When obtaining an understanding of the entity and its environment including its internal control the auditor may identify?

Auditors acquire an understanding of the entity so as to have a frame of reference within which to plan and perform the audit and to exercise sound professional judgment.

Compliance audit; Financial audit

Planning

[section separator="true"]

[section-item 9]

[row]

[column 12]

[toc-this]

Instructions

The entity's business

The auditor's understanding of the entity and its operations should focus on those elements necessary to help reach a conclusion about the audit objectives. Typically, (s)he needs to acquire an understanding of the following:

• Legal framework - legal basis for the activity and relevant parts of the Financial Regulation and other rules and regulations.
• General organisation and governance of the activity/audited entity, including operational structure, resources and management arrangements.
• Business processes - the policy concerned, objectives and strategies, locations, and types/volume/values of programmes/projects.
• Business risks related to the entity's objectives and strategies that may result in material deviations. This includes an understanding of the entity's related party relationships and transactions (e.g. obtain from management the names of related parties, the nature of the relationships, and any transactions entered into with such parties during the period).
• Dependence on IT systems and

  [link title="IT%20related%20risks" link="%2Faware%2FDocuments%2FRisks-examples.docx" icon="file-word-o" /] 

• Performance measures – an understanding of such measures (e.g. performance indicators, variance analysis) allows the auditor to consider whether pressures to achieve performance targets may result in management actions that increase the risk of material misstatement or irregularity.

Applicable management method

While according to the

[link new-window title="Treaty%20(TFEU)" link="https%3A%2F%2Feur-lex.europa.eu%2Flegal-content%2FEN%2FTXT%2FPDF%2F%3Furi%3DCELEX%3A12012E%2FTXT%26from%3DEN%23page%3D140" icon="external-link" /] 

the Commission is responsible for overall implementation of the budget, the

[link new-window title="Financial%20Regulation" link="https%3A%2F%2Feur-lex.europa.eu%2Flegal-content%2FEN%2FTXT%2F%3Furi%3DCELEX%3A32018R1046%23062" icon="external-link" /] 

provides for three different management methods for budget implementation. Each method involves a different allocation of roles and responsibilities for the implementation of the budget, which should be taken into account when planning, undertaking and reporting on an audit.

Specific instructions per type of audit

[tabs filled color="border-dark" css-code="div%3Anth-child(1)%20%7Bcolor%3A%20rgb(192%2C57%2C43)%7D%0Adiv%3Anth-child(2)%20%7Bcolor%3A%20%230072c6%7D" css_code_compiled=".dynamic-unique-shortpoint-class-name%20div%3Anth-child(1)%20%7B%0A%20%20%20%20color%3A%20rgb(192%2C57%2C43)%0A%7D%0A.dynamic-unique-shortpoint-class-name%20div%3Anth-child(2)%20%7B%0A%20%20%20%20color%3A%20%230072c6%0A%7D"]

[tab title="Compliance%20audit"]

[emphasis color="primary"]Understanding the entity's laws and regulations[/emphasis] 

Understanding the framework of laws and regulations and using this information appropriately will assist the auditor in identifying potential material deviations. This understanding then helps the auditor to determine whether the inherent risk is to be classified as high or not high, for use in the Assurance model, and in deciding upon the nature, timing and extent of audit procedures to be performed. The regulatory framework which the auditor considers when obtaining a knowledge of the auditee's activities and identifying relevant laws and regulations applicable to the auditee's activities will include the relevant parts of:

the

[link new-window title="TFEU" link="https%3A%2F%2Feur-lex.europa.eu%2Flegal-content%2FEN%2FTXT%2F%3Furi%3Dcelex%3A12012E%2FTXT" icon="external-link" /] 

;

the

[link new-window title="Financial%20Regulation" link="https%3A%2F%2Feur-lex.europa.eu%2Flegal-content%2FEN%2FTXT%2F%3Furi%3DCELEX%3A32018R1046" icon="external-link" /] 

and internal financial rules of each institution (e.g. Commission internal financial rules):

the basic legislation establishing the policy, programme or activity;

rules or regulations established in accordance with that basic legislation.

The auditor's understanding includes knowledge of the reasons for the legislation and its objectives, as this will aid his/her understanding of any secondary legislation or subsidiary regulations. The extent of the auditor's work on obtaining a sufficient understanding of the legal and regulatory framework will depend on the nature and complexity of the laws and regulations. However, the auditor only needs to understand the parts of the legislation that are relevantto the particular audit task. In all cases, the audited entity retains the responsibility for ensuring compliance with applicable laws and regulations; this includes ensuring that legislation and regulations are appropriately reflected at all stages through to operational guidance. In complex regulatory environments, the auditor considers the translation of laws and regulations into relevant rules and procedures, and may seek written representations from management in this regard; however, such representations constitute weak audit evidence, and need to be reviewed critically. Ultimately, the auditor's conclusion should be based on evidence of compliance with the appropriate laws and regulations and the contractual framework, rather than on evidence of compliance with the entity's understanding of the framework. Where the auditor is uncertain whether legislation has been properly interpreted and the effect could be material, it may be necessary to seek a legal advice. If the laws and regulations do not change from year to year, the auditor may already have sufficient knowledge from previous audits.  

[/tab] 

[tab title="Financial%20audit"]

The extent of the auditor's work to obtain a sufficient understanding of the entity and its environment will depend on the complexity of the operations and the related accounting processes; the auditor's previous experience of the entity; and the degree of change, if any, that has taken place since previous audits. Understanding the entity and its environment in financial audit encompasses an understanding of:

the nature of the entity, including the types of transactions undertaken, the financial statement and budgetary items included in the accounts, and the chain of responsibilities involved in the accounting process;

the entity's objectives and strategies and the related business risks that may result in a material misstatement of the annual accounts;

the

[link title="financial%20reporting%20framework" link="%2Faware%2FFA%2FPages%2FConcepts%2FFinancial-reporting-framework.aspx" /] 

, including the accounting rules adopted and the regulatory provisions of the

[link new-window title="TFEU" link="https%3A%2F%2Feur-lex.europa.eu%2Flegal-content%2FEN%2FTXT%2F%3Furi%3Dcelex%3A12012E%2FTXT" icon="external-link" /] 

and

[link new-window title="Financial%20Regulation" link="https%3A%2F%2Feur-lex.europa.eu%2Flegal-content%2FEN%2FTXT%2F%3Furi%3DCELEX%3A32018R1046" icon="external-link" /] 

, under which the annual accounts are prepared. The financial reporting framework and other regulations include those set out in the specific legislation establishing the audited entity and determining its activities. Such understanding also covers presentation of the annual accounts, including the disclosure of material matters, terminology used, the classification of items, and the basis of the amounts;

the entity's selection and application of accounting policies - the auditor considers if these are appropriate and consistent with the financial reporting framework. Obtaining an understanding includes the methods of accounting for significant and unusual transactions, establishing accounting estimates, changes in accounting policies or changes in international accounting standards that may affect the entity, and whether entity management appears to follow aggressive or conservative accounting policies;

how the entity measures and reviews its financial performance, whether through performance indicators (e.g. budgetary execution), variance analysis, or other means; such measures may indicate to the auditor a risk of misstatements in the accounts.

The risk of misstatement is increased due to the enormous number of projects financed by the EU, the amounts at stake, the multiple models of project life-cycles, the specific accounting schemes, the diverse nature of contracts, the nature and reliability of the information available for each project.

[toggles class="list2left"]

[toggle title="Examples%20of%20significant%20items%20in%20the%20EU%20accounts"]

• Pre-financing: This is intended to provide the beneficiary with a float, and is a largely-used contractual provision in the Union's various domains of intervention. The pre-financing advanced to a project remains the property of the Union until it is cleared after the beneficiary has provided justification for the use of the funds. Until it has been cleared, the net value of pre-financing remains disclosed in the balance sheet assets.
• Outstanding invoices: In the Union’s accounting environment, “invoices" is the generic term used to designate cost claims received from project beneficiaries, cost statements from member states, commercial invoices, audited statements of expenses in a co-financed project, etc. Receiving, analysing the eligibility of, and paying invoices are intrinsic to the very nature of the Union's intervention. Invoices are included in “current payables" in the liabilities section of the balance sheet when they have not yet been paid at year-end.
• Accrued charges: Under accrual-based accounting, the Union recognises at year-end those liabilities to project contractors for the portion of works executed at year-end but for which no invoice has yet been received. This is commonly referred to as cut-off. Establishing the cut-off of accrued charges at year-end is a complex process, because it is largely an estimation exercise.

[/toggle] 

[/toggles] 

 

[/tab] 

[/tabs] 

[/toc-this] 

[/column] 

[/row] 

[/section-item] 

[section-item 3]

[row]

[column 12]

[panel panel-style="boxed" title="Related%20documents" icon="book" class="ref-panel"]

[standards]

[link new-window title="ISA%20315" link="https%3a%2f%2fwww.ifac.org%2fsystem%2ffiles%2fpublications%2ffiles%2fIAASB-2020-Handbook-Volume-1.pdf%23INTERNATIONAL%2520STANDARD%2520ON%2520AUDITING%2520315%2520(REVISED)" /] 

[/standards] 

[rules]

[link new-window title="Art%20317%20TFEU" link="https%3A%2F%2Feur-lex.europa.eu%2Flegal-content%2FEN%2FTXT%2FPDF%2F%3Furi%3DCELEX%3A12012E%2FTXT%26from%3DEN%23page%3D140" /] 

[link new-window title="Art%2062%20FR" link="https%3A%2F%2Feur-lex.europa.eu%2Flegal-content%2FEN%2FTXT%2F%3Furi%3DCELEX%3A32018R1046%23062" /] 

[/rules] 

[/panel] 

[/column] 

[/row] 

[row]

[column 12][/column] 

[/row] 

[row]

[column 12]

[toc fixed="true" selectors="h2%2Ch3" class="basic-toc" /] 

[/column] 

[/row] 

[/section-item] 

[/section] 

Last Modified: 04/11/2021 11:33   Tags:

When obtaining an understanding of the entity and its environment the auditor should obtain?

When obtaining an understanding of an entity's internal control an auditor should?

What is obtaining an understanding of an entity control environment?

When obtaining an understanding of an entity's control environment An auditor should concentrate?