Identification and Assessment of the Risks of Material Misstatement Due to Fraud
26.
In accordance with ISA 315 (Revised 2019), the auditor shall identify and assess the risks of material misstatement due to
fraud at the financial statement level, and at the assertion level for classes of transactions, account balances and disclosures.8
27.
When identifying and assessing the risks of material misstatement due to fraud, the auditor shall, based on a presumption that there
are risks of fraud in revenue recognition, evaluate which types of revenue, revenue transactions or assertions give rise to such risks.
Paragraph 48 specifies the documentation required where the auditor concludes that the presumption is not applicable in the
circumstances of the engagement and, accordingly, has not identified revenue recognition as a risk of material misstatement due to
fraud. (Ref: Para. A29–A31)
28.
The auditor shall treat those assessed risks of material misstatement due to fraud as significant risks and accordingly, to the
extent not already done so, the auditor shall identify the entity’s controls that address such risks, and evaluate their design and
determine whether they have been implemented.9
(Ref: Para. A32–A33)
Responses to the Assessed Risks of Material Misstatement Due to Fraud
Overall Responses
29.
In accordance with ISA 330, the auditor shall determine overall responses to address the assessed risks of material
misstatement due to fraud at the financial statement level.10 (Ref: Para. A34)
30.
In determining overall responses to address the assessed risks of material misstatement due to fraud at the financial statement
level, the auditor shall:
(a) Assign and supervise personnel taking account of the knowledge, skill and ability of the individuals to be given
significant engagement responsibilities and the auditor’s assessment of the risks of material misstatement due to fraud
for the engagement; (Ref: Para. A35–A36)
(b) Evaluate whether the selection and application of accounting policies by the entity, particularly those related to
subjective measurements and complex transactions, may be indicative of fraudulent financial reporting resulting from
management’s effort to manage earnings; and
(c) Incorporate an element of unpredictability in the selection of the nature, timing and extent of audit procedures. (Ref:
Para. A37)
Audit Procedures Responsive to Assessed Risks of Material Misstatement Due to Fraud at the Assertion Level
31.
In accordance with ISA 330, the auditor shall design and perform further audit procedures whose nature, timing and extent
are responsive to the assessed risks of material misstatement due to fraud at the assertion level.11 (Ref: Para. A38–A41)
Audit Procedures Responsive to Risks Related to Management Override of Controls
32.
Management is in a unique position to perpetrate fraud because of management’s ability to manipulate accounting records
and prepare fraudulent financial statements by overriding controls that otherwise appear to be operating effectively.
Although the level of risk of management override of controls will vary from entity to entity, the risk is nevertheless present
in all entities. Due to the unpredictable way in which such override could occur, it is a risk of material misstatement due to
fraud and thus a significant risk.
33.
Irrespective of the auditor’s assessment of the risks of management override of controls, the auditor shall design and perform
audit procedures to:
(a) Test the appropriateness of journal entries recorded in the general ledger and other adjustments made in the
preparation of the financial statements. In designing and performing audit procedures for such tests, the auditor shall:
(i) Make inquiries of individuals involved in the financial reporting process about inappropriate or unusual
activity relating to the processing of journal entries and other adjustments;
(ii) Select journal entries and other adjustments made at the end of a reporting period; an