




Adequate separation of duties
 Separation of the Custody of Assets from Accounting
 Separation of the authorization of Transactions from the Custody of
Related Assets
 Separation of Operational Responsibility from Record-Keeping
Responsibilities
 Separation of IT Duties from User Departments
Proper authorization of transactions and activities
 General Authorization: Management establishes policies and
subordinates are instructed to implement these general
authorizations
 Specific Authorization: Applies to individual transactions where
management prefers to authorize each transaction
Adequate documents and records: Records upon which transactions are
entered and summarized
Physical control over assets and records: Protect assets and records
Independent checks on performance: Careful and continuous review of the
other four
 Independent checks: Internal verification
 Identify and Evaluate Deficiencies
 Control Deficiencies: Exists if the design or operation of controls does not
permit company personnel to prevent or detect misstatements on a timely
basis
 Significant Deficiencies: Exists if one or more control deficiencies exist that is
less severe than a material weakness but important enough to merit
attention by those responsible for oversight of the company’s reporting
 Material Weaknesses: Exists if a significant deficiency, by itself, or in
combination with other significant deficiencies, results in a reasonable
possibility that internal control will not prevent or detect material financial
statement misstatements on a timely basis

Types of Audit Evidence
 Physical Examination: The inspection or count by the auditor of a tangible asset
 Confirmation: The receipt of a written or oral response from an independent third
party verifying the accuracy of information that was requested by the auditor
 Documentation: The auditor’s inspection of the client’s documents and records to
substantiate the information that is, or should be, included in the financial
statements
 Internal Document: Prepared and used within the client’s organization and is
retained without ever going to an outside arty
 External Document: Handled by someone outside the client’s organization
who is a party to the transaction being documented, but which are either
currently held by the client or readily accessible
 Vouching: Process of auditors using documentation to support recorded
transactions or amounts
 Analytical Procedures: Comparison and relationships to assess whether account
balances or other data appear reasonable compared to the auditor’s expectations
 Purpose
 Understand Client’s Industry and Business
 Asses Entity’s Ability to Continue as a Going Concern
 Indicate Presence of Possible Misstatements in Financial Statements
 Reduce Detailed Audit Tests
 Inquiries of the Client: Obtaining of written or oral information from the client in
response to questions from the auditor
 Recalculation: Rechecking a sample of calculations made by the client
 Re-performance: The auditor’s independent tests of client accounting procedures or
controls that were originally done as part of the entity’s accounting and internal
control system
 Redo the task and follow it through the system
 Sales walk-through
 Observation: The use of senses to assess client activities

Evaluate Internal Control Implementation
 Update and evaluate auditor’s previous experience with the entity
 Make inquiries of client personnel
 Examine documents and records
 Observe entity activities and operations
 Perform walkthroughs of the accounting system