INTERNATIONAL STANDARDS OF AUDIT (ISA)

Content
NIA 200 - 299 Responsibilities1
NIA 200. Objectives and General Principles Governing a Financial Statement Audit
Financial
NIA 210. Terms of Audit Work.................................................................... 3
NIA 230. Documentationn ............................................................................................................... 6
NIA 240. Auditor's Responsibility to Consider Fraud and Error in an ...
Financial Statement Audit.............................................................................................. 8
NIA 250. Consideration of Laws and Regulations in an Audit of Financial Statements
Financial..................................................................................................................................... 10
NIA 260. Communications on Audit Matters with Those Charged with Governance13
NIA 300 - 399 Planning14
NIA 300. Planning14
NIA 310. Knowledge of the Business17
NIA 320. Relative Importance of Auditinga ....................................................................... 20
NIA 400 - 499 Internal Control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
NIA 400. Risk Assessment and Internal Control.............................................................. 22
NIA 410. Audit in a Computerized Information Systems Environments .... 26
NIA 420. Audit Considerations Related to Entities Using
Service Organizations................................................................. 28
 INTERNATIONAL AUDITING STANDARDS (NIA)

INTERNATIONAL STANDARDS OF AUDIT (ISA)

NIA 200 - 299 Responsibilities

NIA 200. Objectives and General Principles Governing a Financial Statement Audit
Financial
The purpose of this International Standard on Auditing is to establish standards and provide

guidelines on the objective and the general principles governing an audit of

financial statements. This International Auditing Standard should be read
together with the Framework of Reference of the International Standards of
Audit.

The auditor must:

Conduct an audit in accordance with the International Auditing Standards.

Plan and perform with a recognized professional skepticism attitude that
there may be circumstances that cause the financial statements to be
substantially misrepresented.

Scope of an Audit

It refers to the audit procedures deemed necessary in the

circumstances to achieve the objective of the audit.

Reasonable Certainty

It is the concept that refers to the accumulation of the necessary audit evidence.
for the auditor to conclude that there are no material misstatements in
the financial statements taken in a comprehensive manner.

There are inherent limitations in an audit that affect the auditor's ability to
detect substantial misrepresentations, such as:

The use of tests

The inherent limitations of any accounting and control system
internal (for example, the possibility of collusion)

1
 INTERNATIONAL AUDITING STANDARDS (NIA)

The fact that much of the audit evidence is rather persuasive.

how conclusive

The work undertaken by the auditor to form an opinion is influenced by the

exercise of judgment, particularly regarding:

The collection of audit evidence, for example to decide the nature,

opportunity and scope of audit procedures; and
The drawing of conclusions based on the audit evidence gathered,
for example, evaluate the reasonableness of the estimates made by the
administration when preparing financial statements.

Responsibility for the Financial Statements

The auditor is responsible for forming and expressing an opinion on the statements.
financial, and the responsibility for preparing and presenting the financial statements lies with

the management of the entity. The audit of the financial statements does not relieve the
management of your responsibilities.

Requirements:

1.Ethical requirements related to financial statement auditing

2.Professional skepticism

3.Professional judgment

4.Sufficient and appropriate audit evidence and audit risk

5.Conducting the audit in accordance with the ISA

2
 INTERNATIONAL AUDITING STANDARDS (NIA)

ISA 210. Terms of Audit Engagements

The purpose of this International Audit Standard is to establish standards and provide
guidelines on:

a)The agreement of the terms of work with the client; and

b)The auditor's response to a client's request to change the terms
from one job to another that provides a lower level of certainty.

The auditor and the client must agree on the terms of the work. The agreed terms
with the client they would need to be included in a letter of commitment for the audit or
another appropriate form of contract.

This International Auditing Standard aims to assist the auditor in the preparation of
commitment letters regarding financial statement audits, The guidelines are
also applicable to related services. When other services are to be provided
such as advisory services on taxes, accounting, or management, can be
it is appropriate to issue letters separately.

Main content:

The form and content of commitment letters may vary for each client but
they must always refer to:

The objective of the financial statement audit.

Responsibility of management for the financial statements.
The scope of the audit, including reference to applicable legislation,
regulations or statements from professional bodies to which they
the auditor adheres.
The shape of the reports.
The inevitable risk that some misrepresentations still exist.
substantial things may remain undiscovered.
Unrestricted access to any record, documentation, and other information
requested in connection with the audit.

3
 INTERNATIONAL AUDITING STANDARDS (NIA)

Requirements:

1.Compliance with conditions prior to the audit: it must be determined whether the
The financial information that is prepared is acceptable. Obtain the compliance of the
address and government officials. Read the regulations in case of limitations
within the scope of the audits imposed prior to the acceptance of the audit engagement.

2Agreement on the terms of the audit assignment: in the content of the letter of
The engagement must be considered as established by ISA 210.

3.Recurring audits: the auditor will assess whether the terms need to be reviewed.
of trust and if necessary remind them of the entity.

4.Modification of the terms of the audit engagement: the modification of the

Terms of the assignments can only be modified in case there is a
reasonable justification.

NIA 220. Quality Control for Audit Work

The purpose of this International Audit Standard it is to establish standards and

provide guidelines on quality control regarding:

policies and procedures of an audit firm regarding the work of

audit in general; and
procedures regarding the work delegated to assistants in an audit
particular.

Quality control policies and procedures must be implemented both at

level of the audit firm's involvement as in the specific audits.

Audit Firm

The auditing firm must implement control policies and procedures.

quality designed to ensure that all audits are conducted in accordance
to the NIAs or with relevant national standards or practices.

4
 INTERNATIONAL AUDITING STANDARDS (NIA)

The nature, times, and degree of quality control policies and procedures
right away The audit firm's dependence on its size and the nature of its practice.
geographical dispersion, its organization and considerations regarding an appropriate

cost/benefit.

The objectives of the quality control policies adopted by an auditing firm

they must incorporate the following:

a) Requirements professionals.The staff of the firm will observe the principles of

Independence y Behavior
Professional.
b) Competition and SkillThe staff must have technical standards and
professional competencies required to fulfill their responsibilities.
c) Assignment. This work should be assigned to personnel who have a certain degree.
of technical training and efficiency required for the circumstances.
DelegationThere should be direction, supervision, and review of the work for everyone.
the levels to provide reasonable assurance that the work performed
meets the appropriate quality standards.
e) Queries. Whenever necessary, it will be consulted inside or outside of the
firm, with those who have the appropriate experience and knowledge.
Acceptance and customer retention.An assessment must be carried out on the
prospective clients and a review of a continuous database of the
existing clients and the capacity and independence of the firm will be considered
to provide customer service appropriately and the integrity of the
customer management.
g) Monitoring. It should be done continuously and appropriately regarding the
operational effectiveness of quality control policies and procedures.

These general policies and procedures for the firm's quality control must
communicate to all your staff in a way that ensures they know they are valued
understood.

5
 INTERNATIONAL AUDITING STANDARDS (NIA)

NIA 230. Documentation

The purpose of this International Auditing Standard is to establish standards and
provide guidelines regarding documentation in the context of auditing
of financial statements.

The auditor must document the matters that are important to support the opinion.
of the audit and provide evidence that the audit was carried out in accordance with the
International Auditing Standards

The working papers:

a)Assist in the planning and performance of the audit

b)Assist in the supervision and review of audit work
)They record the audit evidence resulting from the audit work
performed, to support the auditor's opinion

Format and content of the working papers

Prepare work papers that are sufficiently complete and detailed to

provide a comprehensive understanding of auditing

The auditor must

Record in the working papers the planning, the nature, timing, and the
scope of the audit procedures developed and therefore the
results

The form and content of the working papers are affected by issues.
as:

The nature of work

The format of the auditor's report
The nature and complexity of the business
The nature and condition of accounting systems and internal control of the
entity
The needs in the particular circumstances of direction, supervision and
review of the work performed by the assistants

6
 INTERNATIONAL AUDITING STANDARDS (NIA)

Specific auditing methodology and technology used in the course of the audit

The working papers are designed and organized to meet the

circumstances and needs of the auditor for each particular audit.

The working papers regularly include:

Information regarding the organizational structure

Extracts or copies of important legal documents
Information concerning the industry and its economic and legal environment.
Evidence of the planning process including audit programs,
changes in accounting and internal control systems, evaluations of
inherent and control risks, considerations of internal audit work
and the conclusions reached
Analysis of transactions and balances, of trends and important indices
Evidence that the work of the assistants was reviewed
Indication about Who developed the audit procedures and when?
they were developed.
Details of procedures applied to components audited by others
auditor.
Copies of communications with other auditors, experts, and third parties.
Representation letters received from the entity
Conclusions reached by the auditor
Copies of the financial statements and the auditor's report.

Requirements:

1.Timely preparation of audit documentation

2.Documentation of the applied audit procedures and evidence
from the audit obtained
3.Compilation of the final audit file.

7
 INTERNATIONAL AUDITING STANDARDS (NIA)

NIA 240. Auditor's responsibility to consider fraud and error in an audit

Financial Statements Audit
The purpose of this International Auditing Standard (IAS) is to establish standards and
provide guidelines about the responsibility of the Public Accountant as (of
hereafter, the auditor) to consider fraud and error in an audit of
financial statements. While this ISA focuses on the responsibilities of the auditor
regarding fraud and error, the primary responsibility for prevention and
fraud and error detection concerns both those in charge of management and the
administration of an entity.

When planning and carrying out audit procedures and evaluating and reporting the
corresponding results, the auditor must consider the risk of
misleading representations of relative significance in financial statements
resulting from fraud or error.

Fraud and error.

Features.

Misrepresentations in the financial statements can originate from fraud.

the error.

The term 'error' refers to unintentional mistakes in the states.

financial, including the omission of an amount or a disclosure, such as:

A mistake in gathering or processing data with which the statements are prepared
financial
An incorrect accounting estimate that originates from carelessness or bad
interpretation of the facts
A mistake in the accounting principles related to valuation,
recognition, classification, presentation or disclosure

The term 'fraud' isrefers to an intentional act by one or more individuals

from the administration, those in charge, employees, or third parties, who

8
 INTERNATIONAL AUDITING STANDARDS (NIA)

involve the use of deceit to gain an unfair or illegal advantage. Although fraud
it is a broad legal concept concerning the auditor regarding fraudulent acts that are the cause

of a misleading representation in the financial statements. The misrepresentation

The financial statements may not be the objective of some frauds. The auditors
they do not make legal determinations as to whether fraud has actually occurred. The fraud that
it only involves employees of the entity is known as 'employee fraud'. In
either of the two cases may involve collusion with third parties outside of the
entity.

Auditor responsibilities.

Inherent limitations of an audit

Professional skepticism.
Research with management.

When planning the audit, the auditor must conduct investigations with the management:

a) For obtain an adequate understanding of management evaluation

the risk that the financial statements may be presented in a form
significantly erroneous, as a result of fraud.
b) For obtain knowledge of the understanding of management regarding
the accounting and internal control systems established to prevent and
detect errors.
c) For determine if the management is aware of any known fraud that
has affected the entity or alleged fraud that the entity is investigating.
d) For determine if the management has discovered any significant error.

If the auditor has:

Identified a fraud, whether or not it results in a misleading representation

that significantly affects the financial statements;
obtained evidence indicating that fraud may exist (even if the potential effect)
about the financial statements is not important

The auditor must communicate these matters to the appropriate level of management in
timely manner and consider the need to inform those in charge of these matters
9
 INTERNATIONAL AUDITING STANDARDS (NIA)

of the command according to the NIA 260 'Communication of audit matters with the
in charge of the command.

Inability of the auditor to complete the work

If the auditor concludes that it is not possible to continue developing the audit as
result of a misleading representation resulting from fraud or alleged fraud,
must

a)Consider the professional and legal responsibilities applicable in the

circumstances, including whether there is a requirement for the auditor to inform the person
or individuals who took on the auditing commitment or, in some cases, to the
surveillance and control authorities.
b)Consider the possibility of retiring from work and discussing with the appropriate level
from the administration and with those in charge of the command the withdrawal of the work auditor

and his reasons for retirement.

c)Consider whether there is a professional or legal requirement to inform the person or
people who took on the audit commitment or, in some cases, to the
supervisory and control authorities the withdrawal of the labor auditor and their reasons for
Hello.

NIA 250. Consideration of Laws and Regulations in an Audit of Financial Statements

Financial
The purpose of this International Auditing Standard is to establish standards and
provide guidelines on the auditor's responsibility to consider the laws
and regulations in a financial statement audit.

When planning and developing audit procedures and when evaluating and reporting the
consequential results, the auditor must acknowledge that the non-compliance by the part
The entity with laws and regulations can substantially affect the states.
financial. However, an audit cannot be expected to detect
non-compliance with all laws and regulations. The detection of non-compliance, without
consider the relative importance, it requires consideration of the implications for the

10
 INTERNATIONAL AUDITING STANDARDS (NIA)

integrity of the management or employees and the possible effect on other aspects of
the audit.

This International Auditing Standard applies to audits of financial statements and

does not apply to other jobs in which the auditor specifically commits to put
test and report separately on compliance with laws or regulations
specific.

Responsibility for compliance administration with laws and regulations

It is the responsibility of management to ensure that the entity's operations are

they drive according to the laws and regulations. The responsibility for the
prevention and detection of non-compliance rests on the administration.

Auditor's consideration of compliance with laws and regulations

The auditor is not, and cannot be considered, responsible for preventing the
non-compliance. The fact that an annual audit is carried out can, without
embargo, act as a deterrent or brake.

According to the International Auditing Standard "Objective and General Principles"

that govern a Financial Statements Audit, the auditor must plan and
to develop the audit with a professional skepticism attitude recognizing that
the audit may reveal conditions or events that would lead one to question whether a
entity is complying with laws and regulations.

To plan the audit, the auditor must obtain a general understanding of the
legal and regulatory framework applicable to the entity and the industry and how it
entity is complying with said framework.

After obtaining the general understanding, the auditor must perform

procedures to help identify cases of non-compliance with those laws
and regulations where non-compliance must be considered when preparing the statements
financial, specifically:

Check with the administration if the entity is in compliance with these laws
and regulations.

11
 INTERNATIONAL AUDITING STANDARDS (NIA)

Inspect correspondence with the main authorities that grant

licenses or impose regulations.
Procedures when non-compliance is discovered

When the auditor becomes aware of information regarding a possible case of

non-compliance, should to gain an understanding of the nature of the act and the
circumstances in which it has occurred, and another sufficient information to evaluate the
possible effect on the financial statements.

When the auditor believes there may be a breach, they should document it.
results and discuss them with management. The documentation of results includes
copies of records and documents and the preparation of minutes of the conversations
if it were appropriate.

Non-Compliance Report to the Administration

If the auditor believes that the non-compliance is intentional and significant, the
The auditor should communicate the result without delay.

If the auditor suspects that members of management, including members of the

board of directors, they are involved in the non-compliance, the auditor must
communicate the matter to the immediate higher level of authority in the entity, if it exists,
like an audit committee or board of directors.

Withdrawal from work

The auditor may conclude that withdrawal from the engagement is necessary when the entity does not

take corrective actions that the auditor deems necessary under the circumstances,
even if the non-compliance does not substantially affect the financial statements. The
factors that would affect the auditor's conclusion include the implications of the
involvement of the highest authority within the entity that can affect the
reliability of management's assertions, and the effects on the auditor
regarding the continuation of the partnership with the entity. To reach this conclusion, the
An auditor would normally seek legal advice.

12
 INTERNATIONAL AUDITING STANDARDS (NIA)

NIA 260. Communications of Audit Matters with Those Charged with Governance
Mando
The purpose of this International Auditing Standard (IAS) is to establish standards and
provide guidelines on communicating audit matters that arise
from the audit of the financial statements between the auditor and those in charge of management

of an entity. These communications refer to matters of auditing interest.

of the command as defined in this ISA. This NIA does not provide guidelines on
communications from the auditor to parties outside the entity, for example, to the
supervision and control entities.

The auditor must communicate the audit matters of interest to management that arise.
from the audit of the financial statements to those in charge of the management of a
entity.

Relevant people

The auditor must identify the relevant individuals in charge of management and
who communicates the key audit matters to management

Audit matters of interest to management that need to be communicated.

The auditor should consider the audit matters of interest to management that arise.
of the audit of the financial statements and communicate them to those in charge of management

Opportunity of communications

The auditor must promptly communicate matters of audit interest from the
command. This enables those in charge of the command to take the appropriate actions.

Forms of communication

The auditor's communications with those in charge of management can be made in

oral or written form. The auditor's decision to communicate either orally or by
writing depends on factors such as size, operational structure,

13
 INTERNATIONAL AUDITING STANDARDS (NIA)

legal structure and communication processes of the entity being audited, as well as
the nature, sensitivity, and importance of audit matters.

NIA 300 - 399 Planning

NIA 300. Planning
The purpose of this International Auditing Standard (ISA) is to establish standards and
provide guidelines on the planning of a financial statement audit.
This ISA has as its framework the context of recurring audits. In
In a first audit, the auditor may need to extend the planning process.
beyond the matters being discussed here.

The auditor must plan the audit work in such a way that the audit is
developed in an effective manner.

"Planning" means developing a general strategy and a detailed approach to

the nature, opportunity, and expected scope of the audit. The auditor plans
develop the audit efficiently and timely.

Work planning

The proper planning of work Auditing helps ensure that it is provided.

appropriate attention to important areas of the audit, that the potential problems
are identified and that the work is carried out promptly. The planning
it also helps with the appropriate assignment of work to the assistants and for the
coordination of the work done by other auditors and experts.

The level of planning will vary according to the size of the entity, the complexity
of the audit, the auditor's experience with the entity and their knowledge of the business.

Acquiring business knowledge is an important part of work planning.

The auditor's knowledge of the business helps in the identification. of events,
transactions and practices that may have a significant effect on the states
financial

14
 INTERNATIONAL AUDITING STANDARDS (NIA)

The auditor may wish to discuss elements of the overall audit plan and certain
audit procedures with the audit committee, management, and staff of
the entity, to improve the effectiveness and efficiency of the audit and to coordinate the
audit procedures with the work of the entity's employees. The plan
global audit and the audit program, however, remain as
auditor's responsibility.

The global audit plan

The auditor must develop and document a comprehensive audit plan describing the
scope and expected conduct of the audit. While the plan's record
The audit plan will need to be sufficiently detailed to guide the development.
the audit program, its form and content will vary according to the size of the
entity, to the complexity of the audit and to the methodology and specific technologies
used by the auditor.

The matters that the auditor will have to consider when developing the overall plan of
audit include:

Business knowledge

General economic factors and industry conditions that affect the

business of the entity.
Important characteristics of the entity, its business, its financial performance and
their requirements for reporting, including changes since the date of the
previous audit.
The general level of competence of the administration.

Understanding accounting systems and internal control

The accounting policies adopted by the entity and the changes in those policies.
The effect of new accounting and auditing pronouncements.
The knowledge acquired by the auditor about the accounting systems and of
internal control and the relative emphasis that is expected to be applied in the tests of

control procedures and other substantive procedures.

15
 INTERNATIONAL AUDITING STANDARDS (NIA)

Risks and relative importance

The expected assessments of inherent and control risks and the

identification of important audit areas.
The establishment of levels of relative importance for audit purposes.
The possibility of erroneous representations, including the experience of periods.
past, or of fraud.
The identification of complex accounting areas including those involving
accounting estimates.
Nature, opportunity, and scope of the procedures
Possible shift in emphasis on specific areas of auditing.
The effect of information technology on auditing.
The work of internal auditing and its expected effect on procedures
external audit.

Coordination, direction, supervision, and review

The involvement of other auditors in the audit of other components, for

example, subsidiary, branch, and divisions.
The involvement of specialists from other disciplines.
The number of localities.
Staff requirements.

The audit program

The auditor must develop and document an audit program that outlines the
nature, opportunity, and scope of the planned audit procedures that
are required to implement the global audit plan. The audit program
serves as a set of instructions for the assistants involved in the audit and
as a means for controlling and recording the proper execution of the work. The
The audit program may also contain the objectives of the audit for each
area and a budget of time with the estimated hours for the various areas or
audit procedures.

16
 INTERNATIONAL AUDITING STANDARDS NIA

When preparing the audit program, the auditor must consider the assessments
specific to the inherent risks and controls and the required level of assurance that
they will have to provide the substantive procedures. The auditor must also
consider the opportunity for testing controls and substantive procedures,
the coordination of any expected assistance from the entity, the availability of the
assistants and the participation of other auditors or specialists. Other matters,
noted earlier, can be considered in more detail during the development of the
audit program.

NIA 310. Knowledge of the Business

The purpose of this International Auditing Standard (ISA) is to establish standards and
provide guidelines on what it means to have business knowledge, why
it is important for the auditor and the members of an audit staff that
they develop a job, why it is relevant for all phases of an audit, and
how the auditor obtains and uses that knowledge.

When developing a financial statement audit, the auditor should have or acquire
a sufficient understanding of the business to be able to identify and comprehend
the events, transactions, and practices that, in their opinion, may have an effect
important about the financial statements or in the exam or in the audit report.
For example, that knowledge is used by the auditor when assessing risks.
inherent and control and in determining the nature, timing, and scope of the
audit procedures.

The auditor's level of knowledge for a job would include a general understanding.
of the economy and the industry within which the entity operates, and a deeper knowledge
specifics of how the entity operates. The level of knowledge required by the auditor
ordinarily it would be, however, less than that possessed by the administration

17
 INTERNATIONAL AUDITING STANDARDS (NIA)

Acquisition of knowledge

Before accepting the job, the auditor must obtain preliminary knowledge of
the industry and the owners, management, and operations of the entity that is going to be
audited, and will consider whether it was able to obtain a level of business knowledge

suitable for conducting the audit.

Once the job is accepted, further and more detailed information will be obtained. Upon
to the extent that it is feasible, the auditor will obtain the required knowledge at the beginning of the

work. As the audit progresses, that information will be evaluated and updated
and more information will be obtained.

The acquisition of the required business knowledge is an ongoing process and

cumulative collection and evaluation of information and relating it to
knowledge acquired with audit evidence and information at all stages
from the audit. For example, although the information is gathered in the planning stage,
it is typically refined and supplemented in later stages of the audit as it goes
getting to know the auditors and assistants more about the business.

The auditor can gain knowledge of the industry and the entity from various
sources. For example:

Previous experience with the entity and its industry.

Discussion with people from the entity (directors and senior operational staff).
Discussion with internal audit staff and review of their reports.
Discussion with other auditors and with legal or other types of advisors that have
provided services to the entity or within the industry.
Discussion with people familiar with the industry outside the entity (by
example, industry economists, industry regulatory agencies, clients,
suppliers, competitors.
Publications related to the industry (for example, government statistics,
surveys, texts, trade magazines, reports prepared by banks and
stock brokers, financial newspapers.

18
 INTERNATIONAL AUDITING STANDARDS (NIA)

Legislation and regulations that significantly affect the entity.

Visits to the entity's premises and to the facilities of its plants.
Documents produced by the entity (for example, meeting minutes, material
sent to shareholders, or submitted to regulatory authorities, literature
promotional, annual and financial reports from previous years, budgets,
internal management reports, interim financial reports, manual
administration policies, accounting and control system manuals
internal, chart of accounts, manual of functions, marketing plans and
sales).

Use of knowledge

Business knowledge is a framework within which the auditor operates.

your professional judgment. Understand the business and use this information appropriately
help to the auditor for:

Evaluate risks and identify problems.

Plan and develop the audit effectively and efficiently.
Evaluate audit evidence.
Provide better customer service.

The auditor makes judgments on many matters during the course of the audit in the
that business knowledge is important. For example:

Evaluate inherent risk and control risk.

Consider the business risks and the management's response to them.
Develop the global audit plan and the audit program.
Determine a level of relative importance and assess whether the chosen level remains
being appropriate.
Evaluate the audit evidence to determine whether it is appropriate and the validity of the
assertions related to the financial statements.
Evaluate the accounting estimates and the representations of management.

19
 INTERNATIONAL AUDITING STANDARDS (NIA)

Identify areas where consideration and skills may be necessary

special audits.
Identify related parties and transactions between related parties.
Recognize conflicting information (for example, contradictory representations).
Recognize unusual circumstances (for example, fraud and non-compliance with
laws and regulations, unexpected relationships of operational statistical data
with the reported financial results).
Make inquiries with the staff and assess the reasonableness of the responses.
Consider the appropriateness of the accounting policies and disclosures of the
states

NIA 320. Relative Importance of Auditing

The purpose of this International Auditing Standard (IAS) is to establish standards and
provide guidelines on the concept of relative importance and its relationship with
the risk of auditing.

The auditor must consider the relative importance and its relation to the risk of
audit when conducting an audit.

The 'Relative Importance' is defined within the 'Reference Framework for the
Preparation of Financial Statements prepared by the International Committee
Accounting Standards (IASC) in the following terms:

The information is of relative importance if its omission ormisrepresentation

could influence the economic decisions of users made based on the
financial statements. The relative importance depends on the size of the item or error.
judged in the particular circumstances of its omission or incorrect representation. Thus,
relative importance offers a point of separation of the item in question, more
What should be a primordial qualitative characteristic that information must have to be
useful.

20
 INTERNATIONAL AUDITING STANDARDS (NIA)

Relative importance

The objective of a financial statement audit is to enable the auditor to express

an opinion on whether the financial statements are prepared, regarding everything
important, in accordance with a framework for financial reports
identified. The evaluation of what is important is a matter of professional judgment.

When designing the audit plan, the auditor establishes an acceptable level of materiality.
regarding the way to detect in a quantitative manner the erroneous representations of
relative importance. The auditor must consider the possibility of representations
erroneous of relatively small amounts that, cumulatively could have
an important effect on the financial statements. For example, an error in a
month-end procedure could be an indication of a misrepresentation
of relative importance if that error were to be repeated every month.

The auditor considers the relative importance both at the overall level of the financial statement.

as in relation to balances of particular accounts, types of transactions and

revelations. The relative importance can be influenced by considerations such as
legal and regulatory requirements and considerations related to balances of
a statement of the financial statements and their relationships with other accounts. This process

can result in different levels of relative importance depending on the

aspect of the financial statements being considered.

The relative importance must be considered by the auditor when:

a)determine the nature, timing, and extent of audit procedures;

y
b)evaluate the effect of misleading representations

21
 INTERNATIONAL AUDITING STANDARDS (NIA)

The relationship between materiality and audit risk

When the auditor plans the audit, they should consider what would make the statements
financial matters were misrepresented with a relative importance. The
evaluation of the auditor of the relative importance, related to account balances and
specific transaction classes, help the auditor decide on aspects such as
which accounts to examine and whether to apply sampling and analytical procedures. This gives

capacity of the auditor to select audit procedures that, in

combination, it can be expected that they will reduce the audit risk to a level
acceptably low.

There is an inverse relationship between relative importance and the level of audit risk.
What it means is that the higher the level of relative importance, the lower the risk.
of auditing and vice versa.

Assessment of the effect of misleading representations

When evaluating the proper presentation of financial statements, the auditor must
evaluate whether the accumulated value of the uncorrected erroneous representations that have

those identified during the audit are of relative importance.

NIA 400 - 499 Internal Control

NIA 400. Risk Assessment and Internal Control

The purpose of this International Auditing Standard is to establish norms and
provide guidelines to gain an understanding of the systems of
accounting and internal control regarding audit risk and its components: risk
inherent, control risk and detection risk.

The auditor must obtain an understanding of the accounting and control systems.
sufficient internal to plan the audit and develop an audit approach
cash. The auditor should use professional judgment to assess the risk of audit and

22
 INTERNATIONAL AUDITING STANDARDS NIA

design the audit procedures to ensure that the risk is reduced to a

acceptably low level.

Inherent risk

In developing the overall audit plan, the auditor should assess the inherent risk.
at the financial statement level. When developing the audit program, the auditor should
relate said evaluation to level of account balance assertion and classes of
relative importance transactions, or assuming that the inherent risk is high for the
assertion.

Accounting and internal control systems

The internal controls related to the system of accounting are addressed to

achieve objectives such as:

Transactions are executed according to the general authorization or

specific to administration.
All transactions and other events are promptly recorded in the amount.
correct, in the appropriate accounts and in the appropriate accounting period.
Access to assets and records is only permitted in accordance with authorization from
the administration.
The recorded assets are compared with the existing assets at intervals.
reasonable and appropriate action is taken regarding any difference.

Accounting system

The auditor should obtain an understanding of the accounting system sufficient to

identify and understand:

a)the main classes of transactions in the entity's operations;

b)how these transactions are initiated;
c)important accounting records, supporting documents, and accounts in the statements
financial; and
d)the accounting process and financial reporting, from the onset of transactions
important and other events until their inclusion in the financial statements.

23
 INTERNATIONAL AUDITING STANDARDS (NIA)

Control environment

The auditor should obtain an understanding of the control environment sufficient to

evaluate the attitudes, awareness, and actions of directors and management regarding
of internal controls and their importance in the entity.

Control procedures

The auditor should obtain an understanding of the control procedures sufficient.

to develop the audit plan. By obtaining this understanding, the auditor
I would consider the knowledge about the presence or absence of procedures of
control obtained from the understanding of the control environment and the system of

accounting for determine if any additional understanding is needed about the

control procedures.

Control Risk

Preliminary evaluation of control risk

The preliminary risk control assessment is the process of evaluating effectiveness.

of the accounting systems and internal control of an entity to prevent or
detect and correct misrepresentations of relative importance. There will always be
some risk of control due to the inherent limitations of any system of
accounting and internal control.

Control tests

The auditor should obtain audit evidence through control tests to

support any risk control evaluation that is less than high. While
the lower the evaluation of the control risk, the more support the auditor should obtain
that accounting and internal control systems are adequately
designed and operating effectively.

Based on the results of the control tests, the auditor should assess whether the
Internal controls are designed and operating as contemplated in the evaluation.
preliminary control risk. The assessment of deviations can result in
result that the auditor concludes that the evaluated level of control risk needs

24
 INTERNATIONAL AUDITING STANDARDS (NIA)

to be reviewed. In such cases, the auditor would modify the nature, timing, and extent
of the planned substantive procedures.

Final assessment of control risk

Before the conclusion of the audit, based on the results of the procedures
nouns and other audit evidence obtained by the auditor, the auditor should
consider whether the control risk assessment was adequate.

Relationship between inherent risk assessments and control assessments

The administration often reacts to situations of inherent risk by designing

accounting and internal control systems to prevent or detect and correct
misrepresentations and therefore, in many cases, the inherent risk and the
control risk and detection risk are highly interrelated. In these situations, if the auditor
it is decided to evaluate the inherent and control risks separately, there would be the

possibility of an inappropriate risk assessment. As a result, the risk of

audit can be more appropriately determined in such situations
conducting a combined assessment.

Detection risk

The risk level of detection is directly related to the procedures.

auditor nouns. The auditor's assessment of control risk, along with the
evaluation of inherent risk, influences the nature, opportunity and scope of the
substantive procedures that must be developed to reduce the risk of
detection, and therefore the audit risk, to an acceptably low level. Some
the risk of detection would always be present even if an auditor examined 100 per
one hundred of the balance of an account or type of transactions because, for example, the majority

Some of the audit evidence is persuasive and not conclusive.

The higher the evaluation of inherent risk and control, the more evidence.
The auditor should obtain substantive procedure development from the audit.
When both the inherent risk and the control risk are assessed as high, the

25
 INTERNATIONAL AUDITING STANDARDS (NIA)

the auditor needs to consider whether substantive procedures can provide sufficient
appropriate audit evidence to reduce the risk of detection, and therefore the
audit risk, to an acceptably low level. When the auditor determines that
the risk of detection regarding a financial statement assertion for the
balance of an account or class of transactions of relative importance, cannot be.
reduced to an acceptably low level, the auditor should express an opinion
qualified or an abstention of opinion.

Communication of weaknesses

As a result of gaining an understanding of accounting systems and

internal control and control tests, the auditor can detect weaknesses in the
systems. The auditor should inform management as soon as feasible and to a
appropriate level of responsibility regarding the important weaknesses in the design
and operation of accounting systems and internal control, which have reached
the auditor's attention.

NIA 410. Audit in a Computerized Information Systems Environment

The purpose of this International Audit Standard (IAS) is to establish standards and
provide guidelines on the procedures that must be followed when
conduct an audit in a computerized information systems environment
(SIC) For End of the NIAs, a SIC environment exists when a is involved.
computer of any type or size in the processing of financial information
of importance for the audit, whether that computer is operated by the
entity or by a third party.

The auditor must consider how a SIC environment affects the audit.

The overall objective and scope of an audit does not change in a SIC environment. However
embargo, the use of a computer changes processing, storage and
communication of financial information and can affect accounting systems
and internal control used by the entity. Consequently, a SIC environment
can affect:

26
 INTERNATIONAL AUDITING STANDARDS (NIA)

The procedures followed by an auditor to obtain an understanding

sufficient accounting and internal control systems.
The consideration of inherent risk and control risk through which the
auditor arrives at the risk assessment.
The design and development by the auditor of control tests and procedures
appropriate nouns to fulfill the objective of the audit.

Skill and competence

The auditor should have sufficient knowledge of the ICS to plan, direct, and supervise.
and review the work developed. The auditor should consider whether they are needed
specialized skills in IT in an audit. These may be needed for:

Obtain a sufficient understanding of accounting and control systems

internally affected by the SIC environment.

Determine the effect of the SIC environment on the assessment of global risk and of
risk at the level of account balance and type of transactions.
Design and perform control tests and substantive procedures
appropriate.

Planning

According to NIA 'Risk Assessments and Internal Controls' the auditor should
to obtain an understanding of accounting systems and internal control,
sufficient to plan the audit and develop an effective audit approach.

When planning the portions of the audit that may be affected by the SIC environment
of the client, the auditor should obtain an understanding of the importance and complexity
from the SIC activities and the availability of data for use in the audit.

When the ICS is significant, the auditor must also obtain a understanding
of the SIC environment and whether it can influence the assessment of inherent risks and
control. The nature of the risks and the characteristics of internal control in
SIC environments include the following:

. Lack of traces of the transactions.

27
 INTERNATIONAL AUDITING STANDARDS (NIA)

. Uniform processing of transactions.

. Inadequate segregation of functions.
. Potential for errors and irregularities.

Risk Assessment

According to NIA "Risk assessment and internal control", the auditor should make
an assessment of the inherent and control risks for the assertions
important aspects of the financial statements.

NIA 420. Audit Considerations Related to Entities that Use

Service Organizations
The purpose of this International Auditing Standard (ISA) is to establish standards and
provide guidelines to an auditor whose client uses a service organization.
This ISA also describes the reports of the service organization's auditor that
They can be obtained by the client's auditors.

The auditor should consider how a service organization affects the systems.
of accounting and internal control of the client, in order to plan the audit and develop
an effective audit approach.

Client Auditor Considerations

An organization service can establish and execute policies and procedures

that affect the accounting and internal control systems of a client. These
policies and procedures are physically and operationally separated from the
client organization. When the services provided by the organization of
services are limited to the registration and processing of customer transactions and
the client retains the authorization and maintenance of the responsibility to report
accounts, the client can implement effective policies and procedures within
your organization. When the service organization executes the transactions of the

28
 INTERNATIONAL AUDITING STANDARDS (NIA)

the client and maintains responsibility, the client may find it necessary to rely
of the service organization's policies and procedures.

The auditor must determine the significance of the organization's activities.

customer service and its relevance to the audit. In doing so, the auditor of the
The client would need to consider the following, as appropriate:

Nature of the services provided by the service organization.

Terms of the contract and the relationship between the client and the service organization.
The assertions of relative importance of financial statements that are
affected by the use of the service organization.
Inherent risk associated with such statements
Degree to which the accounting systems and internal control interact
client with the organization's service systems.
Internal controls of the client that are applied to the processed transactions
for the service organization.
Financial capacity and strength of the service organization, including the possible
effect of the lack of service from the service organization on the customer.
Information about the service organization, such as that reflected in the
technical and user manuals.
Information available on general controls and system controls of
relevant computing for client applications.

The consideration of the above may lead the auditor to decide that the evaluation of the
control risk will not be affected by the controls of the service organization; if
Even so, the additional consideration of this ISA is unnecessary.

Auditor reports of the service organization

When to use the auditor's opinion of an organization of service, the auditor of

The client should consider the nature and content of said opinion.

The client's auditor should consider the scope of work performed by the auditor.
from the service organization and should assess the usefulness and ownership of the reports
issued by the organization's service auditor.

29
 INTERNATIONAL AUDITING STANDARDS (NIA)

For those control and result tests that are relevant, a client auditor
should consider the nature, opportunity, and scope of such tests
provide sufficient appropriate audit evidence on the effectiveness of the
accounting and internal control systems to support the evaluated level of risk
of control by the client's auditor.

The auditor of a service organization may be hired to perform

substantive procedures that are used by a client auditor. Such work
may involve the execution of agreed-upon procedures by the client and their auditor
and for the service organization and its auditor.

30