Key Takeaways
- ISA 540 (Revised), effective for periods beginning on or after 15 December 2019, is a substantial overhaul of the original standard, driven by the introduction of IFRS 9 (expected credit losses), IFRS 13 (fair value), IFRS 15 (revenue), and IFRS 16 (leases). It is one of the most complex ISAs and a primary focus of regulatory inspections.
- The standard introduces three inherent risk factors for accounting estimates: estimation uncertainty (lack of measurement precision), complexity (of the estimation process), and subjectivity (limitations in data or knowledge). These factors interact and collectively determine where the estimate falls on the spectrum of inherent risk.
- Risk assessment is granular: the auditor must separately assess inherent risk and control risk for each accounting estimate at the assertion level, and the nature/timing/extent of further procedures must be directly linked to those assessments.
- The auditor has three approaches to obtaining evidence: (a) testing how management made the estimate (methods, data, assumptions), (b) developing an independent auditor's point estimate or range, or (c) examining events occurring up to the date of the auditor's report that provide evidence about the estimate.
- Management bias receives significantly enhanced attention. The auditor must evaluate indicators of bias throughout the audit, considering whether assumptions, methods, or data selection reveal a pattern favouring a particular outcome. The "stand-back" requirement at the end forces the auditor to evaluate all evidence holistically for bias.
- Documentation requirements are explicitly expanded: understanding of the entity, linkage of procedures to risks, response to estimation uncertainty, indicators of management bias, and significant judgments must all be documented.
What is ISA 540 (Revised)?
ISA 540 (Revised), titled "Auditing Accounting Estimates and Related Disclosures," addresses one of the most challenging areas in modern auditing. Accounting estimates — from bad debt provisions to fair value measurements, from lease liabilities to insurance contract reserves — are inherently uncertain. They require management judgment, often involve complex models, and are susceptible to bias.
The 2018 revision was driven by the recognition that modern financial reporting frameworks increasingly rely on forward-looking information and complex measurement models. The standard applies to all accounting estimates, from simple depreciation calculations (low risk) to complex Level 3 fair value measurements (potentially very high risk). It is designed to be scalable.
The Three Inherent Risk Factors
ISA 540 (Revised) formalises three factors that drive the risk profile of any accounting estimate:
| Factor | Definition | Examples |
|---|---|---|
| Estimation uncertainty | Susceptibility to an inherent lack of precision in measurement | Expected credit losses under IFRS 9 (future cash flows are uncertain); provisions for litigation (outcome uncertain); useful lives of assets (judgment required) |
| Complexity | The complexity inherent in the estimation process — including the method, model, and data | Complex financial instruments requiring pricing models; insurance contract liabilities; multi-variable impairment models |
| Subjectivity | Inherent limitations in the data or knowledge reasonably available about the attribute being measured | Fair value of unquoted investments; management's assessment of obsolete inventory; the selection of discount rates or growth assumptions |
These factors interact. An estimate with high estimation uncertainty, high complexity, and high subjectivity falls at the extreme end of the spectrum of inherent risk and requires the most extensive audit work.
The Spectrum of Inherent Risk
A central concept in ISA 540 (Revised) is that inherent risk varies on a spectrum — it is not simply "high, medium, or low." The auditor assesses where each estimate falls on this spectrum based on how the three risk factors (plus other factors like change and susceptibility to fraud) affect the likelihood and magnitude of misstatement.
The higher the estimate sits on the spectrum, the more rigorous the required procedures:
- Low end of the spectrum — simple estimates with low uncertainty, low complexity, low subjectivity. The auditor may determine that one or a few specific procedures provide sufficient evidence. Example: straight-line depreciation on a building with a clearly determinable useful life.
- High end of the spectrum — complex estimates with significant uncertainty, requiring sophisticated models, involving forward-looking assumptions subject to management judgment. The auditor needs extensive, multi-faceted procedures, heightened scepticism, and detailed documentation. Example: expected credit losses on a loan portfolio using multiple economic scenarios.
Risk Assessment Requirements
ISA 540 (Revised) requires a thorough understanding of:
The entity's accounting estimates — what estimates are required by the framework, how management identifies them, and what methods, assumptions, and data are used.
The entity's internal controls — what controls management has over the estimation process, including controls over data completeness and accuracy, review and approval of assumptions, model validation, and segregation of duties in the estimation process.
How management addresses estimation uncertainty — has management considered alternative assumptions? Has it performed sensitivity analysis? Has it disclosed estimation uncertainty appropriately?
Prior-period estimates — the auditor must perform a retrospective review of prior-period estimates to evaluate management's estimation process and identify indicators of management bias. This is a key scepticism tool: if management consistently makes estimates that are later proven to be optimistic, that pattern indicates bias.
Three Approaches to Audit Evidence
ISA 540 (Revised) provides three approaches (or a combination) for obtaining evidence:
Approach 1: Testing how management made the estimate
The auditor evaluates management's method (is it appropriate for the framework?), data (is it complete, accurate, and relevant?), and assumptions (are they reasonable, internally consistent, and supported by evidence?).
This is the most common approach. The auditor traces the estimate through from underlying data to final figure, challenging each element.
Approach 2: Developing an auditor's point estimate or range
The auditor independently develops their own estimate — using different data, different assumptions, or a different model — and compares it to management's figure. If the auditor develops a range, management's estimate must fall within it.
This is particularly useful when the auditor has access to independent data or models, or when management's process is not well-controlled.
Approach 3: Events occurring up to the date of the auditor's report
Some estimates can be partially or fully resolved by events that occur after the reporting date but before the auditor signs the report. For example, a provision for a legal claim may be settled; inventory recorded at NRV may be sold; a receivable may be collected or written off.
This provides direct evidence about the estimate but may not be available for all estimates, and the auditor must consider whether conditions changed between the reporting date and the resolution date.
Management Bias
ISA 540 (Revised) significantly strengthens requirements around management bias. Bias is defined as a lack of neutrality by management in preparing information.
Management bias can manifest in many ways: consistently choosing assumptions at the optimistic end of a reasonable range, selecting methods that favour a particular outcome, changing methods between periods without transparent disclosure, or applying different levels of conservatism to different estimates in a way that collectively favours the desired result.
The auditor must:
- Evaluate indicators of bias throughout the audit — not just at the end.
- Consider whether the cumulative effect of management's choices across all estimates suggests a pattern of bias.
- Stand back at the end and evaluate whether the accounting estimates and disclosures, taken as a whole, are reasonable or are misstated.
The "stand-back" requirement is not optional
ISA 540 (Revised) introduces an explicit stand-back requirement: before concluding on accounting estimates, the auditor must step back and evaluate whether, based on all audit evidence obtained (both corroborative and contradictory), the estimates and disclosures are reasonable or misstated. This is designed to counteract the natural tendency to test each estimate in isolation and miss patterns of bias that only become apparent when you look at the whole picture. Regulators specifically look for evidence that this stand-back evaluation was performed and documented.
Disclosures
ISA 540 (Revised) explicitly requires the auditor to obtain evidence about disclosures related to accounting estimates — not just the numerical amounts. This includes disclosures about estimation uncertainty, the methods and assumptions used, sensitivity analysis, and changes in methods from prior periods. Many frameworks (particularly IFRS) require extensive disclosure about how estimates were made, and inadequate disclosures are themselves misstatements.
Documentation
ISA 540 (Revised) explicitly requires documentation of:
- Key elements of the auditor's understanding of the entity's estimates, including internal controls.
- The linkage of further audit procedures to assessed risks at the assertion level.
- The auditor's response where management has not adequately addressed estimation uncertainty.
- Indicators of management bias, if any, and the auditor's evaluation of implications.
- Significant judgments about whether estimates and disclosures are reasonable or misstated.
ISA 540 (Revised) in Your Jurisdiction
Netherlands. COS 540 follows ISA 540 (Revised) closely. The AFM has identified accounting estimates — particularly expected credit losses, fair value measurements, and goodwill impairment — as a persistent area of audit quality concern. AFM inspections focus on whether auditors have sufficiently challenged management's assumptions, performed adequate retrospective review, and documented indicators of management bias.
Germany. IDW PS 540 adapts ISA 540 (Revised). German practice, with its focus on the Prüfungssicherheit tradition, emphasises detailed documentation of the auditor's evaluation. The WPK's inspections examine whether the auditor's approach is proportionate to the risk on the spectrum and whether retrospective reviews are systematically performed.
United Kingdom. ISA (UK) 540 (Revised December 2018) is substantively aligned with ISA 540 (Revised) with additional UK-specific guidance. The FRC has consistently identified the audit of estimates as the single most significant area of audit quality concern — particularly insufficient challenge to management's assumptions, inadequate testing of data used in models, failure to evaluate management bias holistically, and insufficient attention to disclosures.
France. NEP 540 implements ISA 540 (Revised). French practice requires the commissaire aux comptes to document the evaluation of accounting estimates in the rapport de synthèse, with specific attention to provisions (provisions pour risques et charges) and fair value measurements. The H3C's inspections focus on the adequacy of procedures for complex estimates.
Related Ciferi Content
Continue building your understanding of the ISA framework:
Put audit concepts into practice with these free tools:
Frequently Asked Questions
Does ISA 540 (Revised) apply to simple estimates like depreciation?
Yes — the standard applies to all accounting estimates. However, it is designed to be scalable. For simple estimates where estimation uncertainty, complexity, and subjectivity are all low, the required procedures will be proportionally less extensive. The auditor may conclude that one or a few targeted procedures are sufficient.
What is a retrospective review?
The auditor examines the outcome of prior-period accounting estimates (or their subsequent re-estimation) to identify patterns in management's estimation process. If management's estimates have consistently been at the optimistic end of the range and the actual outcomes were less favourable, that pattern indicates potential management bias.
How does the auditor evaluate whether an estimate is "reasonable"?
The auditor considers whether the method is appropriate under the framework, the assumptions are reasonable (supported by evidence and internally consistent), the data is complete and accurate, and the disclosures comply with the framework. If the auditor develops a range, management's point estimate should fall within it. If it falls outside, the difference is likely a misstatement.
What if management's estimate is at the extreme end of a reasonable range?
An estimate at the boundary of the auditor's acceptable range is not automatically a misstatement, but it may be an indicator of management bias — particularly if multiple estimates are consistently at the boundary that favours management's preferred outcome. The auditor must evaluate the cumulative effect.
Further Reading and Source References
- IAASB Handbook 2024 — ISA 540 (Revised) full text — The authoritative source including all application material and Appendix 1 (examples of accounting estimates).
- ISA 315 (Revised 2019) — Identifying and Assessing Risks of Material Misstatement — the risk assessment framework that underpins ISA 540's approach.
- ISA 500 — Audit Evidence — relevant to evaluating information used in estimates, including from external sources and management's experts.
- ISA 240 — The Auditor's Responsibilities Relating to Fraud — relevant when management bias amounts to fraudulent financial reporting.