General Auditing Bureau of

Saudi Arabia

Methods for Developing Risk Based Audit Plans

Introduction:
Audit profession in the late of the 20th Century and at the beginning of 21st Century, faced multiple
difficulties that lead to the loss of confidence in the accounting and audit profession. The Media
and financial community (investors and creditors), subsequently, started their campaign against
the profession demanding governments intervention and to issue laws to combat corruption and
adopt Corporate Governance. We must bear in mind the Enron Energy scandal, where the
company recorded significant losses because of the negligence of Arthur Andersen, the company
that audited Enron's books where it, accordingly, lost its license. A number of law suits were filed
by shareholders.
Audit Planning is the first step of any audit mission, which the auditor follow to conduct his
mission to ensure the achievement of the audit mission goals.
Due to the importance of the audit planning, SOCPA has devoted an audit standard for audit
planning that necessitated the auditor to plan the audit well before the audit mission.
Audit Planning might involve a number of risks due to the vast responsibilities embarked upon
auditors while performing their audit mission.
Identification of Risks:
Audit Standards have identified Risks as: "the probability that the auditor issues an absolute audit
opinion on a financial statement that may contain fraud or substantial errors.
Audit risks can be: inherent risk, control risks, or discovery risk. As part of it role, The Saudi
Organization for Certified Public Accountants (SOCPA) has given too much importance to risks. The
Professional Standards Committee in SOCPA has prepared a criteria on risks and was discussed
later in different meetings of the committee and submitted, accordingly, to the General
Secretariat. Later on, the Criteria were disseminated to all beneficiaries in the field of accounting.
The feedback of beneficiaries and their comments and remarks were then analyzed and
integrated. Finally, the Criteria No.: 11/2/3 were adopted and issued on June 7, 2000.
Reasons for Choosing the topic:
Audit Risks are obstacles faced by auditors in auditing an entity and it affects his professional
opinion and confidence on financial statements. Types of risks that have to be taken into account
by professional associations and auditors.
Statistical Sampling Risks
Risk of Computer-aided audit tools
Risks of Accounting Estimates by Auditee
Risks of Material Misstatement
Risks of Weak Internal Controls
Inherent and Detection Risks
Risk with Analytical Procedures
The main question to be asked is :
Are the techniques used in audit planning aims at mitigating risks?

General Auditing Bureau of

Saudi Arabia

To answer this, it needs to be split it to sub-questions as follows:

1. Does the appropriate using of statistical sampling by external auditor mitigates audit risks?
2. Do the computerized accounting information systems mitigate audit risks?
3. Do the verification for the validity and accuracy of accounting estimates by an auditor
mitigates audit risks?
4. Does incurring responsibility in fraud detection and illegal acts by auditor mitigates audit
risks?
5. Does risk assessment mitigates risks of material misstatement at the financial statement
level?
6. Does detection of weaknesses in internal controls mitigates risks of material misstatement
at the financial statement level?
Scope:
- Introduction to Auditing.
- Concept of Audit, types and functions.
- Auditors:
o Traits
o Professional Qualification
o Training
o Work Motivation
- Introduction to Planning:
o Definition and Significance
o Processes
- Internal Control
o Definition
o Relationship between Internal Control and External Audit
o COSO components of Internal Control
o Evaluation of internal control systems
- Auditing Risks
o Concepts
o Types
o Risk Management
o Risk Assessment and Internal Control
o Inherent Risk, Audit Risk and Detection Risk
o Role of Auditors in managing and assessing risks?
o Audits process and Risk Assessment
Study period:
Six months starting from the date of approval.