Ask Joey ™ a Question

What is the audit plan?

After outlining the audit strategy, the audit team should outline in writing, the audit plan based on the previously outlined nature, extent, and timing requirements in the audit strategy. The audit plan should be made in writing and specific procedures must be documented. The audit plan consists of risk assessment procedures, testing of controls, and substantive procedures (evidence gathering activities).

audit plan

The audit team should outline the following in the audit plan:

1) Risk assessment procedures that will be used to obtain an understanding of the client. Required risk assessment procedures consist of analytical procedures and inquiries. Risk assessment procedures are applied to better understand areas of materiality, heightened risks of material misstatements, operating effectiveness of internal controls etc.

2) Test of controls that will be used to evaluate the overall design and operating effectiveness of internal controls in attempting to prevent or detect material misstatements by the client’s management.

3) Substantive procedures will be used to detect material misstatements which will include various tests of details (e.g. reconciliation, confirmation, footing etc.)

4) The timing of the audit procedures should be documented in the audit plan.

5) The overall necessity of information technology to the financial reporting entity.


You might also be interested in...

  • What is the relationship between volume and variable cost per unit?

    If the variable cost per unit remains fixed, then any increase or decrease in unit volume will result in an increase or decrease in total variable costs for a business. For example, if variable cost per unit was steady at $5, then if unit volume were to increase from 100 to 200 units, then total […]

  • How can variable sampling risk impact the efficiency or effectiveness of an audit?

    Audit risk is comprised of inherent risk, control risk, and detection risk. The level of substantive testing that the audit performs is based on detection risk, which is set after the audit team assesses inherent risk and control risk. Variable Sampling – Substantive Testing When the audit team is performing substantive testing, they will use […]

  • What happens if control risk is set too high or too low?

    Audit risk is comprised of inherent risk, control risk, and detection risk. Depending on how the audit team assesses control risk, they would set detection risk, which determines the level of substantive testing that should be performed. To assess control risk, the audit team would use attribute sampling to determine if the controls were operating […]