Robert H. Montgomery in his book, ‘Montgomery’s Auditing (1912)’ had
said, “The skills of an accountant can always be ascertained by an
inspection of his working papers.” More than a century has passed, but
this statement has not lost its relevance. On the contrary, over the
years, given the quantum of litigation that the auditors have had to
face the world over, these words have become all the more significant.
‘Work not documented is work not done’ is a maxim that is sworn by most
reviewers from regulatory or audit oversight bodies particularly in
jurisdictions overseas.
SA 230 on Audit Documentation provides
guidance on the nature of documentation that needs to be maintained
which would provide sufficient and appropriate record of the basis on
which audit was concluded and the audit opinion issued. Audit
documentation also serves as an evidence that the audit was planned and
performed in accordance with Standards on Auditing and the applicable
legal and regulatory framework. Audit documentation should be such that
an experienced auditor, having no previous familiarity with the audit,
can independently review and reach similar conclusions as those reached
by the present auditor.
During the course of his audit, the
auditor usually encounters issues where an expert’s opinion has to be
called for, or a reservation is expressed by either the management or
the auditor on the treatment of a particular transaction or a position.
It is imperative for the auditor to design the audit procedures in a
manner that by performing such procedures, all the material and relevant
factors having an impact on the true and fair opinion are brought to
light. While it is imperative that the position taken is based on sound
judgment and in compliance with the applicable accounting/regulatory
framework, it is equally important that such judgment is well
articulated in the audit documentation. The first defense for an auditor
is his documentation which should be robust enough to prove that audit
was conducted in adherence to the standards.
The form and
content of audit documentation should be designed to meet the
circumstances of the particular audit. The extent of documentation is
influenced by various factors such as:
a. Nature of the audit
b. Audit procedures intended to be performed
c. Audit evidence to be collected
d. Significance of such evidences
e. Audit methodology and tools used
Documentation
obtained during the course of audit can be segregated into those
forming part of the PAF (Permanent Audit File) and CAF (Current Audit
File). A PAF contains those documents, the use of which is not
restricted to one time period, and extends to subsequent audits as well.
E.g. Engagement letters, Communication with previous auditor,
Memorandum of Association, Articles of Association, Organization
structure, List of directors/partners/ trustees/ bankers/lawyers, etc.
On the other hand, a CAF contains those documents relevant for the
period of audit.
Typically, audit documentation would cover the following –
– Client evaluation and acceptance
– Risk Assessment
– Audit planning discussions
– Audit programs
–
Working papers relating to all significant areas documenting the
approach, risks and controls to the relevant area tested, substantive
and analytical procedures performed and the conclusions reached
– Evidence supporting the use and reliance on the work of experts, internal audit etc.
– Evidence of review by partner and manager
– Evidence of communication with those charged with governance
– Management representations
Audit
documentation may be in the form of physical papers or in electronic
form. In past years, audit documentation was maintained in physical
paper files complete with links and notations necessary for independent
understanding and review of work performed. The working papers are the
property of the auditors and the auditor is not bound to provide access
to these work papers to the client.
Over the last few years,
audit documentation has witnessed radical refinement in the manner in
which it is maintained. It has taken form of electronic files which are
prepared using software specifically designed for documentation
purposes. Such software coupled with advancements in telecommunications
has enabled teams working across multiple locations/geographies to
remotely access the same electronic audit documentation file and
document the work performed for their respective client location. Such
software also results in significant economies on a year-on-year basis,
as the base documentation relating to IT systems, processes, audit
programs needs to be done only once at the time of set up of the
electronic audit file. These software enable the electronic audit file
to be ‘rolled forward’ for the next accounting period. As such, the base
documentation relating to knowledge of the client, the industry, IT
systems, processes, flow charts, audit programs etc. gets pre-populated
in the next year’s audit file and the team would then need to update
these for current changes. Such documentation software has features such
as restrictive access rights to the audit file, enabling audit trail by
way of sign off of completion of the work performed by the team member
and its review by manager/partner, enabling reminders to owners of the
file for pending documentation, compulsory archiving of files post
expiry of the mandatory close-out period and many more. Electronic
documentation has revolutionised the manner in which audit work is
documented and has resulted in huge savings in terms of avoiding of
documentation that is repetitive, easy access to and reference of work
done in the past, ease in acquainting of new team members with the
client’s background, reduction in storage costs (for physical files) and
many other benefits. Physical files are maintained only for filing
certain essential documents such as engagement letters, confirmations,
representation letters, original signed copies of the financial
statements etc. The auditor would however need to establish an adequate
IT infrastructure to support electronic documentation of work done.
A
pertinent question that an auditor usually faces is whether he is
required to document all the evidences procured during the course of his
audit. It actually depends on the significance as well as the
materiality of the financial statement caption and the inherent risk of
material misstatement related thereto. The regulatory compliances and
disclosures may also impact the level of documentation. For instance,
the level of documentation required for testing of rental deposits
accepted by a real estate company may not be as detailed as that
required for a borrowing made by the same company. The compliance and
disclosure requirements for borrowings are more onerous and detailed as
compared to rental deposit, as such the level of documentation that
would support auditor’s verification would also get influenced by such
factors.
The administrative process of completion of the
assembly of the final audit file after the date of the auditor’s report
does not construe as performance of new audit procedures or the drawing
of new conclusions. Changes may, however, be made to the audit
documentation during the final assembly process if they are
administrative in nature. Examples of such changes include:
i. Deleting or discarding superseded documentation.
ii. Sorting, collating and cross referencing working papers.
iii. Signing off on completion checklists relating to the file assembly process.
iv. Documenting audit evidence that the auditor has obtained, discussed, and agreed with the relevant members of the engagement team before the date of the auditor’s report.
However, the auditor is expected to complete the administrative process of assembling the final audit file on a timely basis after the date of the auditor’s report. The Standard on Quality Control (SQC) 1 requires firms to establish policies and procedures for the timely completion of the assembly of audit files. An appropriate time limit within which to complete the assembly of the final audit file is ordinarily not more than 60 days after the date of the auditor’s report. The retention period for audit engagements, as per SQC 1, ordinarily is no shorter than seven years from the date of the auditor’s report, or, if later, the date of the group auditor’s report.
If, in exceptional circumstances, the auditor performs new or additional audit procedures or draws new conclusions after the date of the auditor’s report, the auditor is required to document:
– the circumstances encountered;
– the new or additional audit procedures performed, audit evidence obtained, and conclusions reached, and their effect on the auditor’s report; and
– When and by whom the resulting changes to audit documentation were made and reviewed.
Examples of exceptional circumstances include facts which become known to the auditor after the date of the auditor’s report but which existed at that date and which, if known at that date, might have caused the financial statements to be amended or the auditor to modify the opinion in the auditor’s report.
We will now consider some case studies on audit documentation.
Case Study i
Documentation after completion of audit -Key considerations
The audit team, post completion of audit, receives a confirmation from the sole debtor of the company confirming NIL balance whereas the balance appearing in the financial statements was Rs. 80 million which is material to the financial statements. In the absence of the confirmation, alternate audit procedures were performed to obtain evidence on the accuracy of the balance and the same was documented sufficiently and appropriately.
Is there a need to take into consideration the confirmation received post finalisation of the audit and how would that be documented?
Analysis and conclusion
As per SA 230, this situation is an example of an exceptional circumstance. This situation reflect facts which become known to the auditor after the date of the auditor’s report but which existed as at that date and which, if known on that date, might have caused the financial statements to be amended or the auditor to modify his audit opinion. The resulting changes to the audit documentation would need to be reviewed and the engagement partner would need to assume final responsibility for the changes.
In this case, the auditor is required to document:
– the circumstances encountered;
– the new or additional audit procedures performed, audit evidence obtained, and conclusions reached, and their effect on the auditor’s report; and
– When and by whom the resulting changes to audit documentation were made and reviewed.
The above situation will also need to be evaluated in terms of the requirements of the Guidance note on revision of the audit reports as well as SA 560 Subsequent events issued by the Council of the institute of Chartered accountants of india, which states that a revision of the audit report may be warranted in several instances involving reasons such as apparent mistakes, incorrect information about facts, subsequent discovery of facts existing at the date of the audit report, etc.
Case Study ii
Revision in work papers
The audit team, during the finalisation of the audit of a client in the pharmaceutical industry, had several revisions in the financial statements. Consequently, the related working papers also underwent numerous changes. the audit manager is of the opinion that the old papers can be destroyed wherever there were revisions and it is enough to preserve the final version. However, the audit team is of the opinion that all revisions need to be filed for traceability. Which opinion is right ?
Analysis and conclusion
As per para A22 of SA 230, “the completion of the assembly of the final audit file after the date of the auditor’s report is an administrative process that does not involve the performance of new audit procedures or the drawing of new conclusions. Changes may, however, be made to the audit documentation during the final assembly process if they are administrative in nature. Examples of such changes include: deleting or discarding superseded documentation.”
Hence, old papers which have been revised may be deleted or discarded.
Closing Remarks
An auditor simply cannot get away with documentation or its importance. in fact, audit documentation commences even before the auditor accepts an audit engagement. Given the empowerment to statutory authorities for re-opening of financial statements as provided by the Companies Act, 2013 coupled with increased regulatory supervision on the functioning of the audit profession, auditors would need to ensure that timely, adequate and robust documentation is maintained to support the basis on which audit opinion has been issued. this will be all the more accentuated where areas of judgment and estimation uncertainty is involved. oral explanations by the auditor on his own do not represent adequate support for the work performed by him but these may be used to clarify or explain audit documentation. On the other hand, too much documentation can be inefficient and may impact the profitability/recovery rates for the auditor. So for most of the firms, the challenge would be to maintain the right balance. SA 230 sets out the guiding principles in this regard and compliance with SA 230 would result in sufficiency and appropriateness of audit documentation.
