ISA 240 – The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements

6 Responses to Assessed Risk

6.1 General responses:

  1. Make procedures unpredictable giving less room to those doing fraud or can do fraud to adjust
  2. Supervise and assign work to team members depending on their knowledge, skill and experience and the risk of fraud
  3. Evaluate accounting policies selected and applied that are indicative of fraudulent reporting

6.2 Responses to risk of management override

As management has the prime control of business activities they have the authority to make or break the control activities. Due to this fact they may override controls to commit fraud and thus materially misstatement financial statements. In response to assessed risk arising due to management’s ability to override controls auditor shall:

  1. Examine books of prime entry for routine and adjusting entries. Examination includes inquiring personnel making entries for unusual entries, testing period end entries etc.
  2. Assess possible influence in making accounting estimates and check if they are reasonable.
  3. Identify unusual entries and assess their nature and check if they are indicative of any fraudulent reporting

Auditor shall decide if additional procedures are needed to be carried out to appropriate respond risks associated with management override.

7 Evaluation of evidence obtained

The auditor shall consider if analytical procedures performed in finalizing audit engagement indicate fraud and associated risk not recognized in preliminary assessment of risk

On identifying misstatement auditor shall consider whether it is caused by fraud or error. If it is considered to be a resultant of fraud then notwithstanding materiality of misstatement, auditor shall review risk assessment related to fraud and consider if responsive procedures are appropriate. Auditor shall also revisit the audit evidence already obtained from management as its reliability may be affected by colluding employees, management and/or third parties.

Auditor shall consider implications on audit and auditor’s report if:

  1. Fraud is confirmed
  2. Auditor is unable to confirm if material misstatement is by fraud or not