The purpose of this article is to provide candidates with a more detailed appreciation of matters pertinent to an auditor, focusing on the need for the auditor of a large limited liability company (in the UK – a limited company) to evaluate the effectiveness of the company’s control environment
ISA 315, Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment, sets out the auditor’s responsibility to identify and assess the risks of material misstatement in the financial statements, through understanding the entity and its environment including the entity’s internal control. One of the five components of internal control is the control environment and it is recognised that the control environment within small entities is likely to differ from larger entities. Many candidates have not yet had the opportunity of working in larger entities, or have chosen not to, so have not been exposed to working within the type of strong control environment often referred to in auditing texts. Consequently, they often have limited experience on which to draw when answering exam questions that require anything other than superficial knowledge of an entity’s control environment. This article aims to provide common examples of matters the auditor needs to consider when assessing an entity’s control environment, and in making an assessment as to their impact on the risk of material misstatement in the financial statements. Reflecting the general trend of exam questions testing knowledge of this area, the article focuses on the need for the auditor of a large limited liability company (in the UK – a limited company) to evaluate the effectiveness of the company’s control environment.
A company’s control environment comprises seven elements each requiring careful consideration by the company’s auditor, recognising that some elements may be more pertinent than others – depending on the subject company. Each one of these elements is identified below, along with an explanation of specific practical aspects that may be considered by the auditor when evaluating its effectiveness. Candidates should be aware that this process forms part of the auditor’s assessment of the overall effectiveness of the company’s internal control, relevant to the audit.