(Establishing Overall Audit Strategy)
Audits of Small Entities
In audits of small entities, the entire audit may be conducted
by a very small audit team. Many audits
of small entities involve the audit engagement partner (who may
be a sole practitioner) working with
one engagement team member (or without any engagement team
members). With a smaller team,
coordination and communication between team members are easier.
Establishing the overall audit
strategy for the audit of a small entity need not be a complex
or time-consuming exercise; it varies
according to the size of the entity and the complexity of the
audit. For example, a brief memorandum
prepared at the completion of the previous audit, based on a
review of the working papers and
highlighting issues identified in the audit just completed,
updated and changed in the current period
based on discussions with the owner-manager, can serve as the
basis for planning the current audit
Communications with those charged with Governance and Management
The auditor may discuss elements of planning with those charged
with governance and the entity’s
management. These discussions may be a part of overall
communications required to be made to
those charged with governance of the entity or may be made to
improve the effectiveness and
efficiency of the audit. Discussions with those charged with
governance ordinarily include
• The overall audit
strategy and timing of the audit, including any limitations thereon, or
any additional requirements.
When discussions of matters included in the overall audit
strategy or audit plan occur, care is required
in order to not compromise the effectiveness of the audit. For
example, the auditor considers whether
discussing the nature and timing of detailed audit procedures
with management compromises the
effectiveness of the audit by making the audit procedures too
Additional Considerations in Initial Audit Engagements
The auditor should perform the following activities prior to
starting an initial audit:
(a) Perform procedures regarding the acceptance of the client
relationship and the specific audit
(b) Communicate with the previous auditor, where there has been
a change of auditors, in
compliance with relevant ethical requirements.
For initial audits, additional matters the auditor may consider
in developing the overall audit strategy
and audit plan include the following:
Unless prohibited by law or regulation, an arrangement to be
made with the previous auditor for
example to review the previous auditor’s working papers.
Any major issues discussed with management in connection with
the initial selection as auditors, the
communication of these matters to those charged with governance
and how these matters affect the
overall audit strategy and audit plan.
The planned audit procedures to obtain sufficient appropriate
audit evidence regarding opening
The assignment of firm personnel with appropriate levels of
capabilities and competence to respond
to anticipated significant risks.
required by the firm’s system of quality control for initial audit engagements
example, the firm’s system of quality control may require the
involvement of another partner or
senior individual to review the overall audit strategy prior to
commencing significant audit procedures
or to review reports prior to their issuance).
Examples of Matters the Auditor May Consider In Establishing the
Overall Audit Strategy
Following are the examples of matters the auditor may consider
in establishing the overall audit
1. Scope of the audit engagement
2. Reporting objectives
3. Direction of the audit
1. Scope of the Audit Engagement
The auditor may consider the following matters when establishing
the scope of the audit engagement:
• The financial reporting
framework on which the financial information to be audited has been
prepared, including any need for reconciliations to another
financial reporting framework.
reporting requirements such as reports mandated by industry regulators.
• The expected audit
coverage, including the number and locations of components to be
• The nature of the
control relationships between a parent and its components that determine
how the group is to be consolidated.
• The extent to which
components are audited by other auditors.
• The nature of the
business segments to be audited, including the need for specialized
• The reporting currency
to be used, including any need for currency translation for the
financial information audited.
• The need for a statutory
audit of standalone financial statements in addition to an audit for
• The availability of the
work of internal auditors and the extent of the auditor’s potential
reliance on such work.
• The entity’s use of
service organizations and how the auditor may obtain evidence
concerning the design or operation of controls performed by
• The expected use of
audit evidence obtained in prior audits, for example, audit evidence
related to risk assessment procedures and tests of controls.
• The effect of
information technology on the audit procedures, including the availability of
data and the expected use of computer-assisted audit techniques.
• The coordination of the
expected coverage and timing of the audit work with any reviews of
interim financial information and the effect on the audit of the
information obtained during
• The discussion of
matters that may affect the audit with firm personnel responsible for
performing other services to the entity.
• The availability of
client personnel and data.
2. Reporting objectives, timing of the audit and communications
The auditor may consider the following matters when ascertaining
the reporting objectives of the
engagement, the timing of the audit and the nature of
• The entity’s timetable
for reporting, such as at interim and final stages.
• The organization of
meetings with management and those charged with governance to
discuss the nature, extent and timing of the audit work.
• The discussion with
management and those charged with governance regarding the expected
type and timing of reports to be issued and other
communications, both written and oral,
including the auditor’s report, management letters and
communications to those charged
• The discussion with
management regarding the expected communications on the status of
audit work throughout the engagement and the expected
deliverables resulting from the audit
• Communication with
auditors of components regarding the expected types and timing of
reports to be issued and other communications in connection with
the audit of components.
• The expected nature and
timing of communications among engagement team members,
including the nature and timing of team meetings and timing of
the review of work
• Whether there are any
other expected communications with third parties, including any
statutory or contractual reporting responsibilities arising from
3. Direction of the Audit
The auditor may consider the following matters when setting the
direction of the audit:
• With respect to
• Setting materiality for
• Setting and
communicating materiality for auditors of components.
materiality as audit procedures are performed during the course of the audit.
• Identifying the material
components and account balances.
• Audit areas where there
is a higher risk of material misstatement.
• The impact of the
assessed risk of material misstatement at the overall financial statement
level on direction, supervision and review.
• The selection of the
engagement team (including, where necessary, the engagement quality
control reviewer) and the assignment of audit work to the team
members, including the
assignment of appropriately experienced team members to areas
where there may be
higher risks of material misstatement.
• Engagement budgeting,
including considering the appropriate amount of time to set aside
for areas where there may be higher risks of material
• The manner in which the
auditor emphasizes to engagement team members the need to
maintain a questioning mind and to exercise professional
skepticism in gathering and
evaluating audit evidence.
• Results of previous
audits that involved evaluating the operating effectiveness of internal
control, including the nature of identified weaknesses and
action taken to address them.
• Evidence of management’s
commitment to the design and operation of sound internal
control, including evidence of appropriate documentation of such
• Volume of transactions,
which may determine whether it is more efficient for the auditor
to rely on internal control.
• Importance attached to
internal control throughout the entity to the successful operation
of the business.
• Significant business
developments affecting the entity, including changes in information
technology and business processes, changes in key management,
and acquisitions, mergers
• Significant industry
developments such as changes in industry regulations and new
• Significant changes in
the financial reporting framework, such as changes in accounting
• Other significant
relevant developments, such as changes in the legal environment
affecting the entity.