(AAS) 3

DOCUMENTATION Harinderjit Singh

NIRC //ICAI NIRC ICAI

9.7.2005 9.7.2005

DOCUMENTATION (AAS 3) OVERVIEW

 Introduction  Form and content  Ownership and Custody of Working Papers  Exposure Draft on Revised (AAS) 3 - Audit Documentation

NIRC / ICAI

9.7.2005

DOCUMENTATION (AAS 3) INTRODUCTION

 Document evidence that audit carried out in accordance with basic principles (AAS2)  Documentation refers to working papers prepared or obtained by auditor  Working papers aid in : Planning and performance of audit Supervision and review of audit work Providing evidence of audit work performed
NIRC / ICAI 9.7.2005

DOCUMENTATION (AAS 3) FORM AND CONTENT

Working Paper to record:  audit plan,

 nature, timing & extent of audit procedures

 conclusions drawn from evidence obtained

NIRC / ICAI

9.7.2005

DOCUMENTATION (AAS 3) FORM AND CONTENT

Form & content affected by : nature of engagement form of auditors report nature & complexity of clients business nature & conditions of clients records & degree of reliance on internal controls need in particular circumstances for direction, supervision and review of work performed by assistants
NIRC / ICAI 9.7.2005

DOCUMENTATION (AAS 3) FORM AND CONTENT

 Standardisation of working papers (e.g. checklists, specimen letters, standard organisation of working papers)  Working Paper sufficiently complete and detailed  Significant matters together with auditors conclusion thereon  Ensure working papers obtained from client properly prepared  Permanent & current audit files (PAF & CAF)
NIRC / ICAI 9.7.2005

DOCUMENTATION (AAS 3) FORM AND CONTENT - PAF

 PAF includes Legal & organisational structure of entity Legal documents & agreements Study & evaluation of internal controls Audited F/S for PYs Significant ratios & trends Management letters, if any Significant accounting policies Significant audit observations of earlier years.
NIRC / ICAI 9.7.2005

DOCUMENTATION (AAS 3) FORM AND CONTENT - PAF

 CAF includes: Acceptance of annual reappointment Board & general meetings minutes Nature, timing & extent of audit proceduresreview Audit matters communicated/discussed with client including terms of engagement etc. Representation letters Significant aspects of audit Experts / third party FS & related audit report
NIRC / ICAI 9.7.2005

DOCUMENTATION (AAS 3) OWNERSHIP AND CUSTODY OF WORKING PAPERS

Working Papers  Property of auditor  Extracts of working papers available to client at auditors discretion.  Reasonable procedures for custody & confidentiality of working papers  Retention of working papers
NIRC / ICAI 9.7.2005

EXPOSURE DRAFT REVISED (AAS) 3 AUDIT DOCUMENTATION SALIENT MATTERS

 Caption changed from Documentation to Audit Documentation  Fallout of Enron  Changes to Audit Documentation  New concept of Experienced Auditor  Identification of Prepares & Reviewer  Retention period - 10 years vis--vis 8 years prescribed by Companies Act
NIRC / ICAI 9.7.2005

(AAS) 6 (REVISED)
RISK ASSESSMENT AND INTERNAL CONTROL

NIRC /ICAI
NIRC / ICAI

9.7.2005
9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Overview

 Introduction  Inherent Risk  Accounting & Internal Control Systems  Control Risk  Detection Risk  Audit Risk in Small Business  Communication of Weaknesses
NIRC / ICAI 9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Introduction

 Understanding of accounting & internal control system and audit risk  Sufficient to plan & develop an effective audit approach  Professional judgment to assess audit risk & design audit procedures  Applicability 1.4.2002
NIRC / ICAI 9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Introduction  Certain terminologies:  Inappropriate opinion  Inherent Risk  Control risk  Detection risk  Control environment  Control procedures  Internal Control System  Accounting System
NIRC / ICAI 9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Inherent Risk

 Relate inherent risk assessment to material account balance & classes of transactions in developing audit program.  High inherent risk assessments are made taking into account factors relevant both to F/S as a whole & to specific assertions.  Reasons for assessing inherent risk as not high should be documented.

NIRC / ICAI

9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Assessing Inherent Risk

Factors for Evaluation At Level of F/S integrity of management management experience & knowledge & changes in management during period unusual pressures on management nature of entitys business factors affecting industry in which entity operates.
NIRC / ICAI 9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Assessing Inherent Risk

At Level of Account Balance & Class of Transactions quality of accounting system F/S susceptible to misstatement complexity of transactions & events degree of judgement susceptibility of assets to loss or misappropriation unusual & complex transactions at or near period end transactions not subject to ordinary processing
NIRC / ICAI 9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Inherent Limitations of Internal Controls

 Reasonable but not absolute assurance  Control be cost effective  Addressing unusual transactions  Human error  Collusion by employees & third parties  Management overriding control  Manipulation in estimates & judgments in FS.
NIRC / ICAI 9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Understanding Accounting & Internal Control Systems

 CAKE  inquiries of appropriate level of personnel  inspection of documents & records  observation of activities & operation

NIRC / ICAI

9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Accounting Systems - Understanding

 major classes of transactions  how such transactions initiated  significant accounting records, supporting documents & specific accounts  accounting & financial reporting process - initiation to inclusion in FS

NIRC / ICAI

9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Control Environment - Understanding

 Managements attitudes, awareness & actions regarding internal controls & their importance in entity.

NIRC / ICAI

9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Control Risk

Preliminary Assessment of Control Risk  At assertion level for each material account balance or class of transaction.

NIRC / ICAI

9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Control Risk

Preliminary Assessment of Control Risk  Control risk assessed at high level for some or all assertions where accounting & internal controls not effective or evaluating not efficient.  Preliminary assessment of control risk for a FS assertion high unless: internal controls identified tests of control to support assessment planned
NIRC / ICAI 9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Control Risk Documentation of Understanding & Assessment of Control Risk  Document :  understanding of entitys accounting & internal control system;  assessment of control risk.  When control risk assessed at less than high, document basis.  Different techniques for documentation:  narrative  questionnaires  checklists  flow charts
NIRC / ICAI 9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Control Risk

Tests of Control  Audit evidence re. effectiveness of accounting & internal control system & operation of controls throughout period.

NIRC / ICAI

9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Control Risk

Tests of Control  Tests of control may include: inspection of documents for controls re.authorisation inquiries & observation of controls which have no audit trail testing computerized application or overall IT function Lower assessments of control risk more audit evidence should be obtained
NIRC / ICAI 9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Control Risk

Tests of Control  Considering effectiveness of controls: How applied? Consistency on application during period By whom applied? Deviations from prescribed controls  Results of tests of control evaluates whether controls operating as contemplated in preliminary assessment of control risk.
NIRC / ICAI 9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Control Risk

Final Assessment of Control Risk  When preliminary assessment of control risk not supported: revise assessed level of control risk modify nature, timing & extent of planned substantive procedures.

NIRC / ICAI

9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Detection Risk  Consider assessed levels of inherent & control risks in determining nature, timing & extent of substantive procedures.  To reduce audit risk to an acceptably low level consider:  nature of substantive procedure  timing of substantive procedure  extent of substantive procedures  Inverse relationship between detection risk & combined level of inherent and control risk
NIRC / ICAI 9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Detection Risk

 Regardless of assessed levels of inherent and control risks, some substantive procedures performed  Higher assessment of inherent & control risks means more of substantive procedures  Qualified or declaimer of opinion when detection risk regarding an assertion for material balance or transaction cannot be reduced to an acceptable level,
NIRC / ICAI 9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Audit Risk in Small Business

 Inadequate segregation of duties & lack of supervisory controls  Audit evidence may have to be obtained entirely through substantive procedures.

NIRC / ICAI

9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Communication of Weaknesses

 Communicate material weaknesses in accounting & internal control at an appropriate level of management.  Ordinarily in writing  Important to indicate that only weaknesses which have come to the auditors attention as a result of audit have been reported.
NIRC / ICAI 9.7.2005

AAS 6 (Revised) - Risk Assessment and Internal Control Matters for Discussion

 Complex CIS environment-need for specialist  Extent of substantive procedures should reflect reliance/nonreliance on internal controls  Risk based audit approach-prevalent now formalised  Assessing internal controls enables effective and efficient audit

NIRC / ICAI

9.7.2005

AAS - 21
CONSIDERATION OF LAWS AND REGULATIONS IN AN AUDIT OF FINANCIAL STATEMENTS

NIRC / ICAI
NIRC / ICAI

9.7.2005
9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Overview  Introduction  Responsibility of Management  Auditors consideration  Procedures when noncompliance discovered  Communicating/Reporting noncompliance  Withdrawal from Engagement

NIRC / ICAI

9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Introduction

 Consideration of laws & regulations in an audit of FS.  Noncompliance of laws & regulations by entity materially affecting F/S  Term `noncompliance refers to acts of omission or commission by entity being audited, either intentional or unintentional contrary to prevailing laws & regulations.

NIRC / ICAI

9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Indications of Noncompliance

 Investigation by government departments or payment of fines  Payments for unspecified services or loans to consultants, related parties, employees or government employees  Purchases at prices significantly above or below market price  Unusual payments in cash & other unusual transactions
NIRC / ICAI 9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Indications of Noncompliance

 Unusual transactions with companies registered in tax havens  Payments without proper exchange control documentation  Unauthorized or improperly recorded transactions  Media comment
NIRC / ICAI 9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Introduction

 Noncompliance generally based on experts advice but ultimately determined by a court of law.  Auditor likely to be aware of those noncompliances linked to events & transactions ordinarily reflected in F/S.  Auditors responsibility to consider fraud & error in audit covered by AAS - 4.
NIRC / ICAI 9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Responsibility of Management for Compliance

 Achieved by: Monitoring legal requirements Internal control systems Establishing legal department and/or engaging legal advisor. Maintaining register of significant laws affecting entity & records of noncompliances. Appropriating responsibilities to internal audit & audit committee.
NIRC / ICAI 9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Auditors Consideration  Audit does not prevent noncompliance but may act as a deterrent.  Risk from noncompliance higher due to:  inherent limitations of accounting & internal control systems  persuasive rather than conclusive audit evidence  override of controls by management etc.  Recognition of conditions or events leading to noncompliance.  Statutory requirements may require to report compliance with certain provisions of laws & regulations.
NIRC / ICAI 9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Auditors Consideration

 Understanding legal & regulation framework: CAKE inquiring & discussing with management  Identifying instances of noncompliance: inquiring with management inspecting correspondences-regulatory authorities
NIRC / ICAI 9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Auditors Consideration

 Sufficient appropriate audit evidence regarding compliance affecting amounts & disclosures in FS  Other procedures (besides above) outside scope of audit.  Written representations from management.  In absence of evidence to contrary entitled to assume compliance .
NIRC / ICAI 9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Procedures When Noncompliance Discovered

 Obtain understanding of nature of act & circumstances to evaluate possible effect of noncompliance on FS  Evaluating possible effect on F/S, consider: potential financial consequences whether they require disclosure whether they affect true & fair view  Document findings & discuss with management.
NIRC / ICAI 9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Procedures When Noncompliance Discovered

 Consult entitys lawyers or other lawyers on possible effects/consequences  Effect of lack of evidence on auditors report.  Reliability of management representations in light of noncompliance.

NIRC / ICAI

9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Communicating/Reporting of Noncompliance

To Management  Communicate to audit committee, BOD and senior management  Intentional and/or material noncompliance communicate without delay  Senior management including members of BOD involved in noncompliance- communicate matter to next higher level.
NIRC / ICAI 9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Communicating/Reporting of Noncompliance

To Users of Auditors Report  Qualified or adverse opinion. when material noncompliance not properly reflected in FS.  Qualified or disclaimer of opinion. if precluded from obtaining sufficient appropriate audit evidence regarding material noncompliance. .

NIRC / ICAI

9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Communicating/Reporting of Noncompliance

To Regulatory and Enforcement Authorities

 Report to regulatory and enforcement authorities in case duty of confidentiality overridden by statute, law or by courts of law.

NIRC / ICAI

9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Withdrawal from Engagement

 No remedial action on material noncompliance  Involvement of highest authority affecting reliability of management representations  Communication to incoming auditor re.detailed reasons & attendant circumstances leading to withdrawal

NIRC / ICAI

9.7.2005

AAS 21 - CONSIDERATION OF LAWS & REGULATIONS IN AN AUDIT OF FS Matters of Discussion

 How many Acts are there - mind boggling!  Peculiar Acts  Laws & Regulations affecting F/S  Sufficient understanding of laws & regulations  Expert opinion/ Court of Law
NIRC / ICAI 9.7.2005

AUDITING AND ASSURANCE STANDARDS (AAS) 28 AUDITORS REPORT ON FINANCIAL STATEMENTS

NIRC / ICAI
NIRC / ICAI

9.7.2005
9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS OVERVIEW

 Introduction  Basic Elements of Auditors Report  Unqualified Opinion  Modified Reports  Limitation on Scope  Disagreement with Management  Statement on Qualifications in Auditors Report  Matters for Discussion
NIRC / ICAI 9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Introduction

 Clear written expression of opinion on FS taken as a whole. BASED ON CONCLUSIONS DRAWN FROM AUDIT EVIDENCE OBTAINED

NIRC / ICAI

9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Basic Elements of Auditors Report

a) Title b) Addressee c) Opening or introductory paragraph d) Scope paragraph e) Opinion paragraph f) Date of report g) Place of signature, and h) Auditors signature
NIRC / ICAI 9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Basic Elements of Auditors Report

Title Appropriate title - Auditors Report

Addressee Appropriately addressed - e.g. To the Members

NIRC / ICAI

9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Basic Elements of Auditors Report

 Opening or introductory Paragraph Financial statements of entity audited, including date and period covered FS responsibility of entitys management and responsibility of auditor to express an opinion on FS.
NIRC / ICAI 9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Basic Elements of Auditors Report

 Scope Paragraph Audit conducted in accordance with auditing standards generally accepted in India. Audit planned & performed to obtain reasonable assurance that FS are free of material misstatement.. Terms of Engagement Matters prescribed by Legislation / Pronoucement of ICAI
NIRC / ICAI 9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Basic Elements of Auditors Report

 Scope Paragraph  Auditors report should describe audit as including: a) Examining, on a test basis, evidence to support amounts & disclosures in FS b) Assessing accounting principles used in preparation of FS c) Assessing significant estimates made by management in preparation of FS d) Evaluating overall FS presentation.  Audit provides a reasonable basis for opinion.
NIRC / ICAI 9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Basic Elements of Auditors Report

 Opinion Paragraph Clearly indicate financial reporting framework used to prepare the FS FS give a true and fair view in accordance with that financial reporting framework FS comply with statutory requirements.
NIRC / ICAI 9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Basic Elements of Auditors Report

 Date of Report Date on which auditor signs report. Not earlier than the date on which FS are signed or approved by management.  Place of Signature Specific location, where audit report signed.
NIRC / ICAI 9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Basic Elements of Auditors Report

 Auditors Signature Signed by auditor in personal name Where firm is appointed as auditor, report signed in personal name of auditor and in name of the audit firm. Partners/proprietors membership number
NIRC / ICAI 9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Unqualified Opinion

 

True and fair view Relevant  GAAP  Statutory Requirement  Disclosures  Change Effect & Disclosures
NIRC / ICAI 9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Modified Reports

 Auditors report considered modified when it includes: a) Matters That Do Not Affect Auditors Opinion Emphasis of matter b) Matters That Do Affect Auditors Opinion Qualified opinion Disclaimer of opinion Adverse opinion
NIRC / ICAI 9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Modified Reports

 Matters That Do Not Affect Auditors Opinion Paragraph to highlight material matter regarding a going concern problem where going concern question not resolved and adequate disclosures made in FS. Paragraph if significant uncertainty, resolution of which is dependent upon future events and which may affect FS.
NIRC / ICAI 9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Modified Reports

 Matters That Do Affect Auditors Opinion Limitation on scope of auditors work; or Disagreement with management re.acceptability of accounting policies selected, method of application or adequacy of FS disclosures.

NIRC / ICAI

9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Modified Reports

 Matters That Do Affect Auditors Opinion A qualified opinion when: disagreement with management is not so material and pervasive as to require an adverse opinion Limitation on scope is not so material and pervasive as to require disclaimer of opinion. subject to or except for
NIRC / ICAI 9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Modified Reports

 Matters That Do Affect Auditors Opinion Disclaimer of opinion when limitation on scope is material and pervasive Adverse opinion when disagreement is material and pervasive to FS

NIRC / ICAI

9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Modified Reports

 Matters That Do Affect Auditors Opinion Other than unqualified opinion: Clear description of all substantive reasons Unless impracticable quantification of possible effect(s) individually and in aggregate on FS

NIRC / ICAI

9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Limitation on scope

Limitation on scope of Auditors work Describe limitation Indicate possible adjustments to the FS.

NIRC / ICAI

9.7.2005

AAS28 AUDITORS REPORT ON FINANCIAL STATEMENTS Disagreement with Management

Matters  Acceptability of accounting policies selected  Method of their application,  Adequacy of disclosures in FS.  If such disagreements material to FS - qualified or adverse opinion.
NIRC / ICAI 9.7.2005

Statement on Qualifications in Auditors Report

Reporting Requirements Under Companies Act  Statements of fact  Opinions

Reporting:  u/s 227(1A) of Companies Act  u/s 227(4A) of Companies Act

NIRC / ICAI 9.7.2005

Statement on Qualifications in Auditors Report

Qualification in Auditors Report  General Considerations  Aspects considered while Qualifying Reports  Manner of Qualifying Reports  Directors Comments on Qualifications  Separate Report to Directors etc.  Branch Audit Reports  Total Effect of Qualifications-opinion may change
NIRC / ICAI 9.7.2005

AUDITING AND ASSURANCE STANDARDS (AAS) 29

AUDITING IN A COMPUTER INFORMATION SYSTEMS ENVIRONMENT

NIRC / ICAI

NIRC / ICAI

9.7.2005

9.7.2005

AAS - 29 Auditing in A CIS Environment Overview

 Introduction  Skills and Competence  Planning  Assessment of Risk  Audit Procedures  Documentation
NIRC / ICAI 9.7.2005

AAS - 29 Auditing in A CIS Environment Introduction

Effective Date: On or after April 1,2003 Purpose of this AAS: Procedures in audit under CIS environment

NIRC / ICAI

9.7.2005

AAS - 29 Auditing in A CIS Environment Introduction

When does a CIS environment exist? A CIS environment exists where: One or more computer(s) of any type or size is (are) involved in processing of financial information Whether operated by entity or a third party
NIRC / ICAI 9.7.2005

AAS - 29 Auditing in A CIS Environment Introduction

 Overall objective & scope of an audit does not change in CIS environment, but may effect: Procedures followed, in obtaining sufficient understanding of accounting and internal control system Evaluation of inherent & control risk Design & performance of tests of control & substantive procedures
NIRC / ICAI 9.7.2005

AAS - 29 Auditing in A CIS Environment Introduction

 Factors determining evaluation of CIS environment Extent to which CIS environment used in accounting system System of Internal Control in existence  Existence or non-existence of audit trail
NIRC / ICAI 9.7.2005

AAS - 29 Auditing in A CIS Environment Skills and Competence

 Sufficient knowledge of CIS to plan, direct, supervise, control and review work  Consider specialized CIS skills needed  Compliance with AAS 9 Using the Work of an Expert,
NIRC / ICAI 9.7.2005

AAS - 29 Auditing in A CIS Environment Planning

 Understanding significance & complexity of : CIS environment Complexities of CIS activities Availability of data for use in audit  Understanding would include : CIS Infrastructure Complexity of processing like automated computation & generation of entries Determination of availability of data
NIRC / ICAI 9.7.2005

AAS - 29 Auditing in A CIS Environment Planning

 Understand CIS environment influencing assessment of inherent & control risk E.g. Lack of transaction trails Uniform processing of transactions Potential for errors and irregularities Dependence of Other Controls over computer processing
NIRC / ICAI 9.7.2005

AAS - 29 Auditing in A CIS Environment Planning

 Evaluate reliability of Accounting and Internal Control System to: Ensure authorized, correct & complete data available for processing Timely detection and correction of errors Ensure accuracy and completeness of output Prevent unauthorized amendments to programs Provide for safe custody of source code of application software
NIRC / ICAI 9.7.2005

AAS - 29 Auditing in A CIS Environment Assessment of Risk

 Assessment of inherent and control risks for material FS assertions - AAS 6 (Revised)  Pervasive & account specific effect of inherent & control risks in a CIS environment  Emerging CIS technologies
NIRC / ICAI 9.7.2005

AAS - 29 Auditing in A CIS Environment Audit Procedures

 Adequate procedures exist to ensure data transmitted is correct and complete  Cross verifications of records, reconciliation statements & control systems  Use of manual audit procedures or computer assisted audit techniques, or a combination of both to obtain sufficient evidential matter

NIRC / ICAI

9.7.2005

AAS - 29 Auditing in A CIS Environment Documentation

 Document Audit plan, Nature, timing and extent of audit procedures performed Conclusions drawn from evidence obtained  Audit Electronic evidence adequately and safely stored and retrievable in its entirety
NIRC / ICAI 9.7.2005

AAS - 29 Auditing in A CIS Environment Matters for Discussion

 CIS knowledge now necessary for auditors  Involvement of specialists  Auditors also need sophisticated CAAT tools to test controls under CIS environment  Can audit be outsourced out of the country in a CIS environment ?
NIRC / ICAI 9.7.2005