Financial audit process
Below are primary steps of the financial audit process:
Pre-engagement procedures
Before the audit begins, the auditor performs pre-engagement acceptance or continuance procedures.
This includes:
• an independence assessment
• a pre-engagement assessment
• communications with the previous auditor (if applicable)
Once the pre-engagement assessment is complete, the auditor issues an Engagement Letter with:
• engagement objectives, scope, and limitations
• management’s responsibilities
• responsibility for adjustments
• the auditor’s responsibilities
• other matters, such as fees
Risk assessment
During the planning phase, auditors gather information about your entity by:
• asking key employees questions to identify potential risks
• reviewing previous years’ results to identify major changes and confirm scope, materiality, timing, audit assignments, and the audit approach
In addition, we seek information such as:
• financial statements
• budgets
• financial performance measures/metrics
• audit committee minutes
• filings with regulators
• judgements
• estimates
• business drivers
• policy and procedure manuals
• vision, mission, values
• objectives
• strategies
• organizational structure
• board of directors meeting minutes
• job descriptions
• operating performance
• non-financial performance measures
• creditors
• media
• analyst reports
• government agency reports
• Internet reports
Staff involvement
Auditors must obtain a reasonable understanding of internal controls to plan the audit. Having staff available to assist the auditor makes the process of writing down systems and updating documentation more efficient.
Inform the auditor of significant changes in your business processes, so the potential impact can be assessed in advance of the audit completion target and audit plans can be adjusted.
Walkthroughs
For each significant business process identified, the auditor performs a walkthrough to ensure the entity is operating as documented. A walkthrough includes questioning personnel, observing specific controls and inspecting documents. The walkthrough addresses control implementation at a point in time.
After the walkthroughs are completed, the design and implementation of internal control are evaluated. The risk of material misstatement is evaluated and segments that require special consideration are identified. Audit procedures are then designed by our staff.
Risk response
The audit team spends much of this phase performing the procedures outlined in the risk assessment phase. This involves obtaining confirmations, performing substantive tests, analytical procedures, and inquiring with management. The auditor provides an information needs list prior to coming for the year-end visit. This list itemizes schedules and working papers required by the auditor for each financial statement component and the scheduled completion date.
In addition, we suggest that:
• each schedule be assigned to specific employees to make the process easier to manage
• schedule and working paper formats be determined and agreed-upon by yourself and the auditor to minimize staff time spent assembling information and reviewing material
• the schedules and documentation identified in the information needs list are assembled in a well-structured financial statement file
Well-structured financial statement files
An effective file supports the preparation of financial statements and decreases questions and information requests by the auditor.
A good file:
• supports numbers in the financial statements and notes
• includes schedules and reports used to compile the financial statement numbers
• contains schedules and reports that tie directly to the accounting records and illustrate accounts in the trial balance have been completely included in the financial statements
• the organization of the file is driven by the financial statement components (e.g., the file could be organized in order of assets, liabilities, revenues, and expenses); and
• an analysis of significant variances from year-to-year
Analytical review
Analytical review is a valuable tool for understanding the nature of changes in the balances and transactions of an organization and in evaluating the reasonableness of the numbers.
A good analytical review incorporates a description of:
• the nature of the component (i.e., what is it comprised of)
• what occurred during the year and whether the variance between years is reasonable
Reporting
Audit findings are initially communicated to management and then presented to those charged with governance (e.g. audit committees) in an audit findings report which includes a draft independent auditor’s report and a management letter. A management letter outlines issues encountered during the year and recommendations for improvement. A final version of the independent auditor’s report with the Auditor General’s signature is provided after final approval of the financial statements by those charged with governance (e.g. Board of Directors).
Throughout this process, you can expect:
• a letter that communicates the auditor’s independence and compliance with relevant professional standards
• disclosure of all relationships between the auditor and the entity and its related entities that may affect the auditor’s independence
Follow-up
Issues that were identified at year-end are examined in the next audit cycle to see if recommendations were implemented.