REVIEW GUIDE SPREADSHEET: POLICY STANDARDS FOR FINANCIAL AUDITS & ATTESTATION ENGAGEMENTS

Adequate
Quality
Step Question Controls Reference / Comments
Y, N, NA
PLANNING AND SUPERVISION
Does the audit group have policies and procedures to establish an understanding with
the auditee as to the services to be performed, including engagement objectives,
1
management's responsibilities, the auditor's responsibilities, and limitations of the
engagement? (GAS 4.03, 5.04)
Does the audit group have policies and procedures requiring supervisors to inform
2 assistants of their responsibilities and the objectives of the procedures they perform (AU
300)
Does the audit group have policies and procedures requiring supervisory review to
3 determine that work was adequately performed and that working papers support audit
findings, conclusions and opinions? (GAS 4.15(a), 5.16(b), AU 300)
4 Does the audit group have policies and procedures requiring auditors to:
a Follow-up on known material findings from prior audits? (GAS 4.05, 5.06)
Track and report on uncorrected material findings from prior audit reports? (GAS 4.05,
b
5.06)

If material component units are examined by another auditor, does the audit group have
5 policies and procedures to contact the other auditor to determine the appropriate
qualifications, independence, and verification of work? (GAS 3.79-3.81, AU 620)

Does the audit group have policies and procedures requiring auditors to communicate the
6 nature, timing, and extent of planned testing, reporting or assertion on the subject matter
to the responsible officials? (GAS 4.03, 5.04, AU 300)

Are there policies and procedures in place to consider whether specialized skills are
7 needed to consider the effect of computer processing on the audit, to understand the
internal control structure, or to design and perform audit procedures? (AU 300)

Does the audit group have policies and procedures to consider relevant planning factors
such as accounting policies and procedures, anticipated reliance on internal controls,
8
audit risk and materiality, and the nature of reports to be rendered in planning the audit
and designing audit procedures? (AUs 300, 315, 320)
Does the audit group have policies and procedures to determine the relationship of the
9 sample to the audit objective, estimated materiality levels, allowable risk, characteristics
of the population, and evaluate sample results? (AUs 320, 330)
Does the audit group have policies and procedures that analytical procedures be used in
10
planning and in the overall review stages? (Aus 315, 330)
Does the audit group have policies and procedures requiring the auditor to be aware of
11
the possibility of material related party transactions? (AU 550)
Based on your review, are the audit group's policies and procedures adequate to
12
reasonably meet this standard?
 REVIEW GUIDE SPREADSHEET: POLICY STANDARDS FOR FINANCIAL AUDITS & ATTESTATION ENGAGEMENTS
Adequate
Quality
Step Question Controls Reference / Comments
Y, N, NA

FRAUD, ILLEGAL ACTS, AND OTHER NONCOMPLIANCE

1 Does the audit group have policies and procedures that call upon the audit staff to:
Identify and obtain an understanding of laws and regulations that could have a direct and
a
material effect on the audit? (GAS 4.06, 5.07)
Design audit steps and procedures to provide reasonable assurance of detecting errors
b fraud, and illegal acts that could have a direct and material effect on the audit objectives?
(AU 240)

Extend audit steps and procedures if they have reason to believe that illegal acts may
c
exist and have an material indirect effect on the financial statements? (AU 250)

Does the audit group have policies and procedures that require the auditor to assess the
risk that errors, fraud, and illegal acts may cause the financial statements to contain a
2
material misstatement, and that this assessment be used in designing the audit
procedures and evaluating the results? (GAS 4.06-4.08, 5.07-5.09 AUs 240, 250, 315)

Does the audit group have policies and procedures that require auditors to plan and
3 perform a financial statement audit with an attitude of professional skepticism? (GAS
3.61, AUs 200, 240)
Based on your review, are the audit group's policies and procedures adequate to
4
reasonably meet this standard?

EVIDENCE AND WORKING PAPERS

Does the audit group have a policy for retaining working papers to satisfy legal
1
administrative, internal, and external needs and requirements? (AU 230)

Does the audit group have policies and procedures to require the following characteristics
2
in the working papers: (GAS 4.05, 4.15a, 5.06, 5.16a-c, AU 220, 230)

a The nature timing, and extent of auditing procedures?

b Results of the audit procedures and the audit evidence obtained?
c Conclusions reached on significant matters?
Accounting records agree or reconcile with the audited financial statements or other
d
audited information?
e Evidence of supervisory review?
Does the audit group's policies and procedures address providing other auditors access
3 to working papers to facilitate review of audit quality and reliance by other auditors? (GAS
4.16, 5.17, AU 230)
 REVIEW GUIDE SPREADSHEET: POLICY STANDARDS FOR FINANCIAL AUDITS & ATTESTATION ENGAGEMENTS
Adequate
Quality
Step Question Controls Reference / Comments
Y, N, NA
Does the audit group have policies and procedures that require the working papers to
4 show that the accounting records agree or reconcile with the financial information
reported on? (AU 230)
Does the audit group have policies and procedures to ensure that if statistical or
5 nonstatistical sampling was used in tests of internal controls, substantive tests of details,
or tests of legal compliance: (AU 530)
The auditor documented the sampling objective of the test, the tolerable error or rate,
a allowable risk of assessing control risk too low or incorrect acceptance, population
characteristics and expected results?
b A representative sample was selected?
c The sampling results were projected to the population?
Does the audit group have policies and procedures to ensure the working papers
6 document a review of events occurring subsequent to the balance sheet date?
(AU 560)
Does the audit group have policies and procedures to include in the working papers a
7 summary schedule of adjustments that shows both passed or immaterial adjustments and
material errors if not adjusted? (AU 320)

Does the audit group have policies and procedures to evaluate the evidential matter and
8 consider whether specific audit objectives have been achieved and whether any
substantial doubt exists about any assertion of material significance? (AU 230, 500)

When significant accounting applications are processed electronically, does the audit
group have policies and procedures regarding the use of computer assisted audit
9 techniques to obtain competent, sufficient evidence; and performing tests of controls to
gather evidence to use in assessing control risk where information is only in electronic
form? (AU 500)
Does the audit group's policies and procedures require auditors to document in the
10 working papers all communications to the auditee about fraud, illegal acts, and other
noncompliance? (GAS 5.25)
Does the audit group have policies and procedures to obtain written representations from
management concerning representations made during the financial statement audit and
11
management's responsibility for compliance with applicable laws and regulations? (AU
580)
Based on your review, are the audit group's policies and procedures adequate to
12
reasonably meet this standard?

INTERNAL CONTROL
Does the audit group have policies and procedures for obtaining an understanding of the
components of internal control, including the control environment, risk assessment,
1
control activities, information, communication, monitoring, and documenting the
understanding? (AU 315)
 REVIEW GUIDE SPREADSHEET: POLICY STANDARDS FOR FINANCIAL AUDITS & ATTESTATION ENGAGEMENTS
Adequate
Quality
Step Question Controls Reference / Comments
Y, N, NA
Does the audit group have policies and procedures in effect for documenting the basis for
2 conclusions regarding the assessed level of control risk? (GAS
4.06, 5.07, AU 315)
Does the audit group have policies and procedures for changing the nature, timing, and
3 extent of substantive tests based on the assessed level of control risk and detection risk?
(AU 330)
Based on your review, are the audit group's policies and procedures adequate to
4
reasonably meet this standard?

REPORTING
Does the audit group have policies and procedures to ensure communication of
1
information relating to:
The auditors' responsibilities in a financial statement audit, including their responsibilities
a for testing and reporting on internal controls and compliance with laws and regulations
(GAS 4.19-4.22)
The nature of any additional testing of internal controls and compliance required by laws
b
and regulations? (GAS 4.19-4.22)
Does the audit group have policies and procedures to ensure audit reports include a
2 statement that the audit was made in accordance with generally accepted government
auditing standards? (GAS 4.18, 5.19)
Does the audit group have policies and procedures to ensure inclusion in the report of:
3
(GAS 4.15b, 5.16c)
a A qualifying statement if an applicable standard was not followed?
b Disclosure of the standard not followed?
c Reason(s) for not following the standard?
d How not following the standard affected the results of the audit?

Does the audit group have policies and procedures requiring a written report on tests of
4
compliance with applicable laws and regulations and internal controls to include:

The scope of the testing of compliance with laws and regulations and internal controls?
a
(GAS 4.19-4.22)
A statement indicating whether or not the tests performed were sufficient to support an
b
opinion on compliance or internal control? (GAS 4.20)
All instances of noncompliance that are material to the financial statements?
c
(GAS 4.23-4.24, 5.20, 5.22)
Placing the findings in perspective by describing the nature and extent of the issues to
d facilitate the readers understanding of the financial statements and the report?
(GAS 4.29, 5.28)
Does the audit group have policies and procedures regarding reporting fraud, illegal acts,
5 and other noncompliance, or deficiencies in internal control not disclosed in the
compliance report? (GAS 4.25-4.27, 5.24-5.26)
 REVIEW GUIDE SPREADSHEET: POLICY STANDARDS FOR FINANCIAL AUDITS & ATTESTATION ENGAGEMENTS
Adequate
Quality
Step Question Controls Reference / Comments
Y, N, NA
Are there policies and procedures addressing the circumstances in which auditors should
6 report irregularities and illegal acts directly to parties external to the audited entity? (GAS
4.30-4.32, 5.29-5.31)
Does the audit group have policies and procedures for identifying and reporting
7 deficiencies in internal controls that they consider reportable conditions or material, either
individually or in combination? (GAS 4.23-4.24, 5.20-5.23)
Does the audit group have policies and procedures to ensure that privileged information
8 is provided on a need-to-know basis only to persons authorized by law or regulation to
receive it? (GAS 4.41-4.42, 5.40-5.41)
Does the audit group have policies and procedures to require: (GAS 4.40-4.44, 5.39-
9
5.43)
a Inclusion in the report of the nature of the information omitted?
b Inclusion in the report of the requirement which makes the omission necessary?
c Consultation with legal counsel, when appropriate?
Does the audit group have policies and procedures for distributing audit reports?
10
(GAS 4.45a, 5.44a)
Based on your review, are the audit group's policies and procedures adequate to
11
reasonably meet this standard?