· Understand the importance of the business process (system description) and how it fits into the auditing process.
· Understand the flow of the processes in the business process standard working paper.
· Identify and/or take note of applicable legislative requirements and accounting systems used for the business process.
· Document the business process as well as the walkthroughs including indicating any non-compliance with legislation identified and hyperlinking to non-compliance working paper or exception raised.
· Identify the inherent risk factors, relevant assertion(s) and annual financial statement (AFS) item for the business process.
· Categorise inherent risk factors in terms of their appropriate inherent risk category in the risk assessment & response WP.
· Identify key controls for the applicable relevant AFS item assertions and determine where controls are automated if they will be tested using ISA BU.
· Transfer relevant information from the business process to the risk assessment and response, deficiencies in internal control, compliance and risk register working papers.
· Understand the importance of the risk assessment and response working paper and how it fits into the auditing process.
· Understand the different sources where inherent risk factors can originate and flow into the risk assessment and response working paper.
· Perform a risk assessment per risk (what can go wrong) for the different relevant assertions.
· Assess whether the identified controls that address risks of material misstatement at assertion level (individually or in combination with other controls) have been designed effectively to address the risk.
· Assess whether the effectively designed controls are implemented.
· Conclude on the controls that have been assessed and determine the audit approach to be followed in line with the audit methodology.
· Determine instances where it is appropriate to test controls in order to place reliance on these and reduce the level of assurance required from substantive procedures.
· Determine the substantive testing that must be performed in line with the audit methodology to obtain the required level of assurance.
· Complete the detailed audit plan (nature, timing and extent).
· Revise the risk assessment and detailed audit plan where applicable.
· Document the inherent risk factors identified during the audit.
· Identify the risks of material misstatement / non-compliance applicable to different types of audits.
· Identify the risks that have an overall impact, determine its significance (if due to fraud) and the responses at an overall level to these pervasive risks.
· Identify the financial statement items and/or performance indicators affected by the risk of material misstatement for further assessment and response in the Risk assessment and response WP.
· Identify the compliance themes impacted by the identified risks for response in the applicable compliance WP.