AN OVERVIEW OF THE AUDIT PROCESS

Client & Engagement Acceptance and Continuance

Preliminary Audit Planning

Esta11
Establish Scope & Terms Perform Strategic Audit Planning

Understand the Entity and Its Environment

Understanding the Entity (Internal Understanding the Entity’s Internal
and External Environment) Control

Initial Assessment of Risk

Plan the Engagement

Perform the Engagement Plan – Test Perform the Engagement Plan –

Operating Effectiveness Internal Controls Substantive Tests

Conclude on the Engagement

Communicate and Report

`
The audit process in workflow bubbles Page 1 of 11
 I. CLIENT AND ENGAGEMENT ACCEPTANCE AND CONTINUANCE

Continuing New Client

Client

Identify
Changes
from Prior
Year (a)
Evaluate Client
Risk (e)
Perform
Background
Checks (b)

Evaluate Engagement
Risk (f)

Assess Conflicts of
Interest (c)

Client and Engagement

Assess Auditor’s Acceptance/
Independence (d) Continuance Decision (g)

The audit process in workflow bubbles Page 2 of 11

 II. PRELIMINARY AUDIT PLANING –
Establish Scope and Terms of Engagement and Perform Strategic Audit Planning

Determine high-level Select Engagement Team;

engagement Identify Required
management/resources Resources/Specialist (e)
plan (a)

Establish preliminary (high-level)

Agree Engagement Terms resourcing and timing needs
(DTT and Client) (b) based on risks, scope, or other
matters (f)

Confirm/Assess any
changes in scope (c)
Coordinate with client for
resources, contacts, or
internal audit (g)

Obtain Engagement
Letter (d)

Document Strategic
Audit Planning (h)

The audit process in workflow bubbles Page 3 of 11

 III. UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT

Communicate strategic
audit plan with other
engagement team
members (a)

Understand Entity’s Internal and External Environment: (b)

Existing: Understand Entity’s Business (including organizational structure),

Operating Environment (Industry, Regulatory), Accounting Policies (upfront
accounting critique), Accounting Process (understanding flow of transactions),
Computer Processing Environment (GCC), Corporate Governance Structure

ISA 315: Understand Nature of Entity; Objectives and Strategies and Related
Business Risks; Measurement and Review of Entity’s Financial Performance;
and Industry, Regulatory and Applicable Financial Reporting Framework

Determine Evaluate Going Perform Preliminary Understand Fraud

Materiality (c) Concern (d) Analytical Review (e) Risk Factors (f)

Re-evaluate Engagement Risk

(g)

The audit process in workflow bubbles Page 4 of 11

 IV. UNDERSTANDING THE ENTITY’S INTERNAL CONTROL

Evaluate Design and Implementation of internal control (b)

(Including testing of IC at point of time)

Control Risk
Information & Assessment (a)
Environment
Communication (a)
(a)
Control
Activities (a) Monitoring
(a)

Link control activities and objectives

Identify Control Identify control activities (d)
objectives/assertions (c)

Consider communication
to management, those
charged with governance
(f)
Assess control deviations (e)

Preliminary Consider
Assessment of effects on
Control Reliance substantive
Strategy (g) testing (h)

The audit process in workflow bubbles Page 5 of 11

 V. INITIAL ASSESSMENT OF RISK

Gather Population of Identified

Risks (a)

Pervasive (b) Specific Identified

Risks (c)

Consider existence of fraud (d)

Determine Response (e)

Evaluate Population of Risk (f)

Reassess engagement risk and

client acceptance/ continuance (g)

Reassess timelines, specialists,

budgets and resources (h)

The audit process in workflow bubbles Page 6 of 11

 VI. PLAN THE ENGAGEMENT

Incorporate results of
Incorporate control reliance
preliminary analytical
strategy (b)
review into plan by
account (a)

Plan Internal Control Testing

(including IC work plan) (c)

Plan Substantive Testing (d)

Assign work, including

budget, use of internal audit,
and/or other auditors (e)

Assess Planned Audit

Strategy (f)

Engagement
Team
Discussion (g) Communicate with
Those Charged with
Governance (h)

The audit process in workflow bubbles Page 7 of 11

 VII. PERFORM THE ENGAGEMENT PLAN
Testing of Operating Effectiveness of Internal Control

Test internal control

Evaluate results of
activities and GCC
internal control
operating effectives
operating effectiveness
(a)
(e)

Identify control deviations Reassess

(b) engagement plan (f)

Communicate to
Identify and test Communication to engagement team (g)
complimentary entity management,
controls (c) those charged with
governance (d)

The audit process in workflow bubbles Page 8 of 11

 VIII. PERFORM THE ENGAGEMENT PLAN –
Substantive
Testing

Perform Substantive
Procedures (Substantive
Analytical Procedures or
Test of Details (a)

Identify exceptions/
misstatements including
disclosures (b)

Evaluate if exception/
misstatement is a control
deficiency including disclosures
(c)

Evaluate effect on audit

plan (d)

The audit process in workflow bubbles Page 9 of 11

 IX. CONCLUDE ON THE ENGAGEMENT

Compile control
deficiencies (a) Determine sufficiency and
Evaluate the overall
financial statement documentation of fieldwork and
misstatement (d) assess adequacy of scope and
engagement risk (e and g)
Compile
misstatements (b)

Ref. documentation
to financial
statements (c) Perform summary (closing) audit
procedures (f)

Perform Evaluate and Identify and Engage- Manage

Final Test evaluate ment ment Opinion
Financial Presentation disclosure Quality Represe on F/S
Statement & Disclosure deficiencies Assurance ntation
Analytical (i) (j) Review (k) Letter (l)
(m)
Review (h)

The audit process in workflow bubbles Page 10 of 11

 X. COMMUNICATE AND REPORT

Communicate Communicate Engagement Issue Assess

with entity with those Quality report (d) Engagement
management charged with Assurance Quality (e)
(a) governance (b) Review (c)

The audit process in workflow bubbles Page 11 of 11