Understanding the New Auditing Standards Related to Risk Assessment and the Auditor’s Responsibilities

Eight new Statements on Auditing Standards (SASs) (#’s 104 – 111) provide extensive guidance on how auditors should apply the audit risk model in the planning and performance of financial statement audits. 

The Auditing Standards Board (ASB) believes that the SASs represent a significant strengthening of auditing standards that will improve the quality and effectiveness of audits.  The following is a list of the new standards that will be applied:

bullet SAS 104 – Amendment to Statement on Auditing Standards No. 1, “Codification of Auditing Standards and Procedures” (‘Due Professional Care in the Performance of Work’)
bullet SAS 105 – Amendment to Statement on Auditing Standards No. 95, “Generally Accepted Auditing Standards”
bullet SAS 106 – Audit Evidence
bullet SAS 107 – Audit Risk and Materiality in Conducting an Audit
bullet SAS 108 – Planning and Supervision
bullet SAS 109 – Understanding the Entity and its Environment and Assessing the Risks of Material Misstatement
bullet SAS 110 – Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained
bullet SAS 111 – Amendment to Statement on Auditing Standards No. 39, “Audit Sampling”

The new standard that will have the most impact on clients will be No. 109, which deals with the auditor gaining a greater understanding of a client’s internal control environment.  This new standard is going to require extensive documentation by the auditor of a client’s internal control procedures so that audit procedures can be designed based on the internal control analysis.  This will require client’s to set aside some time to discuss the internal control environment of their company with the auditors prior to the actual fieldwork, and may also require the client to document the procedures as well. 

The new standards describe a process for applying the audit risk model to gather audit evidence and form an opinion about a client’s financial statements.

While exercising due professional care, auditors must plan and perform their audit in such a way to obtain sufficient appropriate audit evidence to reduce audit risk to a low level that is, in his or her professional judgment, appropriate for expressing an opinion on the financial statements.  Although “reasonable assurance” is a high level of assurance, it is not absolute assurance.  Absolute assurance is not attainable because an auditor does not examine all of the entity’s transactions or events and because of the limitations of the entity’s internal control.

In summary, the new audit risk model is designed to strengthen the quality and effectiveness of financial statement audits by requiring auditors to plan and perform audits based on the key concepts described in this article.  This is going to require auditors to spend more time in the planning process so that the internal controls and high risk areas of each client can be assessed, and therefore design an audit plan to obtain enough audit evidence to issue an opinion on the financial statements.  These new standards are going to require auditors to focus much more on internal control processes and procedures, which is going to add significant time to the planning stage of each financial statement audit going forward.

In order to complete all of the necessary planning documents and checklists that accompany these new standards, CSA will be in contact with all audit clients prior to the end of the year in order to schedule some time at the client’s office to complete the necessary documentation.