ISA 315: A Refresher

With the new audit season well underway, auditors should ensure they are familiar with the changes to auditing requirements as a result of the revised version of ISA (UK) 315 Identifying and Assessing the Risks of Material Misstatement.

Here is an outline of the key changes within the revised version of ISA (UK) 315 and the date from which the revised ISA 315 should be applied.

Key changes  to ISA 315

Spectrum of inherent risk 

One of the key changes in the revised version of ISA 315 is the concept of a spectrum of inherent risk, at the higher end of which lie significant risks.

Whilst the revised ISA 315 does not specify the spectrum to be used, it does provide five new inherent risk factors to aid auditors in their risk assessment:

• subjectivity;
• complexity;
• uncertainty;
• change; and
• susceptibility to misstatement due to management bias or fraud.

Where a particular risk lies on the spectrum is a matter of professional judgement and is based on the significance of the combination of the likelihood and magnitude of a possible misstatement. 

IT environment and controls 

Another key change in the revised version of ISA 315 is the need to consider the IT environment in greater detail and, in particular, general IT controls (GITCs) to identify and assess risks of material misstatement.

In addition, there is now a greater emphasis on understanding of controls relevant to the audit and more work will be needed to assess the design and implementation of these controls. There is also the need to distinguish between direct and indirect control components.

For those auditors who have previously placed reliance on controls as part of their audit work, the additional requirements in the revised ISA 315 may not be significant. For those auditors who have previously adopted a purely substantive approach to their audit work, this may be an area where additional work is required.

Professional scepticism and ‘stand back’ requirements 

A key theme throughout the revised version of ISA 315 is the greater emphasis on the need for professional scepticism.

This requirement is not entirely new and auditors who are already applying a high level of professional scepticism should find they are already adhering to the requirements in the revised ISA 315, but the greater emphasis in the revised ISA 315 will serve as a useful reminder to all auditors.

The revised version of ISA 315 also requires auditors to: 

• ‘evaluate whether the auditor’s determination remains appropriate’ when ‘material classes of transactions, account balances or disclosures’ are not assessed as significant;
• consider if ‘management failed to identify’ any of ‘risks of material misstatement’;
• ‘evaluate whether the audit evidence obtained from the risk assessment procedures provides an appropriate basis for the identification and assessment of the risks of material misstatement’; and
• consider ‘all audit evidence obtained from the risk assessment procedures, whether corroborative or contradictory to assertions made by management.’

Commonly referred to as ‘stand back’ assessments, these requirements should be undertaken at the point the risk assessment has been undertaken as well as throughout the duration of the audit work.

Effective Date for ISA 315 changes

The changes are effective for all audits of financial statements with accounting periods commencing on or after 15 December 2021.

In practical terms, this means all 31 December 2022 year end audits will need to apply the revised ISA 315 requirements, but it is important to note that audits of short accounting periods commencing on or after 15 December 2021 will be impacted too.

Early adoption is permitted, so rather than have several ongoing audits under different ISA 315 requirements, it may be more practical to apply the new ISA 315 requirements to all audits commencing from a set date, ensuring this change over date that is set captures all audits that must apply the changes.