The Audit Approach is a risk analysis methodology that focuses on the combined impact of the environment in which a client operates, the client’s management information and financial results, and the effectiveness of the client’s internal controls. It is based on a thorough, up-to-date understanding of the client’s business and industry, which is obtained through a comprehensive analysis of the external and internal operating environments. It enables us to design an audit programme that includes the most effective and efficient combination of test responsive to a client’s unique circumstances. In addition, it provides a uniform method for developing and documenting the basis for the audit programme.
The Audit Approach enables us to plan our effort to be proportionate to the risk of material error in specific accounts and transactions. This provides the basis for planning the minimum effort necessary to limit audit risk in each area to a low level. As a result, every audit procedure has a specific purpose that is related to the company’s particular situation – nothing is “routine” and hence potentially unnecessary. By following this approach, we can avoid over auditing and under auditing, and we can distribute our audit work more evenly throughout the year.
While planning our audit following matters are taken into consideration:
- Knowledge of the company’s internal control over financial reporting obtained during our engagements performed by the auditor;
- Matters affecting the industry in which the company operates, such as financial reporting practices, economic conditions, laws and regulations, and technological changes;
- Matters relating to the company’s business, including its organization, operating characteristics, and capital structure;
- The extent of recent changes, if any, in the company, its operations, or its internal control over financial reporting;
- The auditor’s preliminary judgments about materiality, risk, and other factors relating to the determination of material weaknesses;
- Control deficiencies previously communicated to the audit committee or management;
- Legal or regulatory matters of which the company is aware;
- The type and extent of available evidence related to the effectiveness of the company’s internal control over financial reporting;
- Preliminary judgments about the effectiveness of internal control over financial reporting;
- Public information about the company relevant to the evaluation of the likelihood of material misstatements in financial statements and the effectiveness of the company’s internal control over financial reporting;
- Knowledge about risks related to the company evaluated as part of the auditor’s client acceptance and retention evaluation; and
- The relative complexity of the company’s operations.