Canadian Auditing Standard (CAS) 315 has been updated, and this may affect how your organization prepares for its audit and responds to requests from your auditor.
For most entities, these changes are going to result in management having to prepare more robust support for systems, processes and controls that will be needed to provide audit evidence to auditors for their risk assessment. Or in other words, you're most likely going to have to record, prepare, and submit a greater amount of information, both prior to, and during your audit.
And with that, here's what you need to know about the changes to CAS 315 "Identifying and Assessing the Risks of Material Misstatement" and the auditor’s risk identification and assessment process in your statement audit.
Who do these changes apply to?
The changes to CAS 315 apply to:
- audits of financial statements for periods beginning on or after December 15, 2021
- the audit of all entities, regardless of their nature, size or complexity
What are the key changes?
Key Change 1
A more robust risk identification and assessment process with more focused auditor responses to identified risks.
Potential Impact
- You may receive more up-front questions from the auditor as they plan the audit and identify and assess risks of material misstatement
- The auditor may request additional information to enhance their understanding of systems, processes and controls, including
- a better understanding of your entity’s business model and how it integrates the use of information technology (IT)
- more information about your entity’s own risk assessment process and process for monitoring the system of internal control
- more detailed narratives about how transactions are initiated, recorded, processed and reported
- policies and procedure manuals, flowcharts and other supporting documentation to validate their understanding of the information systems relevant to the preparation of financial statements
Key Change 2
A modernized method to recognize the evolving environment, including in relation to IT.
Potential Impact
- The auditor may involve additional team members, such as IT specialists, who may need to engage with members from your IT team who were not previously involved in the audit process
- You may receive more focused questions and additional requests to better understand the IT environment of your entity, including
- IT applications, including data warehouses and report writers
- supporting IT infrastructure (network, operating systems, databases and their related hardware and software)
- IT processes (managing program changes, IT environment changes, and IT operations)
- IT personnel involved in the IT processes
- additional inquiries to understand general IT controls over journal entries (segregation of duties related to parking and posting entries)
Key Change 3
Enhanced requirements relating to exercising professional skepticism.
Potential Impact
- You may receive additional inquiries if the auditors find information that appears to contradict what they have already learned in the audit
Key Change 4
The auditor’s risk assessment can be scaled up or down based on the nature and complexity of the entity being audited.
Potential Impact
- The auditor’s expectations regarding the formality of your entity’s policies and procedures, and processes and systems, will depend on the complexity of your entity
Key Change 5
Recognition of the use of technology by the auditor, in the audit.
Potential Impact
- The auditor may be using automated tools and techniques more frequently or extensively in their audit
- This may mean they will request different information or information in a different format, so that they can execute their audit procedures
Why are these changes being made?
The Standard has been significantly enhanced to evolve with the increasingly complex nature of the economic, technological, and regulatory aspects of the markets and environments in which entities and auditors operate. The key changes require a more robust risk assessment to properly identify risks and promote more focused responses to the identified risks in a manner that is appropriate for the nature, size and complexity of the entity.
Questions?
If you have any questions about this article, the CAS 315 updates, or any of our related services, please contact one of our audit experts or complete the contact form below.
CONTACT US
You may also like...
View all newsDIY Bookkeeping Tips For Health Care Professionals
Here are some practical tips to help you navigate the bookkeeping process.
Important changes to AgriInvest for 2025
Some operations now require a risk assessment and there are also new filing deadlines.
Career Opportunity | Accounting Technician - Taber
We are currently seeking a full-time Accounting Technician to join our team in Taber.
Free Consultation
Have questions? Book a free consultation. It's really just a casual conversation where we try to learn more about you and your goals, and how we can help you achieve those.