Pratice of Auditing

‘International Statements on Auditing should be much more prescriptive about how an audit is carried out.’

“…As a result of legislation, there is a tendency to think that all audit firms produce the same audit. But this is not a homogenous product..,” (Williams 2006). The scope of work and time requirements of an audit vary between companies; factors include the auditors experience and knowledge to make appropriate judgements based on the evidence gathered and tested. The time requirements are influenced by the size and complexity of the audit being undertaken. The following essay will highlight the use of auditors’ judgement, risks involved and the impact of making the standards more prescriptive, to both parties.

The two approaches used by auditors are systems based and substantive auditing. Both are equally important, however their uses vary according to clients. Systems based auditing involves testing systems and internal controls of a company, whereas substantive auditing involves auditors carrying out independent investigations, obtaining written evidence/confirmation, for verification of the figures (Dassen and Wallage, 2005). If the audit process was made more prescriptive, auditors would have to use both approaches even when unsuitable. Auditors currently at their own discretion evaluate the best cost effective approach by taking into account factors such as strict deadlines. Standardising would restrict these decisions and furthermore, increase unnecessary work loads resulting in a waste of resources and opportunity costs.

Auditors use the ISA audit risk model to assess the level of materiality within the company thus aiding them to decide the level of testing required (Easter, 2006). The higher the risks the more work required and the lower the materiality expected. These risks lead to auditors making wrong judgements thus making wrong conclusions. By using this model, auditors can prevent this risk. The model supports the notion audit work should be targeted and selective thus leading to more cost effective audits being carried out. However, if standardised, this model would be eradicated and auditors would have to follow one set of guidelines therefore preventing the risks from being detected. The audit risk model entails inherent, control and detection risks. ISA 420 states, “Auditors should collect, analyse, interpret and document information to support audit results” (ISA 1998). Inherent risk involves auditors understanding the client’s business and the industry in which it operates. This entails studying relationships amongst financial and non-financial information and the effect on transactions (ISA 1998). These analytical procedures enable auditors to identify any unexpected discrepancies or potential legal irregularities. Furthermore, auditors assess each client on an individual basis to obtain sufficient, relevant, competent and useful evidence to aid them in making correct judgements (Gray and Manson, 2006); hence auditors cannot rely on a standard framework and strategy. Control risk involves evaluating the clients control system, not necessarily testing the controls; assesses management’s attitude towards control and how well the system was operated during the period, prior to the audit. Auditors are more concerned with detection risk, therefore, their work and judgement determines what audit risk they run (Easter, 2006).

Detection risk involves the type, level and direction of testing to be carried out (Gray and Manson, 2005). If the levels of testing were standardised, auditors would have to look at large number of material transactions and prove that they have been tested, whereas under the current framework, it is based on the auditor’s judgement. If a client is well controlled and auditors have confidence in their systems (perhaps due to prior experience) then why would they have to test more? Audit firms have their own policies and mathematical approaches to identify the amount of testing to be carried out (Easter, 2006). This would do away with their professional judgement;