1. Verification of compliance with the financial reporting framework

Auditors frequently make use of disclosure checklists to verify compliance with the requirements of the relevant financial reporting framework. When making use of such checklists, it is very important to document the auditor’s considerations in support of the ‘Yes’, ‘No’ or ‘N/A’ answers provided. If there is no or insufficient support documented, the audit work is not re-performable, which is non-compliant with ISA 230 and makes it very difficult to check whether conclusions documented are correct under the circumstances.

Incorrect conclusions regarding compliance with the financial reporting framework requirements may lead to unidentified material misstatements in the financial statements, resulting in an inappropriate audit opinion being expressed. It is, therefore, crucial to understand and critically evaluate each requirement of the financial reporting framework to ensure that all misstatements are identified, and corrected before finalising the audit. Of equal importance is the documentation of such critical evaluation of compliance with the requirements. Auditors should clearly document how recognition, measurement, classification, presentation and disclosure were considered, in terms of the financial reporting framework requirements.

Common deficiencies identified by audit regulators include material misstatements not identified by auditors, and insufficient evidence of a thorough and systematic review of the financial statements and related disclosures for compliance with the requirements of the financial reporting framework.

2. Relevant assertions

During the planning phase of the audit, the auditor identifies risks and, on this basis, the relevant assertions for balances, classes of transactions and disclosures that must be verified during the fieldwork phase of the audit. These risks and relevant assertions are based on valid and documented reasons. Detailed assertions under disclosure or presentation, i.e. recognition, measurement, classification, or disclosure are often overlooked in the risk assessment.

However, during the fieldwork phase of the audit, auditors often do not clearly describe the audit procedures performed to address all the risks and relevant assertions. In some cases, the auditors place external documents or evidence on file without explaining what was considered and how this supports the relevant assertions affected. This is a serious shortcoming in documentation, which should reflect the identifying details of the nature, timing and extent of audit procedures, judgments and evidence obtained. Such gaps in documentation leave reviewers guessing about the work that was done and whether the risk was sufficiently addressed. In other cases, audit documentation simply doesn’t address all relevant assertions.

Audit documentation should draw a clear link between risks, relevant assertions, the nature, timing and extent of audit work performed, in response to the risks, and the results of the work performed. Only when all of this is clearly documented and an independent person can easily follow what was considered, will it meet the re-performance principle of ISA 230.