CAS Guidance

The auditor is not expected to, and cannot, reduce audit risk to zero and cannot therefore obtain absolute assurance that the financial statements are free from material misstatement due to fraud or error. This is because there are inherent limitations of an audit, which result in most of the audit evidence on which the auditor draws conclusions and bases the auditor’s opinion being persuasive rather than conclusive. The inherent limitations of an audit arise from (CAS 200.A50):

• the nature of financial reporting,
• the nature of audit procedures, and
• the need for the audit to be conducted within a reasonable period of time and at a reasonable cost.

In the case of certain assertions or subject matters, the potential effects of the inherent limitations on the auditor’s ability to detect material misstatements are particularly significant. Such assertions or subject matters include (CAS 200.A56):

• fraud, particularly fraud involving senior management or collusion. See CAS 240 for further discussion (see OAG Audit 5500).

• the existence and completeness of related party relationships and transactions. See CAS 550 for further discussion (see OAG Audit 7530).

• the occurrence of non‑compliance with laws and regulations. See CAS 250 for further discussion (see OAG Audit 7510).

• future events or conditions that may cause an entity to cease to continue as a going concern. See CAS 570 for further discussion (see OAG Audit 7520).

Relevant CASs identify specific audit procedures to assist in mitigating the effect of the inherent limitations.

Because of the inherent limitations of an audit, there is an unavoidable risk that some material misstatements of the financial statements may not be detected, even though the audit is properly planned and performed in accordance with CASs. Accordingly, the subsequent discovery of a material misstatement of the financial statements resulting from fraud or error does not by itself indicate a failure to conduct an audit in accordance with CASs. However, the inherent limitations of an audit are not a justification for the auditor to be satisfied with less‑than‑persuasive audit evidence. Whether the auditor has performed an audit in accordance with CASs is determined by the audit procedures performed in the circumstances, the sufficiency and appropriateness of the audit evidence obtained as a result thereof and the suitability of the auditor’s report based on an evaluation of that evidence in light of the overall objectives of the auditor (CAS 200.A57).

CAS Guidance

The preparation of financial statements involves judgment by management in applying the requirements of the entity’s applicable financial reporting framework to the facts and circumstances of the entity. In addition, many financial statement items involve subjective decisions or assessments or a degree of uncertainty, and there may be a range of acceptable interpretations or judgments that may be made. Consequently, some financial statement items are subject to an inherent level of variability which cannot be eliminated by the application of additional auditing procedures. For example, this is often the case with respect to certain accounting estimates. Nevertheless, the CASs require the auditor to give specific consideration to whether accounting estimates are reasonable in the context of the applicable financial reporting framework and related disclosures, and to the qualitative aspects of the entity’s accounting practices, including indicators of possible bias in management’s judgments (CAS 200.A51).

There are practical and legal limitations on the auditor’s ability to obtain audit evidence. For example (CAS 200.A52):

• There is the possibility that management or others may not provide, intentionally or unintentionally, the complete information that is relevant to the preparation of the financial statements or that has been requested by the auditor. Accordingly, the auditor cannot be certain of the completeness of information, even though the auditor has performed audit procedures to obtain assurance that all relevant information has been obtained.

• Fraud may involve sophisticated and carefully organized schemes designed to conceal it. Therefore, audit procedures used to gather audit evidence may be ineffective for detecting an intentional misstatement that involves, for example, collusion to falsify documentation which may cause the auditor to believe that audit evidence is valid when it is not. The auditor is neither trained as nor expected to be an expert in the authentication of documents.

• An audit is not an official investigation into alleged wrongdoing. Accordingly, the auditor is not given specific legal powers, such as the power of search, which may be necessary for such an investigation.

CAS Guidance

The matter of difficulty, time, or cost involved is not in itself a valid basis for the auditor to omit an audit procedure for which there is no alternative or to be satisfied with audit evidence that is less than persuasive. Appropriate planning assists in making sufficient time and resources available for the conduct of the audit. Notwithstanding this, the relevance of information, and thereby its value, tends to diminish over time, and there is a balance to be struck between the reliability of information and its cost. This is recognized in certain financial reporting frameworks (see, for example, the IASB’s “Framework for the Preparation and Presentation of Financial Statements”). Therefore, there is an expectation by users of financial statements that the auditor will form an opinion on the financial statements within a reasonable period of time and at a reasonable cost, recognizing that it is impracticable to address all information that may exist or to pursue every matter exhaustively on the assumption that information is in error or fraudulent until proved otherwise (CAS 200.A53).

CAS Guidance

Consequently, it is necessary for the auditor to (CAS 200.A54):

• plan the audit so that it will be performed in an effective manner;

• direct audit effort to areas most expected to contain risks of material misstatement, whether due to fraud or error, with correspondingly less effort directed at other areas; and

• use testing and other means of examining populations for misstatements.

In light of the approaches described in paragraph A54, the CASs contain requirements for the planning and performance of the audit and require the auditor, among other things, to (CAS 200.A55):

• have a basis for the identification and assessment of risks of material misstatement at the financial statement and assertion levels by performing risk assessment procedures and related activities; and

• use testing and other means of examining populations in a manner that provides a reasonable basis for the auditor to draw conclusions about the population.

Related Guidance:

See OAG Audit 5021 for guidance on understanding the entity and its environment.

See OAG Audit 4020 for guidance on developing the audit strategy.

See OAG Audit 5040 for further guidance on assessing risk of material misstatement.

See OAG Audit 6050 for guidance on developing and executing a controls test plan.

See OAG Audit 7010 for guidance on developing and executing a substantive test plan.