What’s the Difference Between an Audit Plan and Audit Strategy?
Strategy (scheme, approach or a line of attack) is the projection of intelligence into the sphere of action. Whereas plan (arrangement) regroups the various steps to be used for the efficient execution of the strategy at various stages
First you have to decide how you are going to tackle the audit. That’s the big picture. It could be that you decide there are no good internal controls. Your strategy would then be to not do any TOCs and concentrate on substantive procedures. Having decided that then you have to plan how you will use substantive procedures to get sufficient appropriate audit evidence.
If your strategy is not to do any tests of control, then the detailed plan will take that into account as you plan.
It about understanding the entity’s environment, the relevant financial reporting or legal framework, understanding the accounting and internal control systems, risk and materiality, the nature, timing and extent of audit procedures and co-ordination, supervision and review of audit work.
Plan is a description of the nature, timing and extent of planned risk assessment, procedures sufficient to assess the risks of material misstatement
It is also a description of the nature, timing and extent of planned further audit procedures at the assertion level, for each material class of transactions, account balance and disclosure. It is a more detailed version of the audit strategy which includes the nature, timing and extent of audit procedures to be performed in order to reduce audit risk to a acceptably low level.
A plan is basically "what to do" while a strategy is "how to do it" Strategy is the proposal level while plan is the programming level, the outcome of which is an audit
First you have to decide how you are going to tackle the audit. That’s the big picture. It could be that you decide there are no good internal controls. Your strategy would then be to not do any TOCs and concentrate on substantive procedures. Having decided that then you have to plan how you will use substantive procedures to get sufficient appropriate audit evidence.
If your strategy is not to do any tests of control, then the detailed plan will take that into account as you plan.
It about understanding the entity’s environment, the relevant financial reporting or legal framework, understanding the accounting and internal control systems, risk and materiality, the nature, timing and extent of audit procedures and co-ordination, supervision and review of audit work.
Plan is a description of the nature, timing and extent of planned risk assessment, procedures sufficient to assess the risks of material misstatement
It is also a description of the nature, timing and extent of planned further audit procedures at the assertion level, for each material class of transactions, account balance and disclosure. It is a more detailed version of the audit strategy which includes the nature, timing and extent of audit procedures to be performed in order to reduce audit risk to a acceptably low level.
A plan is basically "what to do" while a strategy is "how to do it" Strategy is the proposal level while plan is the programming level, the outcome of which is an audit