The audit of accounting estimates can be a complex area. Here we address the changes brought in by ISA (UK) 540 (Revised December 2018) and demonstrate what a good audit file looks like in the context of auditing accounting estimates.
Introduction
This helpsheet has been issued by ICAEW’s Technical Advisory Service, in conjunction with the ICAEW’s Quality Assurance Department, as part of the What Good Looks Like Project, driven by the needs of our members and championed by the ICAEW Practice Committee.
The objective of this guidance is to help members better understand how to conduct and document their audits in a way that stands up to scrutiny following the issue of the revised standard, ISA (UK) 540, on auditing accounting estimates in December 2018. This includes considering how to interpret the requirements of ISAs (UK) to make well balanced judgements and apply professional scepticism.
Members may also wish to refer to the following related resources:
Background
The ‘What Good Looks Like’ guidance does not intend to gold-plate the requirements of the ISAs (UK) or to add additional requirements where there are none.
The standard of audit quality that auditors are aiming to achieve is full compliance with ISAs (UK) and other relevant requirements, such as the Ethical Standard and Companies Act.
All ISA (UK) references below are to ISA (UK) 540 (Revised December 2018) Auditing Accounting Estimates and Related Disclosures.
The guidance, together with the case study, demonstrates what could have been done and documented on an audit that achieves a Grade 1, which is referred to as ‘Good’, on a Quality Assurance Department (“QAD”) monitoring visit.
This guidance does not address issues that might arise in Public Interest Entity (PIE) audits or entities that comply with the FRC Code of Governance or similar.
Case study
The case study has been designed to address some of the more common and challenging aspects of auditing accounting estimates. The case study is not designed to provide a model answer or a template to be followed on an audit, but it will demonstrate what a good audit would look like as regards the work planned, performed and documented.
Auditors must identify the accounting estimates that have been used in the preparation of the financial statements and then identify those where there is the greatest risk of material misstatement. Estimates must be assessed in order of their significance and the audit work performed should reflect this assessment. The helpsheet will demonstrates how these key judgements should be documented by the auditor.
The ISAs (UK) are principles based and professional judgement is needed so there are often several valid ways to approach a particular audit issue. The case study focuses only on auditing accounting estimates and does not consider other areas of the audit. In applying ISA (UK) 540 (Revised 2018), auditors will also have to consider the requirements of many other ISAs (UK), especially:
- ISA (UK) 315 (Revised July 2020) Identifying and assessing the risks of material misstatement
- ISA (UK) 330 The auditor’s responses to assessed risks
- ISA (UK) 450 Evaluation of misstatements identified during the audit
- ISA (UK) 500 Audit evidence
Supporting documentation for Six Island Bay Developments Limited is provided as follows:
- Case study - Six Island Bay Developments Limited
- Draft financial statements for the year ended 31 December 2021 which have been prepared in accordance with FRS 102
- Audit planning document
The audit documentation relating to the case study provided is as follows:
How to use the case study
The case study is an illustrative example intended to support this guidance. It can also be used as a training tool to show how auditors should respond to a particular set of circumstances and as a basis for group discussions about the best audit approach.
The financial statements included within the case study are included to provide context only. The intention is not that these should be used to identify additional potential issues outside of those covered by the case study.
Key definitions
The ISA defines the following terms:
Accounting estimate: A monetary amount for which the measurement, in accordance with the requirements of the applicable financial reporting framework, is subject to estimation uncertainty.
Auditor’s point estimate or auditor’s range: An amount, or range of amounts, respectively, developed by the auditor in evaluating management’s point estimate.
Estimation uncertainty: Susceptibility to an inherent lack of precision in measurement.
Management bias: A lack of neutrality by management in the preparation of information.
Management’s point estimate: The amount selected by management for recognition or disclosure in the financial statements as an accounting estimate.
Outcome of an accounting estimate: The actual monetary amount that results from the resolution of the transaction(s), event(s) or condition(s) addressed by an accounting estimate.
What is an accounting estimate
Some common examples of accounting estimates include depreciation of property, plant and equipment, warranty provisions and revenue recognition on long term contracts.
All entities use accounting estimates in their financial statements, however, the extent of the audit work required will vary depending on the degree of estimation uncertainty.
ISA (UK) 540 (Revised 2018) recognises that the degree of estimation uncertainty will vary substantially. When the estimation uncertainty, complexity or subjectivity are very high the risk assessment and audit procedures would be expected to be more extensive (para 3). For accounting estimates with a low degree of estimation uncertainty, the risk assessment and further audit procedures would not be expected to be extensive.
Practical point
The identification of all accounting estimates and the assessment of the scale of risk attached to them should be performed and documented as part of the audit planning process. If the estimation uncertainty is considered to be low then the audit work performed should reflect this. A ‘one size fits all’ approach to the audit work performed is not appropriate. As such, standard audit methodology and programmes should always be adapted to the client.
Objective of the auditor
The objective of the auditor is to obtain sufficient appropriate audit evidence about whether accounting estimates and related disclosures in the financial statements are reasonable in the context of the applicable financial reporting framework.
It should be noted that it is the responsibility of management to make accounting estimates. The auditor’s responsibility is to provide an independent opinion on whether the financial statements show a true and fair view, so it is important to ensure that auditors do not find themselves providing guidance and advice in respect of how to make an estimate as this could lead to independence and objectivity being called into question.
Challenge and scepticism
Professional scepticism should be applied at all times – para 7 ISA 200 (UK) Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing (UK).
Professional scepticism is defined as ‘an attitude that includes a questioning mind, being alert to conditions which may indicate possible misstatement due to error or fraud, and a critical assessment of audit evidence’ (Glossary of Terms (Auditing and Ethics) and para 13(l) ISA 200 (UK)).
Scepticism can be difficult to demonstrate in audit documentation because it is a mindset, but good auditors find a way to bring the application of scepticism into their documentation. This may be through documenting the questions asked and challenges made, but it could also be shown in the way audit tests were designed. Where scepticism is driving test design, this should be highlighted in the audit documentation to provide evidence of the application of professional scepticism.
Practical point
Scepticism cannot be demonstrated by merely documenting that ‘management were challenged’. Auditors need to describe the nature of the challenge. Management needs to be challenged by asking questions like ‘How can you prove that?’ or ‘I have seen some evidence to the contrary, why is that still true?’ Good auditors do not just record the audit evidence obtained, but also how it was elicited and evaluated, through challenging management. It is just as important to record the questions asked by the auditor as it is the answers provided by management. Auditors should document the ‘journey’ to obtaining the audit evidence.
Understanding the entity
Understanding the entity is the foundation of both a good risk assessment and designing appropriate audit procedures. In relation to accounting estimates, the auditor must understand the business model and the skillset and the motivations of management. Discussions with management, analytical review and walkthroughs will be the main ways auditors will understand the entity.
It is important that the auditor’s understanding of the entity is documented. Good documentation of how the entity operates is important to support the audit approach and the adequacy of the audit evidence. It also helps communicate the information throughout the audit team, including those new to the audit and any second partner reviewer.
Risk assessment procedures
ISA (UK) 315 (Revised 2016) requires the auditor to obtain an understanding of the entity and its environment, including its internal control.
This is applicable to the audit of accounting estimates as the audit is required to identify and assess the risks of material misstatement at the financial statement and assertion levels.
The Entity and Its Environment
New transactions or changes to the conditions of existing ones could give rise to additional or changes in accounting estimates. This could include a new revenue stream or type of funding. Other broader events could also impact the accounting estimates; for example, the impact of the Covid-19 pandemic on recoverability of trade debtors.
Once the auditor has documented the accounting estimates included by management, they should also document the requirements as set out in the applicable financial reporting framework. Testing can then be designed to check that the estimate is in accordance with the accounting standards applied. For example, FRS 102 requires a non-basic financial instrument to be held at fair value and so the estimate by management should be a fair value estimate.
Understanding any regulatory factors that are relevant to the accounting estimates may assist the auditor in identifying applicable regulatory frameworks, for example in the banking and insurance sectors, and in determining whether such frameworks impose any further requirements or disclosures.
By developing an understanding of the expected accounting estimates to be included in the financial statements, the auditor then has a basis for discussion with management about how management makes the accounting estimates.
The Entity’s Internal Control
The auditor should document and consider the nature and extent of oversight and governance that the entity has in place over management’s financial reporting process relevant to accounting estimates when assessing management bias and effectiveness of controls.
Specialised industries and complex estimation models could lead to management deciding that they need to employ an expert. The auditor will need to understand how management identifies the need for, and applies, specialised skills or knowledge related to accounting estimates.
Understanding how the entity’s risk assessment process identifies and addresses risks relating to accounting estimates will assist the auditor in considering changes in financial reporting requirements.
The auditor should document, and review models used by management and note how these interact with the entity’s information system.
Auditors need to consider whether and how management understands the degree of estimation uncertainty. This would include where and how management have identified alternative methods or assumptions that would be appropriate or whether a sensitivity analysis has been performed to determine the effects of a change in the underlying assumptions.
As part of obtaining an understanding of the control activated relevant to the audit, the auditor may consider segregation of duties, how management determines the appropriateness of information and how accounting estimates are reviewed and approved.
Each year, management should compare the accounting estimates to the actuality. This process and any subsequent responses by management should be documented by the auditor.
The audit programme needs to include tests in which the auditor also performs this comparison. The review is not intended to call into question judgements about previous period accounting estimates that were appropriate based on the information available at the time they were made.
The auditor shall determine whether the engagement team requires specialised skills or knowledge to competently audit the accounting estimates.
Practical point: The requirement to consider specialist skills as part of the audit plan is now specific and detailed. The auditor’s response should then be tailored accordingly including if the entity is a smaller and less sophisticated organisation.
Practical point
The requirement to consider specialist skills as part of the audit plan is now specific and detailed. The auditor’s response should then be tailored accordingly including if the entity is a smaller and less sophisticated organisation.
Case study reference:
Identifying and assessing risks
ISA (UK) 540 (Revised 2018) requires the auditor to separately assess the inherent risk and the control risk relating to accounting estimates. This provides a basis for designing and performing audit procedures to respond to the risks of material misstatement.
Inherent risk factors that could influence the likelihood and magnitude of a potential misstatement include estimation uncertainty, subjectivity and complexity. The ISA refers to the spectrum of risk which is the degree to which these inherent risk factors affect the likelihood or extent of misstatement.
More routine transactions or those with a history of predictable outcomes will have a lower degree of estimation uncertainty. Accounting estimates that have a number of different models which are all acceptable within the industry or where the outcome of future events is uncertain or has many variables may be considered to have a higher estimation uncertainty.
The auditor’s assessment of control risk may be performed in accordance with firm practice or methodologies. The risk could be assessed as maximum, moderate, minimum. If control risk is assessed as maximum, the auditor may decide to place no reliance on the controls. Reliance might be considered when the risk is less than maximum.
Practical point: With regards this requirement, ISA (UK) 540 (Revised 2018) makes clear that a standard, ‘one-size-fits-all’ approach to the design of audit programme, is not appropriate. This is, perhaps, the most challenging aspect of the audit; to apply the risk assessment process and to then design audit procedures that are relevant, provide sufficient reliable evidence and are not excessive.
Case study references:
Practical point
The requirement to consider specialist skills as part of the audit plan is now specific and detailed. The auditor’s response should then be tailored accordingly including if the entity is a smaller and less sophisticated organisation.
Case study references:
Responses to risks
Once the auditor has assessed the risks, they must respond to them in the form of audit procedures. The auditor shall use one or more of the following:
- Obtaining audit evidence from events occurring up to the date of the auditor’s report
- Testing how management made the accounting estimate
- Developing an auditor’s point estimate or range
These audit procedures should reflect the assessed risk of material misstatement with more persuasive audit evidence required for higher risk estimates. The audit procedures should be designed without bias to obtain audit evidence which is either corroborative or contradictory.
Controls testing is required if the auditor is to attempt to rely on controls, or if substantive procedures alone cannot provide sufficient appropriate audit evidence.
Obtaining audit evidence from events occurring up to the date of the auditor’s report
Audit evidence from after the year end, up to the date of the auditor’s report may provide sufficient appropriate audit evidence to address the risks of material misstatement. For example, the post year-end sales price of stock may provide evidence relating to the estimate of net realisable value as at the reporting date.
However, this won’t always be the case. Events after the period end are not always indicative of conditions as at the reporting date, for example, the valuation of a listed investment several weeks post year end.
Testing how management made the accounting estimate
The audit procedures should include tests to obtain sufficient appropriate audit evidence regarding the risks of material misstatement relating to the selection and application of the methods, significant assumptions and the data used by management in making the accounting estimate. The auditor should also document and test how management selected the point estimate and developed related disclosures about estimation uncertainty.
Methods: Consideration should be given as to whether the method selected is appropriate and whether there have been changes from the prior year, whether judgements used give rise to indicators of possible management bias, whether the calculations are per the method and whether the integrity of the significant assumptions and data has been maintained. All of these need to be assessed so for example, the auditor should review whether judgements have been applied consistently, whether the design of the model is appropriate and whether adjustments to the output of the model are consistent with the measurement objective.
Significant assumptions: The audit procedures should assess the significant assumptions to determine whether they are appropriate, and whether they point towards management bias. They should also assess whether the significant assumptions used are consistent with each other and other related estimates.
When applicable, there is also a requirement to review whether management has the intent to carry out specific courses of action and has the ability to do so. For example, discounting stock in order to achieve sales of an impaired item.
Data: Data should be assessed to determine whether it is appropriate, if it points towards management bias and whether the data sets used are consistent with each other and other related estimates. The auditor should also consider whether management have appropriately understood and interpreted the data.
The auditor should design further audit procedures to test whether management has taken appropriate steps to understand and address estimation uncertainty by selecting an appropriate point estimate and by developing related disclosures about estimation uncertainty.
If the auditor judges that management have not undertaken those appropriate steps, the auditor shall request management perform additional procedures to understand estimation uncertainty or to reconsider their point estimate. If the response isn’t sufficient, then the auditor should develop their own point estimate or range.
Case study reference:
Developing an auditor’s point estimate or range
If the auditor is required to develop a point estimate or range, then there should be further procedures to evaluate whether the methods, assumptions or data used are appropriate in the context of the applicable financial reporting framework.
An auditor’s range should include only amounts that are supported by sufficient appropriate audit evidence, and which are considered reasonable in the context of the measurement objectives and other requirements of the applicable financial reporting framework.
Practical point
To assess whether the management point estimate is reasonable the auditor must also have their own clear idea as to what would be a reasonable estimate. The auditor cannot rely on only auditing the information provided by the management. The auditor should plan how they are going to gather this evidence and identify what information will be required to be provided by the management, well in advance of the audit fieldwork.
Disclosures
Audit procedures must be designed to include tests to obtain sufficient appropriate audit evidence regarding the assessed risks of material misstatement at the assertion level for disclosures related to an accounting estimate. This will be in addition to the disclosure checklist procedure.
Disclosures related to accounting estimates will be included within the notes for accounting policies, accounting estimates and judgements and in the notes supporting the income statement and balance sheet. The procedures designed should consider the qualitative aspects of the disclosures, the consistency of disclosures across the financial statements and whether the disclosures meet the objectives of the reporting framework.
Indicators of possible management bias
ISA (UK) 540 (Revised 2018) (para 32) requires the auditor to consider the judgements and decisions made by management for evidence of management bias. Judgements and decisions should be considered collectively and if evidence of bias is identified the auditor should evaluate the implications for the audit.
The auditor should be aware that where there is a clear intention by management to mislead, that the bias is fraudulent in nature.
The supporting guidance and ISA (UK) 200 (Revised 2016) require the auditor to maintain professional scepticism especially when reviewing accounting estimates relating to fair values, impairments and provisions.
It would be unrealistic to expect management to be completely free from any bias, perhaps more so, in entities that are owner-managed and there is no real separation between owners, managers and those charged with governance. The potential for bias should be acknowledged by the auditor, the degree of bias should be assessed, and the auditor should also consider what internal controls could be applied in this area.
Case study reference:
Audit team discussion
The audit team discussion is a good opportunity to remind the audit team of the need to stay focused on the audit objectives, keep referring to the planning documents and to appropriately challenge management.
The audit strategy should be revised as and when necessary if new information is discovered during the course of the audit. Team discussions provide an ideal environment to identify this need.
Overall evaluation of audit procedures
ISA (UK) 540 (Revised 2018) requires auditors to apply the requirements of ISA (UK) 330 (revised 2017) – the Auditor’s Responses to Assessed Risks - when making their overall assessment of the audit of accounting estimates and related disclosures.
The auditor shall evaluate whether the assessment of the risks of material misstatement at the assertion level remain appropriate, including when indicators of possible management bias have been identified.
During the audit fieldwork, information may come to light that indicates that the risk profile of the client or of an accounting estimate is different to what was initially assessed. This should be documented on the file and the audit programme amended to reflect the change in risk.
Management’s decisions relating to the recognition, measurement, presentation and disclosure of these accounting estimates in the financial statements should be assessed to ensure they are in accordance with the applicable financial reporting framework. These four areas should be reflected in the audit programme with reference to the applicable financial reporting framework. It is not appropriate for an entity to have an accounting policy which does not reflect their chosen reporting framework.
Whether sufficient appropriate audit evidence has been obtained should be assessed. All evidence needs to be taken into account, whether corroborative or contradictory. The evidence should be challenged, and the challenge and response documented.
For distinguishing unadjusted misstatements as factual, judgemental or projected, look to ISA (UK) 450 (Revised 2016).
Guidance can be found in ISA (UK) 705 (Revised 2016) with regards to modifications to the audit opinion.
In addition, ISA (UK) 706 (Revised 2016) para 8 requires that if the auditor considers it necessary to draw attention to a matter presented or disclosed in the financial statements that, in the auditor’s judgement, is of such importance that it is fundamental to users’ understanding of the financial statements, the auditor shall include an Emphasis of Matter paragraph in the auditor’s report.
Case study reference:
Written representations
In accordance with ISA (UK) 580, the auditor shall request written representations from management and, when appropriate those charged with governance, about whether the methods, significant assumptions and the data used in making the accounting estimates and the related disclosures are appropriate to achieve recognition, measurement or disclosure that is in accordance with the applicable financial reporting framework.
The auditor shall also consider the need to obtain representations about specific accounting estimates, including in relation to the methods, assumptions, or data used.
The written representations may include, for example:
- That the significant judgments made in making the accounting estimates have taken into account all relevant information of which management is aware
- The consistency and appropriateness in the selection or application of the methods, assumptions and data used by management in making the accounting estimates
- That the assumptions appropriately reflect management’s intent and ability to carry out specific courses of action on behalf of the entity, when relevant to the accounting estimates and disclosures
There are more examples in A145 of ISA (UK) 540 (Revised 2018).
Communications with those charged with governance
In applying ISA (UK) 260 (Revised June 2016) and ISA (UK) 265, the auditor is required to communicate with those charged with governance or management about certain matters, including significant qualitative aspects of the entity’s accounting practices and significant deficiencies in internal control, respectively.
In doing so, the auditor shall consider the matters, if any, to communicate regarding accounting estimates and take into account whether the reasons given to the risks of material misstatement relate to estimation uncertainty, or the effects of complexity, subjectivity or other inherent risk factors in making accounting estimates and related disclosures.
It would be appropriate to use an audit findings report to communicate to management any internal controls weaknesses and conclusions relating to risks of material misstatement in addition to any unadjusted errors.
In addition, in certain circumstances, the auditor is required by law or regulation to communicate about certain matters with other relevant parties, such as regulators.
Documentation
ISA (UK) 540 (Revised 2018) requires the auditor to include the following in the audit documentation:
(a) Key elements of the auditor’s understanding of the entity and its environment, including the entity’s internal control related to the entity’s accounting estimates;
(b) The linkage of the auditor’s further audit procedures with the assessed risks of material misstatement at the assertion level, taking into account the reasons (whether related to inherent risk or control risk) given to the assessment of those risks;
(c) The auditor’s response(s) when management has not taken appropriate steps to understand and address estimation uncertainty;
(d) Indicators of possible management bias related to accounting estimates, if any, and the auditor’s evaluation of the implications for the audit, as required by paragraph 32; and
(e) Significant judgments relating to the auditor’s determination of whether the accounting estimates and related disclosures are reasonable in the context of the applicable financial reporting framework, or are misstated.
If in doubt seek advice
ICAEW members, affiliates, ICAEW students and staff in eligible firms with member firm access can discuss their specific situation with the Technical Advisory Service on +44 (0)1908 248 250 or via webchat.
© ICAEW 2024 All rights reserved.
ICAEW cannot accept responsibility for any person acting or refraining to act as a result of any material contained in this helpsheet. This helpsheet is designed to alert members to an important issue of general application. It is not intended to be a definitive statement covering all aspects but is a brief comment on a specific point.
ICAEW members have permission to use and reproduce this helpsheet on the following conditions:
- This permission is strictly limited to ICAEW members only who are using the helpsheet for guidance only.
- The helpsheet is to be reproduced for personal, non-commercial use only and is not for re-distribution.
For further details members are invited to telephone the Technical Advisory Service T +44 (0)1908 248250. The Technical Advisory Service comprises the technical enquiries, ethics advice, anti-money laundering and fraud helplines. For further details visit icaew.com/tas.