activities is to consider any events or circumstances that either may adversely affect the auditor's ability to plan and perform the audit or may pose an unacceptable level of risk to the auditor.
The Overall Audit Strategy
The auditor should establish and document the overall audit strategy for the audit. (AU-C 300.07)
The overall audit strategy involves the determination of:
● The characteristics of the audit that define its scope
● The reporting objectives of the engagement related to the timing of the audit and the required communications
● Important factors that determine the focus of the audit team's efforts
● Factors to be considered from preliminary work or previous engagements
● Nature, timing, and resources needed
(AU-C 300.08)
The audit strategy helps the auditor determine the resources necessary to perform the engagement.
Communications with Those Charged with Governance and Management
As required by AU-C 260, the auditor must discuss elements of planning and the scope with those charged with governance and the entity's management. (AU-C 300.A13)
The Audit Plan
The audit plan is a more detailed, tactical plan that addresses the various audit matters identified in the audit strategy. The auditor must develop and document an audit plan for every audit.
The audit plan should include a description of:
● The nature, timing, and extent of planned risk assessment procedures (AU-C 315)
● The nature, timing, and extent of planned further audit procedures at the relevant assertion level for each material class of transactions, account balance, and disclosure (AU-C 330)
● Other audit procedures to be carried out to comply with GAAS
(AU-C 300.09)
Developing an audit strategy and an audit plan is intended to be an iterative process. As information becomes available over the course of the audit, the auditor should reconsider the audit strategy and audit plan to determine whether they remain relevant. (AU-C 300.10) All changes to audit strategy and plan should be documented.
Establishing an audit strategy varies according to the size of the entity and the complexity of the audit. In audits of small entities, a very small audit team may conduct the entire audit. With a smaller team, coordination and communication between team members are easier. Consequently, establishing the overall audit strategy need not be a complex or time-consuming exercise.
As part of audit planning, the auditor plans the direction and supervision of engagement team members and plans for the review of their work. (AU-C 300.11)
Determining the Extent of Involvement of Professionals Possessing Specialized Skills
The auditor should consider whether specialized skills are needed in performing the audit. (AU-C 300.12) For example, the auditor may need to involve the use of an information technology (IT) specialist to:
● Determine the effect of IT on the audit
● Understand the IT controls
● Design and perform tests of IT controls or substantive procedures
In determining whether an IT professional is needed, the auditor should consider factors such as the following:
● The complexity of the entity's systems and IT controls and the manner in which they are used in conducting the entity's business
● The significance of changes made to existing systems, or the implementation of new systems
● The extent to which data is shared among systems
● The extent of the entity's participation in electronic commerce
● The entity's use of emerging technologies
● The significance of audit evidence that is available only in electronic form
(AU-C 300.A18)
Additional Considerations in Initial Audit Engagements
Before starting an initial audit, the auditor should:
● Perform procedures regarding the acceptance of the client relationship and the specific audit engagement (see AU-C 220).
● Communicate with the previous auditor, where there has been a change of auditors (see Section 210).
(AU-C 300.13)
When developing the overall audit strategy and audit plan, the auditor should consider:
● Arrangements to be made with the previous auditor – for example, to review the previous auditor's audit documentation.
● Any major issues (including the application of accounting principles or of auditing and reporting standards) discussed with management in connection with the initial selection as auditors, the communication of these matters to those charged with governance, and how these matters affect the overall audit strategy and audit plan.
● The planned audit procedures to obtain sufficient appropriate audit evidence regarding opening balances.
● Other procedures required by the firm's system of quality control for initial audit engagements (for example, the firm's system of quality control may require the involvement of another partner or senior individual to review the overall audit strategy prior to commencing significant audit procedures or to review reports prior to their issuance).
(AU-C 300.A20)
Matters to Consider in Developing an Audit Strategy
AU-C 300.A25 Appendix – Considerations in Establishing the Overall Audit
The appendix to AU-C 300 provides examples of matters the auditor may consider in establishing the overall audit strategy, and many of these matters also will influence the detailed audit plan. The examples provided cover a broad range of matters applicable to many engagements. Although some of the following matters may be required by other AU-C sections, not all matters are relevant to every audit engagement, and the list is not necessarily complete.
Characteristics of the Engagement
The following are some examples of characteristics of the engagement:
● The financial reporting framework on which the financial information to be audited has been prepared, including any need for reconciliations to another financial reporting framework
● Industry-specific reporting requirements, such as reports mandated by industry regulators
● The expected audit coverage, including the number and locations of components to be included
● The nature of the control relationships between a parent and its components that determine how the group is to be consolidated
