Add to collection(s) Add to saved
  1. No category
Uploaded by ashleydean101

Chapter 5 Notes

advertisement 
1
Chapter 5 - Audit Evidence:
Auditor must gather sufficient, appropriate audit evidence.
N.B: In an audit, an auditor must obtain at least SOME appropriate evidence. Recall that an audit
approach may be substantive, or combined (where at least some reliance is placed on the company’s
internal controls).
Evidence may be gathered by the auditor or from third parties (e.g. external confirmations) or the client.
Evidence:
-
Must be persuasive.
Will typically confirm or refute management assertions.
Aids the auditor in making judgements (such as whether to accept or continue with the audit, how
to plan the audit, and providing an opinion).
Audit Evidence Decisions:
Consider:
-
nature (audit procedures).
-
extent (which items to test).
-
timing (when to test).
@Pierre Hilal, CPA, CMA, May 2021.
2
Audit Procedures:
i)
Detailed instructions for the collection of a type of evidence.
Risk Assessment (Macro):
High-level, i.e., done early on in the audit process. This is to understand the company and its
environment – including internal controls. Helps identify RMM. Risk assessment
procedures are judgmental in nature, and are not considered audit evidence.
ii)
Tests of Controls (Macro/Micro):
Are there controls in place? If so, are they functioning adequately? If an auditor wishes to
place any reliance on internal controls, these will need to be tested. Very reliable controls
may decrease the amount of substantive testing performed by the auditor. Conversely, nonexistent controls or unreliable controls would mean more substantive testing. An auditor
need not test a company’s controls if he/she is not placing any reliance on them.
Controls may be tested through:
-
iii)
inquiry
observation
reperformance
Substantive Procedures:
-
focus on transactions and accounts in an effort to identify material misstatements.
-
Tests of details (micro): analyze the details of transactions.
-
Analytical Procedures (macro): examine the relationships between variables. These are not
enough (tests of details are also necessary).
-
Auditor looking for evidence that supports the amounts and disclosures contained in the F/S.
@Pierre Hilal, CPA, CMA, May 2021.
3
iv)
-
What, Why, How?
Audit procedures must be specific (document nature, timing and extent of procedures).
Which items to test: All? Some? Sampling? A mix? Use judgment!
Timing – testing can occur anywhere; in seasonal businesses it may make sense to do more work
during “busy season” or in the case of a periodic inventory system, monitor the inventory count.
Example: Cash Disbursements:
Relevant Assertion: Occurrence:
During the audit, obtain bank reconciliation and cash disbursement reports and compare name amount
and date of cancelled cheques for X # of cheques (sampling/testing decisions). These are tests of
details.
Audit Program:
Detailed instructions for the collection of evidence for an audit area or an entire audit, including audit
procedures. May also include sample size, item details, and timing.
Persuasiveness of Evidence:
-
Degree to which evidence supports an audit opinion (sufficiency, appropriateness, timing)
-
appropriateness – relevant and reliable.
-
relevance – pertinence of evidence to assertion or control being tested.
Example – Relevance:
Suppose you want to check your A/R for completeness.
Tracing sales to shipping documents won’t do the trick (this only tests for occurrence, since you are
looking at what is already there (existing sales). All you’ve done here is check to see if my recorded
sales have been shipped. This doesn’t tell me if anything was missing (In other words this is NOT
testing for completeness).
However, looking at shipping documents and tracing those to sales to see if shipped items have been
billed makes a lot more sense. Here you ARE testing for completeness (now you’re talking!)
-
reliability – depends on source of nature – audit evidence is considered reliable when it is
obtained by the auditor, an independent provider, a qualified (trustworthy) provider or from
consistent and multiple sources.
@Pierre Hilal, CPA, CMA, May 2021.
4
Evidence obtained by the auditor:
-
Observation, reperformance or inspection, are generally considered the most reliable ways to
obtain evidence.
Independence:
-
Evidence from outside parties more reliable than client’s claims. Examples include information
from banks, customers (A/R confirmations).
Qualifications of the Source:
Example: Impairment write-down of machinery. A qualified appraiser’s assessment of the machinery
is more valid that management’s best guess!
Consistency from Multiple Sources:
-
Conflicting data needs to be investigated by the auditor.
Internal Controls:
-
More reliable internal controls make the auditor’s job easier – in part by reducing the degree of
substantive testing required in many instances. Also consider risk of management override (i.e.,
collusion, fraud).
Degree of Objectivity:
-
A/R and cash balance confirmations are considered objective evidence. Conversely, estimates can
be subject to bias. Consider the source!
Sufficiency:
-
Quantity/ Sample Size. Consider the quality of the evidence obtained and the reliability of the
company’s internal controls.
Timing:
-
Timing of audit evidence in relation to the period covered by the audit.
Combined Effect:
-
A large sample size does not necessarily indicate persuasiveness. In other words, it may not be
sufficient, appropriate or timely. Similarly, to small a sample size is not persuasive either.
-Auditor must be aware of assertions being tested and must consider the above in assessing
whether or not evidence obtained is persuasive.
Persuasiveness & Cost:
-
Auditor must consider cost/benefit.
@Pierre Hilal, CPA, CMA, May 2021.
5
@Pierre Hilal, CPA, CMA, May 2021.
6
Specific Types of Audit Procedures:
1) Inspection:
-
Could be inspection of physical assets (note this tests for existence but not valuation) or
inspection of documents (internal or external). External documents are deemed to be of higher
quality than internal documents. Internal documents may also be of high quality if there are
adequate internal controls. Rights and Obligations must be analyzed.
-
Quality of Evidence Gathered: High (provided you know what you are looking for), but
insufficient – need additional evidence. Inspection alone is not enough.
-
Vouching -(occurrence): An example would be comparing acquisitions journal entries of a new
machine to documentation such as invoices. Company Books/General Ledger Vouched to
documents
-
Tracing – (existence): An example would be comparing documentation such as the invoices of
purchased capital assets to acquisitions journal entries. Documents Traced to Company
Books/General Ledger
2) Observation:
-
When we are looking at a procedure performed by others, we are using observation to test
controls.
Will want to augment this type of procedure with other procedures to gain sufficient and
appropriate evidence. When we use observation, we are using our senses – through what we see,
hear, taste, touch and smell.
Quality of Evidence Gathered: Generally weak.
3) External Confirmations:
-
Auditor will verify documents (typically payables or receivables) directly witha third party.
Quality of Evidence Gathered: May be high but be aware of pitfalls below:
Pitfalls:
-
Third party may be a related party (collusion).
Receive an inappropriate response.
May not receive a response.
External confirmations may be used when other forms of evidence are deemed
insufficient.However, this should certainly not be considered a primary audit procedure,
or the only procedure relied upon by the auditor,
@Pierre Hilal, CPA, CMA, May 2021.
7
4) Recalculation:
-
Repeating or checking mathematical accuracy of client figures.
-
Quality of Evidence Gathered: Generally high.
5) Reperformance:
-
Retesting of procedures or internal controls.
Example: Ageing of A/R, comparing invoice prices to pre-determined price list, verifying
consistency of information (e.g., transfer of sales amounts from sales ledger to G/L).
This may be done using test data and CAATs.
General audit software my also be used. This type of software the auditor with provides data
retrieval, manipulation and reporting functionalities.
Quality of Evidence Gathered: Generally high.
6) Analytical Procedures:
-
Analysis of financial information by analyzing the relationships between financial and nonfinancial data.
Types of analytical procedures include:
-
Obtaining an understanding of the client’s industry and business.
Assess entity’s going concern status.
Identify the Possibility of misstatements in the F/S (look for unusual fluctuations).
provide evidence supporting account balances. Here, the auditor may use substantive
analytical procedures to provide evidence at the assertion level.
When inputs are known and relationships are predictable, substantive analytical procedures may
(in some instances) reduce the required sample size or the need to perform tests of details. These
procedures examine the plausibility of the relationships observed. If for instance a company’s
gross profit percentage is expected to be between 38% and 42% and is recorded at 40%, the
auditor may use this information as substantive evidence to justify account balances.
N.B: Substantive analytical procedures may often be performed as part of the auditor’s risk
assessment process.
Quality of Evidence Gathered: Medium to High – depending on the procedure.
7) Inquiry:
@Pierre Hilal, CPA, CMA, May 2021.
8
-
Obtaining written or oral information from the client in response to the auditor’s questions.
-
Quality of Evidence Gathered: Low to Medium. Inquiry alone seldom constitutes sufficient
appropriate evidence.
Costs of Types of Evidence:
The following lists the costs of evidence from highest to lowest:
-
Physical Examination
External Confirmation
Inspection of Documents (Including Tests of Details)
Reperformance
Analytical procedures (planning these may be time consuming however).
Observation (never done without other procedures)
Inquiry (obtaining written statement from client can be costly)
Recalculation (cost may vary)
Terms Used in Audit Procedures & Related Audit Procedures:
Term
Type of Procedure
Examine
Inspection
Scan
Analytical Procedures
Read
Inspection
Compute
Analytical Procedures
Recompute
Recalculation
Foot
Recalculation
Trace
Recalculation, Reperformance
Designing Analytical Procedures:
@Pierre Hilal, CPA, CMA, May 2021.
9
Analytical procedures can be performed at one of three times:
1. During the Planning Phase (required to determine nature, timing and extent of gathering audit
evidence).
2. During the Risk Response Phase (in conjunction with other substantive tests)
Done to support account balances. Evaluate the reliability and source of data. Expectations,
factors considered in the nature of the test and outcomes need to be documented in the
working papers. The degree of assurance provided during this phase varies, depending
among other things on the complexity of the relationship. When used as substantive tests
during the risk response phase, expectations, factors considered in the nature of the test and
outcomes need to be documented in the working papers.
3. During the Completion of the Audit:
Part of the final review (usually done by a senior partner). In effect, we are considering
whether management’s adjusting entries to the financials may have changed their usefulness
to users or had a material effect on key ratios
Comparison of Client Data:
Client data will be compared to:
1. Industry Data.
2. Auditor-determined expected results.
-
Auditor develops an expectation of what b/s should be based on other F/S elements.
-
Auditor defines, investigates and compares significant differences from expected results.
3. Similar Prior Period Data.
4. Client-determined expected results.
-
Consider budgets – realistic? Have they been tampered with?
Assess control risk.
@Pierre Hilal, CPA, CMA, May 2021.
10
Precision of Analytical Procedures:
Will depend upon:
i)
ii)
iii)
iv)
Level of detail (disaggregation).
Data Reliability.
Plausibility and predictability of relationship.
Type of analytical procedure (those with more specific auditor expectations will be more precise).
Documentation:
-
May be written or electronic – or both.
Includes:
-
Risk assessments.
Evidence accumulated.
Procedures performed.
Tests performed.
Other information.
Conclusions.
Documentation typically referred to as “working papers.”
Purpose:
The purpose of audit documentation is to plan and document all phases of the audit, record evidence and
provide backup to support the auditor report in accordance with CAS.
File Archive:
CAS 230 states that final version of audit file should be assembled within 60 days of the date of the
auditor report. Any information provided after that date is “frozen” and shown separately within the audit
file. Such information should not contradict audit conclusions.
Contents and Organization:
May vary from firm to firm.
@Pierre Hilal, CPA, CMA, May 2021.
11
Preparation of Working Papers:
Working papers should include:
-
Checklists of standard investigation items that were completed, and by whom.
-
Copies of correspondence such as Management Representation Letter and Engagement
letter.
-
Documentation of the assertions investigated and supporting evidence found.
-
Extracts from the corporate minutes of the client.
-
Flowcharts of a client's key transaction processes.
-
Identify client name, specify period covered, provide a description of contents, name of the
preparer, date of preparation, along with index code.
-
Be properly indexed and cross-referenced.
-
Indicate the work performed, either by written memo, initials next to audit procedures and
notations.
-
Indicate conclusions reached by major audit cycle.
Ownership of Working Papers:
-
These are the legal property of the auditor. Even those portions prepared by the client (if any) are
deemed to be the property of the auditor. An exception to this may exist during litigation, where
and auditor may be legally required to show working papers. It should be noted that although the
working papers belong to the auditor, the data on the working papers relating to the client’s
operations belongs to the client.
Confidentiality:
Auditor must maintain confidentiality of client information. The only time an auditor may divulge client
information is if:
i)
ii)
Subpoenaed by the court.
The client provides written consent to the auditor with respect to certain disclosures.
Professional Skepticism:
-
Must be maintained by the auditor at all times.
@Pierre Hilal, CPA, CMA, May 2021.
12
**End of Document. **
@Pierre Hilal, CPA, CMA, May 2021.
Related documents
Question: 1. If the auditor finds only one instance of... the auditor assume that this is an isolated instance? Why...
Question: 1. If the auditor finds only one instance of... the auditor assume that this is an isolated instance? Why...
New DOCX Document
New DOCX Document
Information System Audit Checklist A hardware review evaluates the structure of:
Information System Audit Checklist A hardware review evaluates the structure of:
Download
advertisement