Improving audit planning in financial audit conducted by deloitte vietnam

Establish detailed audit plan...31 CHAPTER 2: PRACTICE OF AUDIT PLANNING IN FINANCIAL AUDIT CONDUCTED BY DELOITTE VIETNAM – AT ABC joint stock company...34 2.1....Introduction of the ABC

NATIONAL ECONOMICS UNIVERSITY SCHOOL OF ACCOUNTING AND AUDITING

TABLE OF CONTENTS

Table of contents i

Abbreviation iii

List of Figures iv

List of Tables v

List of illustration vi

Introduction 1

CHAPTER 1: CHARACTERISTICS OF AUDIT PLANNING IN FINANCIAL AUDIT CONDUCTED BY DELOITTE VIETNAM 3

1.1. Overview of audit planning in financial audit conducted by DELOITTE VIETNAM 3

1.1.1 Process of financial statements audit 3

1.1.2 Organization of audit planning 5

1.1.3 The role of audit planning 5

1.2. Order of planning and designing audit methods in the audit of financial statements at Deloitte 6

1.2.1 Prepare audit plan and establish overall audit strategy.6 1.2.2 Establish detailed audit plan 31

CHAPTER 2: PRACTICE OF AUDIT PLANNING IN FINANCIAL AUDIT CONDUCTED BY DELOITTE VIETNAM – AT ABC joint stock company 34

2.1. Introduction of the ABC Joint Stock Company 34 2.2. Prepare audit plan and establish overall audit strategy 35 2.2.1 Assess and respond to risks, decide to accept and continue audit contract 35

2.2.2 Select the engagement team and agree on terms in the audit contract 44

2.2.3.Collect customer information about business operationsand the accounting cycle 472.2.4 Understand internal control 562.2.5 Determine materiality 622.2.6 Studying audit reports, inspection results of previousyears, considering the use of expert opinions 652.2.7 Risk assessments of balances, transactions anddisclosures in the financial statements 682.2.8 Present an overall audit strategy 752.3. Establish detailed audit plan77

2.3.1 Planning test of controls 782.3.2 Planning substantive tests 82

CHAPTER 3: ASSESSMENTS AND RECOMMENDATIONS TO IMPROVE AUDIT PLANNING IN FINANCIAL AUDIT CONDUCTED BY DELOITTE VIETNAM 85

3.1.Assessments on the audit planning in financial audit conducted

by Deloitte Vietnam 853.1.1 Strengths 853.1.2 Limitations and causes 893.2. Recommendations to improve the audit planning in financialaudit process conducted by Deloitte Vietnam 91Conclusion 93

CTT Clearly Trivial Threshold

DRMS Deloitte Risk Management SystemD&I Design and Implementation

LIST OF FIGURES

Figure 1.1: Organizing the audit of financial statements at Deloitte 5Figure 1.2: Risks classification before signing audit contracts 12Figure 1.3: List of members participating in the audit contract 13Figure 2.1: Summary of risks when accepting an ABC JSC audit andhow to respond to risks 41Figure 2.2: Letter to previous year auditor 42Figure 2.3: Response letter from previous year auditor 43Figure 2.4: Decision to accept the ABC JSC 2019 audit contract 43Figure 2.5: Calculation of audit fees ABC JSC 2019 45Figure 2.6: Preliminary analytical procedure of items on thefinancial statements 69Figure 2.7: Criteria to assess the risk level of materialmisstatement 70Figure 2.8: Scale table of sample selection applied for SignificantRoMMs 78Figure 2.9: Example of OE test for sales 81Figure 3.1: Deloitte Vietnam's audit approach and subphase entries

in the audit files 90

LIST OF TABLES

Table 1.1 Factors determining risks of audit contracts 7Table 2.1: Multiple-choice questionnaire about risks of conflicts ofinterest and information security affecting the independence ofauditors 38Table 2.2: List of members participating in the audit contract ABCJSC 44Table 2.3: Understanding the internal control environment ABC JSC 57Table 2.4: Understanding internal control monitoring activities ABCJSC 59Table 2.5: Calculation of materiality, performance materiality, andclearly trivial threshold 64Table 2.6: Questionnaire for review audit files 65Table 2.7: Detail Questions 67Table 2.8: Annotation of criteria to assess the risk level of materialmisstatement 71Table 2.9: Assessing the risk of material misstatement of certainaudit sections 72Table 2.10: Planning of operational effetiveness revenue section 80Table 2.11: Substantive test planning 83

LIST OF ILLUSTRATION

Illustration 2.1: Excerpt of working papers "Assessing the risk ofaudit contracts at ABC customers for the 2019 audit year" 35Illustration 2.2: Excerpt of working papers "ABC JSC audit contractfor the year of audit 2019" 46Illustration 2.3: Excerpt of working papers "Understanding theentity and its environment external factors affecting the entity" 48Illustration 2.4: Excerpts of working papers "Understanding theentity and its environment internal factors affecting the entity" .49Illustration 2.6: Excerpt of working papers “Accounting policiescurrently in use at ABC JSC” 53Illustration 2.7: Excerpt of working papers "Process of revenue cycle

at ABC JSC" 56Illustration 2.8: Excerpt of working papers "Understanding of theentity’s risk assessment process" 58Illustration 2.9: Excerpts of working papers "Overview of thefinancial reporting process at ABC JSC" 60Illustration 2.10: Excerpt of Working Paper “Determiningmateriality for the financial statements of ABC JSC” 63Illustration 2.11: Excerpt of working papers “overall audit strategy

- Summary content at ABC JSC customers" 75

The technological change is taking place at anunprecedented and almost instantaneous scale, which results in agrowing focus on data, structured and unstructured, created inside

or outside the business This new and huge source of data has led

to such dramatic changes in the accounting industry, auditing thatauditors increasingly need to adapt to the changing demands ofusers of audit information on data interpretations

In order to successfully complete the task and provide thebest professional services, the auditing firms pay attention to theaudit planning step - the decisive step to the success of financialauditing reports in particular and other types of audits in general

In order to meet the quality needs of the financial reporting audit

in the digital age, the planning stage has also made timelychanges

At Deloitte Vietnam Co., Ltd (hereinafter referred to as

"Deloitte Vietnam") - one of the world's leading auditing brands,always captures the trend and pioneers in adapting to all auditingenvironment changes, thereby developing the mostcomprehensive and preeminent audit planning method However,the rigor of elements of the audit method at Deloitte Global(hereinafter referred to as "Deloitte") will sometimes be achallenge for specific audits of regional Deloitte companies,because specific audits will need separate and flexible planningmethods

Within the scope of this internship, I will delve into the mostcomplete analysis of the steps in the financial statement auditplanning being applied at Deloitte Vietnam At the same time,

from the internship experience at the client company, I would like

to make comments and comparisons between the audit planningmethod agreed on the same at Deloitte Vietnam and the jobs thatthe auditor at Deloitte Vietnam proceeds in practice

Thesis: Improving audit planning in financial audit conducted

by Deloitte Vietnam includes three chapters:

Chapter 1: Characteristics of audit planning financial audit conducted by Deloitte Vietnam

Chapter 2: Practice of audit planning in financial audit conducted by Deloitte Vietnam – at ABC Joint Stock Company

Chapter 3: Assessments and recommendations to improve audit planning in financial audit conducted by Deloitte Vietnam

I would like to sincerely thank all my colleagues at DeloitteVietnam, and my instructor PhD Nguyen Thi Lan Anh hasaccompanied and commented on me to complete this thesis Ihope to receive constructive comments from experts and readers

Sincerely thank you.Hanoi, May 18, 2020

Students,

Vu Tien Dat

CHAPTER 1: CHARACTERISTICS OF AUDIT PLANNING IN FINANCIAL AUDIT CONDUCTED BY DELOITTE VIETNAM

1.1 Overview of audit planning in financial audit conducted by DELOITTE VIETNAM

1.1.1 Process of financial statements audit

At Deloitte, the financial statements audit service is alwaysstarted from the understanding of customers through an

enterprise's risk-based auditing method, the audit process is

synchronized and built by leading experts

The audit process at Deloitte consists of 4 stages

Prepare audit plan and design overall audit strategy

In this step, Deloitte, after finding and offering leads, will give

a basic assessment of the risks and benefits of signing an auditcontract with customers In parallel with collecting basicinformation of customers, the auditing company selectsappropriate audit members The audit risk assessment andcontract signing will be conducted by the Audit Partner, theinformation on business activities, internal control will beconducted by the Audit Manager, who is also a member of theauthority to select the audit team to conduct year-end audit orperiodical audit After preliminary understanding, the AuditManager will summarize and report to the Audit Partner forapproval and carry out detailed planning procedures for jobs whenthe audit officially commences

Planning detailed audits

After conducting preliminary information and determiningthe materiality, the Audit Senior will plan in detail the audit inaccordance with the number of members and audit time whichwas agreed in the "Prepare audit plan" stage The Audit Seniorcollects the financial statements from the customer and performs

a preliminary analysis, thereby recognizing the items and figureswith potential risks of misstatements on the financial statements.Next, tests of controls will be established to test the design andimplementation of the internal control At the same time, auditedfinancial statements, state audit reports or documents of internalinspection and audit will be discussed by the engagement team.From there, the Audit Senior will determine the amount of thesubstantive tests or the number of samples that audit assistantswill have to perform during the audit

Executing of Audit Plan

Once all necessary audit procedures have been prepared andcompleted, the audit team proceeds to the customer to collectdata and perform the audit First of all, the auditors perform test ofcontrols to make sure the existence of the internal control Controlpoints will then be checked to see how effective internal control is

In case the internal control is effective and effectively operated,auditors will minimize the basic tests to save on audit costs andminimize unnecessary procedures In contrast, the substantivetests will be conducted as planned

Reporting and Assessing Performance

In this step, the Audit Manager and Audit Senior need toprovide audit results to two subjects: customers and Audit Partner.The auditors review and summarize the events arising after the

cut-off date and carries out the handling, whether recorded on thefinancial statements, or disclosed on the notes of the financialstatements or omitted if not material At the same time, auditorscollect the representation letter of the board of management,publish the audit report and management letter so that thecustomer knows the key points that need to be resolved Theauditor will then report and explain to the competent seniormanagement in the company after reviewing the quality of theaudit.

This thesis will delve into the analysis of the first two stages,show the specific method at each small step in each stage and atthe same time contrast the method with the actual operation ofthe audit that I had the opportunity to do in the last internship

1.1.2 Organization of audit planning

The planning process is always closely supervised by theAudit Partner and Audit Manager The organization of auditplanning for each position at Deloitte can be summarized asfollows:

Figure 1.1: Organizing the audit of financial statements at Deloitte

(Source: Author self-collected from Deloitte Vietnam, 2020)

From the figure above, it can be seen that the Audit Manager

is the person who is largely responsible for preparing the auditplan after signing the audit contract with the customer However,the planning work of each position is always reviewed regularly bythe higher position, the Audit Partner and Audit Manager willalways monitor the activities throughout the audit planning

1.1.3 The role of audit planning

In accordance with VSA Auditing Standard No 300 (issuedtogether with Circular No 214/2012 / TT-BTC dated December 6,

2012 of the Ministry of Finance), the audit plan includes thedevelopment of an overall audit strategy and Audit Plan for theaudit At Deloitte, this process corresponds to two stages:Preparing the audit plan and overall audit strategy; Planningdetailed audits Auditing planning is important and brings benefits

Review the work of Manager, Senior, Associate

Establish audit contract Review audit plan

Partner

Review the work of

Senior, Associate

Select engagement staff

Understand the business

Determine materiality Construct audit program

Senior

Understand the

to the financial statements audit This is presented in the AuditingStandard VSA 300, specifically:

“a)Help the auditing company to minimize risks andprofits, minimize liability, certainly have enough potential toperform audits and maintain professional reputation withcustomers

b)As a basis for the auditing company to avoid any realestate that may occur when auditing customers The auditor,based on the agreed audit plan, will conduct the audit work aswell as the responsibilities of the parties, avoiding unfortunatemisunderstandings between the auditing company and theaudit object

c)Assist in the selection of audit team members withappropriate competence and ability to handle anticipated risks,and assign tasks to each member

d)Assist the auditor to properly focus on the materialitem, potential risks of material misstatements errors, therebyimproving the audit efficiency and reducing audit costs

e)Create conditions for auditors to coordinate effectively

as well as coordinate with relevant departments such asinternal auditors, state auditors, external experts At the sametime, the audit plan helps the audit manager timely direct,monitor and review the work of the audit team.”

(Source: Vietnam Standards on Auditing VSA 300, 2012)

1.2 Order of planning and designing audit methods in the audit of financial statements at Deloitte

1.2.1 Prepare audit plan and establish overall audit strategy

It can be said that this is a premise period for a detailed auditplan, the key point of this stage is to identify the risks and benefitsachieved when signing the audit contract, and to understand the

information Important information about the audit object,including the 6 basic activities below

1.2.1.1 Assess and respond to risks, decide to accept and continue the audit contract

This is the work directly performed by the Audit Partner,because the Partner is the one who is competent and responsiblefor the audit revenue-generating activities at the company, who isthe representative of Deloitte, and also accountable for all servicesprovided to customers When considering signing an auditcontract, Deloitte will have specific evaluation procedures,depending on the new customer audit contract (first year audit) orold customer audit (previous year's audit) The biggest differencebetween the two types of customers is the caution when signingnew audit contracts The audit Partner will authorize the AuditManager to find out the cause of the client's decision to changethe auditing firm, need the consent of the customer to contacthis / her predecessor on important issues, From there, assessauditing risks and make decisions to sign audit contracts Ingeneral, Deloitte's audit contracts are analyzed and finalized inthree steps:

Step 1: Assess the risks of audit contracts

The audit manager will conduct a risk classification, includingthe assessment of the risk of material misstatement of fraud, forboth new and old contracts, for the purpose of identifying andresponding to risks Deloitte will delve into the criteria (Table 1.1),which are the multiple choice questions that assist customer riskassessment

Table 1.1 Factors determining risks of audit contracts

Indicator Need to

understand

Evaluation question

Does the auditor have reason to not trust and underestimate the

characteristics of governance and the integrity of the management

or in other words question the ability of the management to explain?

Corresponding riskInterview chief accountant and managers

Assess the risk of fraud from the management

of General Directors and functional

departments

Does the organizational and managementstructure have incompatibility with the size and nature of the business?

Management mindset and executive style of the Coucil members and the Board of Management

Organizational structure, powers and responsibilities

of the sections

Control procedures are incompatible withthe size and nature of the business or not?

Does the auditor understand the management's supervisory capability, the control

performance authorized by others, and the effectiveness of the supervisory effect on

management?

Control system of the Board of

of client’s business?

Ownership structureand governanceInvestment activitiesFinancial structure

Business

environmen

t

Overview of economic and social situation

Are there any external impacts from the

business Market overview of

business lines environment that

affect the business performance and the ability of customers to continue as a going concern?

The laws and regulations, including financial mechanisms, accounting regime

transactions

Are there any findings that auditors do not have sufficient knowledge about the nature of activities and business relationships between audit object and related parties, especially when they act as third parties instead ofrelated parties?

The audit satisfies quality control requirements

Fraudulent

risks

Fraudulent assumption relates

to management’s override of control

Does auditor recognize fraud risk factors related to frauds resulting from Assumptions related

to accounting policies

(Source: Author self-collects from Deloitte’s documents, 2020)

When the auditors investigate the necessary procedures ofeach element, they will answer the multiple-choice questionsabove if the answer is Yes, the above elements will be determined

to be a customer risk The auditor will summarize the risks and fill

in DRMS - Deloitte Risk Management System

“This software is used by all departments at Deloitte (Audit,Tax Consulting, Risk Advisory and Financial Management) atDeloitte member companies The software was designed in 2006,with the following main objectives:

• Accurate and more complete risk assessment of customersand contracts

• Identify issues of independence or conflicts of interestrelated to current and potential customers and service contracts

• Ensure appropriate people are consulted with the bestinformation in a timely manner before accepting/continuing to signcontracts with customers

• Facilitate appropriate decisions about accepting orwithdrawing from a service contract

• Formalize the risk assessment process for customers

• Support supervising the process of accepting or continuing

a service contract

• Improve the efficiency of processes for accepting orcontinuing a service contract”

(Source: Website Deloitte Vietnam, 2019)

The software has helped the member companies a lot incomplying with and limiting risks in accordance with the law, theProfessional Ethics Code and Standards of Accounting and AuditingAssociations Details of the DRMS form will be presented in theactual situation of the financial statement auditing

Step 2: Deal with the risks of signing an audit contract

After assessing auditing risks, auditors will plan the work to

be done to minimize these risks Risks and feedback are presented

in DRMS, including customer risks, contract risks, customerunderstanding risks, corruption risks, independence risks,customer information risks, confidentiality of contract informationrisks The figure below lists the risks reviewed by Deloitte before

signing an audit contract, to ensure the comprehensiveness of theinformation, the author verbatim excerpts from Deloitte Vietnam'sdocuments.

Overall Risk Factors

Global Questionnaire

Client and/or engagement risk for this case

Client Risk Factors

Risk Classification Document Attachments

Figure 1.2: Risks classification before signing audit contracts

(Source: Documents from Deloitte Vietnam, 2020)

The above figure is a summary of risk that relate to the auditcontract At Deloitte, there are 9 contract that need to beconsidered: Overall risk factors, Client risk factors, Engagementrisk factors, Know your client check risk factors, Anti-Moneylaundering risk factors, Conflict check risk factors, Independencecheck risk factors, Client information risk factors, Engagementinformation risk factors The Audit Manager will fill out thequestionnaires considering each of the risk factors on the DRMS.Then the result will be showed in the Figure 1.2

Step 3: Decide to accept or continue the audit contract

Before accepting an audit contract, the auditors shouldconsider all of the above information, including: customer risk,contract risk and customer understanding risk presented whenassessing risks of audit contract Deloitte will use multiple choicetools to assess corruption risks, risks of conflicts of interest andrisks of independence (multiple choice questions) and risks related

to information confidentiality The details of the questionnaire will

be presented in detail in Chapter 2: Practice of audit planning infinancial audit conducted by Deloitte Vietnam – at ABC Joint StockCompany After evaluating all risks related to the signing of thecontract, the Audit Partner will make a decision to accept or renewthe contract and authorize subordinates to prepare the auditcontract

1.2.1.2 Select the engagement team and agree on terms in the audit contract

Select the engagement team

When selecting an audit team, Deloitte wants to make surethat its customers will be provided with professional services byqualified and experienced auditors in the industry and without anyconflicts of interest Personal interests affect independence andintegrity The auditors have a professional attitude and skills, themembers of an audit contract will include members of theFinancial Statements Audit Team, Deloitte Internal Experts,Deloitte External Experts, and Client’s Internal Auditors

Figure 1.3: List of members participating in the audit contract

(Source: Documents from Deloitte Vietnam, 2020)

Specifically, in the capacity position, Deloitte suggests one ormore of the following requirements:

 Expertise in accounting standards and presentation

of financial statements;

 The calculation specialist;

 Capital market expertise;

 Information technology specialist;

 Valuation experts include intangible / valuables /business valuation experts;

 Forensic experts in fraud investigations;

 Specialist with appropriate audit and trainingexperience;

 Experts in industries;

 Tax experts include indirect / transfer / consolidationand mergers

Draft and agree on terms

At this step, Deloitte will calculate the cost of auditing based

on information such as the risk of audit contract, servicesaccompanying year-end financial statements, type and nature ofbusiness of customers, number of The amount and experience ofauditors participating in the audit, the corresponding number of

audit hours for each service of the audit member levels, therebyoffering an audit fee consistent with Deloitte's audit quality andaudit fees agreed with Deloitte Worldwide Next, Deloitte will send

an offer, including the audit plan and expected audit fee to thecustomer, in case the two parties agree that Deloitte is thecompany providing the financial statements audit service, theaudit contract will be made and signed

Based on the Commercial Code, the Law on IndependentAuditing, Vietnam Standards on Auditing VSA, and the agreementbetween Deloitte and the audit object, the audit contract includesthe following main contents:

 Information about the two parties to the contract ofservice;

 Content services;

 Laws and Standards;

 Responsibility of the parties;

 Providing audited financial statements;

 Retrospective modifications and interpretations;

 Audit implementation plan;

 Service fees and payment methods;

 Anti-corruption;

 Limitation of liability and compensation;

 General terms;

 The validity, language and duration of the contract;

 Signatures of representatives of both Parties

1.2.1.3 Collect customer information about business operations and the accounting cycle

After signing the audit contract, auditors begin collecting thenecessary information to plan the overall audit In accordance withVSA Auditing Standard No 300 on Auditing Planning (issuedtogether with the Circular No 214/2012 / TT-BTC dated December

6, 2012 of the Ministry of Finance), auditors need to gatherknowledge about business lines, customers' business, learn aboutaccounting system, internal control, and related parties to assessaudit risk and planning the audit

While looking for information on the industry and thebusiness of the customer, Deloitte auditors will identify howinternal and external factors affect the business activities of thebusiness?

Information about the environment and business activities

External business environment

 Overview of the socio-economic situation

The socio-economic information is the foundation for theestablishment and development, setting up short-term and long-term goals of the business, which has a relative impact on the

inherent risks which affect the business objectives that businessesare implementing Specifically, information is obtained fromreliable government sources, international survey and researchorganizations, depending on each audit, auditors may collectinformation such as: the growth rate of gross domestic product,the economic situation of agricultural, forestry and fisheryproduction, industrial production, service activities, state budgetrevenues and expenditures, investment activities , import andexport turnover of goods, consumer price index, and other fields ofeducation, health and society

 The clients’ market

Auditors need to find out information about the developmenttrend of the industry that clients are doing business in Vietnam,where the audit object is currently standing in the above business.This helps auditors to generally view the business trends of theindustry, predict the growth momentum or the difficulty of thebusiness, thereby pointing out the noticeable points whenconducting audit planning for items which are different or theeconomic indicators, ratios which are too large or too smallcompared to the industry average

 Applicable laws and regulations

Vietnam's laws, decrees or circulars and standards directlyaffect the identification of significant items and significantdisclosures in the financial statements, including the applicablefinancial statements Depending on the industry and the internaldocuments that are effective in the enterprise, auditors determinethe legal documents that are directly related to the accountingmethod of the enterprise, from Law to Decree, Circular and

regulations and internal regulations of the Group or theCorporation.

 Other external factors

A number of other external factors, in addition to those listedabove, bring vital information that determines the behavior andgoals of the business collected by auditors Such as those offoreign experts, analysts' forecasts about future cash flows, oropinions of financial experts on sensitive, misleading issues whenapply current laws and regulations

Internal business environment

 Business activities

The auditors need to investigate from reliable sources,whether on the internet or directly interview customers withinformation about: business lines, history of establishment,operation objectives of the Company, operation processes andcore business operations This helps auditors in preparation forspecific knowledge that when conducting financial statementsaudits, auditor must raise questions and explain the nature ofeconomic operations

 Business owner and governance structure

Depending on the type of business, auditors will collectinformation about the current capital contributors, majorshareholders of the business through a business license and thecompany's charter In addition, auditors will have to understandthe management structure and history of ownership transfer ifnecessary This helps auditors to know those who are concernedabout the financial transparency of the audit object, and to predict

the risks of misstatements or pressures that the management issuffering and letting misstatements occur on the financialstatements.

 Investing activities

Auditors will explore the portfolio of customers such as termdeposit bank investments, stock investments, bonds or equityinvestments in other companies The investment items on thefinancial statements usually do not exist much risk but account for

a large proportion of assets, auditors needs to make sure theinvestment purpose of the audit object is legitimate and serves theoverall goals of the business

 Financial activities

Similar to investing activities, auditors need to collectinformation about the parent company, subsidiaries of theenterprise, the percentage of shares and voting rate of the holdingcompany, the situation of stock announcement and dividendpayment, financial lease assets and situation of finance leasepayments

audited financial statements from customers so that the twoparties can keep up with the working schedule

 Business goals and strategies, and business risks thataffect the goals of the business

Auditors will explore short-term and long-term strategies ofthe business, and evaluate the completion of the goals and plans

on revenue, profits, and financial indicators of the business inprevious years and current fiscal year, and study the risks thatmay affect the business results of the audited financial year

Information about legal obligations of customers

 Establishment license and company charter

The study of these documents helps auditors understand theprocess of formation, operational goals and legal business areas ofthe unit as well as grasp the internal issues such as organizationalstructure, procedures for announcing stocks and bonds

 Minutes of meetings of shareholders, Board of Directorsand Board of Directors

These records often contain important information ondividends, approval of the merger or dissolution of attached units,purchase and sale, transfer of contributed capital, etc Through thestudy of these documents, the auditor will identify the datainfluencing the formation and honest presentation of information

on the financial statements

Before the audit is completed, the auditors need to checkand compare to confirm that the Board of Management hascomplied with and strictly followed the measures stated in theminutes of the Board of Directors or the General Meeting of

Shareholders and request the board of directors to provide theRepresentation letter in the financial statements that they haveprovided enough information about these minutes to auditors.

 Significant contracts and commitments

Contracts of sale or transfer of assets are the top concern inthe material sections when auditing financial statements Duringthis period, the auditors should have access to key customeractivities during the financial year, envisioning the legal aspectsthat influence the customer's financial situation

Related party information

In accordance with VSA Auditing Standard No 550 (issuedtogether with Circular No 214/2012 / TT-BTC dated December 6,

2012 of the Ministry of Finance) Related parties, related partiesare defined as components subordinate, the official owners of thecustomer company or any branch company, an individual ororganization with which the client company is related and theindividuals or organizations are capable of operating , control orhave a significant influence on the business policies andgovernance policies of the client company Therefore, therelationship and related party transactions may involve significantrisks of material misstatement of the financial statements, whichmay be higher or lower than similar risks with unrelated parties,depending on the nature of related party transactions Somenotable risks related to related party relationships andtransactions include:

 Related parties can operate through complex relationshipsand organizations, leading to the complexity of transactions

with related parties, leading to confusion in assessing thenature of the business transaction

 Either economic transactions with related parties are notcarried out in accordance with normal terms and conditions ofthe market, thereby leading to tax risks or other economicbenefits

According to the recognized accounting principles, the nature

of the relationship between related parties must be disclosed inthe financial statements by describing the economic transactionsarising between the parties Therefore, auditors need to collectinformation right from the preparation stage of planning to predictproblems that may arise in transactions and from that to plan anappropriate audit plan

Information about the accounting cycle

 Accounting policies applied at the enterpriseUnderstanding the accounting policies that the enterprise isapplying is considered a basic task in preparing the audit plan Theauditors should be familiar with the accounting policies inrecognizing economic transactions, paying special attention to thepolicies recording accounting estimates that the enterprise mayfalsify in terms of value or form of the transaction nature Typicalexamples are the recognition of contingencies, financialinstruments, intangible fixed assets, appropriation of funds fromafter-tax profits, etc Some principles of cost recognition, revenuerecognition, investments and tax recognition were also exploredand recorded by the auditors

 Accounting cycle of main business activities

This is a step where auditors can better understand theeconomic operations that are considered as the businessoperation of an enterprise, including what steps and how theaccounting is recorded Grasping this information, the auditor willunderstand the nature of the economic content of operations, and

at the same time, check the suitability and question whether thereexist gaps in the control points operating in the enterprise At thesame time, in each accounting cycle, the auditor will select a testsample for the design and operation of economic operationscarried out and properly recorded according to the accountingprocess that the business has provided Some accounting cyclesneed to be evaluated at most customers, such as: the accountingcycle recognizes revenue, the accounting cycle records theprovisions, the accounting cycle records cost of goods sold oroperating expenses

1.2.1.4 Understand internal control

Studying the customer's internal control and assessingcontrol risk is a very important part that auditors must performwhen preparing the financial statements auditing plan, this ispresented in the second paragraph In auditing standards,extracted from generally accepted auditing regulations (GAAS)published by AICPA: auditors need to gather a full understanding

of the object and the object environment, including internalcontrol, to assess the risks of material misstatement in thefinancial statements due to fraud or errors, and to design thenature, time and scope of future audit procedures Internal control

in a business explored by Deloitte includes the following elements:

Control environment

The environment is a decisive factor in how the internalcontrol is organized, including organizational ethical and culturalcharacteristics, and whether operation and monitoring are focused

by management and the levels within the company workingtogether for a common goal The control environment is alsoconsidered to be effective when management is concerned withhiring practices, training, corporate structure, and accountability ofstaff levels

Risk assessment process

Auditors need to understand how the business itself willassess the material risks that may occur, including the estimation

of material importance and the degree of certainty of occurrence.After identifying and assessing risks, businesses need todetermine what is the next step? What control points can addressidentified risks?

IT system

Finding out IT system is carried out by IT experts at Deloitteand reported to the Audit Manager It is essential for the auditteam members to know this information in order to have acomprehensive understanding of how the information is operated,shared and analyzed among departments within the enterprise,how accounting information is transferred and presented in theFinancial Statements

Control activities

Control activities are defined as control policies andprocedures, supplemented and perfected in a control environment,and established to help businesses achieve specific goals

Monitoring control activities

The operation of the checkpoints can be supervised by thecontroller, or the head, chief financial officer, and today arecommon in GCs and large corporations that are audit committees

If control points are designed but not working properly, they candisrupt business goals, so auditors need to consider the level ofmonitoring of control pins to assess their reliability on internalcontrol and planning the test of controls and substantive tests

1.2.1.5 Determine materiality

In an audit, the overall task of auditors is to providereasonable assurance that the financial statements are free frommaterial misstatements So what is the key question and how is itdetermined?

Deloitte applies a specific guidance on the determination ofmateriality throughout the financial statements and thisdetermination is an indispensable part of establishing a generalaudit strategy, in particular, the works that auditors need to beperformed including :

Determine the value of the estimated item on the financial statements as the criteria to calculate the materiality

If the financial statements for the auditing period are notavailable, the auditors may determine the value of the estimateditems on the financial statements In such situations, the auditorsshould take into account the effects of known or expected changes

in the customer's financial statements, including significant

transactions or adjustments expected to be reflected in thefinancial statements at the end of the period.

The auditors will then need to reassess the established level

or materiality and the actual performance materiality, because ofchanges in specific circumstances or additional information thatdraw attention to the materiality, when there is a possibility of asignificant deviation in the value of the difference from the initiallycalculated materiality will affect the decision of the financialstatements’ users

Indicators to determine materiality

Identify indicators for materiality related to the performance

of professional assessments performed by experienced auditors.The percentage is usually applied to the standard (item value)chosen as the starting point in determining the materiality of thefinancial statements in general Factors that may affect thedetermination of appropriate standards include:

• Financial statements factors (e.g assets, liabilities, equity,revenue, expenses);

• The items on the financial statements receive the attention

of users according to the direction of evaluating financialindicators (for example, users focus on the purpose of assessingfinancial efficiency that users may be inclined to focus on profit,revenue or net assets);

• Nature of the business, the current stage of the businesslife cycle, and the industry and economic environment in which thebusiness operates;

• Ownership structure of a business and how its assets arefinanced (for example, if a business is financed only by debtinstead of equity, users can focus more on assets rather thanincome);

• The relative volatility of the standard

Some examples of eligibility criteria, depending on thecircumstances of the entity, include the types of income reportedsuch as profit before tax, total revenue, gross profit and totalexpense, total equity or net assets

Determine Materiality

The goal of auditors is to apply the essential conceptappropriately in the planning and implementation of audits Whenestablishing an overall audit strategy, auditors must determine themateriality of the entire financial statements

The following guidelines are provided for the reference ofdetermining the appropriate percentage applied to the selectedstandard (s) for determining materiality:

• 5 - 10% of profit before tax

• 0.8 - 5% of revenue

• 1 - 2% of total assets

• Up to 3 percent of total equity or net assets

• 3 - 5% of the cost

• 3 - 5% percent of cash flow from operating activities

Other percentages may be used based on the professionaljudgment of the Senior In Charge

Criteria for determining materiality for listed companies

For audited financial statements of listed companies, pre-taxprofits from continuing operations are often of great interest toinvestors because income is what used to predict future stockprices and the ability to pay dividends For listed companies,Deloitte usually takes a value of 5-10% of its pre-tax profit fromcontinuing operations to determine its materiality Other ratiosmay be used based on the professional judgment of the SIC.

Estimating Misstatements

In order to make an appropriate estimate of themisstatements that Deloitte predicts and believe that themanagement will report inaccurately and cannot be adjusted inthe financial statements, auditors may consider the followingfactors:

• Understanding of the business and its environment;

• The reliability of internal control over the financialstatements (for example, when the reliability of internal controldecreases, the probability of material misstatements mayincrease);

• Higher risk of fraud or ineffective entity-level control (forexample, culture and business ethics, ineffective managementcontrol, accountant capacity, difficulties in collecting auditevidence);

• History of uncorrected material misstatements;

• The possibility of unforeseen misstatements from theprevious period will recur in the current period;

• The expected increase in accounting matters requires moresignificant judgment and / or judgment in accounting estimates;

• Unusually high earnings for a key manager or accountant;

• Centralization level and common processes/controls;

• Increased customer risks (for example, due to the generalgrowth trend of the industry, market pressure, intra-corporatebenefits);

• Any change in the business will affect the ability to predictpotential misstatements;

• The management is available to investigate and correctmisstatements identified during the current audit period

For example, misstated items in history may ariseinsignificantly In the current period, the enterprise is acquiring anew activity involving complex derivative financial instruments, anarea in which the enterprise has little experience As a result ofinvesting in new financial instruments, the expected overallmateriality during this period may be set above that of theprevious audit

Determine Performance Materiality (PM – Performance Materiality)

Deloitte will determine the performance materiality bysubtracting the total number of misstatements predicted andbelieved by auditors that management will not be able to correct

in the financial statements It is important that the audit works arebased on the value of the PM to perform test of details, particularlywhen assessing whether an item is material or when calculatingthe sample size to perform substantive tests

PM is the materiality to perform when conducting audits andshows professional prudence of auditors, so PM should be carefullycalculated based on professional judgments of experiencedauditors, PM calculation formula at Deloitte:

PM = M – EM

In which: EM is the misstatements that cannot be corrected

by the manager, it will be calculated based on the total number ofmisstatements made in the previous year that the clients did notcorrect it plus the misstatements collected by auditors during thepreparation of audit plan phase Accordingly, if it is impossible toidentify EM, or in other words, the manager can correct allmisstatements in the financial statements, the performancemateriality must always be less than the overall Materiality toensure professional prudence

Determine performance materiality for specific industries

When determining PM for for-profit businesses, uncorrectedmisstatements relate to indicators for evaluating materiality M,including pre-tax profit from continuing business activities Whendetermining PM for other specific businesses, Deloitte will useuncorrected misstatements related to the financial statementsrather than the profit before tax (such as misstatements related toexpenses will be used to calculate PM for non-profit targetbusinesses), but also consider their impact on net profit The totalnumber of uncorrected misstatements may also be calculatedbased on misstatements that the manager did not agree with orcould not correct in previous audits

Determine clearly trivial threshold (CTT – Clearly trivial threshold)

Clearly trivial threshold is defined as the threshold valuewhen misstatements appear smaller than CTT, auditors can ignoreand do not conduct any further investigation since they do notsignificantly affect the financial statements However, amisstatement considered trivial does not mean that it is not