Definitions and Key Concepts
- Risk Assessment: The process of identifying and evaluating risks that may affect the accuracy of financial statements.
- Internal Control: Processes implemented by management to provide reasonable assurance regarding the reliability of financial reporting.
Auditor's Responsibilities
- Auditors must perform risk assessment procedures to identify areas where material misstatements may occur.
- Auditors should determine the nature, timing, and extent of further audit procedures based on assessed risks.
- Evaluation of the effectiveness of internal controls is required to decide on the level of substantive testing.
Risk Assessment Procedures
- Understanding the entity and its environment, including internal control systems.
- Inquiries of management and others within the entity.
- Analytical procedures and observation of operations.
Internal Control Evaluation
- Assess control environment, risk assessment process, control activities, information system, and monitoring activities.
- Test controls are performed when reliance on internal control is intended.
Documentation
- Auditors must document the risk assessment procedures performed and the results obtained.
- Documentation should include the identified risks and the auditor’s response to those risks.
Penalties and Compliance
- Non-compliance with PSA 400 may lead to professional disciplinary actions by the Professional Regulatory Board of Accountancy.
- Compliance is mandatory for all auditors registered in the Philippines.
Legal and Professional Authority
- The resolution was adopted by the Professional Regulatory Board of Accountancy and approved by the Professional Regulation Commission.
- It holds binding authority over all auditing professionals in the Philippines.