Scribd Logo
Upload

Welcome to Scribd!

  • Audit 4240 Exam III Review

    Uploaded by

    samantha_t
    26 views3 pages

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    26 views3 pages

    Audit 4240 Exam III Review

    Uploaded by

    samantha_t

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    AUDIT 4240 EXAM III REVIEW

    Auditors’ Study & Evaluation of ICS:


    Purpose: Understand how system is designed by looking at each account. How?
    i. Account Balance Approach
    ii. Transaction Cycle Approach [Better approach to use!]
     Breakdown IC activities into groups of interrelated transactions
    a) Revenue & Collection Cycle
    Sales, Cash, AC/Rec, SRA, Bad Debt Expense
    b) Acquisitions & Payment Cycles
    Use standard cost system rather than actual
    Phase 1: Review and understanding of ICS
    I. Obtain understanding of ICS and activities T/Cycle
    II. Document your understanding (Flowchart, IC Questionnaire, Narrative Description)
    III. Test your understanding (Walkthrough Test)
    Phase 2: Preliminary evaluation of ICS
    I. What errors, irregularities, and fraud could occur
    II. What control activities that should be in place to prevent, detect, and correct
    III. Do control activities exist?
    a) Adequate control activities exist (strengths)
    If it exists, then go to Phase 3
    b) Adequate control activities don’t exist – nonexistence (weaknesses) STOP
     Audit Decision (Document!)
    1. ICS isn’t effective/is weak (not reliable)
    2. IC Risk is high at maximum
    3. DR should be low because CR is high
     Impact on Extent, Nature, Timing of Substantive Auditing,
    So, DR , then Extent , Nature , Timing
    4. Post SOX, Qualify/ Adverse Opinion on ICFR
    Phase 3: Perform Test of Controls
    The effectiveness of Internal Control Structure (ICS)
    i. Control Activities (ICS) are adequate and effective (Step 4)
    ii. Control Activities (ICS) are inadequate and ineffective. If this is the issue, go to
    Audit Decision in Step 2
    Phase 4: If Control Activities are ADEQUATE and EFFECTIVE, then
    i. ICS is reliable and effective
    ii. IC Risk is low(minimum)
    iii. DR can be high
    iv. Determine impact on nature, timing, and extent of substantive tests
    v. After SOX, issue Unqualified Audit Report on ICFR

    Purposes of Assessing Control Risk


    Primary Purposes:
    1. Assess the effectiveness of ICS
    Primary purposes for study & evaluation for system of control
    2. Assessment Risk AR=DR x CR x IR
    So, when DR then more substantive tests and Vice Versa
    3. Determine Timing, Nature, Extent on substantive tests
    4. Express opinion on ICS effectiveness – Section 404(b)
    5. Public disclosure of material weakness in internal control
    Secondary Purposes:
    1. To disclose significant deficiencies of internal control
    2. Improvement of Internal Control Structure (ICS)

    Substantive Tests
     Types:
    (i) Analytical Procedures
    (ii) Tests of details of transactions
    (iii) Tests of details of balances
     Purpose:
     Determine fairness of significant financial statement assertions.
     Nature of Test Measurement:
     Monetary errors in transactions and balances
     Applicable Audit Procedures:
     Same as tests of controls, plus analytical procedures, counting, confirming,
    tracing, and vouching
     Timing:
     Primarily at or near balance sheet date
     Audit Risk Component:
     Detection Risk
     Primary field work standard:
     Third
     Required by GAAS?
     YES

    Tests of Controls
     Tests:
     Concurrent
     Additional
     Purpose:
     Determine effectiveness of design and operation of internal control structure
    policies and procedures.
     Nature of test measurement:
     Frequency of deviations from control structure policies and procedures.
     Applicable Audit Procedures:
     Inquiring, observing, inspecting, reperforming, and computer-assisted audit
    techniques
     Timing:
     Primarily interim work
     Primary field work standard:
     Second
     Required by GAAS?
     NO

    CAATs
     Computer Assisted Auditing Techniques
     CA – Easytrieve (Computer Associates)
     Works in UNIX or LAN (primarily mainframes)
     Uses a background language similar to COBOL
     SAS
     Statistical analysis
     Data mining
     ACL
     IDEA

    CAATs [on board]

    1. Integrated Test Facility – a system that processes test data simultaneously with real
    transactions to allow the system to be constantly monitored
     A whole new dummy department
     Simulated data is assigned a special code to distinguish it from real data
     Simulated data is integrated with real data and processed in normal course of
    business
     Weakness – simulated data may be processed differently that real data
    2. Parallel Simulation – The use of an auditor-written program to process client data and
    comparison of its output to the output generated by the client’s program
    3. Testing Data –
     Simulated data is controlled and processed separately from real data
     Output is compared to auditor-calculated output
    4. Testing Simulated Data –
     Test deck approach
     Integrated test facility

    You might also like