TOPIC5:MATERIALITY&AUDITEVIDENCE
TOPIC6:AUDITPROGRAM,DOCUMENTATIONTestofControls
Make inquires of client personnel Inspect documents, records and reports (e.g. policy and
systems manuals) Observe activities and operations related to controls
Re-perform client procedures SubstantiveTesting: Testdollarmisstatementsdirectlyaffectinggeneralledger
TOPIC7:INTERNALCONTROLSControls and Procedures
Control Procedure to test operating effectiveness Purchase order signed by staff
• Select sample of purchase orders • Check appropriate staff member has signed
Receiving Report Completed
• Select sample of goods received and match to Receiving reports
Matching Purchase Order, Receiving Report and Supplier Invoice
• Select sample of payments and vouch to 3 way match documents • Check for indicators that matching conducted • Occurrence
Payment Approved • Select sample of payments – check approval is present • Cheques: proof that cheque matches 3 way matched documents • EFT – approval codes
Types of Audit Evidence Example
Physical Examination
Inspection/count of tangible assets: Direct means of verifying asset existence Ø Distinction with Documentation: object being examined
has no inherent value e.g. invoice
Before cheque is signed = document Signed Cheque = Asset Cancelled Cheque = document
Confirmation
Written/oral response from independent third party verifying accuracy – used in non-current asset additions
Confirmation not required for any other than Accounts Receivable
ASA 505 Positive confirmation: Return confirmation in all circumstances Negative confirmation: Respond only when incorrect
Documentation Examination of documents and records to substantiate information that is or should be included in financial statements
Customer orders, shipping documents, duplicate sales invoices – useful evidence for verification of accuracy of client’s records
Observation Use of senses to assess certain activities – sight hearing, touch and smell to evaluate wide range of items
Observe whether equipment is rusty to evaluate whether obsolete, watch individual perform accounting tasks
Inquiries of client
Written or oral information from client in response to questions from auditor ASA 580: normally necessary to obtain further corroborating evidence through other procedures
Recalculation Rechecking sample of calculations – checking arithmetical accuracy through computer assisted audit software
Extending sales invoices, inventory, adding journals and subsidiary records, checking calculation of depreciation and prepaid expenses
Re-performance
Vouching: Using documentation to support recorded transactions or amounts – sourcing originals
Tracing: Independent tests of accounting procedures or controls by retracing steps
Compare price of invoice to price list, re-perform aging of accounting receivable
Analytical Procedures
Comparisons/relationships to assess whether account balances or other data appear reasonable - Sometimes used to isolate accounts or transactions that should be investigated more extensively
Comparing gross margin % with preceding year
Key Controls Typical Test of Control Automated credit approval per credit limit
Examine sample of sales invoices and compare customer order with credit limit (re-performance)
Sales supported by authorized shipping documents and approved customer orders attached to duplicate sales invoice
Examine sample of duplicate sales invoices to determine each is supported by authorized shipping document and approved customer order (documentation)
Separation of duties between billing, recording sales, handling cash receipts
Observe personnel responsible for handling cash having no accounting responsibility and inquire as to duties (observation and inquiry)
Shipping documentations forwarded to billing daily and billed subsequent day
Observe whether forwarded daily and when billed (observation)
Audit Evidence Test of Transactions
Verifying specific transactions from journals from general ledger
Vouch back: Occurrence Trace forward: Accuracy and Completeness Documentation, Inquiries of Client
Analytical Procedures (Comparison/ aggregation)
Trend analysis, Data comparisons to budget, industry or prior years, ratio analysis: Ratios identify unusual patterns: reveal risks/possible misstatements from unusual relationships
Inquiries of Client
Test of details of Balances
Involves balance sheet accounts – cash and A/R, main focus on ending general ledger balances for both balance sheet and income statement
Confirmation (Customer balances), Re-performance, Recalculation, Documentation, Inquiries of Client Physical Examination (Inventory)
Control Deviation
Where control found to not operate according to design
Tolerable Deviation Rate
Rate of deviation auditor willing to tolerate
Test of Controls
Control Testing Procedures – find deviations
Calculate Actual Deviation Rate
Assumed to be projected onto population
Evaluation Investigate source of deviation – one off of systematic issue? Collect another sample and re-perform test – is issue still present? If Actual Deviation > Tolerable = adjust CR, DR and Audit Strategy
Build Rapport
Control to prevent misstatement on Completeness, Accuracy, and
Occurrence
LOW, MEDIUM, HIGH
à Less substantive testing
ASA 315: Understanding the Internal Control
ASA 315: Components of Internal Control
CONTROL ENVIRONMENT
- Company foundation - Organisational Culture - Hierarchy/Structure - Management philosophy - Hiring choices
RISK ASSESSMENT - Management assessment of BUSINESS RISKS – what will prevent achieving objectives
- Audit perspective: how frequently managers assess risk, at what levels e.g. executive level: dependent on industry
Reactive Proactive
CONTROL ACTIVITIES
- Primary auditor concern - Activities prevent/detecting
material misstatements BUSINESS DECISIONS: Minimize Occurrence Minimize Impact Insure against: policy Avoid Risk: e.g. location Do nothing
Separation of duties: authorization, access to assets, recording transactions à minimize possibility of fraud Authorization: different levels, quotes Independent Checks: Monitoring/Review Adequate Records: Pre-numbered - completeness
INFORMATION & COMMUNICATION
- IT - Information collected about
organisation
MONITORING - Overview - Monitoring Controls, Risks
and Environment through Information System
E.g. bank reconciliation Security checks Controls operate as intended: key issue in targeting misstatements i.e. if controls stop working – efficiency in identifying problem
Top Related