Are International Auditing Standards suitable for small
audits?
Craig Fisher, FCA, New Zealand Auditing and Assurance Standards Board
member and Chairman of RSM New Zealand
Justin Reid, CA, Australian Auditing and Assurance Standards Board
member and assurance consultant
April 2017
This was essentially the question being posed at a recent forum (the IAASB forum) hosted
by the International Audit and Assurance Standards Board (IAASB) in Paris.
International Standards on Auditing (ISAs) are the gold standard when it comes to audit
standards. They are set by a truly international body with a sound governance and due
process framework which seeks input from as broad a range of stakeholders as possible. As
such, they have been adopted by a large proportion of countries as their official audit
standards. In addition, many countries that haven’t adopted them use the ISAs as the base
for their own domestic standards.
However, due to a range of reasons. ISAs have increasingly been perceived as possibly
inappropriate for small audits by some parties, prompting the IAASB to hold the forum. This
article highlights some of those issues, key features of the forum, and some possible ways
forward.
Representing ‘down under’ at the Paris conference
Held over two days (26-27 January), the Paris forum, hosted by the French professional
bodies, saw close to 100 delegates from all over the world meet to exclusively discuss the
issues facing the auditing of SMEs by SMPs.
On the agenda were two key issues:
1.
What non-audit services were SMPs providing their SME clients, and
2.
Were the ISAs in their current form scalable for the use on SMEs?
Both New Zealand and Australia have adopted ISAs as part of our respective countries’
commitment to global standards and best practice and, on a world stage, we are essentially
countries dominated by SMPs who are auditing SMEs.
It was therefore important that members of the New Zealand and Australian auditing and
assurance standards boards attended this inaugural forum.
From an international perspective, New Zealand and Australia are generally seen as
proactive first world economies, responsible international citizens, despite being small in
population terms, and somewhat geographically isolated, and also as having a habit of
getting on with the job and with practical solutions. Because of these factors, we often serve
well as a test case for other countries to observe and learn from. We also have a very strong
and active involvement and positive reputation in standard setting circles and, while it may
be seen as a cliché by some; we do punch well above our weight. Our views are sought
after and listened to.
It is also very pleasing from a trans-Tasman harmonisation perspective that we also usually
speak with a common viewpoint.
Is there a problem?
Anyone involved in auditing over the past 20 years will attest to a continued growth in the
number, specificity, and volume of audit standards. While many will argue that the
fundamentals of a good independent audit remain largely the same, there is no denying
standards have evolved to be more detailed and explicit due to:

A move to creating a single globally applicable standard set that can apply to any
audit

Increasing complexity of business

Increasing concern over quality of auditing as a safeguard

Increased regulatory input and influence, and

An ongoing desire to reduce the ever-present audit ‘expectation gap’.
Several of the above factors are multi-level challenges. For example, creating a globally
applicable standard set involves the challenge of accommodating varied legal and business
practices in different countries as well as the fundamental challenge of ensuring the
language used is translatable. A complexity not to be underestimated when some terms
simply do not exist in some languages!
Increased regulatory input has also been a key and growing feature in recent years.
Following Enron and the more recent GFC, the number of, and the sphere of influence by
financial regulators has continued to grow and the audit profession has not been immune to
their growing influence. In fact, some would assert that auditors have been disproportionally
impacted by increased regulation. Because we are a profession that operates under strong
ethical guidelines and standards, we can be regulated, perhaps more easily, than some
other participants in the financial information supply chain.
The result has been significantly increased compliance obligations, and increasing tensions
in many jurisdictions. While regulation is undoubtedly needed for the protection of capital
markets, there are views that regulatory impact, especially in terms of compliance cost, may
be becoming disproportionate. Has the pendulum swung too far and are the gains from the
increased regulation outweighing the compliance costs?
Another impact of regulator input on audit and assurance standards has been a move from
a principle based approach to what some would say is a muddled combination of both rules
and principles.
Ironically, the attempts to better explain audit requirements within standards by providing
greater application material has not only lengthened them but, some have argued, widened
the gap between auditors and the expectations of regulators, as many regulators interpret
application material within the ISAs as minimum requirements.
The adoption of the ISAs with the concept of “mandatory” requirements has resulted in many
regulators constantly challenging auditors over the application of professional judgement
and scepticism when choosing not to apply “mandatory” elements to an SME audit.
There is also the conundrum in auditing that generally the smaller the entity, the more
disproportionate the cost of audit compliance. Hence the combination of increasingly poor
economics of providing audit to SMEs, combined with the increasing regulatory pressure
and risk, is having the impact of driving some auditors out of the profession.
Calls for change
With all the above impacting the “single set of audit standards to be applied to all audits”,
there have been increasing calls for change in the ISAs to better accommodate for the audit
of SMEs. Among the forum attendees from international standard setters, professional
accounting bodies, audit firms, and even some regulators, interest in exploring this issue
was high.
The Nordic Federation have even gone as far as to try and develop a draft simple standard
for the audits of small entities.
This Nordic Standard for Audit of Small Entities (SASE) was discussed, with concerns raised
over the unintended consequences of a differential audit standard. Concerns include twotiered audit providers; a perception that an SME audit would be considered an inferior
product; and that worldwide consensus would be impossible to achieve on what an SME
audit standard should or should not contain. When exploring this topic even trying to reach a
sensible consensus on what is the definition of a SME proved challenging!
Australasia had similar loud calls a few years ago, for “differential auditing standards”.
However, while initially attractive as a concept, once you investigate this concept in practical
detail it quickly proves problematic. There already exists quite an audit “expectation” gap,
and the danger of adding a different level of assurance would serve to add further confusion.
Due to this, the consensus of the forum was not supportive of the development of new
standards directed towards the audit of SMEs and that ISAs are portable and scalable for
any sized (or risk) audit.
However, there was also consensus that there needs to be better understanding of the
concepts of scalability (which is a synonym for flexibility), and proportionality (risk) which are
fundamental to the concept of applying professional judgement.
Are the ISAs scalable for the audit of SMEs?
Brendan Murtagh, IAASB Member (Ireland) spoke specifically on the issue of the scalability
and proportionality of the ISAs. He discussed that the ISAs are principles based (scalable)
standards built on the foundation of professional judgement of the auditor applying a risk
based (proportional) approach.
He also stated that auditors in applying the ISAs to any sized audit engagement are
expected to apply their professional judgement in several circumstances that are particularly
relevant for SMEs and that this was achievable because:
1.
Many of the ISAs are clearly not relevant when auditing an SME, such as ISA 610
Using the Work of Internal Auditors.
2.
Many conditions do not exist in the audit of your average SME, allowing the auditor to
scale down the ISAs application in those circumstances. An example might be the
absence of any need for an auditor’s expert as the SME does not have specialist assets
requiring complex or subjective valuations, and
3.
Often transactions and balances in SMEs are not complex or less likely to be subject to
fair value judgements than large listed audit clients, therefore the audit can often be
considered lower risk. A lower risk of material misstatement again provides the auditor
considerable ability to apply their own professional judgement with respect to the
nature, timing and extent of the audit procedures conducted.
Going forward the IAASB have on their work plan a focus on the audits of SMEs and at
present the revision of two key ISAs (ISA 315 Identifying and Assessing the Risk of Material
Misstatement and ISA 540 Auditing Accounting Estimates) are addressing the need to build
proportionality into the revisions as well as the ability for auditors to perform risk assessment
procedures commensurate with the size and nature of the entity.
This demonstrates the commitment the IAASB has to ensuring that SMP auditors
conducting the audits of SMEs are seen as a vital part of the auditing profession going
forward.
Possible solutions?
While many possibilities were thoroughly discussed and debated at the conference, the
following were some of the key practical solutions put forward:
1.
Improved communication and education – of auditors, of users of audits, and of
regulators. While the IAASB is trying to do this, success will only be achieved if all
parties who can make a difference are involved, e.g. local standard setters,
professional bodies, auditors and regulators.
2.
A fundamental change in standard setting mind-set and approach. That is, to start
drafting standards for the simplest situations, and then providing additional detail
for more complex situations when these apply. Currently ISAs are written to apply
to all situations and hence tend to mean that an SMP/SME auditor needs to wade
through a lot of detail. On top of this there is additional guidance for SMPs in
applying to SMEs so, ironically, the auditors of a small entity may actually have to
read more of the standard than those of a large entity.
This change in approach sounds logical and simple but will no doubt be complex, especially
in progressively changing existing standards and the practical implications of the speed with
which any change can be effected and become applicable.
Where to from here?
The future development of auditing standards at both an international and national level,
must continue to consider the needs of SMPs who require practical yet high quality solutions
to the ever-growing complexity of audit standards.
As audit standards are revised to naturally address the larger higher risk audit
engagements, the standard setters appear committed to ensuring that the outlook includes
the consideration of scalability and proportionality for SMPs conducting the audit of SMEs.
The authors both hope that the wider stakeholders of auditors’ reports, including regulators,
are able to also apply the same level of professional judgement when it comes to the
interpretation of auditing standards.