NCE Understand SCOTs/significant disclosure processes and perform walkthroughs Entity name: Date of financial statements: Significant class of transactions (SCOT) / disclosure process: Name: Nature: [indicate whether SCOT is Routine or Non-routine] Owner: This form has been designed to support the audit of non-complex entities (NCE) and is not to be used for entities that do not meet the NCE criteria for use. When and how to use this form A.) Requirement for use: This form is optional, but supports meeting GAM requirements. B.) How to use this form: Complete all relevant check-boxes and text fields. Purpose We obtain an understanding of the significant classes of transactions (SCOTs) and significant disclosure processes to identify and understand the risks of material misstatement at the assertion level (and, when applicable, to identify and understand what can go wrongs (WCGWs)). Completion of this form addresses the EY Canvas tasks: ► Understand SCOTs, identify WCGWs and relevant controls and relate them to relevant SCOTs and significant disclosure processes ► Create a task to document understanding of a SCOT or significant disclosure process When we test controls for routine SCOTs, we use Form 813GL NCE Understand routine SCOTs, perform walkthroughs and test controls form. Form 806GL (29 March 2018) 1 NCE Understand SCOTs/significant disclosure processes and perform walkthroughs Our understanding of the critical path (SCOTS 2) Document below our understanding of the critical path of the SCOT/ significant disclosure process, including the major inputs and outputs. The critical path includes: Initiation: the point where the transaction first enters the entity’s process and is prepared and submitted for recording Recording: the point where the transaction is first recorded in the books and records of the entity Processing: any changes, manipulation or transfers of the data in the books and records of the entity Reporting: the point where the transaction is reported (i.e., posted) in the general ledger Document our understanding of how incorrectly processed information is detected and corrected on a timely basis. To help determine that we properly consider the effects of computer processing in making our risk assessments and developing our audit strategy, describe automated aspects of the critical path of the SCOT/significant disclosure process, including manual aspects that depend upon computer functionality. Document the attributes of the related IT applications in the Audit planning template or equivalent documentation. For the following SCOTs, refer to the appropriate form: Estimation SCOTs (Form 201GL Accounting estimates form) Related party relationships and transactions, when we identify a related party SCOT (Form 212GL Related parties form) For significant risks, we identify controls relevant to the audit (refer to UTB 4) and document these in Form 800GL NCE Audit planning template (APT). Describe the critical path Performed by (job title only) Automated aspects Provide any other details that are necessary to understand the initiation, recording, processing and reporting of the transactions, including major input and output sources, if not included in the descriptions above. Refer to ESTIMATES for the required documentation of our understanding of estimation SCOTs, including relevant controls. 2 NCE Understand SCOTs/significant disclosure processes and perform walkthroughs Document what can go wrongs (SCOTS 4) We use our understanding of the critical path and the policies and procedures to identify WCGWs. We document the identified WCGWs in EY Canvas. Conclusion: Scope & Strategy We sign-off this form in EY Canvas to evidence the preparation, review and approval of this form at the Scope & Strategy phase of the audit as well as completion of the following EY Canvas task at this phase of the audit: ► Understand SCOTs, identify WCGWs and relevant controls and relate them to relevant SCOTs and significant disclosure processes The following EY Canvas task does not require related evidence to be marked complete, however, we may use this form to help complete this task: ► Create a task to document understanding of a SCOT or significant disclosure process (e.g., WT – SCOT name) Walkthrough and other confirmation procedures (SCOTS 3) Describe the walkthrough and other procedures performed to confirm our understanding of the SCOT, addressing the points at which the transactions are initiated, recorded, processed, and ultimately reported in the general ledger (or serve as the basis for disclosures), including both the manual and automated steps of the process. For significant disclosure processes, describe the procedures performed to confirm our understanding of the process and sources of information management uses to generate significant disclosures. Use original source documentation and information technology that the client personnel typically would use in the flow of transactions. For controls over significant risks: Describe the walkthrough procedures to confirm our understanding of the design of the controls and that they have been implemented. As we walk through the prescribed procedures and controls, we ask personnel to describe their understanding of the control activities and demonstrate how they are performed. We may perform our walkthrough in conjunction with the tests of transactions included in our substantive procedures. A) Walkthrough and other confirmation procedures Transaction selected for walkthrough: Individual(s) we talked with to confirm our understanding: Date: Description of the walkthrough procedures performed including our inquiries: 3 NCE Understand SCOTs/significant disclosure processes and perform walkthroughs B) Segregation of incompatible duties, authorization and management override of controls Additional observations Yes No a. Was anything noted in our walkthrough procedures that would indicate there are incompatible duties? ☐ ☐ If we answered “Yes” to the above: Do the incompatible duties represent a deficiency in the design of controls that is not sufficiently mitigated by other management actions or controls that have been identified? ☐ ☐ b. Was anything noted in our walkthrough procedures that would indicate there are issues related to authorization? ☐ ☐ If we answered “Yes” to the above: Do the authorization issues represent a deficiency in the design of controls that is not sufficiently mitigated by other management actions or controls that have been identified? ☐ ☐ c. Was anything noted in our walkthrough of controls that indicate the potential for management override of controls or that such override may have occurred? ☐ ☐ If we answered “Yes” to the above: Does the potential for management override of controls represent a deficiency in the design of controls that is not sufficiently mitigated by other management actions or controls that have been identified? ☐ ☐ N/A Additional observations If we answered “Yes” to the above, provide further documentation and the related effect on our audit strategy. If we answered “Yes” to the above, provide further documentation and the related effect on our audit strategy. If we answered “Yes” to the above, provide further documentation and the related effect on our audit strategy. C) Conclusion Yes No Did our walkthrough procedures confirm our understanding of the SCOT and/or significant disclosure process? ☐ ☐ For SCOTs and significant disclosure processes affected by significant risks, did our walkthrough procedures confirm that the controls relevant to the audit have been properly designed and implemented? ☐ ☐ ☐ Conclusion: Execution 4 NCE Understand SCOTs/significant disclosure processes and perform walkthroughs We sign-off this form, including the above conclusion statements, in EY Canvas to evidence the preparation, review and approval of this form at the Execution phase of the audit as well as completion of the following EY Canvas task at this phase of the audit: ► Task created by the audit team to document understanding of a SCOT or significant disclosure process (e.g., WT – SCOT name) 5
