Professional Documents
Culture Documents
Assurance engagement:
Is one where a professional accountant evaluates or measures a subject
matter that is the responsibility of another party against suitable criteria, and
expresses an opinion which provides the intended user with a level of
assurance about the subject matter.
An assurance engagement means an engagement in which the practitioner
expresses a conclusion designed to enhance the degree of confidence of the
intended user other than the responsible party about the outcome of the
evaluation or measurement of a subject matter against criteria.
Levels of Assurance:
Auditing Related services
Audit engagement:
The objective of an audit of F/S is to enable the auditor to express an
opinion whether the F/S are prepared, in all material respects, in
accordance with an identified financial reporting framework.
Review engagement:
The review engagement enables an auditor to state whether, on the basis of
procedures which do not provide all the evidence that would be required in
an audit, anything that has come to the auditor’s attention that causes the
auditor to believe that the financial statements are not prepared, in all
material aspects, in accordance with an identified financial reporting
framework.
Agreed-upon procedures:
The auditor simply provides a report of the actual findings, so no assurance
expressed. Users of the report must instead judge for themselves the
auditor’s procedures and findings, and draw their own conclusions from the
auditor’s work.
Compilation engagement:
Users of the compiled information gain some benefit from the accountant’s
(as opposed to auditor’s) involvement, but no assurance is expressed on
report.
Advantages of an Audit:
The need for an external audit arises primarily when the ownership and
management of an enterprise are separated. There are however, certain
inherent advantages in having financial statements audited even when no
statutory requirement exists for such an audit.
Disadvantages of an audit:
• The audit fee. Unless required by local statute, it is unlikely that many
businesses would like to have their accounts audited.
• The audit involves the client’s staff and management in giving time to
providing information to the auditor. A professional auditor should
therefore plan his audit carefully to minimize disruption which his work
will cause.
Chronology of an Audit:
• Express an opinion
• Corporate governance spells out the rules and procedures for making
decisions on corporate affairs. It also provides structure through which
the company objectives are set, as well as the means of attaining and
monitoring the performance of those objectives.
Advantages:
i. Increasing public confidence in the credibility and objectivity of
published financial information.
ii. Assisting directors in meeting their responsibilities in respect of
financial reporting.
iii. Strengthening the independent position of a company’s external
auditor by providing an additional channel of communication.
Leading to better communication between the directors, external
auditors and management.
Disadvantages:
i. Fear that their purpose is to catch management out.
ii. Non-executive directors being over burdened.
iii. A two-tier board of directors, making it difficult and cumbersome to
administer.
iv. There is an additional cost to the company in terms of money and time
involved.
The two-tier board of directors:
This consists of executive directors who take part in the day to day
management of the company, & non-executive directors who act as a
corporate conscience, over viewing the functions of the board. Along with a
supervisory board made up of representatives of employees and investors.
Disadvantages:
1. Conflict of interest may arise if the outsourced internal audit service is
being provided by the external auditors.
2. Outsourcing charges might not prove cost effective.
3. Exit routes must be defined with the outsourcer.
4. There is a risk of lack of knowledge or awareness of the organizational
objectives.
5. An outsourced department may not be able to provide the same flexibility
or ready staff available.
6. Company might lose strategic or sensitive info, as internal audits will
have access to all the info of the company and might lose competitive
edge if internal auditing would disclose the info to other clients of the
outsourcing firm.
Procedures of outsourcing:
Value for money: is concerned with obtaining the best possible combination
of services for the least resources. It is the pursuit of ‘Economy’,
‘Efficiency’ and ‘Effectiveness’.
Challenge: review internally the different options for providing services and
question the status quo.
Compare: comparing with other service providers to review options for
improving performance.
Consult: consult all users of services and those affected by services.
Compete: demonstrate through performance management and continuous
improvement that the most effective and efficient service is being provided.
The 4Cs equally apply to internal auditors, who must demonstrate best value
in the provision of their own service, including appropriate consultations
with users and effective performance management information.
Project auditing:
The business functions that operational and internal audit deals with include:
• Procurement
• Marketing
• Treasury
• Human resources
Audit work includes identification of areas (above) where there are principal
business risks that are preventing an organization to achieve its objectives.
Control procedures:
• Establishing policy and procedures for procurement, communicated to all
levels of management.
• Approved list of suppliers
• Authorization and approval procedures required before any sale or
purchase is made.
• Making the best deals in the market place using a fixed procedure.
Test of controls:
• Conducting a walk-through to ensure that procedures are being followed.
• Trace orders of goods and services through the system, confirming use of
authorized suppliers, correct pricing and appropriate terms.
• Review a sample of purchasing transactions to ensure that they have been
correctly authorized.
Control procedures:
• Placement of a marketing strategy
• Approved policy and procedures
• Authorization of key activities
• Appropriate skills and training of staff
• Proper market research along with cost/benefit analysis produced for
market campaigns.
Tests of control:
• Walk through tests of marketing campaign
• Reviewing of market strategy placed
• Review training plans
Control procedures:
• Authority levels for the processing and placing of deals.
• Data maintenance controls
• Regular update of cash flow forecasts
• System controls, including security and access.
• Appropriate levels of staff, training and expertise
Tests of controls:
• Check sample of reconciliations and confirm that they have been
completed in a timely manner
• Review trends in performance to identify any potential areas of concern.
• Check agreement with counterparties
• Review valuations
Control procedures:
• Policy and procedure manuals should be up to date and should be
formally approved
• Training of HR to ensure delivery of agree and approved policy (above)
• System access controls
• Audit trail of key actions and decisions
Tests of controls:
• Walk through tests of key procedures
• Review of reconciliations undertaken
• Review of access and security to HR systems.
• Review a sample of key transactions to ensure that they have been
processed accurately and appropriately.
CHAPTER 6:
PLANNING AND RECORDING THE AUDIT
ANALYTICAL PROCEDURES: (AT THE REVIEWING STAGE)
Analytical procedures mean the analysis of significant ratios and trends,
including the resulting investigation of fluctuations and relationships that are
inconsistent with other relevant information or which deviate from predicted
amounts.
1. Introduction (Comparisons, Relationships, Methods and Purpose)
2. Auditor Knowledge of the Business
3. Procedure
Comparisons:
Financial information is compared, for example, with:
• Prior periods (historical data);
• Budgets and forecasts (future-oriented data);
• Predictive estimates (e.g., of the annual depreciation charge);
• Industry averages
Relationships:
Typically, relationships are considered between:
• Elements of financial information which are expected to adhere to a
predicted pattern (e.g., gross profit percentages);
• Financial and non-financial information (e.g., hotel revenue to room
occupancy).
Methods used:
Methods of analysis vary considerably, from simple comparisons to complex
analyses using advanced statistical techniques. Analytical procedures may be
applied to:
• Consolidated financial statements;
• Components (e.g., subsidiaries, divisions, segments);
• Individual elements of financial information (e.g., account balances).
Purposes:
• To assist in PLANNING the nature, timing and extent of other audit
procedures.
• As SUBSTANTIVE procedures when their use is more effective or
efficient then tests of detail.
• As an overall REVIEW, to conclude whether financial statements as a
whole are consistent with auditors’ knowledge of the business.
Analytical procedures at this stage (sometimes called ‘preliminary analytical
review’) assist in:
• Seek explanations for the above (auditors should never take the word of
the management for why a change has happened or failed to happen).
Auditor’s work on planning the audit will usually take place before annual
financial statements are available. Accordingly, any analytical procedures
performed at this stage of the audit will be based on interim financial
statements.
• Consider an outline plan of the audit including the extent to which the
auditor ay wish to reply upon internal controls and the extent to which
work can be allocated to interim or final audit stages.
• Review matter raised in the audit of the previous year by examining the
audit files.
• Review any management accounts which the client has prepared as these
may indicate areas of concern in audit.
• Assign a budget to allocate the time to each member of the audit team.
The timing of audit work: The timing of the audit work must be planned to
suit the nature of the business being audited. There are three main
possibilities:
• All the audit work is done at or after the year end. (small businesses)
• The work is divided into interim and final audits, planning and tests of
controls taking place at the interim stage, while substantive balance sheet
audit taking place at the final stage. (medium size businesses)
• The third possibility is continuous audits, where the client is so large that
the auditor is present throughout the year. (large businesses)
AUDIT RISK: At its most simple ‘Audit Risk’ is the risk that the auditor
will get his opinion wrong. This means that the auditor will fail to qualify an
audit report that he should have qualified. In order for this situation to arise
there needs to be a material error in the accounting records or the financial
statements which was not corrected before the accounts were published and
to which the auditor did not refer in the Audit Report.
The situation referred to in the preceding paragraph can only come about if
three things have happened in sequence:
• Secondly, the error needs to have not been detected by the client’s system
of Internal Control. The chance of this happening is referred to as the
Control Risk.
• Thirdly, the auditor must have failed to find the error in the course of his
substantive testing or analytical review procedures. The chance of this
happening is known as the Detection Risk.
It is only when all of these conditions are fulfilled simultaneously that the
auditor will give an inappropriate opinion on a set of financial statements,
and the Audit Risk will materialize. Thus it can be said that the Audit Risk is
the product of the Inherent Risk by the Control Risk by the Detection Risk.
In order to make use of the model we need to realize that only some
elements of the model are within the auditor’s control. In particular the
auditor can do nothing about the Inherent Risk and the Control Risk. He can
assess them but cannot change them. The auditor can, however, decide what
level of overall Audit Risk he wishes to take. Naturally this will normally be
quite low: usually about 5% is considered acceptable.
The usefulness of this model is that it allows the auditor to set quantitative
values on Inherent Risk and Control Risk so as to allow for an increased
amount of Detection Risk and hence a lower level of substantive testing.
In other words, the auditor will need to do less substantive testing if the
Inherent Risk and/or the Control Risk are low. If, for example, the system
of internal control is good then the Control Risk will be low leading to less
substantive testing.
On the other hand, the auditor might decide to take no comfort from inherent
or control factors and to base his audit opinion purely on substantive
procedures (including analytical review). In terms of this model that would
mean putting IR and CR = 1 and thus AR = DR. This approach is often taken
in the case of smaller or owner- managed enterprises, and it is purely the
substantive or vouching approach to auditing.
DR = .125 or 12.5%
The auditor now knows that he can afford to take a 12.5% chance of not
detecting an error during the substantive testing. Conversely he needs 87.5%
assurance that the substantive testing will pick up all material errors. He can
use this information in conjunction with statistical sampling techniques
(which are outside the scope of this article) so as to determine appropriate
sample sizes for the purposes of substantive testing.
Disadvantages:
It is important that staff with the correct mix of experience and knowledge of
the client and industry are employed on the audit.
• Planning information
• The work done and when it was done
• Results and conclusions
Auditors are required to record all matters which are important in supporting
the report. They are particularly required to record matters that demand the
exercise of opinion, as auditors may/will be questioned later on any matter
and they should be able to show what they knew at that time.
Extracts from working papers can be made available to the client at the
discretion of the auditor, but working papers should not be made available to
third parties without client consent.
CHAPTER: 7
RELIANCE ON THE WORK OF OTHERS IN THE AUDIT:
RELIANCE ON EXPERTS:
Auditors need to be aware of areas within the audit which may require the
use of an expert. An auditor may not have expertise in certain areas of an
audit and may need to obtain evidence in the form of reports, opinions,
valuations or statements from an expert.
The need to use an expert depends on the materiality and nature in terms of
complexity of the matter at hand and the risk of misstatement. If however, it
is decided that expert evidence is needed, the expert should be engaged or
employed either by the client, or by the auditor with the consent of the
client. If the client refuses and there are no other sources of evidence for the
item concerned, the auditor should qualify the audit report.
Competence and objectivity:
In order to rely on the evidence provided by the expert, the auditor must be
satisfied that the expert is competent and objective.
1. Competence would be evidenced by certification or membership of a
professional body.
2. Objectivity requires that the expert should work with a fair mind without
having any interest in the business. Objectivity will be impaired if the
expert is the employee of the entity or is dependant on it in some other
way (financially).
Quality: Quality of the work will depend on the internal auditor’s technical
competence. The internal audit department needs to be fully equipped in
terms of staffing, experience and qualification.
4. Technical competence:
The internal audit department should include the right mix of core
competencies. This should be reviewed by the external auditors time after
time and significant weaknesses notified and reported to the management in
writing.
Evaluating and testing the work of internal audit:
The external auditors need to set out the extent to which they will rely on the
internal audit function, along with the reasons for doing so. Once relied
upon, the auditors must ensure that:
• The work has been performed by those with adequate technical training
and that under proper supervision.
• Sufficient relevant evidence is obtained to support the conclusions
reached.
• Conclusions reached are appropriate and that reports are consistent with
conclusions.
Planning the audit: The auditor should identify at the planning stage of the
audit whether or not an organization uses service organizations to assist it;
the auditor needs to assess the type and range of service provided in order to
asses audit risk. The use of a service organization affects the audit
procedures dramatically, as now it is more difficult to state whether the
financial statements are free from material misstatement.
Planning will include assessment of inherent risk of the organization and its
control environment. This will be affected by:
• The nature of the service provided
• The degree of authority delegated to SO
• Arrangements of ensuring quality service is provided.
• Whether the activities involve assets which are susceptible to loss or
misappropriation.
• The financial status of the service organization.
If the auditors determine that they can rely on the controls within the
organization, they should perform a thorough assessment of control risk.
This includes:
• The nature of controls operated by the client and the extent to which the
service organization operates these controls.
• The actual occurrence of errors detected by the client arising from the
SO.
• The information the service organization provides to show its compliance
with controls.
• Whether the SO has its own external auditors who provide the client with
relevant information on the appropriateness of controls within the service
organization.
• The skills and knowledge of staff within the SO.
Audit procedure:
• Inspection of documents and records held by the client
• Assess effectiveness of controls with the client and the SO.
• Obtain written statement from SO in respect of confirmation of balances
and transactions.
• Performing analytical review procedures.
• Requesting the service organization’s auditor or client’s internal audit
function to do specific procedures.
• Reviewing the reports produced by the SO regarding the design of
internal control systems.
Non-complex transactions
CHAPTER 8
INTERNAL CONTROL SYSTEMS:
d) Control activities: are policies and procedures that help ensure that
management orders are carried out. Control activities can take a number of
forms:
1. Preventive: these are controls that prevent risks from occurring. E.g.
authorization controls should prevent fraudulent transactions taking
place.
2. Detective: these are controls that detect if any problems have occurred.
They are designed to pick up errors that have not been prevented. E.g.
large amounts paid without being authorized, reconciliations etc.
3. Corrective: are ones that address any problems that have occurred.
Where problems are identified, the controls ensure that they are properly
rectified. E.g. follow up procedures and management action.
2. Recording the system: an auditor can record the system in the following
ways:
- Narrative notes: this is a simple and convenient way of describing
systems. However it can become cumbersome as system notes take up
a disproportionate amount of space. Furthermore, notes may be
difficult to interpret in order to show the changes made in the system.
An answer of ‘No’ to the ICE implies that the system is strong as controls
exist to prevent the specified problem. A compliance test (test of control)
will be required to ensure the controls are operating
An answer of ‘Yes” to the ICE implies that the system is weak and a
substantive test (test of detail) will be required to quantify the effect of any
errors that may have occurred.
2. ICQ: these are objective questions which focus on specific controls and
the information obtained in completing the ICQs are used to answer the
relevant ICE. The objectives of ICQs are to ascertain, record and identify
controls in the client’s system.
• Strong internal controls: if the conclusion to the ICE indicates that the
entity appears to have a strong internal control system, certain
compliance tests will be performed by the auditor to obtain ‘sufficient
evidence that the controls were operating effectively at relevant times
during the period under audit’.
3. Enquiry and observation: e.g. the auditor asks staff to describe the
system and listens carefully for confirmation that a system operates as
described. The secret is to ask indirect questions and to avoid leasing the
interviewee. Rather than asking whether X compares invoices to records,
ask X to explain what the process involves and listen for references to
order forms and good records.
Note: it does not matter that the auditor cannot prove conclusively that any
given control or controls operated consistently throughout the year. It is
sufficient that the auditor can prove that sufficient care and skill has been
applied to the collection of audit evidence.
If the system is generally weak then the external auditor is more likely to
consider more extreme options, such as resignation, rather than staying
and attempting to resolve the problem. It is unlikely that a cost effective
audit could ever be conducted on a system that is very seriously flawed.
CHAPTER 9
INTERNAL CONTROL – REVENUE AND PURCHASES:
Tests of control: by the auditor involve ensuring that the procedures above
(control procedures) have been applied, by looking for evidence of, for
example, the checking of sequence, batch totals, control account
reconciliations etc.
The revenue system includes revenue obtained from sales. The control
objectives outlined above can now be translated into control objectives for
sales.
1. Control objectives: the control objectives for sales include the following:
• Sales are made in accordance with company objectives
• Customer’s orders should be authorized, controlled and recorded in order
to execute them and determine any allowance required for losses arising
from unfulfilled commitments.
• Goods shipped and work completed should be controlled to ensure that
invoices are issued and revenue recorded for all sales.
• Goods returned and claims from customers should be controlled in order
determine the liability for goods being entered in the accounts.
• Invoices should be appropriately checked as being accurate and
authorized before entered in the accounts
• There should be procedures to ensure that sales invoices are subsequently
paid and that doubtful amounts are identified in order to determine
allowance for losses.
Achievement of objectives: in order to achieve these objectives there
should be good segregation of duties. There are three distinct processes in
the sales system which should be separated and performed by different staff
in order to establish effective internal controls. They are:
• Dispatch department:
1. Sequence controlled documents should be used for all goods
leaving the premises.
2. Dispatch notes should be completed by the gatekeeper or the
dispatch department – never by the accounts staff.
Orders:
• The orders should be checked against the customer’s account; this should
be evidenced by signing. Any new customer should be reffered to the
credit control department before the order is accepted.
• All orders received should be recorded on pre-numbered sales order
documents.
• All orders should be authorized before any goods are dispatched.
• The sales order should be used to produce a dispatch note for the goods
outwards department. No goods may be dispatched without a dispatch
note.
Dispatch:
• Dispatch notes should be pre-numbered and a register kept of them to
relate to sales invoices and orders.
Returns:
• Any goods returned by the customer should be checked for obvious
damage and when accepted, a document should be raised.
• All goods returned should be used to prepare appropriate credit notes.
Receivables:
• A receivables ledger control account should be prepared regularly and
checked to individual sales ledge balances.
• Formal procedures should exist for following up overdue debts.
Reminders should be sent regularly to customers for collection of
overdue debts.
Bad debts:
• The authority to write off a bad debt should be given in writing and
adjustments made to the accounts.
3. Tests of control:
Tests of control should be designed to check that the control procedures are
being applied. Appropriate testing includes:
• Carry out sequence test checks on invoices, credit notes and dispatch
notes. Ensure that all items are included and that there are no omissions
or duplications.
• Check the authorization for the:
- acceptance of the order
- dispatch of goods
- raising of invoice
- pricing and discounts
- write off of bad debts
Substantive procedures
1. Accounting records:
• Check additions of the sales day book and sales returns day book.
• Check the posting of individual invoices to the general ledger and the
control account.
2. Cut of problems: an increase in sales just before the year end with low
sales just after the year end may indicate that the client has tried to distort
profits. The auditor should consider identifying and checking large items in
the last month and the first month of the next period to ensure delivery took
place before the year end.
Orders:
• Requisition notes for purchases should be authorized. Being authorized
by a responsible official.
• All orders to be recorded on documents showing supplier’s name,
quantities and price. Copies of orders should be maintained.
• Re-order levels should be pre-set.
Receipt of goods:
• Goods inwards centers should be identified to deal with the receipt of all
goods.
• All goods should be checked for quantity, quality and condition. Goods
received notes should be created for all goods accepted. This note should
be signed by an official.
• GRNs should be checked against purchase orders and procedures should
exist to notify the supplier of under or over deliveries.
Credit note:
• Test for evidence of matching credit notes to GRNs.
Substantive procedures
1. Accounting records:
• Check additions of the purchase day book and purchase returns book
• Check posting from the day books and the general ledger to the
control account.
Analytical procedures
Can be used to review unusual purchasing trends, levels of purchasing
outside agreed limits or non-authorized suppliers
CHAPTER -10
INTERNAL CONTROL – PAYROLL, CASH AND OTHER AREAS;
REPORTS TO MANAGEMENT
Control accounts
• Control accounts should be maintained in respect of each of the
deductions showing amounts paid periodically to the tax authorities.
• Management should exercise overall control.
2. Control procedures: there are a number of areas of the business that have
different control procedures, these are as follows:
Bank reconciliations
• Bank reconciliations should be prepared at least once a month.
• Person responsible for preparation should be independent of the receipts
and payments function.
• Bank statements should be obtained directly from the bank and held until
reconciliation is completed.
3. Tests of control:
Cash receipts
• Attend mail opening and ensure procedures are adhered to
• Test independent check of cash receipts to bank lodgments.
• Test authorization of cash receipts
• Test for evidence of arithmetical accuracy on cash received records.
Cash payments
• Inspect cheque books for, any signatures on blank cheques and controlled
custody of blank cheques.
• Test to ensure that paid invoices are marked paid
• Examine evidence of authority for current standing orders and direct
debits.
Bank reconciliations
• Examine evidence of regular bank reconciliations
• Examine evidence to follow up outstanding items on bank reconciliations
such as un-presented cheques.
Petty cash:
• Test petty cash vouchers for approval.
• Test cancellations of petty cash vouchers.
• Test for evidence of arithmetical accuracy.
INVENTORIES
1. Control objectives:
• Control over goods inwards, outwards and dispatches.
• Inventory records authenticated by physical counts
• Adequate steps should be taken to identify all inventories for which
write-downs may be required.
• Inventory levels should be controlled so that materials are available when
required but that inventory is not unnecessarily large.
2. Control procedures:
Arithmetical accuracy
• All receipts and issues should be recorded on inventory cards, cross
referenced to the appropriate GRN.
• The costing department should allocate direct and overhead costs to the
value of work in progress according to the stage of completion method.
• To do this standard costs are normally used. Such standards must be
regularly reviewed to ensure that they related to actual costs being
incurred.
Control accounts
• Total inventory records should be reconciled with the detailed inventory
records and discrepancies investigated.
3. Tests of control:
• Observe physical security of inventories and environment.
• Test procedures for recording of movements of goods in and out of
inventory.
• Test authorization for adjustments to inventory records.
• Tests controls over recording of inventory movement belonging to third
parties.
• Inspect reconciliation of inventory counts to inventory records.
NON-CURRENT ASSETS
2. Control procedures:
• Annual capital expenditure budgets should be prepared by someone
directly responsible to the board of directors.
• Applications to authority to incur capital expenditure should be submitted
to the board for approval and should contain reasons for the expenditure,
estimated cost and any non-current asset replaced.
• A document should show what is to be acquired and be signed as
authorized by the board.
• Capital projects made by the company itself should be separately
identifiable in the company’s costing records.
• Disposal of non-current assets should be authorized and any proceeds
from sale should be related to the authority.
• A physical inspection of non-current assets should be carried out
periodically and checked to the non-current asset register. Any
discrepancies should be noted and investigated.
• Assets should be properly maintained and adequately insured.
• Depreciation rates should be authorized and a warren statement of policy
produced, this should be reviewed annually to assess the need of changes.
• The calculation of depreciation should be checked for accuracy.
3. Tests of control:
• Check authorization of purchase of non current assets.
• Check authorization of disposal of significant assets.
• Confirm existence of non-current asset register. Ensure register
reconciles to nominal ledger.
• Test evidence of reconciliation of register to physical checks of existence
and condition of assets.
• Check authorization of depreciation rates and changes in rates if any.
• Ensure correct calculations of depreciation have taken place.
CHAPTER 11
AUDIT EVIDENCE
ISA 500 Audit Evidence requires that auditors ‘obtain sufficient appropriate
audit evidence to be able to draw a reasonable conclusion on which to base
the audit opinion.
Financial assertions
1. Existence: An asset of liability exists at a given date. Auditors spend a
great deal of time on this assertion confirming the existence of assets such as
tangible non-current assets, inventories and cash etc.
2. Rights and Obligations: Here the auditor must ensure that it is the
business which owns the asset at the balance sheet date. There are many
situations where an asset could be on the business premises but belong to
someone else. Inventories, for example, may have been sold but not yet
delivered.
5. Valuation: This assertion deals with the valuation of assets and liability to
see whether they have been valued at an appropriate carrying value.
Synergy
The auditor should consider whether conclusions drawn from differing types
of evidence are consistent with one another. If however it does appear
inconsistent with one another, the reliability of each remains in doubt until
further work is done to resolve the inconsistency. However, when the
individual items of evidence relating to a particular matter are all consistent,
then the auditor may obtain a cumulative degree of assurance higher than
that which they obtain from individual items. This is a form of ‘Synergy’
Problems with obtaining reliable evidence: there are no hard fast rules for
reliability of evidence, as it is a matter of professional judgment. There can
be situations where the auditor does not have a great deal of choice; for
example, the figures of payroll are likely to be supported by evidence that is
almost totally from the entity’s records. Therefore it is sometimes impossible
to replace internally generated evidence with third party evidence.
Analytical Procedures:
Nature and Purpose of
Analytical Procedures
Substantive procedures:
Assertions and their tests:
Such items are inherently more risky than non-judgment items and control
risk is usually higher as these are non-routine transactions. Management is
responsible for making estimates.
2. Valuations:
• Check a sample of entries in the asset register and trace back to source
documentation to ensure properly stated at cost.
• Review company policy for depreciation and ensure appropriate in the
light of useful life of the building (commonly 50 years). And ensure that
land is not depreciated.
• Ensure accurate calculation of depreciation.
• Establish the need for any write-down for impairments
3. Existence:
• Physical check of sample of assets.
3. Existence:
• Physical existence inspected using sample of assets.
Valuation:
Valuation of listed securities is easily confirmed with appropriate financial
publications. Director’s valuation of unlisted securities is something on
which audit report, and the basis of the calculations must therefore be
examined. The auditor must also consider whether any write-downs for
impairment in value are adequate, which may mean examining copies of
accounts of companies in which investments are held.
Income:
Income from securities can be verified with known interest rates for fixed
interest securities.
CHAPTER 13
THE AUDIT OF RECEIVABLES, PREPAYMENTS, BANK & CASH
Form of request
It is nearly always the case that management of the audited entity must
authorize each confirmation request. This exposes the risk that the process
could be interfered with by the entity because the confirmation is usually in
the form of a request – from the entity – for information to be supplied to
their auditor. It is important that auditors control the process by ensuring that
confirmations sent are in agreement with those selected for confirmation. It
is also important that the envelopes bear the auditors’ return address in the
event of non delivery.
Interpretation of evidence
Confirmation responses are at their most reliable when the auditor has
reason to believe that the information has been checked by responsible
officials against the other party’s records. Reliability must be questioned
where the auditor has reason to suspect that the request might not have been
given appropriate consideration or that the other party’s records might not be
wholly reliable.
Debtors’ confirmations
The list of debtors is usually subdivided into current due balances and
overdue balances. Each present separate audit risks. Overdue balances are
more likely to contain errors and thus require a proportionately larger
sample.
Creditors’ confirmations
Creditors are much less frequently confirmed than debtors. The auditor
already has external evidence in the form of supplier invoices and
statements. Although held by the entity and thus potentially at risk from
being manipulated, they are likely to provide sufficient appropriate evidence
in the absence of any suspicious circumstances. In addition, the principal
assertion verified by confirmation evidence would be that of completeness.
The available population (creditor balances recorded by the entity), is not a
suitable starting point for selecting a sample for confirmation when verifying
completeness. If time is available, auditors tend to prefer to use the
complementary/reciprocal population of purchases (or payment transactions
recorded after the period end) when verifying the completeness of recorded
creditors.
Bank confirmations
Client’s procedures
There are two methods of carrying out inventory counts:
- Made at or close to the year end (periodical)
- On a continuous basis over the whole year. (perpetual)
Note: counting inventory does not fall within the duties of the auditor.
However there are certain duties that the auditor has to fulfill that lie
before, during and after the counting of inventory.
1. Planning (before the count): the auditor should carry out the following:
• Review prior year’s working papers, to familiarize with the nature,
volume and location of inventories.
• Identify problems areas in the internal control system to assess the
amount of reliance to be put on internal auditors.
• Assess inherent control, and detection risks.
• Establish whether inventory is material to the financial statements.
• Arrange third party confirmations of inventories held by third parties.
• Auditor should also perform analytical procedures on inventory as part of
planning process, this can be done using ratios:
2. During the counting: the main task is to ensure that the client’s staff are
carrying out their duties effectively.
• Make notes of items counted, damaged inventory, instances where the
counting procedures are not being followed.
• Make test counts: from physical inventory to inventory sheets, and from
inventory sheets to physical inventory.
• Compare the test inventory sheets with the client’s inventory sheet
register.
• Reach a conclusion as to whether or not the counting was satisfactory.
3. After the counting: the auditor should check the cut-off details obtained
at the inventory count to the ledgers to ensure items are accounted for in the
correct period. The auditor should also ensure that inventory records have
been adjusted or reconciled to the physical count and all differences
investigated.
Cut-off: the auditor should examine the link between purchases records and
inventories, and between sales and inventories, to ensure that there is
complete agreement between inventory and financial records. These are
known as cut-off procedures.
Tests the auditor would carry out to ensure correct cut-off include the
following:
• During the inventory count note the serial numbers of the last sales
invoice, dispatch note and goods received note generated before the
inventory count.
• After the inventory count, check the year end dispatch notes to sales
invoices and sales day book and vice versa to ensure that dispatches and
the related invoice both fall before the year end.
• Similarly for purchases, ensure year-end goods receipts notes and related
purchase invoices are correctly treated in the current period.
Work-in-progress
• Ascertain what elements of cost are included. If overheads are included,
test basis on inclusion.
• Ensure material costs exclude abnormal wastage factors.
• Ensure that any addition for overheads includes only normal expenses
based on normal production, and that any cost arising from under-
utilization of production facilities or excessive waste are not carried
forward in the inventory valuation.
NRV
Inventories should be measured at the lower of cost and net realizable value.
Net realizable value is calculated by adding the current selling price of
goods plus the selling and distribution directly attributable to the goods.
Post balance sheet events may influence the NRV calculation. Low selling
prices after the year end may result in NRV value being less than cost. In
such a situation, the individual inventory line affected should be revalued at
the (lower) NRV. The only exception to this rule is for raw materials and
components to be used in manufacture. No reduction in value is needed if it
can be shown that the product made from these items can still be sold at a
profit.
CHAPTER -15
THE AUDIT OF LIABILITIES AND CAPITAL
2. Accrued charges:
• Consider the client’s own system for capturing accruals.
• Obtain a schedule for accruals and ensure that it is made correctly.
• A sample of accruals should be test checked for correct calculation. This
can be done by reference to supporting invoices received in the next
period.
If the loan notes are to be redeemed, the auditor should examine the
provisions of the contract relating to the redemption.
3) Provisions and contingent assets & liabilities: IAS 37 requires that the
amount recognized as a provision should be the best estimate of the
expenditure required to settle the obligation at the balance sheet date. No
provision should be recognized unless a present obligation exists. An
intention to make a payment is not enough; an actual obligation to pay
must exist.
The auditor’s main task will be to decide whether a provision has been
set up properly in accordance with IAS 37.
Loans notes are often issued to finance the purchase of non-current assets.
Thus, in the balances sheet, the liabilities of loan notes are represented by
non-current assets. When the loan notes are redeemed, the liability is
removed by a payment of cash. In such circumstances, some companies
transfer an amount equivalent to the nominal value of the loan note
redeemed out of un-appropriated profit and into a loan note redemption
reserve account.
Although these reserves are legally distributable, the directors have
effectively indicated that they should not be distributed. The auditor should
examine the basis of transfers to reserves and their disclosure in the financial
statements.
CHAPTER 16
AUDIT SAMPLING & COMPUTER AIDED AUDIT TECHNIQUES
AUDIT SAMPLING
Involves the application of audit procedure to less than 100% of the items
within:
• An account balance; and
• Class of transaction
Sampling risk: because auditors do not examine all the items in the
population when applying audit sampling, there is a risk that the conclusion
they draw will be different from that which they would have drawn had they
examined the entire population. In order to reduce the risk, auditors should
use a rational basis for planning, selecting and testing the sample and for
evaluating the results so that they adequate assurance that the sample is
representative of the population.
Non-sampling risk: this component of risk arises from audit mistakes e.g.
failing to identify errors or incorrect evaluation of sample results. Audit
firms can minimize the risk by improving training and review procedures.
Constructing samples
The steps involved in sampling can be summarized as follows:
• Sample design
• Sample size
• Selection of the sample
• Evaluation of the sample
SAMPLE SIZE: when determining the sample size, the auditor should
consider sampling risk, the tolerable error and the expected error.
Sample risk: auditors are faced with sampling risk in both tests of control
and substantive procedures as follows:
Tests of control:
• Risk of under reliance: the risk that, although the sample result does not
support the auditors' assessment of control risk, the actual compliance
rate would support such an assessment.
• Risk of over reliance: the risk that, although the sample result supports
the auditors' assessment of control risk, the actual compliance rate would
not support such an assessment.
Substantive procedures:
• Risk of incorrect rejection: the risk that, although the sample result
supports the conclusion that a recorded account balance or class of
transactions is materially misstated, in fact it is not materially misstated.
• Risk of incorrect acceptance: the risk that, although the sample result
supports the conclusion that a recorded account balance or class of
transactions is not materially misstated, in fact it is materially misstated.
Points:
The risk of under reliance and the risk of incorrect rejection may affect audit
efficiency as they may lead to additional work being performed by the
auditors, or the entity.
The risk of over reliance and the risk of incorrect acceptance may affect
audit effectiveness and are more likely to lead to an erroneous opinion on the
financial statements than either the risk of under reliance or the risk of
incorrect rejection.
Sample size is affected by the level of sampling risk auditors are willing to
accept from the results of the sample. The level of acceptable sampling risk
depends upon the importance of the results of the audit procedure involving
sampling to the auditors' conclusions. The greater the reliance on the results,
the lower the sampling risk auditors are willing to accept and the greater the
sample size needs to be.
The extent of reliance on the results of the procedure is related to the extent
to which other substantive procedures provide audit evidence regarding the
same financial statement assertion. The more other substantive procedures
lower the detection risk for a particular assertion, and therefore the lower the
reliance on the results of the substantive procedure using audit sampling, the
higher the acceptable sampling risk relating to the sampling procedure and
consequently, the smaller the sample size.
Tolerable error: Tolerable error is the maximum error in the population that
auditors would be willing to accept and still conclude that the result from the
sample has achieved the audit objective. Tolerable error is considered during
the planning stage and, for substantive procedures, is related to the auditors'
judgment about materiality. The smaller the tolerable error, the greater the
sample size needs to be.
In tests of control, the tolerable error is the maximum rate of deviation from
a prescribed control procedure that auditors would be willing to accept and
still conclude that the preliminary assessment of control risk is valid.
In substantive procedures, the tolerable error is the maximum monetary
error in an account balance or a class of transactions that auditors would be
willing to accept so that when the results of all audit procedures are
considered, auditors are able to conclude, with reasonable assurance, that the
financial statements are not materially misstated.
The difference between the two types of sampling is that the sampling risk
of a statistical plan can be measured and controlled, while even a perfectly
designed non-statistical plan cannot provide for the measurement of
sampling risk.
The basic similarity between the two types is that both sampling approaches
require the exercise of auditor judgment during the planning,
implementation and evaluation of the sampling plan. In other words, the use
of statistical methods does not eliminate the need to exercise judgment.
In auditing, this method uses sampling without replacement; that is, once an
item has been selected for testing it is removed from the population and is
not subject to re-selection. An auditor can implement simple random
sampling in one of two ways: computer programs or random number tables.
This method provides for the selection of sample items in such a way that
there is a uniform interval between each sample item. Under this method of
sampling, every "Nth" item is selected with a random start.
This method provides for the selection of sample items by breaking the
population down into stratas, or clusters. Each strata is then treated
separately. For this plan to be effective, dispersion within clusters should be
greater than dispersion among clusters. An example of cluster sampling is
the inclusion in the sample of all remittances or cash disbursements for a
particular month. If blocks of homogeneous samples are selected, the sample
will be biased.
Note:
Remember, an essential feature of probability sampling methods is that each
element of the population being sampled has an equal chance of being
included in the sample and, moreover, that the chance of probability is
known. Only in this way, is a probability sample representative of a
population.
NON-STATISTICAL SAMPLING
Haphazard Selection
In this method, the auditor selects the sample items without intentional bias
to include or exclude certain items in the population. It represents the
auditor's best estimate of a representative sample -- and may, in fact, be
representative. Defined probability concepts are not employed. As a result,
such a sample may not be used for statistical inferences. Haphazard selection
is permitted for non-statistical samples when the auditor believes it produces
a fairly representative sample.
Block Selection
Judgment Selection
2. Relative risk. Items prone to error due to their nature or age should be
given special attention.
When the expected audit evidence regarding a specific sample item cannot
be obtained, auditors may be able to obtain sufficient appropriate audit
evidence through performing alternative procedures. For example, if a
positive debtor confirmation has been requested and no reply was received,
auditors may be able to obtain sufficient appropriate audit evidence that the
debtor is valid by reviewing subsequent payments from the customer. If
auditors do not, or are unable to, perform satisfactory alternative procedures
or if the procedures performed do not enable auditors to obtain sufficient
appropriate audit evidence the item would be treated as an error.
Auditors would also consider the qualitative aspects of the errors. These
include the nature and cause of the error and the possible effect of the error
on other phases of the audit.
In analyzing the errors discovered, auditors may observe that many have a
common feature, for example, type of transaction, location, product line or
period of time. In such circumstances, auditors may decide to identify all
items in the population which possess the common feature, thereby
producing a subpopulation, and extend audit procedures in this area.
Auditors would then perform a separate analysis based on the items
examined for each sub-population.
Inferences to be drawn for the population as a whole
Auditors would consider whether errors in the population might exceed the
tolerable error. To accomplish this, auditors compare the projected
population error to the tolerable error taking into account the results of other
audit procedures relevant to the specific control or financial statement
assertion. The projected population error used for this comparison in the
case of substantive procedures is net of adjustments made by the entity.
When the projected error exceeds tolerable error, auditors re-assess the
sampling risk and if that risk is unacceptable, consider extending the audit
procedure or performing alternative audit procedures, either of which may
result in them proposing an adjustment to the financial statements.
CHAPTER 17:
GOING CONCERN
Financial indicators:
• Net liability
• Indications of withdrawal of financial support by lenders
• Negative operating cash flows
• Adverse financial ratios
• Substantial operating losses
• Discontinuance of dividends
• Inability to pay of debts on due dates
Operating indicators:
• Loss of key managers without replacement
• Loss of major market, franchise, license.
• Labor difficulties
Other:
• Changes in government policy that may adversely affect the entity.
• Pending legal proceedings against the entity that may result in claims that
are unlikely to be satisfied. E.g. damages, cash payment etc.
Details of different ways in which the auditor may reports are as follows:
1. The auditor believes that there is a doubt over the going concern, but
considers that the financial statements give adequate details of the
problem. In this case the auditor will give an unqualified report but
include an ‘emphasis of matter’ paragraph drawing attention to any notes
or details in the F/S explaining the position.
2. The auditor believes that there is a doubt over the going concern status,
but considers that the F/s do no give adequate disclosure. In this case the
auditor’s report will be qualified.