A change in the quantity and scope of information requested by auditors
Many businesses with a reporting period end of 31 December are undertaking their year end procedures in preparation for their audit and have noted the increase in the quantity and scope of information that their auditors are requesting. This article provides details of the drivers for the change.
The reason for the change is that there have been significant amendments to some of the auditing standards. The requirements for identifying and assessing the risk of material misstatement have been revised, leading to a more robust risk assessment by auditors. The standard has also been updated to reflect an evolving, dynamic business environment.
The risk assessment standard was first introduced prior to cloud accounting tools and the internet becoming an integral aspect of many of our lives. Many smaller entities were still preparing their source accounting records using manual analysis books. The refreshed standard has been brought up to date and now requires auditors to gain a thorough understanding of businesses IT systems and their related controls. Auditors must determine whether the IT systems and controls support complete and accurate financial records and whether these are in accordance with the chosen financial reporting framework. Many firms have introduced IT Questionnaires as part of their audit pre planning considerations.
Understanding how an entity runs their activities and the controls that have been implemented are critical to the risk assessment process. Many entities will be receiving requests for far more detailed information about the way that they identify their business risks and manage these than they have in the past.
Professional scepticism requirements have been enhanced in the risk assessment standard, as it has in all recently revised auditing standards. This attitude ensures that appropriate questions are asked, at an appropriate time, and that both supporting and contradictory evidence is obtained and assessed.
The additional effort required by the standard, in identifying and assessing risks and developing a focused audit approach for each entity requires additional effort from both the auditor and their client. Many audit firms are increasing their fees as a result of these additional requirements.
If you would like to discuss this further, please contact us.