1. Brendan Murtagh
IAASB Board Member
IFAC-SAFA SMP Forum
New Delhi, India
October 10, 2014

2. The Changing Audit Environment
The external audit underpins quality and credibility of financial reporting and public confidence
Revolutionary change over the last 20 years in how and when financial information is communicated
Global financial crisis has further triggered questions
Relevance of the audit and trust in the audit profession
Quality of auditing – effectiveness, professional judgment, professional skepticism
Increased complexity in financial reporting and global business activity has increased users’ need for more information

3. Audit quality framework – now and future ISQC1 and the ISAs
Overview
Audit quality framework – now and future
ISQC1 and the ISAs
Structure
Proportional application, including documentation
IAASB update – other projects and plans
Audit efficiency
Tips
Resources
Given the context of the changing audit environment, what I’d like to talk about today is [see slide]

4. Framework for Audit Quality
Key Elements
Inputs
Process
Outputs
Interactions
Contextual Factors .

5. Framework for Audit Quality - Objectives
Raise awareness of the key elements of audit quality
Encourage stakeholders to reflect on ways to improve audit quality
Facilitate greater dialogue between key stakeholders on the topic
The AQ Framework describes the input and output factors that contribute to audit quality at the engagement, audit firm, and national levels, and demonstrates the importance of appropriate interactions among stakeholders and the relevance of various contextual factors.

6. Framework for Audit Quality – Acknowledging SME’s
Inputs
Auditor viewed as a valued business and tax advisor
SMPs have very direct influence on governance arrangements, consultation, and monitoring activities
Can you have relatively straightforward quality control policies and procedures
External consultation, technical support and using independent staff in quality monitoring processes may be challenging for SMPs
A culture of consultation may need to involve external technical resources (e.g., professional accountancy organizations, other firms, or suitably resourced third-party organizations)
SMPs with only a small number of audit clients may have difficulties retaining staff with relevant audit knowledge and experience

7. Framework for Audit Quality – Acknowledging SME’s
Outputs
Strong and frequent communications with senior management due to close involvement in the entity’s business and lengthy relationships
Enhanced opportunity to provide meaningful advice to clients
Contextual Factors
Business practices and information systems, and applicable financial reporting framework, are sometimes les complex
Little distinction between management and those charged with governance (e.g., an owner-manager will usually fulfil both roles)
Audit committees are rare and, when they exist, members are often not independent or financial literate
Reporting deadlines can be less onerous

8. Framework for Audit Quality – Next Steps
All stakeholders encouraged to consider how they may use the Framework in reflecting how they may influence improvement in audit quality
Actions to raise awareness and promote the use of the Framework and identify future opportunities to enhance audit quality
Audit Quality webpage on the IAASB’s website
Prominence in IAASB outreach and liaison activities
Use in revising ISQC 1 and ISA 220
Future follow-up activities after a period of time to understand how and in what way the Framework is being used

9. Audit quality framework – now and future ISQC1 and the ISAs
Overview
Audit quality framework – now and future
ISQC1 and the ISAs
Structure
Proportional application, including documentation
IAASB update – other projects and plans
Audit efficiency
Tips
Resources
Given the context of the changing audit environment, what I’d like to talk about today is [see slide]

10. Understanding the ISAs – Overall Structure
Preface
Scope and Authority
Glossary
Terms applicable to the standards
ISQC1
QC for firms
ISAs
37 in all, 570+ requirements (incl. ISQC1)

11. Structure of the ISAs
Clarity structure in which information is presented in separate sections: Introduction, Objective, Definitions, Requirements and Application and other Explanatory Material
Emphasis on professional judgment, the standards are principles based which allows practitioners to tailor audit procedures
Contain special considerations for smaller entity audits
Some ISAs only apply to larger entity audits
Many requirements may not be relevant to SME audits

12. Proportional Application – ISQC 1
ISQC 1 Quality Control for Firms that Perform Audits and Reviews of Financial Statements and other Assurance and Related Service Engagements
Applies to firms of all sizes that provide services covered by the IAASB’s International Standards
Must comply with each requirement unless, in the circumstances of the firm, it is not relevant to the services provided
Contains special considerations for smaller practices
The form and content of documentation evidencing the operation of each elements of the system of quality control is a matter of judgment and depends on the size, nature and complexity of the firm and number of offices

13. Proportional Application – ISA 200
ISA 200, Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing
The practitioner needs to comply with all ISAs relevant to the audit and with all requirements in ISAs relevant to the audit
A complete knowledge of all the standards is essential in order to make a professional judgment as to what to leave out
Not all ISAs are relevant to every audit as the standards are designed to cover audits in every situation globally

14. Proportional Application – ISA 210
ISA 210 Agreeing Terms of Audit Engagements
Paragraph 6, agreeing the terms of engagement with management, and paragraphs 9 and 10, which require you to communicate the terms in writing to management in a letter, will be applicable in every engagement
Paragraphs 7 and 8 deal with an imposed scope limitation and the situation where the preconditions do not exist. Paragraphs deal with changes to the terms of engagement in mid-audit and paragraphs the situation where laws and regulation supersede the ISAs
It is important to know what the requirements are, but these situations are also likely to be far and few between for SME audits

15. Proportional Application – ISA 210 (con’t)
ISA 210 Agreeing Terms of Audit Engagements continued
To summarize, of the 16 requirements in ISA 210, paragraphs 6, 9 and 10 are critical and will apply in every engagement. For SMPs, knowing they have to deal with 3 main requirements out of 16 is a lot less daunting than considering all 16 every time.

16. Proportional Application – ISA 315
ISA 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment
The objective of the auditor is to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and assertion levels, through understanding the entity and its environment, including the entity’s internal control, thereby providing a basis for designing and implementing responses to the assessed risks of material misstatement.
Focus on significant risks – effectiveness and efficiency
- Understand the business – important from an engagement risk perspective
- Identify significant risks up front and focus audit effort on these

17. Proportional Application – ISA 315 (con’t)
ISA 315 focus on significant risks – effectiveness and efficiency continued
Substantive tests are required for each material class of transactions, account balances and disclosures, but tests of details only required for significant risks
Consider analytical procedures (follow requirements of ISA 520 Analytical Procedures) for non-significant risk items where appropriate
Use professional judgment to determine what substantive tests to use on items not considered significant risks
ISAs explicitly encourage the auditor to exercise professional judgement in determining the form and extent of documentation – they acknowledge extent may vary depending on the circumstances

18. Proportional Application – some ISAs not relevant
Examples of some of the ISAs that would not be relevant in an SME audit include:
ISA 402 Audit Considerations Relating to an Entity Using a Service Organization if the SME does not use a service organization
ISA 510 Initial Audit Engagements – Opening Balances if the SME is a continuing, and not an initial, engagement
ISA 600, Special Considerations – Audits of Group Financial Statements (Including the Work of Component Auditors) if the SME audit engagement is not a group audit.
ISA 610 Using the Work of Internal Auditors if the SME has no internal audit function

19. Documentation – ISA 230
ISA 230 on documentation is one of the shortest ISAs
Only 9 requirements but another 22 specific requirements in other ISAs listed in the appendix
Must be in detail (e.g. specific items sampled) and who did what and when (paragraph 9)
Document discussions of significant matters, inconsistencies, and departures from requirements (paragraphs 10-12)
Remainder covers matters arising after the audit report is signed, and assembly of the file

20. Purposes of Audit Documentation
Evidence of the auditor’s basis for a conclusion about the achievement of the overall objectives of the auditor (ISA 200 para 11)
“A sufficient and appropriate record of the basis for the auditor’s report” (ISA 230 para 5)
Evidence that the audit was planned and performed in accordance with ISAs

21. Additional purposes (ISA 230 para 3)
Assist in planning/performing the audit
Assist the direction, supervision and review of the audit work (ISA 220 para 2)
Enabling the engagement team to be accountable for its work
Record matters relevant to future audits
Enabling EQCR/ISQC 1 review
Enabling external inspections

22. ‘Sufficient’ audit documentation
“Oral explanations by the auditor, on their own, do not represent adequate support for the work the auditor performed or conclusions the auditor reached, but may be used to explain or clarify information contained in the audit documentation” (ISA 230 para A5)
If it’s not documented … it wasn’t done!

23. Documentation – Regulators’ Observations I
Worldwide regulators complain about poor documentation
Too much documentation in some established and low risk areas and not enough in other difficult areas
Poor evidence of link between risk analysis and procedures performed – problems identified but not addressed
Not enough showing the thought processes – but how!?
Sample sizes being cut, materiality levels being raised, analytical procedures not being used much – without documentation for the justification of this – big issues

24. Documentation – Regulators’ Observations II
ISA 200: scepticism is an attitude including a questioning mind, being alert to conditions which may indicate possible misstatement, and a critical assessment of audit evidence
Scepticism is not cynicism / distrusting everything: assume documents are genuine unless reason to suspect not
Scepticism is about challenging assumptions and actively considering the possibility of bias
Little evidence of professional scepticism
Insufficient evidence of challenge to client assumptions (e.g., impairments, going concern): often, the challenge took place in meetings but was not documented

25. Documentation – Real Problem
Excessive documentation for compliance purposes is real problem – keeps auditors from engaging with the client
Largely a product of over-engineered and inefficient audit methodologies – leading to under- or over-auditing
Poor documentation by auditors – for example
Keeping interesting but irrelevant information on the file
Full documents rather than extracts
Not making use of facilities for electronic cross-referencing
Poor checklists used indiscriminately without thought

26. Audit quality framework – now and future ISQC1 and the ISAs
Overview
Audit quality framework – now and future
ISQC1 and the ISAs
Structure
Proportional application, including documentation
IAASB update – other projects and plans
Audit efficiency
Tips
Resources
Given the context of the changing audit environment, what I’d like to talk about today is [see slide]

27. Projects nearing completion
Major changes to the audit report (late 2014)
Improved auditor reporting is essential to the continued relevance of – and trust in – the audit profession globally
The audit opinion is valued, but the auditor’s report could be more informative
Users, in particular investors, want more relevant and decision-useful information about the entity, the financial statements and the audit thereof
Requirements to determining and communicate Key Audit Matters
ISA 720 (early 2015?)
Identify “other information” in the auditor’s report
Clarify responsibilities
Auditing Financial Statement Disclosures (mid 2015?)
Changes proposed across a number of ISAs
Reinforce consistent and proper application of existing requirements

28. Proposed Work Program 2015–2016 – Feedback
Initially suggested focus on three priority projects
Quality Control (QC); Special Audit Considerations Relating to Financial Institutions; Professional Skepticism
Clear from responses that the IAASB needs to advance its thinking in certain areas sooner than originally anticipated
Perhaps less important to complete projects on an accelerated basis
Respondents
Agreed with project on QC – mixed views on how to addressed issues
Agreed with topic of Professional Skepticism – further consideration as to nature of project
Recognized importance of Financial Institutions, largely supportive, but some caution against developing industry-specific ISAs; rather non- authoritative material?
Expressed strong views to bring forward group audits (ISA 600)
Encouraged timely work on agreed-upon procedures (ISRS 4400) and risk assessment (ISA 315)

29. The IAASB’s Innovation Working Group
Explore emerging developments in the audit, assurance and related services fields for the purpose of assisting the IAASB in identifying opportunities for relevant and effective standard setting, or determining other potential actions, in a timely and informed manner
Possible actions may include
Information gathering – private outreach/ dialogue or academic research
Follow up actions – Thought piece/ awareness (Staff publication/ IAASB Position paper), public outreach or consultation paper or discussion
Standard setting
Areas of priority include integrated reporting (<IR>) and effects of evolving use of technology on audits (including data analytics)

30. Global Adoption of Clarified ISAs
Jurisdictions Using Clarified ISAs Already, or Committed to Using Them in the Near Future (103)
Asia and Oceania (21): Australia, Bangladesh, China, Hong Kong, India, Indonesia, Japan, Kazakhstan, Kyrgyz Republic, Malaysia, Mongolia, Nepal, New Zealand, Pakistan, Philippines, Singapore, South Korea, Sri Lanka, Thailand, Uzbekistan (listed entities), Vietnam
Americas (17): Argentina, Bahamas, Barbados, Brazil, Canada, Cayman Islands, Chile, Costa Rica, El Salvador, Guyana, Jamaica, Mexico, Panama, Puerto Rico (private companies), Trinidad and Tobago, Uruguay, USA (private companies)
Europe (39): Albania, Armenia, Austria, Belgium, Bosnia and Herzegovina, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France (Experts Comptables), FYR Macedonia, Georgia, Greece, Hungary, Iceland, Ireland, Italy, Kosovo, Latvia, Lithuania, Luxembourg, Malta, Moldova, Montenegro, Netherlands, Norway, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey, Ukraine, United Kingdom
Africa/Middle East (26): Benin, Botswana, Ghana, Jordan, Kenya, Kuwait, Lebanon, Lesotho, Malawi, Mali, Mauritius, Namibia, Nigeria, Palestine, Rwanda, Senegal, Sierra Leone, South Africa, Swaziland, Tanzania, Togo, Tunisia, Uganda, United Arab Emirates (Abu Dhabi and Dubai), Zambia, Zimbabwe

31. Audit quality framework – now and future ISQC1 and the ISAs
Overview
Audit quality framework – now and future
ISQC1 and the ISAs
Structure
Proportional application, including documentation
IAASB update – other projects and plans
Audit efficiency
Tips
Resources
Given the context of the changing audit environment, what I’d like to talk about today is [see slide]

32. Tips for Audit Efficiency
Automation – standardized templates and customized checklists
Software – utilizing commercially available products
Planning – timeframe, list of deliverables, client meeting
Risk based approach – in line with ISAs
Staff training / supervision
Communication
There are a number of practical steps which could be considered for improving audit efficiencies.
Automation
Automating the audit practice provides an opportunity to improve audit quality at both firm-wide and individual engagement levels. At the firm level, setting up standardized templates helps ensure that all phases have been completed in every audit. Customized checklists can be updated as needed and incorporated into individual engagement files at the beginning of every engagement. It is important that every file is customized for the individual client. The generic firm template is a great place to start, but it is only a start.
Software
When using commercially available software SMPs engagements, you can roll forward last year’s electronic file almost instantly and have ‘mapped’ trial balance codes for efficiency if generating the financial statements. You can also an engagement letter and list of deliverables required when you visit the client at the beginning of the audit. If you import data from one application program to another, data conversion errors should be eliminated and grouping and arithmetical errors can be minimized.
Planning
The essential component for an efficient audit is proper planning and organisation both from the perspective of the audit firm and the business. It is important that the timeframe is agreed in advance with clearly specified delivery dates. The field work should be scheduled and the board meeting to sign the accounts agreed. A list of client deliverables should be provided by the audit firm. The initial planning meeting should be scheduled in advance.
Risk based approach
The audit team should focus on working smarter, not harder. The work should be concentrated on the key risk areas with the level and amount of work tailored accordingly. A thorough analytical review should be undertaken which identifies the key risks and the level of testing that will be performed on these and other areas. This review should include scoping out of balances which are fully understood and would not lead to a material misstatement. When considering the audit approach, sometimes less is more. The audit team should limit procedures on areas considered to be low risk and focus attention and time on significant risks or historical areas known to cause issues.
Staff training/ supervision
The audit firm must ensure that their staff are resourced at the correct level and that more junior team members receive adequate supervision to complete the work to a high standard. Senior reviews of the testing must be scheduled in a timely manner, so any open points are closed when the audit team is onsite and not later at greater cost.
Communication
Regular, effective communication is important for individuals in audit team and the business. A daily tracker with open queries is useful tool to facilitate these conversations. As a result any issues will also be discussed early, so there is less likelihood of last minute changes and late surprises.

33. Knowledge Sharing – Implementation
ISA Guide Volume 1
Fundamental concepts of a risk-based audit in conformance with the ISAs
ISA Guide Volume 2
Practical guidance on performing SME audits. Includes two illustrative case studies—one of an SME audit and one of a micro-entity audit
To be discussed in detail later in the session on Guide to Using ISAs in the Audits of SMEs.

34. Knowledge Sharing – Implementation (cont)
QC Guide
Helps SMPs apply ISQC 1 proportionately and efficiently. Includes guidance, case study, two sample QC manuals and checklists
Reference, training, customize manuals and checklists

35. IFAC Global Knowledge Gateway
Global Knowledge Gateway Audi & Assurance
Audit & Assurance includes sub topics on:
Agreed-upon procedures
Audit
Compilation
Other assurance
Quality control
Review

36. References – IAASB
Staff Q&A, Applying ISAs Proportionately with the Size and Complexity of an Entity: answers-applying-isas-proportionately-size-and-complexity-ent
Staff Q&A, Applying ISQC 1 Proportionately with the Nature and Size of a Firm: QC%201%20Proportionality_FINAL.pdf
The Clarified ISAs—Findings from the Post-Implementation Review: implementation-review

37. References – Knowledge Sharing - Implementation
Guide to Using International Standards on Auditing in the Audits of Small- and Medium-Sized Entities (Third Edition) (incl. companion manual and slides): international-standards-auditing-audits-small-and-medium-sized-en
Guide to Quality Control for Small- and Medium-Sized Practices (Third Edition) (incl. companion manual and slides): resources/guide-quality-control-small-and-medium-sized-practices-third-edition-0
Boosting the Quality and Efficiency of Smaller Entity Audits article: smaller-entity-audits
Tips for Cost-Effective ISA Application article:
Tips for Cost-Effective ISQC 1 Application article:

38. Thank You