- The revised standard includes a lot more on technology
- Auditors will need to understand the fundamental concepts of inherent risks and the inherent risk spectrum
- There is a wide range of resources to assist with implementation
December 31 is rapidly approaching, which means we are nearly at the first reporting period that the revised ASA/ISA (NZ) 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment is effective for auditors. It has a been a busy year for auditors, as firms have needed to plan and prepare for ASA/ISA 315 while also getting ready for the new quality management standards.
While the revised standard does not change the audit risk model, it does contain several enhancements and clarifications to help auditors apply the audit risk model when identifying and assessing the risks of material misstatement. ASA/ISA (NZ) 315 has been completely rewritten, so it is not easy to do a direct comparison between the old and the new standard to see what has changed.
The main changes are:
- Five new inherent risk factors; subjectivity, complexity, uncertainty, change and susceptibility to misstatement due to management bias or fraud.
- A new spectrum of risk, at the higher end of which lie significant risks.
- Requiring 'sufficient, appropriate' evidence to be obtained from risk assessment procedures as the basis for the risk assessment.
- A lot more on IT, particularly IT general controls.
- More on controls relevant to the audit and on the design and implementation work required for these controls.
- Removal of considerations specific to smaller entities as a separate category and inclusion of that material within the main body of the standard and the addition of new material.
Other changes include:
- Requiring inherent and control risk to be assessed separately (the extant standard permits a combined assessment).
- Distinguishing between direct and indirect control components.
- A new stand-back requirement to reconsider when material classes of transactions, account balances, and disclosures are not assessed as significant.
The message we have heard from members who have completed their implementation is not to underestimate the time and effort associated with changes to methodology, software, training and so on. But there is a wide range of resources available to assist firms with the implementation of the revised standard.
CA ANZ resources
- ISA 315 (2019 revised standard) for auditors webinar recordings (AU Store, NZ Store)
- Interview with IAASB Chair and Deputy Chair, including discussion of ISA 315
Australia and New Zealand Standard setters
- AUASB Implementation Guidance including FAQs and guidance on General IT Controls and Scalability considerations
- NZAuASB Implementation Guidance
IAASB guidance and resources
- ISA 315 First time implementation guidance
- Non-Authoritative Support Material: Using Automated Tools and Techniques When Identifying Risks of Material Misstatement in Accordance with ISA 315 (Revised)
- Introduction to ISA 315 (revised 2019) (PDF)