In performing an audit of financial statements, the auditor should obtain a sufficient knowledge

SAS No. 36 Engagements to Review Financial Statements

Status

Issued by Auditing Standards Committee in Taiwan on 21 November, 2001.

Summary

The objective of a review of financial statements is to enable an auditor to state whether, on the basis of procedures which do not provide all the evidence that would be required in an audit, anything has come to the auditor’s attention that causes the auditor to believe that the financial statements are not prepared, in all material respects, in accordance with the generally accepted accounting principles. A review engagement provides a moderate level of assurance that the information subject to review is free of material misstatement, this is expressed in the form of negative assurance.

The auditor should plan and perform the review with an attitude of professional skepticism recognizing that circumstances may exist which cause the financial statements to be materially misstated. For the purpose of expressing negative assurance in the review report, the auditor should obtain sufficient appropriate evidence primarily through inquiry and analytical procedures to be able to draw conclusions.

In planning a review of financial statements, the auditor should obtain or update the knowledge of the business including consideration of the entity’s organization, accounting systems, operating characteristics and the nature of its assets, liabilities, revenues and expenses.

When using work performed by another auditor or an expert, the auditor should be satisfied that such work is adequate for the purposes of the review.

The auditor should document matters which are important in providing evidence to support the review report, and evidence that the review was carried out in accordance with this Statement.

Procedures for the review of financial statements will ordinarily include the following:

• Obtaining an understanding of the entity’s business and the industry in which it operates.
• Inquiries concerning the entity’s accounting principles and practices; the entity’s procedures for recording, classifying and summarizing transactions, accumulating information for disclosure in the financial statements and preparing financial statements; and concerning all material assertions in the financial statements.
• Inquiries concerning actions taken at meetings of shareholders, the board of directors, committees of the board of directors and other meetings that may affect the financial statements.
• Analytical procedures designed to identify relationships and individual items that appear unusual. Such procedures would include:
• Comparison of the financial statements with statements for prior periods.
• Comparison of the financial statements with anticipated results and financial position.
• Study of the relationships of the elements of the financial statements that would be expected to conform to a predictable pattern based on the entity’s experience or industry norm. In applying these procedures, the auditor would consider the types of matters that required accounting adjustments in prior periods.
• Reading the financial statements to consider, on the basis of information coming to the auditor’s attention, whether the financial statements appear to conform with the basis of accounting indicated.
• Obtaining reports from other auditors, if any and if considered necessary, who have been engaged to audit or review the financial statements of components of the entity.
• Inquiries of persons having responsibility for financial and accounting matters concerning, for example
• Whether all transactions have been recorded.
• Whether the financial statements have been prepared in accordance with the basis of accounting indicated.
• Changes in the entity’s business activities and accounting principles and practices.
• Matters as to which questions have arisen in the course of applying the foregoing procedures.
• Obtaining written representations from management when considered appropriate.

The review report should contain a clear written expression of negative assurance. The auditor should review and assess the conclusions drawn from the evidence obtained as the basis for the expression of negative assurance. Based on the work performed, the auditor should assess whether any information obtained during the review indicates that the financial statements are not presented fairly, in all material respects, in accordance with the generally accepted accounting principles.

Effective date

This Statement is effective from 31 December, 2001.

The following auditing standard is not the current version and does not reflect any amendments effective on or after December 31, 2016. The current version of the auditing standards can be found  here.

Audit Planning

Effective Date: For audits of fiscal years beginning on or after Dec. 15, 2010

Final Rule: PCAOB Release No. 2010-004

Summary Table of Contents

• (1) Introduction
• (2) Objective
• (3) Responsibility of the Engagement Partner for Planning
• (4–17) Planning an Audit
• (18–19) Additional Considerations in Initial Audits
• Appendix A Definition

Introduction

1.     This standard establishes requirements regarding planning an audit.

Objective

2.     The objective of the auditor is to plan the auditso that the audit is conducted effectively.

Responsibility of the Engagement Partner for Planning

3.     The engagement partner1/ is responsible for the engagement and its performance. Accordingly, the engagement partner is responsible for planning the audit and may seek assistance from appropriate engagement team members in fulfilling this responsibility. Engagement team members who assist the engagement partner with audit planning also should comply with the relevant requirements in this standard.

Planning an Audit

4.     The auditor should properly plan the audit. This standard describes the auditor's responsibilities for properly planning the audit.2/

5.     Planning the audit includes establishing the overall audit strategy for the engagement and developing an audit plan, which includes, in particular, planned risk assessment procedures and planned responses to the risks of material misstatement. Planning is not a discrete phase of an audit but, rather, a continual and iterative process that might begin shortly after (or in connection with) the completion of the previous audit and continues until the completion of the current audit.

Preliminary Engagement Activities

6.     The auditor should perform the following activities at the beginning of the audit:

1. Perform procedures regarding the continuance of the client relationship and the specific audit engagement,3/
2. Determine compliance with independence and ethics requirements, and

   Note:   The determination of compliance with independence and ethics requirements is not limited to preliminary engagement activities and should be reevaluated with changes in circumstances.

   [The following subparagraph is effective for audits of fiscal years beginning on or after December 15, 2012. See PCAOB Release No. 2012-004. For audits of fiscal years beginning before December 15, 2012, click here.]

3. Establish an understanding of the terms of the audit engagement with the audit committee in accordance with Auditing Standard No. 16, Communications with Audit Committees.[4/]

Planning Activities

7.     The nature and extent of planning activities that are necessary depend on the size and complexity of the company, the auditor's previous experience with the company, and changes in circumstances that occur during the audit. When developing the audit strategy and audit plan, as discussed in paragraphs 8-10, the auditor should evaluate whether the following matters are important to the company's financial statements and internal control over financial reporting and, if so, how they will affect the auditor's procedures:

• Knowledge of the company's internal control over financial reporting obtained during other engagements performed by the auditor;
• Matters affecting the industry in which the company operates, such as financial reporting practices, economic conditions, laws and regulations, and technological changes;
• Matters relating to the company's business, including its organization, operating characteristics, and capital structure;
• The extent of recent changes, if any, in the company, its operations, or its internal control over financial reporting;
• The auditor's preliminary judgments about materiality,5/ risk, and, in integrated audits, other factors relating to the determination of material weaknesses;
• Control deficiencies previously communicated to the audit committee6/ or management;
• Legal or regulatory matters of which the company is aware;
• The type and extent of available evidence related to the effectiveness of the company's internal control over financial reporting;
• Preliminary judgments about the effectiveness of internal control over financial reporting;
• Public information about the company relevant to the evaluation of the likelihood of material financial statement misstatements and the effectiveness of the company's internal control over financial reporting;
• Knowledge about risks related to the company evaluated as part of the auditor's client acceptance and retention evaluation; and
• The relative complexity of the company's operations.

  Note:  Many smaller companies have less complex operations. Additionally, some larger, complex companies may have less complex units or processes. Factors that might indicate less complex operations include: fewer business lines; less complex business processes and financial reporting systems; more centralized accounting functions; extensive involvement by senior management in the day-to-day activities of the business; and fewer levels of management, each with a wide span of control.

Audit Strategy

8.     The auditor should establish an overall audit strategy that sets the scope, timing, and direction of the audit and guides the development of the audit plan.

9.     In establishing the overall audit strategy, the auditor should take into account:

1. The reporting objectives of the engagement and the nature of the communications required by PCAOB standards,7/
2. The factors that are significant in directing the activities of the engagement team,8/
3. The results of preliminary engagement activities9/ and the auditor's evaluation of the important matters in accordance with paragraph 7 of this standard, and
4. The nature, timing, and extent of resources necessary to perform the engagement.10/

Audit Plan

10.      The auditor should develop and document an audit plan that includes a description of:

1. The planned nature, timing, and extent of the risk assessment procedures;11/
2. The planned nature, timing, and extent of tests of controls and substantive procedures;12/ and
3. Other planned audit procedures required to be performed so that the engagement complies with PCAOB standards.

Multi-location Engagements

11.      In an audit of the financial statements of a company with operations in multiple locations or business units,13/ the auditor should determine the extent to which audit procedures should be performed at selected locations or business units to obtain sufficient appropriate evidence to obtain reasonable assurance about whether the consolidated financial statements are free of material misstatement. This includes determining the locations or business units at which to perform audit procedures, as well as the nature, timing, and extent of the procedures to be performed at those individual locations or business units. The auditor should assess the risks of material misstatement to the consolidated financial statements associated with the location or business unit and correlate the amount of audit attention devoted to the location or business unit with the degree of risk of material misstatement associated with that location or business unit.

12.      Factors that are relevant to the assessment of the risks of material misstatement associated with a particular location or business unit and the determination of the necessary audit procedures include:

[The following subparagraph a. is effective for audits of fiscal years beginning on or after December 15, 2014. See  PCAOB Release No. 2014-002. For audits of fiscal years beginning before December 15, 2014,  click here.]

1. The nature and amount of assets, liabilities, and transactions executed at the location or business unit, including, e.g., significant transactions that are outside the normal course of business for the company or that otherwise appear to be unusual due to their timing, size, or nature ("significant unusual transactions") executed at the location or business unit;14/
2. The materiality of the location or business unit;15/
3. The specific risks associated with the location or business unit that present a reasonable possibility16/ of material misstatement to the company's consolidated financial statements;
4. Whether the risks of material misstatement associated with the location or business unit apply to other locations or business units such that, in combination, they present a reasonable possibility of material misstatement to the company's consolidated financial statements;
5. The degree of centralization of records or information processing;
6. The effectiveness of the control environment, particularly with respect to management's control over the exercise of authority delegated to others and its ability to effectively supervise activities at the location or business unit; and
7. The frequency, timing, and scope of monitoring activities by the company or others at the location or business unit.

   Note:  When performing an audit of internal control over financial reporting, refer to Appendix B, Special Topics, of Auditing Standard No. 517/ for considerations when a company has multiple locations or business units.

13.      In determining the locations or business units at which to perform audit procedures, the auditor may take into account relevant activities performed by internal audit, as described in AU sec. 322, The Auditor's Consideration of the Internal Audit Function in an Audit of Financial Statements, or others, as described in Auditing Standard No. 5. AU sec. 322 and Auditing Standard No. 5 establish requirements regarding using the work of internal audit and others, respectively.

14.      AU sec. 543, Part of Audit Performed by Other Independent Auditors, describes the auditor's responsibilities regarding using the work and reports of other independent auditors who audit the financial statements of one or more of the locations or business units that are included in the consolidated financial statements.18/ In those situations, the auditor should perform the procedures in paragraphs 11-13 of this standard to determine the locations or business units at which audit procedures should be performed.

Changes During the Course of the Audit

15.      The auditor should modify the overall audit strategy and the audit plan as necessary if circumstances change significantly during the course of the audit, including changes due to a revised assessment of the risks of material misstatement or the discovery of a previously unidentified risk of material misstatement.

Persons with Specialized Skill or Knowledge

16.      The auditor should determine whether specialized skill or knowledge is needed to perform appropriate risk assessments, plan or perform audit procedures, or evaluate audit results.

17.      If a person with specialized skill or knowledge employed or engaged by the auditor participates in the audit, the auditor should have sufficient knowledge of the subject matter to be addressed by such a person to enable the auditor to:

1. Communicate the objectives of that person's work;
2. Determine whether that person's procedures meet the auditor's objectives; and
3. Evaluate the results of that person's procedures as they relate to the nature, timing, and extent of other planned audit procedures and the effects on the auditor's report.

Additional Considerations in Initial Audits

18.      The auditor should undertake the following activities before starting an initial audit:

1. Perform procedures regarding the acceptance of the client relationship and the specific audit engagement; and
2. Communicate with the predecessor auditor in situations in which there has been a change of auditors in accordance with AU sec. 315, Communications Between Predecessor and Successor Auditors.

19.      The purpose and objective of planning the audit are the same for an initial audit or a recurring audit engagement. However, for an initial audit, the auditor should determine the additional planning activities necessary to establish an appropriate audit strategy and audit plan, including determining the audit procedures necessary to obtain sufficient appropriate audit evidence regarding the opening balances.19/

Why is it important for the auditor to obtain sufficient level of knowledge of the entity's business?

How does the auditor collect sufficient appropriate audit evidence?

How does an auditor gain such knowledge?

What is sufficient information in auditing?