Evidencing the audit work is the most common area in which audit files fail to meet the Auditing Standards requirements. This is either through not completing the work set out at the planning stage of the audit, or failing to effectively record the work that has been undertaken. Reports by ACRA and ISCA consistently flag these issues as being of concern, especially among Small and Medium Sized Practitioners (SMPs).
Time and time again in the files that we review, in those areas where the work performed does not comply with Auditing Standards, the major reason for the non-compliance is inadequate or non-existent recording of audit evidence. In many cases, the work may well have been performed, but it hasn’t been recorded in the proper fashion or has not been recorded at all.
Audit work which has been performed but has not been recorded does not constitute bona fide audit evidence. So, what constitutes proper audit evidence?
The primary source of information within the auditing standards is contained with ISA/SSA 230 on audit documentation.
The auditor shall prepare audit documentation that is sufficient to enable an experienced auditor, having no previous connection with the audit, to understand:
- The nature, timing and extent of the audit procedures performed to comply with the ISAs and applicable legal and regulatory requirements;
- The results of the audit procedures performed, and the audit evidence obtained; and
- Significant matters arising during the audit, the conclusions reached thereon, and significant professional judgments made in reaching those conclusions.
In documenting the nature, timing and extent of audit procedures performed, the auditor shall record:
- ** The identifying characteristics of the specific items or matters tested;**
- ** Who performed the audit work and the date such work was completed; and**
- ** Who reviewed the audit work performed and the date and extent of such review.**
It is these requirements that mean that work has to be documented in such a regimented way.
There is much emphasis elsewhere in the guidance that only key judgements need to be documented, and that perhaps there is no need document compliance with an ISA if working papers indicate compliance. In other words, there is no need to complete checklists just to check or indicate that you have complied with certain ISAs.
All of the guidance notes to ISA 230 point to the view that auditing under the ISAs is not about completing forms and checklists, but rather thinking about the client and documenting the key decisions and considerations.
In practice, when it comes to documenting the audit work for key audit tests, there should be a working paper that documents the following:
- The objective of the test
- The work performed
- The results of the work
- An evaluation of the results; and
- A conclusion on what the test has achieved.
One of the common issues that firms can have when automating the audit process is that there is an increased reliance on checklists when conducting audit work, and some firms lose sight of the need to properly document the work done.
Smart Audit allows users to upload Word or Excel documents that show this level of detail as an attachment to a specific step within the programme. This enables firms to use automation to save time, whilst maintaining compliance with the standards. In time firms can develop a suite of their own pro forma working papers within the library function.
Contributed by : Alun Morgan. Alun is a director of PCP Global and Kudos International Network. Smart Audit will shortly have the globally used PCP audit documentation for use within its system. To find out more about joining PCP Global, please visit(”http://www.pcp-global.com/”).
For more details on Kudos International Network, please visit(”http://www.kudosinternationalnetwork.com/”)