In December 2019, the International Auditing and Assurance Standards Board (IAASB) issued International Standard on Auditing (ISA) 315 (Revised 2019), Identifying and Assessing the Risks of Material Misstatement. On its release, the IAASB stated that ISA 315 (Revised 2019) is an important part of the IAASB’s efforts to improve audit quality globally.
The IAASB chair, Tom Seidenstein, said in regard to this significant standard that has been completed in the IAASB’s efforts to enhance audit quality: ‘The core of the audit is undertaking work to obtain sufficient appropriate audit evidence to address the risks of material misstatement, and the changes made to ISA 315 (Revised 2019) recognise the importance of a robust and consistent risk assessment in driving an appropriate and effective response to those risks.’
In finalising the changes, the IAASB focused on the understandability, complexity and length of the standard. It then made enhancements and clarifications to encourage a more consistent and robust risk assessment, which forms the foundation of the auditor’s efforts to gather sufficient appropriate audit evidence. The revisions also modernise the standard to keep up with the evolving environment in which businesses operate, particularly in relation to technology, and put more focus on why procedures are required.
ISA 315 (Revised 2019) states that the objective of the auditor is to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and assertion levels, thereby providing a basis for designing and implementing responses to the assessed risks of material misstatement. Given the current state of affairs due to the pandemic, the importance of being able to identity and assess risks becomes evident.
Mainly, ISA 315 (Revised 2019) aims to
- Promote consistency in the application of procedures for risk identification and assessment
- Make the standard more scalable through revised principles-based requirements
- Reduce the complexity and make the standard more usable by registered auditors of all entities, whatever the nature or complexity
- Encourage a more robust risk assessment, and more focused responses to those identified risks, and
- Support registered auditors using the standard by incorporating guidance material that recognises the evolving environment, including in relation to information technology
In arriving at ISA 315 (Revised 2019), the IAASB went through an exposure process internationally. The ISA 315 exposure draft was published on 16 July 2018, for comment by 2 November 2018. Comment letters were received from 72 respondents, including regulators and audit oversight authorities, national auditing standard setters, accounting firms, public sector organisations, International Federation of Accountants member bodies and other professional organisations, academics and individuals. Responses were also received from four Monitoring Group members.1
Notwithstanding support for various aspects of the ISA that had been revised, pervasive themes noted by respondents to the ISA 315 exposure draft included the following:
- The proposed changes had introduced a level of complexity that made the flow of the standard difficult to understand and therefore difficult to apply, particularly through requirements that were too prescriptive.
- The increased length, language used and structure had made the standard more difficult to understand.
- The use of new concepts and definitions, some of which lacked clarity, made the standard more difficult to apply and in some cases were not reflected in ISA 330.2
- The iterative nature of the standard was not clear.
Respondents also encouraged the IAASB to simplify the identification and assessment of the risks of material misstatement.
The IAASB took all the above-mentioned views, among others, into account in arriving at ISA 315 (Revised 2019) and the related conforming and consequential amendments to other ISAs.
ISA 315 (Revised 2019) states that the objective of the auditor is to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and assertion levels, thereby providing a basis for designing and implementing responses to the assessed risks of material misstatement. Given the current state of affairs due to the pandemic, the importance of being able to identity and assess risks becomes clearly evident.
It is also worth noting that ISA 315 (Revised 2019) is iterative in nature, and the registered auditor is required to exercise professional judgement in determining the nature and extent of the procedures to be undertaken.
ISA 315 (Revised 2019) is effective for financial statement audits for periods beginning on or after 15 December 2021, with earlier adoption permitted. In South Africa there is another step that follows the IAASB’s release of an ISA. The Auditing Profession Act 26 of 2005 requires the Independent Regulatory Board for Auditors’ (IRBA) Committee for Auditing Standards to recommend the ISA to the IRBA board’s approval for adoption, issue and prescription by registered auditors in South Africa. ISA 315 (Revised 2019) and the related conforming and consequential amendments to other ISAs were approved at the October 2020 IRBA board meeting for adoption, issue and prescription by registered auditors in South Africa.
Registered auditors and interested stakeholders have had their say through the comment period process. What is left now is for careful preparation for implementation and for ISA 315 (Revised 2019) to meet its objectives and remain fit-for-purpose through time.
Notes
1 The Monitoring Group comprises the Basel Committee on Banking Supervision (BCBS), the European Commission, the Financial Stability Board, the International Association of Insurance Supervisors (IAIS), the International Forum of Independent Audit Regulators (IFIAR), the International Organization of Securities Commissions (IOSCO) and the World Bank. Responses to the exposure draft were received from the BCBS, IAIS, IFIAR and IOSCO.
2 ISA 330, The Auditor’s Responses to the Assessed Risks.