In September 2019 the International Audit and Assurance Standards Board approved revisions to ISA 315 Identifying and Assessing the Risks of Material Misstatement (“the revised standard”) The effects of these revisions will require firms to rethink their approach to risk assessment. The foundation of the audit is to identify and assess risks of material misstatement, and the revised standard now requires a more resilient and evidence based risk identification and assessment process, which also promotes improvements to the planned responses to those identified risks. The revised standard also establishes more robust requirements and appropriately detailed guidance to drive auditors to perform enhanced risk assessment procedures in a manner commensurate with the size and the nature of the entity. The revised standard focuses on enhancing the auditor’s approach to understanding the entity, its environment (including its internal control) and risk assessment activities in light of the changing environment.
Concisely, the revised standard enables the auditor to more efficiently and effectively focus on:
The revision, reorganization and enhancement of the standard intends to
Within the Inflo Digital Audit Methodology we have embedded as part of the risk assessment procedures that the auditor is required to perform, several call outs for the auditor to consider and evaluate inherent risk factors.
This guide will highlight What needs to be done, Why it needs to be done and How it can be done to address the six key revisions to the standard, for which auditors will need to implement new ways of working in order to remain compliant:
NEW – Inherent risk factors
NEW – Spectrum of inherent risk concept
CLARIFICATION – Sufficient & appropriate evidence is required
FOCUS – A focus on IT
FOCUS – A focus on controls
NEW – Additional guidance on scalability
Other changes include:
· distinguishing between direct and indirect control components
· a more detailed, comprehensive application material
The aim of these revisions is to drive better quality and a more consistent risk assessment process, as well as encouraging the exercising of professional skepticism.
To dive deeper download our free guide: