What is Audit Planning?
ISA 300.2 frames planning as the foundation of an effective audit. It is not a single step completed at the start of the engagement — it is a continuous process that begins before fieldwork and runs through to the opinion.
Planning has two components. The overall audit strategy (ISA 300.7) sets the scope, timing, direction, and resourcing of the engagement. The detailed audit plan (ISA 300.9) translates that strategy into specific audit procedures to be performed at the assertion level. The strategy is the "what and why"; the plan is the "how."
ISA 300.10 requires the auditor to update the strategy and plan as the audit progresses. New information, unexpected findings, or changes in assessed risk may each require revision. Planning is iterative — the initial plan is a starting point, not a fixed deliverable.
ISA 300.5 requires the engagement partner to be involved in planning. This means participating in setting the strategy and key planning decisions, not reviewing a plan the team has already prepared. The partner's involvement must be contemporaneous with the planning process, not retrospective.
Key Points
- Two components: overall audit strategy (ISA 300.7) and detailed audit plan (ISA 300.9).
- Iterative, not static — ISA 300.10 requires updates when new information emerges during the audit.
- Engagement partner must participate in planning, not just review the output (ISA 300.5).
- Planning is continuous — it begins before fieldwork and runs through to the opinion.
Why it matters in practice
The AFM has repeatedly flagged files with no evidence of partner involvement in planning. The partner's sign-off on the completed planning memorandum does not satisfy ISA 300.5. Inspectors look for evidence that the partner was involved in making planning decisions — not just approving them after the fact.
Many files show static plans that were never updated during the engagement. The initial planning memorandum is dated in September, fieldwork runs through February, and the plan shows no revisions despite new information emerging during testing. ISA 300.10 requires the auditor to revise the strategy and plan when circumstances change, with a documented link between the triggering event and the revision made.
A planning memorandum that reads identically to the prior year — with only dates and figures updated — signals that planning was treated as a roll-forward exercise rather than a fresh assessment of current-year risks and circumstances.
Key standard references
- ISA 300.2: Planning as the foundation of an effective audit.
- ISA 300.5: Engagement partner involvement in planning.
- ISA 300.7: Establishing the overall audit strategy.
- ISA 300.9: Developing the detailed audit plan.
- ISA 300.10: Updating the strategy and plan during the audit.
Related terms
Related tools
Related reading
Frequently asked questions
What is the difference between the audit strategy and the audit plan?
The strategy (ISA 300.7) sets scope, timing, direction, and resourcing at the engagement level. The plan (ISA 300.9) translates that strategy into specific procedures at the assertion level. The strategy is the 'what and why'; the plan is the 'how.'
Must the engagement partner be involved in planning?
Yes. ISA 300.5 requires the partner to participate in planning — not just review a plan the team prepared. The partner must be involved in setting the strategy and key planning decisions before those judgments are made, not after.