ISA 315: A milestone carrying important messages for the future of international auditing
Introduction
1. Classification and purpose of ISAs
„ISA“ stands for „International Standards on Auditing“ issued by the International Auditing and Assurance Standard Board (IAASB) based in New York (USA). The Standards cover a wide range of topics that are numerically classified into the following groups according to the „Handbook of International Quality Control, Auditing, Review, Other Assurance, and Related Services Pronouncements“ (Part 1) under the heading „Audits of historical financial information“:
– No. 200-299: General principles and responsibilities
– No. 300-499: Risk assessment and response to assessed risks
– No. 500-599: Audit evidence
– No. 600-699: Using the work of others
– No. 700-799: Audit conclusions and reporting
– No. 800-899: Audit evidence
Personal responsibility is one of the key professional duties of an “independent auditor of financial information” (hereafter referred to as “auditor”). In order to fulfil that responsibility, the auditor must consider all relevant issues. Equally, the auditor must have a good understanding of what is meant by “standard”, namely a uniform measurement, a set of norms, rules or requirements. If the auditor wishes “to be up to standard”, then all requirements must be fulfilled. The vital role of ISAs is to ensure a uniform and high degree of audit quality worldwide.
2. ISA 315 as a milestone for auditing
The various chapters mentioned above should not obscure the fact that the crucial task of the standards is to protect professionals worldwide from reaching a positive judgement on financial statements that are knowingly or unknowingly „materially misstated”. In striking contrast to its numerical position, the title of ISA 315 –
“Identifying and assessing the risks of material misstatement through understanding the entity and its environment“
clearly reflects the key strategic function of the Standard.
The specific objective of ISA 315 continues in a similar vein: „The objective of the auditor is to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and assertion levels, through understanding the entity and its environment, including the entity ́s internal control, thereby providing a basis for designing and implementing responses to the assessed risks of material misstatement“.
In an interplay between „Requirements“ (R) and „Applications“ (A), the Standard spans a broad framework across the following four chapters:
– Risk assesments procedures and related activities
– The required understanding of the entity and its environment,
including the entity ́s internal control
– Identifying and assessing the risks of material misstatement
– Documentation
Between them, these chapters spell out that the only way to identify risks pertaining to material misstatements (and therefore enable the auditor to focus audit procedures on the relevant areas from an early stage) is to master the whole gamut of tools at the auditor’s disposal. In order to identify fraud or error, the auditor must also focus on potentially difficult currents 2)* as early as possible, including currents that can also arise in the interpretation of a foreign language.
1)* Written by Dr. Werner Krommes, München, author of the ISA commentary „The Risks of Material Misstatement – Das Aufklärungsmodell des ISA 315“ published by Springer Gabler, Wiesbaden/Germany, in August 2018
2)* Benedikt Köhler explained the origin of the term „risk” as follows: „Risk is a comparatively modern term. The word itself does not appear at any point in the literature of classical antiquity or the Middle Ages. As with many other areas of knowledge and practical tools…the term appears for the first time during the Italian Renaissance. Seafarers ventured beyond the known waters of the Mediterranean and began using the word “resciare”, at that stage, still with the meaning “crossing a difficult current”.
________________________________________________________________________________________________________________
II. Material misstatements
1. The range of material misstatements
What is meant by a “misstatement” or an incorrect presentation as described in the „Glossary of Terms” which is attached to the ISAs. The glossary contains the following comments on the term “misstatement”: „A difference between the reported amount, classification, presentation, or disclosure of a financial statement item and the amount, classification, presentation, or disclosure that is required for the item to be in accordance with the applicable financial reporting framework. Misstatement can arise from error or fraud. Where the auditor expresses an opinion on whether the financial statements are presented fairly, in all material respects, or give a true and fair view, misstatements also include those adjustments of amounts, classifications, presentation, or disclosures that, in the auditor’s judgement, are necessary for the financial statements to be presented fairly, in all material respects, or to give a true and fair view.”
It is not clear why the term „misstatement” is not preceded in the glossary by the adjective „material“. 3)* It is necessary in this case to refer to ISA 320. 4*) Paragraph 2 of this Standard („Materiality in the Context of an Audit“) states: „Although financial reporting frameworks may discuss materiality in different terms, they generally explain that:
– Misstatements, including omissions, are considered to be material if they, individually or in the
aggregate, could reasonably be expected to influence the economic decisions of users taken on
the basis of the financial statements;
– Judgements about materiality are made in light of surrounding circumstances, and are affected
by the size or nature of a misstatement, or a combination of both; and
– Judgements about matters that are material to users of the financial statements are based on a
consideration of the common financial information needs of users as a group. The possible effect
of misstatements on specific individual users, whose needs may vary widely, is not considered.“
The formulation „individually or in the aggregate“ is of great importance, given that even small errors – whether made knowingly or unknowingly – can be material in sum (bundle theory).
And if those errors are being made knowingly, an auditor must be aware that financial statements could contain several errors, including small ones, which could result in the financial statements being materially misstated. This situation could arise, for instance, if management is keen to create a positive earnings effect, but is unable to do so within a single line item, given that no single line item has enough substance to conceal a fraud (the so-called “mosaic architecture of manipulation”).
2. Misstatements due to fraud
Consistent with the general philosophy followed by all International Auditing Standards, ISA 315 makes it clear from the outset that the auditor must never lose sight of the problem of fraud:
„Fraud, whether fraudulent financial reporting or misappropriation of assets, involves incentive or pressure to commit fraud, a perceived opportunity to do so and some rationalization of the act. For example:
– Incentive or pressure to commit fraudulent reporting may exist when management is under pressure, from sources outside or inside the entity, to achieve an expected (and perhaps unrealistic) earnings target or financial outcome – particularly since the consequences to management for failing to meet financial goals can be significant. 5)* Similarly, individuals may have an incentive to misappropriate assets, for example, because individuals are living beyond their means.
– A perceived opportunity to commit fraud may exist when an individual believes internal control can be
overridden, for example, because the individual is in a position or has knowledge of specific deficiencies
in internal control.
– Individuals may be able to rationalize committing a fraudulent act. Some individuals possess an attitude,
character or set of ethical values that allow them knowingly and intentionally to commit a dishonest act.
However, even otherwise honest individuals can commit fraud in an environment that imposes sufficient
pressure to them.“
Auditors must therefore be attuned to the „susceptibility of the financial statements to material misstatement“ 6)* and aware that complex circumstances may, via inappropriate manual interventions, have been used to conceal inflated profits, in particular in connection with the above mentioned “mosaic architecture”.
This point highlights the risk of fraudulent accounting (often involving fictitious transactions). Numerous examples of irregularities have been reported in the past, the magnitude and explosive force of which have repeatedly discredited the auditing profession in many countries due to the failure to identify the resulting misstatements in good time.
3)* This would have made sense given that paragraph of ISA 200 states: „The purpose of an audit is to enhance the degree of confidence of intended users in the financial statements. This is achieved by the expression of an opinion by the auditor on whether the financial statements are prepared, in all material respects, in accordance with an applicable financial reporting framework.
4)* ISA 320 „Materiality in Planning and Performing an Audit.“
5)* This would, for example, be an issue that a German auditor could raise at an early stage with a foreign partner who is responsible for auditing a German subsidiary.
6)* ISA 200 („Overall objectives of the independent auditor and the conduct of an audit in accordance with international standards on auditing“, paragraph 13n) states that the risk of material misstatement comprises two components, namely „inherent risk“ and „control risk“. Inherent risk is defined as „the susceptibility of an assertion about a class of transaction, account balance or disclosure to a misstatement that could be material, either individually or when aggregated with other misstatements, before consideration of any related control.“
________________________________________________________________________________________________________________
III. Assertion and clarification (Behauptung und Aufklärung)
1. Understanding the language
The best way for a non-native speaker of English to approach International Standards on Auditing is to decipher the language used 7)*, understand the mentality behind certain words, and ultimately to find a viable bridge between the English and their equivalent in a foreign language. If the translation from English does not easily fit in with the philosophy of the foreign language – which is unfortunately sometimes the case with the official ISA translation into German – the clarity of the original text can be blurred and the chance lost to transform the rules into an effective audit concept.
2. The constituent poles of the audit of financial statements
ISA 315 states: „In representing that the financial statements are in accordance with the applicable financial reporting framework, management implicitly or explicitly makes assertions regarding the recognition, measurement, and presentation of classes of transactions and events, accounts balances and disclosures“.
In this context, the word „assertion” in English corresponds to „Abschluss- Aussagen“ in German. In the sense of „claiming that something is true”, the nearest German word is „Behauptung” and in the sense of „pleading innocence” the nearest German word is „Beteuerung”. The English noun „assertion“ corresponds to the verb „assert”, or in German „behaupten“, which also has the meaning of “to state something” or to “claim something”. Thus, when management presents unaudited financial statements, it initially states or claims that they have been prepared correctly in all material respects (completeness, existence, accuracy, valuation, ownership, presentation).
From the auditor’s point of view, there is a very subtle difference between the German words „Aussage“ and „Behauptung“. 8)* Whereas the term „Aussage“ is relatively neutral, the term „Behauptung“ – symbolizing a completely different way of thinking – conveys a slight suspicion that information provided (at least in part) may be incorrect. The „financial reporting environment“ often gives rise to a dogmatic behaviour which is then reflected in Behauptungen/claiming something is true.
Management’s attitude is likely to be shaped by the specific environment (political, economic, social or technological) in which the reporting entity operates and will therefore depend on and determined (in German “bestimmt”) by individual circumstances. One of the meanings of the German word „bestimmt” is „assertive“. An auditor must always respond to management’s “claims that something is true” with a degree of scepticism, reflecting the fact the auditor too must pursue the necessary audit objectives politely but “assertively”. The confrontation between management and auditor is therefore characterised by different forms of certainty/ assertiveness.
Against this background, the auditor has the responsibility of obtaining evidence in the form of reliable documents that enable a conclusion to be reached as to whether management’s assertions are correct or incorrect. Behauptung and Aufklärung 9)* are thus the two constituent poles of any audit of financial statements.
7)* In his article „dEUtsch“, published in the Frankfurter Allgemeine Zeitung (FAZ) on 5 January 2006, page. 6, H.J. Meyer wrote „Being able to read and understand demanding texts in other languages, both accurately and reliably, is of critical importance. This will never work, however, unless we have a good understanding of the intellectual background and culture of the language concerned.“
8)* The German word „Behauptung“ contains the word “Haupt” (head as in body part or leading person), implying a literal meaning of “proving that one is a master of something”. If this image is taken one step further, we can imagine someone raising their head forcefully to impress others of their expertise and at stage we may be reminded of fraudsters such Madoff (USA), Tanzi (Italy) or Schmider (Germany), who were able to hide their criminal machinations for a long time and therefore cause such enormous damage.
9)* The German word “Aufklärung” means “to clarify” or “to shed light” on something). With respect to ISA 315, it therefore covers the auditor’s responsibility to obtain an in-depth-knowledge of the entity on the one hand and to verify management’s assertions on the other
________________________________________________________________________________________________________________
3. Setting areas of emphasis
a. Gaining an understanding of an entity’s business activities
The title of ISA 315 explicitly states that the auditor is required to gain an understanding of the entity and its environment, both internally and externally, and to incorporate that knowledge into an assessment of the risks of material misstatement due to fraud or error, in particular by continuously renewing knowledge about economic and structural developments within the industry or sector in which the entity operates as well as the economy as a whole.
ISA 315 takes the auditor by the hand, takes him into the world of entities and businesses and provides sensors that enable risks of material misstatement to be identified by analysing internal processes and/or targeted market observations. The frequently repeated requirement „to obtain an understanding” of various aspects of the entity’s business, including its internal control system, becomes an underlying leitmotif that runs through the entire Standard and always acquires a special significance when „complex structures of the entity” are referred to. The latter also includes so-called „black boxes” 10)* and other typical circumstances in which people are often „complicit“.
Auditors are generally aware that the knowledge they have laboriously acquired has a limited shelf-life. A study of the contents of the „Requirements“ and „Applications” contained in ISA 315 quickly reveals the long path that needs to be taken to enable the auditor to reach the relevant conclusions. Starting at the „financial statement level“ and continuing to the „assertion level” and applying risk assessment procedures such as „inspection” and “observation” 11)* the auditor must obtain a comprehensive understanding of the entity’s financial condition and performance in order to be able to identify the types of potential misstatement that can arise from completely different business transactions.
Gaining a thorough knowledge about the entity’s business activities and its environment also involves a psychological aspect, in that it creates a special sensitivity for understanding business-related data (described by ISA 330 as a „cumulative and iterative process“). The lower the awareness threshold, the more likely it is that the auditor will also be able to perceive whether figures are unusual (and therefore more susceptible to error) or to identify that a reported change in the financial statements is inconsistent with the auditor’s expectations.
10)* Brockhaus defines black boxes as “cells in which predominantly the interplay with other similar parts is observed, whereby their internal structure is largely irrelevant or even unknown.”
11)* It is important to find the correct balance between inspection and observation. In certain cases, it may be appropriate to apply a combination of inspection and observation procedures. If, for instance, the inspection of planning documents indicates that a construction company expects to invoice a customer for a major construction contract at the end of the year, the auditor will normally take steps at that stage to obtain convincing evidence of the stage of completion of the project and stress the need to be kept informed of final negotiations between the contractual parties.
________________________________________________________________________________________________________________
Gaining an understanding of an entity’s business activities requires the auditor to look behind the entity’s façade. Working with ISAs is likely to encourage the auditor to reach this conclusion. Only by gaining a comprehensive understanding of the audited entity, including the related assessment of the integrity and competence of management and other personnel as well as a detailed knowledge of the corporate objectives pursued, will the auditor be able to reach an opinion on whether financial reporting is well-balanced and conveys the appropriate level of assurance. Throughout this process, and regardless of the form of the auditor’s assertions in the audit opinion, the auditor will be expected to issue a report that provides a reasonable level of assurance.
b. Focus on key management assertions
The auditor is obliged in theory to check all management assertions relating to the propriety of the accounting system and records, a task that involves a vast amount of work which could well indicate potential difficulties in meeting the stipulated audit budget. One of the specific features of a risk-oriented audit approach is that assertions can be weighted. This approach is permissible, given the importance of clarifying at an early stage which assertions are of crucial importance (depending on changes in the entity’s financial condition and performance) and identifying the circumstances under which figures and explanations provided by management could be materially misstated. This is particularly relevant when it comes to understanding the connection between management assertions and financial statement implications. For instance, in the case of an entity that is under pressure to generate profits, special attention may need to be paid to assertions relating to the “existence” of receivables.
Moreover, it is also worth considering that explanations provided by members of a management team that is facing pressure to show the financial statements in a good light are, in fact, the „final link of a chain”, the first piece of which may well have been information relevant for specific line items in the financial statements. Examples include assertions relating to competitors, the assertion that the entity’s performance is insensitive to macroeconomic developments or the assertion that the entity is a market leader. „Assertive“ explanations of this kind must then brought into line in accounting terms with the aid of additional assertions that underpin the entity’s compliance with its stated accounting policies, therefore making it appear that they are consistent with the original assertions.
In this context, it helps to look at chapter „The Use of Assertions” in ISA 315 from a psychological perspective, especially when the topic of „fraud“ comes into play. If assertions are being „forced”, the outcome may be fraudulent financial reporting.
IV. Nature of audit procedures
1. Professional scepticism
The scope of ISA 315 is extremely broad. The Standard makes it clear from the outset that it covers a wide spectrum of issues, including error and fraud. The call for vigilance that runs through all ISAs comes over loud and clear. „When obtaining reasonable assurance, the auditor is responsible for maintaining professional scepticism throughout the audit.“
By accompanying an entity over time, becoming familiar with pertinent internal documents, maintaining regular contact with the entity’s staff and management and understanding the assertions made by management, the auditor can obtain a deep insight into the entity’s performance and identify the major areas of risk that could lead to misstatements. As a matter of principle, an auditor must always adopt a critical approach 12)*. The degree of professional scepticism applied will increase if a particular development 13)* and the related outcome cannot be reconciled with the auditor’s expectations.
A questioning mind might then motivate the auditor to take a close look at a particular transaction, such as examining the related contracts, delivery or acceptance records in the original, thereby gaining a better understanding of the resulting accounting entries. Given that certain „assertions“ must be based on specific facts that are subjected to diligent audit examination, a questioning mind will not allow the auditor to be satisfied with the view that „there’s a good chance it’s correct”. 14)*
12)* The Glossary of Terms defines „professional scepticism” as: „An attitude that includes a questioning mind, being alert to conditions which may indicate possible misstatements due to error or fraud, and a critical assessment of evidence.“
13)* For instance, the growth of foreign revenue or the billing of project business contracts
14)* The auditor is likely to face particular challenges and require external expertise if the relevant documents are drawn up in a foreign language.
________________________________________________________________________________________________________________
An auditor with international experience will be well aware that receivables are particularly susceptible to misstatement, ranging from simple error (revenue recognised too early by error) to fraud (no deliveries or services have taken place).
The following diagram focuses illustratively on audit issues relating to the balance sheet line item “receivables”, highlighting the interplay between materiality, audit objectives, audit procedures and audit evidence. The triangle in the middle contains the tasks that must be subjected to diligent audit examination, while the apex of the triangle points to a balance sheet line item, assertions for which have not yet been clarified.
If a sceptical auditor suspects that an assertion is incorrect, the obvious reaction is to try to find the necessary evidence to prove that “the assertion is wrong”. In this respect, ISAs hit the nail on the head with their definition of „substantive procedures” 15*) in that it unambiguously determines the focus of audit procedures. 16*) However, although the actual work will largerly take place at the „assertion level“ (i.e. where the sources of potential misstatements are most likely to lie), it must not be forgotten that, without the information obtained at the „financial statement level“, many audit procedures will lack direction and ultimately substance.
Without an objective idea (combined for instance under individual circumstances with obtaining sufficient appropriate audit evidence of existence, completeness and valuation) or without a specific idea of which tool (for example inspection, observation or computation) is best suited to achieve a certain purpose, it is never going to be easy for the auditor to explain why a particular assertion of management has been doubted.
The diagram is also intended to show how audit theory can be put into practice and to highlight the need to define general objectives for an audit that are capable of confirming the reliability of financial reporting, to analyse the information provided and to work with specific audit objectives based on specific assertions made by management.
2. Audit objectives
a. Audit objectives/methods as a strategic unit
In order to identify and assess the risks of material misstatement, each individual audit procedure must specify „what“ is to be done (audit objective) and „how“ it is to be done (audit method). These two elements are inseparably linked by a horizontal coordinate and a vertical coordinate to form a so-called “strategic unit”. The two coordinates mark the area – in geometric terms the point – in which, or at which stage, the auditor must make a judgement regarding specific management assertions. In the case of receivables, this point is where the line “inspection” meets the line “existence”. If we understand this concept of the strategic unit, we are well on the way to understanding the main characteristics and creative sources of an audit procedure.
15)* ISA 550 (Audit Evidence) states: „Substantive procedures are designed to detect material misstatements at the assertion level. They comprise tests of detail and substantive analytical procedures. Designing substantive procedures includes identifying conditions relevant to the purpose of the test that constitute a misstatement in the relevant assertion.“
16)* Certain terms cannot be translated with precise accurately. Under these circumstances, it is probably preferable to refrain from transforming their meaning rather than take the risk of missing the point (since there is no equivalent German term), and therefore convey an incorrect or incomplete message. According to Marie Ebner Eschenbach, the spirit of a language is most clearly revealed in its untranslatable words. In a similar vein, Limbach made the point that “ich liebe meine Sprache, (Englisch ist ein Muss, Deutsch ist ein Plus”, roughly translated as “I love my language (English is a must, German is a plus) (FAZ, 8 February 2005, page 36). „Substantive procedures“ is such a term. Translating this English term into German as “aussagebezogene Prüfungshandlungen” (literally: „assertion-related audit procedures“) does not do justice to the original way of thinking, either in terms of content or purpose. In principle, of course, all audit procedures are „assertion-related“.
________________________________________________________________________________________________________________
Establishing a compact set of rules for combining audit objective and audit method could replace the current practice of applying a series of loosely connected audit procedures. If, for instance, the “existence” of revenue/accounts receivable were in doubt, an “inspection” of the relevant contracts would be required. Given that the overarching objective is to confirm that the information (and corresponding assertions) contained in the financial statements is reliable, it makes sense to combine audit objectives and audit methods to form a „strategic unit“. Expressed another way, they should be brought together to form a „special relationship” (from the Latin „relatio essentialis“) so as to enable the veil of management assertions to be lifted.
The meaning of „audit objective” from a strategic perspective becomes clear, in that it specifies the “rough area” of the entity’s accounting system and records, in which “clarifying investigative work” (in German “Aufklärungsarbeit”) is required to be performed. 17)* At the same time, the auditor must always be aware of the risk of looking in the wrong area or in the wrong direction in the event of inadequate knowledge of the business activities and the economic and legal environment of the entity.18)* Under these circumstances, it is highly unlikely that the auditor will be able to reach a reasonable opinion on the overall financial condition and performance of the entity and on required improvements to the entity’s internal control system. Hence, there is a significant risk that material misstatements will not be identified. The risk is particularly high if the auditor has been „persuaded“ by management that an incorrect assertion is correct.
In this context, it is also useful to consider the following wording: „Ordinarily, the auditor finds it necessary to rely on audit evidence that is persuasive rather than conclusive and often will seek audit evidence from different sources or of different nature to support the same assertion“. It should be noted that native speakers of English also find this passage difficult to understand. The adjective „persuasive“ can also mean “beredsam” in German in the sense of talking eloquently (e.g. in the case of a seller). The expression „to say something persuasively“ can be interpreted to mean that someone is trying to convince someone of something by using their skills of persuasion. Both of these English words are derived from the Latin word „persuadere“, which basically means „to persuade“. And it is highly interesting that the Latin noun „persuasio“ derived from „persuadere“, is also translated as „faith, opinion, prejudice“. This puts the meaning of „persuasive rather than conclusive” into a new light. In certain situations, we think we are „convinced“ of something because we find something plausible, failing to realise that we have only been „persuaded“ to adopt a certain opinion (i.e. accepting management assertions). „Plausible“ derives from the Latin word „plausus“ (to applaud) and has the meaning “worthy of being applauded“. This explains how a reaction can be borne out of the moment, increasing the risk – depending on the mood of the day – that the auditor may not even notice that audit evidence is not always conclusive or compelling. Underlining this point, ISA 240 point 6 contains the following sentence „Collusion may cause the auditor to believe that audit evidence is persuasive when it is, in fact, false”.
The investigative work relating to areas of emphasis must also reflect the auditor’s independence of mind. Applying professional scepticism, the auditor will become more aware of the care that must be taken when using audit evidence, given that there is a risk that the “evidence” may have been planted to „persuade“ the auditor to concur with a management assertion and that such evidence is not always conclusive or compelling and that it may not be suitable to support the auditor’s own assertion i.e. the audit opinion.
17)* „Substantive” derives from Latin verb „substare“, one of the meaning of which is „to be present in something“ (see DUDEN Das Herkunftswörterbuch, page 693). Based on this definition, it is possible to see how „substantive procedures” may also serve to understand the true meaning of management assertions. These assertions must not be trusted until proved correct by substantive procedures.
18)* In light of some of the inappropriate audit opinions issued in recent years, the admonishing words of Arricale/Bell/Solomon/Wessels have lost none of their meaning: „Note that in many cases of alleged audit failure, the reported facts and circumstances suggest that the auditor did not fully understand the client ́s business, the productive capacity for the industry, or some other key element of the business environment comprising the organisation ́s value chain.“ (See also by the same authors: „Strategic systems auditing: Systems viability and knowledge acquisition”, published in Theorie und Praxis der Wirtschaftsprüfung II (Wirtschaftsprüfung und ökonomische Theorie: Prüfungsmarkt – Prüfungsmethoden – Urteilsbildung)“, Erich Schmidt Verlag Berlin 1999, page 17.
________________________________________________________________________________________________________________
b. The IAASB „Clarity Project“
The broad spectrum of ISA 315 (revolving around the auditor’s understanding of „The entity and its environment“) also brings to mind the IAASB „Clarity Project“. The IDW (Institut der Wirtschaftsprüfer) has written the following about this project:
„The main objective is to specify the degree to which the requirements contained in the individual ISAs should be mandatory and to standardise terminology. In addition, it is planned to make a clear distinction between “objectives”, “requirements” and „application material“ in separate sections of the standards. The aim is to achieve more „objective-based“ standards, whereby audit requirements can be derived ideally from the objectives that have been set. The intention is to ensure that the auditor’s attention is focused on audit objectives rather than on compliance with predefined audit checklists. It is also intended to enhance the importance of the auditor’s judgement as to which audit procedures are appropriate in the given circumstances“ 19)*
In short, what has the Clarity project achieved?
Generally speaking, each Standard only has a single objective (compared with the current version of ISA 315, the objective of which is „to identify and assess the risks of material misstatement…“). From the outset 20)* and in ISA 315 too, the opportunity has been missed to expand the discussion in such a way that management’s assertions (about completeness, existence, accuracy, valuation, ownership, presentation) are required to be made the subject of audit objectives. With respect to the „use of assertions“, the objectives would then be worded: “To obtain reasonable assurance that management’s assertions are correct or incorrect.”
19)* Jahresbericht (Annual Report) 2006/07, page 42
20)* ISA 200 states „Overall objectives of the independent auditor and the conduct of an audit in accordance with international standards on auditing“ defines these objectives as follows: „(a) To obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, thereby enabling the auditor to express an opinion on whether the financial statements are prepared, in all material respects, in accordance with an applicable financial reporting framework; and (b) To report on the financial statements, and communicate as required by the ISAs, in accordance with the auditor ́s findings.“
________________________________________________________________________________________________________________
c. The need for a standardised approach
The audit concept drawn up by the auditor must always focus on the specific situation of an entity, covering all aspects of its business operations, investment and financing activities (as described in detail in R11 and A32 of ISA 315). The auditor may, for example, consider that the existence of receivables must be subject to rigorous testing, given the (critical 21)*) significance of foreign business for management.
If the audit objective is to obtain evidence to prove the existence of receivables, the auditor must decide on the appropriate means to do so (such as inspecting the relevant vouchers and documents in their original version). In other words, the audit objective “existence” can only be achieved by inspecting contracts and other documentation personally. Moreover, as part of the process of identifying and assessing risks of material misstatement and in order to meet the audit objective “existence”, the auditor could select “inspection” from the various audit procedures available (comparison, physical inspection, enquiry, observation, confirmation, inspection, computation, renewed inspection). 22)*
21)* In German, the adjective “kritisch” can be combined with various nouns. Brockhaus includes the examples of „kritische Höhe” (= critical height, referring in aviation terms, the height above an airport, at which an aircraft is not allowed to fly due to the lack of visibility to the ground) and „kritische Drehzahl” (=critical speed“, referring to the situation where the velocity of a rotating part excites transverse vibrations and potential system break-down). Following the logic of these definitions, an audit objective cannot be “kritisch”. The auditor must draw up the audit concept with an uncompromising commitment to continuing audit work even under the most difficult conditions. It is not permissible to set a limit to the scope of audit work in advance. In that case, what is meant by a „kritischen Prüfungsziel” (=critical audit objective) The use of the word “kritisch” in German is probably attributable to an unsuccessful translation of „critical audit objective“, as used in the English speaking world. The term is intended to express that the selected audit objective is “entscheidend“ (= decisive) and “schwerwiegend” (= „weighty“). The German word “entscheidend“ has a similar mean to the English word „crucial“, while “schwerwiegend” contains elements of the English word „serious“. What is the common factor in the use of „critical“ and „kritisch” in the two languages? The answer is that in both cases a warning is being given. The auditor working on a “critical audit objective” will always be aware that it will be difficult to obtain convincing audit evidence. At the same time, the auditor will also be aware of the risk that the information obtained may – possibly deliberately – not have been compiled with the necessary seriousness.
22)* It is probably not wrong to assume that the combination of „existence/inspection” was sadly lacking in spectacular cases such as Worldcom (USA), Parmalat (Europe) and Flowtex (Germany).
________________________________________________________________________________________________________________
It is therefore not quite clear why the Clarity Project has not taken the opportunity to use the term “audit objective” in a more general sense. In fact, there is no specific mention of „audit objective“ in the sections dealing with the „overall objectives of the independent auditor“. The term „audit objective“ is not even included in the Glossary of Terms. Neither the reference to the “scope” – which follows an expertise-based approach and which could easily to expanded to include “assertions” – nor the urgent appeal to focus on areas in which material misstatements are to be expected, are used to define the key role of „assertions“ in the context of „audit objectives“. If this approach had been taken, it would have made sense to formulate specific audit objectives at the point where ISA 200 describes „the nature of audit procedures“. In fact, the nature of audit procedures goes hand in hand with the auditor’s duty to investigate and clarify facts (“Pflicht zur Aufklärung”) that have been the real basis for management ́s assertions.
ISAs require the auditor to perform specified audit procedures to help identify instances of non-compliance with other laws and regulations that may have a material effect on the financial statements. However, as far as the process of identifying and assessing the risks of material misstatement based on an explicit categorisation of “assertions“ is concerned (combined with the clarification of potential misstatements and despite the dominant role that audit evidence plays in the context of ISA objectives), it is nevertheless surprising that there has been no move to require the auditor to use management’s assertions as the basis for determining special audit objectives. Such an approach could be a useful tool in conjunction with the requirement to provide a basis for designing and implementing responses and for meeting the objective of obtaining evidence that enables the auditor to conclude whether management’s assertions are correct or incorrect.
Finally, there would also have been the opportunity to highlight the need for diversified audit objectives and to document that these objectives have been met. Such documentation could include confirmation that the audit objectives are consistent with management assertions and/or that objections were raised where the assertions could not be confirmed.
The message contained in „International Standards on Auditing” could be significantly expanded if, particularly on the basis of ISA 315, there was a requirement to base audit procedures on a range of objectives, including both general audit objectives (i.e. to confirm information included in the financial statements) and special audit objectives (i.e. investigating and clarifying management ́s assertions).
V. Summary
The scope of ISA is extremely diverse, reflected in the fact the IAASB Handbook mentioned at the beginning of this article is almost 1,100 pages long. Due to the enormous diversity of topics covered, there is a real danger of losing sight of one of the key objectives of the Standards, namely to detect risks of misstatement at an early stage.
Members of the auditing profession attach much importance to their own assertions – institutes/associations with their guidelines and the audit firms in their manuals – and regularly discuss the issue of audit risk i.e. the risk of issuing an audit opinion on financial statements that are materially misstated. Auditors (whether working locally or with foreign audit firms) will therefore clearly benefit from a good understanding of ISA 315. Serving as a “vade mecum” or guideline, it is always worth revisiting this milestone Standard, especially when critically addressing the crucial question: what is the best way to deal with management assertions? Any debate on this subject must also consider the need to extend the range of audit objectives, with a view to providing clear guidance for audit teams working under changing conditions.
Taking this approach would also help the next generation of auditors to rise to the challenges of a demanding profession, including the need to work with the complex terminology of a foreign language. ISA 315 encourages „discussion among the engagement team about the susceptibility of the entity ́s financial statements to material misstatement“. Sharing knowledge in this way can help the auditor to understand the true meaning of management assertions and to find conclusive evidence as to whether they are correct or incorrect.
The performance of audits of financials statements on the basis of ISAs therefore requires the auditor to understand both the wording of the English text and the thinking behind it. This point is particularly relevant for cross-border work, where poor communication can easily lead to misunderstandings.