The definitive list of comprehensive audit documentation is organized below by chronological sequence across five distinct phases.
## Phase 1: Pre-Engagement & Client Acceptance
Before any substantive planning begins, the auditor must assess independence, professional ethics, and client risk profiles.
* **Expression of Interest (EOI) or Proposal Document:** Formal submission to the client outlining the firm's capabilities and scope of work.
* **Client Evaluation Checklist & Know Your Customer (KYC):** Documentation verifying client identity, ultimate beneficial ownership (UBO), and anti-money laundering (AML) risk screening.
* **Professional Clearance / No Objection Certificate (NOC):** Formal communication sent to the predecessor auditor under the ICAB Code of Ethics to inquire if there are any professional reasons not to accept the engagement.
* **Evaluation of Independence and Ethical Compliance:** Form signed by the engagement team confirming the absence of direct or indirect financial interests, familial ties, or non-audit service conflicts.
* **Letter of Engagement (ISA 210):** The contract defining the objective, scope, responsibilities of management, and the applicable financial reporting framework.
* **Audit Appointment Letter & Board/AGM Resolution:** Client-provided copy of the Annual General Meeting (AGM) or Board resolution appointing the firm, ensuring compliance with Section 210 of the Companies Act 1994.
## Phase 2: Audit Planning & Risk Assessment
This phase establishes the overall audit strategy and detailed testing approaches. All risk assessments must align with the specific regulations of Bangladesh (such as FRC rules for Public Interest Entities).
* **Overall Audit Strategy & Planning Memorandum (ISA 300):** Document defining the scope, timing, direction of the audit, and resource allocation.
* **Materiality Working Paper (ISA 320):** Calculation sheet establishing Overall Materiality, Performance Materiality, and the Clearly Trivial Threshold based on selected benchmarks (e.g., profit before tax, revenue, or total assets).
* **Risk Assessment Procedures Workbook (ISA 315):** Documentation regarding the understanding of the entity and its environment, including the applicable financial reporting framework.
* **Internal Control Evaluation Questionnaire (ICEQ):** Comprehensive walkthrough narratives, flowcharts, and design evaluation files for key transaction cycles (e.g., Revenue, Procurement, Payroll).
* **Preliminary Analytical Review Workings (ISA 520):** Ratio analysis, trend analysis, and horizontal/vertical variations comparing current-year unaudited figures with prior-year audited numbers to spot unusual fluctuations.
* **Notes of Planning Meeting:** Minutes of the internal team meeting chaired by the Engagement Partner to discuss fraud risks (ISA 240) and specialized testing areas.
* **Prepared by Client (PBC) Tracker:** The master list of schedules, ledgers, and reconciliations requested from the client's management team.
## Phase 3: Audit Execution & Testing (Substantive & Controls)
The core operational phase where field auditors accumulate evidence to address the identified risks of material misstatement.
* **Test of Controls (TOC) Sheets (ISA 330):** Sample testing files detailing the operating effectiveness of the client's internal controls.
* **Audit Programs / Lead Schedules:** Summary schedules for each financial statement line item linking the trial balance to individual test sheets.
* **Substantive Test of Details (TOD) Workpapers:**
* **Inventory Physical Verification Report (ISA 501):** Stock count instructions, sheet-to-floor and floor-to-sheet testing logs, and cutoff documentation.
* **External Confirmations Logs (ISA 505):** Standard balance confirmation letters sent directly to, and received from, bankers, legal advisors, customers, and vendors.
* **Bank Reconciliation Statements (BRS) Review:** Audit testing sheets verifying client bank reconciliations against original bank statements and bank confirmation certificates.
* **Fixed Assets / Property, Plant, and Equipment (PPE) Verification:** Physical inspection logs and depreciation calculation verification sheets.
* **Taxation and VAT Workings:** Documentation reviewing the adequacy of current and deferred tax provisions against national tax regulations (Income Tax Act 2023 and Value Added Tax and Supplementary Duty Act 2012).
* **Journal Entry (JE) Testing Logs:** Sifting and evaluating manual or unusual journal entries to address the risk of management override of controls.
## Phase 4: Review & Evaluation
Supervisors, managers, and partners review the gathered evidence to ensure it supports the audit conclusions.
* **Summary of Uncorrected Misstatements (SUAM / ISA 450):** A schedule accumulating all unadjusted errors found during testing to evaluate their aggregate impact on the financial statements.
* **Subsequent Events Review Checklist (ISA 560):** Minutes review, inquiry sheets, and post-balance-sheet ledger scans up to the date of signing.
* **Going Concern Evaluation Working Paper (ISA 570):** Documentation assessing management’s assessment of the entity's ability to continue as a going concern for at least twelve months from the reporting date.
* **Audit Cross-Referencing & Review Notes Grid:** Documentation proving that senior team members reviewed the workpapers, along with the resolution of any queries raised.
* **Engagement Quality Control Review (EQCR) Document (ISA 220):** Independent partner review file mandatory for listed entities and high-risk Public Interest Entities (PIEs) under FRC guidelines.
## Phase 5: Completion & Reporting
The final closure documents required to conclude the legal and professional obligations of the audit firm.
* **Management Representation Letter (MRL / ISA 580):** Written statements from client management confirming their responsibilities and the completeness of information provided to the auditors.
* **Management Letter / Internal Control Weakness Memo (ISA 265):** Letter sent to those charged with governance outlining reportable control deficiencies and recommendations for improvement.
* **Document Validation System (DVS) Token Generation Receipt:** Under the joint mandate of ICAB and the National Board of Revenue (NBR), auditors must register the audit report on the ICAB DVS portal and print the unique DVS tracking code on the final report.
* **Independent Auditor’s Report (ISA 700, 701, 705, 706):** The final signed audit opinion, incorporating Key Audit Matters (KAM) for listed entities and specific sector report formats (such as Bangladesh Bank guidelines for financial institutions).
* **Archival and Sign-Off Checksheets:** Formal lock-down verification proving the final audit file is closed and archived within 60 days from the report date.
### Key Audit File Categorization
For structural clarity, audit firms divide these chronological documents into two distinct physical or digital files:
| File Type | Purpose | Key Content Included |
|---|---|---|
| **Permanent Audit File (PAF)** | Contains documents of a continuing, long-term nature that remain relevant across multiple audit years. | Certificate of Incorporation, Memorandum and Articles of Association (M&A), Trade License, long-term bank loan agreements, system flowcharts, and historical tax registration certificates (TIN/BIN). |
| **Current Audit File (CAF)** | Contains documentation strictly relating to the specific financial year currently under audit. | Signed Engagement Letter, Materiality sheets, specific year trial balances, individual Test of Details (TOD) workpapers, bank confirmations, and the final signed Audit Report. |
Posts
