FSAD 7/2011 defines adequacy as a measure (previously a measure) and depends on the auditor's assessment of the risk of material misstatement financial statements(the higher the risk, the more evidence is required), as well as the quality of such evidence (the higher the quality, the less evidence is required). Earlier, in PSAD No. 5, factors affecting professional judgment regarding the sufficiency of audit evidence were identified (assessment of audit risk, the nature of SBU and ICS, materiality, auditor experience, detection of fraud, source and reliability of information). In the new FSAD 7/2011, the factors are simplified and systematized.
Appropriate nature - a qualitative assessment of audit evidence, which characterizes the relevance and reliability of the conclusions underlying the formation of an opinion on the reliability of financial statements (clause 2 of FSAD 7/2011). In paragraph 7 of PSAD No. 5, the appropriate nature was understood as the qualitative side of audit evidence, which determines their coincidence with a specific premise for the preparation of financial (accounting) statements and its reliability. Thus, in the new standard, the interpretation of the appropriate nature of the evidence is broader and reflects the direct relationship of their quality with the relevance and reliability of the conclusions, i.e. auditor's judgment.
The requirement to evaluate audit evidence is contained in the draft FSAD “Audit procedures performed in response to the risks assessed by the auditor” (paragraphs 66-71). The draft standard obliges to consider whether sufficient appropriate audit evidence has been obtained (paragraph 69). With regard to the assessment of audit evidence in the project, factors are given that influence the judgment on the sufficiency and appropriate nature of audit evidence:
Table 1 shows the provisions of the standards that define the requirements for sufficiency and appropriateness.
Table 1. Disclosure of Sufficiency and Appropriateness of Audit Evidence
| Application area | Basic provisions | Link |
|---|---|---|
| As the basis of the principle of reasonable certainty | The concept of reasonable certainty is general approach relating to the process of accumulating audit evidence necessary and sufficient for the auditor to conclude that there are no material misstatements in the financial (accounting) statements, considered as a whole | Paragraph 6 PSAD No. 1 |
| As the basis of quality audit | Examination working documentation of the auditor in relation to specific audit engagements should include an assessment of the sufficiency, appropriateness, reliability of audit evidence contained in the auditor's working papers | Item 3 FSA 4/2010 |
| As part of the auditor's report | The Auditor's Responsibilities part of the auditor's report describes the scope of the audit and states that the auditor believes that the evidence obtained during the audit provides a sufficient and appropriate basis for expressing an opinion. | Item 6 FSA 1/2010 |
| As a justification for issuing a modified opinion | The auditor must express a qualified opinion if: a) the auditor, having received sufficient appropriate audit evidence, concludes that the effect of misstatements, considered individually or in the aggregate, is significant, but will not affect most of the significant elements of the accounting (financial) statements; b) the auditor is unable to obtain sufficient appropriate audit evidence |
Paragraphs 13, 15 FSA 2/2010 |
| The inability to perform an audit procedure is not a limitation on the scope of the audit if the auditor can obtain sufficient appropriate audit evidence by performing alternative audit procedures. | Item 8 FSA 2/2010 | |
| If the entity's management refuses, at the auditor's request, to make an assessment of the entity's ability to continue as a going concern or to extend the period covered by such an assessment, the auditor should consider modifying the auditor's report due to the limitation of the auditor's scope of work, as it may not be possible for the auditor to obtain sufficient appropriate audit evidence. | Paragraph 30 PSAD No. 11 | |
| Doubt about the state and reliability of the data accounting of the entity being audited may cause the auditor to conclude that it is unlikely that the auditor will obtain sufficient appropriate audit evidence to express an unqualified opinion on the financial (accounting) statements | Item 105 PSAD No. 8 | |
| If the auditor has not obtained sufficient appropriate audit evidence regarding related parties and transactions with them, or concludes that there is insufficient disclosure of information about them in the financial (accounting) statements, then he should modify accordingly audit report | Paragraph 15 PSAD No. 9 | |
| If, as a result of performing audit procedures, the auditor has not obtained sufficient appropriate audit evidence, the auditor should express a qualified opinion or disclaim an opinion. | Paragraph 11 PSAD No. 19 | |
| When the entity's management or representatives of the entity's owner obstruct the auditor, the auditor should express a qualified opinion or decline to express an opinion due to a limitation on the scope of the audit. | Item 27 FSA 6/2010 | |
| As a requirement for audit procedures | The auditor should be satisfied that the methods used by him are reliable in terms of obtaining sufficient appropriate audit evidence to achieve the objectives of testing. | Paragraph 12 PSAD No. 16 |
| The decision to use a statistical or non-statistical sampling approach is a matter of the auditor's professional judgment as to the most effective way to obtain sufficient appropriate audit evidence in the circumstances. | Paragraph 18 PSAD No. 16 | |
| As a requirement for evidence in certain areas of verification | The auditor must perform audit procedures in order to obtain sufficient appropriate audit evidence regarding the identification and disclosure of information about related parties in the financial (accounting) statements by the management of the entity being audited, as well as the significant impact of transactions between the entity and a related party on the financial (accounting) statements of the entity being audited | Paragraph 3 PSAD No. 9 |
| If the amount of inventories is significant for the financial (accounting) statements, the auditor must obtain sufficient appropriate audit evidence regarding the quantity and condition of inventories by being present at their inventory (information on reportable segments is disclosed similarly) | Paragraphs 2, 26 PSAD No. 17 | |
| During the first audit of the audited entity, the auditor should obtain sufficient appropriate audit evidence that the accounting balances at the beginning of the reporting period do not contain misstatements. | Paragraphs 2, 4 PSAD No. 19 | |
| The auditor should obtain sufficient appropriate audit evidence as to whether the accounting estimate is appropriate in the circumstances and whether the accounting estimate is appropriately disclosed, if necessary. estimated value | Paragraphs 2, 8 PSAD No. 20 | |
| The principal auditor performs procedures to obtain sufficient appropriate audit evidence that the other auditor's work is adequate for the principal auditor's objectives, as appropriate for the specific assignment. | Paragraph 8 PSAD No. 28 | |
| In relation to regulatory legal acts, the requirements of which have a direct impact on the formation of numerical indicators of the financial statements of the audited entity and the disclosure of information in it, the auditor must obtain sufficient appropriate audit evidence of the compliance of these statements with the requirements of regulatory legal acts. | Paragraphs 2, 20 FSA 6/2010 | |
| The auditor must decide whether to use external confirmations to obtain sufficient appropriate audit evidence about the reliability of certain assertions in the preparation of financial (accounting) statements. | Paragraphs 2, 10 PSAD No. 18 | |
| The auditor must obtain written statements and explanations (letter of representation) from the management of the audited entity on matters that are material to the financial (accounting) statements, if it is assumed that it is not possible to obtain sufficient appropriate audit evidence in another way | Paragraphs 4, 7 PSAD No. 23 |
Compliance with the requirement of sufficiency and proper character guarantees the quality of the auditor's opinion and increases the persuasiveness of the evidence. If these principles are violated during the audit, the standards contain recommendations regarding the modification of the conclusion. FSAD 1/2010 notes that if an economic entity has not provided the audit organization with the existing documents in full and it is not able to collect sufficient audit evidence on any account and (or) transaction, the audit organization is obliged to reflect this in the report (written information to management economic entity) (similarly in paragraph 10 of PSAD No. 22) and has the right to prepare an audit opinion other than unconditionally positive. Standard No. 5, unlike FSAD 7/2011, previously contained a condition for modifying the auditor's report.
According to paragraph 13 of FSAD 2/2010, a qualified opinion is expressed if the auditor is unable to obtain sufficient appropriate audit evidence on which to base his opinion, but he concludes that the possible impact of undetected misstatements may be material to the financial statements. but not comprehensive.
Thus, FSAD 2/2010 states that the inability to obtain sufficient appropriate audit evidence (limiting the scope of the audit) may be the result of circumstances beyond the control of the audited entity; circumstances related to the nature or timing of the audit; obstacles established by the entity's management. However, the inability to perform a procedure is not a limitation on the scope of the audit if the auditor can obtain sufficient appropriate audit evidence by performing alternative procedures. If this is not possible, the auditor should express a qualified opinion or disclaim an opinion. The standards do not specify principles for determining alternative procedures, so the auditor must decide this issue based on his professional judgment.
For example, when confirming inventory balances in a warehouse, the auditor may consider, as alternatives, procedures such as checking inventory records and testing members of audit commissions; monitoring the progress of the inventory or independent inventory at the end of the reporting period, if the contract for the audit was concluded before the end of the reporting period.
Obstacles placed by the entity's management may also affect other audit matters, such as the auditor's assessment of fraud risks and the ability to continue with the audit engagement. Circumstances related to the nature or timing of the audit may arise when time prevents the auditor from observing inventory counting or when the auditor concludes that substantive procedures alone are not sufficient and the entity's controls are ineffective. (Clause 10 FSA 2/2010).
Sufficiency and appropriateness are used as criteria for selecting methods for item selection and sampling. The choice of one method or a combination of several methods for selecting elements for testing depends on the specific circumstances (risks of material misstatement in relation to the prerequisite for compiling the audited financial statements, etc.); practical feasibility of the method; the effectiveness of the method (clause 20 of the FSAD 7/2011, clause 12 of the PSAD No. 16). The auditor should be satisfied that the methods he uses are reliable in terms of obtaining sufficient appropriate audit evidence to achieve the objectives of testing. The test given in paragraph 28 of FSAD 7/2011 can be considered effective for audit purposes if, as a result of its implementation, appropriate audit evidence is obtained, which, taking into account audit evidence already obtained or planned to be obtained, can be considered sufficient for audit purposes.
Federal standards indicate the modification (change) of the nature, timing and scope of audit procedures in specific situations. Thus, paragraph 67 of the FSAD draft “Audit procedures performed in response to the risks assessed by the auditor” states that “the audit of financial statements is a cumulative and iterative process. As the auditor performs the planned audit procedures, the audit evidence obtained may cause the auditor to change the nature, timing, or extent of the planned audit procedures.” The standard gives examples of such cases: the extent of the identified misstatements, the contradiction or lack of evidence, the results analytical procedures. At the same time, “if the auditor has not obtained sufficient appropriate audit evidence regarding the material assertions in the preparation of financial statements, then he should attempt to obtain additional audit evidence. If the auditor failed to obtain sufficient appropriate audit evidence, then he must express a qualified opinion or disclaim an opinion” (paragraph 71).
Paragraph 13 of PSAD No. 11 states that the assessment of business continuity risks has an impact on the nature, timing and extent of audit procedures, i.e. at high level risk, more reliable evidence should be collected. According to clause 11 of PSAD No. 29, with effective internal audit it is possible to modify the nature and timing, as well as to reduce the volume of audit procedures performed by the external auditor, but they cannot be completely eliminated. In accordance with PSAP No. 18, if an objection to an external inquiry submitted indicates a misstatement, then the auditor should reconsider the nature, timing, and extent of the audit procedures required to obtain sufficient appropriate audit evidence. In this case, the auditor must make a decision regarding the modification of procedures, changes in the scope, nature and timing based on professional judgment.
Relevance of evidence is a qualitative criterion and ensures compliance with the due diligence requirement. Audit evidence should be useful to fulfill the purpose of the audit, which is defined in PSAD No. 1: expressing an opinion on the reliability of the financial (accounting) statements of the audited entities and the compliance of the accounting procedure with the legislation of the Russian Federation. Paragraph 4 of FSAD 7/2011 states that evidence is information that confirms or does not confirm the prerequisites for the preparation of financial statements. If earlier, in PSAD No. 5, it was only recommended to plan the collection of evidence, taking into account each premise of the financial (accounting) statements, then the new standard contains this requirement as a duty.
The auditor should select and perform appropriate audit procedures for the particular engagement. Unlike PSAD No. 5, the new standard contains detailed guidance for assessing the relevance requirement. So, in paragraph 20 of FSAD 7/2011 it is said that the auditor should take into account that:
Relevance is a requirement, the observance of which depends not only on the objective circumstances of the audit, but also on the person planning to apply the audit procedure. The auditor, based on his own opinion, chooses a procedure, sets goals and objectives, determines the degree of compatibility of the information being checked with the goal.
In international and Russian practice, to systematize the collection of audit evidence, a system of certain categories is used - prerequisites for reporting. According to FSAD 7/2011, assertions are management's assertions expressed in an explicit or implicit form regarding the recognition, evaluation and disclosure of accounting items in the financial statements. The standard contains a detailed list of prerequisites (Fig. 1). Previously, PSAD No. 5 contained only prerequisites at the reporting level. A new, more detailed classification allows you to systematize audit procedures, working documents, and effectively plan the audit process.
Rice. 1. Classification of reporting prerequisites in accordance with FSAD 7/2011
Individual prerequisites are determined at the level of financial statement items, groups of transactions and account balances. The choice and setting of specific tasks is also the professional judgment of the auditor. The overall goal depends on the nature of the assignment (initial audit or recurring audit, mandatory or initiative audit), the characteristics of the activities of the audited entity and the recommendations of the Ministry of Finance of Russia, which annually refines the audit areas. For example, in letter No. 07-02-18/01, the financial department recommends that when conducting an audit of the annual financial statements for 2011, pay special attention to the issues of preparing financial statements, the compliance of the forms of financial statements adopted by the organization with the nature and conditions of activity, comparability of comparative data, disclosure information, etc. When planning audit procedures based on prerequisites, it is also necessary to take into account the requirement of legality, which is not indicated as a prerequisite in FSAD 7/2011, but follows from the provisions of FSAD 6/2010: the requirements of regulatory legal acts may be directly related to the prerequisites for reporting (for example, to completeness accrual of tax liabilities) or to financial statements in general (for example, to the mandatory composition of financial statements) (clause 2 of FSAD 6/2010).
It should also take into account the provisions of paragraph 12 of the FSAD 1/2010, which clarify the prerequisites for the preparation of financial statements: confirmation of the relevance, comparability, and understandability of reporting indicators; confirmation of compliance with the procedure for compiling and submitting reports, conformity of the form with the content; the validity of the estimates obtained by the management of the audited entity; complete disclosure and presentation of significant transactions and events in the financial statements; confirmation of the appropriateness of the terminology used in the financial statements, including the name of each component of the financial statements.
Paragraph 24 of FSAD 7/2010 expressly states that when using information prepared by the entity being audited, the auditor should evaluate whether this information is reliable, i.e. accurate, complete, and sufficiently detailed for audit purposes. When selecting and performing audit procedures, the auditor must ensure the relevance and reliability of the information used as audit evidence (clause 19 of FSAD 7/2010).
Earlier, in PSAD No. 5, two factors affecting the reliability of evidence were considered - the source and the form of presentation. The new standard rightly adds two more factors to these factors: the nature of the information and the circumstances under which the information was obtained, including the means of controlling its preparation and storage. At the same time, the standard indicates that for the purposes of ensuring reliability, compliance with all factors must be taken into account. In evaluating the reliability of audit evidence, the auditor generally considers that:
Considering the provisions of the standard, it should be noted that external inquiries, recommended by the standards as the most reliable, are a lengthy procedure and do not allow obtaining evidence in a timely manner. When choosing audit procedures, one should not proceed from one requirement, the goal should be to comply with all requirements: consistency, relevance, sufficiency, etc. For these purposes, a comprehensive quantitative assessment methodology is needed, which can be developed in the internal standards of the audit organization.
To ensure the completeness and accuracy of information, the auditor should obtain evidence of:
There are limitations that can affect the reliability of the evidence. For such cases, in some standards audit activity specific procedures are identified that, by virtue of the content of certain assertions, provide sufficient appropriate audit evidence in the absence of unusual circumstances that increase the risk of material misstatement of the financial (accounting) statements beyond that which would be expected under normal circumstances; a sign indicating the presence of any material misstatement of the financial (accounting) statements (clause 9 of PSAD No. 1). The standards provide factors that affect the reliability of audit evidence (Table 2).
Table 2 Reliability Factors for Audit Evidence Obtained from Analytical Procedures and External Confirmations
| Audit Procedures | Reliability factors | Link |
|---|---|---|
| Analytical procedures | The materiality of the considered accounting accounts and parts of the financial (accounting) statements. Other audit procedures aimed at achieving the same objectives. The accuracy with which the results of analytical procedures can be expected. Assessing inherent and control risk |
Paragraph 14 PSAD No. 20 |
| External confirmations | The controls applied by the auditor during the preparation of requests for external confirmation and in the analysis of responses. Features of the third parties that make up the response. Restrictions in response or imposed by the entity's management |
Paragraph 8 PSAD No. 18 |
| The competence of the persons making up the response. Independence from the audited entity. Authority to provide an appropriate response. Knowledge of the information that needs to be confirmed. Objectivity |
Paragraph 29 PSAD No. 18 |
The inconsistency of the evidence reduces its reliability. Paragraph 26 of FSAD 7/2011 and paragraph 16 of PSAD No. 5 say that when audit evidence obtained from one source does not correspond to audit evidence obtained from another source, or the auditor doubts the reliability of the information that is going to be used as evidence, the auditor must determine how audit procedures should be modified or supplemented in order to remove the inconsistency or doubt. In addition, the auditor should consider the impact of this situation, if relevant, on other aspects of the audit.
The requirement of consistency is disclosed in paragraph 6 of FSAD 7/2011 and paragraph 16 of PSAD No. 5 as follows: “... audit evidence is subject to consideration by the auditor in the aggregate, and not separately. At the same time, greater confidence is provided, as a rule, when considering consistent audit evidence from different sources or audit evidence of different nature. Consistency of audit evidence is provided at the planning stage, distribution of responsibilities between members of the audit team, comparison of the obtained evidence at the final stage.
In selecting and performing audit procedures, the auditor should consider the following:
Earlier, in paragraph 19 of PSAD No. 5, it was said that the implementation of procedures depends, in particular, on the period allotted for obtaining audit evidence. Standard 7/2011 does not contain such a provision. This issue is very controversial, since the choice of procedure is largely influenced by its relevance to the premise and object, the volume of documents and other verification information.
The credibility of evidence as a complex requirement, taking into account all of the previously listed, follows primarily from the definition of audit evidence: this is information based on which the auditor draws conclusions that underlie the formation of an opinion on the reliability of financial statements. The standards emphasize that the auditor must obtain a certain degree of assurance from the evidence, i.e. persuasiveness. For example, “confirmatory information obtained from a source independent of the audited entity may increase the auditor's confidence provided by audit evidence” (clause 6 of FSAD 7/2011); “there are other limitations that may affect the credibility of the evidence used to draw conclusions about certain assertions in the preparation of financial (accounting) statements” (clause 9 of PSAD No. 1). The draft FSAD "Audit procedures performed in response to the risks assessed by the auditor" emphasizes the relationship between the level of risk and the "strength" of audit evidence (paragraph 68).
Thus, federal auditing standards describe the system of requirements for audit evidence, and also reveal the factors influencing the auditor's professional judgment when evaluating them. A preliminary assessment of compliance with the established requirements is necessary at the planning stage, before choosing substantive procedures, as well as to justify changes in the nature, scope, and timing of procedures. The assessment will provide an opportunity to determine the reliability (accuracy, completeness, detail), availability, timeliness of sources of audit evidence, which, in turn, will allow planning a sufficient amount of the volume of documents to be checked, audit procedures and compiling effective program checks. At the final stage, after performing audit procedures, it is possible to comprehensive assessment compliance with all requirements, i.e. pay attention to the sufficient appropriateness of the audit evidence, and on this basis make an informed decision regarding the modification of audit procedures and the auditor's report.
Since the process of assessing compliance with the requirements of the standards is left to the professional judgment of the auditor, it is advisable to develop an internal company standard in terms of guidelines evaluation of audit evidence at the planning stage, the collection of audit evidence and the formation of the audit report.
federal standard audit activity (FSAD) 7/2011 "Audit evidence" approved by order of the Ministry of Finance of Russia dated August 16, 2011 No. 99n.
Federal Rule (Standard) of Auditing Activity No. 5 “Audit Evidence” was approved by Decree of the Government of the Russian Federation of September 23, 2002 No. 696.
Federal Auditing Standard 1/2010 "Auditor's Report on Accounting (Financial) Statements and Formation of an Opinion on its Reliability" was approved by Order of the Ministry of Finance of Russia dated May 20, 2010 No. 46n.
Federal Rule (Standard) of Auditing Activity No. 34 “Quality Control of Services in Audit Organizations” was approved by Decree of the Government of the Russian Federation of July 22, 2008 No. 557.
Federal Rule (Standard) of Auditing Activity No. 1 “The Purpose and Basic Principles of Auditing Financial (Accounting) Statements” was approved by Decree of the Government of the Russian Federation of September 23, 2002 No. 696.
Federal Auditing Standard 4/2010 “Principles for the implementation external control the quality of the work of audit organizations, individual auditors and the requirements for the organization of the said control” was approved by the order of the Ministry of Finance of Russia dated February 24, 2010 No. 16n.
Federal Auditing Standard 2/2010 "Modified Opinion in the Auditor's Report" approved by Order of the Ministry of Finance of Russia dated May 20, 2010 No. 46n.
Federal rule (standard) of audit activity No. 11 "Applicability of the assumption of business continuity of the audited entity" was approved by Decree of the Government of the Russian Federation of July 4, 2003 No. 405.
Federal rule (standard) of audit activity No. 8 “Understanding the activities of the audited entity, the environment in which it is carried out, and assessing the risks of material misstatement of the audited financial (accounting) statements” was approved by Decree of the Government of the Russian Federation dated November 19, 2008 No. 863.
Federal Rule (Standard) of Auditing Activity No. 9 “Related Parties” was approved by Decree of the Government of the Russian Federation of November 19, 2008 No. 863.
Federal rule (standard) of audit activity No. 19 “Peculiarities of the first audit of an audited entity” was approved by Decree of the Government of the Russian Federation of April 16, 2005 No. 228.
Federal Auditing Standard 6/2010 "Responsibilities of the auditor to review compliance by the audited entity with the requirements of regulatory legal acts during the audit" approved by order of the Ministry of Finance of Russia dated August 17, 2010 No. 90n
Federal rule (standard) of audit activity No. 16 "Auditor's sample" was approved by Decree of the Government of the Russian Federation of November 7, 2004 No. 532.
Federal rule (standard) of audit activity No. 17 "Obtaining audit evidence in specific cases" was approved by Decree of the Government of the Russian Federation of April 16, 2005 No. 228.
Federal Rule (Standard) of Auditing Activity No. 20 "Analytical Procedures" was approved by Decree of the Government of the Russian Federation of April 16, 2005 No. 228.
Federal Rule (Standard) of Auditing Activity No. 28 “Other Information in Documents Containing Audited Financial (Accounting) Statements” was approved by Decree of the Government of the Russian Federation of August 25, 2006 No. 523.
Federal Rule (Standard) of Auditing Activity No. 18 “Obtaining by the Auditor of Confirming Information from External Sources” was approved by Decree of the Government of the Russian Federation of April 16, 2005 No. 228.
Federal rule (standard) of audit activity No. 23 "Statements and clarifications of the management of the audited entity" was approved by Decree of the Government of the Russian Federation of April 16, 2005 No. 228.
Federal Rule (Standard) of Auditing Activity No. 22 “Disclosure of information obtained as a result of the audit to the management of the audited entity and representatives of its owner” was approved by Decree of the Government of the Russian Federation of September 23, 2002 No. 696.
Letter of the Ministry of Finance of Russia dated January 27, 2012 No. 07-02-18/01 “Recommendations to audit organizations, individual auditors, auditors on auditing the annual financial statements of organizations for 2011”.
Audit evidence is the information obtained by the auditor during the audit, and the result of the analysis of this information, on which the auditor's opinion is based. Audit evidence includes, in particular, primary documents and accounting records, which are the basis of financial (accounting) statements, as well as written explanations of authorized employees of the audited entity and information obtained from various sources (from third parties).
Uniform requirements for the quantity and quality of evidence that must be obtained during the audit of financial (accounting) statements, as well as for procedures performed in order to obtain evidence, determines federal rule(standard) audit activity No. 5 "Audit evidence".
The amount of information required for audit evaluations is not strictly regulated by the standard. The auditor, on the basis of his professional judgment, is obliged to independently decide on the amount of information necessary to draw up an opinion on the reliability of the financial statements of an economic entity.
Types of audit evidence:
1. Audit evidence can be internal, external and mixed:
- internal audit evidence includes information received from an economic entity in writing or orally;
- external audit evidence includes information obtained from a third party in writing;
Mixed audit evidence includes information obtained from an economic entity in writing or orally and confirmed by a third party in writing.
2. Audit evidence can be direct and converse:
- direct evidence - directly confirm the truth (correctness) of the proposal made;
- reverse evidence - confirm the truth (correctness) of the proposal made by refuting the opposite proposal.
3. Audit evidence can be personal (explanations) and material.
4. Audit evidence may be oral or written. Evidence in the form of documents and affidavits is usually more reliable than oral testimony.
The sources of audit evidence are:
- primary documents of the economic entity and third parties;
- accounting registers of an economic entity;
- the results of the analysis of financial economic activity economic subject;
- oral statements of employees of the economic entity and third parties;
- comparison of some documents of an economic entity with others, as well as comparison of documents of an economic entity with documents of third parties;
- the results of the inventory of the property of the economic entity, conducted by the employees of the economic entity;
- financial statements.
The quality of evidence depends on its sources. The most valuable audit evidence is evidence obtained by the auditor directly as a result of the study. business transactions.
Regardless of the type of audit evidence, it must be reliable, sufficient and appropriate. Their sufficiency in each particular case is determined on the basis of an assessment of the internal control system and the magnitude of audit risk. To draw up an objective and reasonable conclusion, the auditor must collect a sufficient amount of qualitative evidence.
Audit risk is reduced if the auditor uses evidence obtained from various sources and in different forms of presentation. If evidence obtained from one source contradicts evidence obtained from another source, the auditor needs to use additional audit procedures to resolve the conflict and be confident in the reliability of the evidence collected and the validity of the conclusions reached.
If the audit organization is not provided with material documents in full by the economic entity and it is not able to collect sufficient audit evidence on any account and (or) transaction, the audit organization is obliged to reflect this in the report (written information to the management of the economic entity) and may consider on the preparation of an auditor's report that is not unconditionally positive.
The collected evidence is reflected by the auditor in his working papers, drawn up in the form of records on the study and evaluation of the accounting and organization of internal control, as well as forms, tables and protocols reflecting the planning, implementation and presentation of the results of audit procedures. The evidence obtained is used in the preparation of the auditor's report.
Federal Standard of Auditing
(FSAD 7/2011)
"Audit Evidence"
I. General provisions
1. This federal auditing standard defines the requirements for the procedure for auditing accounting (financial) statements (hereinafter referred to as accounting statements) in terms of the duties of an audit organization, an individual auditor (hereinafter referred to as an auditor) in selecting and performing audit procedures for obtaining information that confirms or does not confirms the prerequisites for the preparation of financial statements and on the basis of which the auditor draws conclusions that underlie the formation of an opinion on the reliability of financial statements (audit evidence). In some cases, audit evidence may be the lack of information, which may be expressed, for example, by the refusal of the management of the audited entity to provide the explanation requested by the auditor.
2. The auditor should select and perform appropriate audit procedures for obtaining audit evidence for the specific engagement that simultaneously meet the following conditions:
a) proper character, i.e. a qualitative assessment of audit evidence, which characterizes the relevance and reliability of the conclusions underlying the formation of an opinion on the reliability of financial statements;
b) sufficiency, i.e. quantitative assessment of audit evidence, depending on the audit assessment of the risk of material misstatement of the financial statements (the higher the risk, the more evidence is required), as well as the quality of such evidence (the higher their quality, the less evidence is required). A large number of audit evidence alone does not compensate for its poor quality.
3. Audit evidence includes:
a) accounting documents and information of the entity being audited;
b) information received from other sources. In particular: information obtained during the previous audit (provided that the auditor is satisfied that there have been no changes since the end of the previous audit that could affect the applicability of this information for the purposes of the current audit); information on the results of the auditor's internal quality control procedures that govern the procedure for resolving the issue of accepting a new client for service or continuing cooperation with an existing client; information prepared by an individual or legal entity providing expert assessment services not related to accounting or auditing engaged by the audited entity in the process of preparing financial statements (hereinafter referred to as the expert of the audited entity's management).
4. The auditor must obtain audit evidence confirming or not confirming the following prerequisites for the preparation of financial statements (approvals of the management of the audited entity in an explicit or implicit form regarding the recognition, evaluation and disclosure of accounting items in the financial statements):
a) prerequisites for the preparation of financial statements in relation to groups of similar business transactions, events and other facts of economic life:
occurrence - business transactions, events and other facts of economic life reflected in the accounting actually took place and relate to the activities of the audited entity;
completeness - all business transactions, events and other facts of economic life that are subject to reflection in accounting are reflected in it;
accuracy - the amounts and other data related to the business transactions, events and other facts of economic activity reflected in the accounting are properly reflected;
attributing to the corresponding period - business transactions, events and other facts of economic life are reflected in the corresponding reporting period;
classification - business transactions, events and other facts of economic life are reflected in the relevant accounting accounts;
b) prerequisites for the preparation of financial statements in relation to the balances of accounting accounts at the end of the reporting period:
existence - recorded assets, liabilities and capital actually exist;
rights and obligations - the audited entity has rights or controls the rights to the recognized assets, and the recognized liabilities represent precisely the obligations of the audited entity;
completeness - all assets, liabilities and capital that are subject to reflection in accounting are reflected in it;
valuation and allocation - assets, liabilities and equity are included in the financial statements in the appropriate amounts, any resulting valuations and cost allocation adjustments are correctly reflected;
c) prerequisites for the preparation of financial statements in relation to the presentation and disclosure of information:
occurrence, rights and obligations - business transactions, events and other facts of economic life reflected in the financial statements actually took place and relate to the activities of the audited entity;
completeness - all business transactions, events and other facts of economic life that are subject to inclusion in the financial statements are included in it;
classification and clarity - financial information is presented and described correctly, and the business transactions, events and other facts of economic life disclosed in it are reflected in an understandable form;
accuracy and valuation - financial and other information is disclosed fairly and in appropriate amounts.
The auditor may change the grouping of the prerequisites for the preparation of financial statements given in this paragraph. For example, the prerequisites for the preparation of financial statements in relation to groups of similar business transactions, events and other facts of economic life can be combined with the prerequisites for the preparation of financial statements in relation to balances on accounting accounts at the end of the reporting period.
5. Audit evidence should be obtained by the auditor primarily as a result of performing audit procedures during the audit.
6. Audit evidence is subject to consideration by the auditor in the aggregate, and not separately. At the same time, greater assurance is provided, as a rule, when considering consistent audit evidence from different sources or audit evidence of different nature. For example, corroborating information obtained from a source independent of the audited entity may increase the auditor's confidence, provided by audit evidence obtained on the basis of information prepared by the audited entity (accounting data, minutes of meetings, management statements, etc.).
II. Audit Procedures and Information Used as Audit Evidence
7. Audit evidence should be obtained by the auditor by performing risk assessment procedures and further audit procedures, which consist of:
tests of controls performed in accordance with the requirements of federal auditing standards or based on the professional judgment of the auditor;
substantive procedures, including detailed tests and substantive analytical procedures.
8. To obtain audit evidence, the auditor may apply the following audit procedures: inquiry, inspection, observation, confirmation, recalculation, re-conduct, analytical procedures, or a combination of them.
9. When performing the audit procedure of inquiry, the auditor turns to knowledgeable persons (related and not related to financial activities) who are employees of the audited entity or who are not employees of the audited entity, on the issue of interest to the auditor and evaluates their responses to such a request.
10. When making a request, the auditor should take into account the following:
a) the inquiry often complements other audit procedures;
b) requests can be formal written and informal oral;
c) responses to an inquiry may provide the auditor with information that he did not previously have or that confirm the audit evidence already obtained. However, responses to an inquiry may provide information that differs materially from information previously obtained by the auditor. In some cases, responses to a request may give the auditor reason to change the audit procedures or to perform additional procedures;
d) when sending inquiries regarding the intentions and plans of the management of the audited entity, the information received in response may be insufficient. To confirm the intentions and plans of the management of the audited entity, the auditor also needs a clear understanding of the past implementation of the intentions and plans of the management of the audited entity, the arguments regarding the choice of a particular course of action, the ability of the management of the audited entity to consistently implement the choice made;
e) responses to an oral inquiry, if necessary, are subject to confirmation by written statements of the management of the audited entity or, if appropriate, representatives of the owner of the audited entity;
f) While providing audit evidence, including the existence of a misstatement, an inquiry by itself generally does not provide sufficient appropriate audit evidence of the absence of material misstatement at the level of accounting assertions or evidence of the operating effectiveness of controls.
11. When performing an audit inspection procedure, the auditor examines the accounts and documents created by the audited entity or received by the audited entity from outside, on paper or electronic media, and also performs a physical examination tangible assets. An example of an inspection conducted as a test of controls is checking records and documents for authorization.
12. When inspecting, the auditor should take into account the following:
a) individual documents may constitute direct audit evidence of the existence of an asset, but as a result of the inspection of such documents, audit evidence regarding the rights to this asset or its valuation (for example, shares, bonds) may not always be obtained;
b) inspection of the executed contract may provide audit evidence regarding the accounting policy applied by the audited entity (for example, in terms of revenue recognition);
c) an inspection of tangible assets can provide reliable audit evidence about their existence, but not necessarily about the entity's ownership rights to them, or the entity's obligations associated with those assets, or the valuation of such assets;
d) inspection of individual units of assets is carried out, as a rule, in the course of monitoring the inventory of these assets.
13. When performing an audit observation procedure, the auditor examines a process or procedure performed by others. An example of observation is the study by the auditor: the calculation of inventories performed by the personnel of the audited entity; performance by the personnel of the audited entity of control actions.
14. When observing, the auditor should take into account that, while providing audit evidence regarding the performance of a process or procedure, this audit procedure is limited in time only to the moment at which it is performed, and also that the very fact of observation may affect the performance of the audit procedure. process or procedure.
15. When performing an audit confirmation procedure, the auditor obtains audit evidence directly from a third party in the form of a written response on paper or electronic media. External confirmations are used, in particular, to obtain audit evidence:
a) when checking the prerequisites for the preparation of financial statements in relation to the balances of accounting accounts or their constituent elements;
b) in relation to the terms of contracts, including changes to them, or business transactions of the audited entity with third parties;
c) absence special conditions, not reflected in the contract, which could affect the recognition of revenue.
16. When performing the audit recalculation procedure, the auditor checks the accuracy of arithmetic calculations in primary accounting and other documents, accounts. Recalculation can be done manually or automatically.
17. When performing an audit retracement procedure, the auditor independently performs the procedure or control activity that was originally performed within the entity's internal control system.
18. When performing analytical procedures, the auditor evaluates financial information based on the analysis of the relationship between financial and non-financial data. Analytical procedures also involve the study of identified deviations and relationships that contradict other information or significantly diverge from the predicted data.
19. In selecting and performing audit procedures, the auditor should be satisfied with the relevance and reliability of the information used as audit evidence.
20. The auditor should take into account that:
a) the relevance of information used as audit evidence is logically related to and affects the audit procedure objective, and, where appropriate, such a relationship exists with the financial statement assertion. The direction of testing can influence the relevance of information used as audit evidence. For example, when the objective of an audit procedure is to identify an overstatement accounts payable in terms of existence or valuation assertions, the appropriate audit procedure is to test the accounts payable account balance. In the event that the purpose of the audit procedure is to identify an understatement of accounts payable in terms of existence or valuation assumptions, the appropriate audit procedure is to test subsequent payments, unpaid invoices, acts of suppliers (contractors), unsettled amounts for settlements for deliveries;
b) the same set of audit procedures can provide audit evidence that is appropriate for some accounting assertions but inappropriate for other assertions. For example, checking records and documents related to collection accounts receivable after the end of the reporting period, may provide audit evidence about the existence and measurement of receivables, but not necessarily about the assertion of attribution to the relevant period. Similarly, obtaining audit evidence about one accounting assertion (for example, the existence of inventories) is not a substitute for obtaining audit evidence about another assertion (for example, estimates of those same inventories). At the same time, audit evidence obtained from different sources, or evidence of a different nature, may be relevant for the same financial statement assertion;
c) developing tests of controls in order to obtain relevant audit evidence includes determining the parameters of the operation of controls (characteristics or attributes) that could characterize their operation, as well as the parameters of deviation of controls that would indicate the operation of controls that differs from the expected one. The presence or absence of such parameters can be checked by the auditor subsequently;
d) designing substantive procedures involves identifying parameters relevant to the purpose of the audit procedure that might indicate a misstatement of the audited financial statement assertion.
21. The reliability of information used as audit evidence depends on: the source from which the information is obtained; the nature of the information; the circumstances under which the information was obtained, including the means of controlling its preparation and storage. For example, audit evidence obtained from an independent external source may not be reliable if that source is not sufficiently knowledgeable or objective.
22. When evaluating the reliability of audit evidence, the auditor should generally consider the following:
a) audit evidence obtained from an independent source external to the audited entity (third-party confirmations, analyst reports, comparable data on competitors, etc.) is more reliable;
b) audit evidence obtained from an internal source is more reliable when the entity's appropriate controls, including over the preparation and retention of information, function effectively;
c) audit evidence obtained directly by the auditor (for example, by observing the use of a control) is more reliable than audit evidence obtained indirectly or on the basis of inferences (for example, based on a request for how to apply a control);
d) audit evidence obtained in documentary form on paper or in electronic form is more reliable than that obtained orally;
e) audit evidence provided by originals (originals) of documents is more reliable than audit evidence provided by copies of documents, the reliability of which may depend on the means of control over their preparation and storage.
23. When information used as audit evidence is prepared with input from an expert from the entity's management, the auditor should, to the extent necessary for the purposes of the audit:
a) evaluate the competence, skills and objectivity of the entity's management expert;
b) understand what the auditee's management's expert's job was;
c) ensure that the work of the entity's management's expert was appropriate to be used as audit evidence regarding the relevant financial statement assertion.
Examples of questions that the auditor may consider when reviewing the work of the entity's management's expert are included in the appendix to this ISA.
24. If information prepared by the entity being audited is used in the performance of audit procedures, the auditor should evaluate whether this information is reliable, i.e. accurate, complete, and sufficiently detailed for audit purposes. For example, if the auditor decides to use the audited entity's data on standard prices and recorded sales volume in the audit of revenue, he should first make sure that the standard prices are accurate and that the recorded sales volumes are complete and accurate. When the auditor decides to test a population (eg, payments) for a particular characteristic (eg, authorizations), the auditor should ensure that the population from which items are selected for testing is complete. In the case when, when carrying out analytical procedures in relation to financial result activities of the entity being audited, the auditor decides to use information prepared by that entity for internal monitoring purposes (for example, reports by the internal auditor), he must ensure that this information is accurate and detailed for the purposes of the audit.
25. Audit evidence of the completeness and accuracy of information prepared by the entity being audited and used in performing audit procedures may be obtained by the auditor:
a) concurrently with the ongoing audit procedures that are the subject of the information, provided that obtaining audit evidence of this kind is part of the audit procedures themselves;
b) by testing the means of control of the preparation and processing of this information;
c) as a result of additional audit procedures.
26. In cases where the audit evidence obtained from one source is inconsistent with the audit evidence obtained from another source, or the auditor has doubts about the reliability of the information that is going to be used as audit evidence, the auditor should determine how the audit procedures should be changed or supplemented. them in order to remove inconsistencies or doubts. In addition, the auditor should consider the impact of this situation on other aspects of the audit.
27. In selecting and performing audit procedures, the auditor should consider the following:
a) some accounting data or other information of the audited entity may be available only in electronic form or only at certain times (for example, if the organization is engaged in electronic commerce, then primary documents (orders for the supply of goods, invoices) are issued in the form of electronic messages);
b) certain types of information in electronic form may not be available after a certain time (for example, in the case when electronic files are changed and their backup copies are not saved). In this case, the auditor should reach an agreement with the audited entity to keep the latter information necessary for the audit procedures, or perform audit procedures at a time when the relevant information is available.
III. Selecting Items for Testing to Obtain Audit Evidence
28. During the development of tests of controls and test of detail, the auditor should establish methods for selecting items for testing that would be effective for the purposes of the audit. A test can be considered effective for audit purposes if, as a result of its implementation, appropriate audit evidence is obtained, which, taking into account the audit evidence already obtained or planned to be obtained, can be considered sufficient for the audit purposes. In selecting items for testing, the auditor, in accordance with paragraphs 18–21 of this ISA, shall be satisfied that the information used as audit evidence is appropriate and reliable.
29. The auditor may use the following methods to select items for testing:
a) selection of all elements (complete check);
b) selection of specific (certain) elements;
c) building an audit sample.
30. The choice of one method or a combination of several methods for selecting elements for testing depends on: specific circumstances (risks of material misstatement in relation to the premise of the audited financial statements, etc.); practical feasibility of the method; the effectiveness of the method.
31. A complete check is carried out in relation to a group of the same type of business transactions or turnovers on an accounting account (or a stratum within the aggregate). An exhaustive check is usually used when performing detailed tests when:
a) the set consists of a small number of elements with a large value;
b) there is a significant risk, and other methods of selecting items for testing do not provide sufficient appropriate audit evidence;
c) there is a repetitive nature of calculations or other processes automatically performed by the information system, which makes a complete check cost-effective.
A complete test is generally not used when testing controls.
32. When deciding on the selection from a set of specific (certain) elements, the auditor should proceed from knowledge of the activities of the entity being audited, the assessed risks of material misstatement, and the characteristics of the tested set. The selection of specific (certain) elements based on the professional judgment of the auditor entails a risk that is not associated with the use of a selective method.
33. Selected specific (certain) elements can be:
a) high-value items or so-called key sampling items (for example, items that are suspicious, unusual, particularly at risk, or that have previously been associated with errors);
b) elements exceeding a certain value, which will allow to test most of the total amount turnovers on an accounting account or a group of similar business transactions;
c) elements for obtaining certain information (for example, information about the features of the activities of the audited entity, the nature of business transactions).
34. When using the method of selecting specific (certain) elements, the auditor should keep in mind that the selection of specific (certain) elements within the turnover of an accounting account or a group of similar business transactions is not an audit sample. The conclusions from the results of the procedures applied to the elements selected by this method cannot be extended to the entire population; accordingly, a test of specific (certain) elements does not provide audit evidence regarding the remainder of the population.
Introduction
1. This federal rule (standard) of audit activity, developed taking into account international auditing standards, establishes uniform requirements for the quantity and quality of evidence that must be obtained during the audit of financial (accounting) statements, as well as for procedures performed to obtain evidence.
2. The audit organization and the individual auditor (hereinafter referred to as the auditor) must obtain sufficient appropriate evidence in order to formulate reasonable conclusions on which the auditor's opinion is based.
(as amended by Decree of the Government of the Russian Federation of 07.10.2004 N 532)
3. Audit evidence is obtained as a result of a set of tests of internal controls and the necessary substantive procedures. In some situations, evidence may be obtained solely through substantive procedures.
4. Audit evidence is the information obtained by the auditor during the audit, and the result of the analysis of this information, on which the auditor's opinion is based. Audit evidence includes, in particular, primary documents and accounting records, which are the basis of financial (accounting) statements, as well as written explanations of authorized employees of the audited entity and information obtained from various sources (from third parties).
5. Tests of internal controls means activities performed to obtain audit evidence regarding the proper organization and effectiveness of the accounting and internal control systems.
(as amended by Decree of the Government of the Russian Federation of 07.10.2004 N 532)
6. Substantive procedures are carried out in order to obtain audit evidence of material misstatements in the financial (accounting) statements. These verification procedures are carried out in the following forms:
detailed tests evaluating the correctness of the reflection of transactions and the balance of funds on the accounts of accounting;
analytical procedures.
Sufficient Appropriate Audit Evidence
7. The concepts of sufficiency and appropriateness are interrelated and apply to audit evidence obtained as a result of tests of internal controls and substantive audit procedures. Sufficiency is a quantitative measure of audit evidence. Appropriate nature is the qualitative side of audit evidence, which determines their coincidence with a specific premise of the preparation of financial (accounting) statements and its reliability. Typically, the auditor finds it necessary to rely on audit evidence that only provides evidence to support a particular conclusion, and is not exhaustive, and often collects audit evidence from different sources or from documents of different content in order to support the same business transaction or group. similar business transactions.
(as amended by Decree of the Government of the Russian Federation of 07.10.2004 N 532)
8. When forming an audit opinion, the auditor usually does not check all the business transactions of the entity being audited, since the conclusions regarding the correct reflection of the balance of funds in the accounts of accounting, a group of similar business transactions or internal controls may be based on judgments or procedures carried out in a selective way.
9. The auditor's judgment about what is sufficient appropriate audit evidence is influenced by the following factors:
audit assessment of the nature and magnitude of audit risk both at the level of financial (accounting) statements and at the level of the balance of funds in accounting accounts or similar business transactions;
the nature of the accounting and internal control systems, as well as the assessment of the risk of internal controls;
(as amended by Decree of the Government of the Russian Federation of 07.10.2004 N 532)
the materiality of the item being checked in the financial (accounting) statements;
experience gained during previous audits;
the results of audit procedures, including the possible discovery of fraud or error;
(as amended by Decree of the Government of the Russian Federation of 07.10.2004 N 532)
source and reliability of information.
10. When obtaining audit evidence using tests of internal controls, the auditor should consider the sufficiency and appropriateness of that evidence to support an assessment of the level of risk of internal controls.
(as amended by Decree of the Government of the Russian Federation of 07.10.2004 N 532)
11. The objects of assessment of accounting and internal control systems, regarding which the auditor collects audit evidence, include:
organization - the arrangement of accounting and internal control systems that ensures the prevention and (or) detection, as well as the correction of material misstatements;
functioning - the effectiveness of the operation of accounting and internal control systems during the relevant period of time.
12. When obtaining audit evidence using substantive audit procedures, the auditor should consider the sufficiency and appropriateness of this evidence, along with evidence obtained from tests of internal controls, in order to confirm the financial (accounting) reporting assertions.
(as amended by Decree of the Government of the Russian Federation of 07.10.2004 N 532)
13. Prerequisites for the preparation of financial (accounting) statements - statements made by the management of the audited entity in an explicit or implicit form, reflected in the financial (accounting) statements. These prerequisites include the following items:
existence - availability as of a certain date of an asset or liability reflected in the financial (accounting) statements;
rights and obligations - belonging to the audited entity as of a certain date of an asset or liability reflected in the financial (accounting) statements;
occurrence - a business transaction or event related to the activity of the audited entity that took place during the relevant period;
completeness - the absence of assets, liabilities, business transactions or events or undisclosed accounting items that are not reflected in the accounting records;
valuation - reflection in the financial (accounting) statements of the proper book value asset or liability;
accurate measurement - the accuracy of reflecting the amount of a business transaction or event with the attribution of income or expenses to the corresponding period of time;
presentation and disclosure - explanation, classification and description of an asset or liability in accordance with the rules for its reflection in financial (accounting) statements.
14. Audit evidence, as a rule, is collected, taking into account each premise of the preparation of financial (accounting) statements. Audit evidence relating to one assertion, such as the existence of inventory, cannot compensate for the lack of audit evidence relating to another assertion, such as a valuation. The nature, timing and extent of substantive testing procedures depend on the assertion being tested. During tests, the auditor may obtain evidence related to more than one assertion, for example, when checking the collection of receivables, he may identify audit evidence both about their existence and about their size (valuation).
15. The reliability of audit evidence depends on its source (internal or external), as well as on the form of its presentation (visual, documentary or oral). When evaluating the reliability of audit evidence, depending on the specific situation, proceed from the following:
audit evidence obtained from external sources (from third parties) is more reliable than evidence obtained from internal sources;
audit evidence obtained from internal sources is more reliable if existing accounting and internal control systems are effective;
audit evidence collected directly by the auditor is more reliable than evidence obtained from the entity being audited;
Audit evidence in the form of documents and written statements is more reliable than statements presented orally.
16. Audit evidence is more persuasive if it is obtained from different sources, has different content and does not contradict each other. In such cases, the auditor may provide more a high degree assurance compared to that which would be obtained by considering the audit evidence individually. Conversely, if the audit evidence obtained from one source is inconsistent with the evidence obtained from another, the auditor should determine what additional procedures need to be performed to determine the reasons for such a discrepancy.
17. The auditor should weigh the costs associated with obtaining audit evidence against the usefulness of the information obtained. However, the complexity of the work and the costs are not sufficient grounds for refusing to perform the necessary procedure.
18. If there are serious doubts about the reliability of the reflection of business transactions in the financial (accounting) statements, the auditor should try to obtain sufficient appropriate audit evidence to eliminate such doubt. If it is not possible to obtain sufficient appropriate audit evidence, the auditor should express an opinion subject to an appropriate qualification or disclaim an opinion.
Procedures for Obtaining Audit Evidence
19. The auditor obtains audit evidence by performing the following substantive procedures: inspection, observation, inquiry, confirmation, recalculation (checking the entity's arithmetic calculations), and analytical procedures. The duration of these procedures depends, in particular, on the period allotted for obtaining audit evidence.
20. Inspection is the examination of records, documents or tangible assets. During the inspection of records and documents, the auditor obtains audit evidence of varying degrees of reliability, depending on their nature and source, as well as on the effectiveness of internal controls over the process of their processing.
Documentary audit evidence, characterized by varying degrees of reliability, includes:
documentary audit evidence created by and held by third parties (external information);
documentary audit evidence created by third parties, but held by the audited entity (external and internal information);
documentary audit evidence created by and held by the audited entity (inside information).
An inspection of the entity's tangible assets provides reliable audit evidence regarding their existence, but not necessarily their ownership or valuation.
(as amended by Decree of the Government of the Russian Federation of 07.10.2004 N 532)
21. Observation is the auditor's observation of a process or procedure performed by others (for example, the auditor's observation of inventory counts carried out by employees of the entity being audited, or the observation of internal control procedures for which no audit trail remains).
22. An inquiry is a search for information from knowledgeable persons within or outside the entity being audited. The request in the form can be either a formal written request addressed to third parties or an informal verbal question addressed to employees of the entity being audited. Answers to inquiries (questions) may provide the auditor with information that he did not previously have or that confirm audit evidence.
23. Confirmation is a response to a request for information contained in accounting records (for example, the auditor usually requests confirmation of receivables directly from debtors).
24. Recalculation is a verification of the accuracy of arithmetic calculations in primary documents and accounting records or performance by the auditor of independent calculations.
25. Analytical procedures are the analysis and evaluation of the information received by the auditor, the study of the most important financial and economic indicators of the audited entity in order to identify unusual and (or) incorrectly reflected business transactions in accounting, identify the causes of such errors and distortions.
Approved
Government Decree
dated September 23, 2002 No. 696
Introduction
1. This federal rule (standard) of audit activity, developed taking into account international auditing standards, establishes uniform requirements for the quantity and quality of evidence that must be obtained during the audit of financial (accounting) statements, as well as for procedures performed to obtain evidence.
2. The audit organization and the individual auditor (hereinafter referred to as the auditor) must obtain sufficient appropriate evidence in order to formulate reasonable conclusions on which the auditor's opinion is based year N 532, - see the previous edition).
3. Audit evidence is obtained as a result of a set of tests of internal controls and the necessary substantive procedures. In some situations, evidence may be obtained solely through substantive procedures.
4. Audit evidence is the information obtained by the auditor during the audit, and the result of the analysis of this information, on which the auditor's opinion is based. Audit evidence includes, in particular, primary documents and accounting records, which are the basis of financial (accounting) statements, as well as written explanations of authorized employees of the audited entity and information obtained from various sources (from third parties).
5. Tests of internal controls mean actions carried out in order to obtain audit evidence regarding the proper organization and effectiveness of the functioning of accounting and internal control systems N 532, - see the previous edition).
6. Substantive procedures are carried out in order to obtain audit evidence of material misstatements in the financial (accounting) statements. These verification procedures are carried out in the following forms:
detailed tests evaluating the correctness of the reflection of transactions and the balance of funds on the accounts of accounting;
analytical procedures.
Sufficient Appropriate Audit Evidence
7. The concepts of sufficiency and appropriateness are interrelated and apply to audit evidence obtained as a result of tests of internal controls and substantive audit procedures. Sufficiency is a quantitative measure of audit evidence. Appropriate nature is the qualitative side of audit evidence, which determines their coincidence with a specific premise of the preparation of financial (accounting) statements and its reliability. Typically, the auditor finds it necessary to rely on audit evidence that only provides evidence to support a particular conclusion, and is not exhaustive, and often collects audit evidence from different sources or from documents of different content in order to support the same business transaction or group. business transactions of the same type (the paragraph was supplemented from October 27, 2004 by the Decree of the Government of the Russian Federation of October 7, 2004 N 532, - see the previous edition).
8. When forming an audit opinion, the auditor usually does not check all the business transactions of the entity being audited, since the conclusions regarding the correct reflection of the balance of funds in the accounts of accounting, a group of similar business transactions or internal controls may be based on judgments or procedures carried out in a selective way.
9. The auditor's judgment about what is sufficient appropriate audit evidence is influenced by the following factors:
audit estimate the nature and magnitude of audit risk both at the level of financial (accounting) statements, and at the level of the balance of funds in accounting accounts or similar business transactions;
характер систем бухгалтерского учета и внутреннего контроля, а также оценка риска средств внутреннего контроля (абзац в редакции, введенной в действие с 27 октября 2004 года #M12293 2 901911114 4294967295 4294967294 3233935677 85 4294967294 1794721357 3655588578 2687662028постановлением Правительства Российской Федерации от 7 октября 2004 года N 532 , - see previous edition);
the materiality of the item being checked in the financial (accounting) statements;
experience gained during previous audits;
the results of audit procedures, including the possible detection of fraud or errors (paragraph as amended by Decree of the Government of the Russian Federation of October 7, 2004 N 532, see the previous version);
source and reliability of information.
10. When obtaining audit evidence using tests of internal controls, the auditor should consider the sufficiency and appropriate nature of this evidence in order to confirm the assessment of the level of risk of internal controls 2004 N 532, - see the previous edition).
11. The objects of assessment of accounting and internal control systems, regarding which the auditor collects audit evidence, include:
organization - the arrangement of accounting and internal control systems that ensures the prevention and (or) detection, as well as the correction of material misstatements;
functioning - the effectiveness of the operation of accounting and internal control systems during the relevant period of time.
12. When obtaining audit evidence using substantive audit procedures, the auditor should consider the sufficiency and appropriateness of this evidence, along with evidence obtained as a result of tests of internal controls, in order to confirm the prerequisites for the preparation of financial (accounting) statements. year by Decree of the Government of the Russian Federation of October 7, 2004 N 532, - see the previous edition).
13. Prerequisites for the preparation of financial (accounting) statements - statements made by the management of the audited entity in an explicit or implicit form, reflected in the financial (accounting) statements. These prerequisites include the following elements:
existence - availability as of a certain date of an asset or liability reflected in the financial (accounting) statements;
rights and obligations - belonging to the audited entity as of a certain date of an asset or liability reflected in the financial (accounting) statements;
occurrence - a business transaction or event related to the activity of the audited entity that took place during the relevant period;
completeness - the absence of assets, liabilities, business transactions or events or undisclosed accounting items that are not reflected in the accounting records;
valuation - reflection in the financial (accounting) statements of the proper balance sheet value of an asset or liability;
accurate measurement - the accuracy of reflecting the amount of a business transaction or event with the attribution of income or expenses to the corresponding period of time;
presentation and disclosure - explanation, classification and description of an asset or liability in accordance with the rules for its reflection in financial (accounting) statements.
14. Audit evidence, as a rule, is collected, taking into account each premise of the preparation of financial (accounting) statements. Audit evidence relating to one assertion, such as the existence of inventory, cannot compensate for the lack of audit evidence relating to another assertion, such as a valuation. The nature, timing and extent of substantive testing procedures depend on the assertion being tested. During tests, the auditor may obtain evidence related to more than one assertion, for example, when checking the collection of receivables, he may identify audit evidence both about their existence and about their size (valuation).
15. The reliability of audit evidence depends on its source (internal or external), as well as on the form of its presentation (visual, documentary or oral). When evaluating the reliability of audit evidence, depending on the specific situation, proceed from the following:
audit evidence obtained from external sources (from third parties) is more reliable than evidence obtained from internal sources;
audit evidence obtained from internal sources is more reliable if existing accounting and internal control systems are effective;
audit evidence collected directly by the auditor is more reliable than evidence obtained from the entity being audited;
Audit evidence in the form of documents and written statements is more reliable than statements presented orally.
16. Audit evidence is more persuasive if it is obtained from different sources, has different content and does not contradict each other. In such cases, the auditor may provide a higher degree of assurance than would be obtained by considering the audit evidence individually. Conversely, if the audit evidence obtained from one source is inconsistent with the evidence obtained from another, the auditor should determine what additional procedures need to be performed to determine the reasons for such a discrepancy.
17. The auditor should weigh the costs associated with obtaining audit evidence against the usefulness of the information obtained. However, the complexity of the work and the costs are not sufficient grounds for refusing to perform the necessary procedure.
18. If there are serious doubts about the reliability of the reflection of business transactions in the financial (accounting) statements, the auditor should try to obtain sufficient appropriate audit evidence to eliminate such doubt. If it is not possible to obtain sufficient appropriate audit evidence, the auditor should express an opinion subject to an appropriate qualification or disclaim an opinion.
Procedures for Obtaining Audit Evidence
19. The auditor obtains audit evidence by performing the following substantive procedures: inspection, observation, inquiry, confirmation, recalculation (checking the entity's arithmetic calculations), and analytical procedures. The duration of these procedures depends, in particular, on the period allotted for obtaining audit evidence.
20. Inspection is the examination of records, documents or tangible assets. During the inspection of records and documents, the auditor obtains audit evidence of varying degrees of reliability, depending on their nature and source, as well as on the effectiveness of internal controls over the process of their processing.
Documentary audit evidence, characterized by varying degrees of reliability, includes:
documentary audit evidence created by and held by third parties (external information);
documentary audit evidence created by third parties, but held by the audited entity (external and internal information);
documentary audit evidence created by and held by the audited entity (inside information).
As a result of inspection of the tangible assets of the audited entity, reliable audit evidence is provided regarding their existence, but not necessarily regarding the ownership of them or their valuation , - see the previous edition).
21. Observation is the auditor's observation of a process or procedure performed by others (for example, the auditor's observation of inventory counts carried out by employees of the entity being audited, or the observation of internal control procedures for which no audit trail remains).
22. An inquiry is a search for information from knowledgeable persons within or outside the entity being audited. The request in the form can be either a formal written request addressed to third parties or an informal verbal question addressed to employees of the entity being audited. Answers to inquiries (questions) may provide the auditor with information that he did not previously have or that confirm audit evidence.
23. Confirmation is a response to a request for information contained in accounting records (for example, the auditor usually requests confirmation of receivables directly from debtors).
24. Recalculation is a verification of the accuracy of arithmetic calculations in primary documents and accounting records or the performance of independent calculations by the auditor.
25. Analytical procedures are the analysis and evaluation of the information received by the auditor, the study of the most important financial and economic indicators audited entity in order to identify unusual and (or) incorrectly reflected in the accounting business transactions, identify the causes of such errors and distortions.
RULE (STANDARD) N 7.
QUALITY CONTROL OF PERFORMANCE OF AUDIT TASK
(as amended by Decree of the Government of the Russian Federation of November 19, 2008 N 863)
Introduction
1. This federal rule (standard) of audit activity, developed taking into account international auditing standards, establishes uniform requirements for quality control of the performance of audit assignments.
2. Members of the audit team:
a) must follow the quality control procedures applicable to the specific audit engagement;
b) must provide the audit organization with relevant information to ensure the effective functioning of the quality control system in terms of observing the principle of independence;
c) may rely on the audit organization's established quality control policies and procedures (for example, with regard to the skills and professional competence of employees, the principles and procedures for hiring employees and continuing vocational training, in relation to independence - to the principles and procedures for collecting and reporting relevant information on independence, in relation to maintaining relationships with clients - to the principles and procedures governing the procedure for deciding whether to accept a new client or continue cooperation with existing clients, in relation to compliance normative legal acts of the Russian Federation and professional standards - for monitoring).
Definitions
3. The terms used in this rule (standard) mean the following:
a) "audit leader" - an authorized person of the audit organization who is responsible for the performance of the audit engagement and the preparation of the audit report;
b) "engagement quality review" - a process designed to objectively evaluate the significant judgments and conclusions of the audit team formed on the basis of the audit results before issuing the auditor's report;
c) "engagement quality reviewer" means a senior member of the firm or another authorized person of the firm, a third party competent person or a group of such third parties who has sufficient appropriate experience and authority to objectively evaluate significant judgments before issuing the auditor's report. and conclusions of the audit team formed on the basis of the results of the audit;
d) "audit team" - employees performing an audit engagement, including all experts engaged by the audit organization to perform this engagement;
e) "socially significant economic entity" - an open joint-stock company, another organization whose securities are admitted to trading stock exchanges and (or) organizers of trade in the market valuable papers(for example, credit or insurance organization, investment fund and etc.);
f) "monitoring" means the process of reviewing and evaluating an audit firm's audit quality system, including periodic selective inspection of completed audit engagements, to achieve reasonable assurance that the quality control system is operating effectively;
g) "network organization" - an economic entity that has common control, ownership or management with another organization and which can be recognized on a reasonable basis by any third party with relevant information as part of a national or international network;
h) "leading officer of an audit organization" - a person with the authority to conclude contracts for the provision of audit and audit-related services on behalf of an audit organization;
i) "employees" - senior employees of the audit organization and other specialists involved in the audit activities of the audit organization and the provision of services related to the audit;
j) "professional standards" - federal rules (standards) of audit activity, internal rules (standards) of audit activity in force in professional audit associations, rules (standards) of audit activity of audit organizations, as well as the Code of Ethics of Auditors of Russia;
k) "specialists" - employees of the audit organization, with the exception of senior employees;
l) "outside competent person" - a person who is not an employee of the audit organization and has professional competence sufficient to direct the audit (for example, a senior employee of another audit organization or a representative (with relevant experience) of a professional audit association whose members can perform tasks by audit).
Responsibilities of the audit manager
to ensure the quality of the audit
4. The audit leader is responsible for the quality of the performance of each audit engagement that he/she supervises.
5. At all stages of the audit, the audit partner must demonstrate to the audit team members the high quality of work by the example of their own actions or by appropriate instructions to the audit team members. Such actions and instructions should emphasize:
a) the importance of complying with the regulatory legal acts of the Russian Federation and professional standards, applicable principles and procedures for quality control of the audit organization, as well as issuing an audit report that meets the conditions of a specific assignment;
b) quality assurance, which is a top priority.
Ethical Requirements
6. The audit partner should monitor compliance with ethical requirements by members of the audit team.
7. Ethical requirements applicable to audits are established by the Code of Ethics for Auditors of Russia and include:
a) honesty;
b) objectivity;
c) professional competence and due diligence;
d) confidentiality;
e) professional behavior;
e) independence.
8. The audit partner should pay particular attention to ethical compliance by all members of the audit team throughout the audit. If the engagement partner becomes aware of non-compliance with ethical requirements by members of the audit team, then he should consult with the appropriate persons from the staff of the audit organization and ensure that appropriate disciplinary actions are taken against those who do not comply with ethical requirements.
9. The audit partner and other members of the audit team should document the problems identified and how they were resolved.
10. The audit partner should express an opinion on whether the independence requirements applicable to the specific audit engagement have been met and should:
a) obtain information from the audit firm and, if appropriate, from network organizations in order to identify and evaluate circumstances and relationships that create threats to independence;
b) evaluate information about identified violations of independence procedures, if any, and determine whether they pose a threat to independence for a particular audit engagement;
c) take appropriate steps to eliminate threats to independence or reduce them to an acceptably low level, and report any such occurrences to the firm in a timely manner so that the firm can take appropriate action;
d) document the conclusions regarding independence, as well as any relevant reasoning supporting these conclusions.
11. The audit partner may identify a threat to independence in relation to a particular audit engagement that safeguards have failed to eliminate or reduce to an acceptably low level. In such a case, the audit partner should consult with appropriate individuals within the firm's staff to ensure that appropriate safeguards are in place to ensure that threats to independence are eliminated or reduced to an acceptably low level, up to and including abandoning the engagement. All reasoning and conclusions regarding this issue should be documented.
Decision to accept a new client
or continuation of cooperation with the client on a specific
audit engagement
12. The audit partner should ensure that all necessary procedures in relation to the decision to accept a new client or continue to work with a client on a specific audit engagement have been followed and that appropriate conclusions have been drawn and documented.
13. The decision to accept a new client or continue cooperation with a client may be initiated by the head of the audit or another person.
14. The decision to accept a new client or continue cooperation with a client on a specific audit engagement provides for:
assessment of the honesty of the main owners of the potential audited entity, its management and representatives of the owner;
assessment of the professional competence of the members of the audit team necessary to perform a specific audit engagement, as well as the availability of the necessary time and resources, the ability of the audit organization and members of the audit team to comply with ethical requirements.
If questions arise in evaluating one of these conditions, then the members of the engagement team should seek the advice of the audit firm's management or legal counsel, documenting how to resolve these issues.
15. The decision to continue with the client is preceded by an assessment of the significant issues that have arisen during the current or previous audit engagement, as well as the impact of their consequences on the continuation of cooperation. For example, the client may have begun expanding its activities in an area in which the employees of the audit organization do not have the necessary experience and knowledge.
16. The head of the audit, if he receives information that, being known earlier, would lead to the refusal to perform the audit engagement, must communicate this information to the audit organization in a timely manner to ensure the adoption of a collegial decision.
Formation of the audit team
17. The audit partner should ensure that the members of the audit team have the appropriate skills, competencies, authority, and time necessary to complete the audit engagement in accordance with regulatory requirements. legal acts Russian Federation and professional standards.
18. Relevant skills and professional competence means:
a) understanding of the audit engagement and practical experience in audit engagements of a similar nature and complexity, acquired through training and previous work;
b) knowledge and understanding of the regulatory legal acts of the Russian Federation and professional standards;
c) knowledge in the field of information technology;
d) knowledge of the industries in which the client operates;
e) the ability to form professional judgment;
f) an understanding of the quality control principles and procedures established by the firm.
Completing a task
19. The head of the audit is responsible for the distribution of work, supervision and execution of the audit engagement in accordance with the regulatory legal acts of the Russian Federation and professional standards, as well as for issuing an audit opinion that complies with the terms of the assignment.
20. The audit partner leads the audit engagement by informing the engagement team of their duties and responsibilities, the nature of the client's business, risk issues, issues that may arise, and the detailed approach to the engagement.
It is the responsibility of the members of the engagement team to maintain objectivity and exercise due professional skepticism, and to perform assigned work in an ethical manner. Members of the engagement team may seek clarification from more experienced members, maintaining appropriate professional communication within the engagement team.
21. Members of the audit team should understand the goals and objectives of the audit engagement they are performing.
22. Engagement supervision by the audit partner includes:
a) monitoring the progress of the audit engagement;
b) an assessment of the skills and professional competence of each member of the audit team, whether they have sufficient time to complete the audit engagement, understand the instructions given to them, and whether their work is consistent with the planned approach;
c) addressing significant issues that arise in the course of the audit engagement, assessing their significance and, if necessary, changing the planned approach accordingly;
d) identifying issues that require clarification or consultation during the audit with more experienced members of the audit team.
23. Oversight functions involve reviewing the work of less experienced members of the audit team by more experienced members, including the audit leader. Supervisors evaluate:
a) whether the work performed complies with the regulatory legal acts of the Russian Federation and professional standards;
b) whether significant issues have arisen that require further consideration;
c) whether consultations were held and whether the conclusions of the consultations, provided they were held, were documented and applied in practice;
d) whether there is a need to review the nature, timing and scope of the work performed;
e) to what extent the work performed confirms the findings and is documented;
e) the sufficiency and appropriateness of the audit evidence obtained on which the auditor's report is based;
g) whether the objectives of the audit procedures are achieved.
24. Prior to issuing an audit opinion, the audit partner should review the auditor's working papers and discuss with the audit team members to ensure that the audit evidence obtained to support the conclusions is sufficient and appropriate.
25. The audit manager should oversee the progress of each stage of the audit in a timely manner. This allows significant issues to be resolved in a timely manner prior to the issuance of an auditor's report. Such oversight by the audit partner should cover the most significant judgments, especially those relating to complex or controversial issues identified during the audit, as well as significant risks and other areas that the audit partner deems important. The audit manager does not need to check all the auditor's working papers, but he must document information about when and which working papers were checked by him. Answers to the questions of the head of the audit, arising from the implementation of the specified supervision, must be reasoned.
26. In the event that a newly appointed audit partner takes over the direction of the audit during its execution, that audit partner should check what work has already been done as of the date of his appointment. Supervisory procedures of this kind should be sufficient to ensure that the specified audit partner is satisfied that the work performed as of the date of these procedures was planned and performed in accordance with the regulatory legal acts of the Russian Federation and professional standards.
27. When more than one audit partner is involved in an audit engagement, the members of the audit team should have a clear understanding of the roles and responsibilities of each audit partner.
28. The audit leader should:
a) be responsible for organizing the receipt of consultations by members of the audit team on complex and controversial issues;
b) ensure that members of the audit team have the opportunity, during the course of the audit engagement, to obtain appropriate clarifications and advice from both other, more experienced members of the audit team or persons with relevant knowledge, authority and experience working in the audit firm, and from third parties. competent persons;
c) make sure that the nature and extent of consultations, as well as the conclusions drawn from such consultations, are documented and agreed with the persons who carried out the consultations;
d) make sure that the conclusions drawn from the results of the consultations have been applied in practice.
29. In order for consultations with competent persons to be effective, it is necessary that these persons be provided with all the initial information on the basis of which they could give appropriate recommendations on methodological, ethical and other issues. If necessary, members of the audit team may seek advice from persons with relevant knowledge, authority and experience working in the firm and outside it. The conclusions drawn from such consultations should be documented and put into practice.
30. The Auditing Organization may seek advice from third-party competent persons, in particular other auditing organizations and professional auditing associations, as well as other organizations that provide relevant services in the field of audit quality control and audit-related services.
31. Documentation relating to consultations with a competent person on complex or controversial issues should be agreed upon by the person seeking advice and the person who provided the advice. Documentation must be sufficiently complete and detailed to clearly disclose the subject matter of the consultation and the results of the consultation, including all decisions made, grounds for their adoption and ways of their application in practice.
32. In the event that a disagreement arises between members of the engagement team and the consultant, or between the engagement partner and the engagement quality reviewer, the engagement team members should follow the principles and procedures for resolving disputes established by the audit team. in an audit organization.
33. The audit partner informs the audit team members that they may report differences of opinion to him or other senior members of the audit firm.
34. When conducting an audit of financial (accounting) statements of socially significant economic entities, the head of the audit must:
a) ensure that a person is appointed to perform the quality review of the engagement;
b) discuss significant matters arising in the course of an audit engagement, including matters arising in the course of an engagement quality review, with the engagement quality reviewer;
c) not issue an auditor's report until the engagement quality review has been completed.
35. For other audit engagements for which an engagement quality review is performed, the audit coordinator should follow the provisions of subparagraphs "a" - "c" of paragraph 34 of this rule (standard).
36. If a pre-engagement quality review is not deemed necessary, the audit partner should systematically assess changing circumstances that may warrant such a review.
37. An engagement quality review includes an objective evaluation of the significant judgments made by the members of the engagement team and the conclusions that form the basis of the auditor's report.
38. An engagement quality review typically includes discussing the progress of the engagement with the audit leader, reviewing the financial (accounting) statements and the auditor's report, in particular its compliance with the terms of the particular engagement. Also, such a review involves a selective analysis of the auditor's working papers related to significant judgments and conclusions made by the audit team. The extent of this review depends on the complexity of the engagement and the risk that the auditor's report may not be consistent with the terms of the engagement. An engagement quality review does not reduce the responsibility of the audit partner.
39. A review of the quality of performance of assignments for the audit of financial (accounting) statements of socially significant economic entities includes:
a) the audit team's assessment of the firm's independence in the context of the specific audit engagement;
b) assessment of significant risks identified in the course of the engagement (in accordance with rule (standard) No. 8), and procedures performed in response to the risks assessed by the auditor, including assessment by the audit team of the risk of errors and fraud and performance by the audit team of procedures in response for this risk;
c) judgments regarding the level of materiality and significant risks;
d) receiving appropriate advice on complex or controversial issues or in case of disagreement, as well as the conclusions drawn from the results of these consultations;
e) the significance of corrected and uncorrected misstatements identified during the audit;
f) circumstances, information about which must be brought to the attention of the management of the audited entity, representatives of the owner or other persons;
g) the compliance of the auditor's working documents selected for analysis with the work performed, which served as the basis for the formation of significant judgments and conclusions;
h) the appropriate nature of the audit report issued.
40. Review checks of the quality of performance of assignments, other than the audit of financial (accounting) statements of socially significant economic entities, may, depending on the circumstances, fully or partially cover all the provisions specified in paragraph 39 of this rule (standard).
Monitoring
41. The audit partner should evaluate the results of monitoring reflected in the latest information disseminated by the audit firm and, if applicable, other audit firms that are members of network audit firms.
The audit partner evaluates how the deficiencies reflected in this information may affect the audit engagement and whether the actions taken by the audit firm to correct the situation are sufficient in the context of this audit engagement.
42. Deficiencies in the quality control system for the performance of assignments identified during the monitoring process do not mean that a particular audit assignment was not performed in accordance with regulatory legal acts in the field of audit and federal rules (standards) for auditing.
RULE (STANDARD) N 8.
UNDERSTANDING THE ACTIVITIES OF THE AUDITED ENTITY, THE ENVIRONMENT,
IN WHICH IT IS CARRIED OUT AND RISK ASSESSMENT OF SIGNIFICANT
MISTAKE OF AUDITED FINANCIAL (ACCOUNTING) STATEMENTS
(as amended by Decrees of the Government of the Russian Federation of November 19, 2008 N 863,
dated 27.01.2011 N 30)
Introduction
1. This federal rule (standard) of audit activity, developed taking into account international auditing standards, establishes uniform requirements for understanding the activities of the audited entity and the environment in which it is carried out, including the internal control system and the assessment of the risks of material misstatement of the audited financial (accounting) statements.
2. The auditor must study the activities of the audited entity and the environment in which it is carried out, including the internal control system, to the extent sufficient to identify and assess the risks of material misstatement of the financial (accounting) statements resulting from errors or dishonest actions of management and (or) employees entity, and sufficient to plan and perform further audit procedures.
3. Understanding the activities of the audited entity and the environment in which they are carried out is of great importance when conducting an audit. In particular, this understanding provides a basis for planning the audit and expressing the auditor's professional judgment on assessing the risks of material misstatement of the financial (accounting) statements and responding to these risks in the audit process, such as:
a) establishing the level of materiality and assessing whether the judgment of materiality remains unchanged during the course of the audit;
b) consideration of the appropriateness of the choice and procedure for applying the accounting policy and the adequacy of information disclosure in the financial (accounting) statements;
c) identifying areas of the entity that require the auditor's particular attention, such as transactions with related parties, the appropriateness of management's assumptions about the going concern of the entity, or an examination of the purpose of business transactions;
d) definition of expected economic indicators the audited entity for use in performing analytical procedures;
e) planning and performing further audit procedures to reduce audit risk to an acceptably low level;
f) assessing the sufficiency and appropriateness of the audit evidence obtained, such as the appropriateness of the assumptions, as well as oral and written representations and explanations of the entity's management.
4. The auditor uses professional judgment to determine the required amount of knowledge about the activities of the entity and its environment, including the internal control system. The primary task of the auditor is to determine whether the achieved understanding of the activity is sufficient to assess the risks of material misstatement of the financial (accounting) statements, as well as to plan and perform further audit procedures. The amount of knowledge of the entity's activities required by the auditor is generally less than the amount of knowledge possessed by the entity's management.
Risk assessment procedures and sources of information
about the activities of the entity being audited and the environment in which
it is carried out, including the internal control system
5. The acquisition of knowledge about the activities of the audited entity and the environment in which it is carried out, including the internal control system, is a continuous dynamic process of collecting, updating and analyzing information at all stages of the audit. Audit procedures performed with the aim of acquiring knowledge about the activities of the audited entity are classified as risk assessment procedures, because certain information obtained by performing such procedures can be used by the auditor as audit evidence when assessing the risks of material misstatement of the financial (accounting) statements. In addition, by performing risk assessment procedures, the auditor may obtain audit evidence about groups of similar business transactions, account balances and disclosures and related assertions in the preparation of financial (accounting) statements, as well as about the operating effectiveness of controls, even if such audit procedures were not specifically planned as substantive procedures or tests of controls. The auditor may also schedule substantive procedures or tests of controls to be performed in parallel with risk assessment procedures, if such an approach is considered effective.
6. The auditor should perform the following risk assessment procedures to become familiar with the activities of the entity and the environment in which they are carried out, including internal control:
inquiries to the management or other employees of the audited entity;
analytical procedures;
observation and inspection.
The auditor is not required to perform all of the specified risk assessment procedures for each issue identified in paragraph 19 of this rule (standard). However, all risk assessment procedures are performed by the auditor in the course of achieving the necessary amount of knowledge about the activities of the entity being audited.
7. In addition to the risk assessment procedures provided for in paragraph 6 of this rule (standard), the auditor performs other audit procedures to obtain information that may be useful in identifying risks of material misstatement. For example, the auditor may consider making inquiries of entities providing services to the entity being audited. legal services or valuation services. Reviewing information obtained from external sources, in particular analytical reports, reports prepared by banks or statistical authorities, economic and professional newspapers and magazines, or official legal and financial publications, can be useful in familiarizing yourself with the activities of the entity being audited.
8. Although much of the information the auditor obtains through inquiries may be obtained from the entity’s management and those responsible for preparing the financial (accounting) statements, inquiries made to the entity’s employees, in particular production staff, internal auditors and other employees with different administrative functions can be helpful in providing the auditor with different perspectives when identifying risks of material misstatement.
In determining the employees of the entity to whom inquiries may be directed, as well as the number of such inquiries, the auditor considers the types of information that may be obtained to help the auditor identify risks of material misstatement.
Responses to inquiries directed to the owner's representatives may help the auditor understand the environment in which the financial (accounting) statements are being prepared.
Responses to inquiries sent to internal auditors may be relevant to their activities relating to the organization and operation of the audited entity's internal control system, and give an idea of how satisfactorily the management of the audited entity responded to the results of these activities.
Responding to inquiries of employees involved in initiating, performing or accounting for complex or unusual transactions may assist the auditor in assessing the appropriateness of the entity's selection and application of certain accounting rules.
Responses to inquiries sent to the legal department of the audited entity may be relevant to such issues as court cases and claims disputes in which the audited entity is involved, compliance by the audited entity with regulatory legal acts, knowledge of the facts of fraud or circumstances indicating the possibility of fraud , guarantees, obligations, agreements (in particular on joint activities) with counterparties and the content of contractual terms.
Responses to inquiries made to marketing or sales personnel may relate to changes in the entity's marketing strategies, sales trends, or contractual arrangements with customers and customers.
9. Analytical procedures can help identify unusual transactions or events, as well as indicators, ratios and trends that may indicate possible problems important for financial (accounting) reporting and auditing.
When performing analytical procedures as risk assessment procedures, the auditor makes an approximate estimate of expected performance indicators and likely relationships. If comparing these expected performance measures with the recorded amounts or ratios calculated from the recorded amounts results in unusual or unexpected relationships, the auditor considers these results when identifying risks of material misstatement.
If such analytical procedures use data summarized at a sufficiently high level, then the results of such analytical procedures can only serve as a primary indicator of the presence of a material misstatement. The auditor considers the results of such analytical procedures along with other information gathered in identifying risks of material misstatement.
10. Observation and inspection can become both the basis for making inquiries to the management and other employees of the entity being audited, and a source of information about the activities of the entity being audited and the environment in which they are carried out. Such audit procedures typically include:
a) overseeing the various areas of activity and operations of the entity being audited;
b) inspection of documents (such as business plans and development strategies), records and regulations of the internal control system;
c) studying reports prepared by management (such as quarterly management reports and interim financial (accounting) statements), reports of representatives of the owner (for example, minutes of meetings of the board of directors);
d) visiting administrative buildings and industrial premises the entity being audited;
e) tracking the reflection of business transactions in information systems ah, generating data for financial (accounting) reporting (end-to-end checks).
11. If the auditor intends to use information about the activities of the entity and its environment collected in previous periods, the auditor should determine whether there have been changes that may affect the relevance of such information for the current audit. In recurring audits, experience gained in a previous audit contributes to a better understanding of the activities of the entity being audited.
In particular, audit procedures performed in previous audits typically provide audit evidence about the entity's organizational structure and controls, as well as information about past misstatements and whether they have been corrected in a timely manner. All of these assist the auditor in assessing the risks of material misstatement during the current audit. However, such information may become irrelevant to the ongoing audit due to changes in the entity's operations and environment. Therefore, the auditor should make appropriate inquiries and perform other appropriate audit procedures, including walkthroughs, to identify possible changes that could affect the relevance of such information.
12. The auditor also takes into account other information, if it is relevant for the current audit, in particular, that which was collected when deciding whether to enter into an agreement with the audited entity or continue cooperation with him, or information obtained from the experience of providing other audit services for of the entity being audited, in particular the review of interim financial information.
13. Members of the audit team should discuss the susceptibility of the financial (accounting) statements of the entity being audited to material misstatement.
14. The purpose of this discussion is for the members of the engagement team to achieve a greater understanding of the potential for material misstatement of the financial (accounting) statements, whether due to fraud or error, that may occur in certain areas that are the subject of their assignments, and to understand how the results audit procedures performed by members of the audit team may affect other aspects of the audit, including decisions about the nature, timing, and extent of further audit procedures.
(as amended by Decree of the Government of the Russian Federation of 01/27/2011 N 30)
16. The decision which member of the audit team to involve in the discussion of the susceptibility of the financial (accounting) statements of the entity being audited to material misstatement, how, where and in what form to conduct such a discussion, is the subject of professional judgment. The discussion usually involves key members of the audit team, since all members of the audit team do not need to have an exhaustive understanding of all aspects of the audit. The form of the discussion depends on the functions performed by the members of the audit team, their experience and information needs.
For example, in an audit that spans multiple auditees, there may be multiple discussions, each with leading members of the audit teams for each of the most important auditees.
When planning discussions, you should decide whether to invite experts included in the audit team to participate in them. The engagement partner may decide that it is necessary to include an expert with knowledge of information systems or some other skill in the discussion.
17. In accordance with the rule (standard) N 1, the auditor in the course of planning and conducting an audit must show professional skepticism. Discussions with members of the engagement team should emphasize the need to maintain professional skepticism throughout the engagement period so as not to miss information or other circumstances that indicate the possibility of material misstatement, whether due to fraud or error.
18. There may be other discussions that facilitate the exchange of information between members of the audit team regarding the susceptibility of the financial (accounting) statements of the entity being audited to material misstatement. The goal in this case is communication between members of the audit team and the exchange of information obtained during the audit, which can affect both the assessment of the risks of material misstatement due to fraud or error, and the audit procedures performed in relation to risks.
Understanding the activities of the audited entity and the environment,
in which it is carried out, including the system
internal control
19. The auditor's understanding of the activities of the entity being audited and the environment in which they are carried out is to understand the following issues:
sectoral, legal and other external factors affecting the activities of the audited entity, including the methods of accounting and preparation of financial (accounting) statements of the audited entity;
the nature of the entity's activities, including the selection and application of accounting policies;
the goals and strategic plans of the audited entity, associated risks of economic activity, indicating a possible material misstatement of the financial (accounting) statements;
main performance indicators of the audited entity and trends in their change;
internal control system.
Examples of problems that the auditor may consider in the process of familiarization with the activities of the entity being audited and the environment in which it is carried out are given in Appendix N 1. Elements of the internal control system are given in Appendix N 2.
20. The nature, timing and scope of risk assessment procedures to be performed depend on the scale and complexity of the entity's activities and the auditor's experience with the entity. In addition, identifying significant changes in any of these matters from prior periods is particularly important in order to achieve sufficient understanding of the entity's activities to identify and assess the risks of material misstatement.
21. The auditor should familiarize himself with the relevant industry, legal and other external factors affecting the activities of the entity being audited, including the methods of accounting and preparation of financial (accounting) statements. These factors include the following industry specifics:
a) competition in the industry;
b) relationships with suppliers and customers;
c) changes in production technology;
d) environmental requirements affecting the industry and the entity;
e) applied methods of accounting and preparation of financial (accounting) statements;
f) requirements of regulatory legal acts, including those regulating the scope of activities of the audited entity;
g) current general economic conditions.
22. The industry in which the entity operates may have specific risks of possible material misstatement related to the very nature of the business or its governing framework. In such cases, the audit team should include individuals with appropriate and sufficient knowledge and experience.
23. Regulatory legal acts establish the applicable methods of accounting and preparation of financial (accounting) statements, which the management of the audited entity must use when preparing financial (accounting) statements and by which the auditor is guided. At the same time, both the auditor and the audited entity must understand these methods.
24. The auditor should familiarize himself with the peculiarities of the activities of the entity being audited. Features of the activity of the audited entity are determined by the ongoing business operations, form of ownership and method of management, type financial investments which it implements and intends to implement, its structure and source of funding. Understanding the characteristics of the activities of the audited entity allows the auditor to understand the groups of the same type of transactions, account balances and disclosures in the financial (accounting) statements.
25. The audited entity may have a complex structure, including subsidiaries or geographically distant structural units, which complicates the process of consolidating financial (accounting) statements and may cause risks of material misstatement of information.
26. Understanding who the entity's owners are and what the relationships are between the owners and others is important in determining whether transactions with related parties are identified and properly accounted for.
27. The auditor needs to have knowledge of the entity selected and applied by the entity being audited. accounting policy, the auditor must also determine whether it is appropriate for the activities of the entity being audited and whether it is consistent with the methods of accounting and preparation of financial (accounting) statements. The knowledge required for the auditor to perform the audit engagement also includes knowledge of:
the ways the entity uses to account for complex or unusual transactions;
the consequences of accounting for business transactions in respect of which there is uncertainty or ambiguity due to the inconsistency of regulatory requirements or their absence;
changes in the accounting policy of the entity being audited.
The auditor should also identify cases where the audited entity first applies the requirements of new regulatory legal acts governing accounting. If there have been changes in the accounting policy of the audited entity, the auditor should consider the reasons for the changes, and also determine whether the changes are appropriate and whether they comply with the established methods of accounting and preparing financial (accounting) statements.
28. Financial (accounting) statements prepared in accordance with the applicable methods of accounting and preparation of financial (accounting) statements must include proper disclosure of material information. This information relates to the forms, presentation structure and content of the financial (accounting) statements, notes, including the terminology used, the level of detail, the classification of items in the statements and the basis for the figures presented. The auditor considers whether the entity has appropriately disclosed any issue in the light of the circumstances and facts of which the auditor has become aware at the time of the audit.
29. The auditor needs to have knowledge of the goals and strategic plans of the entity being audited and the related business risks that may lead to a material misstatement of the financial (accounting) statements. The activity of the audited entity is subject to the influence of industry, legal and other internal and external factors. Under the influence of these factors, the management of the audited entity or representatives of the owner determine the goals that can be prepared in the form of a general plan of action for the audited entity. Strategic plans include the approaches by which management intends to achieve its objectives. Business risks are the result of essential conditions, events, circumstances, actions or omissions that may adversely affect the ability of the entity to achieve its objectives and implement its strategies, or the result of the selection of inappropriate objectives and strategies. The activities of the audited entity also undergo changes under the influence of changes in the external environment and, accordingly, strategic plans and goals change over time.
30. Business risk is a broader concept than the risk of material misstatement of financial (accounting) statements. Business risk may arise as a result of any changes or difficulties encountered in the activity, at the same time, failure to recognize the need to make a change in the activity can also lead to risk. A change in activity may occur, in particular, as a result of the development of a new product that may not be successful, unpredictable market reactions even if a successful product is developed, and omissions that lead to liability and reputational risk.
The auditor's understanding of the risks of the audited entity's business activities increases the likelihood of identifying the risks of material misstatement of information in the financial (accounting) statements. However, it is not the responsibility of the auditor to identify and evaluate all business risks.
31. Most business risks are likely to have financial consequences and therefore impact on financial (accounting) statements, although not all business risks necessarily lead to risks of material misstatement. The risk of economic activity may result in the risk of material misstatement of the same type of transactions, account balances and cases of disclosure of information at the level of prerequisites for the preparation of financial (accounting) statements and financial (accounting) statements as a whole.
Business risk arising from a reduction in the number of customers resulting from industry mergers that have occurred may increase the risk of misstatement in the measurement of receivables. However, the same risk, combined with a decrease in demand (market needs), can lead to more serious consequences - the risk of business continuity of the entity being audited. The auditor's judgment about whether a business risk is likely to cause a material misstatement of the financial statements is based on the auditor's knowledge of the circumstances of the entity being audited. Examples of conditions and events that may indicate risks of material misstatement of information are given in Appendix No. 3.
32. The identification of business risks by the management of the audited entity and the development of approaches to eliminate them is part of the internal control system.
33. Small business auditees generally do not set long-term goals and do not
