Saturday, June 6, 2026

Audit documents 006

Detailed Audit Document Templates & Checklists (Time Sequence)

1. Pre-Audit Phase

Engagement Letter

Client name, address, and contact details
Scope of audit and objectives
Responsibilities of auditor and management
Audit fees and billing terms
Limitations and confidentiality clauses
Signatures of both parties

Client Acceptance and Continuance

Background check and integrity assessment
Review of previous audit issues
Assessment of management competence and ethics
Risk factors identified
Decision memo on acceptance or continuation

Understanding the Entity and Environment

Industry overview and regulatory environment
Business operations and structure
Key personnel and governance
Internal control environment description
Prior year audit findings summary

Risk Assessment and Planning Memorandum

Identification of significant risks (fraud, error)
Risk rating and impact analysis
Planned audit procedures for each risk
Materiality thresholds set
Timing and resource allocation

Audit Strategy and Audit Plan

Overall audit approach (substantive, controls reliance)
Detailed audit programs for each significant account
Use of specialists or experts noted
Coordination with internal audit (if any)

 

2. Interim Audit Phase

Internal Control Evaluation and Testing

Walkthrough documentation for key processes
Control design and operating effectiveness testing
Control deficiency and remediation notes

Analytical Procedures

Ratio analysis and trend comparisons
Identification of unusual fluctuations
Documentation of follow-up actions

Interim Financial Information Review

Review of quarterly or half-year financials
Notes on variances and adjustments

Audit Program Updates

Changes to audit plan based on interim findings
Additional procedures added or removed

 

3. Fieldwork / Final Audit Phase

Detailed Audit Working Papers

Account balance confirmations (bank, receivables)
Inventory observation checklists and counts
Fixed asset verification schedules
Substantive testing of transactions and balances
Reconciliation statements and supporting documents

Audit Evidence and Sampling Documentation

Sampling methodology and rationale
Sample selection details
Evidence obtained and conclusions drawn

Management Representation Letter

Confirmation of completeness and accuracy of records
Disclosure of related party transactions
Confirmation of subsequent events
Signed by CEO/CFO or equivalent

Adjusting Journal Entries and Audit Differences

List of proposed adjustments
Management agreement or disagreement notes
Impact on financial statements

Going Concern Assessment

Financial ratios and cash flow analysis
Management plans for future viability
Auditor’s conclusion and documentation

Subsequent Events Review

Identification of events after reporting date
Impact assessment and disclosure

 

4. Completion and Reporting Phase

Audit Completion Checklist

Verification of all audit steps completed
Review of working papers and documentation
Sign-off by audit team members

Audit Summary Memorandum

Summary of key audit findings
Significant risks and how addressed
Outstanding issues and resolutions

Draft Audit Report

Audit opinion draft (unmodified, qualified, adverse, disclaimer)
Compliance with Companies Act and ISA reporting format

Management Letter

Internal control weaknesses identified
Recommendations for improvement
Management responses

Final Audit Report

Signed and dated audit opinion
Distribution list and filing

FRC and ICAB Compliance Documentation

Evidence of adherence to local standards
Quality control review notes

 

5. Post-Audit Documentation

Archiving of Audit Files

Indexing and organizing files
Retention period compliance (usually 7 years)
Secure storage arrangements

Quality Control Review Documentation

Internal review notes
External peer review reports (if any)
Compliance with Big 4 or firm-specific quality standards

 

If you want, I can also help you create sample templates or checklists in Excel, Word, or PDF formats for practical use. Let me know your preference!
Posted by at 11:27 AM 0 comments

Audit documents 005

A comprehensive audit engagement, following the standards adopted in Bangladesh (ISAs as BSAs), is essentially a journey of compiling a structured portfolio of evidence at each stage. Below is the full, time-sequenced document checklist that Big 4 firms use in the Bangladesh context. The "Key Standards" referenced throughout are the Bangladesh Standards on Auditing (BSA) aligned with ISAs.

🗓️ Phase 1: Pre-Engagement

Objective: Establish the groundwork and ensure the audit is viable and ethical.

· Engagement Acceptance/Continuance Form: Analyzing independence, integrity of management, and competency to perform the audit.
· Engagement Letter: A formal contract outlining the scope, timeline, and fees; required to be signed before the audit starts.
· Permanent Audit File (Initial Section): Contains key client documents (e.g., Charter, Articles of Association, prior-period financial statements).
· Audit Independence & Objectivity Confirmation: Forms signed by all engagement team members confirming they meet ICAB ethical requirements.

📋 Phase 2: Planning Phase (ISA 300)

Objective: Develop a detailed roadmap for the engagement.

· Preliminary Risk Assessment & Analytical Review: High-level analysis of financial data to identify initial risk areas.
· Materiality Calculation Worksheet: Quantitative calculation of materiality levels for the engagement.
· Overall Audit Strategy Memorandum: Setting the direction of the audit (scope, timing, and key decisions).
· Detailed Audit Plan (or Audit Program): Nature, timing, and extent of audit procedures for each material assertion.
· Audit Budget and Staff Assignment Schedule: Resource allocation plan.
· Timing & Communication Schedule: Meeting timeline with client management, audit committee, and Board meetings.

🔍 Phase 3: Risk Assessment Phase (ISA 315)

Objective: Gain a deep understanding of the entity to identify misstatement risks.

· Entity-Level Controls Documentation (Narrative/Flowchart): Finalized understanding of the entity's control environment.
· Process Walkthrough Documents: Narrative or flowchart for key cycles (Revenue, Payroll, Inventory, etc.), signed by process owners.
· Risk Assessment Matrix/Linkage Document: Mapping identified risks to the audit plan.
· IT General Controls (ITGC) Documentation: Output from evaluating controls over IT systems (for complex entities or banks).

⚙️ Phase 4: Fieldwork Phase (ISA 330 & ISA 500)

Objective: Execute audit procedures to gather sufficient and appropriate evidence.

· Lead Schedules & Trial Balance: Summarizing account balances, linking detailed testing to financial statements.
· Test of Controls Working Papers: Procedures and conclusions for each key control tested.
· Substantive Analytical Procedures: Reasonableness analyses (ratios, trend lines, etc.) with explanations for significant fluctuations.
· Substantive Test of Details Schedules: Primarily tests of balances/transactions for revenue, purchases, payroll, inventory, and bank confirmations (including Bangladesh Bank reporting requirements for financial institutions).
· External Confirmation Log: Records of confirmations (e.g., bank, receivables/payables) and follow-ups on non-responses.
· Related Party Transactions Documentation: Confirmation that related party transactions and disclosures have been properly accounted for.

🏁 Phase 5: Completion Phase (ISA 450 & ISA 580)

Objective: Evaluate audit findings and obtain final management endorsements.

· Summary of Uncorrected Misstatements (SUM): List of all identified misstatements tracked and evaluated, reviewed by management.
· Subsequent Events Review: Review procedures for events up to the audit report date, including minutes, inquiries, and legal letters.
· Going Concern Assessment Documentation: Evaluation of management's assumptions and the entity's ability to continue as a going concern.
· Management Representation Letter: Signed by management, confirming their responsibility for the financial statements and completeness of information provided.
· Written Representations on Specific Matters: Additional letters regarding fraud, compliance, or related parties if applicable.
· Engagement Quality Control Review (EQCR) Checklist: Independent review of significant judgments made during the audit.

📝 Phase 6: Reporting Phase (ISA 700, ISA 705, ISA 706)

Objective: Form the final audit opinion and issue the report.

· Auditor's Report Draft: Final unmodified or modified opinion (qualified, adverse, or disclaimer).
· Auditor's Report to Management (Management Letter): Formal communication of internal control deficiencies and improvement recommendations.
· Board of Directors' Meetings Agenda & Minutes: For board approval of audited accounts and the audit report.
· Communication with Those Charged with Governance (TCWG): Formal letters summarizing audit scope, significant findings, and accounting policies.
· Audit Report Verification Code (DVC): For statutory filings, the code generated from the ICAB Document Verification System (DVS).

📂 Phase 7: Post-Completion Phase (ISA 230)

Objective: Archive the audit file and retain it per standards.

· Final Audit File Assembly Index: Table of contents for the final audit file.
· Administrative Completion Checklist: Ensuring all audit documents are included and administrative tasks are complete.
· Audit Documentation Retention Log: Record of retention (min. 5-7 years post-audit report) and eventual destruction.
· FRC Audit Quality Review File (if selected): File for submission to the Financial Reporting Council for regulatory review.

To help visualize the document flow, here’s a simplified timeline:

1. Acceptance & Planning (Weeks 0-4) → 2. Risk Assessment (Weeks 4-6) → 3. Fieldwork (Weeks 6-14) → 4. Completion (Weeks 14-18) → 5. Reporting (Weeks 18-20) → 6. Assembly (Within 60 days of report) → 7. Retention (5-7 years)

I hope this comprehensive list is helpful for structuring your audit processes. If you'd like a deeper look into a specific phase or standard—like the detailed requirements of ISA 315 or the nuances of audit reporting in Bangladesh—feel free to let me know.
Posted by at 11:24 AM 0 comments

Audit documents 004

As a professional serving clients in Bangladesh, you need an audit documentation system that satisfies both International Standards on Auditing (ISAs) and local statutory requirements under the Companies Act 1994.

Based on ICAB’s guidance and Big 4 best practices, the following list organizes audit documents chronologically. This represents the "Audit Lifecycle," ensuring you capture evidence from acceptance through to regulatory filing .

Phase 1: Pre-Engagement & Acceptance (Before Fieldwork)

Before signing, you must verify independence and capacity. This phase documents your right and ability to perform the audit.

· Engagement Letter: Signed agreement outlining scope, timeline, and fees (Companies Act 1994, Section 210 requires formal intimation of appointment) .
· Independence & Objectivity Confirmation: Written confirmation that the firm is free from conflicts of interest (IESBA Code/ICAB Bye-Laws) .
· Client Acceptance/Continuance Form: Evaluation of client integrity and assessment of engagement risks (Required by ISQC 1/ISA 220) .
· Notification to RJSC: Form documenting the auditor’s appointment (must be filed within 7 days of appointment per Section 210) .

Phase 2: Planning & Risk Assessment (At the Start of the Period)

Documents the strategy and identifies where misstatements are likely to occur.

· Audit Planning Memorandum: Overall audit strategy, timing, and direction of the engagement.
· Risk Assessment Documentation: Identification of inherent and control risks, including fraud risks (ISA 315 requires recording how risks were identified) .
· Internal Control Understanding: Flowcharts, narratives, or walkthroughs documenting the entity's internal control system.
· Materiality Calculation Worksheet: Determination of overall performance materiality and clearly trivial threshold.
· Audit Plan/Program: Detailed nature, timing, and extent of planned procedures for each material account.

Phase 3: Execution & Fieldwork (During the Year & Post Year-End)

The core evidence gathering phase. ICAB's "Dummy Audit File" heavily emphasizes this section .

· Permanent File Documents: Company incorporation documents, MOA/AOA, and significant contracts (updated annually).
· Lead Schedules & Trial Balance: Schedules tying the trial balance to the financial statements.
· Test of Controls Working Papers: Evidence of operating effectiveness of controls (sampling and results).
· Substantive Procedure Working Papers: Detailed testing of transactions, balances (AR, AP, Inventory), and disclosures.
· Analytical Review Sheets: Ratio analysis and trend fluctuations with explanations (ISA 520).
· External Confirmations: Bank letters, receivable/payable confirmations, and lawyer letters.
· ICAB DVS (Document Verification System) Log: Generation of the Document Verification Code (DVC) . Effective Dec 1, 2020, all audit reports are invalid without this code .

Phase 4: Review & Completion (After Evidence is Gathered)

Ensures quality control before the opinion is issued. Includes "Hot Reviews" (before report signing).

· Summary of Unadjusted Differences: Schedule of identified misstatements (quantitative/qualitative) left unadjusted.
· Significant Matters Log: Record of consultations, disagreements, or difficulties encountered (Required by ISA 230) .
· Subsequent Events Review: Documentation of procedures performed between year-end and report date.
· Management Representation Letter: Signed letter from management confirming responsibility for information provided.
· Written Representations on Fraud: Management’s specific acknowledgment of fraud prevention responsibility.
· Engagement Quality Control Review (EQCR) Checklist: Independent review by a second partner (Required for listed entities/PIEs) .

Phase 5: Finalization & Reporting (The Deliverable)

The culmination of the audit.

· Independent Auditor’s Report: Final opinion (Unmodified, Qualified, Adverse, or Disclaimer) including Key Audit Matters (KAM) for listed entities (Based on ISA 700/701) .
· Report to Those Charged with Governance (TCWG) : Formal letter to the Audit Committee regarding internal control deficiencies.
· Management Letter: Recommendations to management for operational or control improvements.

Phase 6: Assembly & Retention (Post-Reporting)

Legal and professional requirements for closing the file.

· Final File Assembly Checklist: Administrative completion check. ISA 230 mandates that the final audit file must be assembled within 60 days of the date of the auditor's report .
· Document Retention Log: ICAB requires retention for a minimum of 5 years from the report date (ISA 230) . The Companies Act 1994 also implies retention consistent with company record-keeping requirements.
· Annual Return to ICAB: Practicing firms must submit an annual return of clients to ICAB by February 15 of the following year. Failure blocks renewal of the Practicing Certificate .

Summary of Local Regulatory Links (BD Context)

Regulatory Body Key Requirement Relevant Document
ICAB Quality Assurance Audit Practice Manual (APM) Compliance & DVC 
RJSC Statutory Filing Audited Financial Statements (filed within 30 days of AGM) 
BSEC Public Interest Entities Key Audit Matters (KAM) & Enhanced Auditor's Report 

For a practical template, refer to the ICAB Dummy Audit Working Paper File (Manufacturing Sector) available on the ICAB website, which aligns perfectly with this sequence .
Posted by at 11:23 AM 0 comments

Audit documentation 003

An audit file must follow a chronological structure that maps perfectly to the life cycle of an audit engagement. In Bangladesh, this sequence is governed by the International Standards on Auditing (ISA) as adopted by the Institute of Chartered Accountants of Bangladesh (ICAB), the Companies Act 1994, the Financial Reporting Council (FRC) regulations, and institutional Big 4 risk management practices.
The definitive list of comprehensive audit documentation is organized below by chronological sequence across five distinct phases.
## Phase 1: Pre-Engagement & Client Acceptance
Before any substantive planning begins, the auditor must assess independence, professional ethics, and client risk profiles.
 * **Expression of Interest (EOI) or Proposal Document:** Formal submission to the client outlining the firm's capabilities and scope of work.
 * **Client Evaluation Checklist & Know Your Customer (KYC):** Documentation verifying client identity, ultimate beneficial ownership (UBO), and anti-money laundering (AML) risk screening.
 * **Professional Clearance / No Objection Certificate (NOC):** Formal communication sent to the predecessor auditor under the ICAB Code of Ethics to inquire if there are any professional reasons not to accept the engagement.
 * **Evaluation of Independence and Ethical Compliance:** Form signed by the engagement team confirming the absence of direct or indirect financial interests, familial ties, or non-audit service conflicts.
 * **Letter of Engagement (ISA 210):** The contract defining the objective, scope, responsibilities of management, and the applicable financial reporting framework.
 * **Audit Appointment Letter & Board/AGM Resolution:** Client-provided copy of the Annual General Meeting (AGM) or Board resolution appointing the firm, ensuring compliance with Section 210 of the Companies Act 1994.
## Phase 2: Audit Planning & Risk Assessment
This phase establishes the overall audit strategy and detailed testing approaches. All risk assessments must align with the specific regulations of Bangladesh (such as FRC rules for Public Interest Entities).
 * **Overall Audit Strategy & Planning Memorandum (ISA 300):** Document defining the scope, timing, direction of the audit, and resource allocation.
 * **Materiality Working Paper (ISA 320):** Calculation sheet establishing Overall Materiality, Performance Materiality, and the Clearly Trivial Threshold based on selected benchmarks (e.g., profit before tax, revenue, or total assets).
 * **Risk Assessment Procedures Workbook (ISA 315):** Documentation regarding the understanding of the entity and its environment, including the applicable financial reporting framework.
 * **Internal Control Evaluation Questionnaire (ICEQ):** Comprehensive walkthrough narratives, flowcharts, and design evaluation files for key transaction cycles (e.g., Revenue, Procurement, Payroll).
 * **Preliminary Analytical Review Workings (ISA 520):** Ratio analysis, trend analysis, and horizontal/vertical variations comparing current-year unaudited figures with prior-year audited numbers to spot unusual fluctuations.
 * **Notes of Planning Meeting:** Minutes of the internal team meeting chaired by the Engagement Partner to discuss fraud risks (ISA 240) and specialized testing areas.
 * **Prepared by Client (PBC) Tracker:** The master list of schedules, ledgers, and reconciliations requested from the client's management team.
## Phase 3: Audit Execution & Testing (Substantive & Controls)
The core operational phase where field auditors accumulate evidence to address the identified risks of material misstatement.
 * **Test of Controls (TOC) Sheets (ISA 330):** Sample testing files detailing the operating effectiveness of the client's internal controls.
 * **Audit Programs / Lead Schedules:** Summary schedules for each financial statement line item linking the trial balance to individual test sheets.
 * **Substantive Test of Details (TOD) Workpapers:**
   * **Inventory Physical Verification Report (ISA 501):** Stock count instructions, sheet-to-floor and floor-to-sheet testing logs, and cutoff documentation.
   * **External Confirmations Logs (ISA 505):** Standard balance confirmation letters sent directly to, and received from, bankers, legal advisors, customers, and vendors.
   * **Bank Reconciliation Statements (BRS) Review:** Audit testing sheets verifying client bank reconciliations against original bank statements and bank confirmation certificates.
   * **Fixed Assets / Property, Plant, and Equipment (PPE) Verification:** Physical inspection logs and depreciation calculation verification sheets.
   * **Taxation and VAT Workings:** Documentation reviewing the adequacy of current and deferred tax provisions against national tax regulations (Income Tax Act 2023 and Value Added Tax and Supplementary Duty Act 2012).
 * **Journal Entry (JE) Testing Logs:** Sifting and evaluating manual or unusual journal entries to address the risk of management override of controls.
## Phase 4: Review & Evaluation
Supervisors, managers, and partners review the gathered evidence to ensure it supports the audit conclusions.
 * **Summary of Uncorrected Misstatements (SUAM / ISA 450):** A schedule accumulating all unadjusted errors found during testing to evaluate their aggregate impact on the financial statements.
 * **Subsequent Events Review Checklist (ISA 560):** Minutes review, inquiry sheets, and post-balance-sheet ledger scans up to the date of signing.
 * **Going Concern Evaluation Working Paper (ISA 570):** Documentation assessing management’s assessment of the entity's ability to continue as a going concern for at least twelve months from the reporting date.
 * **Audit Cross-Referencing & Review Notes Grid:** Documentation proving that senior team members reviewed the workpapers, along with the resolution of any queries raised.
 * **Engagement Quality Control Review (EQCR) Document (ISA 220):** Independent partner review file mandatory for listed entities and high-risk Public Interest Entities (PIEs) under FRC guidelines.
## Phase 5: Completion & Reporting
The final closure documents required to conclude the legal and professional obligations of the audit firm.
 * **Management Representation Letter (MRL / ISA 580):** Written statements from client management confirming their responsibilities and the completeness of information provided to the auditors.
 * **Management Letter / Internal Control Weakness Memo (ISA 265):** Letter sent to those charged with governance outlining reportable control deficiencies and recommendations for improvement.
 * **Document Validation System (DVS) Token Generation Receipt:** Under the joint mandate of ICAB and the National Board of Revenue (NBR), auditors must register the audit report on the ICAB DVS portal and print the unique DVS tracking code on the final report.
 * **Independent Auditor’s Report (ISA 700, 701, 705, 706):** The final signed audit opinion, incorporating Key Audit Matters (KAM) for listed entities and specific sector report formats (such as Bangladesh Bank guidelines for financial institutions).
 * **Archival and Sign-Off Checksheets:** Formal lock-down verification proving the final audit file is closed and archived within 60 days from the report date.
### Key Audit File Categorization
For structural clarity, audit firms divide these chronological documents into two distinct physical or digital files:
| File Type | Purpose | Key Content Included |
|---|---|---|
| **Permanent Audit File (PAF)** | Contains documents of a continuing, long-term nature that remain relevant across multiple audit years. | Certificate of Incorporation, Memorandum and Articles of Association (M&A), Trade License, long-term bank loan agreements, system flowcharts, and historical tax registration certificates (TIN/BIN). |
| **Current Audit File (CAF)** | Contains documentation strictly relating to the specific financial year currently under audit. | Signed Engagement Letter, Materiality sheets, specific year trial balances, individual Test of Details (TOD) workpapers, bank confirmations, and the final signed Audit Report. |

Posted by at 11:22 AM 0 comments

Audit documentation 002

Here is the complete framework — **56 core audit documents across 7 phases**, fully cross-referenced. Below is a structured summary of the architecture:

---

## Framework Architecture

### Phase 1 — Pre-Engagement (DOC-01 to 06)
Before any work begins. Covers client acceptance, independence, AML screening (MLPA 2012 + BFIU), predecessor communication, and the engagement letter (ISA 210 / Contract Act 1872). All mandatory before signature.

### Phase 2 — Planning (DOC-07 to 13)
Overall audit strategy (ISA 300), materiality computation (ISA 320 — three tiers: overall, performance, specific), entity understanding (ISA 315 Revised 2019 with 6 components of ICFR), preliminary analytics, ITGC planning, group audit instructions (ISA 600 Revised), and team briefing.

### Phase 3 — Risk Assessment (DOC-14 to 20)
The Risk Assessment Matrix (RAM) by assertion is the anchor. Fraud brainstorming (ISA 240), ICQ + walkthroughs, related party mapping (BAS 24 + ISA 550 — critical in BD family-conglomerate structures), going concern initial review (ISA 570), and significant estimates identification (ISA 540 Revised 2019 — includes WPPF provision under Labour Act 2006).

### Phase 4 — Fieldwork (DOC-21 to 34)
14 documents covering: audit programmes (ISA 330), controls testing, sampling (ISA 530), bank confirmations (with BB/EDF-specific variants), debtors circularization (ISA 505), stock observation (ISA 501 — critical for RMG/pharma), revenue cut-off, **deferred tax** (BAS 12 + ITA 2023 — tax holiday SROs, minimum tax s.82C), **WPPF 5%** workpaper (Labour Act 2006 mandatory), loan analysis (BFRS 9 + BRPD circulars), litigation (BAS 37 + VAT Act 2012), query log (ISA 450), and expert evaluation (ISA 620).

### Phase 5 — Completion & Review (DOC-35 to 43)
Summary of audit differences vs. materiality thresholds, final analytical review (ISA 520.6), going concern final conclusion, subsequent events (BAS 10), Management Representation Letter (ISA 580 — signed same date as report), completion checklist, **EQCR documentation** (ISQM 2 — mandatory for all PIEs/listed), BFRS/BAS disclosure checklist, and **KAM documentation** (ISA 701 — mandatory for listed entities per BSEC 2020 notification).

### Phase 6 — Reporting (DOC-44 to 50)
Independent Auditor's Report (ISA 700/701/705/706), Management Letter (ISA 265), TCWG communication (ISA 260 + BSEC CG Code 2018), **Long-Form Audit Report for Bangladesh Bank** (BCD Circular — mandatory for banks), ICFR report (ISAE 3402), **Corporate Governance Compliance Certificate** (BSEC 2018 — filed with DSE/CSE), and tax audit certificate (ITA 2023 + Transfer Pricing Rules).

### Phase 7 — Post-Issuance (DOC-51 to 56)
File assembly within 60 days (ISA 230 + ICAB 7-year retention), hot/cold quality review (ISQM 1), post-report-date subsequent events, regulatory filing confirmations (RJSC + BSEC + BB + IDRA), lessons-learned memo, and independence renewal triggering the **7-year partner rotation** assessment (IESBA + ICAB Code of Ethics 2020).

---

**Key BD-specific items embedded throughout:** WPPF 5%, BSEC CG Code 2018, BRPD circulars, Income Tax Act 2023, NBR SROs, Labour Act 2006, MLPA 2012/BFIU, mouza/khatian land title verification, EDF loan confirmations, and CIC clearance for going concern.
Posted by at 11:22 AM 0 comments

Audit documents 001

For a Bangladesh statutory audit (Companies Act 1994, ISA as adopted by ICAB, FRC Bangladesh requirements, Big-4 methodology, ISQM 1/2), the audit file should be organized in chronological order from client acceptance to archive.

The list below is intentionally comprehensive and follows the actual audit timeline.


---

Phase 1: Client Acceptance & Continuance

A. Client Acceptance File

1. Engagement acceptance checklist


2. Continuance assessment


3. Client profile sheet


4. Corporate structure chart


5. Ultimate beneficial ownership (UBO) details


6. Related party mapping


7. Integrity assessment of management


8. Independence declaration


9. Conflict of interest assessment


10. AML/KYC documentation


11. Risk assessment of client


12. Previous auditor communication


13. Professional clearance letter


14. Background search documentation


15. Sanctions screening


16. Litigation screening


17. Engagement risk rating


18. Engagement approval memo


19. Partner approval documentation




---

Phase 2: Engagement Setup

B. Engagement Administration

20. Signed engagement letter


21. Audit strategy memorandum


22. Audit timetable


23. Staffing plan


24. Budgeted hours


25. Materiality determination


26. Performance materiality calculation


27. Trivial threshold determination


28. Audit team independence confirmation


29. Specialist involvement assessment


30. Component auditor assessment



C. Permanent File Update

31. Certificate of incorporation


32. Memorandum & Articles


33. RJSC filings


34. Trade license


35. TIN certificate


36. VAT registration


37. Bank facility agreements


38. Major contracts


39. Lease agreements


40. Insurance policies


41. Board structure details


42. Group structure


43. Prior years' audited FS


44. Accounting policy manual


45. ERP/System overview




---

Phase 3: Understanding the Entity (ISA 315)

D. Entity Understanding

46. Industry analysis


47. Economic environment assessment


48. Regulatory environment assessment


49. Business model documentation


50. Revenue stream analysis


51. Operational process mapping


52. Key management personnel list


53. Organizational chart


54. Governance assessment


55. Fraud risk brainstorming memo


56. Going concern preliminary assessment



E. Process Documentation

57. Revenue cycle walkthrough


58. Procurement cycle walkthrough


59. Inventory cycle walkthrough


60. Payroll cycle walkthrough


61. Treasury cycle walkthrough


62. Fixed asset cycle walkthrough


63. Financial close cycle walkthrough



F. Internal Control Documentation

64. Risk Control Matrix (RCM)


65. Flowcharts


66. Narratives


67. Walkthrough testing


68. IT environment understanding


69. ITGC assessment


70. Segregation of duties analysis


71. Key controls identification




---

Phase 4: Risk Assessment

G. Risk Assessment File

72. Significant risks memo


73. Fraud risks memo


74. Journal entry fraud assessment


75. Revenue recognition risk assessment


76. Management override assessment


77. Related party risk assessment


78. Going concern risk assessment


79. Compliance risk assessment


80. Preliminary analytical review


81. Risk universe document


82. Financial statement level risks


83. Assertion level risks


84. Risk-response linkage document




---

Phase 5: Test of Controls

H. Control Testing

85. Control testing strategy


86. Sample size calculation


87. Control testing working papers


88. Control exceptions log


89. Deficiency evaluation memo


90. Compensating controls assessment


91. ITGC test results


92. Application control testing


93. User access review testing


94. Change management testing


95. Backup recovery testing


96. Control reliance conclusion




---

Phase 6: Substantive Audit

Cash & Bank

97. Bank confirmation


98. Bank reconciliation testing


99. Cash count report


100. Cut-off testing


101. Foreign currency testing



Receivables

102. AR lead schedule


103. Debtor confirmation control sheet


104. Positive confirmations


105. Negative confirmations


106. Alternative procedures file


107. Subsequent receipt testing


108. ECL assessment


109. Aging analysis



Inventory

110. Inventory lead schedule


111. Inventory attendance memo


112. Inventory count sheets


113. Count test documentation


114. Inventory reconciliation


115. NRV testing


116. Obsolescence assessment


117. Inventory cut-off testing



Fixed Assets

118. FAR reconciliation


119. Additions testing


120. Disposal testing


121. Physical verification report


122. Depreciation recalculation


123. Impairment assessment



Investments

124. Investment schedule


125. Valuation testing


126. Market value verification


127. Fair value assessment



Revenue

128. Revenue lead schedule


129. Sales cut-off testing


130. Sales invoice testing


131. Contract review file


132. IFRS 15 assessment memo


133. Analytical review


134. Journal testing



Purchases & Expenses

135. Expense lead schedule


136. Vouching working papers


137. Accrual testing


138. Expense cut-off testing


139. Related party expense review



Payroll

140. Payroll reconciliation


141. Employee master verification


142. Payroll recomputation


143. Tax deduction testing



Borrowings

144. Loan confirmation


145. Interest recalculation


146. Covenant compliance review



Provisions

147. Legal confirmation


148. Provision assessment memo


149. IAS 37 review



Taxation

150. Current tax computation review


151. Deferred tax calculation


152. Tax assessment status


153. Tax provision review




---

Phase 7: Completion Stage

I. Completion Procedures

154. Completion checklist


155. Subsequent event review


156. Going concern final assessment


157. Final analytical review


158. Misstatement summary


159. SAD schedule


160. Materiality reassessment


161. Disclosure checklist


162. IFRS compliance checklist


163. Companies Act compliance checklist


164. FRC compliance checklist


165. Related party disclosure review


166. Segment disclosure review


167. Going concern disclosure review




---

Phase 8: Management Representations

J. Management Representation File

168. Draft representation letter


169. Signed representation letter


170. Fraud representation


171. Related party representation


172. Going concern representation


173. Litigation representation




---

Phase 9: Reporting

K. Financial Statements Review

174. Draft FS


175. Final FS


176. Cross-reference review


177. Disclosure review notes


178. Financial statement tie-out



L. Audit Opinion File

179. Engagement quality review documents


180. EQCR clearance


181. Partner review notes


182. Resolution log


183. Final opinion memorandum


184. Key audit matters memo


185. Emphasis of matter memo


186. Audit report


187. Signed auditor report




---

Phase 10: Governance Communication

M. TCWG Communication

188. Audit findings report


189. Internal control deficiencies report


190. Management letter


191. Audit committee presentation


192. Board presentation


193. TCWG communication letter


194. Significant deficiencies communication




---

Phase 11: Archiving & Quality Control

N. Archiving File

195. File completion checklist


196. Archiving checklist


197. Final version control log


198. Locked file evidence


199. Retention schedule


200. Archive approval




---

Additional Big-4 / FRC / ISQM Best-Practice Documents

201. Engagement Quality Risk Assessment


202. Root Cause Analysis (prior year findings)


203. Data Analytics Plan


204. Journal Entry Testing Universe


205. Fraud Interview Notes


206. Significant Estimate Challenge Memo


207. Professional Skepticism Documentation


208. Management Bias Assessment


209. ESG Reporting Consideration Memo


210. Cybersecurity Risk Assessment


211. Audit Evidence Sufficiency Memo


212. Contradictory Evidence Register


213. Consultation Memorandum


214. Hot Review Documentation


215. Cold Review Documentation


216. ISQM Monitoring Findings


217. Independence Monitoring File


218. Engagement Performance Review


219. Coaching Review Notes


220. Lessons Learned Memo




---

ISA Mapping (Most Important)

Area Primary ISA

Acceptance ISA 220, ISQM 1
Planning ISA 300
Materiality ISA 320
Risk Assessment ISA 315
Fraud ISA 240
Responses to Risks ISA 330
Audit Evidence ISA 500
Confirmations ISA 505
Estimates ISA 540
Related Parties ISA 550
Subsequent Events ISA 560
Going Concern ISA 570
Written Representations ISA 580
Reporting ISA 700–706
Group Audit ISA 600
Quality Management ISQM 1 & ISQM 2


For a large Bangladeshi listed company audit, a fully documented Big-4-style file will often contain 300–600+ individual working papers, with the above list forming the core chronological audit trail expected by ISA, FRC Bangladesh inspections, and ICAB practice reviews.
Posted by at 11:21 AM 0 comments
Subscribe to: Posts (Atom)