An outline of an audit engagement and resources to support your technical needs
The below summarizes some of the essential aspects of an audit engagement, along with relevant examples of key inspection findings related to the application of auditing and accounting standards, as identified by the Accounting and Financial Reporting Council (AFRC) in their inspection reports. It also highlights technical resources offered by the HKICPA and other professional bodies that correspond to the AFRC inspection findings. Auditors are strongly encouraged to thoroughly study the AFRC's inspection findings and make use of relevant resources such as those provided in this document to deepen their knowledge and understanding of pertinent topics, in order to mitigate any possible deficiencies and ensure that their professional activities are carried out appropriately and in accordance with relevant requirements.
This page does not encompass all areas related to an audit engagement or financial reporting requirements. Auditors should ensure their professional activities are carried out in accordance with applicable standards and requirements. Apparent failures by practices to comply with relevant regulatory and professional requirements are liable to be enquired into by the AFRC and disciplinary action may result.
Watch now: AFRC Connect
The "AFRC Connect" video series aims to uphold audit quality and develop the accounting profession.
In the debut episode, "How Important is Audit Risk Assessment?", real cases are used to demonstrate how audit planning and risk assessment affect audit quality at different stages and provide practical insights and technical reminders in an easy-to-understand manner.
Ethics
⚠ Examples of AFRC Inspection Findings
💻 Resources and Support
Lack of evaluation of whether the provision of non-assurance services (NAS) will give rise to independence threats or even prohibited under the Code of Ethics for Professional Accountants (Code)
A general lack of policies and procedure for evaluating long associations
Partner rotation
Identification and evaluation of firm's relationships with audit clients and their related entities
Established risk assessment process, policies and procedures based on the HKICPA Quality Management Manual with only limited modifications; did not properly identify all the quality risks specific to their firms or were unable to explain why certain quality risks were relevant to them and how their policies and procedures could address those risks
Firms' policies and procedures not customized to address the specific quality risks associated with their circumstances
Insufficient assessment or procedures for client and engagement acceptance or continuance
Lack of thorough assessment in evaluating the complexity and risk profile of prospective PIE engagements before accepting them
Audit fees were agreed at levels that were not commensurate with resources generally required for delivering audit quality
Engagement partners' lack of sufficient experience in leading complex and high-risk PIE audits
Not adequately monitoring partner workloads
Not appropriately direct, supervise and review the work of engagement teams
Lack of root cause analysis or remediation plan for identified deficiencies
Insufficient internal trainings and monitoring of staff's external trainings
Lack of controls over personal confirmations of independence
Insufficient controls to prevent damage and unauthorized alternation to assembled engagement documentation
Lack of guidelines or ineffective audit approach, particular for high risk areas
Lack awareness of the fundamental requirement to obtain audit evidence regarding the accuracy and completeness of information produced by audit clients before placing reliance on them
Not considering examining relevant external evidence but relied solely on checking the sales invoices or client-provided monthly statements without verifying the underlying information
Insufficient challenge of key assumptions adopted by management
Insufficient challenge or over-reliance on management representations or information provided by the entity without adequately evaluating the reliability and relevance of the information used by management
Did not perform basic audit procedures such as obtaining bank confirmations but simply issued modified audit opinions to circumvent proper audit procedures
Lack of evaluation and consideration of all available and/or contradictory evidence
Insufficient challenge of the business rationale for unusual transactions and the associated risk of fraud
Failure to test the completeness of the population from which audit samples were selected
Selected only the last five sales invoices before the year-end and the first five after for the sales cut-off test, without a sufficiently justified basis for this limited sample
Placing inappropriate reliance on the results of other audit procedures and reducing the extent of tests of details
Not properly verifying the authenticity of the confirming parties or ensuring appropriate controls over the entire confirmation process
Not critically evaluating whether the confirming parties were the ones who returned the confirmations by e-mail or fax
Failure to verify whether the respondents were authorized to respond to the confirmation requests
Not performing alternative procedures where there were no responses to the confirmation requests
* These guides pre-date ISQMs/HKSQMs, ISA/HKSA 540 (Revised), ISA/HKSA 315 (Revised 2019) and ISA/HKSA 600 (Revised).
Journal Entry (JE) Testing
⚠ Examples of AFRC Inspection Findings
💻 Resources and Support
Insufficient evaluation of the appropriateness, completeness and accuracy of consolidation adjustments and reclassifications, and whether they reflect any fraud risk factors or management bias
Failure to make use of the understanding of the entity's financial reporting process to identify the types of JE for testing
Failure to evaluate the completeness of the JE population subject to test
Failure to identify or test JE with fraudulent characteristics, such as unauthorized or unusual transactions or unusual account combinations
Failure to evaluate the appropriateness of applying a monetary threshold to select JE
Insufficient documentation of the details of the selected JE and the audit work performed
Failure to evaluate the appropriateness of consolidation adjustments from previous year
Not obtaining sufficient appropriate audit evidence on the existence and valuation of significant assets in the opening balance
Failure to evaluate whether opening balances contain a misstatement that could materially affect the current period, where the outgoing auditor expressed a disclaimer
Failure to critically evaluate the feasibility and outcome of management's plan for future action in relation to the going concern assessment
Failure to evaluate management's judgement on the entity's ongoing financial covenants compliance despite breach indicators during the forecast period
Failure to critically consider what events or conditions might cast significant doubt on the entity's ability to continue as a going concern and obtain sufficient appropriate audit evidence
Insufficient evaluation of the adequacy of the disclosures on events or conditions which may cast significant doubt on the entity's ability to continue as a going concern and management's mitigating plan
Failure to establish an adequate basis for a disclaimer of opinion
Not properly evaluating the objectivity of the appointed valuation expert
Not evaluating and performing additional procedures to address the caveats made by the auditor's expert and consequently placing undue reliance on their work
Not having an agreement with the auditor's expert on the scope of work and the specific procedures to be performed
Not having internal firm policies or guidance on the extent of documentation of the expert's work
Not adequately evaluating the appropriateness of the market comparables selected by the auditor's experts
Simply checking the accuracy of input data used by the auditor's expert, without evaluating whether the data was relevant, complete and accurate
Evaluating the Application of Accounting Standards
This session highlights some of the issues on the application of accounting standards on revenue recognition and expected credit losses identified by the AFRC in their inspection reports. It also summarizes the Institute's pertinent technical support concerning these topics. Auditors should thoroughly evaluate the application of all accounting standards that are relevant to the financial statements being audited.
Revenue Recognition
⚠ Examples of AFRC Inspection Findings
💻 Resources and Support
Limited understanding of clients' revenue recognition process
Not adequately evaluate the potential risks associated with revenue or profit manipulation across different financial years (cut-off risk)
Insufficient evaluation of management's accounting for the performance obligations promised in contracts
Failure to critically evaluate management's assessment of whether the entity was acting as a principal or an agent
Insufficient understanding and evaluation of contract terms and conditions, including those related to variable consideration
Insufficient evaluation of the appropriateness of management's determination as to when the control of goods or services was transferred to customers and the method used by management in measuring the progress towards complete satisfaction of a performance obligation to recognize revenue
Failure to test the reliability of information prepared by management for ECL assessment
Poor or no evaluation of management's assessment of the reliability of financial guarantees or valuations of pledged assets
Insufficient procedures for verifying the accuracy and completeness of historical repayment records provided by management
A lack of evaluation of management's assessment of changes in credit risk for a financial asset since initial recognition
Insufficient evaluation of the appropriateness of the probability of default
Lack of evaluation of management's rebuttal of the presumption that default would occur when a financial asset was 90 days past due and whether management's use of more lagging default criterion is reasonable and supportable
Failure to challenge management on the correlation between selected macroeconomic factors such as GDP and the entity's historical default rate in evaluating the appropriateness of a forward-looking adjustment
Failure to establish an adequate basis for a disclaimer of opinion
Not performing all the audit procedures described in the auditor's report to address Key Audit Matters (KAMs)
Not sufficiently documenting the determination of KAMs, including the rationale for matters requiring significant auditor attention and which of those matters are of most significance in the audit and therefore are KAMs
Insufficient description of how that KAM was addressed
^ The Institute has become a corporate member of ICAEW's Audit and Assurance Faculty. This allows our members to continue accessing the full range of online audit and assurance resources available to ICAEW members.
Please contact Member Engagement Department at me@hkicpa.org.hk / 2287 7285 for subscription of the ICAEW online audit and assurance resources. Kindly note that enrolments will be processed on a first-come, first-served basis, and your name and email address will be shared with ICAEW for communication purposes.
Looking for more courses? Visit the event list and e-Learning Course website. Download the HKICPA Events app (iOS / Android) for our full range of events and digital programmes and enrol anytime, anywhere.
