from the EasySupply
information system:
used in the
control. No further procedures
2. Test the daily required**
control whereby
the proof of ** For purposes of this
deliveries are example it is assumed
reconciled to that EasyPay does not
the delivery meet the definition of a
schedules. Service organisation as
3. Test the weekly defined by ISA 402.
control to
follow-up on However, should
outstanding EasyPay meet the
orders. definition of a Service
organisation per ISA
402, then further
procedures would be
required as set out in
ISA 402 paragraphs 10
to 12.

Example 2 – 1. Performing a 1. Obtain a Order listing derived Additional

Performing sequence confirmation of from SAP: procedures would
substantive check of the all deliveries not be required if
procedures delivery made from 1. Perform a the various inputs
schedules WeDeliver. sequence check of into the
printed for the the order numbers. reconciliation
year. were tested
2. For a sample of 2. Make a selection of directly when
delivery orders from the testing the
schedules EasySupply system account balance
inspect that all and trace to the or transaction
proof of order listing affected.
deliveries were (completeness).
attached to the For example:
schedule. 3. Make a selection of Opening
orders from the inventory would
order listing and have been
Page | 69
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 Source 1: Source 2: Source 3:
Proof of deliveries Proof of deliveries Order listing Reconciliation
– Own deliveries – WeDeliver of quantities
sold to inventory
on hand
Note: It may not trace it to the substantively
be possible to EasySupply system tested as part of
check that all (accuracy). the prior year
delivery notes audit.
are available
where an entity
has large Order listing derived
volumes of from the EasySupply Closing inventory
transactions. system identified as an would have been
As such, external source of substantively
alternative information under step tested as part of
procedures may 3: the audit of
need to be inventory at year-
performed to 1. Observe the end.
determine the generation of the
completeness listing to ensure the Manufactured
of the correct parameters goods may have
population, have been entered. been
such as the test ** substantively
described. The tested as part of
nature and ** For purposes of this the testing of cost
extent of the example it is assumed of sales.
test would vary, that EasyPay does not
depending on meet the definition of a Further
how the Service organisation as consideration
information is defined by ISA 402. As should be given
maintained. It is such, limited to the extent of
envisaged that procedures would be testing required
the procedures required. on listings used
would not (information
extend beyond However, should produced by the
testing the EasyPay meet the entity) to
relevance and definition of a Service determine the
reliability of the organisation per ISA sales volumes to
reciprocal 402, then further compare to the
population (I.e. procedures would be theoretical sales
no further required as set out in volumes.
testing will be ISA 402 paragraphs 10
required on to 12.
populations
used to test
relevance and
reliability of the

Page | 70
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 Source 1: Source 2: Source 3:
Proof of deliveries Proof of deliveries Order listing Reconciliation
– Own deliveries – WeDeliver of quantities
sold to inventory
on hand
reciprocal
population).

An alternative
reciprocal
population
should be
considered
where sufficient
and appropriate
audit evidence
cannot be
obtained to
determine the
relevance and
reliability of the
reciprocal
population.

6. Design further audit procedures to test the completeness of revenue

Once the auditor has determined that the reciprocal population is relevant and reliable, and where
applicable complete and accurate, the auditor designs further audit procedures to test the completeness
of revenue.

Examples of audit procedures (tests of details) that may be appropriate are included in the table below:

Source 1: Source 2: Source 3:

Proof of deliveries Proof of deliveries Order listing Reconciliation of
– Own deliveries – WeDeliver quantities sold to
inventory on hand
Make a selection of Make a selection of Order listing derived Compare theoretical
proof of deliveries proof of deliveries from SAP: sales volumes to
from the delivery from the WeDeliver recorded sales
schedules and trace delivery schedule Make a selection of volumes. Evaluate
the transactions and trace the orders from the any differences that
through to recorded transactions through order listing and exist.
sales in the general to recorded sales in trace the
ledger. the general ledger. transactions through
to recorded sales in
Alternatively, should the general ledger.
the schedule be
obtained directly
Page | 71
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
 from WeDeliver in Order listing derived
electronic format, from the
perform a 100% EasySupply system:
reconciliation
between the Make a selection of
WeDeliver delivery orders from the
schedule and order listing and
recorded sales in trace the
the general ledger. transactions through
to recorded sales in
the general ledger.

Alternatively,
perform a 100%
reconciliation of
orders per the
EasySupply order
listing and the
orders and sales
recorded in SAP.
Investigate open
and cancelled
orders on a sample
basis if considered
material.

In summary

The auditor’s assessment of risk and understanding of the entity’s processes should be performed for
all material revenue streams.

Depending on the assessment of risk and understanding of the entity’s processes, the auditor may
determine that tests of detail are not required, and sufficient and appropriate audit evidence may be
obtained from substantive analytical procedures, or that sufficient and appropriate audit evidence exists
from indirect evidence obtained from testing assertions of other balances.

However, when the auditor has determined that tests of details would be appropriate to test the
completeness assertion, the tests of details may involve selecting from items that are expected to be
included in the relevant financial statement amount and investigating whether they are included. In
practice this is done by selecting items from an appropriate reciprocal population.

In order to determine whether the reciprocal population is appropriate, the auditor shall consider the
relevance and reliability of the information to be used as audit evidence based on their robust
understanding of the relevant business processes and risk assessment.

In order to obtain reliable audit evidence, information produced by the entity that is used for performing
audit procedures needs to be sufficiently complete and accurate. This is also relevant when substantive
Page | 72
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360
analytical procedures are performed.

Once the auditor has determined that the reciprocal population is relevant and reliable, and where
applicable, complete and accurate, the auditor shall design further audit procedures to test the
completeness of revenue.

In designing the further audit procedures to be performed, the auditor shall obtain more persuasive audit
evidence the higher the auditor’s assessment of risk.

ISA 330.18 states that irrespective of the assessed risks of material misstatement, the auditor shall
design and perform substantive procedures for each material class of transactions, account balance,
and disclosure.

Issued December 2021

Updated August 2022

Page | 73
Issued July 2017
Updated October 2018, January 2020, December 2021 and August 2022
Ref#773360