What’s News?

After a year of insightful monitoring- and EQR reviews, LEAF has identified recurring findings during audit engagement file monitoring reviews across various industries. They are all similar to the IRBA themes of findings experienced during engagement inspections. Improving quality requires a mind shift from pure completion of methodology and templates, without regard for the circumstances of the audit, and the intentions of standards, to a clear knowledge of the circumstances of the audited entity and its business, and how the auditing and accounting standards are applied, without being led by generalised programmes.

Below are the top seven findings:

1. Disclosure verification
   Disclosure verification includes detail of recognition, measurement, classification and presentation, in terms of the accounting framework, with details of disclosures considered, and audit procedures performed.
2. Internal control documentation
   Internal documentation did not address the detail of control activities and control procedures with appropriate conclusions on implementation, design and effect on risk, or whether one can rely on the system, should one wish to do so.
3. Overall documentation
   ISA 230 stipulates that documentation should reflect the identifying detail of the nature, timing, and extent of audit procedures and audit evidence in such a way that an independent auditor may be able to re-perform the procedures, and come to the same conclusion. This mantra should be memorised by any auditor wishing to properly document an audit file.Any judgment, thought process and consideration taken during the audit should be documented, since an auditor can only defend themselves later based on documentation.
4. Cash flow statement
   There are three parts, which were not documented sufficiently, i.e.
   • Checking the calculations
   • Verifying the completeness of non-cash items, for each non-cash item, and verification of cash flow items to bank transactions
   • Checking the classification of entries.
5. Planning, risk assessment, and audit approach
   The requirements of ISA 315 were not applied to the benefit of the audit, in that gaps in planning and risk assessments, coupled with unclear audit approaches, contributed to inconsistent and ineffective audit strategies.
6. Sampling
   A recurring issue was inadequate sampling methodologies, including an insufficient rationale for sample sizes and selection processes, giving every item an equal chance for selection.
7. IT controls
   Limited evaluation and documentation of general and application controls, appropriate for the circumstances of the audit entity, exposed weaknesses in assessing risks related to technology-driven environments.

As we look to the year ahead, addressing these issues should be a top priority for every audit firm. Ensuring proper understanding of audit entities and their environments, and comprehensive documentation are areas where immediate progress can be made. Refining how the firm captures audit evidence and justifies its decisions, strengthens not only compliance, but also the integrity of the firm’s work.

Planning and risk assessments are critical to ensuring focused and efficient procedures. IT controls and innovative ways of testing them, such as data analytics, need attention, as technology plays an ever-growing role in financial environments. Firms need to ensure their teams are equipped to evaluate these systems effectively.

Improving in these areas is not just about passing reviews, it’s about building trust, delivering high-quality audits, and upholding the professional standards that define our work. By committing to these goals, we can turn findings into opportunities for growth and excellence.