Technical Guide on the Digital Assurance- ICAI

Technical Guide on the Digital Assurance- ICAI

Executive Summary

Standards on Auditing (SAs) require the auditor to obtain sufficient appropriate audit evidence to be able to draw reasonable conclusions on which to base the auditor’s opinion. The relevant requirements and guidance for the auditors are prescribed in SA 500, “Audit Evidence”.

Audit evidence includes both information contained in the accounting records underlying the financial statements and information obtained from other sources such as “information obtained from external sources”. The audit evidence obtained from external sources plays an important role in the audit process.

Advancements in technology in recent years have improved accessibility and expanded the volume of information available to entities and their auditors from traditional to recently developed external sources. Information from recently developed, non-traditional external sources, such as web data aggregators and social media platforms, are becoming more prevalent.

If the auditor plans to use external information as audit evidence, the auditor is required to evaluate the relevance and reliability of the information, regardless of whether it has been used by the entity (auditee) in preparing the financial statements or obtained by the auditor. Judgement may be required in determining whether the external information is suitable for use by a broad range of users, taking into account the ability of the entity (auditee) to influence the external information source. Judgement
may be required in determining whether the external individual or organisation is acting as an external information source or as a management’s expert.

Factors that are important while considering the relevance and reliability of information obtained from the external source include the nature and authority of the external information source; independence of the data; competence and reputation of the external information source w.r.t external information; auditor’s past experience with reliability of information; market acceptability of data source; whether information has been subject to review or verification; alternative information that may contradict the information; nature and extent of the disclaimers/ restrictive language relating to information; methods used in preparing information; appropriateness of assumptions and other data.

When the auditor does not have a sufficient basis with which to consider the relevance and reliability of information from an external information source, the auditor may have a limitation on the scope if sufficient appropriate audit evidence cannot be obtained through alternative procedures.

An auditor may use digital information from external sources across various phases of the audit. Few examples of cases of how electronic/digital information from external sources can be used in audits are provided in this guidance.

Read More

Read More on ICAI