If you have selected Assurance as an elective in your CPA Canada PEP, or it’s your role for the CFE, writing an effective audit planning memo will be the key to achieving multiple competent grades. Let’s walk through the 4 steps of writing an effecting audit planning memo: Risks, Approach, Materiality, Procedures (abbreviated as RAMP).
1. Identifying Overall Financial Statement Level (OFSL) Risk
Your first step in writing an audit planning memo will be to assess the overall financial statement level risks (OFSL). OFSL represents the risk of an audit engagement and risk of material misstatements (RMM). This assessment will be the foundation of determining what approach should be used to gather the appropriate evidence, the level of materiality we should accept, and the procedures required to form an audit opinion.
It’s important to analyze case facts for factors that either increase or decrease the level of risk. A well-rounded risk response will contribute some form of a balanced response between the two. As you read the case initially, mark factors you can refer back to for this assessment opportunity.
For example, in the case below, the second paragraph says: “We’re growing at an incredible pace and we can’t keep up.” This is a trigger that increases the audit risk.
When writing your response, using bullets is a great strategy to use time effectively. Each bullet should discuss what the risk is and why the impact increases or reduces overall risk. Students who don’t achieve “Competent” are often the result of not having a sufficient amount of risks, or lacking depth in the risk impact. Be sure to only discuss new risk factors for this year.
Some common risk factors include:
- Bank will be relying on bank covenants imposed on Company ABC. This increases OFSL risk as there is a risk of management bias to ensure financials meet the covenant.
- There are several F/S errors present. This increases OFSL risk that there are additional accounting errors that have yet to be identified.
- We have audited Company ABC for several years. This decreases OFSL risk as we are familiar with the business and their processes.
- Company ABC has implemented a new software this year. This increases OFSL risk as we are unfamiliar with the controls surrounding the new software and this could be resulting in errors in the financial statements.
Be sure to conclude if the OFSL is high, moderate or low, and why (i.e. high because factors increasing risk outweigh factors that decrease risk). The vast majority of the time you’ll conclude the OFSL risk as high due to the nature of CPA exams.
For example, here is an effective way to write the risks and conclude:
2. Identifying the Audit Approach
To determine the overall approach for gathering audit evidence, assess the control risk on an overall basis. If controls can be relied on, typically a combined approach will be used. If controls are determined to be weak, a substantive approach is concluded. To conclude on this, identify case facts related to the control environment, the nature of the business, and explain the impact of these items on the audit.
Some common considerations include:
- New systems and processes. Will increase control risk as these processes have not been relied on before and auditors are unfamiliar with them.
- Company ABC has multiple locations. This will make it difficult for auditors to visit and apply a substantive approach on all locations.
For example, here’s how the approach was written for this mock exam case:
3. Determining Materiality
Materiality is a product of user needs, not audit risk. Therefore, you must identify the key users of the F/S and what their needs are. For example, potential investors may be concerned with overall profitability, but the Bank could be more interested in debt and equity based on covenants. Understanding these user needs will provide support for your chosen materiality base. Calculate materiality where possible on revised F/S (after corrections).
Performance Materiality (PM) is based on the auditor’s professional judgment, and is associated with the risk of the engagement. This serves to mitigate errors that may not be detected during the testing phase. You should get in the habit of being able to include both overall and PM in your CPA case answers.
For example, here’s a complete materiality section:
4. Preparing Procedures
Procedures should be written for high risk transactions, accounts or assertions. When writing audit planning memo in CPA cases, it’s often written for all Financial Reporting (FR) issues. You should identify the specific risk, the related assertion and then the procedure. For this reason, procedures are often abbreviated to “RAP” (risk, assertion, procedure). Here’s an example of a risk: “Company ABC has pressure to meet a debt to equity covenant from the bank. There is a risk that due to management bias, the accounts payable account for what is owed is not complete”. Then write the assertion, which would be completeness.
Below are all the audit assertions:
Transactions/Events (Income statement): Completeness, Occurrence, Cut-off, Classification, Accuracy (“COCCA”)
Balances (Balance sheet): Completeness, Existence, Rights & Obligation, Valuation/Allocation (“CERV”)
Presentation and Disclosure: Occurrence, Rights/Obligations, Completeness, Classification/Understandability, Accuracy/Valuation
In CPA cases, we most often use the Income Statement and Balance Sheet assertions. You can remember them with the saying: IS COCCA CCERV’d in BoSton. There are more clever memory aids in my technical summary notes.
Assertions should have the GL accounts next to them. For example, Completeness (A/P) shows the assertion and account. This is not necessary when you write the RAP with FR issues though (see example below).
Audit procedures should be specific and detailed by demonstrating a step-by-step process. To be specific, you can use case facts such as referencing specific documents, accounts or procedures outlined for this company. The procedure should address how the risk can be looked into and how evidence will be acquired. You should also make sure their procedures are practical and realistic and avoid general statements. It also helps to write the procedures below the FR issues, as opposed to combining them at the end, because they are closely related to FR issues and you can reference FR as you write.
For example, here’s an FR issues with the audit procedure below it:
Some common procedures include:
- Obtain copy of all materials related to R&D and review in accordance to above criteria to determine if costs should be capitalized
- Obtain confirmation from management that ABC CO. plans to proceed with the R&D project to ensure the recognition criteria have been met
- Discuss with management and corroborate their responses with the R&D team, as to whether the asset is likely to be fully developed and ready for market soon, and as to the progress made on the development.
- Inquire and review if ABC Co. has complied with all terms of the agreement to determine if there are any additional unknown costs to include with the POC% calculation
- Vouch a sample of the contract to the supporting contracts and any revisions made to these supporting contracts. Check for the date, contract amount, and any unusual terms.
Applying this structure for audit planning memo (APM) will ensure your assessment is complete and in-depth to achieve C (competent) grade. Practice the WHY and HOW of the impact for each step of the APM to make sure to hit depth.