Decision No. 101/2005/QD-BTC dated December 29, 2005 of the Ministry of Finance on the issuance and publication of four Vietnamese standards on auditing (Batch 7)
ATTRIBUTE
Issuing body: | Ministry of Finance | Effective date: | Known Please log in to a subscriber account to use this function. Don’t have an account? Register here |
Official number: | 101/2005/QD-BTC | Signer: | Tran Van Ta |
Type: | Decision | Expiry date: | Known Please log in to a subscriber account to use this function. Don’t have an account? Register here |
Issuing date: | 29/12/2005 | Effect status: | Known Please log in to a subscriber account to use this function. Don’t have an account? Register here |
Fields: | Finance - Banking |
THE MINISTRY OF FINANCE | SOCIALIST REPUBLIC OF VIET NAM |
No. 101/2005/QD-BTC | Hanoi, December 29, 2005 |
DECISION
ON THE ISSUANCE AND PUBLICATION OF FOUR VIETNAMESE STANDARDS ON AUDITING (BATCH 7)
THE MINISTER OF FINANCE
- Pursuant to Governmental Decree No. 77/2003/ND-CP dated July 1, 2003 on the functions, jurisdictions and organization of the Ministry of Finance;
- Pursuant to Government Decree No. 105/2004/CP dated March 30, 2004 on independent auditing;
Upon the proposal of the Director of the Accounting and Auditing Policy Department and Chief of the Ministry Office,
DECIDES:
Article 1. To issue four (04) Vietnamese Standards on Auditing (Batch 7) with the codes and titles specified:
1. Standard 260 - Communications of Audit Matters with Those Charged with Governance;
2. Standard 330 - The Auditor’s Procedures in Response to Assessed Risks;
3. Standard 505 - External Confirmations;
4. Standard 545 - Auditing fair values measurements and disclosures.
Article 2: The Vietnamese Standards on Auditing issued following this decision shall be applicable to independent audits of financial statements and final accounts of investment. The independent audit of other financial information and related services rendered by audit firms shall be performed in accordance with the provisions of individual standards.
Article 3. This Decision shall come into effect 15 days after it is published in the Gazette.
Article 4. Auditors and audit firms licensed for audit practice in Vietnam are required to apply these Vietnamese standards on auditing in their operations.
The Director of the Accounting and Auditing Policy Department, the Ministry Office Chief, and heads of relevant affiliate and subsidiary units of the Ministry of Finance shall be responsible for guiding and overseeing the carrying out of this Decision./.
| FOR THE MINISTER OF FINANCE |
VIETNAMESE STANDARDS ON AUDITING
STANDARD 260
COMMUNICATIONS OF AUDIT MATTERS WITH THOSE CHARGED WITH GOVERNANCE
(Issued in pursuance of the Minister of Finance Decision No. 101/2005/QD-BTC dated 29 December 2005)
GENERAL
01. The purpose of this Vietnamese Standard on Auditing (VSA) is to establish standards and provide guidance on communication of audit matters arising from the audit of financial statements between the auditor and the audit firm and those charged with governance of an entity.
02. The auditor and the audit firm should communicate audit matters of governance interest arising from the audit of financial statements with those charged with governance of an entity.
03. This VAS applies to communications of audit matters between the auditor and the audit firm and those charged with governance.
This VAS does not specify how the auditor communicates with those outside the audited entity.
The auditor and the audit firm should comply with this VSA in conducting an audit of financial statements and rendering related services.
It is expected that the audited (client) entity and users of the audit report should possess essential knowledge as to the objective and general principles set out in this VSA in working with the auditor and the audit firm and dealing with the relations maintained during the audit.
In this VSA, the following terms have the meaning attributed below:
04. Management refers to persons entrusted with the supervision, control and direction of an entity and the decison making for its operation and development, consisting of members of the Board of Management, Board of Directors and Control Committee and those charged with managing business areas.
05. Governance is the term used to describe the role of persons entrusted with managing, supervising and controling a particular area of business or directing and executing a legal entity.
Those charged with governance ordinarily are accountable for ensuring that the entity achieves its objectives, supervising the operations and reporting to interested parties.
06. Audit matters of governance interest are those that arise from the audit of financial statements and, in the opinion of the auditor and the audit firm, are both important and relevant to those charged with governance in overseeing the financial reporting and disclosure process.
The auditor is not required to identify and report to management of the entity all matters of governance interest.
CONTENTS OF THE VSA
07. The auditor and the audit firm should determine the relevant persons who are charged with governance and with whom significant matters, including audit matters of governance interest, are communicated.
08. The auditor should determine the structure and principles of governance of each entity, such as the overseeing function (Control Committee) and executing function of the Board of Directors and the Board of Management.
09. The auditor should identify the persons who are charged with governance and whom the auditor communicates audit matters of governance interest.
10. When the entity’s governance structure is not well defined, or those charged with governance are not clearly identified, the auditor comes to an agreement with the entity about with whom audit matters of governance interest are to be communicated.
11. To avoid misunderstandings, an audit engagement letter may explain that the auditor will communicate only those matters of governance interest that come to attention as a result of the performance of an audit and that the auditor is not required to design audit procedures for the specific purpose of identifying matters of governance interest.
The engagement letter may also:
- Identify the relevant persons with whom such communications will be made; and
- Identify any specific audit matters of governance interest to be communicated.
12. The effectiveness of communications is enhanced by developing a constructive working relationship between the auditor and those charged with governance. This relationship is developed while maintaining an attitude of professional independence and objectivity.
Audit Matters of Governance Interest to be Communicated
13. The auditor should consider significant matters, including audit matters of governance interest that arise from the audit of the financial statements and communicate them with those charged with governance. Ordinarily such matters include the following:
a) The general approach and overall scope of the audit, including any expected limitations thereon, or any additional requirements;
b) The selection of, or changes in, significant accounting policies and practices that have, or could have, a material effect on the entity’s financial statements;
c)The potential effect on the financial statements of any material risks and exposures, such as pending litigation, that are required to be disclosed in the financial statements;
d) Audit adjustments, whether or not recorded by the entity that have, or could have, a material effect on the entity’s financial statements;
e) Material uncertainties related to events and conditions that may cast significant doubt on the entity’s ability to continue as a going concern;
f) Disagreements with management about matters that, individually or in aggregate, could be significant to the entity’s financial statements or the auditor’s report;
g) Expected modifications to the auditor’s report;
h) Other matters warranting attention by those charged with governance, such as material weaknesses in internal control, questions regarding management integrity, and fraud involving management; and
i) Any other matters agreed upon in the terms of the audit engagement.
14. As part of the auditor’s communications, those charged with governance are informed of the following signifcant matters:
a) The auditor’s communications of the audit results; and
b) The fact that an audit of financial statements is not designed to identify all matters that may be relevant to those charged with governance. Accordingly, the auditor and the audit firm do not ordinarily identify all such matters.
Timing of Communications
15. The auditor should communicate significant matters, including audit matters of governance interest, on a timely basis. This enables those charged with governance to take appropriate and prompt action.
16. In order to achieve timely communications, the auditor discusses with those charged with governance the basis and timing of such communications. In certain cases, because of the nature of the matter, the auditor may communicate that matter sooner than previously agreed.
Forms of Communications
17. The auditor’s communications with those charged with governance may be made orally or in writing. The auditor and the audit firm’s decision whether to communicate orally or in writing is affected by factors such as the following:
a) The size, operating structure, legal structure, and communications processes of the entity being audited;
b) The nature, sensitivity and significance of the audit matters of governance interest to be communicated;
c)The arrangements made with respect to periodic meetings or reporting of audit matters of governance interest; and
d) The amount of on-going contact and dialogue the auditor has with those charged with governance.
18. When audit matters of governance interest are communicated orally, the auditor documents in the working papers the matters communicated and any responses to those matters. This documentation may take the form of a copy of the minutes of the auditor’s discussion with those charged with governance. In certain circumstances, depending on the nature, sensitivity, and significance of the matter, it may be advisable for the auditor and the audit firm to confirm in writing with those charged with governance any oral communications on audit matters of governance interest.
19. Ordinarily, the auditor initially discusses audit matters of governance interest with management, except where those matters relate to questions of management competence or integrity. These initial discussions with management enable the auditor to gather further information from the audit. If management agrees to communicate a matter of governance interest with those charged with governance, the auditor may not need to repeat the communications, provided that the auditor is satisfied that such communications have effectively and appropriately been made.
When the auditor is satisfied with information obtained after communicating with management of the entity, the auditor is not required to discuss the information with any others of those charged with governance.
Other Matters
20. If the auditor considers that a modification of the auditor’s report on the financial statements is required, as described in VSA 700 The Auditor’s Report on Financial Statements communications between the auditor and those charged with governance cannot be regarded as a substitute.
21. The auditor and the audit firm consider whether audit matters of governance interest previously communicated may have an effect on the current year’s financial statements. The auditor considers whether the point continues to be a matter of governance interest and whether to communicate the matter again with those charged with governance.
Confidentiality
22. When legal documents provide regulations on confidentiality that restrict communication of audit matters of governance interest arising from the audit of financial statements, the auditor and the audit firm refer to such regulations before communicating with those charged with governance. In some circumstances, the potential conflicts with the auditor’s ethical and legal obligations, the auditor may wish to consult with legal counsel.
Laws and Regulations
23. When the requirements of legal documents impose obligations on the auditor and the audit firm to make communications on governance related matters that are not covered by this VSA, the auditor and the audit firm should comply with these requirements.
VIETNAMESE STANDARDS ON AUDITING
STANDARD 330
THE AUDITOR’S PROCEDURES IN RESPONSE TO ASSESSED RISKS
(Issued in pursuance of the Minister of Finance Decision No. 101/2005/QD-BTC dated 29 December 2005)
GENERAL
01. The purpose of this Vietnamese Standard on Auditing (VSA) is to establish standards and provide guidance on determining overall responses and designing and performing further audit procedures to respond to the assessed risks of material misstatement at the financial statement and assertion levels in a financial statement audit.
02. The auditor and the audit firm should obtain an understanding of the entity and its environment, including its internal control, sufficient to identify and assess the risks of material misstatement of the financial statements whether due to fraud or error, and sufficient to design and perform further audit procedures.
03. This VAS applies to audits of financial statements and also applies to audits of other financial information, and related services rendered by the audit firm.
The auditor and the audit firm should comply with this VSA in conducting an audit of financial statements.
It is expected that the audited (client) entity and users of the audit report should possess essential knowledge as to the objective and general principles set out in this VSA in working with the auditor and the audit firm and dealing with relations relevant to audited information.
04. The following is an overview of the requirements of this standard:
Overall responses: This section requires the auditor and the audit firm to determine overall responses to address risks of material misstatement at the financial statement level and provides guidance on the nature of those responses.
Audit procedures responsive to risks of material misstatement at the assertion level: This section requires the auditor to design and perform further audit procedures, including tests of the operating effectiveness of controls, when relevant or required, and substantive procedures, whose nature, timing, and extent are responsive to the assessed risks of material misstatement at the assertion level. In addition, this section includes matters the auditor and the audit firm consider in determining the nature, timing, and extent of such audit procedures.
Evaluating the sufficiency and appropriateness of audit evidence obtained: This section requires the auditor to evaluate whether the risk assessment remains appropriate and to conclude whether sufficient appropriate audit evidence has been obtained.
Documentation: This section requires that the contents and documents in the audit documentation contain information relevant to assessed risk.
05. In order to reduce audit risk to an acceptably low level, the auditor and the audit firm should determine overall responses to assessed risks at the financial statement level, and should design and perform further audit procedures to respond to assessed risks at the assertion level. The overall responses and the nature, timing, and extent of the further audit procedures are matters for the professional judgment of the auditor. In addition to the requirements of this VSA, the auditor and the audit firm also comply with the requirements and guidance in VSA 240 Fraud and Error in responding to assessed risks of material misstatement due to fraud.
CONTENTS OF THE VSA
Overall Responses
06 The auditor should determine overall responses to address the risks of material misstatement at the financial statement level. Such responses may include emphasizing to the audit team the need to maintain professional skepticism in gathering and evaluating audit evidence, assigning more experienced staff or those with special skills or using experts, providing more supervision, or incorporating additional elements of unpredictability in the selection of further audit procedures to be performed. Additionally, the auditor and the audit firm may make general changes to the nature, timing, or extent of audit procedures as an overall response, for example, performing substantive procedures at period end instead of at an interim date.
07. The assessment of the risks of material misstatement at the financial statement level is affected by the auditor’s understanding of the control environment. An effective control environment may allow the auditor to have more confidence in internal control and the reliability of audit evidence generated internally within the entity and thus, for example, allow the auditor to conduct some audit procedures at an interim date rather than at period end. If there are weaknesses in the control environment, the auditor ordinarily conducts more audit procedures as of the period end rather than at an interim date, seeks more extensive audit evidence from substantive procedures, modifies the nature of audit procedures to obtain more persuasive audit evidence, or increases the number of locations to be included in the audit scope.
08. Such considerations, therefore, have a significant bearing on the auditor’s general approach, for example, an emphasis on substantive procedures (substantive approach), or an approach that uses tests of controls as well as substantive procedures (combined approach).
Audit Procedures Responsive to Risks of Material Misstatement at the Assertion Level
09. The auditor and the audit firm should design and perform further audit procedures whose nature, timing, and extent are responsive to the assessed risks of material misstatement at the assertion level. The purpose is to provide a clear linkage between the nature, timing, and extent of the auditor’s further audit procedures and the risk assessment. In designing further audit procedures, the auditor and the audit firm consider such matters as the following:
a) The significance of the risk;
b) The likelihood that a material misstatement will occur;
c) The characteristics of the class of transactions, account balance, or disclosure involved;
d) The nature of the specific controls used by the entity and in particular whether they are manual or automated; and
e) Whether the auditor expects to obtain audit evidence to determine if the entity’s controls are effective in preventing, or detecting and correcting, material misstatements.
10. The auditor’s assessment of the identified risks at the assertion level provides a basis for considering the appropriate audit approach for designing and performing further audit procedures. In some cases, the auditor may determine that only by performing tests of controls may the auditor achieve an effective response to the assessed risk of material misstatement for a particular assertion. In other cases, the auditor may determine that performing only substantive procedures is appropriate for specific assertions and, therefore, the auditor excludes the effect of controls from the relevant risk assessment. This may be because the auditor’s risk assessment procedures have not identified any effective controls relevant to the assertion, or because testing the operating effectiveness of controls would be inefficient. However, the auditor needs to be satisfied that performing only substantive procedures for the relevant assertion would be effective in reducing the risk of material misstatement to an acceptably low level. Often the auditor may determine that a combined approach using both tests of the operating effectiveness of controls and substantive procedures is an effective approach. Irrespective of the approach selected, the auditor designs and performs substantive procedures for each material class of transactions, account balance, and disclosure as required by paragraph 51.
11. In the case of very small entities, there may not be many control activities that could be identified by the auditor. For this reason, the auditor’s further audit procedures are likely to be primarily substantive procedures. In such cases, in addition to the matters referred to in paragraph 10 above, the auditor and the audit firm consider whether in the absence of controls it is possible to obtain sufficient appropriate audit evidence.
Considering the Nature, Timing, and Extent of Further Audit Procedures
Nature
12. The nature of further audit procedures refers to their purpose (tests of controls or substantive procedures) and their type, that is, inspection, observation, inquiry, confirmation, recalculation, reperformance, or analytical procedures. Certain audit procedures may be more appropriate for some assertions than others. For example, in relation to revenue, tests of controls may be most responsive to the assessed risk of misstatement of the completeness assertion, whereas substantive procedures may be most responsive to the assessed risk of misstatement of the occurrence assertion.
13. The auditor’s selection of audit procedures is based on the assessment of risk. The higher the auditor’s assessment of risk, the more reliable and relevant is the audit evidence sought by the auditor from substantive procedures. This may affect both the types of audit procedures to be performed and their combination. For example, the auditor may confirm the completeness of the terms of a contract with a third party, in addition to inspecting the document.
14. In determining the audit procedures to be performed, the auditor considers the reasons for the assessment of the risk of material misstatement at the assertion level for each class of transactions, account balance, and disclosure. This includes considering both the particular characteristics of each class of transactions, account balance, or disclosure (i.e., the inherent risks) and whether the auditor’s risk assessment takes account of the entity’s controls (i.e., the control risk). For example, if the auditor considers that there is a lower risk that a material misstatement may occur because of the particular characteristics of a class of transactions without consideration of the related controls, the auditor may determine that substantive analytical procedures alone may provide sufficient appropriate audit evidence. On the other hand, if the auditor expects that there is a lower risk that a material misstatement may arise because an entity has effective controls and the auditor intends to design substantive procedures based on the effective operation of those controls, then the auditor performs tests of controls to obtain audit evidence about their operating effectiveness. This may be the case, for example, for a class of transactions of reasonably uniform, non-complex characteristics that are routinely processed and controlled by the entity’s information system.
15. The auditor is required to obtain audit evidence about the accuracy and completeness of information produced by the entity’s information system when that information is used in performing audit procedures. For example, if the auditor uses non-financial information or budget data produced by the entity’s information system in performing audit procedures, such as substantive analytical procedures or tests of controls, the auditor obtains audit evidence about the accuracy and completeness of such information to comply with VSA 500 Audit Evidence.
Timing
16. Timing refers to when audit procedures are performed or the period or date to which the audit evidence applies.
17. The auditor may perform tests of controls or substantive procedures at an interim date or at period end. The higher the risk of material misstatement, the more likely it is that the auditor may decide it is more effective to perform substantive procedures nearer to, or at, the period end rather than at an earlier date, or to perform audit procedures unannounced or at unpredictable times (for example, performing audit procedures at selected locations on an unannounced basis). On the other hand, performing audit procedures before the period end may assist the auditor in identifying significant matters at an early stage of the audit, and consequently resolving them with the assistance of management or developing an effective audit approach to address such matters. If the auditor performs tests of controls or substantive procedures prior to period end, the auditor considers the additional evidence required for the remaining period (see paragraphs 39-40 and 58-63).
18. In considering when to perform audit procedures, the auditor also considers such matters as the following:
a) The control environment;
b) When relevant information is available (for example, procedures to be observed may occur only at certain times);
c) The nature of the risk (for example, if there is a risk of inflated revenues to meet earnings expectations by subsequent creation of false sales agreements, the auditor may wish to examine contracts available on the date of the period end); and
d) The period or date to which the audit evidence relates.
19. Certain audit procedures can be performed only at or after period end, for example, agreeing the financial statements to the accounting records and examining adjustments made during the course of preparing the financial statements. If there is a risk that the entity may have entered into improper sales contracts or transactions may not have been finalized at period end, the auditor performs procedures to respond to that specific risk. For example, when transactions are individually material or an error in cutoff may lead to a material misstatement, the auditor ordinarily inspects transactions near the period end.
Extent
20. Extent includes the quantity of a specific audit procedure to be performed, for example, a sample size or the number of observations of a control activity.
The extent of an audit procedure is determined by the judgment of the auditor after considering the materiality, the assessed risk, and the degree of assurance the auditor plans to obtain. In particular, the auditor ordinarily increases the extent of audit procedures as the risk of material misstatement increases. However, increasing the extent of an audit procedure is effective only if the audit procedure itself is relevant to the specific risk; therefore, the nature of the audit procedure is the most important consideration.
21. The use of computer-assisted audit techniques (CAATs) may enable more extensive testing of electronic transactions and account files. Such techniques can be used to select sample transactions from key electronic files, to sort transactions with specific characteristics, or to test an entire population instead of a sample.
22. Valid conclusions may ordinarily be drawn using sampling approaches. However, if the quantity of selections made from a population is too small, the sampling approach selected is not appropriate to achieve the specific audit objective, or if exceptions are not appropriately followed up, there will be an unacceptable risk that the auditor’s conclusion based on a sample may be different from the conclusion reached if the entire population was subjected to the same audit procedure. VSA 530 Audit Sampling and Other Selective Testing Procedures contains guidance on the use of sampling.
23. This VSA regards the use of different audit procedures in combination as an aspect of the nature of testing as discussed above. However, the auditor considers whether the extent of testing is appropriate when performing different audit procedures in combination.
Tests of Controls
24. The auditor is required to perform tests of controls when the auditor’s risk assessment includes an expectation of the operating effectiveness of controls or when substantive procedures alone do not provide sufficient appropriate audit evidence at the assertion level.
25. The auditor’s assessment of risks of material misstatement at the assertion level includes an expectation that controls are operating effectively, the auditor and the audit firm should perform tests of controls to obtain sufficient appropriate audit evidence that the controls were operating effectively at relevant times during the period under audit. Paragraphs 41-46 below discuss the use of audit evidence about the operating effectiveness of controls obtained in prior audits.
26. Auditor’s assessment of risk of material misstatement at the assertion level may include an expectation of the operating effectiveness of controls, in which case the auditor performs tests of controls to obtain audit evidence as to their operating effectiveness. Tests of the operating effectiveness of controls are performed only on those controls that the auditor has determined are suitably designed to prevent, or detect and correct, a material misstatement in an assertion.
27. When the auditor has determined that it is not possible or practicable to reduce the risks of material misstatement at the assertion level to an acceptably low level with audit evidence obtained only from substantive procedures, the auditor should perform tests of relevant controls to obtain audit evidence about their operating effectiveness. For example, the auditor may find it impossible to design effective substantive procedures that by themselves provide sufficient appropriate audit evidence at the assertion level when an entity conducts its business using IT and no documentation of transactions is produced or maintained, other than through the IT system.
28. Testing the operating effectiveness of controls is different from obtaining audit evidence that controls have been implemented. When obtaining audit evidence of implementation by performing risk assessment procedures, the auditor determines that the relevant controls exist and that the entity is using them. When performing tests of the operating effectiveness of controls, the auditor obtains audit evidence that controls operate effectively during the period. This includes obtaining audit evidence about how controls were applied at relevant times during the period under audit, the consistency with which they were applied, and by whom or by what means they were applied. If substantially different controls were used at different times during the period under audit, the auditor considers each separately. The auditor may determine that testing the operating effectiveness of controls at the same time as evaluating their design and obtaining audit evidence of their implementation is efficient.
29. Although some risk assessment procedures that the auditor performs to evaluate the design of controls and to determine that they have been implemented may not have been specifically designed as tests of controls, they may nevertheless provide audit evidence about the operating effectiveness of the controls and, consequently, serve as tests of controls. For example, the auditor may have made inquiries about management’s use of budgets, observed management’s comparison of monthly budgeted and actual expenses, and inspected reports pertaining to the investigation of variances between budgeted and actual amounts. These audit procedures provide knowledge about the design of the entity’s budgeting policies and whether they have been implemented, and may also provide audit evidence about the effectiveness of the operation of budgeting policies in preventing or detecting material misstatements in the classification of expenses. In such circumstances, the auditor considers whether the audit evidence provided by those audit procedures is sufficient.
Nature of Tests of Controls
30. The auditor selects audit procedures to obtain assurance about the operating effectiveness of controls. As the planned level of assurance increases, the auditor seeks more reliable audit evidence. In circumstances when the auditor adopts an approach consisting primarily of tests of controls, in particular related to those risks where it is not possible or practicable to obtain sufficient appropriate audit evidence only from substantive procedures, the auditor ordinarily performs tests of controls to obtain a higher level of assurance about their operating effectiveness.
31. The auditor should perform other audit procedures in combination with inquiry to test the operating effectiveness of controls. Although different from obtaining an understanding of the design and implementation of controls, tests of the operating effectiveness of controls ordinarily include the same types of audit procedures used to evaluate the design and implementation of controls, and may also include reperformance of the application of the control by the auditor. Since inquiry alone is not sufficient, the auditor uses a combination of audit procedures to obtain sufficient appropriate audit evidence regarding the operating effectiveness of controls. Those controls subject to testing by performing inquiry combined with inspection or reperformance ordinarily provide more assurance than those controls for which the audit evidence consists solely of inquiry and observation. For example, an auditor may inquire about and observe the entity’s procedures for opening the mail and processing cash receipts to test the operating effectiveness of controls over cash receipts. Because an observation is pertinent only at the point in time at which it is made, the auditor ordinarily supplements the observation with inquiries of entity personnel, and may also inspect documentation about the operation of such controls at other times during the audit period in order to obtain sufficient appropriate audit evidence.
32. The nature of the particular control influences the type of audit procedure required to obtain audit evidence about whether the control was operating effectively at relevant times during the period under audit. For some controls, operating effectiveness is evidenced by documentation. In such circumstances, the auditor may decide to inspect the documentation to obtain audit evidence about operating effectiveness. For other controls, however, documentation of control effectiveness may not be available or relevant. For example, documentation of operation may not exist for some factors in the control environment, such as assignment of authority and responsibility, or for some types of control activities, such as control activities performed by a computer. In such circumstances, audit evidence about operating effectiveness may be obtained through inquiry in combination with other audit procedures such as observation or the use of CAATs.
33. In designing tests of controls, the auditor considers the need to obtain audit evidence supporting the effective operation of controls directly related to the assertions as well as other indirect controls on which these controls depend. For example, the auditor may identify a user review of an exception report of notes receivable over a customer’s authorized credit limit as a direct control related to an assertion. In such cases, the auditor considers the effectiveness of the user review of the report and also the controls related to the accuracy of the information in the report.
34. In the case of an automated application control, because of the inherent consistency of IT processing, audit evidence about the implementation of the control at the time of assessment, when considered in combination with audit evidence obtained regarding the operating effectiveness of the entity’s general controls may provide substantial audit evidence about its operating effectiveness during the relevant period.
35. When responding to the risk assessment, the auditor may design a test of controls to be performed concurrently with a test of details on the same transaction. The objective of tests of controls is to evaluate whether a control operated effectively. The objective of tests of details is to detect material misstatements at the assertion level. Although these objectives are different, both may be accomplished concurrently through performance of a test of controls and a test of details on the same transaction, also known as a dual-purpose test. For example, the auditor may examine an invoice to determine whether it has been approved and to provide substantive audit evidence of a transaction. The auditor carefully considers the design and evaluation of such tests to accomplish both objectives.
36. The absence of misstatements detected by a substantive procedure does not provide audit evidence that controls related to the assertion being tested are effective. However, misstatements that the auditor detects by performing substantive procedures are considered by the auditor when assessing the operating effectiveness of related controls. A material misstatement detected by the auditor’s procedures that was not identified by the entity ordinarily is indicative of the existence of a material weakness in internal control, which is communicated to management and those charged with governance.
Timing of Tests of Controls
37. The timing of tests of controls depends on the auditor’s objective and determines the period of reliance on those controls. If the auditor tests controls at a particular time, the auditor only obtains audit evidence that the controls operated effectively at that time. However, if the auditor tests controls throughout a period, the auditor obtains audit evidence of the effectiveness of the operation of the controls during that period.
38. Audit evidence pertaining only to a point in time may be sufficient for the auditor’s purpose, for example, when testing controls over the entity’s physical inventory counting at the period end. If, on the other hand, the auditor requires audit evidence of the effectiveness of a control over a period, audit evidence pertaining only to a point in time may be insufficient and the auditor supplements those tests with other tests of controls that are capable of providing audit evidence that the control operated effectively at relevant times during the period under audit. Such other tests may consist of tests of the entity’s monitoring of controls.
39. When the auditor obtains audit evidence about the operating effectiveness of controls during an interim period, the auditor should determine what additional audit evidence should be obtained for the remaining period. In making that determination, the auditor considers the significance of the assessed risks of material misstatement at the assertion level, the specific controls that were tested during the interim period, the degree to which audit evidence about the operating effectiveness of those controls was obtained, the length of the remaining period, the extent to which the auditor intends to reduce further substantive procedures based on the reliance of controls, and the control environment. The auditor obtains audit evidence about the nature and extent of any significant changes in internal control, including changes in the information system, processes, and personnel that occur subsequent to the interim period.
40. Additional audit evidence may be obtained, for example, by extending the testing of the operating effectiveness of controls over the remaining period or testing the entity’s monitoring of controls.
41. If the auditor plans to use audit evidence about the operating effectiveness of controls obtained in prior audits, the auditor should obtain audit evidence about whether changes in those specific controls have occurred subsequent to the prior audit. The auditor should obtain audit evidence about whether such changes have occurred by performing inquiry in combination with observation or inspection to confirm the understanding of those specific controls. VSA 500 Audit Evidence states that the auditor performs audit procedures to establish the continuing relevance of audit evidence obtained in prior periods when the auditor plans to use the audit evidence in the current period. For example, in performing the prior audit, the auditor may have determined that an automated control was functioning as intended. The auditor obtains audit evidence to determine whether changes to the automated control have been made that affect its continued effective functioning, for example, through inquiries of management and the inspection of logs to indicate what controls have been changed. Consideration of audit evidence about these changes may support either increasing or decreasing the expected audit evidence to be obtained in the current period about the operating effectiveness of the controls.
42. If the auditor plans to rely on controls that have changed since they were last tested, the auditor should test the operating effectiveness of such controls in the current audit. Changes may affect the relevance of the audit evidence obtained in prior periods such that there may no longer be a basis for continued reliance. For example, changes in a system that enable an entity to receive a new report from the system probably do not affect the relevance of prior period audit evidence; however, a change that causes data to be accumulated or calculated differently does affect it.
43. If the auditor plans to rely on controls that have not changed since they were last tested, the auditor should test the operating effectiveness of such controls at least once in every third audit. As indicated in paragraphs 42 and 46, the auditor may not rely on audit evidence about the operating effectiveness of controls obtained in prior audits for controls that have changed since they were last tested or controls that mitigate a significant risk. The auditor’s decision on whether to rely on audit evidence obtained in prior audits for other controls is a matter of professional judgment. In addition, the length of time period between retesting such controls is also a matter of professional judgment, but cannot exceed two years.
44. In considering whether it is appropriate to use audit evidence about the operating effectiveness of controls obtained in prior audits, and, if so, the length of the time period that may elapse before retesting a control, the auditor considers the following:
a) The effectiveness of other elements of internal control, including the control environment, the entity’s monitoring of controls, and the entity’s risk assessment process.
b) The risks arising from the characteristics of the control, including whether controls are manual or automated.
c) The effectiveness of general IT-controls.
d) The effectiveness of the control and its application by the entity, including the nature and extent of deviations in the application of the control from tests of operating effectiveness in prior audits.
e) The risk of material misstatement and the extent of reliance on the control. The higher the risk of material misstatement, or the greater the reliance on controls, the shorter the time period elapsed, if any, is likely to be. Factors that ordinarily decrease the period for retesting a control, or result in not relying on audit evidence obtained in prior audits at all, include the following:
- A weak control environment;
- Weak monitoring of controls;
- A significant manual element to the relevant controls;
- Personnel changes that significantly affect the application of the control;
- Changing circumstances that indicate the need for changes in the control; and Weak general IT-controls.
45. When there are a number of controls for which the auditor determines that it is appropriate to use audit evidence obtained in prior audits, the auditor should test the operating effectiveness of some controls each audit. The purpose of this requirement is to avoid the possibility that the auditor might apply the approach of paragraph 43 to all controls on which the auditor proposes to rely, but test all those controls in a single audit period with no testing of controls in the subsequent two audit periods. In addition to providing audit evidence about the operating effectiveness of the controls being tested in the current audit, performing such tests provides collateral evidence about the continuing effectiveness of the control environment and therefore contributes to the decision about whether it is appropriate to rely on audit evidence obtained in prior audits. Therefore, when the auditor determines in accordance with paragraphs 41-44 that it is appropriate to use audit evidence obtained in prior audits for a number of controls, the auditor plans to test a sufficient portion of the controls in that population in each audit period, and at a minimum, each control is tested at least every third audit.
46. When the auditor has determined that an assessed risk of material misstatement at the assertion level is a significant risk and the auditor plans to rely on the operating effectiveness of controls intended to mitigate that significant risk, the auditor should obtain the audit evidence about the operating effectiveness of those controls from tests of controls performed in the current period. The greater the risk of material misstatement, the more audit evidence the auditor obtains that relevant controls are operating effectively. Accordingly, although the auditor often considers information obtained in prior audits in designing tests of controls to mitigate a significant risk, the auditor does not rely on audit evidence obtained in a prior audit about the operating effectiveness of controls over such risks, but instead obtains the audit evidence about the operating effectiveness of controls over such risks in the current period.
Extent of Tests of Controls
47. The auditor designs tests of controls to obtain sufficient appropriate audit evidence that the controls operated effectively throughout the period of reliance. Matters the auditor may consider in determining the extent of the auditor’s tests of controls include the following:
a) The frequency of the performance of the control by the entity during the period;
b) The length of time during the audit period that the auditor is relying on the operating effectiveness of the control;
c) The relevance and reliability of the audit evidence to be obtained in supporting that the control prevents, or detects and corrects, material misstatements at the assertion level;
d) The extent to which audit evidence is obtained from tests of other controls related to the assertion;
e) The extent to which the auditor plans to rely on the operating effectiveness of the control in the assessment of risk (and thereby reduce substantive procedures based on the reliance of such control); and
f) The expected deviation from the control.
48. The more the auditor relies on the operating effectiveness of controls in the assessment of risk, the greater is the extent of the auditor’s tests of controls. In addition, as the rate of expected deviation from a control increases, the auditor increases the extent of testing of the control. However, the auditor considers whether the rate of expected deviation indicates that the control will not be sufficient to reduce the risk of material misstatement at the assertion level to that assessed by the auditor. If the rate of expected deviation is expected to be too high, the auditor may determine that tests of controls for a particular assertion may not be effective.
49. Because of the inherent consistency of IT processing, the auditor may not need to increase the extent of testing of an automated control. An automated control should function consistently unless the program is changed. Once the auditor determines that an automated control is functioning as intended (which could be done at the time the control is initially implemented or at some other date), the auditor considers performing tests to determine that the control continues to function effectively. Such tests might include determining that changes to the program are not made without being subject to the appropriate program change controls.
Substantive Procedures
50. Substantive procedures are performed in order to detect material misstatements at the assertion level, and include tests of details of classes of transactions, account balances, and disclosures and substantive analytical procedures. The auditor plans and performs substantive procedures to be responsive to the related assessment of the risk of material misstatement.
51. Irrespective of the assessed risk of material misstatement, the auditor should design and perform substantive procedures for each material class of transactions, account balance, and disclosure. This requirement reflects the fact that the auditor’s assessment of risk is judgmental and may not be sufficiently precise to identify all risks of material misstatement. Further, there are inherent limitations to internal control including management override. Accordingly, while the auditor may determine that the risk of material misstatement may be reduced to an acceptably low level by performing only tests of controls for a particular assertion related to a class of transactions, account balance or disclosure (see paragraph 10), the auditor always performs substantive procedures for each material class of transactions, account balance, and disclosure.
52. The auditor’s substantive procedures should include the following audit procedures related to the financial statement closing process:
a) Agreeing the financial statements to the underlying accounting records; and
b) Examining material journal entries and other adjustments made during the course of preparing the financial statements.
The nature and extent of the auditor’s examination of journal entries and other adjustments depends on the nature and complexity of the entity’s financial reporting process and the associated risks of material misstatement.
53. When the auditor has determined that an assessed risk of material misstatement at the assertion level is a significant risk, the auditor should perform substantive procedures that are specifically responsive to that risk. For example, if the auditor identifies that management is under pressure to meet earnings expectations, there may be a risk that management is inflating sales by improperly recognizing revenue related to sales agreements with terms that preclude revenue recognition or by invoicing sales before shipment. In these circumstances, the auditor may, for example, design external confirmations not only to confirm outstanding amounts, but also to confirm the details of the sales agreements, including date, any rights of return and delivery terms. In addition, the auditor may find it effective to supplement such external confirmations with inquiries of non-financial personnel in the entity regarding any changes in sales agreements and delivery terms.
54. When the approach to significant risks consists only of substantive procedures, the audit procedures appropriate to address such significant risks consist of tests of details of transactions or balances, or a combination of tests of details and substantive analytical procedures. The auditor considers the guidance in paragraphs 55-64 in designing the nature, timing, and extent of substantive procedures for significant risks. In order to obtain sufficient appropriate audit evidence, the substantive procedures related to significant risks are most often designed to obtain audit evidence with high reliability.
Nature of Substantive Procedures
55. Substantive analytical procedures are generally more applicable to large volumes of transactions that tend to be predictable over time. Tests of details are ordinarily more appropriate to obtain audit evidence regarding certain assertions about account balances, including existence and valuation. In some situations, the auditor may determine that performing only substantive analytical procedures may be sufficient to reduce the risk of material misstatement to an acceptably low level. For example, the auditor may determine that performing only substantive analytical procedures is responsive to the assessed risk of material misstatement for a class of transactions where the auditor’s assessment of risk is supported by obtaining audit evidence from performance of tests of the operating effectiveness of controls. In other situations, the auditor may determine that only tests of details are appropriate, or that a combination of substantive analytical procedures and tests of details are most responsive to the assessed risks.
56. The auditor designs tests of details responsive to the assessed risk with the objective of obtaining sufficient appropriate audit evidence to achieve the planned level of assurance at the assertion level. In designing substantive procedures related to the existence or occurrence assertion, the auditor selects from items contained in a financial statement amount and obtains the relevant audit evidence. On the other hand, in designing audit procedures related to the completeness assertion, the auditor selects from audit evidence indicating that an item should be included in the relevant financial statement amount and investigates whether that item is so included. For example, the auditor might inspect subsequent cash disbursements to determine whether any purchases had been omitted from accounts payable.
57. In designing substantive analytical procedures, the auditor considers such matters as the following:
a) The suitability of using substantive analytical procedures given the assertions;
b) The reliability of the data, whether internal or external, from which the expectation of recorded amounts or ratios is developed;
c) Whether the expectation is sufficiently precise to identify a material misstatement at the desired level of assurance; and
d) The amount of any difference in recorded amounts from expected values that is acceptable.
The auditor considers testing the controls, if any, over the entity’s preparation of information used by the auditor in applying analytical procedures. When such controls are effective, the auditor has greater confidence in the reliability of the information and, therefore, in the results of analytical procedures. Alternatively, the auditor may consider whether the information was subjected to audit testing in the current or prior period. In determining the audit procedures to apply to the information upon which the expectation for substantive analytical procedures is based, the auditor considers the guidance in VSA 500 Audit Evidence.
Timing of Substantive Procedures
58. When substantive procedures are performed at an interim date, the auditor should perform further substantive procedures or substantive procedures combined with tests of controls to cover the remaining period that provide a reasonable basis for extending the audit conclusions from the interim date to the period end.
59. In some circumstances, substantive procedures may be performed at an interim date. This increases the risk that misstatements that may exist at the period end are not detected by the auditor. This risk increases as the remaining period is lengthened. In considering whether to perform substantive procedures at an interim date, the auditor considers such factors as the following:
a) The control environment and other relevant controls;
b) The availability of information at a later date that is necessary for the auditor’s procedures;
c) The objective of the substantive procedure;
d) The assessed risk of material misstatement;
e) The nature of the class of transactions or account balance and related assertions; and
f) The ability of the auditor to perform appropriate substantive procedures or substantive procedures combined with tests of controls to cover the remaining period in order to reduce the risk that misstatements that exist at period end are not detected.
60. Although the auditor is not required to obtain audit evidence about the operating effectiveness of controls in order to have a reasonable basis for extending audit conclusions from an interim date to the period end, the auditor considers whether performing only substantive procedures to cover the remaining period is sufficient. If the auditor concludes that substantive procedures alone would not be sufficient, tests of the operating effectiveness of relevant controls are performed or the substantive procedures are performed as of the period end.
61. In circumstances where the auditor has identified risks of material misstatement due to fraud, the auditor’s response to address those risks may include changing the timing of audit procedures. For example, the auditor might conclude that substantive procedures need to be performed at or near the end of the reporting period to address an identified risk of material misstatement due to fraud (see VSA 240 Fraud and Error).
62. Ordinarily, the auditor compares and reconciles information concerning the balance at the period end with the comparable information at the interim date to identify amounts that appear unusual, investigates any such amounts, and performs substantive analytical procedures or tests of details to test the intervening period. When the auditor plans to perform substantive analytical procedures with respect to the intervening period, the auditor considers whether the period end balances of the particular classes of transactions or account balances are reasonably predictable with respect to amount, relative significance, and composition. The auditor considers whether the entity’s procedures for analyzing and adjusting such classes of transactions or account balances at interim dates and for establishing proper accounting cutoffs are appropriate. In addition, the auditor considers whether the information system relevant to financial reporting will provide information concerning the balances at the period end and the transactions in the remaining period that is sufficient to permit investigation of: significant unusual transactions or entries (including those at or near period end); other causes of significant fluctuations, or expected fluctuations that did not occur; and changes in the composition of the classes of transactions or account balances. The substantive procedures related to the remaining period depend on whether the auditor has performed tests of controls.
63. If misstatements are detected in classes of transactions or account balances at an interim date, the auditor ordinarily modifies the related assessment of risk and the planned nature, timing, or extent of the substantive procedures covering the remaining period that relate to such classes of transactions or account balances, or extends or repeats such audit procedures at the period end.
64. The use of audit evidence from the performance of substantive procedures in a prior audit is not sufficient to address a risk of material misstatement in the current period. In most cases, audit evidence from the performance of substantive procedures in a prior audit provides little or no audit evidence for the current period. In order for audit evidence obtained in a prior audit to be used in the current period as substantive audit evidence, the audit evidence and the related subject matter must not fundamentally change. An example of audit evidence obtained from the performance of substantive procedures in a prior period that may be relevant in the current year is a legal opinion related to the structure of a securitization to which no changes have occurred during the current period. As required by VSA 500 Audit evidence, if the auditor plans to use audit evidence obtained from the performance of substantive procedures in a prior audit, the auditor performs audit procedures during the current period to establish the continuing relevance of the audit evidence.
Extent of the Performance of Substantive Procedures
65. The greater the risk of material misstatement, the greater the extent of substantive procedures. Because the risk of material misstatement takes account of internal control, the extent of substantive procedures may be increased as a result of unsatisfactory results from tests of the operating effectiveness of controls. However, increasing the extent of an audit procedure is appropriate only if the audit procedure itself is relevant to the specific risk.
66. In designing tests of details, the extent of testing is ordinarily thought of in terms of the sample size, which is affected by the risk of material misstatement. However, the auditor also considers other matters, including whether it is more effective to use other selective means of testing, such as selecting large or unusual items from a population as opposed to performing representative sampling or stratifying the population into homogeneous subpopulations for sampling. VSA 530 Audit Sampling and Other Selective Testing Procedures contains guidance on the use of sampling and other means of selecting items for testing. In designing substantive analytical procedures, the auditor considers the amount of difference from the expectation that can be accepted without further investigation. This consideration is influenced primarily by materiality and the consistency with the desired level of assurance. Determination of this amount involves considering the possibility that a combination of misstatements in the specific account balance, class of transactions, or disclosure could aggregate to an unacceptable amount. In designing substantive analytical procedures, the auditor increases the desired level of assurance as the risk of material misstatement increases.
Adequacy of Presentation and Disclosure
67. The auditor should perform audit procedures to evaluate whether the overall presentation of the financial statements, including the related disclosures, are in accordance with the applicable financial reporting framework. The auditor considers whether the individual financial statements are presented in a manner that reflects the appropriate classification and description of financial information. The presentation of financial statements in conformity with the applicable financial reporting framework also includes adequate disclosure of material matters. These matters relate to the form, arrangement, and content of the financial statements and their appended notes, including, for example, the terminology used, the amount of detail given, the classification of items in the statements, and the bases of amounts set forth.
The auditor considers whether management should have disclosed a particular matter in light of the circumstances and facts of which the auditor is aware at the time. In performing the evaluation of the overall presentation of the financial statements, including the related disclosures, the auditor considers the assessed risk of material misstatement at the assertion level in accordance with VSA 500 Audit Evidence for a description of the assertions related to presentation and disclosure.
Evaluating the Sufficiency and Appropriateness of Audit Evidence Obtained
68. Based on the audit procedures performed and the audit evidence obtained, the auditor should evaluate whether the assessments of the risks of material misstatement at the assertion level remain appropriate.
69. As the auditor performs planned audit procedures, the audit evidence obtained may cause the auditor to modify the nature, timing, or extent of other planned audit procedures. Information may come to the auditor’s attention that differs significantly from the information on which the risk assessment was based. For example, the extent of misstatements that the auditor detects by performing substantive procedures may alter the auditor’s judgment about the risk assessments and may indicate a material weakness in internal control. In addition, analytical procedures performed at the overall review stage of the audit may indicate a previously unrecognized risk of material misstatement. In such circumstances, the auditor may need to reevaluate the planned audit procedures, based on the revised consideration of assessed risks for all or some of the classes of transactions, account balances, or disclosures and related assertions.
70. The concept of effectiveness of the operation of controls recognizes that some deviations in the way controls are applied by the entity may occur. Deviations from prescribed controls may be caused by such factors as changes in key personnel, significant seasonal fluctuations in volume of transactions and human error. When such deviations are detected during the performance of tests of controls, the auditor makes specific inquiries to understand these matters and their potential consequences, for example, by inquiring about the timing of personnel changes in key internal control functions. The auditor determines whether the tests of controls performed provide an appropriate basis for reliance on the controls, whether additional tests of controls are necessary, or whether the potential risks of misstatement need to be addressed using substantive procedures.
71. The auditor cannot assume that an instance of fraud or error is an isolated occurrence, and therefore considers how the detection of a misstatement affects the assessed risks of material misstatement. Before the conclusion of the audit, the auditor evaluates whether audit risk has been reduced to an acceptably low level and whether the nature, timing, and extent of the audit procedures may need to be reconsidered. For example, the auditor reconsiders the following:
a) The nature, timing, and extent of substantive procedures; and
b) The audit evidence of the operating effectiveness of relevant controls, including the entity’s risk assessment process.
72. The auditor should conclude whether sufficient appropriate audit evidence has been obtained to reduce to an acceptably low level the risk of material misstatement in the financial statements. In developing an opinion, the auditor considers all relevant audit evidence, regardless of whether it appears to corroborate or to contradict the assertions in the financial statements.
73. The sufficiency and appropriateness of audit evidence to support the auditor’s conclusions throughout the audit are a matter of professional judgment. The auditor’s judgment as to what constitutes sufficient appropriate audit evidence is influenced by such factors as the following:
a) Significance of the potential misstatement in the assertion and the likelihood of its having a material effect, individually or aggregated with other potential misstatements, on the financial statements;
b) Effectiveness of management’s responses and controls to address the risks;
c) Experience gained during previous audits with respect to similar potential misstatements;
d) Results of audit procedures performed, including whether such audit procedures identified specific instances of fraud or error;
e) Source and reliability of the available information;
f) Persuasiveness of the audit evidence; and
g) Understanding of the entity and its environment, including its internal control.
74. If the auditor has not obtained sufficient appropriate audit evidence as to a material financial statement assertion, the auditor should attempt to obtain further audit evidence. If the auditor is unable to obtain sufficient appropriate audit evidence, the auditor should express a qualified opinion or a disclaimer of opinion to comply with VSA 700 The Auditor’s Report on Financial Statements.
Documentation
75. The auditor should document the overall responses to address the assessed risks of material misstatement at the financial statement level and the nature, timing, and extent of the further audit procedures, the linkage of those procedures with the assessed risks at the assertion level, and the results of the audit procedures. In addition, if the auditor plans to use audit evidence about the operating effectiveness of controls obtained in prior audits, the auditor should document the conclusions reached with regard to relying on such controls that were tested in a prior audit. The manner in which these matters are documented is based on the auditor’s professional judgment. VSA 230 Documentation establishes standards and provides guidance regarding documentation in the context of the audit of financial statements.
VIETNAMESE STANDARDS ON AUDITING
STANDARD 505
EXTERNAL CONFIRMATIONS
(Issued in pursuance of the Minister of Finance Decision No. 101/2005/QD-BTC dated 29 December 2005)
GENERAL
01. The purpose of this Vietnamese Standard on Auditing (VSA) is to establish standards and provide guidance on the auditor’s use of external confirmation as a means of obtaining audit evidence of the auditor and the audit firm.
02. The auditor and the audit firm should determine whether the use of external confirmations is necessary to obtain sufficient appropriate audit evidence at the assertion. In making this determination, the auditor should consider the assessed risk of material misstatement, inherent and control risks and how the audit evidence from other planned audit procedures will reduce the risk of material misstatement at the asserion level to an acceptably low level.
03. The auditor and the audit firm should comply with this VSA in obtaining external confirmations.
04. It is expected that the audited (client) entity, related entities and persons should possess essential knowledge as to the objective and general principles set out in this VSA in working with the auditor and the audit firm and dealing with the relations maintained during obtaining external confirmation.
05. VSA 500 Audit Evidence states that the reliability of audit evidence is influenced by its source and by its nature, and is dependent on the individual circumstances under which it is obtained. Under this VSA, audit evidence is more reliable when it is obtained from independent sources outside the entity; and audit evidence is more reliable when it exists in image or documentary form than in oral form. Accordingly, audit evidence in the form of original written from outside is more reliable as people outside the entity are not directly related to the entity being audited. The auditor should determine whether to consider audit evidence individually or cumulatively from other audit procedures which were implemented or will be implemented to assist in reducing the risk of material misstatement for the related assertions to an acceptably low level.
06. External confirmation is the process of obtaining and evaluating audit evidence through a representation of information or an existing condition directly from a third party in response to a request for information about a particular item affecting management’s assertions disclosed in the financial statements of the entity being audited. In deciding to what extent to use external confirmations the auditor and the audit firm consider the characteristics of the environment in which the entity being audited operates and the collectability of such information.
07. External confirmations are frequently used in relation to account balances and their components, but need not be restricted to these items. For example, the auditor and the audit firm may request external confirmation of the terms of agreements or transactions an entity has with third parties. Other examples of situations where external confirmations may be used include the following:
a) Bank balances and other information from bankers;
b) Accounts receivable balances;
c) Stocks held by third parties at bonded warehouses for processing or on consignment;
d) Property title deeds held by lawyers or financiers for safe custody or as security;
e) Investments purchased from stockbrokers but not delivered at the balance sheet date;
f) Loans from lenders; and
g) Accounts payable balances.
08. The reliability of the audit evidence obtained by external confirmations depends, among other factors, upon the auditor applying appropriate audit procedures in designing the external confirmation request, performing the external confirmation procedures, and evaluating the results of the external confirmation procedures. Factors affecting the reliability of confirmations include the control the auditor exercises over confirmation requests and responses, the characteristics of the respondents, and any restrictions included in the response or imposed by management.
CONTENTS OF THE VSA
Relationship of External Confirmation Procedures to the Auditor’s Assessments of the Inherent Risk and Control Risk
09. VSA 400 Risk Assessments and Internal Control specifies audit risk and its components, including inherent risk, control risk and detection risk. This VSA also prescribles that the auditor’s control risk assessment, together with the inherent risk assessment is to influence the nature, timing and extent of substantive procedures to be performed to reduce detection risk, therefore audit risk, to an acceptably low level.
10. VSA 400 Risk Assessments and Internal Control also specifies the nature and extent of audit evidence obtained from carrying out substantive procedures that depend on auditor’s assessments of control and inherent risk. The assessed levels of inherent and control risk cannot be sufficiently low to eliminate the need for the auditor to perform any substantive procedures. These substantive procedures may include external confirmation procedures for the assertion of the financial statements.
11. VSA 400 Risk Assessments and Internal Control requires that the higher the assessment of inherent and control risk, the more audit evidence the auditor should obtain from the performance of substantive procedures. Therefore, when the assessed levels of inherent and control risk increase, the auditor should perform substantive procedures to further collect appropriate audit evidence concerning an assertion of the financial statements. In the circumstances, using external confirmation procedures brings effect on adequately provision of appropriate audit evidence.
12. The lower the assessment of inherent and control risk, the less assurance the auditor should obtain from the performance of substantive procedures in order to express an opinion on an assertion of the financial statements.
13. Complex or unusual transactions can result in a higher level of inherent and control risk than that of normal ones. Where the entity being audited has unusual or complex transactions and the assessed level of its inherent and control risk is high, the auditor should check external confirmations kept by the entity concerning contents relevant to these transactions with related parties.
Assertions Addressed by External Confirmations
14. VSA 500 Audit evidence requires that assertions of the financial statements should satisfy the creteria, including: existence, rights and obligations, occurrence, completeness, valuation, accuracy, and disclosure. While external confirmations may provide audit evidence regarding these assertions, the ability of an external confirmation to provide audit evidence relevant to a particular assertion varies.
15. External confirmation of an account receivable provides reliable and relevant audit evidence regarding the existence of the account as at a certain date. Confirmation also provides audit evidence regarding the operation of cut-off procedures. However, such confirmation does not ordinarily provide all the necessary audit evidence relating to the valuation assertion, since it is not practicable to ask the debtor to confirm detailed information relating to its ability to pay the account.
16. Similarly, in the case of goods held on consignment, external confirmation is likely to provide reliable and relevant audit evidence to support the existence and the rights and obligations assertions, but might not provide audit evidence that supports the valuation assertion.
17. The relevance of external confirmations to auditing a particular assertion is also affected by the objective of the auditor in selecting information for confirmation. For example, when auditing the completeness assertion for accounts payable, the auditor and the audit firm need to obtain audit evidence that there is no material unrecorded liability. Accordingly, sending confirmation requests to an entity’s principal suppliers asking them to provide copies of their statements of account directly to the auditor, even if the records show no amount currently owing to them, will usually be more effective in detecting unrecorded liabilities than selecting accounts for confirmation based on the larger amounts recorded in the accounts payable subsidiary ledger.
18. When obtaining audit evidence for assertions not adequately addressed by confirmations, the auditor considers other audit procedures to complement confirmation procedures or to be used instead of confirmation procedures.
Design of the External Confirmation Request
19. The auditor and the audit firm should tailor external confirmation requests to the specific audit objective. When designing the request, the auditor considers the assertions being addressed and the factors that are likely to affect the reliability of the confirmations. Factors such as the form of the external confirmation request, prior experience on the audit or similar engagements, the nature of the information being confirmed, and the intended respondent, affect the design of the requests because these factors have a direct effect on the reliability of the audit evidence obtained through external confirmation procedures.
20. Also, in designing the request, the auditor and the audit firm consider the type of information respondents will be able to confirm readily since this may affect the response rate and the nature of the audit evidence obtained. For example, certain respondents’ information systems may facilitate the external confirmation of single transactions rather than of entire account balances. In addition, respondents may not always be able to confirm certain types of information, such as the overall accounts receivable balance, but may be able to confirm individual invoice amounts within the total balance.
21. Confirmation requests ordinarily include management’s authorization to the respondent to disclose the information to the auditor. Respondents may be more willing to respond to a confirmation request containing management’s authorization, and in some cases may be unable to respond unless the request contains management’s authorization.
Use of Positive and Negative Confirmations
22. The auditor may use open or closed external confirmation requests or a combination of both.
23. An open (positive) external confirmation request asks the respondent to reply to the auditor in all cases either by indicating the respondent’s agreement with the given information, or by asking the respondent to fill in information. A response to an open confirmation request is ordinarily expected to provide reliable audit evidence. There is a risk, however, that a respondent may reply to the confirmation request without verifying that the information is correct. The auditor is not ordinarily able to detect whether this has occurred. The auditor may reduce this risk, however, by using open confirmation requests that do not state the amount (or other information) on the confirmation request, but ask the respondent to fill in the amount or furnish other information. On the other hand, use of this type of open confirmation request may result in lower response rates because additional effort is required of the respondents.
24. A closed (negative) external confirmation request asks the respondent to reply only in the event of disagreement with the information provided in the request. However, when no response has been received to a closed confirmation request, the auditor remains aware that there will be no explicit audit evidence that intended third parties have received the confirmation requests and verified that the information contained therein is correct. Accordingly, the use of closed (negative) confirmation requests ordinarily provides less reliable audit evidence than the use of open (positive) confirmation requests, and the auditor considers performing other substantive procedures to supplement the use of negative confirmations.
25. Closed (negative) confirmation requests may be used to reduce the risk of material misstatement to an acceptable level when:
a) The assessed risk of material misstatement is lower;
b) A large number of small balances is involved;
c) A substantial number of errors is not expected; and
d) The auditor has no reason to believe that respondents will disregard these requests.
26. A combination of positive and negative external confirmations may be used. For example, where the total accounts receivable balance comprises a small number of large balances and a large number of small balances, the auditor may decide that it is appropriate to confirm all or a sample of the large balances with positive confirmation requests and a sample of the small balances using negative confirmation requests.
Management Requests
27. When the auditor seeks to confirm certain balances or other information, and management requests the auditor not to do so, the auditor and the audit firm should consider whether there are valid grounds for such a request and obtain audit evidence to support the validity of management’s requests. If the auditor agrees to management’s request not to seek external confirmation regarding a particular matter, the auditor and the audit firm should apply alternative audit procedures to obtain sufficient appropriate audit evidence regarding that matter.
28. If the auditor and the audit firm do not accept the validity of management’s request and is prevented from carrying out the confirmations, there has been a limitation on the scope of the auditor’s work and the auditor and the audit firm should consider the possible impact on the auditor’s report.
29. When considering the reasons provided by management, the auditor and the audif firm apply an attitude of professional skepticism and consider whether the request has any implications regarding management’s integrity. The auditor considers whether management’s request may indicate the possible existence of fraud or error. If the auditor believes that fraud or error exists, the auditor applies the guidance in VSA 240 Fraud and Error. The auditor also considers whether the alternative audit procedures will provide sufficient appropriate audit evidence regarding that matter.
Characteristics of Respondents
30. The reliability of audit evidence provided by a confirmation is affected by the respondent’s competence, independence, authority to respond, knowledge of the matter being confirmed, and objectivity. For this reason, the auditor and the audit firm attempt to ensure, where practicable, that the confirmation request is directed to an appropriate individual. For example, when confirming that a covenant related to an entity’s long-term debt has been waived, the auditor directs the request to an official of the creditor who has knowledge about the waiver and has the authority to provide the information.
31. The auditor and the audit firm also assess whether certain parties may not provide an objective or unbiased response to a confirmation request. Information about the respondent’s competence, knowledge, motivation, ability or willingness to respond may come to the auditor’s attention. The auditor considers the effect of such information on designing the confirmation request and evaluating the results, including determining whether additional audit procedures are necessary. The auditor also considers whether there is sufficient basis for concluding that the confirmation request is being sent to a respondent from whom the auditor can expect a response that will provide sufficient appropriate audit evidence. For example, the auditor may encounter significant unusual year-end transactions that have a material effect on the financial statements, the transactions being with a third party that is economically dependent upon the entity. In such circumstances, the auditor and the audit firm consider whether the third party may be motivated to provide an inaccurate response.
The External Confirmation Process
32. When performing confirmation procedures, the auditor and the audit firm should maintain control over the process of selecting those to whom a request will be sent, the preparation and sending of confirmation requests, and the responses to those requests. Control is maintained over communications between the intended recipients and the auditor to minimize the possibility that the results of the confirmation process will be biased because of the interception and alteration of confirmation requests or responses. The auditor ensures that it is the auditor who sends out the confirmation requests, that the requests are properly addressed, and that it is requested that all replies are sent directly to the auditor. The auditor considers whether replies have come from the purported senders.
No Response to a Positive Confirmation Request
33. The auditor and the audit firm should perform alternative audit procedures where no response is received to a positive external confirmation request. The alternative audit procedures should be such as to provide audit evidence about the assertions that the confirmation request was intended to provide.
34. Where no response is received, the auditor and the audit firm ordinarily contact the recipient of the request to elicit a response. Where the auditor and the audit firm are unable to obtain a response, the auditor uses alternative audit procedures. The nature of alternative audit procedures varies according to the account and assertion in question. In the examination of accounts receivable, alternative audit procedures may include examination of subsequent cash receipts, examination of shipping documentation or other client documentation to provide audit evidence for the existence assertion, and examination of sales near the period-end to provide audit evidence for the cutoff assertion. In the examination of accounts payable, alternative audit procedures may include examination of subsequent cash disbursements or correspondence from third parties to provide audit evidence of the existence assertion, and examination of other records, such as goods received notes, to provide audit evidence of the completeness assertion.
Reliability of Responses Received
35. The auditor and the audit firm consider whether there is any indication that external confirmations received may not be reliable. The auditor considers the response’s authenticity and performs audit procedures to dispel any concern. The auditor may choose to verify the source and contents of a response in a telephone call to the purported sender. In addition, the auditor requests the purported sender to mail the original confirmation directly to the auditor. With ever-increasing use of technology, the auditor considers validating the source of replies received in electronic format (for example, fax or electronic mail). Oral confirmations are documented in the work papers. If the information in the oral confirmations is significant, the auditor requests the parties involved to submit written confirmation of the specific information directly to the auditor.
Causes and Frequency of Exceptions
36. When the auditor and the audit firm form a conclusion that the confirmation process and alternative audit procedures have not provided sufficient appropriate audit evidence regarding an assertion, the auditor should perform additional audit procedures to obtain sufficient appropriate audit evidence.
In forming the conclusion, the auditor considers the:
a) Reliability of the confirmations and alternative audit procedures;
b) Nature of any exceptions, including the implications, both quantitative and qualitative of those exceptions; and
c) Audit evidence provided by other audit procedures.
Based on this evaluation, the auditor determines whether additional audit procedures are needed to obtain sufficient appropriate audit evidence.
37. The auditor also considers the causes and frequency of exceptions reported by respondents. An exception may indicate a misstatement in the entity’s records, in which case, the auditor determines the reasons for the misstatement and assesses whether it has a material effect on the financial statements. If an exception indicates a misstatement, the auditor reconsiders the nature, timing and extent of audit procedures necessary to provide the audit evidence required.
Evaluating the Results of the Confirmation Process
38. The auditor should evaluate whether the results of the external confirmation process together with the results from any other audit procedures performed, provide sufficient appropriate audit evidence regarding the assertion being audited. In conducting this evaluation the auditor and the audit firm consider the guidance provided by VSA 530 Audit Sampling and Other Means of Testing.
External Confirmations Prior to the Year-End
39. When the auditor uses confirmation as at a date prior to the year-end to obtain audit evidence to support an assertion, the auditor obtains sufficient appropriate audit evidence that transactions relevant to the assertion in the intervening period have not been materially misstated. In fact, when inherent and control risks are low and medium, the auditor may decide to confirm balances at a date other than the period end, for example, when the audit is to be completed within a short time after the balance sheet date. As with all types of pre-year-end work, the auditor considers the need to obtain further audit evidence relating to the remainder of the period.
VIETNAMESE STANDARDS ON AUDITING
STANDARD 545
AUDITING FAIR VALUES MEASUREMENTS AND DISCLOSURES
(Issued in pursuance of the Minister of Finance Decision No. 101/2005/QD-BTC dated 29 December 2005)
GENERAL
01. The purpose of this Vietnamese Standard on Auditing (VSA) is to establish standards and provide guidance on auditing fair value measurements and disclosures contained in financial statements. This VSA assists the auditor and the audit firm with addressing audit considerations relating to the measurement, presentation and disclosure of material assets, liabilities and specific components of equity presented or disclosed at fair value in financial statements. Fair value measurements of assets, liabilities and components of equity may arise from both the initial recording of transactions and later changes in value. Changes in fair value measurements that occur over time may be treated in different ways under the regulations of the applicable accounting systems and standards.
02. The auditor and the audit firm should obtain sufficient appropriate audit evidence that fair value measurements and disclosures are in accordance with the regulations of the applicable accounting systems and standards.
03. This VAS applies to audits of financial statements and also applies to audits of other financial information, and related services rendered by the audit firm.
The auditor and the audit firm should comply with this VSA in conducting an audit of financial statements and rendering related services.
It is expected that the audited (client) entity and users of the audit report should possess essential knowledge as to the objective and general principles set out in this VSA in fulfilling its responsibility and in working with the auditor and the audit firm to deal with relations mainttained during the audit.
04. Management is responsible for making the fair value measurements and disclosures included in the financial statements. As part of fulfilling its responsibility, management needs to establish an accounting and financial reporting process for determining the fair value measurements and disclosures, select appropriate valuation methods, identify and adequately support any significant assumptions used, prepare the valuation and ensure that the presentation and disclosure of the fair value measurements are in accordance with the accounting system and standards which the entity applies.
05. Many measurements based on estimates, including fair value measurements, are inherently imprecise. In the case of fair value measurements, particularly those that do not involve contractual cash flows or for which market information is not available when making the estimate, fair value estimates often involve uncertainty in both the amount and timing of future cash flows. Fair value measurements also may be based on assumptions about future conditions, transactions or events whose outcome is uncertain and will therefore be subject to change over time. The auditor’s consideration of such assumptions is based on information available to the auditor at the time of the audit and the auditor is not responsible for predicting future conditions, transactions or events which, had they been known at the time of the audit, may have had a significant effect on management’s actions or management’s assumptions underlying the fair value measurements and disclosures. Assumptions used in fair value measurements are similar in nature to those required when developing other accounting estimates. VSA 540 Audit of Accounting Estimates provides guidance on auditing accounting estimates. This VSA also addresses considerations similar to those in VSA 540 and provides for others in the specific context of fair value measurements and disclosures in accordance with an applicable accounting system and standards.
06. Different accounting systems and standards require or permit a variety of fair value measurements and disclosures in financial statements. They also vary in the level of guidance that they provide on the basis for measuring assets and liabilities or the related disclosures. Some accounting systems and standards give prescriptive guidance, others give general guidance, and some give no guidance at all. In addition, certain industry-specific measurement and disclosure practices for fair values also exist. While this VSA provides guidance on auditing fair value measurements and disclosures, it does not address specific types of assets or liabilities, transactions, or industry-specific practices.
07. In VAS Frameworks, underlying the concept of fair value measurements is a presumption that the entity is a going concern in a foreseeable future, that is, it has no intention or obligation to liquidate, curtail materially the scale of its operations, or undertake a transaction on adverse terms. Therefore, in this case, fair value would not be the amount that an entity would receive or pay in a forced transaction, involuntary liquidation, or distress sale. An entity, however, may need to take its current economic or operating situation into account in determining the fair values of its assets and liabilities if prescribed or permitted to do so by applicable accounting systems or standards and such accounting framework may or may not specify how that is done. For example, management’s plan to dispose of an asset on an accelerated basis to meet specific business objectives may be relevant to the determination of the fair value of that asset.
08. The measurement of fair value may be relatively simple for certain assets or liabilities, for example, assets that are bought and sold in active and open markets that provide readily available and reliable information on the prices at which actual exchanges occur. The measurement of fair value for other assets or liabilities may be more complex. A specific asset may not have an active market or may possess characteristics that make it necessary for management to estimate its fair value (for example, an investment property or a derivative financial instrument). The estimation of fair value may be achieved through the use of a valuation model (for example, discounting of future cash flows) or through the assistance of an expert, such as an independent valuer.
09. The uncertainty associated with an item, or the lack of objective data may make it incapable of reasonable estimation, in which case, the auditor considers whether the auditor’s report needs modification to comply with VSA 700 The Auditor’s Report on Financial Statements.
CONTENTS OF THE VSA
Understanding the Entity’s Process for Determining Fair Value Measurements and Disclosures and Relevant Control Activities, and Assessing Risk
10. The auditor and the audit firm should obtain an understanding of the entity’s process for determining fair value measurements and disclosures and of the relevant control activities to identify and assess assertion-level risk to design and perform further audit procedures.
11. Management is responsible for establishing an accounting and financial reporting process for determining fair value measurements. In some cases, the measurement of fair value and therefore the process set up by management to determine fair value may be simple and reliable. For example, management may be able to refer to published price quotations to determine fair value for marketable securities held by the entity. Some fair value measurements, however, are inherently more complex than others and involve uncertainty about the occurrence of future events or their outcome, and therefore assumptions that may involve the use of judgment need to be made as part of the measurement process. The auditor’s understanding of the measurement process, including its complexity, helps identify and assess the risks of material misstatement in order to determine the nature, timing and extent of the audit procedures.
12. When obtaining an understanding of the entity's process for determining fair value measurements and disclosures, the auditor considers, for example:
a) The relevant control activities over the process used to determine fair value measurements, including, for example, controls over data and the segregation of duties between those committing the entity to the underlying transactions and those responsible for undertaking the valuations;
b) The expertise and experience of those persons determining the fair value measurements;
c) The role that information technology has in the process;
d) The types of accounts or transactions requiring fair value measurements or disclosures (for example, whether the accounts arise from the recording of routine and recurring transactions or whether they arise from non-routine or unusual transactions);
e) The extent to which the entity uses service organizations to provide fair value measurements or the data that supports the measurement. When an entity uses a service organization, the auditor complies with the requirements of VSA 402 Audit Considerations Relating to Entities Using Service Organizations;
f) The extent to which the entity uses the work of experts in determining fair value measurements and disclosures (see paragraphs 29–32 of this VSA);
g) The significant management assumptions used by management in determining fair value;
h) The documentation supporting management’s assumptions;
i) The methods used to develop and apply management assumptions and controls to monitor changes in those assumptions;
j) The integrity of change controls and security procedures for valuation models and relevant information systems, including approval processes; and
k) The controls over the consistency, timeliness and reliability of the data used in valuation models.
13. VSA 400 requires the auditor to obtain an understanding of the components of the accounting and internal control systems to plan the audit. It is required in particular by this VSA the auditor and the audit firm obtain a sufficient understanding of the entity’s fair value measurements and disclosures in order to design the nature, timing and extent of the further audit procedures.
14. After obtaining an understanding of the entity’s process for determining fair value measurements and disclosures, the auditor and the audit firm should identify and assess the significant assertion-level risks related to the fair value measurements and disclosures in the financial statements to determine the nature, timing and extent of the further audit procedures.
15. The degree to which a fair value measurement is susceptible to misstatement is an inherent risk. Consequently, the nature, timing and extent of the further audit procedures will depend upon the susceptibility to misstatement of a fair value measurement and whether the process for determining fair value measurements is relatively simple or complex. Where the auditor has determined that the risk of material misstatement related to a fair value measurement or disclosure is a significant risk, the auditor follows the requirements of VSA 400 Risk Assessments and Internal Control.
16 VSA 400 discusses the inherent limitations of internal controls. As fair value determinations often involve subjective judgments by management, this may affect the nature of control activities that are capable of being implemented. The susceptibility to misstatement of fair value measurements also may increase as the accounting and financial reporting requirements for fair value measurements become more complex. The auditor considers the inherent limitations of controls in such circumstances in assessing the risk of material misstatement.
Evaluating the Appropriateness of Fair Value Measurements and Disclosures
17. The auditor and the audit firm should evaluate whether the fair value measurements and disclosures in the financial statements are in accordance with the accounting system and standards which the entity applies.
18. The auditor’s understanding of the requirements of the applicable accounting system and standards and knowledge of the business and industry, together with the results of other audit procedures, are used to assess whether the accounting for assets or liabilities requiring fair value measurements is appropriate, and whether the disclosures about the fair value measurements and significant uncertainties related thereto are appropriate under the accounting system and standards.
19. The evaluation of the appropriateness of the entity’s fair value measurements under the applicable accounting system and standards and the evaluation of audit evidence depends, in part, on the auditor’s knowledge of the nature of the business. This is particularly true where the asset or liability or the valuation method is highly complex. For example, derivative financial instruments may be highly complex, with a risk that differing interpretations of how to determine fair values will result in different conclusions. The measurement of the fair value of some items, for example “in-process research and development” or intangible assets acquired in a business combination, may involve special considerations that are affected by the nature of the entity and its operations if such considerations are appropriate under the accounting system and standards which the entity applies. Also, the auditor’s knowledge of the business, together with the results of other audit procedures, may help identify assets for which management needs to recognize impairment by using a fair value measurement pursuant to the accounting system and standards.
20. Where the method for measuring fair value is specified by the applicable accounting system and standards, for example, the requirement that the fair value of a marketable security be measured using quoted market prices as opposed to using a valuation model, the auditor considers whether the measurement of fair value is consistent with that method.
21. Some accounting standards presume that fair value can be measured reliably for assets or liabilities as a prerequisite to either requiring or permitting fair value measurements or disclosures. In some cases, this presumption may be overcome when an asset or liability does not have a quoted market price in an active market and for which other methods of reasonably estimating fair value are clearly inappropriate or unworkable. When management has determined that it has overcome the presumption that fair value can be reliably determined, the auditor obtains sufficient appropriate audit evidence to support such determination, and whether the item is properly accounted for under the applicable accounting system and standards.
22. The auditor should obtain audit evidence about management’s intent to carry out specific courses of action, and consider its ability to do so, where relevant to the fair value measurements and disclosures under the applicable accounting system and standards.
23. In some accounting systems and standards, management’s intentions with respect to an asset or liability are criteria for determining measurement, presentation, and disclosure requirements, and how changes in fair values are reported within financial statements. In such accounting frameworks, management’s intent is important in determining the appropriateness of the entity’s use of fair value. Management often documents plans and intentions relevant to specific assets or liabilities and the applicable accounting system and standards may require it to do so. While the extent of audit evidence to be obtained about management’s intent is a matter of professional judgment, the auditor’s procedures ordinarily include inquiries of management, with appropriate corroboration of responses, for example, by:
a) Considering management’s past history of carrying out its stated intentions with respect to assets or liabilities;
b) Reviewing written plans and other documentation, including, where applicable, budgets, minutes, etc;
c) Considering management’s stated reasons for choosing a particular course of action;
d) Considering management’s ability to carry out a particular course of action given the entity’s economic circumstances, including the implications of its contractual commitments. The auditor also considers management’s ability to pursue a specific course of action if ability is relevant to the use, or exemption from the use, of fair value measurement under the applicable accounting system and standards.
24. Where alternative methods for measuring fair value are available under the accounting system and standards which the entity applies, or where the method of measurement is not prescribed, the auditor and the audit firm should evaluate whether the method of measurement is appropriate in the circumstances under the applicable accounting system and standards.
25. The auditor should evaluate whether the method of measurement of fair value is appropriate in the circumstances require the use of professional judgment. When management selects one particular valuation method from alternative methods available under the accounting system and standards which the entity applies, the auditor obtains an understanding of management’s rationale for its selection by discussing with management its reasons for selecting the valuation method. The auditor considers whether:
a) Management has sufficiently evaluated and appropriately applied the criteria, if any, provided in the applicable accounting system and standards to support the selected method;
b) The valuation method is appropriate in the circumstances given the nature of the asset or liability being valued and the accounting system and standards which the entity applies; and
c) The valuation method is appropriate in relation to the business, industry and environment in which the entity operates.
26. Management may have determined that different valuation methods result in a range of significantly different fair value measurements. In such cases, the auditor evaluates how the entity has investigated the reasons for these differences in establishing its fair value measurements.
27. The auditor and the audit firm should evaluate whether the entity’s method for its fair value measurements is applied consistently.
28. Once management has selected a specific valuation method, the auditor evaluates whether the entity has consistently applied that basis in its fair value measurement, and if so, whether the consistency is appropriate considering possible changes in the environment or circumstances affecting the entity, or changes in the requirements of the accounting system and standards which the entity applies. If management has changed the valuation method, the auditor considers whether management can adequately demonstrate that the valuation method to which it has changed provides a more appropriate basis of measurement, or whether the change is supported by a change in the requirements of the applicable accounting system and standards or a change in circumstances. For example, the introduction of an active market for a particular class of asset or liability may indicate that the use of discounted cash flows to estimate the fair value of such asset or liability is no longer appropriate.
Using the Work of an Expert
29. The auditor and the audit firm should determine the need to use the work of an expert. The auditor may have the necessary skill and knowledge to plan and perform audit procedures related to fair values or may decide to use the work of an expert. In making such a determination, the auditor considers the matters discussed in VSA 620 Using the Work of an Expert.
30. If the use of such an expert is planned, the auditor obtains sufficient appropriate audit evidence that such work is adequate for the purposes of the audit, and complies with the requirements of VSA 620.
31. When planning to use the work of an expert, the auditor considers whether the expert’s understanding of the definition of fair value and the method that the expert will use to determine fair value are consistent with that of management and the requirements of the applicable accounting system and standards. For example, the method used by an expert for estimating the fair value of real estate or a complex derivative, or the actuarial methodologies developed for making fair value estimates of insurance obligations, reinsurance receivables and similar items, may not be consistent with the measurement principles of the applicable accounting system and standards. Accordingly, the auditor considers such matters, often by discussing, providing or reviewing instructions given to the expert or when reading the report of the expert.
32. In accordance with VSA 620, the auditor and the audit firm assesses the appropriateness of the expert’s work as audit evidence. While the reasonableness of assumptions and the appropriateness of the methods used and their application are the responsibility of the expert, the auditor obtains an understanding of the significant assumptions and methods used, and considers whether they are appropriate, complete and reasonable, based on the auditor’s knowledge of the business and the results of other audit procedures. The auditor often considers these matters by discussing them with the expert. Paragraphs 39 through 49 discuss the auditor’s evaluation of significant assumptions used by management, including assumptions relied upon by management based on the work of an expert.
Audit Procedures Responsive to the Risk of Material Misstatement of the Entity’s Fair Value Measurements and Disclosures
33. The auditor and the audit firm should design and perform further audit procedures in response to assessed risks of material misstatement of assertions relating to the entity’s fair value measurements and disclosures.
34. Because of the wide range of possible fair value measurements, from relatively simple to complex, the auditor’s procedures can vary significantly in nature, timing and extent. For example, substantive procedures relating to the fair value measurements may involve (a) testing management’s significant assumptions, the valuation model, and the underlying data (see paragraphs 39–49), (b) developing independent fair value estimates to corroborate the appropriateness of the fair value measurement (see paragraph 52), or (c) considering the effect of subsequent events on the fair value measurement and disclosures (see paragraphs 53–55).
35. The existence of published price quotations in an active market ordinarily is the best audit evidence of fair value. Some fair value measurements, however, are inherently more complex than others. This complexity arises either because of the nature of the item being measured at fair value or because of the valuation method required by the applicable accounting system and standards or selected by management. For example, in the absence of quoted prices in an active market, some accounting standards permit an estimate of fair value based on an alternative basis such as a discounted cash flow analysis or a comparative transaction model. Complex fair value measurements normally are characterized by greater uncertainty regarding the reliability of the measurement process. This greater uncertainty may be a result of:
- Length of the forecast period;
- The number of significant and complex assumptions associated with the process;
- A higher degree of subjectivity associated with the assumptions and factors used in the process;
- A higher degree of uncertainty associated with the future occurrence or outcome of events underlying the assumptions used; and
- Lack of objective data when highly subjective factors are used.
36. The auditor’s understanding of the measurement process, including its complexity, helps guide the auditor’s determination of the nature, timing and extent of audit procedures to be performed. The following are examples of considerations in the development of audit procedures:
a) Using a price quotation to obtain audit evidence about valuation may require an understanding of the circumstances in which the quotation was developed. For example, where quoted securities are held for investment purposes, valuation at the listed market price may require adjustment under the accounting system and standards which the entity applies if the holding is significantly large in size or is subject to restrictions in marketability.
b) When using audit evidence provided by a third party, the auditor considers its reliability. For example, when information is obtained through the use of external confirmations, the auditor considers the respondent’s competence, independence, authority to respond, knowledge of the matter being confirmed, and objectivity in order to be satisfied with the reliability of the evidence.
c) Audit evidence supporting fair value measurements, for example, a valuation by an independent valuer, may be obtained at a date that does not coincide with the date at which the entity is required to measure and report that information in its financial statements. In such cases, the auditor obtains audit evidence that management has taken into account the effect of events, transactions and changes in circumstances occurring between the date of fair value measurement and the reporting date.
d) Collateral often is assigned for certain types of investments in debt instruments that either are required to be measured at fair value or are evaluated for possible impairment. If the collateral is an important factor in measuring the fair value of the investment or evaluating its carrying amount, the auditor obtains sufficient appropriate audit evidence regarding the existence, value, rights and access to or transferability of such collateral, including consideration whether all appropriate liens have been filed, and considers whether appropriate disclosures about the collateral have been made under the accounting system and standards which the entity applies.
e) In some situations, additional audit procedures, such as the inspection of an asset by the auditor, may be necessary to obtain sufficient appropriate audit evidence about the appropriateness of a fair value measurement. For example, inspection of an investment property may be necessary to obtain information about the current physical condition of the asset relevant to its fair value, or inspection of a security may reveal a restriction on its marketability that may affect its value.
Testing Management’s Significant Assumptions, the Valuation Model, and the Underlying Data
37. The auditor and the audit firm’s understanding of the reliability of the process used by management to determine fair value is an important element in support of the resulting amounts and therefore affects the nature, timing, and extent of further audit procedures. A reliable process for determining fair value is one that results in reasonably consistent measurement and, where relevant, presentation and disclosure of fair value when used in similar circumstances. When obtaining audit evidence about the entity’s fair value measurements and disclosures, the auditor and the audit firm evaluate whether:
a) The assumptions used by management are reasonable;
b) The fair value measurement was determined using an appropriate model, if applicable; and
c) Management used relevant information that was reasonably available at the time.
38. Estimation techniques and assumptions and the auditor’s consideration and comparison of fair value measurements determined in prior periods, if any, to results obtained in the current period may provide audit evidence of the reliability of management’s processes. However, the auditor and the audit firm also consider whether such variances result from changes in economic circumstances.
39. Where the auditor and the audit firm determine there is a significant risk related to fair values, or where otherwise applicable, the auditor should evaluate whether the significant assumptions used by management in measuring fair values, taken individually and as a whole, provide a reasonable basis for the fair value measurements and disclosures in the entity’s financial statements.
40. It is necessary for management to make assumptions, including assumptions relied upon by management based upon the work of an expert, to develop fair value measurements. Assumptions are integral components of more complex valuation methods, for example valuation methods that employ a combination of estimates of expected future cash flows together with estimates of the values of assets or liabilities in the future, discounted to the present. The auditor and the audit firm pay particular attention to the significant assumptions underlying a valuation method and evaluate whether such assumptions are reasonable. To provide a reasonable basis for the fair value measurements and disclosures, assumptions need to be relevant, reliable, neutral, understandable and complete.
41. Specific assumptions will vary with the characteristics of the asset or liability being valued and the valuation method used (for example, replacement cost, direct comparison or income-based approach). For example, where discounted cash flows (an income-based approach) are used as the valuation method, there will be assumptions about the level of cash flows, the period of time used in the analysis, and the discount rate.
42. Assumptions ordinarily are supported by differing types of audit evidence from internal and external sources that provide objective support for the assumptions used. The auditor and the audit firm assess the source and reliability of audit evidence supporting management’s assumptions, including consideration of the assumptions in light of historical information and an evaluation of whether they are based on plans that are within the entity’s capacity.
43. Audit procedures dealing with management’s assumptions are performed in the context of the audit of the entity’s financial statements. The objective of the audit procedures is therefore not intended to obtain sufficient appropriate audit evidence to provide an opinion on the assumptions themselves. Rather, the auditor and the audit firm perform audit procedures to consider whether the assumptions provide a reasonable basis in measuring fair values in the context of an audit of the financial statements taken as a whole.
44. Identifying those assumptions that appear to be significant to the fair value measurement requires the exercise of judgment by management. The auditor and the audit firm focus attention on significant assumptions. Generally, significant assumptions cover matters that materially affect the fair value measurement and may include those that are:
a) Sensitive to variation or uncertainty in amount or nature. For example, assumptions about short-term interest rates may be less susceptible to significant variation compared to assumptions about long-term interest rates; and
b) Susceptible to misapplication or bias.
45. The auditor and the audit firm consider the sensitivity of the valuation to changes in significant assumptions, including market conditions that may affect the value. Where applicable, the auditor and the audit firm encourage management to use such techniques as sensitivity analysis to help identify particularly sensitive assumptions. In the absence of such management analysis, the auditor considers whether to employ such techniques. The auditor and the audit firm also consider whether the uncertainty associated with a fair value measurement, or the lack of objective data may make it incapable of reasonable estimation under the accounting system and standards the entity applies.
46. The consideration of whether the assumptions provide a reasonable basis for the fair value measurements relates to the whole set of assumptions as well as to each assumption individually. Assumptions are frequently interdependent, and therefore, need to be internally consistent. A particular assumption that may appear reasonable when taken in isolation may not be reasonable when used in conjunction with other assumptions. The auditor and the audit firm consider whether management has identified the significant assumptions and factors influencing the measurement of fair value.
47. The assumptions on which the fair value measurements are based (for example, the discount rate used in calculating the present value of future cash flows) ordinarily will reflect what management expects will be the outcome of specific objectives and strategies. To be reasonable, such assumptions, individually and taken as a whole, also need to be realistic and consistent with:
a) The general economic environment and the entity’s economic circumstances;
b) The plans of the entity;
c) Assumptions made in prior periods, if appropriate;
d) Past experience of, or previous conditions experienced by, the entity to the extent currently applicable;
e) Other matters relating to the financial statements, for example, assumptions used by management in accounting estimates for financial statement accounts other than those relating to fair value measurements and disclosures; and
f) If applicable, the risk associated with cash flows, including the potential variability of the cash flows and the related effect on the discounted rate.
Where assumptions are reflective of management’s intent and ability to carry out specific courses of action, the auditor and the audit firm consider whether they are consistent with the entity’s plans and past experience (see paragraphs 22 and 23).
48. If management relies on historical financial information in the development of assumptions, the auditor and the audit firm considers the completeness and appropriateness of such information. However, historical information might not be representative of future conditions or events, for example, if management intends to engage in new activities or circumstances change.
49. For items valued by the entity using a valuation model, the auditor and the audit firm are not expected to substitute their judgment for that of the entity’s management. Rather, the auditor and the audit firm review the model, and evaluate whether the model is appropriate and the assumptions used are reasonable. For example, it may be inappropriate to use a discounted cash flow method in valuing an equity investment in a start-up enterprise if there are no current revenues on which to base the forecast of future earnings or cash flows.
50. The auditor and the audit firm should perform audit procedures on the data used to develop the fair value measurements and disclosures and evaluate whether the fair value measurements have been properly determined from such data and management’s assumptions.
51. The auditor and the audit firm evaluate whether the data on which the fair value measurements are based, including the data used in the work of an expert, are accurate, complete and relevant; and whether the fair value measurements have been properly determined using such data and management’s assumptions. Examples may include audit procedures such as verifying the source of the data, mathematical recalculation and reviewing of information for internal consistency, including whether such information is consistent with management’s intent to carry out specific courses of action discussed in paragraphs 22 and 23.
Developing Independent Fair Value Estimates for Corroborative Purposes
52. The auditor and the audit firm may make an independent estimate of fair value (for example, by using an auditor-developed model) to corroborate the entity’s fair value measurement. When developing an independent estimate using management’s assumptions, the auditor and the audit firm evaluate those assumptions as discussed in paragraphs 39-49. Instead of using management’s assumptions the auditor and the audit firm may develop separate assumptions to make a comparison with management’s fair value measurements. In that situation, the auditor and the audit firm nevertheless understand management’s assumptions. The auditor and the audit firm use that understanding to determine that the auditor’s model considers the significant variables and to evaluate any significant difference from management’s estimate. The auditor and the audit firm also perform audit procedures on the data used to develop the fair value measurements and disclosures as discussed in paragraphs 50 and 51. The auditor and the audit firm consider the guidance contained in VSA 520 Analytical Procedures when performing these procedures during an audit.
Subsequent Events
53. The auditor and the audit firm should consider the effect of subsequent events on the fair value measurements and disclosures in the financial statements.
54. Transactions and events that occur after period-end but prior to completion of the audit, may provide appropriate audit evidence regarding the fair value measurements made by management. For example, a sale of investment property shortly after the period-end may provide audit evidence relating to the fair value measurement.
55. In the period after a financial statement period-end, however, circumstances may change from those existing at the period-end. Fair value information after the period -end may reflect events occurring after the period-end and not the circumstances existing at the balance sheet date. For example, the prices of actively traded marketable securities that change after the period-end ordinarily do not constitute appropriate audit evidence of the values of the securities that existed at the period-end. The auditor complies with VSA 560 Subsequent Events when evaluating audit evidence relating to such events.
Disclosures about Fair Values
56. The auditor and the audit firm should evaluate whether the disclosures about fair values made by the entity are in accordance with the applicable accounting system and standards.
57. Disclosure of fair value information is an important aspect of financial statements in many accounting standards. Often, fair value disclosure is required because of the relevance to users in the evaluation of an entity’s performance and financial position. In addition to the fair value information required by the applicable accounting system and standards, some entities disclose voluntary additional fair value information in the notes to the financial statements.
58. When auditing fair value measurements and related disclosures included in the notes to the financial statements, whether required by the applicable accounting system and standards or disclosed voluntarily, the auditor and the audit firm ordinarily perform essentially the same types of audit procedures as those employed in auditing a fair value measurement recognized in the financial statements. The auditor and the audit firm obtain sufficient appropriate audit evidence that the valuation principles are appropriate under the accounting system and standards which the entity applies, are being consistently applied, and the method of estimation and significant assumptions used are properly disclosed in accordance with the applicable accounting system and standards. The auditor and the audit firm also consider whether voluntary information may be inappropriate in the context of the financial statements. For example, management may disclose a current sales value for an asset without mentioning that significant restrictions under contractual arrangements preclude the sale in the immediate future.
59. The auditor and the audit firm evaluate whether the entity has made appropriate disclosures about fair value information as called for by its accounting system. If an item contains a high degree of measurement uncertainty, the auditor assesses whet--her the disclosures are sufficient to inform users of such uncertainty. For example, the auditor might evaluate whether disclosures about a range of amounts, and the assumptions used in determining the range, within which the fair value is reasonably believed to lie is appropriate under the accounting system and standards which the entity applies, when management considers a single amount presentation not appropriate. Where applicable, the auditor and the audit firm also consider whether the entity has complied with the accounting and disclosure requirements relating to changes in the valuation method used to determine fair value measurements.
60. When disclosure of fair value information under the applicable accounting system and standards is omitted because it is not practicable to determine fair value with sufficient reliability, the auditor evaluates the adequacy of disclosures required in these circumstances. If the entity has not appropriately disclosed fair value information required by the applicable accounting system and standards, the auditor evaluates whether the financial statements are materially misstated by the departure from the applicable accounting system and standards.
Evaluating the Results of Audit Procedures
61. In making a final assessment of whether the fair value measurements and disclosures in the financial statements are in accordance with the accounting system and standards which the entity applies, the auditor and the audit firm should evaluate the sufficiency and appropriateness of the audit evidence obtained as well as the consistency of that evidence with other audit evidence obtained and evaluated during the audit.
62. When assessing whether the fair value measurements and disclosures in the financial statements are in accordance with the applicable accounting system and standards, the auditor and the audit firm evaluate the consistency of the information and audit evidence obtained during the audit of fair value measurements with other audit evidence obtained during the audit, in the context of the financial statements taken as a whole. For example, the auditor and the audit firm consider whether there is or should be a relationship or correlation between the interest rates used to discount estimated future cash flows in determining the fair value of an investment property and interest rates on borrowings currently being incurred by the entity to acquire investment property.
Management Representations
63. The auditor and the audit firm should obtain written representations from management regarding the reasonableness of significant assumptions, including whether they appropriately reflect management’s intent and ability to carry out specific courses of action on behalf of the entity where relevant to the fair value measurements or disclosures.
64. VSA 580 Management Representations discusses the use of management representations as audit evidence. Depending on the nature, materiality and complexity of fair values, management representations about fair value measurements and disclosures contained in the financial statements also may include representations about the following:
a) The appropriateness of the measurement methods, including related assumptions, used by management in determining fair values within the applicable framework, and the consistency in application of the methods;
b) The basis used by management to overcome the presumption relating to the use of fair value set forth under the accounting system and standards which the entity applies;
c) The completeness and appropriateness of disclosures related to fair values under the accounting system and standards which the entity applies; and
d) Whether subsequent events require adjustment to the fair value measurements and disclosures included in the financial statements.
Communication with Those Charged with Governance
65. The auditor and the audit firm should communicate audit matters of governance interest with those charged with governance. Because of the uncertainties often involved with some fair value measurements, the potential effect on the financial statements of any significant risks may be of governance interest. For example, the auditor and the audit firm consider communicating the nature of significant assumptions used in fair value measurements, the degree of subjectivity involved in the development of the assumptions, and the relative materiality of the items being measured at fair value to the financial statements as a whole.
VIETNAMESE DOCUMENTS
This utility is available to subscribers only. Please log in to a subscriber account to download. Don’t have an account? Register here
ENGLISH DOCUMENTS
This utility is available to subscribers only. Please log in to a subscriber account to download. Don’t have an account? Register here