INTRODUCTION
The necessity of the thesis
In today's market economy, the auditing profession is gaining significant trust and demand from society, necessitating improvements in both auditor competence and audit services High-profile collapses like Enron and Worldcom highlight the critical failures in detecting financial statement fraud, leading to inaccurate audit opinions that harm users and tarnish audit firms' reputations Auditors often struggle with applying effective procedures to identify risks of material misstatements, particularly as the complexity of accounting grows in publicly listed companies Additionally, audit firms frequently overlook evaluating control risks and rely on subjective judgments under time pressure, impacting the quality of their work As competition and revenue pressures mount, the quality and efficiency of audits become vital for client retention Thus, assessing material misstatement risks during the audit planning stage is crucial for ensuring audit quality, demanding careful attention and monitoring by audit firms throughout the process.
In Vietnam, numerous studies have focused on financial statement audits, such as the examination of factors affecting material misstatement risks in listed companies during the audit planning phase (Hoan Nguyen, Thi Kieu Trang Ngo & Thi Tam Le, 2020) However, there is a lack of qualitative research specifically addressing the assessment of these risks in the context of Big4 firms within Vietnamese stock market-listed enterprises This study aims to analyze the characteristics of risk assessment for material misstatements during the audit planning stage at EY Vietnam in relation to Vietnamese listed companies.
Following their tenure at EY Vietnam, the researcher acquired valuable insights into assessing the risk of material misstatements in financial statements during the audit planning phase Recognizing the importance of reducing these risks and enhancing efficiency for stakeholders, the researcher selected the topic “The Assessment of Risks of Material Misstatements of Financial Statements of Vietnamese Listed Enterprises in the Stage of Audit Planning - Case Study at Ernst & Young Vietnam Limited.”
Objectives of the research
This thesis examines the risk assessment of material misstatements in the financial statements of Vietnamese listed companies during the audit planning phase, with a specific focus on case studies conducted at Ernst & Young Vietnam Limited.
The research highlights the strengths and limitations of assessing the risk of material misstatements in the financial statements of Vietnamese listed enterprises during the audit planning stage, while also providing practical recommendations for process improvement.
What are the characteristics of the assessment of risks of material misstatements of financial statements of Vietnamese listed enterprises in the stage of audit planning?
Subjects and scope of the research
This research examines the risk assessment of material misstatements in the financial statements of Vietnamese listed companies during the audit planning phase, with a case study on Ernst & Young Vietnam Limited.
The thesis focuses on the cases study at Ernst & Young Vietnam Limited which are currently the clients of EY Vietnam
The thesis researches in the most recent accounting period 2019-2020 to be able to timely update useful information.
The research methodology
The thesis employs observational and descriptive methods, along with questionnaires, to gather both primary and secondary data at EY Vietnam Additionally, the researcher utilizes theoretical research methods to analyze and process information, while also incorporating statistical methods and practical experiences gained from real-world work.
Data sources: In this thesis, the researcher use two sources of data, which are primary data and secondary data
Those data collected by interview method from the research period at Ernst
&Young Vietnam aims to evaluate the perspectives on assessing the risks of material misstatements in the financial statements of Vietnamese listed companies during the audit planning phase The analysis will highlight both the advantages and limitations of the risk assessment process for these financial statements at this critical stage of auditing.
Those information and knowledge collected from EY Global Audit Methodology (EY GAM), Government Agencies and Line Ministries.
Contributions of the research
The thesis provides deeper understanding about the characteristics of the assessment of risks of material misstatements of financial statements of Vietnamese listed enterprises in the stage of audit planning
The thesis presents key recommendations for assessing the risks of material misstatements in the financial statements of Vietnamese listed enterprises during the audit planning phase.
The thesis consists of five chapters, which are Introduction, Literature review, Methodology, Findings & Discussions, and Conclusion & Recommendations, respectively
Chapter 1: Introduction, this chapter gives an overview of the motivation for the research, research objectives, research questions, research scope as well as research objects and new contributions of the research
Chapter 2: Literature review, in this chapter, the author presents definitions related to information disclosure as well as synthesizes theoretical knowledge of auditing and some related previous research
Chapter 3: Methodology, this chapter indicates contents related to the research process as well as describes the source of data and methods to collect
Chapter 4: Findings & Discussions, this chapter describes the audit planning and process currently applied for Vietnamese Listed Enterprises and discussion of research results through cases study
Chapter 5: Conclusion & Recommendations, this final chapter summarizes research contents, hence, some solutions will be suggested to the assessment of risks of material misstatements of financial statements of Vietnamese listed enterprises in the stage of audit planning
The first chapter of the thesis emphasizes the importance of the research topic and clearly outlines its objectives, scope, and key focus areas It also highlights several new contributions aimed at enhancing audit quality, specifically regarding the assessment of material misstatement risks in the financial statements of Vietnamese listed enterprises during the audit planning phase.
THEORETICAL PERSPECTIVES
Overview about auditing financial statements
The primary goal of auditing financial statements is to enhance their credibility for users by providing an independent auditor's opinion on their accuracy and fairness in all material aspects, as noted by Linda, E (1981) Auditing involves the systematic accumulation and evaluation of evidence regarding financial information during the audit period to assess its alignment with established criteria (Arens, A A et al, 2010) The Auditing Standards issued by the Public Company Accounting Oversight Board further emphasize that the objective of an independent auditor is to deliver an unbiased opinion on a company's financial statements.
An auditor's opinion reflects the financial health, operational results, and cash flows of a client, ensuring compliance with generally accepted accounting principles The auditor's report serves as the official document conveying this opinion, and in certain circumstances, may include a disclaimer of opinion (Simunic, D., 1980).
Audited financial statements are crucial for investors' decision-making, as highlighted by Frank (2001), who found that investors exposed to media reports often focus on negative news and misinterpret unaudited information as credible This tendency leads to inflated assessments of a firm's potential earnings, particularly among those who neglect to consider risk management programs Labeling reports as “audited” or “unaudited” can help mitigate these misconceptions Conversely, Brant et al (2014) demonstrated through an online survey that the presentation of critical audit matters significantly influences investment decisions Nonprofessional investors, such as business school graduates, were more likely to alter their choices when presented with critical audit matter paragraphs compared to standard audit reports or footnotes This underscores the importance of audit quality for both investors and companies (Joseph, 1992).
The relationship between audit firm size and audit quality remains a contentious topic in a perfectly competitive market for audit services The Big Four audit firms—Ernst & Young, Deloitte Touche Tohmatsu, Pricewaterhouse Coopers, and KPMG—hold a significant market share compared to smaller audit firms (Kimberly et al., 2011) Research by Marshall et al (2006) indicates that Big Four firms exhibit lower error rates than their non-Big Four counterparts, while Francis and Yu (2009) assert that audit quality is generally superior in Big Four firms, without dismissing the quality of smaller firms Conversely, Alastair et al (2011) argue that the audit quality between Big Four and non-Big Four firms is not significantly different, suggesting that the perceived quality gap may be overstated.
4 and non – Big 4 firm mainly reflected client characteristics and, more specifically, client size
The primary goal of a financial statement audit is to enhance the reliability of the statements through the auditor's opinion Additionally, auditing helps businesses identify their limitations and shortcomings, enabling them to devise solutions to mitigate risks and improve overall quality According to AICPA auditing standards, two main objectives of financial statement audits are established.
The auditor aims to gain reasonable assurance that the financial statements are free from material misstatement, whether caused by fraud or error This process allows the auditor to provide an opinion on the fair presentation of the financial statements in their entirety.
Report on the financial statements, and communicate as required by auditing standards, in accordance with the auditor’s findings
The outcome of an audit of financial statements is the auditor's opinion, which reflects the overall financial health of a business The adequacy of auditors in fulfilling their independent role and delivering appropriate opinions has garnered significant public interest (Habib, A 2013) Formulating an audit opinion is a complex process that involves assessing client acceptance, understanding the client's business, conducting internal control tests, gathering substantive audit evidence regarding account assertions, and aggregating results to form a final opinion (Felix and Kinney, 1982; Rittenberg et al., 2012) There are four primary types of audit opinions: Unqualified, Qualified, Adverse, and Disclaimer of opinion.
An unqualified opinion is also known as a clean opinion The auditor reports an unqualified opinion if the financial statements are presumed to be free from material misstatements
A qualified opinion may be given due to either a limitation in the scope of the audit or an accounting method that did not follow accounting standards
An adverse opinion signifies that financial statements fail to comply with applicable laws and regulations, featuring significant and widespread misstatements Consequently, investors, lenders, and financial institutions generally reject financial statements accompanied by adverse opinions when assessing debt covenants.
When an auditor cannot finalize an audit report due to missing financial records or lack of cooperation from management, they issue a disclaimer of opinion This situation, known as a scope limitation, signifies that the auditor is unable to form an opinion on the financial statements.
Overview about auditing financial statements in the planning stage
The auditing process, as outlined by Arens et al (2010), consists of four key phases: planning and designing an audit approach, conducting tests of control and substantive tests of transactions, performing substantive analytical procedures, and testing the details of balances Finally, the audit is completed with the issuance of an audit report These steps align with the Vietnamese Standards on Auditing (VSA), as detailed in the relevant decision.
According to 366 – 2016/QD – VACPA and VSA 220 issued by the Ministry of Finance, the auditing procedures for financial statements are categorized into three primary phases: Planning, Implementation, and Completion While the terminology and number of steps may vary, the essential procedures required for conducting an audit remain consistent The audit process for each item within the financial statements adheres to this structured sequence.
According to the VSA 300 guidelines, audit planning is an ongoing process that starts immediately after the conclusion of the previous audit and continues throughout the current audit period This phase involves a thorough review of activities and the necessary audit procedures that must be completed before moving on to the next stage of the audit.
The scope and strategy phase of an audit is crucial, as it lays the foundation for the entire engagement According to the first generally accepted auditing standard, thorough planning is essential to gather sufficient and appropriate evidence while keeping audit costs manageable This phase also helps prevent misunderstandings with clients, reduces legal liability, and upholds the audit firm's reputation within the business community.
The Scope and Strategy phase consists of 8 steps according to Audit and assurance services, 16th edition by Alvin Arens
First, accept client and perform initial audit planning
The engagement partner must ensure that proper procedures for accepting and continuing client relationships and audit engagements are followed This involves determining the client's reasons for the audit and gaining a thorough understanding of the client's needs Once the client is accepted, the audit contract and the audit team members for the engagement will be meticulously organized.
Acceptable audit risk is influenced by two key factors: the likelihood of misstatements and the intentions of financial statement users Auditors tend to gather more evidence when auditing public companies with significant debt or those facing imminent resolution The primary users of financial statements can often be identified through past experiences with the client and conversations with management.
During the audit engagement, the auditor gathers crucial insights regarding the client's reasons for the audit and the intended use of financial statements, which can influence the auditor's acceptable audit risk (AAR) For instance, if a company holds significant loans, the AAR is likely to decrease due to the heightened risk of breaching loan covenants, potentially resulting in going concern issues and the stringent demands imposed by banks or financial institutions for loan repayment.
Auditing standards mandate that auditors document their understanding with clients through an engagement letter, which outlines the objectives of the engagement, responsibilities of both the auditor and management, and any limitations involved This letter specifies restrictions on the auditor's work, deadlines for audit completion, assistance from client personnel in obtaining necessary records, and any schedules prepared for the auditor Additionally, it includes an agreement on fees and clarifies that the auditor cannot guarantee the detection of all fraudulent activities.
An auditor is unlikely to take on a new client or continue with an existing one if the acceptable audit risk falls below the risk threshold that the firm is prepared to accept.
At the conclusion of this phase, the auditor must formulate a preliminary audit strategy by evaluating the client's business and industry characteristics, while pinpointing areas with higher risks of significant misstatements Additionally, the auditor takes into account factors like the number of client locations and the historical effectiveness of client controls to shape the audit approach This strategic planning is essential for determining the necessary resources and staffing for the audit engagement.
Second, understand the client’s business and industry to obtain related information
To effectively assess the risks of material misstatements in financial statements, auditors must gain a comprehensive understanding of the entity and its environment, including its internal controls This foundational knowledge is crucial for determining the appropriate nature, timing, and extent of subsequent audit procedures, as highlighted by Arens et al (2010).
Effective internal control systems serve as essential guidelines for auditors, fostering a questioning mindset to detect fraud and errors Entities with strong construction practices may inflate historical asset costs by over-capitalizing interest receivables, while weak management with aggressive financial goals could understate loans in financial statements A robust internal control system lowers risk, allowing for higher materiality levels, which in turn reduces the volume of audit procedures required Conversely, a weaker internal control system increases control risk, necessitating lower materiality levels and more extensive audit procedures to uncover fraud and risks that affect the financial statement information.
Third, perform preliminary analytical procedures
After accepting the client and conducting initial audit planning, auditors carefully examine each item in the financial statements through preliminary analytical procedures This involves comparing financial ratios to industry averages and key competitors, which helps auditors identify areas with heightened risks of material misstatement (ROMMs).
Fourth, set preliminary judgement of material and planning materiality
Under Vietnamese Standards on Auditing No 320, misstatements are deemed material if they have the potential to impact the decisions of financial statement users Auditors apply this criterion during the planning and execution phases of an audit, as well as when assessing the implications of identified and uncorrected misstatements on both the audit process and the financial statements.
Materiality is typically determined by a percentage of net revenue, total assets, or profit before tax, requiring professional judgment This process often begins by applying a percentage to a selected benchmark to assess materiality for the overall financial statements By comparing client ratios to industry benchmarks, auditors can gauge the company's performance and identify unusual changes in ratios relative to previous years or industry averages Such preliminary assessments are crucial for pinpointing areas with heightened risks of material misstatements that necessitate further scrutiny during the audit (Arens, A A et al, 2010).
Factors that may affect the identification of an appropriate benchmark include the following:
The elements of the financial statements
Whether there are items on which the attention of the users of the particular entity’s financial statements tends to be focused
The nature of the entity, where the entity is in its life cycle, and the industry and economic environment in which the entity operates
The entity’s ownership structure and the way it is financed The relative volatility of the benchmark
Overview of considerations of risks of material misstatements in the audit planning
2.3.1 Definitions of risks of material misstatements in audit planning
ISA 315 defines the risks of material misstatements as the potential for financial statements to be significantly inaccurate before audit procedures are conducted These risks can be categorized into two levels: risks at the financial statement level and risks at the assertion level.
Risks of material misstatements at the financial statement level
Following the ISA 315, risks of material misstatements at the financial statement level refer to risks that:
Relate pervasively to the financial statements as a whole, and
Risks of this nature cannot be pinpointed to specific transactions, account balances, or disclosures Instead, they encompass conditions that broadly elevate the likelihood of material misstatements across various assertions.
ISA 200 outlines that the assessment of risks related to material misstatements occurs at the financial statement level This process is essential for gaining insights into the entity, its operational environment, and the relevant financial reporting framework, as well as for understanding the entity's internal processes.
Risks of material misstatements at the assertion level
Following the ISA 315, risks of material misstatements at the assertion level refer to risks that:
Have a likelihood of occurrence of misstatement, and
A magnitude that could result in a material misstatement, individually or in the aggregate, of the related relevant financial statement significant account assertions or disclosures without regard to controls
ISA 200 emphasizes the assessment of material misstatement risks at the assertion level to guide the nature, timing, and extent of necessary audit procedures for gathering sufficient and appropriate audit evidence Additionally, ISA 315 mandates a distinct evaluation of inherent risk and control risk for the identified material misstatement risks at this assertion level.
Inherent risk refers to the likelihood that a statement regarding a specific transaction, account balance, or disclosure may be materially misstated, either on its own or when combined with other misstatements, without taking into account any related controls.
Control risk refers to the possibility that a significant misstatement related to a transaction, account balance, or disclosure may occur and go undetected or uncorrected in a timely manner by the entity's internal control system This risk encompasses both individual misstatements and those that, when combined with others, could collectively be material.
2.3.2 The assessment of risks of material misstatements in audit planning
Following the ISA 315, the auditor consider the entity’s events and conditions, individually or when combined, to determine whether there are risk factors These are considered at the following table:
Table 2.1: Considerations for identifying risk factors
The auditor assess those risk factors to determine whether there is a risks of material misstatements at the financial statement level or to individual assertions
According to ISA 315, auditors are tasked with identifying and assessing the risks of material misstatements in financial statements Their primary objective is to evaluate these risks, whether stemming from fraud or error, at both the financial statement and assertion levels This assessment serves as a foundation for developing and implementing appropriate responses to address the identified risks of material misstatement.
ISA 200 outlines the primary goals of auditors when performing financial statement audits, emphasizing the necessity to gather sufficient and appropriate audit evidence to minimize audit risk to an acceptable level.
Under ISA 315, auditors assess risk factors, both individually and collectively, to identify potential risks of material misstatements This evaluation occurs prior to considering any related controls and involves analyzing the likelihood of occurrence and the potential magnitude of material misstatements.
When there is no reasonable possibility of material misstatements due to the assessment of identified risk factors, auditors do not need to document any risks of material misstatements in the audit files This occurs when the auditor determines that the risks are not present.
The likelihood of occurrence is low, regardless of the magnitude of misstatement
The auditor assesses the likelihood and magnitude of misstatements, identifying low-risk factors that could lead to material misstatements When a risk factor is deemed to have a significant likelihood of occurrence and a potential for material impact, the auditor evaluates whether this poses a risk of material misstatements at either the financial statement level or the assertion level for specific accounts or disclosures.
When a risks of material misstatements is pervasive at the financial statement level, the auditor design an overall response to address the pervasive risk
When a risk of material misstatement pertains to a specific assertion related to a significant account, class of transactions, or disclosure, the auditor identifies it as a risk at the assertion level This involves assessing the risk of material misstatements by determining the Control Risk Assessment (CRA) and designing appropriate substantive procedures tailored to address these specific risks, including inherent and control risks The implications of CRA on risk assessment are further elaborated in Appendix 01.
Risks of material misstatement at the financial statement level
Under ISA 300 and ISA 315, auditors must evaluate pervasive factors that impact the financial statements and their influence on inherent risk assessments for each relevant assertion These factors are identified during the planning procedures.
Auditors evaluate management's integrity concerning operations and internal controls by identifying key factors When negative indicators are detected, auditors assess their impact on the overall financial statements, as well as at specific account and assertion levels.
The auditor consider unusual pressures on management may identify factors that suggest undue pressure on management to report certain financial results
The auditor evaluates the entity's business nature and the extent of changes during the period, taking into account adjustments made in response to evolving market and environmental conditions, as well as internal operational modifications.
Factors affecting the entity’s industry
The auditor consider economic and competitive conditions as demonstrated by financial and non-financial trends and ratios, changes in technology, consumer demand, industry accounting practices
The influences of key stakeholders on management’s actions
The auditor consider stakeholders and their influence on operations, and on management action and inaction and the potential for management to manipulate results to meet stakeholder demands
The presence of risks of material misstatements due to fraud
The auditor identify such risks that may result in a risks of material misstatements in the financial statements
Management’s experience and knowledge of its industry and business, and its oversight over the preparation of the financial statements
The auditor consider management’s inexperience, because management’s inexperience may affect the preparation of financial statements, effective operation of the financial statement close process and effective monitoring of processes
Changes in management during the period, particularly in key accounting positions
The auditor consider management turnover such as personnel who are responsible for monitoring processes or recording journal entries
METHODOLOGY
Research methodology
This chapter summarizes the primary research methodology employed in the thesis, focusing on the audit process, which involves a structured set of procedures that auditors must adhere to To explore the assessment of material misstatements in financial statements during the audit planning stage at EY Vietnam, the researcher will detail the research methods, data sources, and data collection techniques used The objective is to enhance understanding of the risks associated with material misstatements in financial statements during audit planning at EY Vietnam and to propose improvements based on the assessment process, particularly for Vietnamese listed enterprises To achieve these research goals, the author carefully selected the most suitable methodological strategy, opting for a case study design as the primary research approach, as suggested by Mark & Philip’s classification of research designs.
Case study design, as defined by Mark & Philip (2009), is a research strategy that entails an empirical investigation of a contemporary phenomenon within its real-life context, utilizing multiple sources of evidence This approach allows for in-depth, contextual explorations of specific issues, making it particularly valuable for researchers seeking a comprehensive understanding of their research environment Due to its effectiveness, case study design is widely employed in both explanatory and exploratory research today.
In case study design, data collection techniques range from qualitative to quantitative methods, with qualitative approaches being more prevalent Researchers can utilize interviews, observations, documentary analysis, or questionnaires to gain in-depth insights into real-life cases Mark & Philip (2009) highlight that qualitative research methods are particularly effective for understanding respondents' perceptions and feelings This research focuses on the views of five employees at EY Vietnam regarding material misstatements in financial statements during the audit planning stage and their awareness of associated risks Therefore, the author has chosen to employ two qualitative methods: questionnaires and interviews, deemed the most suitable for this study Additionally, primary data collected through questionnaires is complemented by secondary data from professional guidelines, circulars, and relevant literature, resulting in a comprehensive analysis of the findings.
Source of data
This research utilized both primary and secondary data to enhance the quality of the findings, with primary sources including interviews and surveys from experienced professionals in the audit field The most reliable information was gathered directly from the audit process at client sites While these data collection methods are time-consuming and demanding, they are essential for thorough analysis and valid conclusions Specifically, primary data was collected through interviews during the research period at Ernst & Young Vietnam to identify risks of material misstatements during the audit planning stage.
Raw data not only confirms original findings but also allows researchers to investigate new hypotheses, especially when integrated with other publicly available datasets (Piwowar, H A., Day, R S., & Fridsma, D B., 2007) The broader research community benefits significantly from data sharing Consequently, secondary data, including insights from government agencies, line ministries, published surveys, journals, and the EY Global Audit Methodology (EY GAM), serves as essential resources for research endeavors.
Data collection method
According to Teherani (2015), the choice of data collection methods significantly influences the utilization and interpretation of collected information, as it is shaped by the researcher's methodology and analytical approach This thesis employed two distinct data collection methods: observational techniques and questionnaires, which are described in detail below.
According to Knupfer (1996), the descriptive and observational method is essential for researchers to effectively address the questions of what, when, where, and how related to specific research problems This method is particularly valuable for documenting and understanding various activities, actions, relationships, and cultural practices as they unfold In this thesis, the author will detail the data collected during their time at EY Vietnam, providing insights into the audit process observed at the firm The researcher’s hands-on experience and knowledge gained from performing audit procedures at client sites will enhance their ability to gather and analyze information, ultimately addressing the thesis question.
The second approach in data collection of this research is to give out questionnaires because it “consists of a heterogeneous collection of case studies” (Robert, K Y & Karen, A H., 2007)
Questionnaires offer significant advantages for efficiently acquiring primary data while saving time, energy, and costs They are particularly useful in overcoming geographical challenges, such as the distance between the researcher and the case study location, which can be effectively addressed through mail or online questionnaires This method is deemed appropriate for case study research design (Mark & Philip, 2009) According to Mark & Philip, a questionnaire consists of a structured set of written questions for respondents to answer There are two main types of questionnaire delivery methods.
One of the most common data collection methods for localized surveys is its ability to save time, allowing researchers to gather completed responses from participants quickly and efficiently.
Email surveys are particularly beneficial for research involving geographical challenges, offering a simple and cost-effective solution Researchers prepare a set of questions in advance and send them to relevant respondents, who can conveniently complete the questionnaires at home or work.
The author employed a mail questionnaire method in this study to explore the risks of material misstatements in financial statements during the audit planning stage at EY Vietnam.
The questionnaire, comprising five questions, aimed to assess the risk of material misstatements in the financial statements of Vietnamese listed enterprises during the audit planning stage It included both open-ended questions and a 5-point Likert scale to gather diverse opinions on the strengths and limitations of audit procedures The survey achieved an impressive response rate of 83%, with five out of six participants providing feedback Detailed questions and responses will be presented in Chapter 04.
In the analysis of auditor responses, the author selected Nam Long Investment Corporation to illustrate the auditor's opinion on the risk assessment of the Risk of Material Misstatement (ROMM) during the planning stage for Vietnamese listed companies Detailed information about the client can be found in Appendix 02.
This chapter provides a summary of the primary research methodology employed in the thesis, focusing on the audit process as a structured set of procedures that auditors must adhere to To explore the assessment of risks related to material misstatements in the financial statements of Vietnamese listed enterprises during the audit planning phase, the author will outline the research methods, data sources, and data collection techniques utilized in the study.
FINDING AND DISCUSSION
Observation and descriptive method for the assessment of risks of material
In audit planning, the lead audit senior must complete two important steps on Canvas platform: Pre-engagement and Risk assessment
The initial stage of Ernst & Young's audit process, both in Vietnam and globally, involves understanding service requirements, defining the audit scope, and forming an audit team The firm evaluates whether to continue servicing existing clients or transition to new ones Once the decision to proceed is made, auditors analyze the client's business characteristics and environment, assess the complexity and professionalism of the client's information system, and evaluate internal controls The audit team discusses potential risks, fraud, and errors, ultimately determining the planning materiality (PM) level for financial statements, item-level materiality (TE), and summarizing audit differences (SAD) while identifying significant items and relevant databases.
Key personnel of audit (engagement partner, manager and senior) perform all necessary procedures for risk assessment in client’s FS The auditors perform a combination of the following risk assessment procedures:
2 Inquiries of management and those responsible for financial reporting, appropriate individuals within the internal audit function and others in the entity who may have information that is likely to assist in identifying risks of material misstatements due to fraud or error
3 Perform analytical procedures on financial and non-financial information
4 Observation and inspection In addition to these risk assessment procedures, auditors:
Determine whether information obtained from our client and engagement acceptance and continuance procedures is relevant in identifying risk factors
Assess if the audit partner has conducted other engagements for the entity, such as interim financial reviews, and evaluate whether the insights gained from those engagements are pertinent for identifying potential risk factors.
Document the sources of information
Auditors gain insights into the entity and its environment by analyzing pertinent information and leveraging their knowledge of management's risk assessment process, which aids in identifying key risk factors.
Engagement partners, managers, and seniors conduct inquiries with the client's management and those responsible for governance to deepen their understanding of the entity's operations, supplementing their analysis of financial information By leveraging their knowledge of the entity and its environment, along with insights from other risk assessment procedures, auditors tailor the nature of their inquiries effectively.
Auditors may also inquire of others within the entity with different levels of authority to obtain additional information or a different perspective as they identify risk factors
Auditors inquire with key personnel in the internal audit function to determine if they plan to utilize their work These individuals, deemed appropriate by the auditor, possess the necessary knowledge, experience, and authority, such as the Chief Internal Audit Executive.
First, nature of the entity and external environment
To effectively plan and execute a risk-based audit, it is crucial to understand the entity and its environment, as changes can impact the overall audit strategy This process involves documenting the client's background and relevant industry information, while also identifying accounts that may present risks of material misstatements (ROMM) for future reference.
Second, legal and regulatory framework
EY aims to document the essential aspects of the legal and regulatory framework relevant to the client, facilitating the identification of potential non-compliance with laws and regulations This includes instances that directly impact the reported amounts and disclosures in financial statements, as well as those that, while not directly affecting these figures, are crucial for the client's operational integrity and sustainability, helping to mitigate the risk of material penalties.
Third, business operations and process
To document elements of understanding about key business industries in which client ABC operates and state accounts that may contain risks of material misstatements for further audit consideration
EY's documentation focuses on key aspects of the entity's ownership, governance, investment structure, and financing This includes identifying and assessing risks, which informs the design of subsequent audit procedures.
Fifth, selection and application of accounting policies
This article outlines EY's approach to understanding an entity's process for selecting and applying accounting policies, focusing on those requiring significant judgment It emphasizes the importance of evaluating changes in accounting policies and assessing their appropriateness for the business, ensuring consistency with the relevant financial reporting framework and industry standards to identify potential risk factors.
Sixth, objectives, strategies and business risk
To gain EY's insight into the entity's goals and strategies, it is essential to assess the associated business risks that could lead to a risk of material misstatement (ROMM) Evaluate whether any discrepancies between the entity's objectives and strategies, or the absence of objectives that adequately address known risks and opportunities, contribute to an increased ROMM.
Entities encounter various business risks during their operations, often stemming from changes, complexities, or a failure to adapt Recognizing these risks enhances the ability to identify risks of material misstatement (ROMM), as many business risks can impact financial statements (FS) While some risks solely influence operational processes, others can directly affect the information recorded in the financial statements.
Seventh, measurement and review of the entity’s financial performance
To grasp how management evaluates and assesses the entity's financial performance, auditors must also consider analysts' expectations for listed entities Understanding these expectations is crucial, as they can influence management's motives in making accounting estimates and decisions regarding the recording of any identified misstatements.
Eighth, related parties relationships and transactions
To document nature of all related of parties transactions and state accounts that may contain ROMMs
Ninth, litigation, claims and assessments
To ensure the completeness of identified litigation, claims, or assessments, it is essential to review governance meeting minutes and examine pertinent documents held by the entity This includes correspondence with external legal counsel, legal expense accounts, and relevant source documents, such as invoices.
Tenth, the role of IT in the entity
To document key IT users, background of business operation, network diagram,
To document how management makes the estimate and the data on which the estimate is based
Working papers for all information have listed above, are fully uploaded and linked in relevant section on Canvas platform
In the EY global audit methodology (EY GAM), preliminary materiality is established using three key terms: Planning Materiality (PM), Tolerable Error (TE), and Summary of Audit Difference (SAD) Materiality refers to the significance of an omission or misstatement that could influence users' economic decisions regarding financial statements The auditor-in-charge uses professional judgment to determine the level of material misstatement, with PM being set lower than overall materiality to ensure that any discovered misstatements do not exceed the planned materiality level TE is established to minimize the likelihood that uncorrected and undetected misstatements surpass PM and serves as an estimate for undetected errors Additionally, auditors identify a SAD nominal amount, below which misstatements are deemed trivial, and if specific accounts or disclosures are set below this threshold, their materiality is treated as the trivial amount The process of determining PM and TE relies on the professional judgment of audit executives, including the audit partner.
Research results of questionaires for the assessment of risks of material
5.1.1 The characteristics of the assessment of risks of material misstatements of financial statements of Vietnamese listed enterprises in the stage of audit planning at EY Vietnam
Based on feedback from auditors at EY Vietnam, the author has highlighted key aspects of assessing the risk of material misstatements in financial statements during the audit planning phase It is concluded that EY meticulously prepares this planning stage, establishing a solid foundation for subsequent phases of the audit process.
The risk assessment of material misstatements in financial statements during the audit planning phase at EY Vietnam is structured into four key stages: understanding the business, assessing inherent and control risks, identifying significant risks, and determining fraud risks These stages are supported by comprehensive documentation available in EY Atlas and EY GAM, which includes specific forms for each phase—namely, the UTB Form for understanding the business alongside the assessment of inherent and control risks, as well as separate forms for significant and fraud risks Additionally, EY GAM provides detailed appendices to assist auditors throughout the process.
In evaluating risks, auditors focus on the unique characteristics and business risks of listed companies, which are influenced by various factors including political institutions and the overall business environment Business risks can stem from a complex political landscape, economic downturns, an unstable legal framework, poor strategic decisions by company leadership, insufficient business information, and deficiencies in competitiveness and management skills Identifying the root causes of these risks enables auditors to assess the potential for material misstatements effectively.