23
Audit Risk, Audit Planning and Test of Controls – Course 6 –

Curs 6 Audit

Tags:

Embed Size (px)

DESCRIPTION

Audit

Citation preview

  • Audit Risk,

    Audit Planning and Test of Controls

    Course 6

  • Understanding, Assessing and

    Testing Internal Controls

    Assessment of control risk includes three steps:

    (1) Obtaining an understanding of internal controls culminating in documentation of the controlsthe controls

    (2) An initial assessment and response to assessed risk based on the design of internal controls culminating in an audit planning memorandum and audit plan (audit program).

    (3) A final assessment based upon test of controls of operating effectiveness

  • Illustration

  • Audit Risk, the risk that the auditor gives a wrong opinion based on

    the evidence, has three components: inherent risk, detection risk,

    and control risk

  • Procedures to obtain an understanding

    Procedures to obtain an understanding are

    procedures used by the auditor to gather

    evidence about the design and placement evidence about the design and placement

    in operation of specific control policies and

    procedures.

  • Information System Understanding

    The auditor should obtain an understanding of the

    information system in the following areas:

    The classes of transactions significant to the financial

    statements.

    The procedures by which those transactions are

    initiated, recorded, processed and reported in the initiated, recorded, processed and reported in the

    financial statements.

    The related accounting records,

    How the information system captures events and

    conditions,

    The financial reporting process used to prepare the

    entitys financial statements

  • Documentation of

    the Understanding of

    internal control

    (1) The discussion among the audit team regarding the susceptibility of the entitys financial statements to material misstatement due to error or fraud.

    (2) The understanding obtained regarding each of the internal control components, the sources of information for the understanding, and the risk assessment procedures.

    (3) The results of the risk assessment both at (3) The results of the risk assessment both at the financial statement level and at the assertion level.

    (4) The controls evaluated as a result of identification of significant risks and risks for which it is not possible to reduce risks of material misstatement.

  • Common documentation

    techniques narrative descriptions

    a written description of a client's internal control structure

    internal control questionnaire

    a series of questions about the controls in each audit a series of questions about the controls in each audit area mostly require yes or no

    check lists

    a list of controls that should normally be in place

    flow charts

    a symbolic, diagrammatic representation of the clients documents and their sequential flow in the organization.

  • Steps in Assessing Control Risks

    Determine financial statement assertion about significant account balances and transactions.

    E.g., completeness of payables balance

    Based on the assertions, determine audit objectives

    E.g., 'all accounts payable are recorded'

    For each of these audit objective determine if you can For each of these audit objective determine if you can rely on internal controls

    E.g.,is the initial recording of purchase orders reviewed

    Identify the relevant internal controls for the most material financial statement assertion or audit objective

    E.g., completeness review cash disbursements after balance sheet date for unrecorded liabilities

  • When assessing controls the auditor looks for weaknesses in the

    controls for two reasons:

    to determine the nature and extent of the substantive tests to be performed

    to formulate constructive suggestions for to formulate constructive suggestions for improvements.

    A management letter will contain communications of reportable conditions that are significant deficiencies in internal control

  • Weaknesses in internal control are the

    absence of adequate controls, which

    increases the risk of misstatements existing

    in the financial statements.

    controls do not exist at all where there should

    be controls

    controls are not operating properly.

    In some cases, the presence of the

    weakness might be so important or

    pervasive that it may materially affect the

    financial statements. This is called a

    material weakness in internal control.

  • A four-step approach to identify significant weaknesses is sometimes recommended:

    1 Identify existing controls.

    2 Identify the absence of key controls (where controls are lacking).

    3 Determine potential material misstatements that could result.

    4 Consider the possibility of compensating controls. A compensating control is one elsewhere in the system that offsets a weakness.

  • If internal controls

    are assessed below

    the maximum (at

    medium or low risk)

    the assessment must the assessment must

    be supported by

    tests of control.

  • Overall response to assessed risk may include

    (1) emphasizing to the audit team the need to maintain professional skepticism in gathering and evaluating audit evidence

    (2) assigning more experienced staff or assigning staff with special skills or using assigning staff with special skills or using experts.

    (3) providing more supervision.

    (4) incorporating additional elements of unpredictability in the selection of further audit procedures to be performed.

  • NET Nature - Extent

    and Timing

    Nature of audit procedures refers to both their purpose (tests of controls or substantive procedures) and their type (inspection, observation, inquiry, confirmation, recalculation, reperformance, or analytical procedures ).recalculation, reperformance, or analytical procedures ).

    Extent generally means the quantity of an audit procedure to be performed (e.g., the size of an audit sample or the number of observations).

    Timing refers to when audit procedures are performed or the period or date to which the audit evidence applies.

  • The Audit Planning Memo Includes

    Background information

    The objectives of the audit

    The assessment of engagement risk and potential

    follow-up

    An identification of other auditors or experts that will An identification of other auditors or experts that will

    be relied upon in the audit

    An assessment of materiality.

    Inherent risks

  • Audit Planning Memo Also Includes

    Conclusions regarding the control environment

    Classification of the clients CIS environment

    An evaluation of the quality of the accounting and

    internal control systems

    Audit approach for each account balance and audit Audit approach for each account balance and audit

    objective for which an inherent risk has been

    identified.

    The timing and scheduling of audit work.

    Audit budget, detailed for each level of expertise

    available in the audit team.

  • Audit Plan (Audit Program)

    The auditor should develop an audit plan in order to implement the overall audit strategy.

    The audit plan (program) The audit plan (program) serves as a set of instructions to assistants involved in the audit and as a means to control and record the proper execution of the work. (Illustration 8.9)

  • Tests of Controls

    TESTS OF CONTROLS are audit procedures to

    test the effectiveness of control policies

    and procedures in support of a reduced

    control risk.

  • Tests of controls are necessary in two circumstances. (2006

    ISA 500 not in text)

    1. When the auditors risk assessment includes

    an expectation of the operating effectiveness

    of controls, the auditor is required to test

    those controls to support the risk those controls to support the risk

    assessment.

    2. When substantive procedures alone do not

    provide sufficient appropriate audit

    evidence, the auditor is required to perform

    tests of controls to obtain audit evidence

    about their operating effectiveness.

  • Timing of Tests of

    Controls

    The timeliness of evidential matter is about when the

    evidence was obtained and the portion of the audit

    period to which it may be applied.

    some tests of controls, such as observation of inventory,

    pertain only to the point in time at which the auditing pertain only to the point in time at which the auditing

    procedure was applied

    the auditor performs other tests that are capable of

    providing audit evidence that the control operated

    effectively at relevant times during the audit period.

  • Extent of Tests of Control

    The more reliance the auditor puts on controls in their audit, the greater is the extent (amount) of the auditors tests of controls. In addition, as controls. In addition, as the rate of expected variability of the control increases, the auditor increases the extent of testing of that control.

  • Evaluate Sufficiency and Appropriateness of

    Audit Evidence

    What is sufficient appropriate audit evidence is influenced by such factors as the:

    Significance of the potential misstatement

    Effectiveness of managements responses and controls to address the risks.

    Experience gained during previous audits with respect Experience gained during previous audits with respect to similar potential misstatements.

    Results of audit procedures performed,

    Source and reliability of the available information.

    Persuasiveness of the audit evidence.

    Understanding of the entity and its environment, including its internal control.


Audit Intern Curs

Audit Intern Curs

Documents
Audit Intern Suport Curs

Audit Intern Suport Curs

Documents
Audit Intern curs 31.03.2014

Audit Intern curs 31.03.2014

Documents
Curs Audit Ssm 1

Curs Audit Ssm 1

Documents
Completare Curs Audit 2014

Completare Curs Audit 2014

Documents
Curs de audit

Curs de audit

Documents
Curs Audit Financiar Contabil

Curs Audit Financiar Contabil

Documents
curs audit ceccar.doc

curs audit ceccar.doc

Documents
Audit Curs 2

Audit Curs 2

Documents
Audit Intern Curs Complet

Audit Intern Curs Complet

Documents
Curs Audit Ssm 2

Curs Audit Ssm 2

Documents
Curs 4 Audit

Curs 4 Audit

Documents
Suport Curs Audit Financiar

Suport Curs Audit Financiar

Documents
Curs Audit Financiar

Curs Audit Financiar

Documents
Curs audit SMI

Curs audit SMI

Documents
Curs Audit Intern

Curs Audit Intern

Documents
Curs Audit

Curs Audit

Documents
Audit Curs 3

Audit Curs 3

Documents
Curs 1-4 Audit

Curs 1-4 Audit

Documents
Audit Termoenergetic -Curs

Audit Termoenergetic -Curs

Documents
Curs Audit Intern 1

Curs Audit Intern 1

Documents
Audit Curs 1

Audit Curs 1

Documents
Audit Intern, Curs Master

Audit Intern, Curs Master

Documents
Curs Audit Ssm 4

Curs Audit Ssm 4

Documents
Curs 7 audit

Curs 7 audit

Documents
Curs Audit Fin[1]

Curs Audit Fin[1]

Documents
Curs Audit Amffe

Curs Audit Amffe

Documents
Curs Audit Aptitudini

Curs Audit Aptitudini

Documents
Caroli Audit- Curs Audit

Caroli Audit- Curs Audit

Documents
Audit Intern Caiet Curs

Audit Intern Caiet Curs

Documents