Professional Documents
Culture Documents
AUDIT REVISION
TABLE OF CONTENT
TOPIC 1: OVERVIEW OF AUDIT (CHAPTER 1 & 2) ................................................................. 2
TOPIC 7: AUDIT OF THE SALES AND COLLECTION CYCLE (Chapter 13 + 14) ...........70
Assurance services can be performed by public accountants or a variety of other professionals. For
example, some non-profit organizations have been established that test a wide variety of products
used by consumer and report their evaluation of the quality of the products tested in ―consumer
report‖. The information provided is considered more reliable by many consumers than information
provided by the product manufacturer because it comes from an independent.
ATTESTATION SERVICES
Attestation service is a type of assurance service in which the public accounting firm issues a written
communication that expresses a conclusion about the liability of a written assertion of another party.
The main reason for attestation service is that the business environment often requires assurance that
financial information is reliable and can be ―trusted‖. There are three categories of attestation
services: audit of historical financial statement, review of historical financial statement and other
attestation services.
Audit of historical financial statements is a form of attestation service in which the auditor issues a
written report expressing an opinion about whether the financial statements are in material
conformity with accounting standard. The external user who rely on financial statement to make
business decisions look to the auditor‘s report as an indication of the statements‘ reliability because
of the auditor‘s independence and their knowledge of financial statement reporting matter.
Review of historical financial statement is a form of attestation service in which a public accounting
firm issues a written report that provides less assurance than an audit as to whether the financial
statements are in the material conformity with accounting standard. A review is often adequate to
meet user‘s needs and can be provided by the public accounting firm at lower fee than an audit.
Other attestation services: the users seek independent assurances about other types of information.
However, in order to qualify as an attestation service, the engagement must involve written
assertions on some accountability matter.
Different types of assurance which may be obtained in an assurance engagement. Explain why
and what type of assurance an auditor should provide in a financial statements audit.
A financial statements audit is one that expresses an opinion on written assertions and thus the audit
level of assurance is expressed as a positive opinion. The financial statement audit provides a
reasonable level of assurance which enhances the credibility of the information provided by the
party responsible for the matter, such as in the audit report on financial statements under the
Corporations Act 2001. While the assurance of the financial statement audit is objective, it is subject
to a number of inherent limitations. Some of these limitations include time lapse, audit testing based
on selective samples, a subjective assessment of materiality, and that where there are highly
specialised areas, the auditors may need to seek external advice regarding the subject matter being
audited and the reasons for this revolve around the inherent limitation of an audit.
A financial statement audit is performed in accordance with ASA 200 Objective and General
Principles Governing an Audit of a Financial Report. There are inherent limitations in any audit.
These inherent limitations also mean that the auditor cannot achieve a zero engagement risk.
Therefore, an absolute assurance (limited assurance) is not possible in a financial report audit. The
reasons for inherent limitations are as below:
a) Time lapse – by the time the audit report is released the information is relatively ‗old‘.
b) Audit testing on selective samples, which has limitations due to sampling risk.
c) The assessment of materiality, with both quantitative and qualitative considerations, requires a
high degree of professional judgement. There are, however, some guidelines, although by their
nature are necessarily arbitrary.
d) Forming professional judgements in highly specialised areas can often result in disagreements
between auditors and clients
e) Report format limitations and the consequent ―expectation gap‖ often arise with users of
financial statements.
f) Fraudulently prepared Financial statements are extremely difficult to detect as there is always the
possibility of collusion
g) The audit must be performed at a reasonable cost and within a reasonable period of time.
h) No one , including auditors can foresee the outcome of uncertainties
i) Estimates are an inherent art of accounting process.
j) reliance on internal control structures
k) Alternative principles are permitted under accounting standards
Remoteness of information: it is impossible for decision makers to have much first-hand knowledge
and they must rely on the information provided by the other. Therefore, when the information is
obtained from others, the likelihood of it being intentionally or unintentionally misstated increases.
Biases and motives of provider: If the information is provided by someone whose goals are
inconsistent with those of the decision maker, the information may be biased in favor of the provider.
The reason could be an honest optimism about future event or an intentional emphasis designed to
influence users in a certain manner.
Voluminous data: As organizations become larger, the volume of their exchange transactions
increases. This can result in improperly recorded information that will be included in the record.
User shares information risk with management: If users rely on inaccurate financial statements and
as a result incur a financial loss, there is a basis for a legal action against management. A difficult
with sharing information risk with management is that users may not be able to collect on losses.
Audited financial statements are provided: the user uses independent audit performed in order to
obtain reliable information because audit will provide complete, accurate and unbiased audited
information.
Question: Discuss the major factors in today’s society that has made the need for independent
audits much greater than 50 years ago?
There is a demand for independent audit because of the following four conditions:
Conflict of interest—the user perceives an actual or potential conflict with the preparer. For
example, management (preparer) could have an incentive to present biased information in a
financial report because these reports provide information about their performance.
Consequence—the user will make decisions of consequence based on the information.
Complexity—the subject matter is beyond the average user‘s level of expertise.
Remoteness—separation of the user and the preparer
An independent audit is a means of satisfying the need for reliable information on the part of
decision makers. Factors of a complex society which contribute to this need are:
Remoteness of information: it is impossible for decision makers to have much first-hand
knowledge and they must rely on the information provided by the other. Therefore, when the
information is obtained from others, the likelihood of it being intentionally or unintentionally
misstated increases. An example may be distribution of the business among numerous
geographic locations and complex corporate structures.
Biases and motives of provider: If the information is provided by someone whose goals are
inconsistent with those of the decision maker, the information may be biased in favor of the
provider. The reason could be an honest optimism about future event or an intentional
emphasis designed to influence users in a certain manner.
Voluminous data: As organizations become larger, the volume of their exchange transactions
increases. As a result, improperly recorded information will be included in the record.
Complex exchange transaction: exchange transactions between organizations have become
increasingly complex and therefore more difficult to record properly. Example includes
properly combining and disclosing the results of operations of subsidiaries in different
industries and properly disclosing derivative financial instruments.
NATURE OF AUDITING
Auditing is the accumulation and evaluation of evidence about information to determine and report
on the degree of correspondence between the established criteria. Auditing should be performed by a
competent and independent person.
Information and established criteria: there must be information in verifiable form and some
standards (criteria) by which the auditor can evaluate the information. Auditors routinely perform
audits of quantifiable information, including companies‘ financial statements and individual‘s
income tax returns. The criteria for evaluating information are various that depend on the
information being audited. For example, in the audit of historical financial statements by public
accounting firm, the criteria are usually accounting standard. For the audit of tax returns by ATO, the
criteria are found in the Income Tax Assessment Act.
Accumulating and evaluating evidence: Evidence is any information used by the auditor to
determine whether the information being audited is stated in accordance with established criteria.
Evidence takes many different forms such as oral testimony of the client, written communication
with outsiders and observation by the auditor. It is important to obtain a sufficient quality and
volume of evidence to satisfy the purpose of audit.
Competent independent person: the auditor must be qualified to understand the criteria used and
must be competent to know the types and amount of evidence to accumulate to reach the proper
conclusion. The auditor must also have an independent mental attitude. The competence of
individuals performing the audit is of little value if they are biased in the accumulation and
evaluations of evidence. Auditors reporting on company financial statements are often called
independent auditors. Even though auditors of published financial statement are paid a fee by a
company, they are sufficiently independent to conduct audits that can be relied on by users.
Reporting: the final stage in the auditing process is preparing the audit report which is
communication of the auditor‘s finding to users. Report may differ in nature but all must inform
readers of the degree of correspondence between information and established criteria.
Does society as a whole benefits from the services of independent auditors, or are the benefits
restricted to individual third parties?
Society as whole can benefit from audits. For example, in considering financial report audits:
Users of financial reports might have greater confidence in the data on which economic
decisions about the entity are based. The increased confidence placed on financial reports will
reduce the information risk associated with the trading of securities, which will serve to
promote trade, and bring about a movement of economic resources to those areas where the
greatest net benefits are perceived.
An Audit helps create a stable capital environment. The entity might be able to obtain funds
at a lower cost because of the added assurance users have in the financial report. This would
result in higher profits, which might lead to increased dividends to shareholders or might be
retained in the business to fund expansion, increase employment opportunities and pay
further taxes from the entity‘s activities.
Management and employees of the entity might improve their conduct because they know
their performance will be under scrutiny during the audit.
The entity‘s financial report, accounting system and accounting control can be improved
because of suggestions made by the auditor after their assessment on the internal control.
Accounting is the recording, classifying and summarizing of economic events in a logical manner
for the purpose of providing financial information for decision making. In order to provide
relevant information, accountants must have a thorough understanding of the principles and rules that
support the basis for preparing the accounting information. Moreover, the accounting must develop a
system to make sure that the entity‘s economic events are properly recorded on a timely basis and at
reasonable cost.
Auditing is to determine whether recorded information properly reflects the economic events that
occurred during the accounting period. Because accounting rules are the criteria for evaluating
whether the accounting information is properly recorded, any auditor involved with these data must
also thoroughly understand those rules. In addition, the auditor must possess expertise in the
accumulation and interpretation of audit evidence. Determine the proper audit procedure, deciding
the number and types of items to test and evaluating the result are problems unique to the auditor.
TYPES OF AUDIT
Financial statement audits: is conducted to determine whether the overall financial statement is
stated in accordance with specified criteria. In determining whether financial statements are fairly
stated accordance with accounting standard, the auditors should perform appropriate tests to
determine whether the statements contain material error or other misstatement.
Performance audits: is a review of any part of an organization‘s operating procedure and methods
for evaluating efficiency and effectiveness. They can include the evaluation of organization structure,
computer operations, production methods and marketing etc. so management normally expects
recommendations for improving operations at the completion of a performance audit. However,
establishing criteria for evaluating information in a performance audit is an extremely subjective
matter. Therefore, performance auditing is more like management consulting than what is generally
regarded as auditing.
Compliance audits: is to determine whether the client is following specific procedures, rules or
regulations set by higher authority. In addition, compliance audits are an audit performed to
determine whether an entity that receives financial assistance from the Federal Government has
complied with specific laws and regulations. Thus, results of compliance audits are typically reported
to someone within the organizational unit being audited rather to a board spectrum of users.
PEER REVIEW OR QUALITY REVIEW – Question: state what is meant by the term
“mandatory peer review”. What are the implications for the profession?
A peer review is a review, by public accountants, of a public accounting firm's compliance with its
quality control procedure system. A mandatory peer review means that such a review is required
periodically by the relevant professional accounting body.
Peer reviews can be beneficial to the profession and to individual firms. By helping firms meet
quality control standards, the profession gains if reviews result in practitioners doing higher quality
audits. A firm having a peer review can also gain if it improves the firm's practices and thereby
enhances its reputation and effectiveness, and reduces the likelihood of law suits. Of course peer
reviews are costly. There is always a trade off between cost and benefits. A public accounting firm
also gives up some independence of activities when it is reviewed by another firm. The peer review
is an effort at self regulation. Its long-term success cannot yet be evaluated.
STATUTORY REQUIREMENTS
Duty to form an opinion
Duty to report – annual financial report
Duty to report – audit to half – year financial report
Auditor‘s independence declaration
Signing the auditor‘s report
Reporting ASIC
MATERIALITY
An item should be considered material if its omission, misstatement or non-disclosure has the
potential to adversely affect decisions about the allocation of scare resource made by the users of the
financial report or the discharge of accountability by the management or governing body of the entity
Amounts are immaterial: when a misstatement in the financial report exists due to one of the
conditions discussed in the previous section but is unlikely to affect the decisions of a reasonable
user, it is considered to be immaterial.
Amounts are material but are not extreme: when a misstatement in the financial report would affect
a user‘s decision but the overall statements are still fairly stated and therefore useful.
Amounts are extreme, such that overall fairness of statement is in question: the highest level of
materiality exists when users are likely to make incorrect decisions if they rely on the overall
financial report.
MATERIALITY DECISION
There are differences in applying materiality to the condition requiring a departure from an
unqualified opinion. Several aspects of materiality must be considered:
Dollar amount compared with a base: the greatest concern in measuring materiality when a client
has failed to follow accounting standard is usually the total dollar error in the accounts involved,
compared with some base. For example, a $10,000 misstatement might be material for the small
company but not for a large one. Errors must be compared with some measurement base (profit,
total assets, current assets and shareholder’s equity) before a decision can be made about
materiality of the failure to follow accounting standard. In addition, to evaluate overall materiality,
the auditor must also combine all unadjusted error and judge whether there may be individually
immaterial errors that when combined, significantly affect the statement.
Nature of item: the decision of a user may also affected by the kind of error in the statement. The
following may affect the user‘s decision and the auditor‘s opinion in a different way:
Transactions are illegal and fraudulent
An item may materially affect some future period even though it is immaterially when only
the current period considered
An item has a physic effect (ex: small profit vs small loss or cash balance vs overdraft)
An item may be important in terms of possible consequence arising from contractual
obligations (ex: the effect of failure to comply with a debt restriction may result in a material
loan being called)
EXAMPLES OF REPORT
Where a report other unqualified is to be issued, the layout of the report is modified. A ―Basic for …
opinion‖ section should provide a clear description of all the substantive reasons for the opinion and
a quantification of the effects on the financial reports.
Disagreement with management: When the auditors know that the financial report may be
misleading because it was not prepared in conformity with accounting standard, the auditor must
issue a qualified or an adverse opinion, depending on the materiality of the item in question.
Conflict between reporting frameworks: When the auditors encounter situation that the financial
report is presented fairly in accordance with relevant statutory or other requirements but these
requirements conflict with accounting standard. Therefore, the auditor will express a qualified
opinion with respect to the presentation in accordance with these requirements and either qualified or
adverse opinion depending on materiality.
Limitations of scope – Question: How does the auditor’s opinion differ between scope limitation
caused by client restrictions and limitation resulting from conditions beyond the client control?
Under which of these two would the auditor be most likely to issue a disclaimer of opinion?
The auditor's opinion may be qualified by scope limitations caused by client restrictions or by
limitations resulting from conditions beyond the client's control. The former occurs when the client
will not, for example, permit the auditor to confirm material receivables or physically observe
inventories or allow taking any required confirmation. The latter may occur when the engagement is not
agreed upon until after the client's year end when it may not be possible to physically observe
inventories or confirm receivables.
A disclaimer of opinion is issued if the scope limitation is so material that the auditor cannot
determine even by doing alternative procedures, if the overall financial statements are fairly presented or
not. If the scope limitation is caused by the client's restriction, the auditor should be aware that the
reason for the restriction may be to deceive the auditor. For that reason an inability is more likely for
client restrictions than for conditions beyond anyone's control.
If by doing the alternative procedures the auditors feels that it is not material than unqualified opinion
can also be issues.
When there is a scope restriction that results in the failure to verify material, but not pervasive accounts,
a qualified opinion may be issued. This is more likely when the scope limitation is for conditions
beyond the client's control than for restrictions by the client.
Additional disclosures: In rare circumstances, the preparers of the financial report may be of the
opinion that application of a particular accounting standard may mislead the users of that report.
Therefore, under s299 of the Corporate Act 2001, additional disclosures can be included and have to
contain relevant and reliable information.
Deal only with clients possessing integrity: A public accounting firm needs procedures to
evaluate the integrity of clients and should dissociate itself from clients found lacking.
Hire qualified personnel; train and supervise them properly: it is important that these young
professionals be qualified and well trained as well as supervised their work by experience.
Maintain independence: the auditor has to be required an attitude of responsibility separate
from the client‘s and management‘s interests. In addition, the auditor must maintain an
attitude of healthy scepticism.
Understand the client’s business: the sufficient knowledge of industry as well as client
operations can help auditor avoid uncovering error in several cases
Perform quality audits: quality audits require the appropriate evidence be obtained and
appropriate judgement be made about the evidence. Improved auditing reduces the likelihood
of misstatement and legal actions.
Document the work properly: the preparation of good working papers helps in organising
and performing quality audits.
Obtain an engagement letter and a representation letter: these two letters are essential in
defining the respective obligations of the client and the auditor. They are especially helpful in
legal actions between the client and the auditor.
Carry adequate insurance: This is a legal requirement for AACs and is covered by the
professional bodies‘ rules for all auditors.
Seek legal counsel: an auditor should seek the advice of an experienced legal expert or
consult experienced counsel when encountering serious problems during an audit.
Q-1 State your opinion as to the positive and negative effects of legal liability on auditing?
The most important positive effects are the increased quality control by audit firms that is likely to
result from actual and potential lawsuits and the ability of injured parties to receive remuneration for
their damages. Negative effects are the resources required to defend groundless cases and the
harmful impact on the public's image of the profession. Legal liability may also increase the cost of
audits to society, by causing audit firms to increase the evidence accumulated plus the costs of
professional indemnity insurance.
Q-2 Explain the matters which must be proved before a claim for negligence can be successful.
The matters that must be proved to the satisfaction of a court before a claim of negligence can
succeed are that:
A duty of care is owed to the plaintiff (i.e. there is reasonable foreseeability and proximity);
The auditor is negligent (reasonable care and skill are not exercised by the auditor);
The plaintiff relied on the auditor;
The plaintiff suffered a quantifiable loss as a result of the auditor‘s negligence; and
The loss was suffered as a result of relying on the auditor (i.e. causation).
Q-3 what is meant by contributory negligence? Under what conditions is this likely to be a
successful defense?
Contributory negligence means another person (usually the plaintiff) has contributed to his or her
own loss by failing to take sufficient reasonable care. An example is the claim by the auditor that
management knew of the potential for fraud because of weaknesses of internal control but refused to
correct them. The auditor thereby claims that the client contributed to the losses caused by the fraud
by not correcting material weaknesses of internal control structure. Since then, various states have
legislated requirements for damages to be apportioned according to a ―negligence calculus‖ that can
recognize the duties of parties additional to the auditor. This is known as proportionate liability.
Q-4 a common type of legal action against auditor is for failure to detect a defalcation. State
the auditors’ responsibility for such discovery. Give authoritative support for your answer.
The auditor should assess the risk that errors and irregularities may cause a client‘s financial
statements to contain a misstatement (ASA240). Based on this assessment, the auditor should
provide reasonable assurance to detect errors and irregularities that are material to the financial
statements. Because of the nature of irregularities, properly designed and executed audit procedures
are effective for detecting error but may not be appropriate in the context of an identified risk of
material misstatement due to fraud. The decision in the Pacific Acceptance case confirmed the
auditor‘s duty to audit with due care and skill includes a duty to design the audit with due regard to
the possibility of fraud.
to users and regulators. The principal external monitor of the published financial reports is the
external auditor. The auditor‘s role in this regard is to act as an independent monitor who attests
to the reliability of the financial statements and related disclosures intended for the use of existing
shareholders. In general, the purpose of audit is to measure the degree of reliability of financial
statements and thereby raise confidence of users in the financial reports.
EXPECTATION GAPS
The gap result from differences between the views of auditors and other stakeholders regarding: the
roles and responsibilities of auditors, and the performance of auditor. There are many reasons for
expectation gap:
The nature of auditing such as reliance on sampling and subjective evidence
Application of hindsight rather than what was known and reasonable at this time
Self-interest of complaints‘ seeking compensation for losses
Self-interest of auditors protecting their profits
Changes in social expectations
Ignorance or misunderstanding of the roles of participants in corporate governance
ETHICS
Ethics can be defined broadly as a set of moral principles or values. Each person has such a set of
values, although people may not have considered them explicitly.
Need for ethics: Ethical behavior is necessary for a society to function in an orderly manner. The
need for ethics in society is sufficiently important that many commonly held values are incorporated
into law. However, many of the ethical values of a society cannot be incorporated into law because
of the judgmental nature of particular values. For example, it is practical to have law that deal with
cheating, stealing or lying others but it is more difficult to establish meaningful laws dealing with
principles such as integrity, loyalty and diligence.
Why people act unethically: two primary reasons are that the person‘s ethical standards are
different from those of society as a whole and the person chooses to act selfish.
Resolving Ethical Dilemmas: an ethical dilemma is a situation in which a decision must be made
about the appropriate action to take. There are six-step to resolve ethical dilemma
Obtain the relevant facts
Identify the ethical issues from the facts
Determine who is affected by the outcome of the dilemma and how each person is affected
Identify the alternatives available to the person who must resolve the dilemma
Identify the likely consequence of each alternative
Decide the appropriate action
THREATS
Self-interest: when the financial interests of the auditor or their relative are involved
Self-review: when an auditor evaluates a situation that is a result of a previous judgement or advice
by the auditor or auditor‘s firm
Advocacy: when the auditor promotes a position or opinion to the point that subsequent objectivity
may be compromised
Familiarity: when an auditor becomes too sympathetic to the interest of another party because of a
close relationship.
Intimidation: when an auditor‘s actions may be compromised by actual or perceived threats.
SAFEGUARDS
There are two broad categories of safeguard to reduce threats at an acceptable level: the profession,
legislation and regulation (education, training and continuing professional development
requirement) and the work environment.
INDEPENDENCE
Independence in auditing means that takes an unbiased viewpoint in the performance of audits tests,
the evaluation of the results and the issuance of the audit report. The main reason of independence
auditing is that the users rely on the external auditor‘s reports as to the truth and fairness of financial
statements is their expectation of an unbiased viewpoint.
Distinguish between independence in fact and independence in appearance. State three activities
that may not affect independence in fact but are likely to affect independence in appearance
Independence in fact exists when the auditor is actually able to maintain an unbiased attitude
throughout the audit, whereas independence in appearance is dependent on others' interpretation of
this independence and, consequently, their faith in the auditor (or users perceive auditors as being
independent).
Activities which may not affect independence in fact, but which are likely to affect independence in
appearance are: (the first two are violations of the Code of Ethics for Professional Accountants.)
Overdue fees: when significant fees remain unpaid for previous work undertaken by the auditor,
outstanding fees may assume the characteristics of a loan after the expiration of the normal
receivables. As a result, the auditor should consider whether audit independence has been
compromised so the audit work may be reviewed by a professional accountant – not a member of
audit team.
Fee setting: the fees for audit engagement are to reflect fairly the value of work performed
including: the knowledge and skill required for the type of work involved; the level of training and
experience of person necessarily engaged on the work; the degree of responsibility; and the time of
all people engaged in the work
Contingent fee: basing fees on the outcome of the engagement (contingent fees) is prohibited.
Lowballing: the auditor underquotes for an audit to win the contract and expect to recover the
cost of initial audit by providing other services to the client or increasing audit fees in later
periods. Therefore, when a client obtains an audit at significantly lower fee than the
predecessor firm, the audit firm must be able to demonstrate that appropriate time and
qualified staff are assigned to the task in compliance with all applicable standards, guidelines
and quality control procedures.
Question: It is often stated that an auditor cannot be truly independent when payment of fees is
dependent on the client's management. Explain two approaches that could reduce this appearance
of lack of independence.
The use of an audit committee to select auditors is made up of directors who are not a part of
management; Audit committee also decides the scope of services the audit firm has to
perform.
They will agree to the fee proposed by the auditor‘s based on scope of work and the skill and
knowledge required for the type of the work. It also meets periodically to discuss the audit
progress and findings and helps resolve conflicts between the auditor and management
To protect the independence of auditors, it is important to protect them from the threats of
dismissal. An auditor can be removed only a resolution of shareholders at general meeting on
two months notice or by ASIC. A requirement that all changes of auditors and reasons
therefore be reported to ASIC;
Approval of the nominated auditor by shareholders at the annual meeting. Auditor‘s rotation
applies to a listed company. No Individual can play a significant role in the audit of a listed
company (usually the lead auditor and review auditor) for more than 5 out of 7 successive
financial years.
Use of either government or quasi government auditors is an alternative to the engagement of
the auditor and payment of audit fee by management
The auditor should avoid undue economic dependence on the revenues derived from any one
client. The audit work should be reviewed by the professional accountant when total fees
from an audit client exceeds 15% of the gross fee of the firm
After the expiration of the normal receivable period, when significant fees remain unpaid for
previous work undertaken by auditor, the overdue fees can be assumed to be loan due to the
client. In such circumstance, the auditors should discuss about the overdue fees with the audit
committee and the audit work has to be reviewed by a professional accountant, not a member
of the audit team.
AUDITOR SWITCHING
The main reason of management in auditor switching is to seek better quality-service, opinion
shopping and reducing costs. Auditors‘ best protection against threats to auditor independence that
can arise from auditor switching is communication.
Communication between audit firms: A successor auditor should communicate with the previous
auditor as a part of deciding whether to accept an engagement. For example, the successor auditor
may ask for information from the predecessor about disagreement with management, about
accounting principles or audit procedures and reasons for the change of auditors. In addition, the
reasons for resignation of an incumbent auditor must be reported to and accepted by ASIC but the
removal of an auditor is restricted under s329. The Corporate Act requires shareholders to approve
the selection of a new auditor or reappointment of the existing one.
Opinion shopping: the public accounting is requested by a client of another auditing firm to provide
an opinion the application of accounting principles or the type of audit opinion. In fact, the directors
could use a response to try to influence existing auditors or remove them from office and appoint an
auditor with an opinion more ‗favorable‘ to itself.
Reducing cost: there is nothing wrong in management trying to obtain audit services at a lower cost
but the price-based competition does not lead to unacceptably lower-quality auditing or impede the
independence of the auditor.
Auditor committees: is the selected number of members of a company‘s board of directors whose
responsibilities include helping auditors to remain independent of management as well as resolve
conflicts between the auditor and management. There are some factors that may influence the
effectiveness of an audit committee: its mandate and independence of management; the experience
of its member; the extent of its involvement in the operation of the entity; the appropriateness of its
actions; its interaction with internal audit.
Auditor rotation: the ‗familiarity threat‘ caused by using the same senior personnel on an audit have
long been recognized by the professional bodies. Therefore, under Code of Ethics and Company Act
requirement, the lead auditor and review partner have to be rotated every five years. As a result, the
auditor rotation may reduce the likelihood of firms becoming dependent on particular clients and
may encourage higher quality work.
Protection of working paper: there are three main issues in relation to an auditor‘s working papers:
audit integrity, personnel gain and client confidentiality.
Audit integrity: Access to audit working papers would give client personnel an opportunity to
alter information on the paper or interfere with test data.
Personal gain: Auditor must not use confidential client information for their personal
advantage. The confidential client information is defined that information may not be
disclosed without the specific consent of the client except under authoritative, professional or
legal investigation.
Client confidentiality: During the course of the examination, auditors obtain a considerable
amount of confidential information such as officer‘s salary, product pricing, advertising plans
and product cost data. Therefore, the auditors are not allowed to disclose this information in
order to avoid seriously strained relationship between auditors and management.
Exceptions to confidentiality: - Question: The auditor’s working papers can usually be
provided to someone else only with the permission of the client. Give two exceptions to
this rule
The following are exceptions to the confidentiality requirement for auditors‘ working papers
through legal obligation and maintenance of audit quality.
The confidentiality requirement cannot interfere with the member's obligation to follow
auditing standards or accounting standards.
A member must comply with a validly issued subpoena or summons enforceable by order
of a court.
The working papers are formally requested by the ASIC as part of an investigation into the
auditee corporation.
Working papers can be provided in confidence, to another firm conducting a peer review
of the auditor.
Resignation: if the conflicts are sufficiently great to compromise an auditor‘s objectivity, it may be
necessary for the auditor to resign from the engagement.
MANAGEMENT’S RESPONSIBILITIES
The responsibility for adopting accounting policies, maintaining adequate internal controls and
making fair representations in the financial statements rests with management rather than with the
auditors. Because it operates the business daily, a company‘s management knows more about the
company‘s transactions and related assets, liabilities and equity rather than the auditor does. The
Corporate Act requires the directors of a public company to include a director‘s declaration in the
financial report that complies with accounting standard and give a true and fair view.
Material versus immaterial misstatement: It is extremely costly to look for immaterial misstatement
so auditor will look for only material misstatement. Misstatements are considered material if the
combined uncorrected errors and fraud in the financial statements would likely have changed or
influenced the decisions of a reasonable person using the statements.
Reasonable assurance: ASA 200 requires that an audit be designed to provide reasonable assurance
of detecting material misstatements in the financial report arising from fraud & error. Auditing
standards make no distinction between the auditor's responsibilities for searching for errors and for
fraud, whether from fraudulent financial reporting or misappropriation of assets. For both error and
fraud, the auditor must obtain reasonable assurance about whether the statement is free of material
misstatements. An auditor can not give the absolute assurance due the use of testing, the inherent
limitation of internal control and the fact that much of the audit evidence available to the auditor is
persuasive rather than conclusive in nature.
Professional Scepticism: Auditor must use his professional scepticism in all aspects of the
engagement. Professional scepticism is an attitude that includes a questioning mind and a critical
assessment of audit evidence. The auditor should not assume that management is dishonest, but the
possibility of dishonesty must be considered. Nor should the auditor assume that management is
unquestionably honest.
Error vs fraud: An error is unintentional misstatement, auditor find a variety of errors resulting
from such things as mistakes in calculation, omission, misunderstanding and misapplication of
accounting standards to inform management. The auditor has direct responsibility to plan and
performs an audit to maximise the identification of errors. Fraud is intentional misstatement resulting
from fraudulent financial reporting and misstatement resulting from misappropriation of assets.
ASA 240 further provide detail on the auditor‘s responsibility for detecting fraud. The difficulty of
detection of fraud does not change the auditor's responsibility to plan and perform the audit properly.
The following are the circumstances which may increase the auditor's risk assessment for fraud:
Management failing to correct the known material weaknesses in internal control on a timely
Unreasonable demands on the auditor, such as unreasonable time constraints regarding the
completion of the audit or the issuance of the auditor‘s report.
If fraud is detected
The best defence when material misstatements (either errors or fraud) are not uncovered in the audit
is that the audit was conducted in accordance with auditing standards but however if auditor
identifies the misstatement and it indicate the fraud
An auditor shall consider the implication of the misstatement particularly the reliability of
management‘s representations. Auditor needs to either confirm or dispel that suspicion by
doing specific procedures like rigorously examining the contents of boxes during stock count
or confirming from customers certain relevant contract terms, using an expert to take advice
on management estimates.
The auditor shall communicate these matters to those charged with governance.
Evidence accumulation where there is no reason to believe indirect-effect illegal act exist:
the auditor should also inquire of management about policies they have established to prevent
illegal act and whether management knows any laws or regulations that the company has
violated.
Evidence accumulation and other actions when there is reason to believe direct or indirect
effect illegal acts may exist: when auditor believes that an illegal act may have occurred, it is
necessary to take several actions. First, the auditor should inquire of management at a level
above those likely to be involved in the potential illegal. Second, the auditor should consult
with the client‘s legal counsel or other specialist who is knowledge about the potential illegal
act. Third, the auditor should consider accumulating additional evidence to determine
whether there actually is an illegal act.
Action when the auditor knows of an illegal act: if the auditor concludes that the disclosures
relative to an illegal act are inadequate, the auditor should modify the auditor report
accordingly. The auditor has to communicate with the audit committee or other of equivalent
authority to make sure that they know of the illegal act. If the client either refuses to accept
the auditor‘s modified report or fails to take appropriate remedial action concerning the
illegal, the auditor may find it necessary to withdraw from engagement.
MANAGEMENT ASSERTIONS
Management assertions are implied or expressed representations by management about classes of
transactions and the related accounts in the financial statement. Management assertions are directly
related to accounting standard that consists of five broad categories: existence or occurrence;
completeness; valuation or allocation; rights and obligations; presentation and disclosure.
Assertions about existence or occurrence: Assertions about existence deal with whether assets,
obligations and equities in the balance sheet actually existed on the balance sheet date. Assertions
about occurrence whether recorded transactions included in the financial statement actually
occurred during the accounting period.
Assertions about completeness: all transactions and accounts should be presented in the financial
statements. For example, management asserts that all sales of goods and services are recorded and
included in the financial statements.
Assertions about valuation or allocation: assertions deal with whether asset, liability, equity,
revenue and expense accounts have been included in the financial statement at appropriate amounts.
For example, the property is recorded at historical cost and that such cost is systematically allocated
to appropriate accounting periods through depreciation.
Assertions about rights and obligations: management assertions deal with whether assets are the
rights of the entity and liabilities are the obligations of the entity at a given date.
Assertions about presentation and disclosure: these assertions deal with whether components of the
financial statements are properly combined or separated, described or disclosed.
Existence or occurrence – recorded transactions exist: deals with whether transactions have
actually recorded. For example, including a sale in the sales journal when no sales occurred that
violates existence/occurrence objective.
Completeness – existing transactions are recorded: deals with whether transactions that should be
included in the journal have actually been included. For example, failure to record a sale in sale
journal or general ledger when sales occurred that violates this objective.
Accuracy – recorded transactions are stated at the correct amounts: deals with the accuracy of
information for accounting transactions. For example, the quantity of goods shipped was different
from billed or the wrong selling price are used for billing.
Classification – transactions included in the client’s journals are properly classified: example
includes recording a sale of operating non current assets as revenue.
Timing – transactions are recorded on the correct dates: a timing error occurs if transactions are
not recorded on the dates the transactions took place.
Posting and summarization –
recorded transactions are
properly included in the
master files and are correctly
summarized: deals with the
accuracy of the transfer of
information from recorded
transactions in journal to
general ledger.
Accuracy – amounts
included are stated at the
correct amounts
Classification – amounts
included in the client’s
listing are properly
classified: determine
whether items on a
client‘s listing are
included in the correct
amount. For example, the
receivables must be
separated into current and
non-current.
Cutoff – transactions near the balance sheet date are recorded in the proper period: determine
whether the transactions are recorded in the proper period.
Detail tie-in – details in the account balance agree with related master file amounts, foot to the
total in the account balance, and agree with the total in the general ledger
Realizable value – assets are included at the amounts estimated to be realized: example includes
provision for doubtful debts and write-down of inventory for obsolescence.
Right and obligation: right are associated with assets and obligations with the liabilities.
Presentation & disclosure – account balances and related disclosure requirements are properly
presented in the financial statements
Q: Explain the differences among management assertions, general transaction-related auditing
objectives and specific transaction-related audit objectives and their relationships to each other.
Management assertions are implied or expressed representations by management about the classes
of transactions and related accounts in the financial statements. There are five broad categories of
assertions which are stated in the problem. These assertions are the same for every transaction cycle
and account. General transaction-related audit objectives are essentially the same as management
assertions, but they are expanded somewhat to help the auditor decide which audit evidence is
necessary to satisfy the management assertions. Accuracy, classification, timing, and posting and
summarisation are a subset of the valuation or allocation assertion. Specific transaction-related
audit objectives are determined by the auditor for each general transaction-related audit objective.
These are developed for each transaction cycle to help the auditor determine the specific amount of
evidence needed for that cycle to satisfy the general transaction-related audit objectives.
Question: What are the purpose of the general balance-related audit objectives and the specific
balance-related audit objectives? Explain the relationship between these two sets of objectives.
The purposes of the general balance-related audit objectives are to provide a framework that the
auditor can use to accumulate audit evidence. Once the nine general balance-related audit
objectives have been satisfied, the auditor can conclude that the account balance in question is
fairly stated. Specific balance-related audit objectives are applied to each account balance and are
used to help the auditor become more specific about the audit evidence to accumulate.
There is at least one specific balance-related audit objective for each general balance-related audit
objective and in many cases there are several specific objectives. There are specific balance-related
audit objectives for each account balance, and specific balance-related audit objectives for an
account such as fixed assets are likely to differ significantly from those used in accounts receivable.
In some audits, the auditor may conclude that certain specific balance-related audit objectives are not
important. At the end of the audit, the auditor must be satisfied that each specific balance-related
audit objective has been satisfied. The general balance-related audit objectives help the auditor
determine the appropriate specific balance-related audit objectives.
Timing: the Corporate Act 2001 requires that all public companies provide audited financial
statement within four months of the companies‘ fiscal year-end.
Audit program: The audit program includes a list of the audit procedure that the auditor considers
necessary. Most auditors use computers to facilitate the preparation of audit program
PERSUASIVENESS OF EVIDENCE
The persuasiveness of evidence is the degree to which the auditors are convinced by the evidence
supporting to their opinion. Two determinants of the persuasiveness of evidence are the competence
and sufficient of the evidence.
Competence of evidence (reliability of evidence): the degree to which evidence can be considered
believable or worthy of trust. The competence can be improved only by selecting audit procedures
that contain a higher quality of one or more of the following seven characteristics: relevant source;
independence of provider; effectiveness of client’s internal controls; auditor’s director knowledge;
qualified provider such as law firms and bank; degree of objectivity; and timeliness.
Relevant source: evidence must relate to pr be relevant to the audit objective that the auditor
is testing before it can be reliable. For example, if the auditor considers that a client is failing
to bill customers for shipments (completeness objective); a relevant procedure would be a
trace a sample of shipping documents to related duplicates sales invoice. This is because the
shipment of goods is normal criteria used to determine whether a sale has occurred and
should have billed.
Independence of provider: Evidence obtained from a source outside the entity is more
reliable than that obtained from within the entity. For example, external evidence such as
communications from banks, solicitors or customers is generally considered more reliable
than answers obtained from inquiries of the client.
Effectiveness of client’s internal controls: the more effective internal control of client, the
more reliable evidence the auditor obtains. For example, if internal controls over sales and
billing are effective, the auditor obtain more competent evidence from sales invoices and
shipping documents than the controls were inadequate and inefficient.
Auditor’s direct knowledge: Evidence obtained directly by the auditor through physical
examination, observation, computation and inspection is more competent than information
obtained indirectly. For example, if the auditor calculated the profit ratios and compared it
with previous periods, the evidence would be more credible than the auditor relied on the
calculation of financial controller.
Qualifications of individual providing the information: although the source of information is
independent, the evidence will not be reliable if the provider lacks the qualification to do so.
For example, communications from solicitor and bank confirmations are more regarded than
account receivable confirmations form persons not familiar with the business world.
Degree of objectivity: objective evidence is more reliable than evidence that requires
considerable judgement to determine whether it is correct. For example, the objective
evidence includes confirmation of account receivable and bank balances, the physical count
of securities and cash. However, the subjective evidence includes a letter written by a client‘s
solicitor, observation of outdated inventory during physical examination and inquiries of the
credit manager about the collectability of account receivable. Therefore, evaluating the
reliability of subjective evidence, the qualifications of evidence provider are important.
Timeliness: Evidence is usually more reliable for balance sheet accounts when it is obtained
as close to the balance sheet date as possible. For income statement accounts, evidence is
more credible when auditing a sample from the complete period rather than from only a part
of period. For example, a random sample of sales transactions for complete year would be
reliable than a sample from only the first six months.
asked to return the confirmation in all circumstances. On the other hand, the negative confirmation
means that the recipient is requested to respond only when the information is incorrect. However,
this method is costly because the auditor takes time to follow careful procedures in the confirmation
procedures, mailing and receipt.
Documentation: the auditor‘s examination of the client‘s documents and records to substantive the
information should be included in the financial statements. Documentation can be classified as
internal and external. An internal documentation has been prepared and used within the client’s
organisation such as employee time report, duplicate sales invoices and inventory receiving reports.
An external document has been used by an outside party to the transaction being documented such
as vendor‘s invoice, cancelled notes payable and insurance policies that the client can easily obtain.
Cost for this method is moderate because auditor takes time to read and evaluate a client‘s control,
lease agreement and minutes of meeting.
Observation: is the use of senses to assess certain activities. For example, the auditor may obtain
general impression of the client‘s facilities; observe equipment to evaluate whether it is outdated;
watch task performance of accountant. Therefore, cost of this method is low because the auditor can
observe whether the client employee follows the inventory counting procedure.
Inquiries of the client: is the obtaining of written or oral information from the client in response to
questions from the auditors. For example, the auditor may obtain information about the client‘s
method of recording by asking the client how the internal control operates. However, this
information cannot be regarded as conclusive evidence because it is not from an independent source
and may be biased in the client‘s favor.
Reperformance: involves the rechecking of a sample of the calculation and transfer of information
made by the client during the period under audit. Cost of this method is low because the auditors
use computer software to perform simple calculation and tracing.
Question: Outline three uses of analytical procedures in an audit and indicate which are required
on all audits. OR explain the reasons for performing analytical procedures (S3, 2009)
Analytical procedures: According to ASA 520, analytical procedure is the analysis of significant
ratios and trends in order to compare the entity’s financial information with prior period; predicted
results of the entity; expectation of auditor; similar industry information; and also find the
relationship among elements of financial information and between financial information and non-
financial information. There are several main reasons for auditor use analytical procedure:
Understanding the client’s industry and business: When comparing between prior year‘s audited
information and current‘s year unaudited information, the auditor can figure out the changes that
represents important trend or specific events affecting on the audit planning. For example, decrease
in gross profit more competition in market considers more carefully in inventory pricing.
Assessment of the entity’s ability to continue as a going concern: Analytical procedure is useful as an
indication that the client is encountering financial difficulty. The financial failure must be considered
by the auditor in the assessment of audit-related risk. If a high ratio of long-term debt combines with
a lower than average ratio of profits, a relatively high risk of financial failure may be indicated.
Indication of the presence of possible misstatements in the financial statement: Unusual fluctuation
is defined as significant unexpected differences indicated by analytical procedure between the
current‘s unaudited financial data and other data used in comparison. Thus, if the unusual fluctuation
is large, the auditor must determine the reason for it and must be satisfied that the cause is a valid
economic and not a misstatement.
Reduction of detailed audit test: Analytical procedures are usually inexpensive compared with test of
details. Therefore, most auditors prefer to replace tests of details with analytical procedures.
The auditor should apply analytical procedures at the planning stage to aid an understanding of the
business and in identifying areas of potential risk (ASA520). The auditor should apply analytical
procedures at or near the end of the audit when drawing a conclusion as to whether the financial
report as a whole is consistent with the auditor‘s knowledge of the business (ASA 520). In addition,
the auditor may use analytical procedures as a substantive test of transactions or balances.
Question 6.19: it is imperative that the auditor follow up on all material differences discovered
through analytical procedure. What factors will affect such investigation?
Answer: The investigation of differences discovered through analytical procedures is affected by:
The materiality of the amount: A potential material misstatement will require extensive
investigation, whereas an immaterial difference will be dismissed.
The auditor's knowledge of the client's business: The auditor may know of events that caused the
change in ratios.
The results of other auditing procedures: Other information obtained during the audit may
substantiate the results of the analytical procedures.
The purpose of the analytical procedure: The objective of the tests will also affect the auditor's
response to the findings.
The level of aggregation of data: If the auditor uses disaggregated data, he or she may be able to
isolate specific segments, locations, or time periods which require further investigation.
Question: In an audit of financial statements, an auditor must judge the competence of the audit
evidence obtained and asks many questions from the client officers and employees: (1) Describe
the factors the auditor should consider in evaluating the oral evidence provided by officers and
employees (2) Discuss the competence and limitations of oral evidence
1. An auditor should consider the following factors in evaluating oral evidence provided by client
officers and employees in response to these questions:
a) The competence of the questioned individual concerning the topic. For example, the perpetual
inventory clerk would be more likely to know about slow-moving inventory items than current
market prices.
b) The logic and reasonableness of the response. As an auditor becomes familiar with the client's
operations and personnel, he or she becomes more adept at choosing the right person to question and
evaluating the answer. The auditor will also observe a pattern of response forming and determine
whether it is internally consistent.
2. The auditor relies heavily upon the responses of client personnel, but he or she must recognise that
this information may lack reliability. The reliance placed upon such evidence will vary based on
the factors discussed in 1.a., but heavier weight generally is accorded to evidence generated
independently of the client. The auditor should seek additional evidence in instances where he or
she judges a client's response to be uninformed or unreliable. In crucial matters, the auditor should
ask the client to confirm the representation in writing and also obtain additional evidence from
independent sources (see ASA 580).
Two major factors affecting acceptable audit risk are the probable financial statement users and
their intended uses of the statements. The auditor can accumulate more evidence when the
statements are used extensively such as the case of publicly held company with extensive
indebtedness; or company sold in the near future. The most likely uses of the statement can be
determined from previous experience with the client and discussion with management. For example,
the auditor may obtain additional information about the client will have the audits.
The engagement letter is an agreement between the accounting firm and the client for the conduct
of the audit and related services that should specify whether the auditor will perform an audit, a
review plus any other services such as tax returns or management consulting.
The engagement letter should state any restrictions to be enforced on the auditor’s work,
deadlines completing audit, assistance to be provided by the client‘s employees in obtaining records
and documents, schedules to be prepared for the auditor; and an agreement on fees.
The engagement letter does not affect the public accounting firm‘s responsibility towards external
users of audited financial statement but it can affect legal responsibilities to the client.
Engagement letter information is important in planning the audit principally because it affects the
timing of the tests and the total amount of time the audit and other service will take.
Step 4: Select staff for the engagement and evaluate need for outside specialist.
Select staff for engagement: According to ASA 220, the engagement partner shall be satisfied that the
engagement team collectively has the appropriate capabilities, competence and time to perform the
audit engagement in accordance with Auditing Standard. Therefore, staff must be assigned accordance
with Auditing Standard, competent and knowledgeable about the client‘s industry.
Evaluate need for outside specialists: ASA 620 deals with the engagement of experts in the conduct
of an audit, and the requirements for reviewing their work. If an audit requires specialised
knowledge, it may be necessary to consult a specialist or expert. For example, the auditors may use
the diamond expert to audit the inventory valuation of a jeweller and value mineral reserves.
Question: Explain why auditor need an understanding of client’s industry. What sources are
commonly used by auditors to learn about the client’s industry?
There are three primary reasons for obtaining a good understanding of the client‘s industry. First,
risk associated with specific industries may affect the auditor‘s assessment of client business risk
and acceptable audit risk. For example, high technology industries and other industries having risks
of damage to the environment are riskier than others. Second, inherent risks are typically common
to all companies in certain industries so understanding these risks may help auditor in assessing the
client‘s inherent risks. Example includes outdated inventory in the fashion clothing industry, loss
reserves in the insurance industry. Third, many industries (such as real estate agents, financial
institutions, not for profit organisation, and construction company) have unique accounting
requirements that the auditor must understand to evaluate whether the client‘s financial statement
are in accordance with Australian accounting standards. Knowledge of the client‘s industry can be
obtained in different ways, including:
Industry, regulation and other external factors
The auditors need to gain an understanding of the event, transactions and practices related to
environment matters (air pollution or contamination problems) in some industries such as oil and
gas, mining, chemical and pharmaceutical. The auditor may obtain knowledge of the client‘s industry
in different ways such as industry audit guides, Internet sources, textbooks and technical journals.
Based on the definition above, the transaction with a related party are not arm’s length
transactions so there is a risk that they were not valued at the same amount when the
transactions had been with an independent third party. Therefore, most auditors assess
inherent risk as high for related party and related – party transaction because of both of
the accounting disclosure requirement and the lack of independence between the parties
involved in the transactions.
As a result, ASA 550 provides specific audit procedures to be carried out in the identification
of related parties:
Inquiry of management, including their representations regarding known related parties
Reviewing the information provided by management about related parties and related-
party transactions
Examination of share registers and other statutory records to identify principal
shareholders and directors‘ interests
Inquiry as to the affiliation of management with other entities
Reviewing minutes of meetings of shareholders, the governing body and important
committees, and examining statutory registers
Reviewing the entity‘s income tax returns and other information supplied to regulatory
agencies
Company policies: basic policy decisions must always be carefully evaluated as part of the
audit to determine whether management has authorization from the board of directors to
make certain decisions and to be sure the decisions of management are properly reflected in
the statements
Constitution: the auditor should understand the rules and procedures adopted by the
shareholders such as procedures for allotment and issue of shares; calling general meetings;
duties and powers of corporate officers; appointment and retirement of director; declaration
of dividends.
Code of ethics: consideration of the processes for encouraging compliance with the code of
ethics will provide some insight into the integrity and ethical values of senior management.
Minutes of meeting: the corporate minutes are the official recorded of the meeting of BOD,
shareholders and audit committee that includes summaries of the most important topics
discussed at the meetings and the decision made by directors, shareholders and audit
committee. Therefore, the auditor should read the minutes to obtain information relevant to
performing the audit.
Question: define client business risk and describe several source of client business risk. Explain
with examples about the auditor’s primary concern when evaluating client business risk
Evidence of proper planning of the work: allows a review of the proposed scope of the audit
before the work is performed.
The audit program is generally prepared by the audit senior in conjunction with the manager, and is
reviewed and approved by the audit partner. In addition, the audit program for a particular
engagement is influenced by the nature and size of the client‘s business, the management strategy
and its associated risk, the internal control and the client‘s accounting procedures. There are three
major factors to define audit procedures in preparing a detailed program:
Nature: the particular audit procedures to use and the particular items to which a procedure
will be applied
Extent: the sample size will be applied in the procedure and the number of different test will
be performed
Timing: the appropriate time to perform the procedure
Thus, the question the auditor must ask can be summarized as what, how many and when. In
answering this question, the auditor should consider for a particular account or class of transaction:
The risk of undetected error or other irregularities getting through in the audit
Available evidence would indicate the presence or absence of a material error
The maximum dollar amount of error or irregularities
The overall objective of audit documentation is to aid the auditor in providing reasonable
assurance that an adequate audit was conducted in accordance with Australia accounting standards.
In fact, the working papers provide a basis for planning the audit, a record of accumulated evidence
of work performed to support opinion and a basis for review by supervisors and partners.
Current audit file: includes all audit documentation applicable to the year under audit. The types of
information in current file include:
Audit Program: is a list of audit procedures for an audit area or an entire audit. The audit
program is maintained in a separate file to improve the coordination and integration of all parts of
the audit so the auditing standards require a written audit program for every audit. The audit
program always include audit procedures, sample sizes, items to select and timing of the test
in order to ensure a well designed audit program as an evidence of a high quality audit
General information: Some audit files include current period information that is of a general
nature rather than designed to support specific financial statement amounts. For example, the
audit files may include audit planning memos, abstract of minutes of BOD, supervisor‘s review
comments, and general conclusion.
Working trial balance: is a listing of the general ledger accounts and their year-end balances. This
is done as early as possible after the balance date.
Adjusting and reclassification entries: although these entries are prepared by the auditor to correct
material misstatements and misclassification, they must be approved by the client because the
management has primary responsibility for the fair presentation of the statements.
Supporting schedules: is a detailed schedules prepared by the client or auditor in support of
specific amounts in the financial statements. There are several major types of supporting
schedules that are relevant to audit program:
1. Analysis: is a summary of the activity in a general ledger account during the complete
period under audit, including together beginning and ending balances.
2. Trial balance or list: is a list of year end balances contained in various ledger such as
general ledger, accounts receivable and payable ledgers
3. Reconciliation of amounts: is the information that supports a specific amount or link the
amount recorded in the client‘s record to another source of information. Example includes
reconciliation of bank balances with bank statements and the reconciliation of subsidiary
account receivable with confirmations from customers.
4. Test of reasonableness: enables the auditor to evaluate whether the client‘s balance
includes an error in each situation. For example, the auditor test depreciation expense,
provision for income tax and allowance for doubtful debts by using test of reasonableness.
5. Summary of procedures: is a schedule that summarizes the results of a specific audit
procedure performed.
6. Examination of supporting documents: is a special-purpose schedules that is designed to
show detailed test performed. These schedules show no totals and they do not link into
the general ledger because they only provide documents of test performed and the results
found. However, the schedules must state a definite positive or negative conclusion about
the objective of test.
7. Informational: the schedule includes information for tax return and data such as time
budgets and client‘s working hours that will be helpful to audit evidence.
8. Outside documentation: such as confirmation replies and copies of client agreements.
Question: Outline the necessary preparation and planning annual audit before beginning filed
work at the client’s office
Generally, the first step in preparing to supervise and plan the field work for an audit examination is
to review and/or study current and background information on the client and industry. The most
important sources in this preparatory stage are as follows:
Engagement letter (ASA 210) Last year's in-charge auditor
Permanent Audit File Industry and government publications
Last year's work papers Industry audit guides or firm audit guides
Client correspondence files Client Corporate Governance arrangements
Last year's reports, including management Internet information
letter and/or internal control memorandum Analytical procedures
The purpose of this preparatory review and study is to become familiar with such things as:
After the above review, the auditors should make preliminary plans for the field work. They need to
determine what audit tests can be done on an interim basis and what must be done on or after the
balance-sheet date, including tests which should be done on a surprise basis. There must be a plan for
the nature timing and extent of work that can be done by the client's accounting and/or internal audit
staff as well as a schedule of critical dates for such things as cash counts, inventory observations, and
confirmations. A detailed time budget should be developed and specific areas of the audit assigned to
each staff member on the engagement. Additionally, consideration needs to be given as to whether
special expertise is required, e.g., a computer audit specialist.
After completing the preliminary preparation as outlined above, the auditor should schedule a
conference with all staff members assigned to the audit. The agenda would include a review of the
engagement letter, brainstorming about possible fraud risk areas including how management might
engage in and conceal fraud, discussion about the importance of professional scepticism, an estimate
of the scope of work, review of reports to be issued, review of the primary business operations of the
client, assignment of audit areas to the staff, and review of specific problems or difficulties that are
anticipated for this engagement. After this meeting, it is important to assure that each staff member
has adequate time to review and prepare for his or her assigned audit area.
A final step is to make sure that the necessary supplies, permanent files, and prior year‘s audit files
are carefully packed, downloaded, and prepared for transport to the client‘s office. If there is still
time before starting the work at the client‘s office, you can assign staff to set up audit schedule
analyses and lead schedules.
When auditors allocate the preliminary assessment of materiality to account balances, the materiality
allocated to any given amount balance is referred to as the tolerable error. For example, if auditor
decides to allocate $100,000 of a total preliminary assessment of $2,000,000 to account receivable,
tolerable error for account receivable is $100,000. Thus, the auditor is willing to consider accounts
receivable fairly stated if it is misstated by $100,000 or less.
There are three major difficulties in allocating materiality to balance sheet accounts (segments):
auditors expect certain accounts to have more misstatements than others; overstatement and
understatement must be considered; and relative audit costs affect the allocation.
The purpose of allocating the preliminary assessment of materiality to balance sheet accounts is to
help auditor decide the appropriate evidence to accumulate for each. An aim of the allocation should
be to minimize audit costs.
The first two steps in applying materiality involve planning, whereas the last three steps are based on
performing audit tests. The estimate of errors is calculated by making a direct projection from
sample to the population and adds an estimate for sampling error. The direct projection estimate
of misstatement is a estimate of likely misstatement in a population based on a sample , excluding
sampling risk and calculated as net misstatements in the sample, divided by total sampled, multiplied
by the total recorded population value. Sampling error is results because the auditor has sampled
only a portion of the population.
Auditors accept some level of risk or uncertainty in performing the audit function. For example, the
auditor recognizes that there is doubt about the competence of evidence, doubt about the
effectiveness of a client‘s internal control. An effective auditor recognizes that risks exist, are
difficult to measure and require careful thought to respond appropriately. For example, when the
client‘s industry is undergoing significant technology changes that affect both the client and client‘s
Auditors gain an understanding of the client‘s business and their industry and assess client business
risk in order to evaluate the probability of material misstatement in the client‘s financial statement.
Auditor uses the audit risk model identify the potential for misstatements and where they are most
likely to occur.
Inherent risk (IR) is a measure of the auditor‘s assessment of the probability that there are material
misstatement (error or fraud) in a segment before considering the effectiveness of internal control.
Inherent risk is susceptibility of an assertion to a misstatement that could be material, either
individually or when aggregated with other misstatement, assuming there are no related controls. The
inherent risk is inversely related to planned detection risk and directly related to evidence. In
order to increase audit evidence for a higher inherent risk, it is necessary to assign more experienced
staff and review the completed working paper more thoroughly.
Control risk (CR) is a measure of the auditor‘s assessment of the risk that a misstatement could
occur in an assertion that could be material either individually or when aggregated with other
misstatements and that will not be prevented or detected and corrected on a timely basis by the
entity’s internal control. Control risk represents an assessment of whether the client‘s internal
controls are effective for preventing or detecting misstatements; and the auditor‘s intention to make
that assessment at a level below the maximum (100%). Therefore, the more effective the internal
controls, the lower the risk factor that could be assigned to control risk. The relationship between
control risk and planned detection risk is adverse, whereas the relationship between control risk and
substantive evidence is direct. The auditor can increase planned detection risk when controls are
effective because an effective internal control structure reduces the probability of misstatement in the
financial statements. Before setting control risk less than 100%, auditors must do three things: obtain
an understanding of internal control; evaluate how well it should function based on the
understanding; and test the internal controls for effectiveness.
Acceptable audit risk (AAR) is a measure of how willing the auditor is to accept that the financial
statements may be materially misstated after audit is completed and an unqualified opinion has been
issued. There is a direct relationship between AAR and PDR but an inverse relationship between
AAR and planned evidence. When the auditor decides on a lower acceptable audit risk, it means
the auditor wants to be more certain that the financial statements are not materially misstated.
Therefore, the auditors often assign more experienced staff and review the working papers more
extensively for a client with a power acceptable audit risk.
Liquidity position: the auditor must assess the probability and significance of a steadily
declining liquidity position. For example, short of cash and working capital may result in
a future problem in paying debts.
Profits (loses) in previous year: when rapidly declining profit or increasing losses for
several years, the auditor should recognize that the client will encounter the future
solvency problems.
Method of financing growth: the more a client relies on debt as means of financing, the
greater the risk of financial difficulty if the client‘s operations become less successful. It
is important to evaluate whether fixed assets are being financed with short-term or long-
term loan because the large amount of required cash outflows (eg: interest expense)
during a short period of time can force a company into insolvency.
Nature of the client‘s operations: certain types of businesses are inherently riskier than
others. For example, there is a much greater likelihood of financial failure of start-up
Technology Company than of a diversified food manufacturer.
Competence of management: the management is constantly alert for potential financial
difficulties and modifies its operating way to minimize effects of short-term problems.
The auditor’s evaluation of management’s integrity: if a client has questionable integrity the
auditor is likely to assess acceptable audit risk lower. Companies with low integrity often
conduct their business affairs in manner that results in conflicts with their shareholders,
regulators and customers. Disagreement with previous auditor, the ATO, ASIC or the ASX
and conflicts with unions and employees may also indicate integrity problems.
and inventory turnover has slowed in the current year so the auditors would probably set inherent
risk at a relatively high level.
Obtain information to assess inherent risk
Auditors begin their assessments of inherent risk during the planning phase and update the
assessment throughout the audit. For example, the discussion of obtaining knowledge about the
client‘s business and industry, touring the client‘s plant and offices, and identifying related parties all
pertain directly to inherent risk assessment.
An internal control structure consists of policies and procedures designed to provide management
with reasonable assurance regarding the achieving of management‘s objectives in the following
categories: reliability of financial reporting; effectiveness and efficiency of operations; and
compliance with applicable laws and regulations. There are three concepts under the study of internal
control and assessment of control risk.
Management’s responsibility: the management have to establish and maintain the entity‘s control
and is responsible for the preparation of financial statements in accordance with accounting standard.
Reasonable assurance: after considering the costs and benefits of the controls, the company should
develop internal controls that provide reasonable but not absolute assurance that the financial
statement is fairly stated.
Inherent limitations: the internal control structure may have inherent limitations such as:
The potential for human error due to carelessness, distraction, mistakes of judgement or the
misunderstanding of instructions.
The collusion with parties outside the entity or with employees of the entity.
Procedure may inadequate due to changes in conditions
A person responsible for exercising control could abuse that responsibility.
The controls may not be directed at unusual transactions
Client concerns: there are three concerns for management to design an effective control system.
Reliability of financial reporting: management has legal and professional responsibility for
preparing financial statements for investors, creditors and other users and ensure information
be fairly accordance with reporting requirement.
Audit concern: The auditor shall obtain an understanding of internal control relevant to the audit
(ASA 315). Auditor is primarily concerned about controls related to reliability of financial
reporting and controls over classes of transactions.
Organisational structure: the entity‘s organisational structure describes the existing lines of
responsibility and authority so the auditor can obtain the information about management and
functional elements of the business.
Assignment of authority and responsibility: formal methods of communication about
authority and responsibility; and similar control-related matters are important. For example:
the memorandum from top management about the importance of control and control-related
matters; formal organisational plans; employee description and related policy.
Internal audit: is established within an entity to monitor the effectiveness of other control-
related policies and procedures. It is essential that the internal auditor be independent of both
the operating and accounting departments and that it report directly to a high level of
authority within the organisation such as top management or the audit committee of the BOD.
In addition, an adequate and effective audit staff can contribute to reduce external audit costs
by providing direct assistance to external auditors.
Audit committee participation: the audit committee must be independent from management
and have sufficient knowledge of financial reporting issues so they can effectively evaluate
internal controls and financial statements prepared by management. In addition, this
committee is responsible for maintaining ongoing communication with both external and
internal auditors.
Human resources: the most important aspect of internal control is personnel. For example,
honest, efficient people are able to perform at a high level even when there are few other
controls to support them. Because of the importance of competent, trustworthy personnel in
providing effective control, the methods by which people are hired, evaluated, trained,
promoted and compensated are an important part of internal control.
Data preparation: most companies implement several control procedures to ensure that the
source information to be entered into the computer is accurate.
Data entry: the conversion of information from the source document into a computer is a
mechanical process so most companies should have internal controls to ensure that data entry
is accurate.
Transaction processing and master file update: besides accurate input, the accurate
processing of transactions and updating of master files requires that the computer software is
properly designed and reliable.
Document and report generation:
In order to understand the accounting information system, the auditor should:
Identify major classes of transaction
Determine how transaction are initiated
Determine the existence and nature of accounting records
Consider how transactions are processed
Examine the nature and details of the financial reporting process
Control procedures are the policies and procedures ensure that necessary actions are taken to address
risks in the achievement of the entity‘s objectives. There are five types of specific control activities:
1. Adequate separation of duties: there re four general guidelines to prevent fraud and errors
Separation of the custody of assets from accounting: Not allowing a person having
temporary or permanent of an asset to account for that asset is to protect company against
defalcation. In fact, when one person performs both functions, there is high risk that this
person will dispose of the asset for personal gain and adjust the records to avoid
responsibility.
Separation of the authorisation of transaction from custody of related assets: prevent
person authorising transactions from having control over the related asset. For example,
the same person should not authorise the payment of a vendor‘s invoice and also sign the
cheque in payment of the debt.
Separation of operational responsibility from record-keeping responsibility: in order to
ensure unbiased information, record keeping is typically included in a separate department
under the financial controller. For example, sales department could not record sale
transactions.
Separate of IT duties from duties of key users outside IT: it is important for companies to
separate major IT-related functions from key user department functions. For example,
responsibility for designing and controlling accounting software should be under authority
of IT, whereas the ability to update credit limits in the accounts receivable master file
should be located in the company‘s credit department outside the IT function.
3. Adequate documents and records: Documents and records (such as sales invoices, purchase
orders, subsidiary records, sales journals and employee time cards) are physical objects on
which transactions are entered and summarised. Documents perform function of transmitting
information throughout the client‘s organisation and between different organisations.
Therefore, the document should be adequate to provide reasonable assurance that all assets
are properly controlled and all transactions are correctly recorded. The documents and record
should have essential elements to gain its effectiveness:
Pre-numbered consecutively to facilitate control over missing documents – ex:
number in sales invoice
Prepare at the time of transaction. Record is less credible and the chance of
misstatement increases if taking longer time.
Sufficiently simple to ensure understanding
Designed for multiple uses – ex: used shipping document can be a receipt of goods
from storage to shipping department; inform the quantity of goods to the customers
and appropriate billing date.
Constructed to encourage right preparation – ex: a document may include blank space
for authorisations and approvals; and designated column spaces for numerical data.
A control closely related to documents and records is the chart of accounts which is
helpful in preventing classification error.
4. Physical control over assets and records: it is essential to protect assets and records in order
to maintain adequate internal control. The most important type of protective measure for
safeguarding assets and records is the use of physical precautions. For example, using
storerooms for inventories is to guard against theft; fireproof safes and safety deposit for the
protection of assets such as currency and securities are important physical safeguards. When
a company is highly computerised, it is compulsory to protect its computer equipment,
programs and data files. Therefore, there are three categories of controls related to protecting
IT equipment, programs and databases. First, physical controls are used to protect the
computer facilities – ex: locking on doors to the computer room, proper control of
environmental conditions such as temperature and humidity, adequate storage space. Second,
access control permits authorised people can use the equipment and have assess to software
and data files through assess password system. Finally, backup and recovery procedures
are efficient method to avoid loss of equipment, programs or databases.
him or her to evaluate the competence of the employees and the effectiveness of internal controls.
While some of the five control procedures are unavailable in a small company, especially adequate
separation of duties, it is still possible for a small company to have proper authorization of
transactions and activities, adequate documents and records, physical controls over assets and
records, and, to a limited degree, independent checks on performance.
The auditor considers the internal control by first obtaining an understanding of internal control that
used for assessment of control risk. When auditor‘s control risk assessment is below maximum, the
auditor performs tests of controls. After receiving result of test of control, the auditor considers how
those results affect planned detection risk and substantive testing.
Understanding internal control sufficiently to plan the audit: the extent of understanding must be
sufficient to plan the audit adequately in terms of four specific planning matters
Auditability: the auditor must obtain information about the integrity of management and the
nature and extent of the according records to be satisfied that sufficient and appropriate
evidence is available to support the financial statement balances.
Potential material misstatements: the understanding should allow the auditor to identify the
types of potential error and fraud.
Detection risk: control risk affect directly planned detection risk for each audit objective so
information about internal control is used to assess control risk for each that affects planned
detection risk and planned audit evidence.
Design test: the information obtained should allow the auditor to design effective test of the
financial statement balances including test for monetary correctness and analytical procedure.
Before making conclusion of control risk, the auditor must complete three steps: to obtain an
understanding of the control environment and information system at a fairly detailed level; to
identify specific control that will reduce control risk and make an assessment of control risk;
and to test the control for effectiveness.
Procedures to determine design and placement in operation: in obtaining that understanding, the
auditor should consider two aspects: the design of the various controls within each element; and
whether they have been placed in operation.
Update and evaluate auditor’s previous experience with entity: the auditor should obtain the
updated information of client‘s internal control
Make inquires of client personnel: Inquiries of personnel at the management, supervisor and
staff levels about the updating information from previous audit will be conducted in
obtaining an understanding of internal control
Read client’s policy and system manuals: the entity must have extensive documentation such
as accounting manual and an organisation chart in order to design and maintain internal
control.
Examine documents and record: examination of the documents and records provides
evidence that the control policies and procedures have been placed in operation.
Observe entity activities and operations: the auditor can observe personnel in the process of
preparing documents and records as well as carry out their normal accounting and control
activities. As a result, the auditor will improve their knowledge and understanding that
controls have been placed in operation.
Internal control questionnaire: is a series of questions about the controls in each audit area,
used as a method in order to show auditor aspects of internal control that may be inadequate.
The primary advantage of using questionnaire is the ability to cover each audit area
completely but the disadvantage is that the individual parts of the client‘s systems are
examined without providing an overall view.
The initial assessment is generally made for each transaction-related audit objective for each
major type of transaction. In addition, the initial assessment usually starts with consideration of
the control environment. If the attitude of managements is that internal control is not important,
it is unreasonable to believe that the detailed control activities will be reliable. As a result, the
auditor can assume that the control risk for all transaction-related audit objectives is at the
maximum. On the other hand, if management‘s attitudes towards internal control are positive,
the auditor may assess the control risk below maximum after evaluating and considering the
specific policy and procedures.
There are three important considerations about the initial assessment. First, the auditor does not
have to make the initial assessment in a formal, detailed manner. Second, when the significant
information supporting transactions is available only in electronic form, the auditor may assess
control risk below the maximum and perform more extensive test of control. Third, even though
the auditor believes control risk is low, assessed control risk is limited to that level supported by
the evidence obtained.
3. Assess whether it is likely that a lower assessed control risk could be supported
When the auditors believe that actual control risk may be significantly lower than the initial
assessment; they may decide to support a lower assessed control risk. As a result of the initial
assessment, additional controls can be identified and tested to reduce assessed control risk.
4. The control risk matrix – Question: what is the purpose of control risk matrix and explain the
meaning of an assessment of control risk of low compared with one of medium
The purpose of the control risk matrix is to assist the auditor in assessing control risk. The control
risk matrix helps the auditor identify controls and weaknesses for each of the six transaction-
related audit objectives.
If control risk is assessed as low, the auditor believes that the controls are likely to detect and
correct misstatements which may occur. If control risk is assessed as moderate, the auditor
believes that the controls are less likely to detect and correct misstatements which may occur than
if control risk was assessed as low.
If the auditors want to use a low assessed control risk, they will apply more extensive test of control
such as larger sample size for documentation, observation and re-performance procedures.
Distinguish between obtaining an understanding of internal control and assessing control risk.
Also explain the methodology the auditor uses for each of them.
The purpose of obtaining an understanding internal control is to find out how the entity believes the
internal controls operate. It involves evaluating the design of internal controls and determining
whether those controls have been placed in operation. Assessing control risk means to state the
degree to which the auditor intends to rely on internal controls to reduce substantive tests. For
example, the auditor might assess control risk as low.
The understanding of internal control is done by interviewing entity personnel, examining procedures
manuals, describing the flow of documents and records by the use of flowcharts and narrative
descriptions, and using an internal control questionnaire. Assessing control risk is done based upon
the findings in the understanding of internal control and the results of the tests of controls. It is an
auditor's decision using professional judgment
AR
= PDR
IR x CR
Procedures to
Substantive Tests of Sufficient
obatin an Test of Analytical
tests of details of approprate
understanding of control procedures
trasaction balance evidence
internal control
Procedures to obtain an understanding of internal control and test of control reduced control risk,
whereas analytical procedures and test of details of balance are used to satisfy planned detection risk.
Substantive test transactions affect both control risk and planned detection risk because they are used
to test the effectiveness of internal controls and the dollar amount of transactions.
Analytical Procedure
Inquiry of client
Reperformance
Documentation
Confirmation
Observation
Types of test
Procedure to obtain an understanding of internal control
Test of control
Substantive tests of transactions
Analytical Procedure
Test of details of balances
Obtain an understanding of internal control is procedures used by the auditor to gather evidence
about the design and placement in operation of specific control and the test of control is audit
procedures to test the effectiveness of controls in support of a reduced assessed control risk.
Therefore, two these tests were to evaluate whether controls over transactions in the cycle are
sufficiently effective to reduce control risk and thus reduce substantive test. Therefore, obtain an
understanding of internal control and test of control are low in cost because the auditor is making
inquiries, observations and examining initials or approvals on documents. The auditor may use audit
software to test the client computerized accounting information system that can be completely done
in a few minutes.
On the other hand, the substantive tests are audit procedures designed to test for dollar (monetary)
errors in financial statement (general ledger) balances. There are three types of substantive tests:
substantive tests of transactions, analytical procedures, and test of details of balances.
The substantive tests of transactions are the audit procedure testing for monetary errors to
determine whether all six transaction-related audit objectives have been satisfied for each class of
transaction. This test emphasizes the verification of transaction recorded in the journal and posted
in the general ledger. This test is more expensive than test of controls because it requires
recalculation and tracings. However, when these procedures involve highly appropriate evidence
such as externally generated documents, they can be quite effective.
Analytical procedures are the use of comparisons and relationships to assess whether account
balances or general ledger balances appear reasonable. The two most important of analytical
procedure is to indicate the presence of the possible misstatement in the financial statement as well
as reduce the test of details of balance. Therefore, the analytical procedure is least costly because
the auditors often calculate the ratios by using computer software. In addition, this test is proven
quite effective in detecting large misstatements in the financial reports.
Test of details of balances focus on the ending general ledger balances for balance sheet accounts.
This relates to the process of obtaining full details of the general balance from the client and carrying
out appropriate the audit procedures to test the details of the balance. The test of details of balances
is the most effective and essential when conducting audit because the evidence is obtained from a
source independent of the client and thus is considered to be highly reliable. Therefore, the tests of
details of balances are always considerably more costly than any other procedure because it is costly
to send confirmations and to count assets. (Apply nine balance-related audit objectives)
Substantive tests of transactions are audit procedures testing for monetary misstatements to
determine whether the six transaction-related audit objectives have been satisfied for each class of
transactions. It involves tracing and checking information from source documents through the
various stages of recording to the general ledger and subsidiary ledgers, looking for dollar errors
in processing. Examples are:
Recalculation of amounts (quantity times unit selling price) on selected sales invoices and
tracing of amounts to the sales journal or sales reports.
Examination of vendor invoices in support of amounts recorded in the purchase journal for
purchases of inventories.
Recalculation of gross pay for selected entries in the payroll journal.
Tracing of selected customer cash receipts to the accounts receivable master file, agreeing
customer names and amounts.
If the balance of accounts is affected by many relatively small transactions, the auditor designs
substantive tests of balances directed to selected items (e.g. individual customers, inventory items)
which are an aggregate of a number of transactions and which aggregate to create the ending account
balance. This commonly occurs for the accounts receivable and inventory balances. Thus, for
example, for inventory, the auditor could either substantively verify individual sales and purchases
transactions, or the aggregate of these balances by, say, counting an inventory line. Major evidence
gathering techniques for substantive tests of transactions is the inspection of documentation (e.g.
sales invoice and shipping document) that supports the transaction. Major evidence gathering
techniques for substantive tests of balances include physical examination (e.g. inventory) and
confirmation procedures (debtors).
In addition, the analytical procedures are considered to perform for all audits at three different stages
of audit: in the planning stage, to help the auditors understand the client‘s business and to determine
other evidence needed to satisfy the acceptable audit risk; during substantive testing; and near the
end of the audit as a final test of reasonableness.
Finally, the auditor can apply tests of details of balance to several accounts to determine whether
they are satisfied by nine balance-related audit objectives. The methodologies for designing
substantive test of details of balances consist of:
Identify client business risk
Set materiality (tolerable error) and assess inherent risk
Assess control risk
Design and perform test of controls and substantive test of transactions
Design and perform analytical procedures
Design tests of details of balance to satisfy balance-related audit objectives
helps the auditor plan for contingencies, revise the audit program for unexpected results and
complete the audit ASAP.
Existing sales transactions are recorded – completeness: An effective procedure to test unbilled
shipments is to trace selected shipping documents from a file in the shipping department to related
duplicate sales invoices and the sales journal.
Account
Customer Shipping Duplicate General
Sales journal receivable
Order document sales invoice Ledger
master file
Complete Existence
ness start start
Sales are accurately recorded – accuracy: the accuracy recording of sales transactions concerns
shipping the mount of goods ordered, accurately billing for the amount of goods shipped and
accurately recording the amount billed in the accounting record.
Recorded sales are properly classified – classification: if the company‘s sales generate from
different segmentation, proper classification is essential.
Sales are recorded on the correct dates – timing: timely recorded transaction are also less likely to
contain misstatement the auditor should compare the date on the selected bills of lading with the
date on related duplicate sales invoice.
Sales transactions are properly included in the master file and correctly summarized – posting and
summarization: read hand out – topic 7
Prepare proof of cash receipts: is a useful audit procedure to test whether all recorded cash receipt
have been deposited in the bank account by reconciling the total cash receipts recorded in the cash
receipts journal for a given period with the actual deposits made to the bank. The procedure can
help discover recorded cash receipts that have not been deposited; unrecorded deposits; unrecorded
loans; and banks loan deposited directly into the bank account.
Test to discover lapping of accounts receivable: the lapping of account receivable is the
postponement of entries for the collection of receivable to conceal an existing cash shortage. The
defalcation is performed by a person who holds cash; defers recording the cash receipts from
customers and covers the shortage with receipts of another.
Follow-up of non response: when customers do not return the confirmation, it is necessary to follow
up with alternative procedure. The objective of this procedure is to determine whether non-confirmed
account existed and was properly stated at the confirmation date. There are some several useful types
of alternative procedure:
Subsequent cash receipts: evidence of receipt of cash subsequent is the confirmation dates
including remittance advices
Duplicate sales invoices
Shipping document
Correspondence with the client
Analysis of differences: when the confirmation requests are returned by the customer, it is necessary
to determine the reason for any reported difference. There are several common reported types of
differences in confirmation:
Payment has already been made
Goods have not been received
Goods have been returned
Clerical errors and doubtful amounts
Question: If the auditor does not receive a response after sending a letter to confirm a debtor’s
balance, what alternative audit procedures may be performed?
The best evidence is the receipt of payment from the customer. The matching of such cash receipts to
unpaid invoices at the confirmation date, evidenced by the remittance advice accompanying the cash
receipt, establishes the existence and collectability of the accounts. Alternatively, if payments are
made by direct credit to the entity‘s bank account, there is usually some identifier or corresponding
email supporting the receipt and identifying items covered in the payment.
Any unpaid balances should be vouched to supporting documentation, preferably a dispatch note
signed by the customer acknowledging receipt of the goods, or a written order from the customer.
Questions: Identify and describe the two most important tests of details of balances in relation
to accounts receivable.
Confirmations: direct written communication by the auditor with individual customers to confirm the
customer‘s accounts receivable balance.
Evaluate the adequacy of the allowance for bad debts: the auditor must review and test
management‘s procedure for determining the allowance. They may also use an independent estimate
and review subsequent events.
Out-of-period liabilities test: is used to discover unrecorded account payables that are applicable for
accuracy, existence, cutoff and completeness. This test consists of:
Examine underlying documentation for subsequent cash payment
Examine underlying documentation for bills not paid several weeks after year-end
Trace receiving report issued before year-end related to vendor’s invoice
Trace vendor’s statement that show a balance due to accounts payable trial balance
Send confirmation to vendors with whom the client does business
Reliability of evidence: there are three primary types of evidence ordinarily used: vendor‘s invoices,
vendors‘ statements and confirmations
Distinction between vendor’s invoices and vendor’s statements: the vendor’s invoices provide
highly reliable evidence about individual transactions so it is helpful for auditors to verify
transactions. On the other hand, the vendor’s statements provides credible evidence about
ending balance according to vendor‘s record so it superior for verifying accounts payable.
Difference between vendor’s statements and confirmations: A vendor’s statements have been
prepared by an independent third party but are in the hands of the client at the time the auditor
examines it. Therefore, the client has an opportunity to alter a vendor‘s statement or no make
certain statements available to the auditor. On the other hand, a confirmation of accounts
payable is request for a detailed statement sent directly to the auditor‘s office and thus provide
more information. In addition, this confirmation also provides inventory owned by vendor but
stored on the client‘s premises.
Fraudulent hours occur when an employee reports more time than was actually worked. It is
difficult for auditor to discover fraudulent hours because of the lack of available evidence. One
procedure is to reconcile the total hours paid according to the payroll records with an independent
record of the hours worked. Consequently, it may be possible to observe an employee clocking in
more than one time card under a partner approach.
Test of details of balance: read handout topic 8
Test of the bank reconciliation: the reason for testing the bank reconciliation are to determine
whether client personnel have carefully prepared the bank reconciliation and to verify whether the
client‘s recorded bank balance amounts to the same amount as the actual cash in the bank. Several
main procedures consist of:
Verify that the client‘s bank reconciliation is mathematically accurate
Trace the balance bank confirmation or bank statement to balance on the bank reconciliation
Trace un-presented cheques on the bank reconciliation to subsequent bank statements – a
statement obtained from the bank showing transactions for the period immediately after
balance date and to the cash payment journal.
Investigate all significant cheques included on the un-presented cheque list that have not
cleared the bank with a reasonable time.
Trace the deposits not yet credited to the subsequent bank statement
Account for other reconciling items for the bank statement and bank reconciliation
Fraud-oriented procedure: The auditor must extend the procedures in the audit of year – end cash to
determine the possibility of material fraud when there are inadequate internal controls, especially the
improper segregation of duties between handling of cash and recording of cash transactions in the
accounting records. The following procedures for uncovering fraud that are directly related to year-
end cash balances:
2. Proof of cash
The auditors use a proof of cash to determine:
All recorded cash receipts were deposited
All deposits in the bank were recorded in the accounting records
All recorded cash payments were paid by bank
All amounts that were paid by the bank were recorded
A proof of cash includes:
A reconciliation of the balance on the bank statement with the general ledger balance
at the beginning of the proof of cash period
Reconciliation of total cash receipts deposited in the bank with cash receipts journal
Reconciliation of the total cheques cleared by the bank with cash payment journal
Reconciliation of the balance on the bank statement with general ledger balance
A proof of cash can be performed for one or more interim months, or the last month of the
year, after that the auditor is combining STOT or TDB. A proof of cash is excellent means of
comparing recorded cash receipts and payment with the bank account and bank reconciliation
but it is not effective for discovering cheques written for improper amount and fraudulent as
well as not useful for uncovering the thef of cash receipts.
3. Test of interbank transfer
Embezzlers (dishonest people) often cover theft of cash by practice known as kiting –
transferring money from one bank to another and improperly recording the transaction. Near
balance date, a cheque is drawn on one bank account and immediately deposited in a second
account before the end of accounting period. In making this transfer, the embezzler is careful
to ensure that the cheque is deposited at a late enough date so that it does not clear the first
bank until after the end of period. Therefore, a useful approach to test for kitting is to list all
bank transfer made a few days before and after the balance sheet date and to trace each to the
accounting records for proper recording.
Question: Distinguish between sampling and non-sampling risk. Identify and describe the four
types of sampling risk that may occur in audit sampling including how they occur and how
they impact an audit
Non – sampling risk (error) is the risk that audit tests do not discover existing exceptions
(mistakes) in the sample. On the other hand, sampling risk (error) is the risk that an auditor reaches
an incorrect conclusion because the sample is not representative of the population. Moreover,
sampling risk is an inherent part of sampling that result from testing less than the entire population.
There are four types of sampling risk that may occur in audit sampling:
Risk of over-reliance: This occurs when the sample supports the preliminary level of control
risk but the operating effectiveness of controls is actually inadequate. The result is that the
audit could be ineffective as the level of testing may be insufficient to detect material
misstatements.
Risk of under-reliance: This occurs when the sample does not support the preliminary
assessed level of control risk but the operating effectiveness of controls is adequate. The
result is that the audit is inefficient as the auditor will increase substantive procedures
unnecessarily.
Risk of incorrect acceptance: This occurs when the sample supports the conclusion that the
account balance is not materially misstated when in fact it is. The result is that the audit could
be ineffective as the level of testing may be insufficient to detect material misstatements.
Risk of incorrect rejection: This occurs when the sample supports the conclusion that the
account balance is materially misstated when in fact it is not. The result is that the audit is
inefficient as the auditor will increase substantive procedures unnecessarily
Plan the sample: makes sure that the audit test are performed to provide the desired sampling
risk and to minimize the likelihood of non-sampling error.
Select the sample and perform the tests: involve deciding how to select sample items from the
population. Performing test is the examination of documents and doing other audit procedures.
Evaluate the results: involves drawing conclusions based on the audit tests.
Question: what is the purpose of using non-statistical sampling for TOC and STOT?
Estimate the proportion of items in a population containing a characteristic or attribute of interest.
The auditor is ordinarily interested in determining internal control deviations or monetary
misstatements for tests of controls and substantive tests of transactions.
Question: Define tolerable error, expected error and confidence level for both tests of control
and substantive testing.
Tolerable error is the maximum error in a population that the auditor is willing to accept. For tests of
controls this is the maximum deviation rate from the control that the auditor is willing to accept and
still state that the control is operating at a satisfactory level as per the initial assessment of control
risk. For substantive tests, it is the maximum amount that the account can be misstated where that
auditor can still conclude that the account is fairly stated.
Expected error is the error rate that the auditor expects to exist in the population. For tests of controls
this is the expected population deviation rate. For substantive tests this is the expected misstatement.
Confidence level: for tests of control this is the risk of overreliance which is the risk that the
allowable assessed control risk is lower than it actually is. In substantive testing this is the risk of
incorrect acceptance, which is the risk that testing suggests a material error does not exist when in
fact it does.
Question: explain the difference in the independence of internal auditors and external auditors
in the audit of historical financial statements. How can internal auditors achieve best
independence?
External auditors are considered more independent than internal auditors for the audit of historical
financial statements because their audit report is intended for the use of external users. From an
internal user's perspective, internal auditors are employees of the company being audited.
Internal auditors can achieve independence by reporting to the board of directors or audit committee.
The responsibilities of internal auditors affect their independence. The internal auditor should not be
responsible for performing operating functions in a company or for correcting deficiencies when
ineffective or inefficient operations are found.
Question: Explain the role of the internal auditors for financial auditing. How is it similar to,
and different from, the roles of external auditors?
Internal auditors who perform financial auditing are responsible for evaluating whether their
company's internal control structure is designed and operated effectively and whether the financial
statements are fairly presented. This responsibility is essentially the same as the responsibility of
external auditors who perform financial audits. The two types of auditors are also similar in that they
both must be competent and must remain objective in performing their work and reporting their
results. Despite these similarities, the role of the internal auditor in financial auditing differs from
that of an external auditor in the following ways:
Because internal auditors spend all of their time with one company, their knowledge about
the company's operations and internal control structure is much greater that the external
auditor's knowledge.
Guidelines for performing internal audits are not as well defined as the guidelines for external
auditors.
Internal auditors are responsible to the management of the companies that they work for,
while external auditors are responsible to shareholders as the financial statement users.
Because internal auditors are responsible to management, their decisions about materiality
and risks may differ from the decisions of external auditors.
Based on lawyer‘s representation, the auditor can obtain a professional opinion from solicitors about
the expected outcome of existing legal actions and the probable amount of the liability. However, the
lawyers do not provide auditors with complete information about contingent liabilities because of
two main reasons:
Refusal to respond due to lack of knowledge about matters involving contingent liabilities
Refusal to disclosure information that the lawyer considers confidential.
They also consider requiring a qualified or disclaimer of opinion due to a limitation of scope if a
lawyer refuses to provide the auditor with sufficient information about material mattes.
Subsequent events occurring between the balance sheet date and the date of the auditor's report are
those transactions and events which might affect the financial statements being audited (either
adjustment, disclosure, or both).
The first type of subsequent event is one that has a direct effect on the financial statements and
requires adjustment. Examples of this type of subsequent event are as follows:
Declaration of bankruptcy by a customer with an outstanding accounts receivable balance due
to the deteriorating financial condition
Settlement of a litigation for an amount different from the amount recorded on the books
Disposal of equipment not being used in operations at a price below the current book value
Sale of investments at a price below recorded cost
Sale of raw material as scrap in the period subsequent to the balance sheet date
The second type of subsequent event is one that has no direct effect on the financial statements but
for which disclosure is advisable. Examples include the following:
Decline in the market value of securities held for temporary investment or resale
Issuance of bonds or equity securities
Decline in the market value of inventory as a consequence of government action barring
further sale of a product
Uninsured loss of inventories as a result of fire
The subsequent discovery of facts existing at the date of the auditor's report occurs when the auditor
becomes aware that some information included in the financial statements was materially misleading
after the audited financial statements have been issued. Some examples of such facts would be:
Audit tests
The audit procedures for subsequent events review can be divided into two categories: procedures done as part
of the verification of year-end account balances; those performed for the purpose of discovering events
or transactions that must be recognized as subsequent events. The first category includes cutoff and
valuation tests that are done as part of the tests of details of balances. The second category of tests is
performed for the purpose of obtaining information that must be included in the current year‘s
account balances or notes in the financial report. These tests consist of:
Inquire of management
Correspond with lawyers
Review internal statement prepared subsequent to the balance sheet date
Review records prepared subsequent to the balance sheet date
Examine minutes issued subsequent to the balance sheet
Obtain a letter of representation
concern. In addition, the knowledge of the client‘s business gained throughout the audit is
important information used to assess the likelihood of financial failure within the year.
Moreover, the auditor‘s evaluation of management plans to deal with any insolvency problem
will be an important element in the auditor‘s decision. If there is a highly improbable that the
entity will continue as a going concern, the auditor will express adverse opinion. However,
the audit report should include an emphasis of matter section if going-concern problem is
adequately disclosed in the financial report.
Question: What is the relevant period for assessing whether or not the use of the going concern
basis is appropriate? During which stage of the audit does the auditor perform most of the
procedures for assessing the use of the going concern basis? Give four examples of such
procedures.
The relevant period extends to the expected date of the auditor‘s report for the succeeding financial
statement period. These procedures are usually conducted during the period of completion of the
audit, and include:
Analyze and discuss cash flow, profit and other relevant forecasts with management.
Analyze the liquidity of the company
Analyze and discuss the entity‘s latest available interim financial statements.
Review the terms of debentures and loan agreements whether any have been breached.
Read minutes of the meetings of shareholders, those charged with governance and relevant
committees for reference to financing difficulties.
Enquire of the entity‘s lawyer regarding the existence of litigation and claims and the
reasonableness of management‘s assessments of their outcome and the estimate of their
financial implications.
Confirm the existence, legality and enforceability of arrangements to provide or to maintain
financial support with related and third parties and assess the financial ability of such parties to
provide additional funds.
Consider the entity‘s plans to deal with unfilled customer orders.
Question: What are the objectives of the management representation letter? Under what
circumstances are management representations considered acceptable audit evidence?
The objectives of the management representation letter include:
Confirmation of oral representations given to the auditor,
Document the continuing appropriateness of representations,
Reduce the possibility of misunderstandings concerning management‘s representations
Acknowledge management‘s responsibility for the presentation of the financial statement.
Management representations are considered acceptable audit evidence only where other sufficient
appropriate audit evidence cannot reasonably be expected to exist. However it is still prudent to
consider management representations to be supporting rather than primary evidence.
2. Evidence supports auditor’s opinion: when the auditors find a large number of immaterial
misstatements, they can use a convenient method known as an unadjusted misstatement
worksheet or summary of possible misstatement. This worksheet is a summary of
immaterial misstatements not adjusted at the time they were found, used to help the auditor
assess whether the combined amount is material.
3. Financial report disclosure: many audit firms require the completion of a financial
statement disclosure checklist for every engagement. These questionnaires are designed to
remind the auditor of common disclosure problems encounter on audits, and to facilitate the
final review of the entire audit by independent partner.
4. Working paper view: There are three main reasons why it is essential that the working
papers be thoroughly reviewed by another knowledgeable member of the audit firm at the
completion of the auditing.
To evaluate the performance of inexperienced personnel. The lack of experience can
affect to make professional judgments in complex situations
To ensure that the audit meets the public accounting firm‘s standard of performance
To counteract the bias that often enters into the auditor‘s judgment.
5. Independent review