Learning Objectives After studying this chapter, you should be able to:
Materiality provides a quantitative threshold or cut-off point, rather than being primary
qualitative characteristic, which information must have if it is to be useful. The auditor
establishes, materiality level based on his professional judgment so as quantitatively
misstatements.
When establishing overall audit strategy, the auditor shall determine materiality for the
financial statements as a whole. If, in the specific circumstances of an entity, there is no more
particular classes of transactions, account balances of disclosures for which material
misstatements of lesser amounts that the materiality for the financial statements as a whole
could be reasonably expected to influence the economic decisions of users taken on the basis
of the financial misstatements, the auditor shall also determine the materiality level (s) to be
applied to those particular classes of transactions, account balances or disclosures.
ACCOUNTING 14 1
PSA 320 “Materiality in Planning and Performing an Audit” establishes standards and deals
with the auditor’s responsibility to apply the concept of materiality in planning and
performing an audit of financial statements.
To reiterate the importance of the concept of materiality to audit, the definition of materiality
in accordance with the FRSC’s Framework for the Preparation and Presentation of
Financial Statements” follows:
This definition emphasizes the importance of materiality to reasonable users who rely on
the statements to make decisions. Auditors, therefore, must have knowledge of the likely
uses of their client’s statements and the decisions that are being made.
Levels of Materiality
First is the overall materiality (or materiality level for the financial statements as
a whole)
ACCOUNTING 14 2
Second is the specific materiality (or materiality level for particular classes of
transactions, account balances or disclosures)
The auditor considers materiality at both that overall financial statements level and in
relation to individual account balances, classes of transactions and disclosures.
Materiality may be influenced by considerations such as legal and regulatory
requirements ad consideration relating to individual financial statement account
balances and relationships. This process may result in different materiality levels
depending on the aspect of the financial statements being considered.
1. Overall materiality
2. Specific materiality
Performance Materiality
Performance Materiality is used by the auditor to reduce the risk to an appropriate low
level that the accumulation of uncorrected and unidentified misstatements exceeds
materiality for the financial statements as a whole (overall materiality), or materiality
levels established for particular classes of transactions, account balances, or disclosures
(specific materiality).
Performance materiality is set at a lower amount (or amounts) than overall specific
materiality. The objective is to perform more audit work than would be required by the
overall or a specific materiality to:
ACCOUNTING 14 3
Ensure that misstatements less than overall specific materiality are detected, so as
appropriately reduce the probability that the aggregate of uncorrected errors and
undetected misstatements exceed materiality for the financial statements as a
whole; and thus
Provide a margin or buffer for possible undetected misstatements. This buffer is
between detected but uncorrected misstatements in the aggregate and the overall
or specific materiality.
The margin provides some assurance for the auditor that undetected misstatements, along
with all uncorrected misstatements, will not likely accumulate to reach an amount that
would cause the financial statements to be materially misstated.
For example, if overall materiality was set at P200,000 and the audit procedures were
planned to detect all errors in excess of P200,000, it is quite possible that an error of say
P80,000 would go undetected. If there such errors existed totaling to P240,000, the
financial statements would be materially misstated. If performance materiality was set at
P120, 000, it would be much more likely that at least one or all of the P80,000 errors
would be detected. Even if only one of the three errors is identified and corrected, the
remaining P160, 000 misstatement would still be less than P20,000 and the financial
statements as a whole would not be materially misstated.
ACCOUNTING 14 4
these instances, amount of planning materiality based on the users expectations of income
or alter those working on the engagement to the potential for these types of material
misstatement.
Revenues or
expenditures – 1% to
3%
Assets – 1% to 3%
Equity – 3% to 5%
Other Considerations
When accepting new audit engagement, inquire about the overall materiality used
by the previous auditor. If available, this would help in determining whether
further audit procedures may be required on the opening asset and liability
balances.
Ensure that any experts employed by the entity (to assist the entity in preparing
the financial statements) or used by the audit team are instructed to use an
appropriate materiality level in relation to the work they perform.
ACCOUNTING 14 5
When planning the audit, the auditor considers what would make the financial statements
materially misstated. The auditor’s assessment of materiality, related to specific account
balances and classes of transactions, helps the auditor decide such questions as what
items to examine and whether to use sampling and analytical procedures. This enables the
auditor to select audit procedures that, in combination, can be expected to reduce audit
risk to an acceptably low level.
There is an inverse relationship between materiality and the level of audit risk, that is, the
higher the materiality level, the lower the audit risk and vice versa. The auditor takes the
inverse relationship between materiality and audit risk into account when determining the
nature, timing and extent of audit procedures, the auditor determines that the acceptable
materiality level is lower, audit risk is increased. The auditor would compensate for this
by either:
(a) reducing the assessed low level of control risk, where this is possible, and
supporting the reduced level by carrying out extended or additional tests of
control: or
(b) reducing detection risk by modifying the nature, timing and extent of planned
substantive procedures.
Materiality Assessment
The main users of the financial statement are the bank and the shareholders. The materiality
number used in the last period was P80, 000.
Using our professional judgment, we decided to base our materiality on 5% of the profit
before tax. Other bases of materiality, such as revenues, were also considered but it was felt
that profit before tax was the most meaningful amount in relation to the identified financial
statement users.
For this period, the pan is to use P100, 000 as the overall materiality. The concept of
materiality and its use in the audit has been discussed I general two terms with the client.
Using professional judgment, and the types of misstatements identified in previous audits,
overall performance materiality has been set at P75, 000.
A specific materiality for the local sales taxes paid has been set at P10,000 as we are required
to audit and report on his amount to the local government.
ACCOUNTING 14 6
SEC Requirements Relative to Materiality (Amended SRC Rule 68)
Group A
(1) Issuers of registered securities which have sold a class of securities pursuant to s
registration under Section 12 of the Securities Regulation Code (SRC) except those
issuers of registered timeshares proprietary and non-proprietary membership
certificates which are covered in Group B;
(3) Public companies or those which have total assets of at least Fifty million pesos
(P50, 000, 000.00) or such other amount as the Commission shall prescribe, and
having two hundred (200) or more holders each holding at least One hundred (100)
shares of a class of its equity securities.
Group B
ACCOUNTING 14 7
(5) Government Securities Eligible Dealers (GSEDs);
(10) Special Purpose Vehicles registered under the Special Purpose Vehicle Act of
2002 and it’s implementing rules;
(11) Special Purpose Corporations registered under the Securitization Act of 2004
and its implementing rules;
(12) Such other corporations which may be required by law to be supervised by the
Commission.
Group C
(4) Foundations and other non-stock non-profit organizations which solicit or receive
donations or contributions or with fund balance aggregating to more than P10
million at any given year; and
(5) Large corporations or those with total assets of more than P350 million or total
liabilities of more than P250 million.
Group D
(1) Companies not included above but are mandated by other regulatory agencies to
have an independent auditor accredited by the Commission.
For Groups A and B, both the independent auditor and auditing firms (if applicable)
shall be accredited by the Commission.
For Group C, the accreditation of the auditing firms shall be sufficient. However, an
individual independent auditor shall be accredited by the Commission as such.
Accreditation under Group A shall be considered a general accreditation which shall
allow the independent auditor to also audit companies under Group B, C and D.
ACCOUNTING 14 8
Independent auditors with Group B accreditation can likewise audit companies
under Groups C and D. Accordingly, Group C accredited independent auditors are
allowed to audit Group D companies.
PSA 315 requires a discussion among the engagement team members and a determination
by the engagement by the engagement partner of which matters are to be communicated to
those team members not involved in the discussion. This discussion shall place particular
emphasis on how and where the entity’s financial statements may be susceptible to material
misstatement due to fraud, including how fraud might occur. The discussion shall occur
setting aside belief’s that the engagement team members may have that management and
those charged with governance are honest and have integrity.
The auditor shall include the following in the audit documentation of the auditor’s
understanding of the entity and its environment and the assessment of the risks of material
misstatement:
(a) The significant decisions reached during the discussion among the engagement team
regarding the susceptibility of the entity’s financial statements to material misstatement
due to fraud: and
(b) The identified and assessed risks of material due to fraud at the financial statement
level and at the assertion level.
The engagement partner and other key engagement team members shall discuss the
susceptibility of the entity’s financial statements to material misstatement, and the
application of the applicable financial reporting framework to the entity’s facts and
circumstances. The engagement partner shall determine which mattes are to be
communicated to engagement team members not involved in the discussion.
ACCOUNTING 14 9
Known Risk Factors
Experience from previous audit engagements.
Significant business risk factors.
Opportunity for fraud to be perpetrated.
Key Areas to Purpose: To brainstorm ideas and possible audit
Address approaches
Brainstorm Potential for Errors and Fraud
Which financial statement areas may be susceptible to material
misstatement (fraud and error)? This step is a requirement on all
audits.
How could management perpetrate and conceal fraudulent financial
reporting? It may be helpful to develop various fraud scenarios or,
where possible, use the services of a forensic accountant. Consider
journal entries, management bias in estimates/provisions, changes in
accounting policies, etc.
How could assets be misappropriated or misused for personal
purposes?
Are there non-selfish incentives (such as to maintain a funding
source for a not-for-profit entity) to manipulate the financial
statements?
Response to Risks
What possible audit procedures/approaches might be considered to
respond to the risks identified above?
Consider whether an element of unpredictability will be incorporated
into the nature, timing and extent of the audit procedures to be
performed.
Key Areas to Purpose: To Provide direction
Address
Audit Planning Specific Areas to Address
Ensure that the specific requirements of all PSAs relevant to the
audit are appropriately addressed in the audit plan. PSAs that include
specific procedures to be performed include:
PSA 240 The Auditor’s Responsibilities Relating to Fraud in an
Audit of Financial Statements
PSA 402 Audit Considerations Relating to an Entity Using a
Service Organization
PSA 540 Auditing Accounting Estimates, Including Fair Value
Accounting Estimates, and Related Disclosures.
PSA 550 Related Parties
PSA 600 Audits of Group Financial Statements (Including the
Work of Component Auditors)
ACCOUNTING 14 10
expectations.
Stress the importance of maintaining professional skepticism the
audit.
Agenda
This stage involves the identification and assessment of the risk of material misstatements
whether due to fraud or error at the financial statement and assertion levels, through
understanding the entity and its environment, including the entity’s internal control, thereby
providing a basis for designing and implementing responses to the assessed risks of material
misstatement.
The following are the activities involve in the performance of risk assessment procedures:
A. Identification of Inherent Risks (Business and Fraud Risks) and Significant Risks
B. Understanding the Design /Implementation of Relevant Internal Controls
ACCOUNTING 14 11
C. Concluding the Risk Assessment Phase
Identification of Inherent Risk (Business and Fraud Risks) and Significant Risks
The starting point is to obtain a basic understanding or frame of reference for designing
the risk assessment procedures to be performed. The auditor will use a variety tools to
understand the client’s business and its business risk. The auditor will obtain (or update)
the document relevant basic information about the entity, its objectives, culture,
operations, key personnel and the internal organization and control.
Risk assessment procedures are performed so that (1) the sources of risks of materials
misstatement are identified; (2) as appropriate understanding of entity is obtained and (3)
the necessary supporting audit evidence is obtained.
Inquires of management can help identify and manage risk factors (particularly fraud).
Also discussions, among the audit team regarding the susceptibility if the entity’s
financial statements of material misstatement caused by error or fraud.
For each risk factor identified, identify the specific misstatements that could occur in the
financial statements as a result effect or persuasive risks help in assessing risks at the
financial statement level.
Relate the risks identified to the specific financial statement areas disclosures and
assertions affected.
ACCOUNTING 14 12
Client: XYZ Company
Business Risks
Implication of the
Risk Event/Sources Risk Factor to FS Assertions
Fraud Risks
Implication of the
Risk Event/Sources Risk Factor to FS Assertions
Pressures
1. Minimize tax burden a. Management bias in CAV
estimates (such as valuation
of inventory to reduce income.
b. Unauthorized journal entries P
or manipulation of financial
statements.
2. Bonus to salesman Inflated sales to meet threshold. E
based on sales above
certain thresholds
3. Giving bribes to Damage to reputation, CAE
facilitate service or to overstatement of expenses,
obtain contracts unaccrued fines.
4. Rapid growth putting Financial statement manipulation P
pressure on financing to avoid violation of bank covenant.
Opportunities
PAS 315.12 requires that the auditor shall obtain an understanding of internal control relevant to
the audit. Although most controls relevant to the audit are likely to relate to financial reporting,
not all controls that relate to financial reporting are relevant to the audit. It is a matter of the
auditor’s professional judgment whether a control, individually or in combination with others is
relevant to the audit.
A. Control Environment
(a) Management with the oversight of those charged with governance, has created
and maintain a culture of honesty and ethical behavior; and
(b) The strengths in the control environment elements collectively provide an
appropriate foundation for the other components of internal control, and whether
those other components are not undermined by deficiencies in the control
environment.
B Risk Assessment
The auditor shall obtain an understanding of whether the entity has a process for:
C. Information System
The auditor shall obtain an understanding of the information system, including the related
business processes, relevant to financial reporting, including the following areas:
(a) The classes of transactions in the entity’s operations that are significant to the
financial statements;
ACCOUNTING 14 14
(b) The procedures, within both information technology (IT) and manual systems, by
which those transactions are initiated, recorded, processed, corrected as necessary,
transferred to the general ledger and reported in the financial statements;
(c) The related accounting records, supporting information and specific accounts in the
financial statements that are used to initiate, record, process and report transactions: this
includes the correction of incorrect information and how information is transferred to the
general ledger. The records may be either manual or electronic form;
(d) How the information system captures events and conditions, other than transactions,
that are significant to the financial statements;
(e) The financial reporting process used to prepare the entity’s financial statement,
including significant accounting estimates and disclosures; and
(f) Controls surrounding journal entries, including non-standard journal entries used to
record non-recurring, unusual transactions or adjustments.
D. Control Activities
The auditor shall obtain an understanding of control activities relevant to the audit, being
those the auditor judge, it necessary to understand in order to assess the risks of material
misstatement at the assertion level and design further audit procedures responsive to
assessed risks. An audit does not require an understanding of all the control activities
related to each significant class of transactions, account balance, and disclosure in the
financial statements or to every assertion relevant to them.
In understanding the entity’s control activities, the auditor shall obtain an understanding
of how the entity has responded to risks arising from IT.
E. Monitoring
The auditor shall obtain an understanding of the major activities that the entity uses to
monitor internal control over financial reporting, including those related to those control
activities relevant to the audit, and how the entity initiates remedial actions ,to
deficiencies in its controls.
The four steps in evaluating control design and implementation are shown in Figure 3.3
ACCOUNTING 14 15
1. Risk Identification
What risks, if not mitigated by
internal controls, could result in
material misstatements in the
financial statements?
No Report significant
deficiencies in control to
manage and those charged
Yes
with governance
This is the first and most important steps in evaluating internal control. This requires
identification of the risks which need to be mitigated by internal control. The
question this step seeks to find answer to is:
The risk could be identified as a result of obtaining understanding of the entity with
persuasive risk factors and the used transactional risk factors associated with
business procedures such as sales purchasing and payroll. Examples are:
ACCOUNTING 14 16
1. Risk 1 No emphasis is placed on need for integrity and ethical values:
This step involves inquiry about controls and evaluation of controls that
management has put in place to address the risks that have been identified in Step 1
above.
In relation to the three risks identified in Step 1, the following possible controls may
be inquired about and evaluated.
Possible Controls
Possible Controls
Risk 3 Management has a poor attitude toward internal control and/or managing business
risk.
ACCOUNTING 14 17
Possible Controls
The third step is to determine whether the controls exist and are in use by the entity
through inquiry and testing.
If this question is answered yes, the auditor then proceeds to Step 4. Where the
auditor documents the result and conclusions reached.
If the question is answered no, the auditor then reports significant deficiencies in
control to manage and those charged with governance. The auditor then documents
the results and conclusion reached.
If the auditor determines, through inquiry and testing, that the company has strong
risk management and control processes in place, the auditor may be able to focus the
audit program on testing internal controls and developing corroborative evidence
based on more limited direct tests of account balances. On the other hand, if the
company does not have an effective risk management process in place, the auditor
will identify areas where account balances are more likely to be misstated and
concrete direct tests of account balances in those areas.
Based on the foregoing, the auditor develops expectations and makes an assessment
of the risk that a particular account balance may be misstated. If the auditor has a
sound basis to believe the risk of misstatements low, the auditor may be able to gain
satisfaction regarding the account balance without directly testing it. Other
techniques, such as using substantive analytical procedures or analyzing the quality
of the control system, may yield persuasive evidence about the correctness of an
account balance. This is not meant to imply that an auditor can perform a complete
audit without ever directly testing some account balances; it means that the amount
of testing can be minimized if risks are adequately addressed. However, if there is a
big risk that an account balance may be misstated, the auditor should direct more
attention to the audit of that account
ACCOUNTING 14 18
Illustrative Document of Control Deficiencies and Impact on Audit Response
Example 1
Example 2
Example 3
ACCOUNTING 14 19
preparation of estimates.
Practical Pointers
The auditor’s testing of the internal audit work can be limited but should be sufficient to
formulate an opinion on whether internal audit’s conclusions are supported by
independent evidence on the operation of controls.
To obtain evidence about whether a control is effective, the auditor must directly test
control. The auditor cannot inter the effectiveness of a control from the absence of
misstatements in the financial statements.
The external auditor must perform enough work to make an independent decision about
the quality of the client’s internal controls.
The more material the account is, the more evidence about internal controls should be
gathered independently by the external auditor.
Auditors are required to asses control risk for each relevant assertion and for important
classes of transactions and account balances as a basis for planning the audit.
Not all controls need to be tested. Further, controls for all assertions need not be tested if
the auditor believes that a misstatement related to a particular assertion would not be
material.
Once the significant accounts and their relevant assertions, as well the process related to
those accounts, have been identified, the auditor determines the important controls, such
as those shown in the immediately preceding table, that need to be tested. The nature of
the testing will vary with the nature of the process, the materiality of the account balance,
and the control.
From the audit risk model-we know that companies with strong internal controls should
require less substantive testing of account balances. We also know that greater
computerization of processes increases the likelihood of consistent processing throughout the
year. The fundamental questions that the auditor must address to determine the optimal
amount of audit work are as follows:
ACCOUNTING 14 20
1. How much assurance can be obtained regarding audit risk when internal control is
present and working?
2. If control activities within major processes are working properly throughout the year,
what is the residual risk that remains an account balance can still be misstated?
3. What is the risk that the auditor’s evaluation of internal controls might be incorrect?
4. Which account balances contain more than an acceptable amount of risk that a material
misstatement could occur?
5. How would a misstatement in a material account balance most likely occur?
6. What are the most effective substantive tests of account balances to determine whether
there is a misstatement in the account balance
The auditor must answer these six important questions to plan an effective integrated audit.
There is no one right answer-all of the questions are interrelated. For example, the residual risk
of a material misstatement is dependent on the joint answer to the first three questions. The
remaining three questions address the identification of accounts that might be misstated, how a
misstatement could occur, and how the auditor would most effectively determine if a
misstatement did occur.
ACCOUNTING 14 21