Audit Planning and Assurance

Audits as well as assurance are among the most important aspects of an organization. They provide important information to reassure those interested in the organization that they can trust the company. Stakeholders include potential investors, shareholders, governments, company employers and employees. Audits therefore have a wide scope and must be performed efficiently in different phases. One of the most important steps in testing and assurance is planning your test phase. In this case, we have extensive knowledge of: The environmental organization, the industries in which it operates, and the culture of the organization form a strong foundation for a continuous auditing process. The paper focuses on the concepts of risk assessment, compliance, and governance undertaken when planning for auditing in regards to the nature of the industry and environment an organization is associated.

Understanding the company

Before conducting the actual auditing process, following the operations of a company and its industry are crucial for auditors. Some of the factors looked into in understanding the nature of the company include; the company’s organizational structure, sources of funding, significant investments of the company, company’s size and complexity and sources of company’s revenues. The industry in which an organization operates in features a lot when the auditing process commences thus an important factor to consider. These essential areas form the genesis of an auditing plan that specializes in risk assessment, compliance, and governance.

Risk assessment

Auditing and assurance become mainly faced with two main risks; the information risk and the audit risk. Evaluating on what could go wrong while conducting an audit must be well planned through a risk assessment process. Information risk involves the risks of auditing information leaking to non-parties thus breaching the expected confidentiality of the information gathered during an audit. The process begins with assessing the types of errors and frauds likely to be perpetrated by a company. The audit risks on the other hand result from mistakes and misstatements from the auditing results. An audit can be based on two categories; the internal audit and the external audit. Internal audits investigate on the management of a company and whether resources are utilized appropriately.

Auditing from an external platform intends to inquire into the financial statements of an organization. Some of the risks that arise from audits are; inherent risk, detection risk, and the control risk. The accounting principles used by a company must be analyzed so as to detect any misstatements likely to rise from the financial statements. The risk assessment process begins with identifying risks in business. Some of the sources of the threats are from the nature of the firm and the environment in which an organization operates. The revenue and collection cycle of a company should be assessed in all dimensions so as to determine the level of risk associated with the enterprise. The highly integrated the risk is, the more intense the auditing procedures become. Under the audit approach, the test of controls is necessary to provide the appropriate level of detection risk. Substantive procedures are as well administered so as to produce independent estimates and disclose any risks n the company. Audit strategies are then formed to respond to the various risks identified through documentation.

Compliance of the company

A company’s noncompliance with the set laws and regulations causes financial material misstatements thus auditors, both internal and external must investigate on the matter. Understanding the legal framework under which a company operates in must be clearly understood by an auditor so as to adequately plan for the audit (De Martinis, Fukukawa and Mock, 2011). There are two types of noncompliance that an auditor must assess on a firm so as to be aware of the likely alteration of the audit results. The direct effect noncompliance produces material effects on financial statements amounts. The indirect-effect compliance on the other hand, is the violation of insider laws and regulations. An auditor has a responsibility to detect such noncompliance and must therefore plan on how to operate an audit in such scenarios.

Responding to noncompliance

Auditors have a responsibility assigned to them to investigate on whether a firm complies with the statutory regulations. While planning for an audit, an auditor tries to dig deep to understand the nature and the circumstances of the noncompliance. They do so by formulating plan procedures to detect direct-effect compliance and non-direct-effect noncompliance. Suspected or actual noncompliance must be reported to the audit committee of the company and if the company fails to amend, and then auditors are free to withdraw from the audit engagement (Fortvingler and Szívós, 2016).

Audit governance

Audit governance is made possible by having an exclusive audit committee. The audit committee comprises of the Board of Directors from the outside who in most cases are not engaged in the day-to-day operations of a company. The committee is set to harmonize the duties of auditors and the internal company operation. The auditor’s report to the committee and can request for books of accounts through the committee thus making the audit process easier. While planning for an audit, the governance of the audit must as well feature in the entire process and therefore, special amendments must be made in such circumstances. Governance in audit must be well planned for from both the inside and outside of the company so as to boost the audit process.

Factors considered in governance

Audit governance is the pillar of the audit process as poor audit governance leads to the overall downfall of the audit process. In this regard, a functional board must be formed prior to the actual audit engagement so as to facilitate the company with a reliable body of governance. Personal accountability at the Board level is important during the planning period. Adequate oversight of the risks pertained is necessary by the board so as to survive even in times of crisis. Technical competency of the board members transforms the audit process by scrutinizing the top voice and thus corporation among all the members. Internal audits heavily rely on the composition of the audit governance due to the nature and objectives of the internal audit.

Conclusion

Risk assessment, compliance, and governance have been reviewed to be critical in planning an audit. The success of an audit process lies on the three aspects. Audit firms will ensure that they are appropriately armed to handle audit services when they have fully planned for it to minimize errors and failure in the end audit results. Conducting such due diligence is critical for their clients and their businesses and should thus be emphasized.

References

De Martinis, M., Fukukawa, H., & Mock, T. J. (2011). Exploring the role of country and client type on the auditor’s client risk assessments and audit planning decisions. Managerial Auditing Journal, 26(7), 543-565.

Fortvingler, J., & Szívós, L. (2016). Different approaches to fraud risk assessment and their implications on audit planning. Periodica Polytechnica.Social and Management Sciences, 24(2), 102-112.