Anda di halaman 1dari 9

Audit Planning Memorandum

Client Name:

(insert name of company)

Reporting Date: (insert date)


Audit planning memorandum

The purposes of the audit plan are, first, to contribute to the effectiveness of the audit and, second, to
contribute to the audit efficiency. This memorandum should be completed and approved as part of initial
audit planning. In completing this document, there may be occasions when matters already documented
in other work papers are relevant. There is no need to re-write such material if a specific reference can
be made.
This memorandum is structured so that planning documentation common to all engagements is
presented. All items should be read and considered on every engagement. When a section is not
applicable, indicate "N/A" with a brief explanation why it is not applicable.
The planning memorandum is divided into three sections:
1. Administration and job set up;
2. Risk assessment; and
3. Approach
The Understanding the Business of the Entity should be used as the starting point for engagement planning.

Engagement Objective:


A. Initial Client Contact
1. Planning Conference with Management
A meeting with Company management should be held to discuss objectives, etc. A typical agenda for the
initial meeting may include the following:

Identification of high risk areas;

Discussion of clients concerns (e.g. recurring problems, unreasonable policies and


Identification of significant disclosures (e.g. related party transactions);

Identification of changes since last audit (e.g. system, operations, personnel);

Agreement of functions and related management control objectives to be tested;

Discussion of client's participation;

Explanation of the audit approach;

Identification of possible efficiencies and cost savings;

Timing of the review (including submission of draft report and anticipated date of closing

Management in attendance

Audit personnel in attendance

B. Audit Team and Specialist Assistance

Ensure that the audit team is appropriately leveraged in terms of experience given the relative complexity
of the audit. Consider the following:

Team skills and availability

The need for Information Technology (IT) auditor or other specialist assistance

Whether independent reviewer is needed (e.g., because client is designated for Close

1. Audit Team Composition



2. IT Auditor or Specialist Assistance

Any work requiring IT specialty knowledge or other specialist assistance should be coordinated with the
appropriate experts in the planning phase of the engagement to ensure such work is adequately done to
meet the auditors objectives. List below areas where an expert is needed for the engagement.

C. Audit Time Table

Key Milestones
Opening Conference
Exit Conference
Management Response
Report Draft


Issuance of Final Report


A. Risk Indicators
The Understanding the Business of the Entity and the opening meeting held with management should
provide a basis for the risk assessment process. In evaluating the risk level of the engagement, the
following items should also be considered:
1. Regulatory Requirements
Statutory and regulatory requirements impacting the engagement need to be considered and assessed in
terms of their relevance to the engagement. Consideration should also be given to the potential
consequences of non-compliance with statutory and/or regulatory requirements and our role in detecting
such non-compliance. Our work should be planned to address this risk.

2. Prior Audits
a. Previous Audit History
Prior audit date:
Key Issues Raised:

b. Follow-Up on Previous Audit Concerns

Review previous reports, management responses, exceptions noted last audit period, pre-audit file
comments, etc. List items that require follow-up or special attention during the current audit (eg.
recommendations not implemented).
Matters for Follow-Up

Working Paper Reference

3. Extent of Change
Document any significant current events, issues and considerations and how such conditions will impact
the overall audit approach (restructuring, new products, changes in operations, management, changes in
compliance requirements and other regulations, environment, etc.). Consider management's position on
operational change as well as other prior events and issues which have carry over impact on the current
audit engagement.

4. Audit or Accounting Issues

Consider the following:

New or changed accounting standards / PFRS

Scope of audit

Financial statement preparation

Other issues


5. Risk of Fraud
Consider whether there is a high risk of fraud, including:

Fraud risk factors, e.g., misappropriation of assets; fraudulent financial reporting

Matters arising from preliminary analytical review

Discussion with client officials

Overall programs and controls that address or mitigate fraud risks

Responses to fraud risks identified


6. Other Factors
Consider the impact of other factors, e.g. reliance on work of internal auditors.

B. Significant Risks and Overall Risk Assessment

1. Significant Risks
Based on the risk assessment procedures, identify the entitys significant risks and the auditors response
to those risks. Consider the nature, timing and extent of procedures to be performed.
The following table summarizes the results of risk assessment and the planned response:
Significant Risks

Audit Response

2. Risk Assessment (High, Medium or Low) - Overall Conclusion


If the risk level, assessed as a result of the planning phase, differs from the risk indicated on the
Understanding the Business of the Entity, the reasons for the change should be documented.

Once determined, the detailed work to be performed should be documented in the standard work
program format. In determining the approach to the audit, the following issues should be considered:

A. Scope of the Work to be Performed

a. Determine the specific functions to be reviewed. For business process reviews, it may not be
necessary to flowchart and process map all functions in the audit area. Select those functions that
are critical to the business unit achieving its objectives. Where processes are cross-functional, define
the extent of work to be performed in other business units.
b. For business units with more than one geographi need to be made to complete testing outside (main
location). c location, determine (and justify) where the audit work is to be performed and what

Where the engagement involves detailed transaction testing, a statistically based sampling approach
should generally be used. The justification for the sampling method and parameters selected should
be documented in the appropriate sampling approach memo.


B. Materiality and Tolerable Error

Document the levels of planning materiality and tolerable error, including their basis for determination.

C. Preliminary Analytical Procedures

Consider comparing information for prior periods with anticipated results of the entity which include
budgets, forecasts or auditors expectations of the entitys financial position and performance.

D. Internal Control Evaluation

Document our understanding of the entitys internal control to assist in risk evaluation and/or prepare an
outline of desirable control techniques compared to those in place to reduce risk of error or other
inaccuracies related to the accomplishment of management control objectives under audit.
The degree of testing of such controls and techniques is based on auditors judgment depending on risk.
Summarize below the internal control evaluation approach to be used for this audit area:

E. Client Assistance
Describe below the nature of any significant assistance that may be provided by client's staff and the
effect on the audit work to be performed. Attach request list if applicable.
Assistance from Client

Effect on Audit Work

Prepared by:

Insert Position Title


Insert Position Title


Reviewed by:

Approved by:

Engagement Partner