What good looks like – Audit of accounting estimates

This helpsheet has been issued by ICAEW’s Technical Advisory Service, in conjunction with the ICAEW’s Quality Assurance Department, as part of the What Good Looks Like Project, driven by the needs of our members and championed by the ICAEW Practice Committee.

The objective of this guidance is to help members better understand how to conduct and document their audits in a way that stands up to scrutiny following the issue of the revised standard, ISA (UK) 540, on auditing accounting estimates in December 2018. This includes considering how to interpret the requirements of ISAs (UK) to make well balanced judgements and apply professional scepticism.

Members may also wish to refer to the following related resources:

• What good looks like – going concern
• Auditing Accounting Estimates

The ‘What Good Looks Like’ guidance does not intend to gold-plate the requirements of the ISAs (UK) or to add additional requirements where there are none.

The standard of audit quality that auditors are aiming to achieve is full compliance with ISAs (UK) and other relevant requirements, such as the Ethical Standard and Companies Act.

All ISA (UK) references below are to ISA (UK) 540 (Revised December 2018) Auditing Accounting Estimates and Related Disclosures.

The guidance, together with the case study, demonstrates what could have been done and documented on an audit that achieves a Grade 1, which is referred to as ‘Good’, on a Quality Assurance Department (“QAD”) monitoring visit.

This guidance does not address issues that might arise in Public Interest Entity (PIE) audits or entities that comply with the FRC Code of Governance or similar.

The case study has been designed to address some of the more common and challenging aspects of auditing accounting estimates. The case study is not designed to provide a model answer or a template to be followed on an audit, but it will demonstrate what a good audit would look like as regards the work planned, performed and documented.

Auditors must identify the accounting estimates that have been used in the preparation of the financial statements and then identify those where there is the greatest risk of material misstatement. Estimates must be assessed in order of their significance and the audit work performed should reflect this assessment. The helpsheet will demonstrates how these key judgements should be documented by the auditor.

The ISAs (UK) are principles based and professional judgement is needed so there are often several valid ways to approach a particular audit issue. The case study focuses only on auditing accounting estimates and does not consider other areas of the audit. In applying ISA (UK) 540 (Revised 2018), auditors will also have to consider the requirements of many other ISAs (UK), especially:

• ISA (UK) 315 (Revised July 2020) Identifying and assessing the risks of material misstatement
• ISA (UK) 330 The auditor’s responses to assessed risks
• ISA (UK) 450 Evaluation of misstatements identified during the audit
• ISA (UK) 500 Audit evidence

Supporting documentation for Six Island Bay Developments Limited is provided as follows:

• Case study - Six Island Bay Developments Limited
• Draft financial statements for the year ended 31 December 2021 which have been prepared in accordance with FRS 102
• Audit planning document

The audit documentation relating to the case study provided is as follows:

• Audit planning – risk assessment
• Internal controls processes documentation
• Risk assessment of internal controls
• Planning of audit procedures
• Audit conclusions on management bias
• Evaluation of audit procedures

The case study is an illustrative example intended to support this guidance. It can also be used as a training tool to show how auditors should respond to a particular set of circumstances and as a basis for group discussions about the best audit approach.

The financial statements included within the case study are included to provide context only. The intention is not that these should be used to identify additional potential issues outside of those covered by the case study.

The ISA defines the following terms:

Accounting estimate: A monetary amount for which the measurement, in accordance with the requirements of the applicable financial reporting framework, is subject to estimation uncertainty.

Auditor’s point estimate or auditor’s range: An amount, or range of amounts, respectively, developed by the auditor in evaluating management’s point estimate.

Estimation uncertainty: Susceptibility to an inherent lack of precision in measurement.

Management bias: A lack of neutrality by management in the preparation of information.

Management’s point estimate: The amount selected by management for recognition or disclosure in the financial statements as an accounting estimate.

Outcome of an accounting estimate: The actual monetary amount that results from the resolution of the transaction(s), event(s) or condition(s) addressed by an accounting estimate.

Some common examples of accounting estimates include depreciation of property, plant and equipment, warranty provisions and revenue recognition on long term contracts.

All entities use accounting estimates in their financial statements, however, the extent of the audit work required will vary depending on the degree of estimation uncertainty.

ISA (UK) 540 (Revised 2018) recognises that the degree of estimation uncertainty will vary substantially. When the estimation uncertainty, complexity or subjectivity are very high the risk assessment and audit procedures would be expected to be more extensive (para 3). For accounting estimates with a low degree of estimation uncertainty, the risk assessment and further audit procedures would not be expected to be extensive.

The objective of the auditor is to obtain sufficient appropriate audit evidence about whether accounting estimates and related disclosures in the financial statements are reasonable in the context of the applicable financial reporting framework.

It should be noted that it is the responsibility of management to make accounting estimates. The auditor’s responsibility is to provide an independent opinion on whether the financial statements show a true and fair view, so it is important to ensure that auditors do not find themselves providing guidance and advice in respect of how to make an estimate as this could lead to independence and objectivity being called into question.

Professional scepticism should be applied at all times – para 7 ISA 200 (UK) Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing (UK).

Professional scepticism is defined as ‘an attitude that includes a questioning mind, being alert to conditions which may indicate possible misstatement due to error or fraud, and a critical assessment of audit evidence’ (Glossary of Terms (Auditing and Ethics) and para 13(l) ISA 200 (UK)).

Scepticism can be difficult to demonstrate in audit documentation because it is a mindset, but good auditors find a way to bring the application of scepticism into their documentation. This may be through documenting the questions asked and challenges made, but it could also be shown in the way audit tests were designed. Where scepticism is driving test design, this should be highlighted in the audit documentation to provide evidence of the application of professional scepticism.

Understanding the entity is the foundation of both a good risk assessment and designing appropriate audit procedures. In relation to accounting estimates, the auditor must understand the business model and the skillset and the motivations of management. Discussions with management, analytical review and walkthroughs will be the main ways auditors will understand the entity.

It is important that the auditor’s understanding of the entity is documented. Good documentation of how the entity operates is important to support the audit approach and the adequacy of the audit evidence. It also helps communicate the information throughout the audit team, including those new to the audit and any second partner reviewer.

ISA (UK) 315 (Revised 2016) requires the auditor to obtain an understanding of the entity and its environment, including its internal control.

This is applicable to the audit of accounting estimates as the audit is required to identify and assess the risks of material misstatement at the financial statement and assertion levels.

The Entity and Its Environment

New transactions or changes to the conditions of existing ones could give rise to additional or changes in accounting estimates. This could include a new revenue stream or type of funding. Other broader events could also impact the accounting estimates; for example, the impact of the Covid-19 pandemic on recoverability of trade debtors.

Once the auditor has documented the accounting estimates included by management, they should also document the requirements as set out in the applicable financial reporting framework. Testing can then be designed to check that the estimate is in accordance with the accounting standards applied. For example, FRS 102 requires a non-basic financial instrument to be held at fair value and so the estimate by management should be a fair value estimate.

Understanding any regulatory factors that are relevant to the accounting estimates may assist the auditor in identifying applicable regulatory frameworks, for example in the banking and insurance sectors, and in determining whether such frameworks impose any further requirements or disclosures.

By developing an understanding of the expected accounting estimates to be included in the financial statements, the auditor then has a basis for discussion with management about how management makes the accounting estimates.

The Entity’s Internal Control

The auditor should document and consider the nature and extent of oversight and governance that the entity has in place over management’s financial reporting process relevant to accounting estimates when assessing management bias and effectiveness of controls.

Specialised industries and complex estimation models could lead to management deciding that they need to employ an expert. The auditor will need to understand how management identifies the need for, and applies, specialised skills or knowledge related to accounting estimates.

Understanding how the entity’s risk assessment process identifies and addresses risks relating to accounting estimates will assist the auditor in considering changes in financial reporting requirements.

The auditor should document, and review models used by management and note how these interact with the entity’s information system.

Auditors need to consider whether and how management understands the degree of estimation uncertainty. This would include where and how management have identified alternative methods or assumptions that would be appropriate or whether a sensitivity analysis has been performed to determine the effects of a change in the underlying assumptions.

As part of obtaining an understanding of the control activated relevant to the audit, the auditor may consider segregation of duties, how management determines the appropriateness of information and how accounting estimates are reviewed and approved.

Each year, management should compare the accounting estimates to the actuality. This process and any subsequent responses by management should be documented by the auditor.

The audit programme needs to include tests in which the auditor also performs this comparison. The review is not intended to call into question judgements about previous period accounting estimates that were appropriate based on the information available at the time they were made.

The auditor shall determine whether the engagement team requires specialised skills or knowledge to competently audit the accounting estimates.

Practical point: The requirement to consider specialist skills as part of the audit plan is now specific and detailed. The auditor’s response should then be tailored accordingly including if the entity is a smaller and less sophisticated organisation.

Case study reference:

• Audit planning – risk assessment

ISA (UK) 540 (Revised 2018) requires the auditor to separately assess the inherent risk and the control risk relating to accounting estimates. This provides a basis for designing and performing audit procedures to respond to the risks of material misstatement.

Inherent risk factors that could influence the likelihood and magnitude of a potential misstatement include estimation uncertainty, subjectivity and complexity. The ISA refers to the spectrum of risk which is the degree to which these inherent risk factors affect the likelihood or extent of misstatement.

More routine transactions or those with a history of predictable outcomes will have a lower degree of estimation uncertainty. Accounting estimates that have a number of different models which are all acceptable within the industry or where the outcome of future events is uncertain or has many variables may be considered to have a higher estimation uncertainty.

The auditor’s assessment of control risk may be performed in accordance with firm practice or methodologies. The risk could be assessed as maximum, moderate, minimum. If control risk is assessed as maximum, the auditor may decide to place no reliance on the controls. Reliance might be considered when the risk is less than maximum.

Practical point: With regards this requirement, ISA (UK) 540 (Revised 2018) makes clear that a standard, ‘one-size-fits-all’ approach to the design of audit programme, is not appropriate. This is, perhaps, the most challenging aspect of the audit; to apply the risk assessment process and to then design audit procedures that are relevant, provide sufficient reliable evidence and are not excessive.

Case study references:

• Audit planning – risk assessment
• Internal controls processes documentation
• Risk assessment of internal controls

Case study references:

• Audit planning – risk assessment
• Internal controls processes documentation
• Risk assessment of internal controls

Once the auditor has assessed the risks, they must respond to them in the form of audit procedures. The auditor shall use one or more of the following:

• Obtaining audit evidence from events occurring up to the date of the auditor’s report
• Testing how management made the accounting estimate
• Developing an auditor’s point estimate or range

These audit procedures should reflect the assessed risk of material misstatement with more persuasive audit evidence required for higher risk estimates. The audit procedures should be designed without bias to obtain audit evidence which is either corroborative or contradictory.

Controls testing is required if the auditor is to attempt to rely on controls, or if substantive procedures alone cannot provide sufficient appropriate audit evidence.

Obtaining audit evidence from events occurring up to the date of the auditor’s report

Audit evidence from after the year end, up to the date of the auditor’s report may provide sufficient appropriate audit evidence to address the risks of material misstatement. For example, the post year-end sales price of stock may provide evidence relating to the estimate of net realisable value as at the reporting date.

However, this won’t always be the case. Events after the period end are not always indicative of conditions as at the reporting date, for example, the valuation of a listed investment several weeks post year end.

Testing how management made the accounting estimate

The audit procedures should include tests to obtain sufficient appropriate audit evidence regarding the risks of material misstatement relating to the selection and application of the methods, significant assumptions and the data used by management in making the accounting estimate. The auditor should also document and test how management selected the point estimate and developed related disclosures about estimation uncertainty.

Methods: Consideration should be given as to whether the method selected is appropriate and whether there have been changes from the prior year, whether judgements used give rise to indicators of possible management bias, whether the calculations are per the method and whether the integrity of the significant assumptions and data has been maintained. All of these need to be assessed so for example, the auditor should review whether judgements have been applied consistently, whether the design of the model is appropriate and whether adjustments to the output of the model are consistent with the measurement objective.

Significant assumptions: The audit procedures should assess the significant assumptions to determine whether they are appropriate, and whether they point towards management bias. They should also assess whether the significant assumptions used are consistent with each other and other related estimates.

When applicable, there is also a requirement to review whether management has the intent to carry out specific courses of action and has the ability to do so. For example, discounting stock in order to achieve sales of an impaired item.

Data: Data should be assessed to determine whether it is appropriate, if it points towards management bias and whether the data sets used are consistent with each other and other related estimates. The auditor should also consider whether management have appropriately understood and interpreted the data.

The auditor should design further audit procedures to test whether management has taken appropriate steps to understand and address estimation uncertainty by selecting an appropriate point estimate and by developing related disclosures about estimation uncertainty.

If the auditor judges that management have not undertaken those appropriate steps, the auditor shall request management perform additional procedures to understand estimation uncertainty or to reconsider their point estimate. If the response isn’t sufficient, then the auditor should develop their own point estimate or range.

Case study reference:

• Planning of audit procedures

Developing an auditor’s point estimate or range

If the auditor is required to develop a point estimate or range, then there should be further procedures to evaluate whether the methods, assumptions or data used are appropriate in the context of the applicable financial reporting framework.

An auditor’s range should include only amounts that are supported by sufficient appropriate audit evidence, and which are considered reasonable in the context of the measurement objectives and other requirements of the applicable financial reporting framework.

Audit procedures must be designed to include tests to obtain sufficient appropriate audit evidence regarding the assessed risks of material misstatement at the assertion level for disclosures related to an accounting estimate. This will be in addition to the disclosure checklist procedure.

Disclosures related to accounting estimates will be included within the notes for accounting policies, accounting estimates and judgements and in the notes supporting the income statement and balance sheet. The procedures designed should consider the qualitative aspects of the disclosures, the consistency of disclosures across the financial statements and whether the disclosures meet the objectives of the reporting framework.

ISA (UK) 540 (Revised 2018) (para 32) requires the auditor to consider the judgements and decisions made by management for evidence of management bias. Judgements and decisions should be considered collectively and if evidence of bias is identified the auditor should evaluate the implications for the audit.

The auditor should be aware that where there is a clear intention by management to mislead, that the bias is fraudulent in nature.

The supporting guidance and ISA (UK) 200 (Revised 2016) require the auditor to maintain professional scepticism especially when reviewing accounting estimates relating to fair values, impairments and provisions.

It would be unrealistic to expect management to be completely free from any bias, perhaps more so, in entities that are owner-managed and there is no real separation between owners, managers and those charged with governance. The potential for bias should be acknowledged by the auditor, the degree of bias should be assessed, and the auditor should also consider what internal controls could be applied in this area.

Case study reference:

• Audit conclusions on management bias

The audit team discussion is a good opportunity to remind the audit team of the need to stay focused on the audit objectives, keep referring to the planning documents and to appropriately challenge management.

The audit strategy should be revised as and when necessary if new information is discovered during the course of the audit. Team discussions provide an ideal environment to identify this need.

ISA (UK) 540 (Revised 2018) requires auditors to apply the requirements of ISA (UK) 330 (revised 2017) – the Auditor’s Responses to Assessed Risks - when making their overall assessment of the audit of accounting estimates and related disclosures.

The auditor shall evaluate whether the assessment of the risks of material misstatement at the assertion level remain appropriate, including when indicators of possible management bias have been identified.

During the audit fieldwork, information may come to light that indicates that the risk profile of the client or of an accounting estimate is different to what was initially assessed. This should be documented on the file and the audit programme amended to reflect the change in risk.

Management’s decisions relating to the recognition, measurement, presentation and disclosure of these accounting estimates in the financial statements should be assessed to ensure they are in accordance with the applicable financial reporting framework. These four areas should be reflected in the audit programme with reference to the applicable financial reporting framework. It is not appropriate for an entity to have an accounting policy which does not reflect their chosen reporting framework.

Whether sufficient appropriate audit evidence has been obtained should be assessed. All evidence needs to be taken into account, whether corroborative or contradictory. The evidence should be challenged, and the challenge and response documented.

For distinguishing unadjusted misstatements as factual, judgemental or projected, look to ISA (UK) 450 (Revised 2016).

Guidance can be found in ISA (UK) 705 (Revised 2016) with regards to modifications to the audit opinion.

In addition, ISA (UK) 706 (Revised 2016) para 8 requires that if the auditor considers it necessary to draw attention to a matter presented or disclosed in the financial statements that, in the auditor’s judgement, is of such importance that it is fundamental to users’ understanding of the financial statements, the auditor shall include an Emphasis of Matter paragraph in the auditor’s report.

Case study reference:

• Evaluation of audit procedures

In accordance with ISA (UK) 580, the auditor shall request written representations from management and, when appropriate those charged with governance, about whether the methods, significant assumptions and the data used in making the accounting estimates and the related disclosures are appropriate to achieve recognition, measurement or disclosure that is in accordance with the applicable financial reporting framework.

The auditor shall also consider the need to obtain representations about specific accounting estimates, including in relation to the methods, assumptions, or data used.

The written representations may include, for example:

• That the significant judgments made in making the accounting estimates have taken into account all relevant information of which management is aware
• The consistency and appropriateness in the selection or application of the methods, assumptions and data used by management in making the accounting estimates
• That the assumptions appropriately reflect management’s intent and ability to carry out specific courses of action on behalf of the entity, when relevant to the accounting estimates and disclosures

There are more examples in A145 of ISA (UK) 540 (Revised 2018).

In applying ISA (UK) 260 (Revised June 2016) and ISA (UK) 265, the auditor is required to communicate with those charged with governance or management about certain matters, including significant qualitative aspects of the entity’s accounting practices and significant deficiencies in internal control, respectively.

In doing so, the auditor shall consider the matters, if any, to communicate regarding accounting estimates and take into account whether the reasons given to the risks of material misstatement relate to estimation uncertainty, or the effects of complexity, subjectivity or other inherent risk factors in making accounting estimates and related disclosures.

It would be appropriate to use an audit findings report to communicate to management any internal controls weaknesses and conclusions relating to risks of material misstatement in addition to any unadjusted errors.

In addition, in certain circumstances, the auditor is required by law or regulation to communicate about certain matters with other relevant parties, such as regulators.

ISA (UK) 540 (Revised 2018) requires the auditor to include the following in the audit documentation:

(a) Key elements of the auditor’s understanding of the entity and its environment, including the entity’s internal control related to the entity’s accounting estimates;

(b) The linkage of the auditor’s further audit procedures with the assessed risks of material misstatement at the assertion level, taking into account the reasons (whether related to inherent risk or control risk) given to the assessment of those risks;

(c) The auditor’s response(s) when management has not taken appropriate steps to understand and address estimation uncertainty;

(d) Indicators of possible management bias related to accounting estimates, if any, and the auditor’s evaluation of the implications for the audit, as required by paragraph 32; and

(e) Significant judgments relating to the auditor’s determination of whether the accounting estimates and related disclosures are reasonable in the context of the applicable financial reporting framework, or are misstated.

ICAEW members, affiliates, ICAEW students and staff in eligible firms with member firm access can discuss their specific situation with the Technical Advisory Service on +44 (0)1908 248 250 or via webchat.