Audit Magical Document

Page |1
AUDIT REVISION
TABLE OF CONTENT
TOPIC 1: OVERVIEW OF AUDIT (CHAPTER 1 & 2) ................................................................. 2
Chapter 1: DEMAND FOR AUDIT AND ASSURANCE SERVICES ............................................ 2
Chapter 2: AUDITS REPORT ........................................................................................................... 9
TOPIC 2: AUDITORS STATUTORY – RESPONSIBILITIES – AUDIT OBJECTIVES

(CHAPTER 3+4+5) ............................................................................................................................ 13
Chapter 3: AUDITORS‘ LEGAL ENVIRONMENT ...................................................................... 13
Chapter 4: AUDIT QUALITY AND ETHICS ................................................................................ 14
Chapter 5: AUDITING RESPONSIBILITIES AND OBJECTIVES .............................................. 21
TOPIC 3: AUDIT` EVIDENCE (chapter 6) ..........................................................................27
TOPIC 4: AUDIT PLANNING – MATERIALITY AND RISK (Chapter 7+8) .......................33
Chapter 7: AUDIT PLANNING AND DOCUMENTATION ..................................................33
Chapter 8: MATERIALITY AND RISK ...............................................................................46
TOPIC 5: INTERNAL CONTROL AND CONTROL RISK (CHAPTER 9) ..........................53
TOPIC 6: AUDIT STRATEGY PLANS AND PROGRAMS (CHAPTER 12) .......................65
TOPIC 7: AUDIT OF THE SALES AND COLLECTION CYCLE (Chapter 13 + 14) ...........70
TOPIC 8: AUDITING OF OTHER TRANSACTION CYCLES (Chapter: 16 + 17) ...............74
TOPIC 9: AUDIT SAMPLING AND INTERNAL AUDITS (Chapter 15 + 19) ......................80
Chapter 15: AUDIT SAMPLING .........................................................................................80
Chapter 19: OTHER ASSURANCE AND ENVIRONMENT .................................................82
TOPIC 10: COMPLETING THE AUDIT (Chapter 18) ........................................................83
NGUYEN HOANG MINH DAT – S3192470

Page |2
AUDIT REVISION
TOPIC 1: OVERVIEW OF AUDIT (CHAPTER 1 & 2)

Chapter 1: DEMAND FOR AUDIT AND ASSURANCE SERVICES
ASSURANCE SERVICES
Assurance services are independent professional services that improve quality of information for
decision makers. Assurance service are valued because the assurance provider is independent and
perceived as being unbiased with respect to the information examined.
Assurance services can be performed by public accountants or a variety of other professionals. For
example, some non-profit organizations have been established that test a wide variety of products
used by consumer and report their evaluation of the quality of the products tested in ―consumer
report‖. The information provided is considered more reliable by many consumers than information
provided by the product manufacturer because it comes from an independent.
ATTESTATION SERVICES
Attestation service is a type of assurance service in which the public accounting firm issues a written
communication that expresses a conclusion about the liability of a written assertion of another party.
The main reason for attestation service is that the business environment often requires assurance that
financial information is reliable and can be ―trusted‖. There are three categories of attestation
services: audit of historical financial statement, review of historical financial statement and other
attestation services.
Audit of historical financial statements is a form of attestation service in which the auditor issues a
written report expressing an opinion about whether the financial statements are in material
conformity with accounting standard. The external user who rely on financial statement to make
business decisions look to the auditor‘s report as an indication of the statements‘ reliability because
of the auditor‘s independence and their knowledge of financial statement reporting matter.
Review of historical financial statement is a form of attestation service in which a public accounting
firm issues a written report that provides less assurance than an audit as to whether the financial
statements are in the material conformity with accounting standard. A review is often adequate to
meet user‘s needs and can be provided by the public accounting firm at lower fee than an audit.
Other attestation services: the users seek independent assurances about other types of information.
However, in order to qualify as an attestation service, the engagement must involve written
assertions on some accountability matter.

Page |3
AUDIT REVISION
Different types of assurance which may be obtained in an assurance engagement. Explain why
and what type of assurance an auditor should provide in a financial statements audit.
Reasonable assurance engagement:

The objective of a reasonable assurance engagement is to reduce the assurance engagement risk to an
acceptably low level, with the aim to arrive at a positive form of expression of conclusion.
Limited assurance engagement:

Limited assurance engagement aims to reduce the assurance engagement risk to a level that is
acceptable in the circumstances of the engagement but where that risk is greater than for a reasonable
assurance engagement, as the basis for a negative form of expression of opinion.
A financial statements audit is one that expresses an opinion on written assertions and thus the audit
level of assurance is expressed as a positive opinion. The financial statement audit provides a
reasonable level of assurance which enhances the credibility of the information provided by the
party responsible for the matter, such as in the audit report on financial statements under the
Corporations Act 2001. While the assurance of the financial statement audit is objective, it is subject
to a number of inherent limitations. Some of these limitations include time lapse, audit testing based
on selective samples, a subjective assessment of materiality, and that where there are highly
specialised areas, the auditors may need to seek external advice regarding the subject matter being
audited and the reasons for this revolve around the inherent limitation of an audit.
A financial statement audit is performed in accordance with ASA 200 Objective and General
Principles Governing an Audit of a Financial Report. There are inherent limitations in any audit.
These inherent limitations also mean that the auditor cannot achieve a zero engagement risk.
Therefore, an absolute assurance (limited assurance) is not possible in a financial report audit. The
reasons for inherent limitations are as below:
a) Time lapse – by the time the audit report is released the information is relatively ‗old‘.
b) Audit testing on selective samples, which has limitations due to sampling risk.
c) The assessment of materiality, with both quantitative and qualitative considerations, requires a
high degree of professional judgement. There are, however, some guidelines, although by their
nature are necessarily arbitrary.
d) Forming professional judgements in highly specialised areas can often result in disagreements
between auditors and clients
e) Report format limitations and the consequent ―expectation gap‖ often arise with users of
financial statements.
f) Fraudulently prepared Financial statements are extremely difficult to detect as there is always the
possibility of collusion

Page |4
AUDIT REVISION
g) The audit must be performed at a reasonable cost and within a reasonable period of time.
h) No one , including auditors can foresee the outcome of uncertainties
i) Estimates are an inherent art of accounting process.
j) reliance on internal control structures
k) Alternative principles are permitted under accounting standards
CAUSES OF INFORMATION RISK

Information risk reflects the possibility that the information on which the business risk decision was
made was inaccurate. There are several reasons for information risk: remoteness of information,
biases and motives of the provider, voluminous data and the existence of complex exchange
transactions.
Remoteness of information: it is impossible for decision makers to have much first-hand knowledge
and they must rely on the information provided by the other. Therefore, when the information is
obtained from others, the likelihood of it being intentionally or unintentionally misstated increases.
Biases and motives of provider: If the information is provided by someone whose goals are
inconsistent with those of the decision maker, the information may be biased in favor of the provider.
The reason could be an honest optimism about future event or an intentional emphasis designed to
influence users in a certain manner.
Voluminous data: As organizations become larger, the volume of their exchange transactions
increases. This can result in improperly recorded information that will be included in the record.
Complex exchange transaction: exchange transactions between organizations have become

increasingly complex and therefore more difficult to record properly. Example includes properly
combining and disclosing the results of operations of subsidiaries in different industries and properly
disclosing derivative financial instruments.
REDUCING INFORMATION RISK

User verifies information: the user may go to the business to examine records and obtain
information about the reliability of the statements. However, the cost for this method is high and it is
economically inefficient for all users to verify the information individually.
User shares information risk with management: If users rely on inaccurate financial statements and
as a result incur a financial loss, there is a basis for a legal action against management. A difficult
with sharing information risk with management is that users may not be able to collect on losses.
Audited financial statements are provided: the user uses independent audit performed in order to
obtain reliable information because audit will provide complete, accurate and unbiased audited
information.

Page |5
AUDIT REVISION
Question: Discuss the major factors in today’s society that has made the need for independent
audits much greater than 50 years ago?
There is a demand for independent audit because of the following four conditions:
 Conflict of interest—the user perceives an actual or potential conflict with the preparer. For
example, management (preparer) could have an incentive to present biased information in a
financial report because these reports provide information about their performance.
 Consequence—the user will make decisions of consequence based on the information.
 Complexity—the subject matter is beyond the average user‘s level of expertise.
 Remoteness—separation of the user and the preparer
An independent audit is a means of satisfying the need for reliable information on the part of
decision makers. Factors of a complex society which contribute to this need are:
 Remoteness of information: it is impossible for decision makers to have much first-hand
knowledge and they must rely on the information provided by the other. Therefore, when the
information is obtained from others, the likelihood of it being intentionally or unintentionally
misstated increases. An example may be distribution of the business among numerous
geographic locations and complex corporate structures.
 Biases and motives of provider: If the information is provided by someone whose goals are
inconsistent with those of the decision maker, the information may be biased in favor of the
provider. The reason could be an honest optimism about future event or an intentional
emphasis designed to influence users in a certain manner.
 Voluminous data: As organizations become larger, the volume of their exchange transactions
increases. As a result, improperly recorded information will be included in the record.
 Complex exchange transaction: exchange transactions between organizations have become
increasingly complex and therefore more difficult to record properly. Example includes
properly combining and disclosing the results of operations of subsidiaries in different
industries and properly disclosing derivative financial instruments.
NATURE OF AUDITING
Auditing is the accumulation and evaluation of evidence about information to determine and report
on the degree of correspondence between the established criteria. Auditing should be performed by a
competent and independent person.
Information and established criteria: there must be information in verifiable form and some
standards (criteria) by which the auditor can evaluate the information. Auditors routinely perform
audits of quantifiable information, including companies‘ financial statements and individual‘s
income tax returns. The criteria for evaluating information are various that depend on the

Page |6
AUDIT REVISION
information being audited. For example, in the audit of historical financial statements by public
accounting firm, the criteria are usually accounting standard. For the audit of tax returns by ATO, the
criteria are found in the Income Tax Assessment Act.
Accumulating and evaluating evidence: Evidence is any information used by the auditor to
determine whether the information being audited is stated in accordance with established criteria.
Evidence takes many different forms such as oral testimony of the client, written communication
with outsiders and observation by the auditor. It is important to obtain a sufficient quality and
volume of evidence to satisfy the purpose of audit.
Competent independent person: the auditor must be qualified to understand the criteria used and
must be competent to know the types and amount of evidence to accumulate to reach the proper
conclusion. The auditor must also have an independent mental attitude. The competence of
individuals performing the audit is of little value if they are biased in the accumulation and
evaluations of evidence. Auditors reporting on company financial statements are often called
independent auditors. Even though auditors of published financial statement are paid a fee by a
company, they are sufficiently independent to conduct audits that can be relied on by users.
Reporting: the final stage in the auditing process is preparing the audit report which is
communication of the auditor‘s finding to users. Report may differ in nature but all must inform
readers of the degree of correspondence between information and established criteria.
Does society as a whole benefits from the services of independent auditors, or are the benefits
restricted to individual third parties?
Society as whole can benefit from audits. For example, in considering financial report audits:
 Users of financial reports might have greater confidence in the data on which economic
decisions about the entity are based. The increased confidence placed on financial reports will
reduce the information risk associated with the trading of securities, which will serve to
promote trade, and bring about a movement of economic resources to those areas where the
greatest net benefits are perceived.
 An Audit helps create a stable capital environment. The entity might be able to obtain funds
at a lower cost because of the added assurance users have in the financial report. This would
result in higher profits, which might lead to increased dividends to shareholders or might be
retained in the business to fund expansion, increase employment opportunities and pay
further taxes from the entity‘s activities.
 Management and employees of the entity might improve their conduct because they know
their performance will be under scrutiny during the audit.
 The entity‘s financial report, accounting system and accounting control can be improved
because of suggestions made by the auditor after their assessment on the internal control.

Page |7
AUDIT REVISION
DISTINCTION BETWEEN AUDITING AND ACCOUNTING
Accounting is the recording, classifying and summarizing of economic events in a logical manner
for the purpose of providing financial information for decision making. In order to provide
relevant information, accountants must have a thorough understanding of the principles and rules that
support the basis for preparing the accounting information. Moreover, the accounting must develop a
system to make sure that the entity‘s economic events are properly recorded on a timely basis and at
reasonable cost.
Auditing is to determine whether recorded information properly reflects the economic events that
occurred during the accounting period. Because accounting rules are the criteria for evaluating
whether the accounting information is properly recorded, any auditor involved with these data must
also thoroughly understand those rules. In addition, the auditor must possess expertise in the
accumulation and interpretation of audit evidence. Determine the proper audit procedure, deciding
the number and types of items to test and evaluating the result are problems unique to the auditor.
TYPES OF AUDIT
Financial statement audits: is conducted to determine whether the overall financial statement is
stated in accordance with specified criteria. In determining whether financial statements are fairly
stated accordance with accounting standard, the auditors should perform appropriate tests to
determine whether the statements contain material error or other misstatement.
Performance audits: is a review of any part of an organization‘s operating procedure and methods
for evaluating efficiency and effectiveness. They can include the evaluation of organization structure,
computer operations, production methods and marketing etc. so management normally expects
recommendations for improving operations at the completion of a performance audit. However,
establishing criteria for evaluating information in a performance audit is an extremely subjective
matter. Therefore, performance auditing is more like management consulting than what is generally
regarded as auditing.
Compliance audits: is to determine whether the client is following specific procedures, rules or
regulations set by higher authority. In addition, compliance audits are an audit performed to
determine whether an entity that receives financial assistance from the Federal Government has
complied with specific laws and regulations. Thus, results of compliance audits are typically reported
to someone within the organizational unit being audited rather to a board spectrum of users.

Page |8
AUDIT REVISION
PEER REVIEW OR QUALITY REVIEW – Question: state what is meant by the term
“mandatory peer review”. What are the implications for the profession?
A peer review is a review, by public accountants, of a public accounting firm's compliance with its
quality control procedure system. A mandatory peer review means that such a review is required
periodically by the relevant professional accounting body.
Peer reviews can be beneficial to the profession and to individual firms. By helping firms meet
quality control standards, the profession gains if reviews result in practitioners doing higher quality
audits. A firm having a peer review can also gain if it improves the firm's practices and thereby
enhances its reputation and effectiveness, and reduces the likelihood of law suits. Of course peer
reviews are costly. There is always a trade off between cost and benefits. A public accounting firm
also gives up some independence of activities when it is reviewed by another firm. The peer review
is an effort at self regulation. Its long-term success cannot yet be evaluated.
DIFFERENCE AND SIMILARITY IN AUDITS OF FINANCIAL STATEMENT,

COMPLIANCE AUDITS AND PERFORMANCE AUDITS.
AUDITS OF COMPLIANCE PERFORMANCE

FINANCIAL AUDITS AUDITS
STATEMENTS
PURPOSE To determine whether the To determine whether To evaluate whether
overall financial statements the client is following operating procedures
are presented in accordance specific procedures set are efficient and
with specified criteria by higher authority effective
(accounting standards)
USERS OF AUDIT Different groups for Authority setting down Management of
REPORT different purposes— procedures, internal or organisation
many outside entities external
NATURE Highly standardised Not standardised, but Highly non-
specific and usually standard; often
objective subjective
PERFORMED BY:
PUBLIC
ACCOUNTANTS Almost universally Occasionally Frequently
OFFICERS
SERVING Occasionally Frequently Frequently
AUDITOR-
GENERAL
TAX
AUDITORS Never Universally Never
INTERNAL
AUDITORS Frequently Frequently Frequently

Page |9
AUDIT REVISION
Chapter 2: AUDITS REPORT

THE NATURE AND NEED FOR THE AUDITOR’S REPORT
ASA 700 and ASA 701 require an expression of an opinion about the overall financial report or a
specific statement that an overall opinion is not possible, along with the reasons for not expressing an
opinion. The profession recognises the need for uniformity in reporting (type of report) as a means
of avoiding confusion. The wording is reasonably uniform but different audit reports are
appropriate for different circumstances. The audit report is the final step in the entire audit process.
There are three primary categories of attestation report:
 Audit report based on an audit of financial reports prepared in accordance with Australian
accounting standards
 Report based on performing a review engagement
 Special audit report based on audits of certain accounts, agreed on audit procedures or an
alternative financial reporting framework
STATUTORY REQUIREMENTS
 Duty to form an opinion
 Duty to report – annual financial report
 Duty to report – audit to half – year financial report
 Auditor‘s independence declaration
 Signing the auditor‘s report
 Reporting ASIC
CONDITION REQUIRING A DEPARTURE
Condition 1 – The auditor has a disagreement with management

The auditor and management may disagree on the appropriateness of accounting policies such as
method of application and the adequacy of disclosure in the financial report.
Condition 2 – A conflict exists between applicable financial reporting frameworks
Conflict between applicable financial reporting frameworks exists where compliance with the
accounting policies required and allowed by relevant statutory and other requirements does not result
it fair presentation in accordance with accounting standards.
Condition 3 – there is a limitation on the scope of the auditor’s examination
There are two main causes of scope limitations: limitations imposed by the client and those caused
by circumstances beyond the client‘s or auditor‘s control. An example of a client limitation is
management‘s refusal to permit the auditor to confirm material receivables or to physically examine
inventory. An example of a limitation caused by circumstances is that it is not possible to physically
observe inventory, confirm receivables after the financial report date.

P a g e | 10
AUDIT REVISION
AUDIT REPORT OTHER THAN UNQUALIFIED

Adverse opinion: is used only when the auditor believes the overall financial report is so materially
misstated or misleading that it does not present fairly the state of affairs. This opinion may be
required where there is a disagreement with management, particularly respect to condition 1 and
condition 2.
Disclaimer of opinion: is a report issued when the auditor is unable to determine whether the overall
financial report is fairly presented. The necessity for issuing this opinion may arise because of a
severe limitation on the scope of the audit examination. The disclaimer of opinion can arise only
from a lack of knowledge by the auditor whereas to express an adverse opinion the auditor must
have knowledge that the financial report is not fairly reported.
Qualified opinion: a report issued when the auditor believes that the overall financial report is fairly
presented except for an issue that is considered material. This results from condition 1, 2 or 3. A
qualified opinion can be used only when the auditor believes that the overall financial report is fairly
stated. An adverse or disclaimer of opinion must be used if the auditor believes the condition being
reported on is extremely material.
MATERIALITY
An item should be considered material if its omission, misstatement or non-disclosure has the
potential to adversely affect decisions about the allocation of scare resource made by the users of the
financial report or the discharge of accountability by the management or governing body of the entity
Amounts are immaterial: when a misstatement in the financial report exists due to one of the
conditions discussed in the previous section but is unlikely to affect the decisions of a reasonable
user, it is considered to be immaterial.
Amounts are material but are not extreme: when a misstatement in the financial report would affect
a user‘s decision but the overall statements are still fairly stated and therefore useful.
Amounts are extreme, such that overall fairness of statement is in question: the highest level of
materiality exists when users are likely to make incorrect decisions if they rely on the overall
financial report.
MATERIALITY DECISION
There are differences in applying materiality to the condition requiring a departure from an
unqualified opinion. Several aspects of materiality must be considered:
Dollar amount compared with a base: the greatest concern in measuring materiality when a client
has failed to follow accounting standard is usually the total dollar error in the accounts involved,
compared with some base. For example, a $10,000 misstatement might be material for the small
company but not for a large one. Errors must be compared with some measurement base (profit,
total assets, current assets and shareholder’s equity) before a decision can be made about

P a g e | 11
AUDIT REVISION
materiality of the failure to follow accounting standard. In addition, to evaluate overall materiality,
the auditor must also combine all unadjusted error and judge whether there may be individually
immaterial errors that when combined, significantly affect the statement.
Measurability: The dollar error of some misstatement cannot be measured accurately.
Nature of item: the decision of a user may also affected by the kind of error in the statement. The
following may affect the user‘s decision and the auditor‘s opinion in a different way:
 Transactions are illegal and fraudulent
 An item may materially affect some future period even though it is immaterially when only
the current period considered
 An item has a physic effect (ex: small profit vs small loss or cash balance vs overdraft)
 An item may be important in terms of possible consequence arising from contractual
obligations (ex: the effect of failure to comply with a debt restriction may result in a material
loan being called)
EXAMPLES OF REPORT
Where a report other unqualified is to be issued, the layout of the report is modified. A ―Basic for …
opinion‖ section should provide a clear description of all the substantive reasons for the opinion and
a quantification of the effects on the financial reports.
Disagreement with management: When the auditors know that the financial report may be
misleading because it was not prepared in conformity with accounting standard, the auditor must
issue a qualified or an adverse opinion, depending on the materiality of the item in question.
Conflict between reporting frameworks: When the auditors encounter situation that the financial
report is presented fairly in accordance with relevant statutory or other requirements but these
requirements conflict with accounting standard. Therefore, the auditor will express a qualified
opinion with respect to the presentation in accordance with these requirements and either qualified or
adverse opinion depending on materiality.
Limitations of scope – Question: How does the auditor’s opinion differ between scope limitation
caused by client restrictions and limitation resulting from conditions beyond the client control?
Under which of these two would the auditor be most likely to issue a disclaimer of opinion?
The auditor's opinion may be qualified by scope limitations caused by client restrictions or by
limitations resulting from conditions beyond the client's control. The former occurs when the client
will not, for example, permit the auditor to confirm material receivables or physically observe
inventories or allow taking any required confirmation. The latter may occur when the engagement is not

P a g e | 12
AUDIT REVISION
agreed upon until after the client's year end when it may not be possible to physically observe
inventories or confirm receivables.
A disclaimer of opinion is issued if the scope limitation is so material that the auditor cannot
determine even by doing alternative procedures, if the overall financial statements are fairly presented or
not. If the scope limitation is caused by the client's restriction, the auditor should be aware that the
reason for the restriction may be to deceive the auditor. For that reason an inability is more likely for
client restrictions than for conditions beyond anyone's control.
If by doing the alternative procedures the auditors feels that it is not material than unqualified opinion
can also be issues.
When there is a scope restriction that results in the failure to verify material, but not pervasive accounts,
a qualified opinion may be issued. This is more likely when the scope limitation is for conditions
beyond the client's control than for restrictions by the client.
UNQUALIFIED AUDIT REPORT WITH AN EMPHASIS OF MATTER

This opinion is appropriate for an audit with satisfactory results and financial report is fairly
presented but the auditor is required to provide additional information. Therefore, this opinion
normally begins with “without qualification to the opinion expressed above …”
Additional disclosures: In rare circumstances, the preparers of the financial report may be of the
opinion that application of a particular accounting standard may mislead the users of that report.
Therefore, under s299 of the Corporate Act 2001, additional disclosures can be included and have to
contain relevant and reliable information.
Significant uncertainties: A number of estimates are customarily made by management in the

preparation of financial report such as the useful lives of depreciable assets, the collectible of
receivables and the realisability of inventory. However, the auditor may encounter a situation that a
matter cannot reasonably be estimated at the time the statement are being issued. These matters
can be defined as significant uncertainties (ex: recoverability of a deferred cost, legal issue like
contingent liability or asset, going concern issue, loss of major customers)
Inconsistent other information: the information in published annual report has to be consistent with
the financial report. If there is a material inconsistency, the client should be requested to be change
the information. If the client refuses, an emphasis of matter section describing the material
inconsistency should be included in the report.
Revised financial report: ASA 560 deals with the discovery of events subsequent to the client‘s
balance date. This can result in the new audit report including emphasis of matter section for a
revised financial report.

P a g e | 13
AUDIT REVISION
TOPIC 2: AUDITORS STATUTORY – RESPONSIBILITIES

– AUDIT OBJECTIVES (CHAPTER 3+4+5)
Chapter 3: AUDITORS’ LEGAL ENVIRONMENT
HOW DOES THE AUDITOR PROTECT HIMSELF? (MANAGING LEGAL LIABLILTY)
 Deal only with clients possessing integrity: A public accounting firm needs procedures to
evaluate the integrity of clients and should dissociate itself from clients found lacking.
 Hire qualified personnel; train and supervise them properly: it is important that these young
professionals be qualified and well trained as well as supervised their work by experience.
 Maintain independence: the auditor has to be required an attitude of responsibility separate
from the client‘s and management‘s interests. In addition, the auditor must maintain an
attitude of healthy scepticism.
 Understand the client’s business: the sufficient knowledge of industry as well as client
operations can help auditor avoid uncovering error in several cases
 Perform quality audits: quality audits require the appropriate evidence be obtained and
appropriate judgement be made about the evidence. Improved auditing reduces the likelihood
of misstatement and legal actions.
 Document the work properly: the preparation of good working papers helps in organising
and performing quality audits.
 Obtain an engagement letter and a representation letter: these two letters are essential in
defining the respective obligations of the client and the auditor. They are especially helpful in
legal actions between the client and the auditor.
 Carry adequate insurance: This is a legal requirement for AACs and is covered by the
professional bodies‘ rules for all auditors.
 Seek legal counsel: an auditor should seek the advice of an experienced legal expert or
consult experienced counsel when encountering serious problems during an audit.
Q-1 State your opinion as to the positive and negative effects of legal liability on auditing?
The most important positive effects are the increased quality control by audit firms that is likely to
result from actual and potential lawsuits and the ability of injured parties to receive remuneration for
their damages. Negative effects are the resources required to defend groundless cases and the
harmful impact on the public's image of the profession. Legal liability may also increase the cost of
audits to society, by causing audit firms to increase the evidence accumulated plus the costs of
professional indemnity insurance.

P a g e | 14
AUDIT REVISION
Q-2 Explain the matters which must be proved before a claim for negligence can be successful.
The matters that must be proved to the satisfaction of a court before a claim of negligence can
succeed are that:
 A duty of care is owed to the plaintiff (i.e. there is reasonable foreseeability and proximity);
 The auditor is negligent (reasonable care and skill are not exercised by the auditor);
 The plaintiff relied on the auditor;
 The plaintiff suffered a quantifiable loss as a result of the auditor‘s negligence; and
 The loss was suffered as a result of relying on the auditor (i.e. causation).
Q-3 what is meant by contributory negligence? Under what conditions is this likely to be a
successful defense?
Contributory negligence means another person (usually the plaintiff) has contributed to his or her
own loss by failing to take sufficient reasonable care. An example is the claim by the auditor that
management knew of the potential for fraud because of weaknesses of internal control but refused to
correct them. The auditor thereby claims that the client contributed to the losses caused by the fraud
by not correcting material weaknesses of internal control structure. Since then, various states have
legislated requirements for damages to be apportioned according to a ―negligence calculus‖ that can
recognize the duties of parties additional to the auditor. This is known as proportionate liability.
Q-4 a common type of legal action against auditor is for failure to detect a defalcation. State
the auditors’ responsibility for such discovery. Give authoritative support for your answer.
The auditor should assess the risk that errors and irregularities may cause a client‘s financial
statements to contain a misstatement (ASA240). Based on this assessment, the auditor should
provide reasonable assurance to detect errors and irregularities that are material to the financial
statements. Because of the nature of irregularities, properly designed and executed audit procedures
are effective for detecting error but may not be appropriate in the context of an identified risk of
material misstatement due to fraud. The decision in the Pacific Acceptance case confirmed the
auditor‘s duty to audit with due care and skill includes a duty to design the audit with due regard to
the possibility of fraud.
CHAPTER 4: AUDIT QUALITY AND ETHICS

AUDIT QUALITY AND CORPORATE GOVERNACE – Explain the role of auditing in
Corporate Governance
Australian regulatory mechanisms addressing corporate governance emphasize accountability and

transparency through disclosure and reporting requirements, including financial statements and
related disclosures in the annual report. Because the required reports are produced and disseminated
by management and the board of directors, their reliability of the disclosures is a persistent concern

P a g e | 15
AUDIT REVISION
to users and regulators. The principal external monitor of the published financial reports is the
external auditor. The auditor‘s role in this regard is to act as an independent monitor who attests
to the reliability of the financial statements and related disclosures intended for the use of existing
shareholders. In general, the purpose of audit is to measure the degree of reliability of financial
statements and thereby raise confidence of users in the financial reports.
EXPECTATION GAPS
The gap result from differences between the views of auditors and other stakeholders regarding: the
roles and responsibilities of auditors, and the performance of auditor. There are many reasons for
expectation gap:
 The nature of auditing such as reliance on sampling and subjective evidence
 Application of hindsight rather than what was known and reasonable at this time
 Self-interest of complaints‘ seeking compensation for losses
 Self-interest of auditors protecting their profits
 Changes in social expectations
 Ignorance or misunderstanding of the roles of participants in corporate governance
ETHICS
Ethics can be defined broadly as a set of moral principles or values. Each person has such a set of
values, although people may not have considered them explicitly.
Need for ethics: Ethical behavior is necessary for a society to function in an orderly manner. The
need for ethics in society is sufficiently important that many commonly held values are incorporated
into law. However, many of the ethical values of a society cannot be incorporated into law because
of the judgmental nature of particular values. For example, it is practical to have law that deal with
cheating, stealing or lying others but it is more difficult to establish meaningful laws dealing with
principles such as integrity, loyalty and diligence.
Why people act unethically: two primary reasons are that the person‘s ethical standards are
different from those of society as a whole and the person chooses to act selfish.
Resolving Ethical Dilemmas: an ethical dilemma is a situation in which a decision must be made
about the appropriate action to take. There are six-step to resolve ethical dilemma
 Obtain the relevant facts
 Identify the ethical issues from the facts
 Determine who is affected by the outcome of the dilemma and how each person is affected
 Identify the alternatives available to the person who must resolve the dilemma
 Identify the likely consequence of each alternative
 Decide the appropriate action

P a g e | 16
AUDIT REVISION
FUNDAMENTAL PRICIPLES OF PROFESSIONAL ETHICS

Integrity: auditor must be straightforward and honest, and practise fair dealing and truthfulness in
their professional relationships
Objectivity: the auditor has to maintain an impartial attitude when planning audit, interpreting
evidence and reporting on financial report.
Professional competence and due care: auditors must maintain their professional knowledge and
skill at an appropriately high level, and be diligent in the application of their knowledge and skills
when providing professional services.
Confidentiality: Auditors must not use confidential information acquired as a result of their
professional relationships to their personal advantage. In addition, they are not allowed to disclose
the confidential information to a third party without specific authority from their client.
Professional behaviour: auditors should not exaggerate their qualifications or capabilities and
should not make unsubstantiated comparisons to competitors
THREATS
Self-interest: when the financial interests of the auditor or their relative are involved
Self-review: when an auditor evaluates a situation that is a result of a previous judgement or advice
by the auditor or auditor‘s firm
Advocacy: when the auditor promotes a position or opinion to the point that subsequent objectivity
may be compromised
Familiarity: when an auditor becomes too sympathetic to the interest of another party because of a
close relationship.
Intimidation: when an auditor‘s actions may be compromised by actual or perceived threats.
SAFEGUARDS
There are two broad categories of safeguard to reduce threats at an acceptable level: the profession,
legislation and regulation (education, training and continuing professional development
requirement) and the work environment.
INDEPENDENCE
Independence in auditing means that takes an unbiased viewpoint in the performance of audits tests,
the evaluation of the results and the issuance of the audit report. The main reason of independence
auditing is that the users rely on the external auditor‘s reports as to the truth and fairness of financial
statements is their expectation of an unbiased viewpoint.
Distinguish between independence in fact and independence in appearance. State three activities
that may not affect independence in fact but are likely to affect independence in appearance

P a g e | 17
AUDIT REVISION
Independence in fact exists when the auditor is actually able to maintain an unbiased attitude
throughout the audit, whereas independence in appearance is dependent on others' interpretation of
this independence and, consequently, their faith in the auditor (or users perceive auditors as being
independent).
Activities which may not affect independence in fact, but which are likely to affect independence in
appearance are: (the first two are violations of the Code of Ethics for Professional Accountants.)
 Ownership of a financial interest in the client.  self-interest threat

 Director or officer of a client
 Performance of management advisory or bookkeeping or accounting services and audits for
the same company  self-review threat
 Dependence upon a client for a large percentage of audit fees
 Engagement of the auditor and payment of audit fees by management.
AUDIT FEES AND INDEPENDENCE

Fee dependence: the auditor must avoid undue economic dependence on the revenues derived from
any one client. When a large proportion of an individual audit partner‘s revenues (normally exceed
15%) is dependent on a particular client, the audit work should be reviewed by a professional
accountant who is not member of an audit team.
Overdue fees: when significant fees remain unpaid for previous work undertaken by the auditor,
outstanding fees may assume the characteristics of a loan after the expiration of the normal
receivables. As a result, the auditor should consider whether audit independence has been
compromised so the audit work may be reviewed by a professional accountant – not a member of
audit team.
Fee setting: the fees for audit engagement are to reflect fairly the value of work performed
including: the knowledge and skill required for the type of work involved; the level of training and
experience of person necessarily engaged on the work; the degree of responsibility; and the time of
all people engaged in the work
 Contingent fee: basing fees on the outcome of the engagement (contingent fees) is prohibited.
 Lowballing: the auditor underquotes for an audit to win the contract and expect to recover the
cost of initial audit by providing other services to the client or increasing audit fees in later
periods. Therefore, when a client obtains an audit at significantly lower fee than the
predecessor firm, the audit firm must be able to demonstrate that appropriate time and
qualified staff are assigned to the task in compliance with all applicable standards, guidelines
and quality control procedures.

P a g e | 18
AUDIT REVISION
Question: It is often stated that an auditor cannot be truly independent when payment of fees is
dependent on the client's management. Explain two approaches that could reduce this appearance
of lack of independence.
 The use of an audit committee to select auditors is made up of directors who are not a part of
management; Audit committee also decides the scope of services the audit firm has to
perform.
 They will agree to the fee proposed by the auditor‘s based on scope of work and the skill and
knowledge required for the type of the work. It also meets periodically to discuss the audit
progress and findings and helps resolve conflicts between the auditor and management
 To protect the independence of auditors, it is important to protect them from the threats of
dismissal. An auditor can be removed only a resolution of shareholders at general meeting on
two months notice or by ASIC. A requirement that all changes of auditors and reasons
therefore be reported to ASIC;
 Approval of the nominated auditor by shareholders at the annual meeting. Auditor‘s rotation
applies to a listed company. No Individual can play a significant role in the audit of a listed
company (usually the lead auditor and review auditor) for more than 5 out of 7 successive
financial years.
 Use of either government or quasi government auditors is an alternative to the engagement of
the auditor and payment of audit fee by management
 The auditor should avoid undue economic dependence on the revenues derived from any one
client. The audit work should be reviewed by the professional accountant when total fees
from an audit client exceeds 15% of the gross fee of the firm
 After the expiration of the normal receivable period, when significant fees remain unpaid for
previous work undertaken by auditor, the overdue fees can be assumed to be loan due to the
client. In such circumstance, the auditors should discuss about the overdue fees with the audit
committee and the audit work has to be reviewed by a professional accountant, not a member
of the audit team.
AUDITOR SWITCHING
The main reason of management in auditor switching is to seek better quality-service, opinion
shopping and reducing costs. Auditors‘ best protection against threats to auditor independence that
can arise from auditor switching is communication.
Communication between audit firms: A successor auditor should communicate with the previous
auditor as a part of deciding whether to accept an engagement. For example, the successor auditor
may ask for information from the predecessor about disagreement with management, about

P a g e | 19
AUDIT REVISION
accounting principles or audit procedures and reasons for the change of auditors. In addition, the
reasons for resignation of an incumbent auditor must be reported to and accepted by ASIC but the
removal of an auditor is restricted under s329. The Corporate Act requires shareholders to approve
the selection of a new auditor or reappointment of the existing one.
Opinion shopping: the public accounting is requested by a client of another auditing firm to provide
an opinion the application of accounting principles or the type of audit opinion. In fact, the directors
could use a response to try to influence existing auditors or remove them from office and appoint an
auditor with an opinion more ‗favorable‘ to itself.
Reducing cost: there is nothing wrong in management trying to obtain audit services at a lower cost
but the price-based competition does not lead to unacceptably lower-quality auditing or impede the
independence of the auditor.
AIDS TO MAINTAIN INDEPENDENCE AND INTEGRITY OF THE AUDIT

In addition to being cautious in their conduct of audits and relationship with clients, the auditor‘s
independence and the integrity of the audit can be enhanced through the use of audit committees,
auditor rotation and protection of working papers
Auditor committees: is the selected number of members of a company‘s board of directors whose
responsibilities include helping auditors to remain independent of management as well as resolve
conflicts between the auditor and management. There are some factors that may influence the
effectiveness of an audit committee: its mandate and independence of management; the experience
of its member; the extent of its involvement in the operation of the entity; the appropriateness of its
actions; its interaction with internal audit.
Question: What is an audit committee and what are its functions?

An appropriately constituted audit committee provides an effective method of communication for the
auditor that can enhance management cooperation and reduce pressures on auditor independence. It
can also reduce executive management involvement in auditor selection and contracting.
An audit committee is a subcommittee of the board of directors and usually consists solely or mainly
of non-executive directors. Audit committees have been established primarily to:
 Assist the board of directors to fulfill its legal fiduciary responsibilities;
 Add to the credibility and objectivity of financial reports;
 Enhance the independence and effectiveness of auditors;
 Oversee the application of appropriate accounting policies and procedures and ensure
appropriate disclosure;
 Establish and monitor corporate policies to prohibit unethical or illegal activities;

P a g e | 20
AUDIT REVISION
 Establish and monitor effective internal and management controls

 Provide a communication link between management, auditors and the board
Question: How can audit committees help preserve auditor independence?

An appropriately constituted audit committee provides an effective way of communication for the
auditor that can enhance management cooperation and reduce pressures on auditor independence. It
can also reduce executive management involvement in auditor selection and contracting.
Auditor rotation: the ‗familiarity threat‘ caused by using the same senior personnel on an audit have
long been recognized by the professional bodies. Therefore, under Code of Ethics and Company Act
requirement, the lead auditor and review partner have to be rotated every five years. As a result, the
auditor rotation may reduce the likelihood of firms becoming dependent on particular clients and
may encourage higher quality work.
Protection of working paper: there are three main issues in relation to an auditor‘s working papers:
audit integrity, personnel gain and client confidentiality.
 Audit integrity: Access to audit working papers would give client personnel an opportunity to
alter information on the paper or interfere with test data.
 Personal gain: Auditor must not use confidential client information for their personal
advantage. The confidential client information is defined that information may not be
disclosed without the specific consent of the client except under authoritative, professional or
legal investigation.
 Client confidentiality: During the course of the examination, auditors obtain a considerable
amount of confidential information such as officer‘s salary, product pricing, advertising plans
and product cost data. Therefore, the auditors are not allowed to disclose this information in
order to avoid seriously strained relationship between auditors and management.
 Exceptions to confidentiality: - Question: The auditor’s working papers can usually be
provided to someone else only with the permission of the client. Give two exceptions to
this rule
The following are exceptions to the confidentiality requirement for auditors‘ working papers
through legal obligation and maintenance of audit quality.
 The confidentiality requirement cannot interfere with the member's obligation to follow
auditing standards or accounting standards.
 A member must comply with a validly issued subpoena or summons enforceable by order
of a court.

P a g e | 21
AUDIT REVISION
 The working papers are formally requested by the ASIC as part of an investigation into the
auditee corporation.
 Working papers can be provided in confidence, to another firm conducting a peer review
of the auditor.
Resignation: if the conflicts are sufficiently great to compromise an auditor‘s objectivity, it may be
necessary for the auditor to resign from the engagement.
CHAPTER 5: AUDITING RESPONSIBILITIES AND OBJECTIVES

OBJECTIVE OF CONDUCTING AN AUDIT OF FINANCIAL STATEMENT
The objective of an audit of a financial report is to enable the auditor to express an opinion as to
whether the financial report is prepared, in all material respects, in accordance with an applicable
financial reporting framework. There are five steps to develop audit objectives: understand
objectives and responsibilities for the audit; divide financial statements into cycles; know
management assertions about accounts; know general audit objectives for classes of transaction and
accounts; know specific audit objectives fro classes of transactions and accounts.
MANAGEMENT’S RESPONSIBILITIES
The responsibility for adopting accounting policies, maintaining adequate internal controls and
making fair representations in the financial statements rests with management rather than with the
auditors. Because it operates the business daily, a company‘s management knows more about the
company‘s transactions and related assets, liabilities and equity rather than the auditor does. The
Corporate Act requires the directors of a public company to include a director‘s declaration in the
financial report that complies with accounting standard and give a true and fair view.
AUDITOR’S RESPONSIBILITIES – What is the auditor's responsibility toward detecting error

and fraud as per ASA 240?
Material versus immaterial misstatement: It is extremely costly to look for immaterial misstatement
so auditor will look for only material misstatement. Misstatements are considered material if the
combined uncorrected errors and fraud in the financial statements would likely have changed or
influenced the decisions of a reasonable person using the statements.
Reasonable assurance: ASA 200 requires that an audit be designed to provide reasonable assurance
of detecting material misstatements in the financial report arising from fraud & error. Auditing
standards make no distinction between the auditor's responsibilities for searching for errors and for
fraud, whether from fraudulent financial reporting or misappropriation of assets. For both error and
fraud, the auditor must obtain reasonable assurance about whether the statement is free of material
misstatements. An auditor can not give the absolute assurance due the use of testing, the inherent

P a g e | 22
AUDIT REVISION
limitation of internal control and the fact that much of the audit evidence available to the auditor is
persuasive rather than conclusive in nature.
Professional Scepticism: Auditor must use his professional scepticism in all aspects of the
engagement. Professional scepticism is an attitude that includes a questioning mind and a critical
assessment of audit evidence. The auditor should not assume that management is dishonest, but the
possibility of dishonesty must be considered. Nor should the auditor assume that management is
unquestionably honest.
Error vs fraud: An error is unintentional misstatement, auditor find a variety of errors resulting
from such things as mistakes in calculation, omission, misunderstanding and misapplication of
accounting standards to inform management. The auditor has direct responsibility to plan and
performs an audit to maximise the identification of errors. Fraud is intentional misstatement resulting
from fraudulent financial reporting and misstatement resulting from misappropriation of assets.
How to detect fraud?
ASA 240 further provide detail on the auditor‘s responsibility for detecting fraud. The difficulty of
detection of fraud does not change the auditor's responsibility to plan and perform the audit properly.
The following are the circumstances which may increase the auditor's risk assessment for fraud:
a) Pressure or incentive to commit the fraud example

 Excessive pressure exists for management due to overly optimistic press releases or annual
report message
 Financial stability or profitability is threatened by significant decline in customers demand
 Incentive-Significant portion of management compensation is contingent upon achieving
aggressive targets for stock price or operating results.
b) Perceived opportunity to commit the fraud

 Entity‘s operations provide opportunities to engage in fraudulent financial reporting that can
arise from significant related-party transactions which are not disclosed or audited by another
firm.
 Domination of management by single person or small group without compensating controls.
 Internal control components are deficient due to inadequate monitoring of controls
 Ineffective oversight by those charged with governance over financial reporting process and
internal controls
 Management over ride of internal control procedures.
c) Individuals may be able to rationalise committing a fraudulent act/ Attitudes

 Ineffective communication, implementation, support of ethical standards by management.

P a g e | 23
AUDIT REVISION
 Management failing to correct the known material weaknesses in internal control on a timely
 Unreasonable demands on the auditor, such as unreasonable time constraints regarding the
completion of the audit or the issuance of the auditor‘s report.
If fraud is detected
The best defence when material misstatements (either errors or fraud) are not uncovered in the audit
is that the audit was conducted in accordance with auditing standards but however if auditor
identifies the misstatement and it indicate the fraud
 An auditor shall consider the implication of the misstatement particularly the reliability of
management‘s representations. Auditor needs to either confirm or dispel that suspicion by
doing specific procedures like rigorously examining the contents of boxes during stock count
or confirming from customers certain relevant contract terms, using an expert to take advice
on management estimates.
 The auditor shall communicate these matters to those charged with governance.
AUDITOR’S RESPONSIBILITY FOR DISCOVERING ILLEGAL ACTS

Illegal acts are defined as violations of laws or government regulations other than fraud. The auditor
should obtain a general understanding of the legal and regulatory framework applicable to the clients
and its industry and how the client is complying with the framework.
Direct – effect illegal acts: certain violations of laws and regulations have direct financial effect on
specific account balances in the financial statements. For example, a violation of taxation law
directly affects income tax expense and income taxes payable.
Indirect-effect illegal acts: potential material fines indirectly affect financial statements by creating
the need to disclose a contingent liability for the potential amount that might ultimately be paid.
There are three levels of responsibility that the auditor has to find and report illegal acts:
 Evidence accumulation where there is no reason to believe indirect-effect illegal act exist:
the auditor should also inquire of management about policies they have established to prevent
illegal act and whether management knows any laws or regulations that the company has
violated.
 Evidence accumulation and other actions when there is reason to believe direct or indirect
effect illegal acts may exist: when auditor believes that an illegal act may have occurred, it is
necessary to take several actions. First, the auditor should inquire of management at a level
above those likely to be involved in the potential illegal. Second, the auditor should consult
with the client‘s legal counsel or other specialist who is knowledge about the potential illegal
act. Third, the auditor should consider accumulating additional evidence to determine
whether there actually is an illegal act.

P a g e | 24
AUDIT REVISION
 Action when the auditor knows of an illegal act: if the auditor concludes that the disclosures
relative to an illegal act are inadequate, the auditor should modify the auditor report
accordingly. The auditor has to communicate with the audit committee or other of equivalent
authority to make sure that they know of the illegal act. If the client either refuses to accept
the auditor‘s modified report or fails to take appropriate remedial action concerning the
illegal, the auditor may find it necessary to withdraw from engagement.
MANAGEMENT ASSERTIONS
Management assertions are implied or expressed representations by management about classes of
transactions and the related accounts in the financial statement. Management assertions are directly
related to accounting standard that consists of five broad categories: existence or occurrence;
completeness; valuation or allocation; rights and obligations; presentation and disclosure.
Assertions about existence or occurrence: Assertions about existence deal with whether assets,
obligations and equities in the balance sheet actually existed on the balance sheet date. Assertions
about occurrence whether recorded transactions included in the financial statement actually
occurred during the accounting period.
Assertions about completeness: all transactions and accounts should be presented in the financial
statements. For example, management asserts that all sales of goods and services are recorded and
included in the financial statements.
Assertions about valuation or allocation: assertions deal with whether asset, liability, equity,
revenue and expense accounts have been included in the financial statement at appropriate amounts.
For example, the property is recorded at historical cost and that such cost is systematically allocated
to appropriate accounting periods through depreciation.
Assertions about rights and obligations: management assertions deal with whether assets are the
rights of the entity and liabilities are the obligations of the entity at a given date.
Assertions about presentation and disclosure: these assertions deal with whether components of the
financial statements are properly combined or separated, described or disclosed.
TRANSACTION-RELATED AUDIT OBJECTIVES

The transaction-related audit objectives are intended to provide a framework to help the auditor
accumulate sufficient appropriate evidence. The general transaction-related audit objective are
applicable to every class of transaction but are stated in broad terms. The specific transaction-
related audit objectives are also applied to each class of transaction but are stated in term adapted to a
class of transaction such as sales transactions.

P a g e | 25
AUDIT REVISION
Existence or occurrence – recorded transactions exist: deals with whether transactions have
actually recorded. For example, including a sale in the sales journal when no sales occurred that
violates existence/occurrence objective.
Completeness – existing transactions are recorded: deals with whether transactions that should be
included in the journal have actually been included. For example, failure to record a sale in sale
journal or general ledger when sales occurred that violates this objective.
Accuracy – recorded transactions are stated at the correct amounts: deals with the accuracy of
information for accounting transactions. For example, the quantity of goods shipped was different
from billed or the wrong selling price are used for billing.
Classification – transactions included in the client’s journals are properly classified: example
includes recording a sale of operating non current assets as revenue.
Timing – transactions are recorded on the correct dates: a timing error occurs if transactions are
not recorded on the dates the transactions took place.
Posting and summarization –
recorded transactions are
properly included in the
master files and are correctly
summarized: deals with the
accuracy of the transfer of
information from recorded
transactions in journal to
general ledger.
BALANCE-RELATED AUDIT OBJECTIVES

The balance-related audit objectives provide a framework to help auditor accumulate sufficient
appropriate evidence. Balance-related audit objectives are applied to account balances (normally
ending balance in the balance sheet account).
Existence or occurrence – amounts included exist: including the account receivable from the
customer in the accounts receivable trial balance when there is no receivable from the customer 
violates this objective. Existence deals with potential overstatement
Completeness – existing amounts are included: failure to include the account receivable from the
customers in the accounts receivable trial balance when a receivable exists  violates these
objectives. Completeness deals with unrecorded transactions and amounts (understatement).

P a g e | 26
AUDIT REVISION
Accuracy – amounts
included are stated at the
correct amounts
Classification – amounts
included in the client’s
listing are properly
classified: determine
whether items on a
client‘s listing are
included in the correct
amount. For example, the
receivables must be
separated into current and
non-current.
Cutoff – transactions near the balance sheet date are recorded in the proper period: determine
whether the transactions are recorded in the proper period.
Detail tie-in – details in the account balance agree with related master file amounts, foot to the
total in the account balance, and agree with the total in the general ledger
Realizable value – assets are included at the amounts estimated to be realized: example includes
provision for doubtful debts and write-down of inventory for obsolescence.
Right and obligation: right are associated with assets and obligations with the liabilities.
Presentation & disclosure – account balances and related disclosure requirements are properly
presented in the financial statements
Q: Explain the differences among management assertions, general transaction-related auditing
objectives and specific transaction-related audit objectives and their relationships to each other.
Management assertions are implied or expressed representations by management about the classes
of transactions and related accounts in the financial statements. There are five broad categories of
assertions which are stated in the problem. These assertions are the same for every transaction cycle
and account. General transaction-related audit objectives are essentially the same as management
assertions, but they are expanded somewhat to help the auditor decide which audit evidence is
necessary to satisfy the management assertions. Accuracy, classification, timing, and posting and
summarisation are a subset of the valuation or allocation assertion. Specific transaction-related
audit objectives are determined by the auditor for each general transaction-related audit objective.
These are developed for each transaction cycle to help the auditor determine the specific amount of
evidence needed for that cycle to satisfy the general transaction-related audit objectives.

P a g e | 27
AUDIT REVISION
Question: What are the purpose of the general balance-related audit objectives and the specific
balance-related audit objectives? Explain the relationship between these two sets of objectives.
The purposes of the general balance-related audit objectives are to provide a framework that the
auditor can use to accumulate audit evidence. Once the nine general balance-related audit
objectives have been satisfied, the auditor can conclude that the account balance in question is
fairly stated. Specific balance-related audit objectives are applied to each account balance and are
used to help the auditor become more specific about the audit evidence to accumulate.
There is at least one specific balance-related audit objective for each general balance-related audit
objective and in many cases there are several specific objectives. There are specific balance-related
audit objectives for each account balance, and specific balance-related audit objectives for an
account such as fixed assets are likely to differ significantly from those used in accounts receivable.
In some audits, the auditor may conclude that certain specific balance-related audit objectives are not
important. At the end of the audit, the auditor must be satisfied that each specific balance-related
audit objective has been satisfied. The general balance-related audit objectives help the auditor
determine the appropriate specific balance-related audit objectives.
TOPIC 3: AUDIT` EVIDENCE (chapter 6)

AUDIT EVIDENCE DECISIONS
Evidence is defined as any information used by the auditor to determine whether the information
being audited is stated in accordance with established criteria. The evidence includes highly
persuasive information, such as auditor‘s count of marketable securities and less persuasive
information such as responses to questions of client employee. There are 4 major evidences that must
be made in every audit:
 Which audit procedures to use
 What sample size to select for a given procedure
 Which items to select from the population
 When to perform the procedures
Audit procedure: is the detailed instruction for the collection of a type of audit evidence obtained at
some time during the audit.
Sample size: when an audit procedure is selected, it is possible to vary the sample size from one to
all the items in the populations being tested.
Item to select: After sample size has been determined for an audit procedure, it is still necessary to
decide which items in the population to test. For example, the auditor could select a week and
examine the first 200 cheques; select the 200 cheques with the largest amounts; select the cheques
randomly; or select those cheques that the auditor thinks are most likely to be in error.

P a g e | 28
AUDIT REVISION
Timing: the Corporate Act 2001 requires that all public companies provide audited financial
statement within four months of the companies‘ fiscal year-end.
Audit program: The audit program includes a list of the audit procedure that the auditor considers
necessary. Most auditors use computers to facilitate the preparation of audit program
PERSUASIVENESS OF EVIDENCE
The persuasiveness of evidence is the degree to which the auditors are convinced by the evidence
supporting to their opinion. Two determinants of the persuasiveness of evidence are the competence
and sufficient of the evidence.
Competence of evidence (reliability of evidence): the degree to which evidence can be considered
believable or worthy of trust. The competence can be improved only by selecting audit procedures
that contain a higher quality of one or more of the following seven characteristics: relevant source;
independence of provider; effectiveness of client’s internal controls; auditor’s director knowledge;
qualified provider such as law firms and bank; degree of objectivity; and timeliness.
 Relevant source: evidence must relate to pr be relevant to the audit objective that the auditor
is testing before it can be reliable. For example, if the auditor considers that a client is failing
to bill customers for shipments (completeness objective); a relevant procedure would be a
trace a sample of shipping documents to related duplicates sales invoice. This is because the
shipment of goods is normal criteria used to determine whether a sale has occurred and
should have billed.
 Independence of provider: Evidence obtained from a source outside the entity is more
reliable than that obtained from within the entity. For example, external evidence such as
communications from banks, solicitors or customers is generally considered more reliable
than answers obtained from inquiries of the client.
 Effectiveness of client’s internal controls: the more effective internal control of client, the
more reliable evidence the auditor obtains. For example, if internal controls over sales and
billing are effective, the auditor obtain more competent evidence from sales invoices and
shipping documents than the controls were inadequate and inefficient.
 Auditor’s direct knowledge: Evidence obtained directly by the auditor through physical
examination, observation, computation and inspection is more competent than information
obtained indirectly. For example, if the auditor calculated the profit ratios and compared it
with previous periods, the evidence would be more credible than the auditor relied on the
calculation of financial controller.
 Qualifications of individual providing the information: although the source of information is
independent, the evidence will not be reliable if the provider lacks the qualification to do so.

P a g e | 29
AUDIT REVISION
For example, communications from solicitor and bank confirmations are more regarded than
account receivable confirmations form persons not familiar with the business world.
 Degree of objectivity: objective evidence is more reliable than evidence that requires
considerable judgement to determine whether it is correct. For example, the objective
evidence includes confirmation of account receivable and bank balances, the physical count
of securities and cash. However, the subjective evidence includes a letter written by a client‘s
solicitor, observation of outdated inventory during physical examination and inquiries of the
credit manager about the collectability of account receivable. Therefore, evaluating the
reliability of subjective evidence, the qualifications of evidence provider are important.
 Timeliness: Evidence is usually more reliable for balance sheet accounts when it is obtained
as close to the balance sheet date as possible. For income statement accounts, evidence is
more credible when auditing a sample from the complete period rather than from only a part
of period. For example, a random sample of sales transactions for complete year would be
reliable than a sample from only the first six months.
Sufficiency of evidence: is measured primarily by adequate sample size as well as selecting

appropriate population items
TYPES OF AUDIT EVIDENCE

Physical examination: is the examination or count by the auditor of a tangible asset. This type of
evidence is often associated with inventory; cash; verification of securities; notes receivable and
tangible non-current asset. This method is costly because it normally requires the auditor‘s presence
when the entity is counting the asset, often on the balance sheet date.
Confirmation: the receipt of a written

or oral response from an
independent third party verifying the
accuracy of information requested by
the auditor. However, confirmations
are relatively costly to obtain because it
may cause some inconvenience when
requiring the third party supply
information. ASA 505 identifies two
common types of confirmation used by
auditor: positive confirmation and
negative confirmation. Positive
confirmation means that the recipient is

P a g e | 30
AUDIT REVISION
asked to return the confirmation in all circumstances. On the other hand, the negative confirmation
means that the recipient is requested to respond only when the information is incorrect. However,
this method is costly because the auditor takes time to follow careful procedures in the confirmation
procedures, mailing and receipt.
Documentation: the auditor‘s examination of the client‘s documents and records to substantive the
information should be included in the financial statements. Documentation can be classified as
internal and external. An internal documentation has been prepared and used within the client’s
organisation such as employee time report, duplicate sales invoices and inventory receiving reports.
An external document has been used by an outside party to the transaction being documented such
as vendor‘s invoice, cancelled notes payable and insurance policies that the client can easily obtain.
Cost for this method is moderate because auditor takes time to read and evaluate a client‘s control,
lease agreement and minutes of meeting.
Observation: is the use of senses to assess certain activities. For example, the auditor may obtain
general impression of the client‘s facilities; observe equipment to evaluate whether it is outdated;
watch task performance of accountant. Therefore, cost of this method is low because the auditor can
observe whether the client employee follows the inventory counting procedure.
Inquiries of the client: is the obtaining of written or oral information from the client in response to
questions from the auditors. For example, the auditor may obtain information about the client‘s
method of recording by asking the client how the internal control operates. However, this
information cannot be regarded as conclusive evidence because it is not from an independent source
and may be biased in the client‘s favor.
Reperformance: involves the rechecking of a sample of the calculation and transfer of information
made by the client during the period under audit. Cost of this method is low because the auditors
use computer software to perform simple calculation and tracing.
Question: Outline three uses of analytical procedures in an audit and indicate which are required
on all audits. OR explain the reasons for performing analytical procedures (S3, 2009)
Analytical procedures: According to ASA 520, analytical procedure is the analysis of significant
ratios and trends in order to compare the entity’s financial information with prior period; predicted
results of the entity; expectation of auditor; similar industry information; and also find the
relationship among elements of financial information and between financial information and non-
financial information. There are several main reasons for auditor use analytical procedure:
Understanding the client’s industry and business: When comparing between prior year‘s audited
information and current‘s year unaudited information, the auditor can figure out the changes that
represents important trend or specific events affecting on the audit planning. For example, decrease
in gross profit  more competition in market  considers more carefully in inventory pricing.

P a g e | 31
AUDIT REVISION
Assessment of the entity’s ability to continue as a going concern: Analytical procedure is useful as an
indication that the client is encountering financial difficulty. The financial failure must be considered
by the auditor in the assessment of audit-related risk. If a high ratio of long-term debt combines with
a lower than average ratio of profits, a relatively high risk of financial failure may be indicated.
Indication of the presence of possible misstatements in the financial statement: Unusual fluctuation
is defined as significant unexpected differences indicated by analytical procedure between the
current‘s unaudited financial data and other data used in comparison. Thus, if the unusual fluctuation
is large, the auditor must determine the reason for it and must be satisfied that the cause is a valid
economic and not a misstatement.
Reduction of detailed audit test: Analytical procedures are usually inexpensive compared with test of
details. Therefore, most auditors prefer to replace tests of details with analytical procedures.
The auditor should apply analytical procedures at the planning stage to aid an understanding of the
business and in identifying areas of potential risk (ASA520). The auditor should apply analytical
procedures at or near the end of the audit when drawing a conclusion as to whether the financial
report as a whole is consistent with the auditor‘s knowledge of the business (ASA 520). In addition,
the auditor may use analytical procedures as a substantive test of transactions or balances.
FIVE TYES OF ANALYTICAL PROCEDURES - Question: what are the purposes of

preliminary auditor procedures? What types of comparisons are useful when performing
preliminary auditor procedures?(S2-2009)
Compare client and industry data: the most important benefits of industry comparisons are used as a
method to obtain understanding the client‘s business and indicate likelihood of financial failure.
However, a major weakness in using industry ratios for auditing is the difference between the client‘s
financial information and industry because the industry data are broad averages and the client‘s lien
of business is not the same as the industry standards.
Compare client data with similar prior period data: a wide variety such as compare the current
year‘s balance with the preceding year; compare the detail of the total balance with similar detail for
the preceding year; and compute ratios for comparison with previous years.
Compare client data with client-determined expected results: most companies prepare budget for
various aspects of their operations and financial results. Therefore, when compared with budgets, the
auditor must evaluate whether the budgets were realistic plans; and consider the possibility of current
financial information that was changed by entity personnel to comply with the budget.
Compare client data with auditor-determined expected results: based on some historical trends, the
auditor calculates the expected balance for comparison with the actual balance.
Compare client data with expected results, using non-financial data: when auditing a hotel, the
auditor may estimate total revenue from rooms compared with recorded revenue.

P a g e | 32
AUDIT REVISION
Question 6.19: it is imperative that the auditor follow up on all material differences discovered
through analytical procedure. What factors will affect such investigation?
Answer: The investigation of differences discovered through analytical procedures is affected by:
 The materiality of the amount: A potential material misstatement will require extensive
investigation, whereas an immaterial difference will be dismissed.
 The auditor's knowledge of the client's business: The auditor may know of events that caused the
change in ratios.
 The results of other auditing procedures: Other information obtained during the audit may
substantiate the results of the analytical procedures.
 The purpose of the analytical procedure: The objective of the tests will also affect the auditor's
response to the findings.
 The level of aggregation of data: If the auditor uses disaggregated data, he or she may be able to
isolate specific segments, locations, or time periods which require further investigation.
Question: In an audit of financial statements, an auditor must judge the competence of the audit
evidence obtained and asks many questions from the client officers and employees: (1) Describe
the factors the auditor should consider in evaluating the oral evidence provided by officers and
employees (2) Discuss the competence and limitations of oral evidence
1. An auditor should consider the following factors in evaluating oral evidence provided by client
officers and employees in response to these questions:
a) The competence of the questioned individual concerning the topic. For example, the perpetual
inventory clerk would be more likely to know about slow-moving inventory items than current
market prices.
b) The logic and reasonableness of the response. As an auditor becomes familiar with the client's
operations and personnel, he or she becomes more adept at choosing the right person to question and
evaluating the answer. The auditor will also observe a pattern of response forming and determine
whether it is internally consistent.
2. The auditor relies heavily upon the responses of client personnel, but he or she must recognise that
this information may lack reliability. The reliance placed upon such evidence will vary based on
the factors discussed in 1.a., but heavier weight generally is accorded to evidence generated
independently of the client. The auditor should seek additional evidence in instances where he or
she judges a client's response to be uninformed or unreliable. In crucial matters, the auditor should
ask the client to confirm the representation in writing and also obtain additional evidence from
independent sources (see ASA 580).

P a g e | 33
AUDIT REVISION
TOPIC 4: AUDIT PLANNING – MATERIALITY AND RISK

(Chapter 7+8)
Chapter 7: AUDIT PLANNING AND DOCUMENTATION
PLANNING – Why is adequate audit planning essential?
According to ASA 300, there are three main reasons why auditors should plan engagements:
 Gain a clear understanding of the client to enable auditors to obtain sufficient appropriate
evidence: that will help public accounting firm minimise legal liability and maintain a good
reputation in the business community.
 Ensure a cost-effective audit: help the firm remain competitive and thus retain or expand its
client base.
 Avoiding misunderstanding with the client is very important for good client relations and for
facilitating high-quality work a reasonable cost.
There are eight major parts in the audit planning, each of the first seven parts is intended to help the
last part – develop overall audit plan and audit program
Accept client and perform initial audit
planning
Understand the client's business and

industry
Assess client business risk
Perform preliminary analytical

procedures
Set materiality and assess acceptable

audit risk and inherent risk
Understand internal control and assess

control risk
Gather information to assess fraud risk
Develop overall audit plan and audit

program
Plan and design an audit approach (Phase 1)

P a g e | 34
AUDIT REVISION
ACCEPT AUDIT ENGAGEMENT AND PERFORM INITIAL AUDIT PLANNING

There are 4 steps in accepting an audit engagement and initial planning: accept or continue to service
existing clients; identify the client‘s reason for an audit; obtain an engagement letter; select staff for
the engagement as well as evaluate need for outside specialist.
Step 1: Client acceptance and continuance – Question: what factor should auditor consider prior
to accepting an engagement? Explain
Accepting new audit engagements Continuing engagements
Auditors should perform evaluation procedures: Existing engagements are usually evaluated
 The review of financial information annually to determine whether there are reasons
regarding the prospective client, its standing for not continuing to do the audit. The
in the business community, financial stability evaluation may include consideration of factors:
and the relationship with the existing  Previous conflicts over such things as the
auditors. Often searches are carried out using appropriate scope of the audit, the type of
the Internet or research databases, the opinion to issue or fees.
business press or other media;  Suggestions that the client lacks integrity
 Inquiries of third parties (including banks (e.g. through media reports, actions of
and solicitors) regarding the company and its executives or other evidence) and therefore
management; should no longer be a client.
 Whether the audit team is competent to  If there is a legal action against a public
complete the audit and this team has adequate accounting firm or vice versa, the firm
time and resources to do so. cannot do the audit. To do so violates the
 Communication with the predecessor Code of Ethics for Professional Accountants
auditor. In particular, issues relating to rules on independence (refer Professional
management integrity and disagreements Statement APES 110).
 Consideration of specific audit risks (e.g.  When the firm considers that the acceptable
evident from research into the industry, or risk in the engagement is below the
from information gained about the client) accounting firm's threshold (e.g. the client
 Evaluation of the firm’s independence (e.g. is threatened by going concern problems due
is there any conflict of interest that may arise to conflict with a government agency which
through relationships with existing clients, or may result in a future threat of litigation).
are there audit personnel that may hold
positions or financial interests that may
threaten independence), and
 Consideration of other ethical requirements.

P a g e | 35
AUDIT REVISION
Step 2: Identify the client’s reasons for audit
Two major factors affecting acceptable audit risk are the probable financial statement users and
their intended uses of the statements. The auditor can accumulate more evidence when the
statements are used extensively such as the case of publicly held company with extensive
indebtedness; or company sold in the near future. The most likely uses of the statement can be
determined from previous experience with the client and discussion with management. For example,
the auditor may obtain additional information about the client will have the audits.
Step 3: Obtain an understanding with the client

ASA 210 requires the purpose of the engagement letter that auditors document their understanding of
an engagement in the working papers, including the engagement objectives, the responsibilities of
the auditor and management, and the engagement‘s limitations.
The engagement letter is an agreement between the accounting firm and the client for the conduct
of the audit and related services that should specify whether the auditor will perform an audit, a
review plus any other services such as tax returns or management consulting.
The engagement letter should state any restrictions to be enforced on the auditor’s work,
deadlines completing audit, assistance to be provided by the client‘s employees in obtaining records
and documents, schedules to be prepared for the auditor; and an agreement on fees.
The engagement letter does not affect the public accounting firm‘s responsibility towards external
users of audited financial statement but it can affect legal responsibilities to the client.
Engagement letter information is important in planning the audit principally because it affects the
timing of the tests and the total amount of time the audit and other service will take.
Step 4: Select staff for the engagement and evaluate need for outside specialist.
Select staff for engagement: According to ASA 220, the engagement partner shall be satisfied that the
engagement team collectively has the appropriate capabilities, competence and time to perform the
audit engagement in accordance with Auditing Standard. Therefore, staff must be assigned accordance
with Auditing Standard, competent and knowledgeable about the client‘s industry.
Evaluate need for outside specialists: ASA 620 deals with the engagement of experts in the conduct
of an audit, and the requirements for reviewing their work. If an audit requires specialised
knowledge, it may be necessary to consult a specialist or expert. For example, the auditors may use
the diamond expert to audit the inventory valuation of a jeweller and value mineral reserves.

P a g e | 36
AUDIT REVISION
UNDERSTAND THE CLIENT ENTITY AND ITS ENVIRONMENT

ASA 315 states that the auditor will obtain an understanding of the entity and its environment
including its internal control, sufficient to identify and access the risks of material misstatement of
the financial report whether due to fraud or error; and sufficient to design and perform further audit
procedures.
There are several factors that have increased the importance of understanding the client entity:
 Information technology connects client with major customers and suppliers. Therefore,
auditors need greater knowledge about major customers and suppliers as well as risks related
to those relationships.
 Business has expended operation globally, through joint ventures and global alliances.
 Information technology affects internal business processes, improving the quality and
timeliness of accounting information.
 There is a heightened awareness of the impact of business on the environment, and the risk
attached to potential environmental damage.
 The increased importance of human resource and other intangible assets has increased
accounting complexity as well as the importance of management judgement and estimates.
 Auditors need a better understanding of client‘s business and industry in order to provide
additional value-added services to clients.
Strategic systems understanding of the client’s business and industry
Question: Explain why auditor need an understanding of client’s industry. What sources are
commonly used by auditors to learn about the client’s industry?
There are three primary reasons for obtaining a good understanding of the client‘s industry. First,
risk associated with specific industries may affect the auditor‘s assessment of client business risk
and acceptable audit risk. For example, high technology industries and other industries having risks
of damage to the environment are riskier than others. Second, inherent risks are typically common
to all companies in certain industries so understanding these risks may help auditor in assessing the
client‘s inherent risks. Example includes outdated inventory in the fashion clothing industry, loss
reserves in the insurance industry. Third, many industries (such as real estate agents, financial

P a g e | 37
AUDIT REVISION
institutions, not for profit organisation, and construction company) have unique accounting
requirements that the auditor must understand to evaluate whether the client‘s financial statement
are in accordance with Australian accounting standards. Knowledge of the client‘s industry can be
obtained in different ways, including:
Industry, regulation and other external factors
The auditors need to gain an understanding of the event, transactions and practices related to
environment matters (air pollution or contamination problems) in some industries such as oil and
gas, mining, chemical and pharmaceutical. The auditor may obtain knowledge of the client‘s industry
in different ways such as industry audit guides, Internet sources, textbooks and technical journals.
Nature of the client entity, its business operations and processes

According to AASB 124, the auditor should understand factors such as major sources of revenue,
key customers and suppliers, sources of financing, and information about related parties that may
indicate areas of increased client business client. AASB 124 also requires companies to disclose
certain industry and geographic information about segments of their business in their financial
statements. In addition, the ability to obtain financing is an important factor in determining whether a
company is likely to continue as a going concern.
Tour the plant and offices: when making tour the plant and offices, the auditor get beneficial from
obtaining a better understanding of their business and operations because it provides an
opportunity to observe the physical facilities as well as visualize inventory work-in-progress and
factory equipment. For example, if the auditor observes unused equipment and potentially unsaleable
inventory, it will affect the assessment of inherent risk for equipment and inventory.
Identify related parties:
 A related party is defined among other things, controlling (or controlled entities), directors
and their relatives. AASB 124 specifically refers to parties that can control or exercise
significant influence over the client in making financial and operating decisions. A related-
party transaction is any transaction between the client and a related party. For example, the
sales or purchases transaction is between a parent company and its subsidiary and loans to
directors; and exchanges of equipment between two companies owned by same shareholders.
 Based on the definition above, the transaction with a related party are not arm’s length
transactions so there is a risk that they were not valued at the same amount when the
transactions had been with an independent third party. Therefore, most auditors assess
inherent risk as high for related party and related – party transaction because of both of
the accounting disclosure requirement and the lack of independence between the parties
involved in the transactions.

P a g e | 38
AUDIT REVISION
 As a result, ASA 550 provides specific audit procedures to be carried out in the identification
of related parties:
 Inquiry of management, including their representations regarding known related parties
 Reviewing the information provided by management about related parties and related-
party transactions
 Examination of share registers and other statutory records to identify principal
shareholders and directors‘ interests
 Inquiry as to the affiliation of management with other entities
 Reviewing minutes of meetings of shareholders, the governing body and important
committees, and examining statutory registers
 Reviewing the entity‘s income tax returns and other information supplied to regulatory
agencies
The control environment (management and governance)

Management establishes the strategic and business process followed by the client‘s business. Thus,
management’s philosophy and operating style, and ability to identify and respond to risk,
significantly affect the risk of material misstatements in the financial statements. Governance
includes the client‘s organizational structure as well as the activities of the BOD and the audit
committee. An effective BOD helps ensure that the company takes appropriate risks while the audit
committee, through oversight of financial report, can reduce the probability of overly aggressive
accounting. In order to understand the client‘s governance system, the auditor should gain
knowledge of company policies and the company’s constitution, and read the corporate minutes.
 Company policies: basic policy decisions must always be carefully evaluated as part of the
audit to determine whether management has authorization from the board of directors to
make certain decisions and to be sure the decisions of management are properly reflected in
the statements
 Constitution: the auditor should understand the rules and procedures adopted by the
shareholders such as procedures for allotment and issue of shares; calling general meetings;
duties and powers of corporate officers; appointment and retirement of director; declaration
of dividends.
 Code of ethics: consideration of the processes for encouraging compliance with the code of
ethics will provide some insight into the integrity and ethical values of senior management.
 Minutes of meeting: the corporate minutes are the official recorded of the meeting of BOD,
shareholders and audit committee that includes summaries of the most important topics
discussed at the meetings and the decision made by directors, shareholders and audit

P a g e | 39
AUDIT REVISION
committee. Therefore, the auditor should read the minutes to obtain information relevant to
performing the audit.
Client objectives and strategies

Auditor should understand client objectives related to:
 Reliability of financial reporting
 Effectiveness and efficiency of operations: auditors require knowledge about operations and
ability to assess the client business risk and inherent risk in the financial statements. For example,
the product quality can have a significant impact on the financial statement through lost sales;
warranty and product liability claims
 Compliance with laws and regulations: the auditors should become familiar with the terms of
contracts and other legal obligations such as stock options, notes and bonds payable.
Measurement and review of performance

The client‘s performance measurement system includes the key performance indicators that
management uses to measure progress towards objectives. For example, the key performance
indicators include market share, sales per employment and unit sales growth … Therefore, the
auditor has to read financial statements, perform ratio analysis, and inquire of management about key
performance indicators that management uses to measure progress toward its objectives.
Other general sources include:
 Discussions with the auditor responsible for the engagement in previous years and
auditors currently on similar engagements;
 Conferences with the auditee‘s personnel;
 Internet resources and databases;
 Textbooks and technical magazines, and other media sources;
Active participation in industry associations, conferences and training programs.
Understand client's business and industry

Industry and external Business operations Management and Objectives and Measurement and
environment and processes governance strategies performance
Assess client business risk

Assess risk of material misstatements

P a g e | 40
AUDIT REVISION
Question: define client business risk and describe several source of client business risk. Explain
with examples about the auditor’s primary concern when evaluating client business risk
ASSESS CLIENT BUSINESS RISK – RISK ASSESSMENT PROCEDURES

Client business risk was defined as the risk that an entity‘s business objectives will not achieved due
to an effect of the external and internal factors. Therefore, the auditor must understand the entity‘s
business and industry at two levels in order to assess client business risk. First, the auditor must
obtain a through understanding of the industry in which the entity operates. This includes:
 The profitability and structure of the industry
 The relationship between the industry and the board economic and business environment
 The critical issues facing the industry
 The significant industry business risk
Second, the auditor must understand how the entity fits within the industry by obtaining knowledge:
 The entity‘s position within the industry such as profitability and market share
 The entity has opportunities and plans for increasing and maintaining profitability and market share.
 Threats to the entity‘s position in the industry
 The way the entity deals with its customers and competitors
 The entity uses the methods to measure and monitor its performance.
The client business risk affects inherent risk and control risk so the nature, timing and extent of the
auditor‘s work through the required level of detection risk.
DEVELOPING AN OVERALL AUDIT STRATEGY

The auditor aims to balance the potential conflict between the need for sufficient appropriate
evidence and cost and time needed to obtain that evidence to write conclusions and issue an audit
opinion. One of the most important aspects of the audit planning process is obtaining knowledge of
the client‘s business and its business risk. Establishing an overall audit strategy requires the auditor
make decisions in relation to scope of the audit, the general evidence requirement for the forming of
an opinion, and the initial choice as to the nature, timing and extent of audit procedure. The auditor
also considers the term of the engagement and any statutory responsibility as well as the effect of
new accounting and auditing standard. There are two alternative audit strategies: lower assessed level
of control risk and predominantly substantive approach:
1. Lower assessed level of control risk approach

If the internal control is well designed and expected to be highly effective, the auditor may
adopt a lower assessed level of control risk approach. This approach will be adopted when the
cost of more extensive procedure to obtain understanding of internal control and test of
control will be lower than the cost of performing extensive substantive procedure. The audit
strategy consists of:

P a g e | 41
AUDIT REVISION
 Use a planned assessed level of control risk of low or medium

 Obtain an extensive understanding of relevant part of the internal control
 Plan extensive tests of control
 Plan restricted substantive audit procedures when the planned acceptable level of
detection risk is high or medium
2. Predominantly substantive approach

If the auditor believes that adequate controls do not exist or are likely to be ineffective, the
auditor will adopt a predominantly substantive approach. This approach might also be
adopted when an auditor expects that the cost of the procedures to obtain an extensive
understanding of the internal control and test of control will be more than the cost of
performing extensive substantive procedure. The audit strategy will consist of:
 Use a planned assessed level of control risk of high
 Plan to obtain a minimum understanding of internal control
 Plan no test of control
 Plan extensive substantive audit procedure when planned acceptable level of detection
risk is low or medium
Impact of business risk assessment on audit strategy

The business risk approach means that auditor spends more time at the planning stage in order to
gain an understanding of management strategy and the risks associated with this strategy as well as
develop an expectation of what the entity‘s financial report should look like. As a result, the audit
strategy may be:
 Increase the use of analytical procedure
 Undertake tests of control for routine transactions such as ales and purchases
 Increase substantive testing of non-routine transaction such as management‘s estimates
 Decrease the emphasis on detailed substantive procedure if the financial report is in
accordance with the auditor‘s expectations developed from the business risk analysis
Preparing a detailed audit plan or program

An audit plan or audit program is a detailed list of the audit procedures to be applied to a particular
account or class of transactions needed to implement the audit strategy. ASA 300 requires the auditor
to develop and document an audit plan, setting out the nature, timing and extent of planned audit
procedure required to reduce audit risk to acceptably low level. Therefore, a well-prepared audit
program provides:
 Evidence of proper planning of the work: allows a review of the proposed scope of the audit
before the work is performed.

P a g e | 42
AUDIT REVISION
 Guidance to inexperience staff: provide a set of instruction to assistants

 Evidence of the work performed: each staff member signs each step in the program on
completing the required work
 A method of controlling the time spent on the engagement: the program may show the
estimated time required to complete each audit step and have provision for recording the
actual time taken.
 Evidence of the consideration of internal control in relation to the proposed audit
procedures: many companies include a brief summary of the important internal control
activities so the auditor can evaluate the work in order to figure out the strengths and
weaknesses of internal control.
The audit program is generally prepared by the audit senior in conjunction with the manager, and is
reviewed and approved by the audit partner. In addition, the audit program for a particular
engagement is influenced by the nature and size of the client‘s business, the management strategy
and its associated risk, the internal control and the client‘s accounting procedures. There are three
major factors to define audit procedures in preparing a detailed program:
 Nature: the particular audit procedures to use and the particular items to which a procedure
will be applied
 Extent: the sample size will be applied in the procedure and the number of different test will
be performed
 Timing: the appropriate time to perform the procedure
Thus, the question the auditor must ask can be summarized as what, how many and when. In
answering this question, the auditor should consider for a particular account or class of transaction:
 The risk of undetected error or other irregularities getting through in the audit
 Available evidence would indicate the presence or absence of a material error
 The maximum dollar amount of error or irregularities
PERFORM PRELIMINARY ANALYTICAL PROCEDURES (NATURE AND PURPOSE)

An important part of understanding the client‘s business and assessing client business risk is
performing preliminary analytical procedure. Comparison of client ratios with industry or
competitor benchmarks provides an indication of the company‘s performance. Unusual changes in
ratios compared with prior years or with industry averages help identify areas having increased
risk of misstatement that require further attention during the audit. Analytical procedures are
another important part of testing throughout the audit to identify possible misstatements, reduce
detailed tests, and to assess going concern issues.

P a g e | 43
AUDIT REVISION
UNDERSTAND THE PURPOSES OF AUDIT DOCUMENTATION

According to ASA 230, audit documentation (also referred to as working paper) is the principal
record of auditing procedures applied, evidence obtained, and conclusions reached by the auditor in
the engagement. ASA 230 requires that audit documentation include all the information the auditor
considers necessary to conduct the audit adequately and to provide support for the audit report.
The overall objective of audit documentation is to aid the auditor in providing reasonable
assurance that an adequate audit was conducted in accordance with Australia accounting standards.
In fact, the working papers provide a basis for planning the audit, a record of accumulated evidence
of work performed to support opinion and a basis for review by supervisors and partners.
OWNERSHIP AND CUSTODY OF AUDIT DOCUMENTATION

The working paper prepared during the engagement, including schedules prepared by the client for
the auditor, is the property of the auditor (ASA 230). At a completion of the engagement, working
paper and computer files are retained on the public accountant‘s premises for future reference. In
fact, the auditing standards require an audit firm to retain all audits working paper until the end of 7
years after the date of the audit report.
CONFIDENTIALITY OF AUDIT FILES

The auditor is responsible for adopting appropriate procedures for maintaining the confidentiality of
working paper (ASA 230.37). Ordinarily, the working paper can be provided to someone else only
with the express permission of the auditee (client). In fact, the audit documents may be subject to
review by the ICAA/CPA Australia or subpoenaed by the court.
CONTENTS AND ORGANISATION OF AUDIT FILES

Permanent audit files: are intended to contain data of a historical or continuing nature pertinent to
the current audit such as copies of the contract and constitutions. The types of information in
permanent file consist of:
 Exacts or copies of company documents of continuing importance as the constitution and long
term contract such as loan agreement, leases, superannuation plans …
 Analyses, from previous years, of accounts that have continuing importance to the auditor. These
include accounts such as long-term debt, account receivable, account payable, shareholder‘s
equity accounts, goodwill and fixed assets.
 Information related to the understanding of internal control and assessment of control risk such
as organization chart, flow chart, questionnaires and result of Computer Information System (CIS)
 The results of analytical procedure from previous years’ audits. Trends, ratios and percentages
computed by the auditor and total balance is useful for auditor to decide whether there are unusual
changes in the current year‘s account balances that should be investigated more extensively.

P a g e | 44
AUDIT REVISION
Current audit file: includes all audit documentation applicable to the year under audit. The types of
information in current file include:
 Audit Program: is a list of audit procedures for an audit area or an entire audit. The audit
program is maintained in a separate file to improve the coordination and integration of all parts of
the audit so the auditing standards require a written audit program for every audit. The audit
program always include audit procedures, sample sizes, items to select and timing of the test
in order to ensure a well designed audit program as an evidence of a high quality audit
 General information: Some audit files include current period information that is of a general
nature rather than designed to support specific financial statement amounts. For example, the
audit files may include audit planning memos, abstract of minutes of BOD, supervisor‘s review
comments, and general conclusion.
 Working trial balance: is a listing of the general ledger accounts and their year-end balances. This
is done as early as possible after the balance date.
 Adjusting and reclassification entries: although these entries are prepared by the auditor to correct
material misstatements and misclassification, they must be approved by the client because the
management has primary responsibility for the fair presentation of the statements.
 Supporting schedules: is a detailed schedules prepared by the client or auditor in support of
specific amounts in the financial statements. There are several major types of supporting
schedules that are relevant to audit program:
1. Analysis: is a summary of the activity in a general ledger account during the complete
period under audit, including together beginning and ending balances.
2. Trial balance or list: is a list of year end balances contained in various ledger such as
general ledger, accounts receivable and payable ledgers
3. Reconciliation of amounts: is the information that supports a specific amount or link the
amount recorded in the client‘s record to another source of information. Example includes
reconciliation of bank balances with bank statements and the reconciliation of subsidiary
account receivable with confirmations from customers.
4. Test of reasonableness: enables the auditor to evaluate whether the client‘s balance
includes an error in each situation. For example, the auditor test depreciation expense,
provision for income tax and allowance for doubtful debts by using test of reasonableness.
5. Summary of procedures: is a schedule that summarizes the results of a specific audit
procedure performed.
6. Examination of supporting documents: is a special-purpose schedules that is designed to
show detailed test performed. These schedules show no totals and they do not link into
the general ledger because they only provide documents of test performed and the results

P a g e | 45
AUDIT REVISION
found. However, the schedules must state a definite positive or negative conclusion about
the objective of test.
7. Informational: the schedule includes information for tax return and data such as time
budgets and client‘s working hours that will be helpful to audit evidence.
8. Outside documentation: such as confirmation replies and copies of client agreements.
Question: Outline the necessary preparation and planning annual audit before beginning filed
work at the client’s office
Generally, the first step in preparing to supervise and plan the field work for an audit examination is
to review and/or study current and background information on the client and industry. The most
important sources in this preparatory stage are as follows:
 Engagement letter (ASA 210)  Last year's in-charge auditor
 Permanent Audit File  Industry and government publications
 Last year's work papers  Industry audit guides or firm audit guides
 Client correspondence files  Client Corporate Governance arrangements
 Last year's reports, including management  Internet information
letter and/or internal control memorandum  Analytical procedures
The purpose of this preparatory review and study is to become familiar with such things as:
 The client's organizational structure,  Recent financial data or other important

including key personnel. activities such as new security offerings or
 Business activities and special problems of financing.
the client or industry in general.  The client's records and procedures
 The existence of related parties, for especially as they relate to the internal
disclosure purposes and for preparation of control structure.
group accounts.  Reports that are anticipated for this
 Identify client business and fraud risks. engagement.
After the above review, the auditors should make preliminary plans for the field work. They need to
determine what audit tests can be done on an interim basis and what must be done on or after the
balance-sheet date, including tests which should be done on a surprise basis. There must be a plan for
the nature timing and extent of work that can be done by the client's accounting and/or internal audit
staff as well as a schedule of critical dates for such things as cash counts, inventory observations, and
confirmations. A detailed time budget should be developed and specific areas of the audit assigned to
each staff member on the engagement. Additionally, consideration needs to be given as to whether
special expertise is required, e.g., a computer audit specialist.

P a g e | 46
AUDIT REVISION
The auditor should prepare a preliminary draft of audit programs based on the prior year‘s
assessment of internal control and any related current correspondence, as well as suggestions in last
year‘s audit files. It is often possible to use last year‘s audit programs as a start with revisions for
changed conditions or desired audit emphasis then made. If possible, visit the client and tour the
plant and offices to meet the appropriate officers and employees and discuss arrangements for the
engagement and related business risks.
After completing the preliminary preparation as outlined above, the auditor should schedule a
conference with all staff members assigned to the audit. The agenda would include a review of the
engagement letter, brainstorming about possible fraud risk areas including how management might
engage in and conceal fraud, discussion about the importance of professional scepticism, an estimate
of the scope of work, review of reports to be issued, review of the primary business operations of the
client, assignment of audit areas to the staff, and review of specific problems or difficulties that are
anticipated for this engagement. After this meeting, it is important to assure that each staff member
has adequate time to review and prepare for his or her assigned audit area.
A final step is to make sure that the necessary supplies, permanent files, and prior year‘s audit files
are carefully packed, downloaded, and prepared for transport to the client‘s office. If there is still
time before starting the work at the client‘s office, you can assign staff to set up audit schedule
analyses and lead schedules.
CHAPTER 8: MATERIALITY AND RISK

APPLY THE CONCEPT OF MATERIALITY TO THE AUDIT
The magnitude of an omission or misstatement of accounting information that, in the light of
surrounding circumstances, makes it probable that the judgement of a reasonable person relying on
the information would have been changed or influenced by the omission or misstatement.
Therefore, materiality provides a threshold or cut-off point rather than being a primary qualitative
characteristic which information have to be useful. There are five closely related steps in applying
materiality.
Step 1: Preliminary assessment of materiality
Step 2: Allocate preliminary assessment of materiality to segments
Step 3: Estimate total misstatement segment
Step 4: Estimate the combined misstatement
Step 5: Compare combined assessment with preliminary or revised

assessment of materiality

P a g e | 47
AUDIT REVISION
PRELIMINARY ASSESSMENT OF MATERIALITY
The auditors decide early in the audit the combined amount of misstatement and irregularities in the
financial statements that would be considered material. The preliminary assessment of materiality
is the maximum amount by which the auditor believes the statement could be misstated and still not
affect the decisions of reasonable users. The reason for making a preliminary assessment of
materiality is to help the auditor plan for accumulating appropriate evidence. There are some
important factors affecting to preliminary assessment of materiality:
Materiality is a relative rather an absolute concept: a misstatement of a given magnitude might be
material for a small company, whereas the same dollar misstatement could be immaterial for large
one. For example, a total misstatement of $ 1 million would be material for company having total
assets of several million dollars but immaterial for large company having total assets and net income
of several billion dollars.
Bases are needed for evaluating materiality: As materiality is relative, it is necessary to have bases
for establishing whether misstatements are material. For example, an auditor could decide that a
misstatement of a client‘s operating profit after income tax of $100,000 or more would be material
but a misstatement of $250,000 or more would be material for current assets.
Qualitative factors also affect materiality:

 Amounts involving fraud are usually considered more important than unintentional
misstatement of equal dollar amounts because fraud reflects on honesty and reliability of
management.
 Misstatements that are otherwise minor may be material if there are possible consequences
arising from contractual obligations. If the correct net working capital were less than the
required minimum in a loan agreement, the current and non-current liability classifications
would be materially affected.
 Misstatements that are otherwise immaterial may be material if they affect a trend in earning.
For example, if reported profit increased 3% annually for the past five years but profit for
current year has declined by 1% that change of trend may be material
Quantitative guidelines: in order to provide guidance on making materiality estimates to public

accountants, AASB 1031 suggests quantitative guidelines in the form of percentage limits:
 An amount which is equal to or greater than 10% of appropriate base amount may be presumed to
be material unless there is evidence or convincing argument to the contrary.
 An amount which is equal or less than 5% of appropriate base amount may be presumed not to be
material unless there is evidence or convincing argument to the contrary.

P a g e | 48
AUDIT REVISION
ALLOCATE PRELIMINARY ASSESSMENT OF MATERIALITY TO SEGMENTS
(TOLERABLE ERROR)
Allocation of the preliminary assessment of materiality to segment is the process of assigning to
each balance sheet account the misstatement amount to be considered material for that account
based on the auditor‘s preliminary judgment. As there is balance sheet than income statement
accounts in most audits, and most audit procedure focuses on balance sheet account, allocating
materiality to balance sheet accounts is the more appropriate alternative.
When auditors allocate the preliminary assessment of materiality to account balances, the materiality
allocated to any given amount balance is referred to as the tolerable error. For example, if auditor
decides to allocate $100,000 of a total preliminary assessment of $2,000,000 to account receivable,
tolerable error for account receivable is $100,000. Thus, the auditor is willing to consider accounts
receivable fairly stated if it is misstated by $100,000 or less.
There are three major difficulties in allocating materiality to balance sheet accounts (segments):
auditors expect certain accounts to have more misstatements than others; overstatement and
understatement must be considered; and relative audit costs affect the allocation.
The purpose of allocating the preliminary assessment of materiality to balance sheet accounts is to
help auditor decide the appropriate evidence to accumulate for each. An aim of the allocation should
be to minimize audit costs.
ESTIMATE ERROR AND COMPARE WITH PRELIMINARY ASSESSMENT OF

MATERIALITY
The first two steps in applying materiality involve planning, whereas the last three steps are based on
performing audit tests. The estimate of errors is calculated by making a direct projection from
sample to the population and adds an estimate for sampling error. The direct projection estimate
of misstatement is a estimate of likely misstatement in a population based on a sample , excluding
sampling risk and calculated as net misstatements in the sample, divided by total sampled, multiplied
by the total recorded population value. Sampling error is results because the auditor has sampled
only a portion of the population.
RISK AND EVIDENCE
Auditors accept some level of risk or uncertainty in performing the audit function. For example, the
auditor recognizes that there is doubt about the competence of evidence, doubt about the
effectiveness of a client‘s internal control. An effective auditor recognizes that risks exist, are
difficult to measure and require careful thought to respond appropriately. For example, when the
client‘s industry is undergoing significant technology changes that affect both the client and client‘s

P a g e | 49
AUDIT REVISION
customers  affect outdated of client‘s inventory; collectability of account receivable; and the
ability of the client‘s business to continue. Therefore, responding to risk properly is critical to
achieve a high quality audit.
Auditors gain an understanding of the client‘s business and their industry and assess client business
risk in order to evaluate the probability of material misstatement in the client‘s financial statement.
Auditor uses the audit risk model identify the potential for misstatements and where they are most
likely to occur.
AUDIT RISK MODEL AND ITS COMPONENTS
AAR = IR x CR x PDR or PDR = AAR / (IR x CR)

AAR: acceptable audit risk CR: control risk
IR: inherent risk PDR: planned detection risk
Planned detection risk (PDR) is a measure of the risk that the auditor is willing to take that audit
evidence for a segment will fail to detect a misstatement that exists in an assertion that could be
material, either individually or when aggregated with other misstatements. There are two key points
about planned detection risk. First, it is dependent on the other three factors in the model – PDR
changes when auditor changes one of the other factors. Second, it determines the amount of
substantive evidence the auditor plans to accumulate, inversely with the size of planned detection
risk. In fact, the auditor needs to accumulate more evidence to achieve the reduced planned risk.
Inherent risk (IR) is a measure of the auditor‘s assessment of the probability that there are material
misstatement (error or fraud) in a segment before considering the effectiveness of internal control.
Inherent risk is susceptibility of an assertion to a misstatement that could be material, either
individually or when aggregated with other misstatement, assuming there are no related controls. The
inherent risk is inversely related to planned detection risk and directly related to evidence. In
order to increase audit evidence for a higher inherent risk, it is necessary to assign more experienced
staff and review the completed working paper more thoroughly.
Control risk (CR) is a measure of the auditor‘s assessment of the risk that a misstatement could
occur in an assertion that could be material either individually or when aggregated with other
misstatements and that will not be prevented or detected and corrected on a timely basis by the
entity’s internal control. Control risk represents an assessment of whether the client‘s internal
controls are effective for preventing or detecting misstatements; and the auditor‘s intention to make
that assessment at a level below the maximum (100%). Therefore, the more effective the internal
controls, the lower the risk factor that could be assigned to control risk. The relationship between
control risk and planned detection risk is adverse, whereas the relationship between control risk and

P a g e | 50
AUDIT REVISION
substantive evidence is direct. The auditor can increase planned detection risk when controls are
effective because an effective internal control structure reduces the probability of misstatement in the
financial statements. Before setting control risk less than 100%, auditors must do three things: obtain
an understanding of internal control; evaluate how well it should function based on the
understanding; and test the internal controls for effectiveness.
Acceptable audit risk (AAR) is a measure of how willing the auditor is to accept that the financial
statements may be materially misstated after audit is completed and an unqualified opinion has been
issued. There is a direct relationship between AAR and PDR but an inverse relationship between
AAR and planned evidence. When the auditor decides on a lower acceptable audit risk, it means
the auditor wants to be more certain that the financial statements are not materially misstated.
Therefore, the auditors often assign more experienced staff and review the working papers more
extensively for a client with a power acceptable audit risk.
ASSESSING ACCPETABLE AUDIT RISK

Impact of engagement risk on acceptable audit risk:
Engagement risk is the risk that the auditor or audit firm will suffer harm because of a client
relationship even though the audit report provided for the client was correct. For example, if a client
commences liquidation after an audit is completed, the probability of a legal action against the audit
firm is reasonably high even if the quality of the audit was good.
 The degree to which users rely on the statements: when external users rely so much on the
financial statements, acceptable audit risk can be decreased. There are several good indicators
of the degree to which statements are relied on the external users:
 Client size: the larger a company‘s operation, the more widely the statement will be used.
 Distribution of ownership: the statements of public corporations are normally relied on
by many more users than those of closely held corporation.
 Nature and amount of liabilities: when statements include a large amount of liabilities,
they are more likely to be used extensively by actual and potential creditor rather than
having a few liabilities.
 The likelihood that a client will have financial difficulties after the audit report is issued: if a
company is forced into receivership or liquidation or suffers a significant loss after
completion of the audit, the auditor is required to defend the quality and result of audit
successfully. Thus, before the financial failure of client occurs, the auditor should predict it
through certain factors:

P a g e | 51
AUDIT REVISION
 Liquidity position: the auditor must assess the probability and significance of a steadily
declining liquidity position. For example, short of cash and working capital may result in
a future problem in paying debts.
 Profits (loses) in previous year: when rapidly declining profit or increasing losses for
several years, the auditor should recognize that the client will encounter the future
solvency problems.
 Method of financing growth: the more a client relies on debt as means of financing, the
greater the risk of financial difficulty if the client‘s operations become less successful. It
is important to evaluate whether fixed assets are being financed with short-term or long-
term loan because the large amount of required cash outflows (eg: interest expense)
during a short period of time can force a company into insolvency.
 Nature of the client‘s operations: certain types of businesses are inherently riskier than
others. For example, there is a much greater likelihood of financial failure of start-up
Technology Company than of a diversified food manufacturer.
 Competence of management: the management is constantly alert for potential financial
difficulties and modifies its operating way to minimize effects of short-term problems.
 The auditor’s evaluation of management’s integrity: if a client has questionable integrity the
auditor is likely to assess acceptable audit risk lower. Companies with low integrity often
conduct their business affairs in manner that results in conflicts with their shareholders,
regulators and customers. Disagreement with previous auditor, the ATO, ASIC or the ASX
and conflicts with unions and employees may also indicate integrity problems.
Making acceptable audit risk decision

A low acceptable audit risk assessment means a risky client that requires more extensive evidence,
assignment of more experienced employees and more extensive review of audit documentation. In
order to assess each of three factors above, the auditor uses:
Methods auditor use to assess acceptable audit risk
FACTORS METHOD
External user‘s reliance on financial Examine the financial statements, including footnotes.
statements Read minutes of BOD‘s meetings to determine future plan.
Examine ASX releases for public companies.
Discuss financing plans with management.
Likelihood of ratios and financial Analyze the financial statements for financial difficulties using
difficulties analytical procedure.
 Examine historical and projected cash flow statements for the
nature of cash inflow and outflows
 Discuss financing plans with management.
Management integrity  Follow the procedure for client acceptance and continuance.

P a g e | 52
AUDIT REVISION
ASSESSING INHERENT RISK

Factor affecting inherent risk – the auditor should consider several major risk factors when
assessing inherent risk:
 Nature of the client’s business: inherent risk is most likely to vary from business to business
for accounts such as inventory, accounts and loans receivable and PPE. For example, there is
a greater likelihood of obsolete inventory for an electronics manufactured than for a steel
manufacturer.
 Results of previous audits: misstatements found in the previous year‘s audit have a high
probability of occurring again in the current year‘s audit because many types of errors are
systemic in nature, and organisations are often slow in making changes to eliminate them. For
example, the auditor has found no misstatement for the past several years in conducting test
of an audit area; the auditor is justified in using a lower inherent risk.
 Initial versus repeat engagement: Auditor gains knowledge and experience about the
probability of misstatement after auditing a company for several years. Therefore, most
auditors set a high inherent risk in the first year of an audit and reduce it in the later years.
 Related parties: related-party transactions (eg: transactions between parent and subsidiary or
transaction between director and company) do not occur between two independent parties
dealing at arm‘s lengths so the greater likelihood of misstatement from these transactions
may exist that should cause an increase in inherent risk.
 Non – routine transactions: transactions which are unusual for the client are more likely to be
incorrectly recorded than routine transactions as the client lacks experience to record them.
 Judgement required to correctly record account balances and transactions: many accounts
(eg: provision for doubtful debts, obsolete inventory and depreciation for non current assets)
require estimates and a great deal of management judgement. Therefore, recoding these
accounts requires both knowledge and skills regarding the substance of the item and related
accounting standard.
 Makeup of the population: the individual items making up the total population also affect the
auditor‘s expectation of material misstatement. For example, most auditors would use a
higher inherent risk for account receivable where most accounts were significantly overdue
than when most accounts were current.
Making the inherent risk decision

The auditor must evaluate the information affecting inherent risk and decide on an appropriate
inherent risk factor for each cycle, account and, many times, for each audit objectives. For example,
the auditor notes that a large number of misstatements in inventory were found in the previous year

P a g e | 53
AUDIT REVISION
and inventory turnover has slowed in the current year so the auditors would probably set inherent
risk at a relatively high level.
Obtain information to assess inherent risk
Auditors begin their assessments of inherent risk during the planning phase and update the
assessment throughout the audit. For example, the discussion of obtaining knowledge about the
client‘s business and industry, touring the client‘s plant and offices, and identifying related parties all
pertain directly to inherent risk assessment.
TOPIC 5: INTERNAL CONTROL AND CONTROL RISK

(CHAPTER 9)
CLIENT AND AUDITOR CONCERNS – Contrast management’s need for internal control
with the auditor’s need to consider internal control when designing an audit.
An internal control structure consists of policies and procedures designed to provide management
with reasonable assurance regarding the achieving of management‘s objectives in the following
categories: reliability of financial reporting; effectiveness and efficiency of operations; and
compliance with applicable laws and regulations. There are three concepts under the study of internal
control and assessment of control risk.
Management’s responsibility: the management have to establish and maintain the entity‘s control
and is responsible for the preparation of financial statements in accordance with accounting standard.
Reasonable assurance: after considering the costs and benefits of the controls, the company should
develop internal controls that provide reasonable but not absolute assurance that the financial
statement is fairly stated.
Inherent limitations: the internal control structure may have inherent limitations such as:
 The potential for human error due to carelessness, distraction, mistakes of judgement or the
misunderstanding of instructions.
 The collusion with parties outside the entity or with employees of the entity.
 Procedure may inadequate due to changes in conditions
 A person responsible for exercising control could abuse that responsibility.
 The controls may not be directed at unusual transactions
Client concerns: there are three concerns for management to design an effective control system.
 Reliability of financial reporting: management has legal and professional responsibility for
preparing financial statements for investors, creditors and other users and ensure information
be fairly accordance with reporting requirement.

P a g e | 54
AUDIT REVISION
 Efficiency and effectiveness of operations provides accurate information of internal decision

making and safeguards assets and records. For example, the price to charge for product is
based on information about the cost of making products. Moreover, adequate controls can
prevent physical assets of company be stolen.
 Compliance with applicable laws and regulations: require organisations follow laws and
regulations such as environmental protection; workplace health and safety laws.
Audit concern: The auditor shall obtain an understanding of internal control relevant to the audit
(ASA 315). Auditor is primarily concerned about controls related to reliability of financial
reporting and controls over classes of transactions.
 Controls related to reliability of financial reporting: determine whether the financial is

fairly stated. The financial statement will not reflect accounting standard correctly if control
affecting the reliability of financial reporting are inadequate. Therefore, auditors should be
concerned with a client’s internal control over safeguarding of assets and compliance with
applicable laws and regulation. Moreover, the auditor has a responsibility to z in FR:
fraudulent in FR, misappropriate of asset, illegal. In addition, the auditor also emphasise
controls concerned with the reliability of data for external reporting purpose.
 Controls over classes of transactions: the auditors emphasize internal control over classes of
transactions rather than account balances. This is because the accuracy of the output of
accounting system is dependent on the accuracy of inputs and processing (transaction). In
addition, when gaining an understanding of internal and assess control risk, auditors are
primarily concerned with the transaction-related audit objectives.
COMPONENTS OF INTERNAL CONTROL

The internal control structure includes three categories of controls (control environment,
information system, and control procedure) that management designs and execute to provide
reasonable assurance that management‘s control objectives will be achieved.
The control environment is the actions, policies and procedures that reflect the overall attitudes of
top management, directors and owners of an entity towards internal control and its importance to the
entity. Without the effective control environment, the information system and control procedures are
unlikely to result in effective internal control. There are several vial elements for the purpose of
understanding and assessing the control environment:
 Management’s philosophy and operating style: the management provides clear signals to
employees about the importance of internal control through its activities. Management‘s
integrity and ethical values are other important considerations that remove or reduce
incentives prompting employees to engage in dishonest, illegal or unethical acts.

P a g e | 55
AUDIT REVISION
 Organisational structure: the entity‘s organisational structure describes the existing lines of
responsibility and authority so the auditor can obtain the information about management and
functional elements of the business.
 Assignment of authority and responsibility: formal methods of communication about
authority and responsibility; and similar control-related matters are important. For example:
the memorandum from top management about the importance of control and control-related
matters; formal organisational plans; employee description and related policy.
 Internal audit: is established within an entity to monitor the effectiveness of other control-
related policies and procedures. It is essential that the internal auditor be independent of both
the operating and accounting departments and that it report directly to a high level of
authority within the organisation such as top management or the audit committee of the BOD.
In addition, an adequate and effective audit staff can contribute to reduce external audit costs
by providing direct assistance to external auditors.
 Audit committee participation: the audit committee must be independent from management
and have sufficient knowledge of financial reporting issues so they can effectively evaluate
internal controls and financial statements prepared by management. In addition, this
committee is responsible for maintaining ongoing communication with both external and
internal auditors.
 Human resources: the most important aspect of internal control is personnel. For example,
honest, efficient people are able to perform at a high level even when there are few other
controls to support them. Because of the importance of competent, trustworthy personnel in
providing effective control, the methods by which people are hired, evaluated, trained,
promoted and compensated are an important part of internal control.
The information system

The purpose of an entity‘s
accounting information system is
to identify, assemble, classify,
analyse, record and report the
entity‘s transactions and to
maintain accountability for the
related assets. For each class of
transactions, the accounting system
must satisfy all the six transaction-
related audit objectives.
Typical simple computerised accounting system

P a g e | 56
AUDIT REVISION
 Data preparation: most companies implement several control procedures to ensure that the
source information to be entered into the computer is accurate.
 Data entry: the conversion of information from the source document into a computer is a
mechanical process so most companies should have internal controls to ensure that data entry
is accurate.
 Transaction processing and master file update: besides accurate input, the accurate
processing of transactions and updating of master files requires that the computer software is
properly designed and reliable.
 Document and report generation:
 In order to understand the accounting information system, the auditor should:
 Identify major classes of transaction
 Determine how transaction are initiated
 Determine the existence and nature of accounting records
 Consider how transactions are processed
 Examine the nature and details of the financial reporting process
Control procedures are the policies and procedures ensure that necessary actions are taken to address
risks in the achievement of the entity‘s objectives. There are five types of specific control activities:
1. Adequate separation of duties: there re four general guidelines to prevent fraud and errors
 Separation of the custody of assets from accounting: Not allowing a person having
temporary or permanent of an asset to account for that asset is to protect company against
defalcation. In fact, when one person performs both functions, there is high risk that this
person will dispose of the asset for personal gain and adjust the records to avoid
responsibility.
 Separation of the authorisation of transaction from custody of related assets: prevent
person authorising transactions from having control over the related asset. For example,
the same person should not authorise the payment of a vendor‘s invoice and also sign the
cheque in payment of the debt.
 Separation of operational responsibility from record-keeping responsibility: in order to
ensure unbiased information, record keeping is typically included in a separate department
under the financial controller. For example, sales department could not record sale
transactions.
 Separate of IT duties from duties of key users outside IT: it is important for companies to
separate major IT-related functions from key user department functions. For example,
responsibility for designing and controlling accounting software should be under authority

P a g e | 57
AUDIT REVISION
of IT, whereas the ability to update credit limits in the accounts receivable master file
should be located in the company‘s credit department outside the IT function.
2. Proper authorisation of transaction and activities: every transaction must be authorised

through general and specific. General authorisation means that management establishes
policies for the organisation to follow. For example, issue of fixed price list for the sale of
products and credit limit for customers is one of general authorisation. Specific
authorisation applies to individual transaction and case by case approval of transactions not
covered by company wide policies. An example is the authorisation of sales transactions by
the sales manager for a used-car company.
3. Adequate documents and records: Documents and records (such as sales invoices, purchase
orders, subsidiary records, sales journals and employee time cards) are physical objects on
which transactions are entered and summarised. Documents perform function of transmitting
information throughout the client‘s organisation and between different organisations.
Therefore, the document should be adequate to provide reasonable assurance that all assets
are properly controlled and all transactions are correctly recorded. The documents and record
should have essential elements to gain its effectiveness:
 Pre-numbered consecutively to facilitate control over missing documents – ex:
number in sales invoice
 Prepare at the time of transaction. Record is less credible and the chance of
misstatement increases if taking longer time.
 Sufficiently simple to ensure understanding
 Designed for multiple uses – ex: used shipping document can be a receipt of goods
from storage to shipping department; inform the quantity of goods to the customers
and appropriate billing date.
 Constructed to encourage right preparation – ex: a document may include blank space
for authorisations and approvals; and designated column spaces for numerical data.
 A control closely related to documents and records is the chart of accounts which is
helpful in preventing classification error.
4. Physical control over assets and records: it is essential to protect assets and records in order
to maintain adequate internal control. The most important type of protective measure for
safeguarding assets and records is the use of physical precautions. For example, using
storerooms for inventories is to guard against theft; fireproof safes and safety deposit for the
protection of assets such as currency and securities are important physical safeguards. When
a company is highly computerised, it is compulsory to protect its computer equipment,

P a g e | 58
AUDIT REVISION
programs and data files. Therefore, there are three categories of controls related to protecting
IT equipment, programs and databases. First, physical controls are used to protect the
computer facilities – ex: locking on doors to the computer room, proper control of
environmental conditions such as temperature and humidity, adequate storage space. Second,
access control permits authorised people can use the equipment and have assess to software
and data files through assess password system. Finally, backup and recovery procedures
are efficient method to avoid loss of equipment, programs or databases.
5. Independent checks on performance: Independent checks are internal control activities

designed for the continuous internal verification of other controls. The need for independent
checks arises because internal control tends to change overtime unless there is a mechanism
for frequent review. In fact, employees are likely to forget or intentionally fail to follow
procedures or may become careless unless other people observe and evaluate their
performance.
INTERNAL CONTROL STRUCTURE

Control environment Information system Control procedures
Sub-element of control environment: Objectives must be satisfied: Categories of control procedures:
 Management philosophy and  Existence/occurrence  Adequate separation of duties
operating cycle  Completeness  Proper authorisation of transactions
 Organisational structure  Accuracy and activities

 Classification  Adequate documents and records
 Assignment of authority and
 Timing  Physical control over assets and
responsibility
 Posting and Summarisation records
 Internal audit
 Independent checks on
 Audit Committee
performance
 Human Resource
Elements and sub-elements of the internal control structure
HOW THE SIZE OF THE BUSINESS AFFECTS INTERNAL CONTROL – Question:

difference between nature of the potential controls available for large and small companies.
The size of a company has a significant effect on the nature of the controls likely to exist. A small
company has difficulty establishing adequate separation of duties and justifying an internal audit
staff. However, a major type of control available in a small company is the knowledge and concern
of the top operating person, who is frequently an owner-manager. His or her ability to understand
and oversee the entire operation of the company is potentially a significant compensating control.
The owner-manager's interest in the organization and close relationship with the personnel enable

P a g e | 59
AUDIT REVISION
him or her to evaluate the competence of the employees and the effectiveness of internal controls.
While some of the five control procedures are unavailable in a small company, especially adequate
separation of duties, it is still possible for a small company to have proper authorization of
transactions and activities, adequate documents and records, physical controls over assets and
records, and, to a limited degree, independent checks on performance.
Process of understanding internal control and assessing control risk

Decide planned
Obtain understading of internal Assess Test
detection risk and
control: design and operation control risk controls
substantive test
The auditor considers the internal control by first obtaining an understanding of internal control that
used for assessment of control risk. When auditor‘s control risk assessment is below maximum, the
auditor performs tests of controls. After receiving result of test of control, the auditor considers how
those results affect planned detection risk and substantive testing.
PROCEDURE TO OBTAIN AN UNDERSTANDING OF INTERNAL CONTROL

Procedure to obtain an understanding of internal control is procedures used by the auditor to gather
evidence about the design and placement in operation of specific control. There are three steps for
auditor to gain an understanding of internal control
Understanding internal control sufficiently to plan the audit: the extent of understanding must be
sufficient to plan the audit adequately in terms of four specific planning matters
 Auditability: the auditor must obtain information about the integrity of management and the
nature and extent of the according records to be satisfied that sufficient and appropriate
evidence is available to support the financial statement balances.
 Potential material misstatements: the understanding should allow the auditor to identify the
types of potential error and fraud.
 Detection risk: control risk affect directly planned detection risk for each audit objective so
information about internal control is used to assess control risk for each that affects planned
detection risk and planned audit evidence.
 Design test: the information obtained should allow the auditor to design effective test of the
financial statement balances including test for monetary correctness and analytical procedure.
Before making conclusion of control risk, the auditor must complete three steps: to obtain an
understanding of the control environment and information system at a fairly detailed level; to
identify specific control that will reduce control risk and make an assessment of control risk;
and to test the control for effectiveness.

P a g e | 60
AUDIT REVISION
Procedures to determine design and placement in operation: in obtaining that understanding, the
auditor should consider two aspects: the design of the various controls within each element; and
whether they have been placed in operation.
 Update and evaluate auditor’s previous experience with entity: the auditor should obtain the
updated information of client‘s internal control
 Make inquires of client personnel: Inquiries of personnel at the management, supervisor and
staff levels about the updating information from previous audit will be conducted in
obtaining an understanding of internal control
 Read client’s policy and system manuals: the entity must have extensive documentation such
as accounting manual and an organisation chart in order to design and maintain internal
control.
 Examine documents and record: examination of the documents and records provides
evidence that the control policies and procedures have been placed in operation.
 Observe entity activities and operations: the auditor can observe personnel in the process of
preparing documents and records as well as carry out their normal accounting and control
activities. As a result, the auditor will improve their knowledge and understanding that
controls have been placed in operation.
Documentation of the understanding: there are three methods of documentation of understanding

internal control: narratives, flow charts, and internal control questionnaires.
 Narrative: is a written description of a client‘s internal controls. A proper narrative of an
accounting system and related control includes four characteristics:
1. The origin of every document and record in the system: for example, the description
should state how sales invoices are generated
2. All processing that takes places: for example, the sales amounts should be described when
calculated by multiplying quantities shipped with standard prices.
3. The disposition of every document and record in the system: the filling of documents and
sending them to customers should be shown
4. An indication of the controls relevant to the assessment of control risk: include separation
of duties, authorisation, and internal verification
 Flow chart: is a diagrammatic representation of the client‘s documents, records and the
sequence in which they are processed. The flow charting is beneficial because it can provide
brief overview of the client‘s system that is useful to the auditor as an analytical tool in
evaluation. A combination of narrative and flow chart is used because of two factors: the
relative easiness of understanding by current year and following year auditor and relative cost
of preparation.

P a g e | 61
AUDIT REVISION
 Internal control questionnaire: is a series of questions about the controls in each audit area,
used as a method in order to show auditor aspects of internal control that may be inadequate.
The primary advantage of using questionnaire is the ability to cover each audit area
completely but the disadvantage is that the individual parts of the client‘s systems are
examined without providing an overall view.
ASSESS CONTROL RISK

There are four specific assessments that must be made to arrive at the initial assessment:
1. Assess whether the financial statement are auditable
There are two factors determine auditability: the integrity of management and the sufficiency
of accounting records. If the management lacks integrity that may provide false representation,
the auditor will rely on unreliable evidence. For example, it is difficult for the auditor to evaluate
whether inventory is outdated without an honest assessment by management. In addition,
deficiency in the accounting records results that necessary audit evidence may not be available.
For example, the entity has not kept duplicate sales invoices and vendor‘s invoices; it will be
unreasonable to do an audit. Therefore, when the auditors conclude that the entity is not
auditable, they will discuss the situation with the client and issue a disclaimer opinion.
2. Determine assessed control risk supported by the understanding obtained

After obtaining an understanding of internal control, the auditor makes initial assessment of
control risk. This assessment is a measure of the auditor‘s expectation that internal control will
not either prevent materials misstatement or not detect and correct them.
The initial assessment is generally made for each transaction-related audit objective for each
major type of transaction. In addition, the initial assessment usually starts with consideration of
the control environment. If the attitude of managements is that internal control is not important,
it is unreasonable to believe that the detailed control activities will be reliable. As a result, the
auditor can assume that the control risk for all transaction-related audit objectives is at the
maximum. On the other hand, if management‘s attitudes towards internal control are positive,
the auditor may assess the control risk below maximum after evaluating and considering the
specific policy and procedures.
There are three important considerations about the initial assessment. First, the auditor does not
have to make the initial assessment in a formal, detailed manner. Second, when the significant
information supporting transactions is available only in electronic form, the auditor may assess
control risk below the maximum and perform more extensive test of control. Third, even though
the auditor believes control risk is low, assessed control risk is limited to that level supported by
the evidence obtained.

P a g e | 62
AUDIT REVISION
3. Assess whether it is likely that a lower assessed control risk could be supported
When the auditors believe that actual control risk may be significantly lower than the initial
assessment; they may decide to support a lower assessed control risk. As a result of the initial
assessment, additional controls can be identified and tested to reduce assessed control risk.
4. Determine the appropriate assessed control risk

After completing the initial assessment and considering whether a lower assessed control risk is
possible, the auditor can make decision which assessed control risk should be used: either a level
already supported in the initial assessment or a lower level. This decision depends on
recognising the trade-off between the costs of test of controls and the costs of substantive test
that would be avoided by reducing assessed control risk.
There are several major steps for assessment of control risk:

1. Identify transaction-related audit objectives
The auditor assesses control risk for transaction-related audit objectives for each major type of
transaction in each transaction cycle. For example, in the sales and collection cycle, the types of
transaction involve sales, sales returns and allowances, cash receipts and allowance for doubtful
debts and write-off bad debts.
2. Identify specific controls

Identify specific controls is a contribution to accomplish each transaction-related audit objective.
The auditor recognizes significant and relevant controls by proceeding through the descriptive
information about the client‘s system. For example, the auditor may some question to consider
whether the transactions exist: is there adequate separate of duties? Are the documents used well
designed? Are pre-numbered document properly accounted for?
3. Identify and evaluate weakness

An internal control weakness is the absence of adequate controls that increases the risk of
misstatement existing in the financial misstatements. There are four-step approaches for
indentifying significant weaknesses:
 Identify existing controls
 Identify the absence of key controls
 Determine potential material misstatement that could result
 Consider the possibility of compensating controls
4. The control risk matrix – Question: what is the purpose of control risk matrix and explain the
meaning of an assessment of control risk of low compared with one of medium
The purpose of the control risk matrix is to assist the auditor in assessing control risk. The control

P a g e | 63
AUDIT REVISION
risk matrix helps the auditor identify controls and weaknesses for each of the six transaction-
related audit objectives.
If control risk is assessed as low, the auditor believes that the controls are likely to detect and
correct misstatements which may occur. If control risk is assessed as moderate, the auditor
believes that the controls are less likely to detect and correct misstatements which may occur than
if control risk was assessed as low.
COMMUNICATE REPORTABLE CONDITIONS AND RELATED MATTERS – Explain

term “reportable conditions” as relating to internal control. What should the auditor do with
reportable conditions?
Reportable conditions are significant deficiencies in the design or operation of internal control. Such
conditions should be reported by the auditor to the audit committee according to ASA 260. If there
is no audit committee, then reportable conditions should be communicated to the person or persons
in the organization who have overall responsibility for internal control (board of directors or owner-
manager, for example). The auditor is also required to review these matters and actions taken by
management on subsequent visits. In addition to reportable conditions, the auditor provides a
management letter to management that contains the auditor‘s recommendations for improving any
aspect of he client‘s business.
TEST OF CONTROL
The test of control is audit procedures to test the operating effectiveness of controls in support of a
reduced assessed control risk. There are four types of procedure for test of control that are used to
support the operating of internal controls.
 Make inquiries of appropriate client personnel: by making inquires of employee or
manager, the auditor may determine who are authorized to sign in the document.
 Examine documents, records and reports: the auditor examines whether the documents are
complete and properly matched with required signatures.
 Observe control-related activities: separation of duties relies on specific personnel
performing specific tasks and there is no documentation of the separate performance, so the
auditor generally observes them to find out the evidence.
 Re-perform client procedures: the auditor actually re-perform the control activity to see
whether the proper results were obtained. For example, in order to find misstatements in sales
transaction, the auditor will re-perform the procedure by tracing the sales prices to authorized
price list in effect at the date of the transaction.
If the auditors want to use a low assessed control risk, they will apply more extensive test of control
such as larger sample size for documentation, observation and re-performance procedures.

P a g e | 64
AUDIT REVISION
 Reliance on evidence from prior year’s audit

 Testing less than the entire audit period
 Rotating test of controls
Relationship of test of controls to procedures to obtain an understanding
There is a significant overlap such as inquiry, documentation and observation between test of control
and procedures to obtain an understanding. There are two primary differences in the application of
these common procedures between phases. First in obtaining an understanding, the procedures are
applied to all the control identified as part of the understanding of internal control. On the other
hand, tests of control are applied when the assessed control risk is below the maximum. Second,
procedure to obtain an understanding is performed only one or a few transactions but the test of
control is performed on larger sample of transactions (perhaps 20-100).
Distinguish between obtaining an understanding of internal control and assessing control risk.
Also explain the methodology the auditor uses for each of them.
The purpose of obtaining an understanding internal control is to find out how the entity believes the
internal controls operate. It involves evaluating the design of internal controls and determining
whether those controls have been placed in operation. Assessing control risk means to state the
degree to which the auditor intends to rely on internal controls to reduce substantive tests. For
example, the auditor might assess control risk as low.
The understanding of internal control is done by interviewing entity personnel, examining procedures
manuals, describing the flow of documents and records by the use of flowcharts and narrative
descriptions, and using an internal control questionnaire. Assessing control risk is done based upon
the findings in the understanding of internal control and the results of the tests of controls. It is an
auditor's decision using professional judgment

P a g e | 65
AUDIT REVISION
TOPIC 6: AUDIT STRATEGY PLANS AND PROGRAMS

(CHAPTER 12)
TYPES OF TEST
In developing an overall audit plan, auditors have five types of tests that are the five categories of
audit tests is used to determine whether financial statements are fairly stated, including: procedures
to obtain an understanding of internal control, test of control, substantive test of transaction,
analytical procedures and test of details of balance.
AR
= PDR
IR x CR
Procedures to
Substantive Tests of Sufficient
obatin an Test of Analytical
tests of details of approprate
understanding of control procedures
trasaction balance evidence
internal control
Procedures to obtain an understanding of internal control and test of control reduced control risk,
whereas analytical procedures and test of details of balance are used to satisfy planned detection risk.
Substantive test transactions affect both control risk and planned detection risk because they are used
to test the effectiveness of internal controls and the dollar amount of transactions.
1. Relationship between of tests and evidence

Types of evidence
Physical examination
Analytical Procedure
Inquiry of client
Reperformance
Documentation
Confirmation
Observation
Types of test
Procedure to obtain an understanding of internal control    
Test of control    
Substantive tests of transactions   
Analytical Procedure  
Test of details of balances     

P a g e | 66
AUDIT REVISION
2. Effectiveness and cost of each test
Obtain an understanding of internal control is procedures used by the auditor to gather evidence
about the design and placement in operation of specific control and the test of control is audit
procedures to test the effectiveness of controls in support of a reduced assessed control risk.
Therefore, two these tests were to evaluate whether controls over transactions in the cycle are
sufficiently effective to reduce control risk and thus reduce substantive test. Therefore, obtain an
understanding of internal control and test of control are low in cost because the auditor is making
inquiries, observations and examining initials or approvals on documents. The auditor may use audit
software to test the client computerized accounting information system that can be completely done
in a few minutes.
On the other hand, the substantive tests are audit procedures designed to test for dollar (monetary)
errors in financial statement (general ledger) balances. There are three types of substantive tests:
substantive tests of transactions, analytical procedures, and test of details of balances.
The substantive tests of transactions are the audit procedure testing for monetary errors to
determine whether all six transaction-related audit objectives have been satisfied for each class of
transaction. This test emphasizes the verification of transaction recorded in the journal and posted
in the general ledger. This test is more expensive than test of controls because it requires
recalculation and tracings. However, when these procedures involve highly appropriate evidence
such as externally generated documents, they can be quite effective.
Analytical procedures are the use of comparisons and relationships to assess whether account
balances or general ledger balances appear reasonable. The two most important of analytical
procedure is to indicate the presence of the possible misstatement in the financial statement as well
as reduce the test of details of balance. Therefore, the analytical procedure is least costly because
the auditors often calculate the ratios by using computer software. In addition, this test is proven
quite effective in detecting large misstatements in the financial reports.
Test of details of balances focus on the ending general ledger balances for balance sheet accounts.
This relates to the process of obtaining full details of the general balance from the client and carrying
out appropriate the audit procedures to test the details of the balance. The test of details of balances
is the most effective and essential when conducting audit because the evidence is obtained from a
source independent of the client and thus is considered to be highly reliable. Therefore, the tests of
details of balances are always considerably more costly than any other procedure because it is costly
to send confirmations and to count assets. (Apply nine balance-related audit objectives)

P a g e | 67
AUDIT REVISION
Question: Distinguish between a test of control and a substantive tests of control

Tests of controls are audit procedures to test the operating effectiveness of control policies and
procedures in support of a reduced assessed control risk. Examples include:
 The examination of vendor invoices for indication that they have been clerically tested,
compared to a receiving report and purchase order, and approved for payment.
 Examination of employee time cards for approval of overtime hours worked.
 Examination of journal entries for proper approval.
 Examination of approvals for the write-off of bad debts.
Substantive tests of transactions are audit procedures testing for monetary misstatements to
determine whether the six transaction-related audit objectives have been satisfied for each class of
transactions. It involves tracing and checking information from source documents through the
various stages of recording to the general ledger and subsidiary ledgers, looking for dollar errors
in processing. Examples are:
 Recalculation of amounts (quantity times unit selling price) on selected sales invoices and
tracing of amounts to the sales journal or sales reports.
 Examination of vendor invoices in support of amounts recorded in the purchase journal for
purchases of inventories.
 Recalculation of gross pay for selected entries in the payroll journal.
 Tracing of selected customer cash receipts to the accounts receivable master file, agreeing
customer names and amounts.
Question: Distinguish between substantive tests of transactions and substantive tests of

balance. What evidence gathering techniques are commonly associated with each of these types
of substantive testing?
If the balance of accounts is affected by many relatively small transactions, the auditor designs
substantive tests of balances directed to selected items (e.g. individual customers, inventory items)
which are an aggregate of a number of transactions and which aggregate to create the ending account
balance. This commonly occurs for the accounts receivable and inventory balances. Thus, for
example, for inventory, the auditor could either substantively verify individual sales and purchases
transactions, or the aggregate of these balances by, say, counting an inventory line. Major evidence
gathering techniques for substantive tests of transactions is the inspection of documentation (e.g.
sales invoice and shipping document) that supports the transaction. Major evidence gathering
techniques for substantive tests of balances include physical examination (e.g. inventory) and
confirmation procedures (debtors).

P a g e | 68
AUDIT REVISION
DESIGN OF THE AUDIT PROGRAM

The audit program for most audits is designed in three parts: test of transactions (tests of controls and
substantive tests of transactions), analytical procedures and test of details of balances.
The approach to designing test of controls and substantive tests of transactions emphasises satisfying
the transactions-related audit objectives. There are four-step approaches in audit procedure when
the auditor plans to reduce assessed control risk:
 Apply the transaction-related objectives to the class of transactions being tested
 Identify key controls that should reduce control risks for each transaction-related audit objective
 For all internal control used to reduce the initial assessment of control risk below maximum, develop
appropriate tests of controls
 For the potential types of misstatements related to each transaction-related audit objective, design
appropriate substantive tests of transactions, and considering weakness in internal control.
In addition, the analytical procedures are considered to perform for all audits at three different stages
of audit: in the planning stage, to help the auditors understand the client‘s business and to determine
other evidence needed to satisfy the acceptable audit risk; during substantive testing; and near the
end of the audit as a final test of reasonableness.
Finally, the auditor can apply tests of details of balance to several accounts to determine whether
they are satisfied by nine balance-related audit objectives. The methodologies for designing
substantive test of details of balances consist of:
 Identify client business risk
 Set materiality (tolerable error) and assess inherent risk
 Assess control risk
 Design and perform test of controls and substantive test of transactions
 Design and perform analytical procedures
 Design tests of details of balance to satisfy balance-related audit objectives
SUMMARY OF AUDIT PROCESS

Phase I: plan and design an audit approach
Information obtained from understanding the client‘s business, assessing the client‘s business risks,
and performing the preliminary analytical procedures is used mainly to assess inherent risk and
acceptable audit risk. Assessment of materiality, acceptable audit risk, inherent risk and control risk
are used to develop overall audit plan and audit program.
Phase II: performs TOC and STOT

The objectives of phase II are to obtain evidence in support of the specific controls that contribute to
the auditor‘s assessed control risk; and to obtain evidence in support of the monetary correctness of
transactions. The tests are often performed two or three moths before the balance sheet date that

P a g e | 69
AUDIT REVISION
helps the auditor plan for contingencies, revise the audit program for unexpected results and
complete the audit ASAP.
Phase III: perform analytical procedures and TDB

The objective of phase III it to obtain sufficient additional evidence to determine whether the ending
balance and footnotes in financial statements are fairly stated through two general categories:
analytical procedures and TDB. Analytical procedures assess the overall reasonableness of
transactions and balances while TDB are specific procedures intended to test for monetary
misstatements in the balances in the financial statements.
Phase IV: complete the audit and issue an audit report

After the first three phases are completed, it is necessary to accumulate some additional evidence for
the financial statements, summarise the results, issue the audit report and perform other forms of
communication. There are several parts in this phase
Review for contingent liabilities: the auditor must ensure that the contingent liability must be
adequately disclosed in the footnotes to the client‘s financial statements.
Review for subsequent events: more detail in chapter 18
Accumulate final evidence: performs final analytical procedures, evaluate the going-concern
assumption, obtain a client representation letter, and read information in the annual report to make
sure it is consistent with the financial statements.
Evaluation of results: an engagement partner should evaluate the results of the audit and decide
whether sufficient evidences have been accumulated.
Issue audit report
Communicate with audit committee and management: the auditor is required to communicate
significant deficiencies in internal control to the audit committee or senior management. The auditing
standards also require the auditor to obtain a representation letter on completion of the audit
Question: why do auditors often consider it desirable to perform audit tests throughout the
year rather than wait until year-end? List several example s of evidence that can be
accumulated before year-end
Auditors frequently consider it desirable to perform audit tests throughout the year rather than
waiting until year-end because of accounting firms‘ difficulty of scheduling personnel. Due to the
uneven distribution of the year-end dates of their clients, there is a shortage of personnel during
certain periods of the year and excess available time at other periods. The procedures that are
performed at a date prior to year-end are often dependent upon adequate internal controls and when
the client will have the information available. Procedures that may be performed prior to the end of
the year are:

P a g e | 70
AUDIT REVISION
 Update fixed asset schedules.

 Examine new loan agreements and other legal records.
 Vouch certain transactions.
 Analyze changes in the client's accounting systems.
 Review minutes of board of directors' meetings.
 If the client has strong internal control, the following procedures may be performed with
minor review and updating at year-end:
 Observation of physical inventories;
 Confirmation of accounts receivable balances;
 Confirmation and reconciliation of accounts payable balances
TOPIC 7: AUDIT OF THE SALES AND COLLECTION

CYCLE (Chapter 13 + 14)
METHODOLOGY FOR DESIGNING TESTS OF CONTROLS AND SUBSTANTIVE TESTS
OF TRANSACTIONS FOR SALES
Assess planned control risk – sales

There are several key controls to assess internal control:
 Adequate separation of duties: proper separation of duties is useful to prevent various types
of errors, both intentional and unintentional.
 Proper authorization: the auditor should be concerned about at three key points: credit must
be properly authorized before a sale takes place; goods should be shipped only after proper
authorization; and prices, including basic terms, freight and discounts, must be authorized.
 Adequate documents and records

P a g e | 71
AUDIT REVISION
 Pre-numbered documents: an important characteristic of documents for sales is the use of

pre-numbering, which is meant to prevent both failure to bill or record sales and the
occurrence of duplicate billings and recordings.
 Mailing of monthly statements: encourages a response from customers if the balance is
improperly stated.
 Internal verification procedures: the use of computer programs or independent person for
checking the processing and recording the sales transaction is essential for fulfilling each of
the six transaction related to audit objectives
Test of control for sales: Read hand out topic 7

Substantive tests of transactions for sales
Recorded sales exist – existence/occurrence objectives: the auditor should consider to the likelihood
of three types of misstatement:
1. Recorded sale for which there were was no shipment: the auditor can trace from selected
entries in the sales journal to make sure that related copies of the shipping and other
supporting documents exist.
2. Sales recorded more than once: duplicate can be determined by reviewing a numerically list
of recorded sales transactions for duplicate numbers.
3. Shipment made to non-existent customers: this fraud normally occurs only when the person
recording sales is also in a position to authorise shipments
The first two types of misstatements can be intentional or unintentional while the last types are
always intentional. There is an important difference between finding intentional and unintentional
overstatements of sales. An unintentional overstatement normally results in a clear overstatement of
accounts receivable that can be easily found through confirmation. However, for fraud, the performer
will attempt to hide the overstatement that makes it more difficult for auditors to figure out.
Existing sales transactions are recorded – completeness: An effective procedure to test unbilled
shipments is to trace selected shipping documents from a file in the shipping department to related
duplicate sales invoices and the sales journal.
Account
Customer Shipping Duplicate General
Sales journal receivable
Order document sales invoice Ledger
master file
Complete Existence
ness start start
Direction of test for sales

P a g e | 72
AUDIT REVISION
Sales are accurately recorded – accuracy: the accuracy recording of sales transactions concerns
shipping the mount of goods ordered, accurately billing for the amount of goods shipped and
accurately recording the amount billed in the accounting record.
Recorded sales are properly classified – classification: if the company‘s sales generate from
different segmentation, proper classification is essential.
Sales are recorded on the correct dates – timing: timely recorded transaction are also less likely to
contain misstatement  the auditor should compare the date on the selected bills of lading with the
date on related duplicate sales invoice.
Sales transactions are properly included in the master file and correctly summarized – posting and
summarization: read hand out – topic 7
METHODOLOGY FOR DESIGNING TESTS OF CONTROL AND SUBSTANTIVE TESTS

OF TRANSACTIONS FOR CASH RECEIPTS
Test of control and substantive test of transaction: Read handout – topic 7
Prepare proof of cash receipts: is a useful audit procedure to test whether all recorded cash receipt
have been deposited in the bank account by reconciling the total cash receipts recorded in the cash
receipts journal for a given period with the actual deposits made to the bank. The procedure can
help discover recorded cash receipts that have not been deposited; unrecorded deposits; unrecorded
loans; and banks loan deposited directly into the bank account.
Test to discover lapping of accounts receivable: the lapping of account receivable is the
postponement of entries for the collection of receivable to conceal an existing cash shortage. The
defalcation is performed by a person who holds cash; defers recording the cash receipts from
customers and covers the shortage with receipts of another.
METHODOLOGY FOR DESIGNING SUBSTANTIVE TESTS OF BALANCES FOR

ACCOUNT RECEIVABLE
Test of details of balances: read handout – topic 7
Confirmation of account receivable: in the TDB, the confirmations are highly reliable evidence so
the primary purpose of account receivable confirmation is to satisfy the existence, accuracy and
cutoff objectives. The most reliable evidence from confirmation is obtained when they are sent as
close to the balance date as possible. However, it is not necessary and compulsory for auditors to
confirm account receivable if the accounts receivable are immaterial; auditor considers confirmations
ineffective evidence because of inadequate or reliable response rates; and the combined level of
inherent risk and control risk is low. There are two types of confirmation:

P a g e | 73
AUDIT REVISION
 Positive confirmation is a communication addressed to debtors, requesting them to confirm

directly whether the balance as stated on the confirmation request is correct or incorrect. In
addition, an invoice confirmation is another type of positive confirmation that an individual
invoice is confirmed rather than the customer‘s complete accounts receivable balance.
 Negative confirmation is also addressed to the debtor but requests a response only when the
debtor disagrees with the stated amount.
Therefore, the positive confirmation is more reliable evidence because the auditor can perform
follow-up procedures if a response is not received from the debtor.
Follow-up of non response: when customers do not return the confirmation, it is necessary to follow
up with alternative procedure. The objective of this procedure is to determine whether non-confirmed
account existed and was properly stated at the confirmation date. There are some several useful types
of alternative procedure:
 Subsequent cash receipts: evidence of receipt of cash subsequent is the confirmation dates
including remittance advices
 Duplicate sales invoices
 Shipping document
 Correspondence with the client
Analysis of differences: when the confirmation requests are returned by the customer, it is necessary
to determine the reason for any reported difference. There are several common reported types of
differences in confirmation:
 Payment has already been made
 Goods have not been received
 Goods have been returned
 Clerical errors and doubtful amounts
Question: If the auditor does not receive a response after sending a letter to confirm a debtor’s
balance, what alternative audit procedures may be performed?
The best evidence is the receipt of payment from the customer. The matching of such cash receipts to
unpaid invoices at the confirmation date, evidenced by the remittance advice accompanying the cash
receipt, establishes the existence and collectability of the accounts. Alternatively, if payments are
made by direct credit to the entity‘s bank account, there is usually some identifier or corresponding
email supporting the receipt and identifying items covered in the payment.
Any unpaid balances should be vouched to supporting documentation, preferably a dispatch note
signed by the customer acknowledging receipt of the goods, or a written order from the customer.

P a g e | 74
AUDIT REVISION
Questions: Identify and describe the two most important tests of details of balances in relation
to accounts receivable.
Confirmations: direct written communication by the auditor with individual customers to confirm the
customer‘s accounts receivable balance.
Evaluate the adequacy of the allowance for bad debts: the auditor must review and test
management‘s procedure for determining the allowance. They may also use an independent estimate
and review subsequent events.
TOPIC 8: AUDITING OF OTHER TRANSACTION CYCLES

(Chapter: 16 + 17)
METHODOLOGY FOR DESIGNING TESTS OF CONTROLS AND SUBSTANTIVE TESTS
OF TRANSACTIONS FOR ACQUISITION AND PAYMENT CYCLE
Understand internal control: the auditor gains an understanding of internal control for the
acquisition and payment cycle by using client‘s flow charts, preparing internal control questionnaires
and performing walk – through tests
Assess planned control risk: there are key internal controls
 Authorization of purchases: proper authorization for acquisition is essential because it
ensures that the goods and services acquired are for authorized purposes only. Therefore,
most companies permit general authorization for the purchase of regular operating needs at
each level of management. For example, purchases of fixed assets may require approval from
the BOD; items such as insurance policies acquired relatively infrequently are approved by
certain officer; supplies and services are approved by supervisors and department heads.
 Separation of asset custody from other function
 Timely recording and independent review of transactions: the liability for acquisition is made
on the basis of the receipt goods and services or it is deferred until the vendor‘s invoice is
received.
 Authorization of payments: Separation of responsibilities for signing the cheques and
performing the accounts payable function
Test of control and substantive test of transactions: Read handout topic 8
METHODOLOGY FOR DESIGNING TEST OF DETAILS OF BALANCES FOR

ACCOUNTS PAYABLE
Test of details of balances: Read handout topic 8
Out-of-period liabilities test: is used to discover unrecorded account payables that are applicable for
accuracy, existence, cutoff and completeness. This test consists of:
 Examine underlying documentation for subsequent cash payment

P a g e | 75
AUDIT REVISION
 Examine underlying documentation for bills not paid several weeks after year-end
 Trace receiving report issued before year-end related to vendor’s invoice
 Trace vendor’s statement that show a balance due to accounts payable trial balance
 Send confirmation to vendors with whom the client does business
Reliability of evidence: there are three primary types of evidence ordinarily used: vendor‘s invoices,
vendors‘ statements and confirmations
 Distinction between vendor’s invoices and vendor’s statements: the vendor’s invoices provide
highly reliable evidence about individual transactions so it is helpful for auditors to verify
transactions. On the other hand, the vendor’s statements provides credible evidence about
ending balance according to vendor‘s record so it superior for verifying accounts payable.
 Difference between vendor’s statements and confirmations: A vendor’s statements have been
prepared by an independent third party but are in the hands of the client at the time the auditor
examines it. Therefore, the client has an opportunity to alter a vendor‘s statement or no make
certain statements available to the auditor. On the other hand, a confirmation of accounts
payable is request for a detailed statement sent directly to the auditor‘s office and thus provide
more information. In addition, this confirmation also provides inventory owned by vendor but
stored on the client‘s premises.
METHODOLOGY OF DESIGNING TEST OF DETAILS OF BALANCES FOR CAPITAL

ACQUISITION AND REPAYMENT CYCLE – LOAN PAYABLE OR BORROWINGS
Borrowings or loan payable are legal obligations that may be unsecured or secured by assets. Loans
are contractual document that contains term of the loan agreement including collateral asset; interest
rate; maturity of loan; and methods of principal and interest payment. There are four important
controls over borrowing:
 Proper authorization of new loans: new loan agreements should be authorized by the board
of director.
 Adequate controls over the repayment of principal and interest: the periodic repayments of
interest and principal should be controlled as part of the acquisition and payment cycle. For
example, the accounting department should have received copies of all loan agreements as
well as received vendor invoices for payment.
 Proper document and records: adequate records of loan agreements and obligations should
be maintained and controlled by an authorized officer.
 Periodic independent verification
Test of details of balances: read handout topic 8

P a g e | 76
AUDIT REVISION
METHODOLOGY OF DESIGNING TEST OF DETAILS OF BALANCES FOR CAPITAL

ACQUISITION AND REPAYMENT CYCLE – PROPERTY, PLANT AND EQUIPMENT.
Test of details of balances: read handout topic 8.
In addition, the auditor should concentrate on cutoff test and verify accuracy of depreciation expense.
The cutoff test for fixed assets address whether additions and disposals near year-end recorded in the
proper accounting period. In addition, in order to verify accuracy of depreciation expense, the auditor
should concern about whether the client is following a consistent depreciation policy from period to
period; and client‘s calculation is accurate. Therefore, the auditors should consider: the useful life of
current period acquisition; the method of depreciation; the estimated residual value; and the policy of
depreciation assets in the year of acquisition and disposition.
METHODOLOGY OF DESIGNING TEST OF DETAILS OF BALANCES FOR

INVENTORY AND WAREHOUSING CYCLE
Part of the audit of inventory
Part of audit Cycle in which tested

Acquire and record raw materials, labor, and overhead Acquisition and payment plus payroll and personnel
transfer assets and costs Inventory and warehousing
Ship goods and record revenue and costs Sales and collection
Physically observe inventory Inventory and warehousing
Price and compile inventory Inventory and warehousing
Test of cost accounting: In auditing cost accounting, the auditor considers four aspects:
 Physical controls: auditor should apply observation and inquiry in order to test the adequacy
of the physical controls over raw materials, work-in-process and finished goods. For
example, the auditor can examine the raw material storage to determine whether the
inventory is protected from theft and misuse by the existence of a locked store room.
 Documents and records of transferring inventory: the auditor should verify the transfer of
inventory from one location to another that the recorded transfers exist; and the quantity,
description and date of all recorded transfer are accurate.
 Perpetual inventory master files: Adequate perpetual inventory master files enable the
auditor to reduce the time and extent of the tests of physical inventory.
 Unit cost records: a major difficult in the verification of inventory cost records is
determining the reasonableness of cost allocation. Therefore, the auditor should consider the
reasonableness of both the numerator and denominator that result in the unit costs. For
example, in testing overhead applied to inventory based on direct labor dollars, the overhead
rate should approximate total manufacturing overhead divided by total direct labor dollars.
Test of balances of inventory: Read handout topic 8

P a g e | 77
AUDIT REVISION
METHODOLOGY OF DESIGNING TEST OF DETAILS OF BALANCES FOR PAYROLL

AND PERSONNEL CYCLE
Understanding internal controls – payroll and personnel cycle: Read handout topic 8
Assess control risk:
 Adequate separation of duties: separation of duties is important in the payroll and personnel
cycle in order to prevent overpayments and payments to non-existent employees. Payroll
processing should be separate from responsibility for actual payment of the payroll. For
example, the human resources department should be independent of the payroll function.
 Proper authorization: for example, the human resource department is responsible for
authorizing the addition and termination of employees as well as changes in pay rates and
deductions.
 Adequate documents and records: the appropriate documents and records will depend on the
nature of the payroll system. For example, time cards or records are necessary for hourly
employees but not for salaried employees.
 Physical control over asset and records: Access to unsigned payroll cheques should be
restricted. For example, cheques should be signed by a responsible employee, and pay
packets can be distributed by someone independent of the payroll and timekeeping functions.
 Independent checks on performance: payroll computation should be independently verified.
A member of management or other responsible employee should review the payroll output
for any obvious misstatements or unusual amounts.
Tests for fraudulent payroll

There are two common types: non-existent employees and fraudulent hours that employees can
significantly defraud a company in the payroll area.
The issuance of payroll payments to individual who do not work for the company (non-existent
employees) often results from the continuance of an employee‘s payment after employment has been
terminated. The person committing this type of defalcation is a payroll clerk, foreman (supervisor)
and fellow employee. A test for non existent employees is to trace selected transaction recorded in
the payroll journal to the human resources department to determine whether the employees were
actually employed during the payroll period. Continuing payment to terminated employees is tested
by examining the payroll records in the subsequent period to determine that the employee is no
longer being paid. However, this procedure is not effective if the human resources department is not
informed of termination. Therefore, the auditors have to request a surprise payroll audit in which
each employee must pick up and sign for pay packet or direct deposit payroll record in the presence
of a supervisor and the auditor. As a result, surprise audits are often expensive for clients with large
numbers of employees.

P a g e | 78
AUDIT REVISION
Fraudulent hours occur when an employee reports more time than was actually worked. It is
difficult for auditor to discover fraudulent hours because of the lack of available evidence. One
procedure is to reconcile the total hours paid according to the payroll records with an independent
record of the hours worked. Consequently, it may be possible to observe an employee clocking in
more than one time card under a partner approach.
Test of details of balance: read handout topic 8
METHODOLOGY OF DESIGNING TEST OF DETAILS OF BALANCES FOR CASH

BALANCE
Receipt of a bank confirmation: bank confirmation requests are made by auditor to banks to obtain
independent confirmation of client‘s account balances together with applicable interest rates.
Confirmation request are sent directly to and received directly from the bank by the auditor.
Test of the bank reconciliation: the reason for testing the bank reconciliation are to determine
whether client personnel have carefully prepared the bank reconciliation and to verify whether the
client‘s recorded bank balance amounts to the same amount as the actual cash in the bank. Several
main procedures consist of:
 Verify that the client‘s bank reconciliation is mathematically accurate
 Trace the balance bank confirmation or bank statement to balance on the bank reconciliation
 Trace un-presented cheques on the bank reconciliation to subsequent bank statements – a
statement obtained from the bank showing transactions for the period immediately after
balance date and to the cash payment journal.
 Investigate all significant cheques included on the un-presented cheque list that have not
cleared the bank with a reasonable time.
 Trace the deposits not yet credited to the subsequent bank statement
 Account for other reconciling items for the bank statement and bank reconciliation
Fraud-oriented procedure: The auditor must extend the procedures in the audit of year – end cash to
determine the possibility of material fraud when there are inadequate internal controls, especially the
improper segregation of duties between handling of cash and recording of cash transactions in the
accounting records. The following procedures for uncovering fraud that are directly related to year-
end cash balances:
1. Extended tests of bank reconciliation

The purpose of this procedure is to verify whether all transactions included in the journals for
the last month for the year were correctly included in or excluded from the bank
reconciliation and to verify whether all items in the bank reconciliation were correctly
included.

P a g e | 79
AUDIT REVISION
2. Proof of cash
The auditors use a proof of cash to determine:
 All recorded cash receipts were deposited
 All deposits in the bank were recorded in the accounting records
 All recorded cash payments were paid by bank
 All amounts that were paid by the bank were recorded
A proof of cash includes:
 A reconciliation of the balance on the bank statement with the general ledger balance
at the beginning of the proof of cash period
 Reconciliation of total cash receipts deposited in the bank with cash receipts journal
 Reconciliation of the total cheques cleared by the bank with cash payment journal
 Reconciliation of the balance on the bank statement with general ledger balance
A proof of cash can be performed for one or more interim months, or the last month of the
year, after that the auditor is combining STOT or TDB. A proof of cash is excellent means of
comparing recorded cash receipts and payment with the bank account and bank reconciliation
but it is not effective for discovering cheques written for improper amount and fraudulent as
well as not useful for uncovering the thef of cash receipts.
3. Test of interbank transfer
Embezzlers (dishonest people) often cover theft of cash by practice known as kiting –
transferring money from one bank to another and improperly recording the transaction. Near
balance date, a cheque is drawn on one bank account and immediately deposited in a second
account before the end of accounting period. In making this transfer, the embezzler is careful
to ensure that the cheque is deposited at a late enough date so that it does not clear the first
bank until after the end of period. Therefore, a useful approach to test for kitting is to list all
bank transfer made a few days before and after the balance sheet date and to trace each to the
accounting records for proper recording.

P a g e | 80
AUDIT REVISION
TOPIC 9: AUDIT SAMPLING AND INTERNAL AUDITS

(Chapter 15 + 19)
CHAPTER 15: AUDIT SAMPLING
REPRESENTATIVE SAMPLES – Question: what is meant by a representative sample and
explain its importance in sampling audit procedures?
A representative sample is one in which the characteristics of interest for the sample are
approximately the same as for the population (that is, the sample accurately represents the total
population). If the population contains significant misstatements, but the sample is practically free of
misstatements, the sample is non-representative, which is likely to result in an improper audit
decision. The auditor can never know for sure whether he or she has a representative sample because
the entire population is ordinarily not tested, but certain things, such as the use of random selection,
can increase the likelihood of a representative sample.
Question: Distinguish between sampling and non-sampling risk. Identify and describe the four
types of sampling risk that may occur in audit sampling including how they occur and how
they impact an audit
Non – sampling risk (error) is the risk that audit tests do not discover existing exceptions
(mistakes) in the sample. On the other hand, sampling risk (error) is the risk that an auditor reaches
an incorrect conclusion because the sample is not representative of the population. Moreover,
sampling risk is an inherent part of sampling that result from testing less than the entire population.
There are four types of sampling risk that may occur in audit sampling:
 Risk of over-reliance: This occurs when the sample supports the preliminary level of control
risk but the operating effectiveness of controls is actually inadequate. The result is that the
audit could be ineffective as the level of testing may be insufficient to detect material
misstatements.
 Risk of under-reliance: This occurs when the sample does not support the preliminary
assessed level of control risk but the operating effectiveness of controls is adequate. The
result is that the audit is inefficient as the auditor will increase substantive procedures
unnecessarily.
 Risk of incorrect acceptance: This occurs when the sample supports the conclusion that the
account balance is not materially misstated when in fact it is. The result is that the audit could
be ineffective as the level of testing may be insufficient to detect material misstatements.
 Risk of incorrect rejection: This occurs when the sample supports the conclusion that the
account balance is materially misstated when in fact it is not. The result is that the audit is
inefficient as the auditor will increase substantive procedures unnecessarily

P a g e | 81
AUDIT REVISION
STATISTICAL VS NON – STATISTICAL SAMPLING – Question: explain the major

difference. What is the main part of statistical and non-statistical methods?
Statistical sampling is the use of mathematical measurement techniques to calculate formal statistical
results and quantify sampling risk. In non-statistical sampling, the auditor does not quantify sampling
risk. Instead, the auditors select those sample items that they believe to provide the most useful
information in the circumstances. For both statistical and non-statistical methods, the three main
parts are:
 Plan the sample: makes sure that the audit test are performed to provide the desired sampling
risk and to minimize the likelihood of non-sampling error.
 Select the sample and perform the tests: involve deciding how to select sample items from the
population. Performing test is the examination of documents and doing other audit procedures.
 Evaluate the results: involves drawing conclusions based on the audit tests.
Question: what is the purpose of using non-statistical sampling for TOC and STOT?
Estimate the proportion of items in a population containing a characteristic or attribute of interest.
The auditor is ordinarily interested in determining internal control deviations or monetary
misstatements for tests of controls and substantive tests of transactions.
Question: Define tolerable error, expected error and confidence level for both tests of control
and substantive testing.
Tolerable error is the maximum error in a population that the auditor is willing to accept. For tests of
controls this is the maximum deviation rate from the control that the auditor is willing to accept and
still state that the control is operating at a satisfactory level as per the initial assessment of control
risk. For substantive tests, it is the maximum amount that the account can be misstated where that
auditor can still conclude that the account is fairly stated.
Expected error is the error rate that the auditor expects to exist in the population. For tests of controls
this is the expected population deviation rate. For substantive tests this is the expected misstatement.
Confidence level: for tests of control this is the risk of overreliance which is the risk that the
allowable assessed control risk is lower than it actually is. In substantive testing this is the risk of
incorrect acceptance, which is the risk that testing suggests a material error does not exist when in
fact it does.

P a g e | 82
AUDIT REVISION
CHAPTER 19: OTHER ASSURANCE AND ENVIRONMENT

DIFFERENCE BETWEEN PERFORMANCE AND FINANCIAL AUDIT
Performance Audit Financial audit
Purpose of the audit Emphasize effectiveness and efficiency Emphasize whether historical
Operating performance on the future information is correctly recorded
Oriented to the past
Distribution of the Intended primarily to management Go mainly to external users such as
reports shareholders, investors and analyst
Inclusion of non- Cover any aspect of efficiency and Limited to matters that are directly
financial areas effectiveness in an organization and affect the fairness of financial
therefore involve a wide variety of activities statement presentations
ROLE OF INTERNAL AUDITORS

 Review the reliability and integrity of financial and operating information
 Review the systems established to ensure compliance with requirements
 Review the means of safeguarding assets
 Appraise the economy and efficiency with which resources are employed
 Review operations or programs to ascertain if they are achieving set goals
Question: explain the difference in the independence of internal auditors and external auditors
in the audit of historical financial statements. How can internal auditors achieve best
independence?
External auditors are considered more independent than internal auditors for the audit of historical
financial statements because their audit report is intended for the use of external users. From an
internal user's perspective, internal auditors are employees of the company being audited.
Internal auditors can achieve independence by reporting to the board of directors or audit committee.
The responsibilities of internal auditors affect their independence. The internal auditor should not be
responsible for performing operating functions in a company or for correcting deficiencies when
ineffective or inefficient operations are found.
Question: Explain the role of the internal auditors for financial auditing. How is it similar to,
and different from, the roles of external auditors?
Internal auditors who perform financial auditing are responsible for evaluating whether their
company's internal control structure is designed and operated effectively and whether the financial
statements are fairly presented. This responsibility is essentially the same as the responsibility of
external auditors who perform financial audits. The two types of auditors are also similar in that they

P a g e | 83
AUDIT REVISION
both must be competent and must remain objective in performing their work and reporting their
results. Despite these similarities, the role of the internal auditor in financial auditing differs from
that of an external auditor in the following ways:
 Because internal auditors spend all of their time with one company, their knowledge about
the company's operations and internal control structure is much greater that the external
auditor's knowledge.
 Guidelines for performing internal audits are not as well defined as the guidelines for external
auditors.
 Internal auditors are responsible to the management of the companies that they work for,
while external auditors are responsible to shareholders as the financial statement users.
 Because internal auditors are responsible to management, their decisions about materiality
and risks may differ from the decisions of external auditors.
TOPIC 10: COMPLETING THE AUDIT (Chapter 18)

REVIEW FOR CONTINGENT LIABILITIES
A contingent liability is a potential future obligation to an outside party for unknown amount
resulting from activities that have already taken place but are conditional on some future event.
There are three conditional requirements for a contingent liability to exist:
 A potential future payment to an outside party or impairment of some other asset that would
result from an existing condition
 There is uncertainty about the amount of the future payment or impairment
 The outcome will be resolved by some future events
Likelihood of occurrence of future payment and financial statement treatment
Likelihood of occurrence Financial statement treatment
Remote (slight change) No disclosure
Reasonably possible Footnote disclosure
Probable The amount can be reasonably estimated  Adjust financial statement
The amount cannot be reasonably estimated  note disclosure
Particular contingent liabilities are of considerable concern to the auditor:

 Pending legal action for patent  Product warranties
infringement, product warranty, or  Notes receivable discounted
other actions  Guarantees of obligations of others
 Income tax disputes  Unused balances in letters of credit

P a g e | 84
AUDIT REVISION
Procedures to find contingencies

There are main audit procedures that are used to search for contingent liabilities:
Inquiries of management (orally and writing): the auditor must be specific in describing the different
kinds of contingencies that may require disclosure.
 Review Australian Taxation Office  Obtain a information from all main law
correspondence of current an previous firm performing legal services for the client
years for income tax settlements  Review existing working papers
 Review the minutes of directors‘ and  Examine letters of credit to obtain a
shareholders‘ meetings in indicate of legal confirmation of the used and unused
actions and other contingencies balance
 Analyze legal expense
Obtain and evaluate letters from client’s solicitors

A major procedure the auditors rely on for evaluating known litigation or other claim against the
client and identifying additional claims is inquiry of the client’s lawyers. Therefore, the auditor
requests to directly receive the lawyer’s representation letter that is prepared and sent by
management. Lawyer’s representation letter is understood as a letter from the client‘s legal
counsel informing the auditor of pending litigation or any other information involving legal counsel
that is relevant to financial statement disclosure.
Based on lawyer‘s representation, the auditor can obtain a professional opinion from solicitors about
the expected outcome of existing legal actions and the probable amount of the liability. However, the
lawyers do not provide auditors with complete information about contingent liabilities because of
two main reasons:
 Refusal to respond due to lack of knowledge about matters involving contingent liabilities
 Refusal to disclosure information that the lawyer considers confidential.
Therefore, the auditors should require alternative audit procedures:

 Review and discuss with management the system of recording legal expenses for control and
identification and the arrangement of instructing solicitors.
 Obtain from management a list of legal matters referred to solicitors including a description
of the matter and an estimate of possible liability
 Read the minutes of management meetings for reference to legal matters
 Correspondence with solicitors and accounts rendered by third party solicitors
 Obtain an assurance from management that the information is complete
They also consider requiring a qualified or disclaimer of opinion due to a limitation of scope if a
lawyer refuses to provide the auditor with sufficient information about material mattes.

P a g e | 85
AUDIT REVISION
REVIEW FOR SUBSEQUENT EVENTS

The auditing procedures required by ASA 560 to verify these transactions and events are commonly
referred to as the review for subsequent events or post-balance date review.
Period covered by subsequent events review

Types of subsequent events - Question: distinguish between subsequent events occurring
between the balance sheet date and the date of the auditor’s report, and subsequent discovery
of facts existing at the date of the auditor’s report. Give two examples of each and explain the
appropriate action by the auditor in each instance.
Subsequent events occurring between the balance sheet date and the date of the auditor's report are
those transactions and events which might affect the financial statements being audited (either
adjustment, disclosure, or both).
The first type of subsequent event is one that has a direct effect on the financial statements and
requires adjustment. Examples of this type of subsequent event are as follows:
 Declaration of bankruptcy by a customer with an outstanding accounts receivable balance due
to the deteriorating financial condition
 Settlement of a litigation for an amount different from the amount recorded on the books
 Disposal of equipment not being used in operations at a price below the current book value
 Sale of investments at a price below recorded cost
 Sale of raw material as scrap in the period subsequent to the balance sheet date
The second type of subsequent event is one that has no direct effect on the financial statements but
for which disclosure is advisable. Examples include the following:
 Decline in the market value of securities held for temporary investment or resale
 Issuance of bonds or equity securities
 Decline in the market value of inventory as a consequence of government action barring
further sale of a product
 Uninsured loss of inventories as a result of fire
The subsequent discovery of facts existing at the date of the auditor's report occurs when the auditor
becomes aware that some information included in the financial statements was materially misleading
after the audited financial statements have been issued. Some examples of such facts would be:

P a g e | 86
AUDIT REVISION
 Subsequent discovery of the inclusion of fraudulent sales

 Subsequent discovery of the failure to write-off obsolete inventory
 Omission of an essential footnote
In such cases when the auditor discovers the statements to be misleading, he or she should request
the client to issue a revised set of financial statements as soon as possible containing a new audit
report and an explanation of the reasons for the revisions to the financial statements.
Audit tests
The audit procedures for subsequent events review can be divided into two categories: procedures done as part
of the verification of year-end account balances; those performed for the purpose of discovering events
or transactions that must be recognized as subsequent events. The first category includes cutoff and
valuation tests that are done as part of the tests of details of balances. The second category of tests is
performed for the purpose of obtaining information that must be included in the current year‘s
account balances or notes in the financial report. These tests consist of:
 Inquire of management
 Correspond with lawyers
 Review internal statement prepared subsequent to the balance sheet date
 Review records prepared subsequent to the balance sheet date
 Examine minutes issued subsequent to the balance sheet
 Obtain a letter of representation
Final evidence accumulation

In addition to the search for contingent liabilities and review for subsequent events, the auditor has
four types of final evidence accumulation that apply for all cycles.
1. Perform final analytical procedures

Analytical procedures done in the completion of the audit are useful as a final review for
material misstatement to help auditor take a final objective look at the financial statement. In
fact, when performing analytical procedures in the completion stage, the auditor will
consider: the adequacy of evidence gathered about unusual or unexpected account balances or
relationships identified during planning; and unusual or unexpected account balances or
relationships were not previously identified.
2. Evaluate going – concern assumption:

ASA 570 requires the auditor to evaluate whether there is a substantial doubt about a client‘s
ability to continue as a going concern for at least one year beyond the reporting date.
Analytical procedures are one of the most important types of evidence to assess going

P a g e | 87
AUDIT REVISION
concern. In addition, the knowledge of the client‘s business gained throughout the audit is
important information used to assess the likelihood of financial failure within the year.
Moreover, the auditor‘s evaluation of management plans to deal with any insolvency problem
will be an important element in the auditor‘s decision. If there is a highly improbable that the
entity will continue as a going concern, the auditor will express adverse opinion. However,
the audit report should include an emphasis of matter section if going-concern problem is
adequately disclosed in the financial report.
Question: What is the relevant period for assessing whether or not the use of the going concern
basis is appropriate? During which stage of the audit does the auditor perform most of the
procedures for assessing the use of the going concern basis? Give four examples of such
procedures.
The relevant period extends to the expected date of the auditor‘s report for the succeeding financial
statement period. These procedures are usually conducted during the period of completion of the
audit, and include:
 Analyze and discuss cash flow, profit and other relevant forecasts with management.
 Analyze the liquidity of the company
 Analyze and discuss the entity‘s latest available interim financial statements.
 Review the terms of debentures and loan agreements whether any have been breached.
 Read minutes of the meetings of shareholders, those charged with governance and relevant
committees for reference to financing difficulties.
 Enquire of the entity‘s lawyer regarding the existence of litigation and claims and the
reasonableness of management‘s assessments of their outcome and the estimate of their
financial implications.
 Confirm the existence, legality and enforceability of arrangements to provide or to maintain
financial support with related and third parties and assess the financial ability of such parties to
provide additional funds.
 Consider the entity‘s plans to deal with unfilled customer orders.
3. Obtain a management representation letter:

Management representation letter is a written communication from the client to the auditor
formalizing statements that the client has made about matters relevant to the audit. This letter
has two purposes:
 Management responsibility for design and implementation for internal control to prevent
and detect errors and for the truth and fairness of the financial report is acknowledged.
For example, if the management may unintentionally fail to disclose the adequate

P a g e | 88
AUDIT REVISION
information such as pledged assets and contingent liabilities, the management

representation letter should be sufficiently detailed to act as a reminder to management.
 The inquiry procedure is formalized by putting in writing management’s replies to
questionnaires made by the auditor during the examination. For example, written
documentation of client representations are provided in the event of disagreement or legal
action between auditor and client.
Question: What are the objectives of the management representation letter? Under what
circumstances are management representations considered acceptable audit evidence?
The objectives of the management representation letter include:
 Confirmation of oral representations given to the auditor,
 Document the continuing appropriateness of representations,
 Reduce the possibility of misunderstandings concerning management‘s representations
 Acknowledge management‘s responsibility for the presentation of the financial statement.
Management representations are considered acceptable audit evidence only where other sufficient
appropriate audit evidence cannot reasonably be expected to exist. However it is still prudent to
consider management representations to be supporting rather than primary evidence.
4. Read information accompanying financial reports.

ASA 720 requires the auditor to read other information in documents containing financial
reports that are related directly to the financial statements. The auditors have to ensure that
the non – financial statement information is consistent with the statements.
Evaluate results: there are five main aspects of evaluating results

1. Sufficiency of evidence: a major step in this process is review of the audit program to ensure
that all parts have been accurately completed and documented, and all audit objectives have
been met. If the auditors conclude that they have not sufficient evidence to draw a conclusion
about the truth and fairness of the client‘s representations, there are two choices: additional
evidence must be obtained or a qualified or disclaimer of opinion must be issued.
2. Evidence supports auditor’s opinion: when the auditors find a large number of immaterial
misstatements, they can use a convenient method known as an unadjusted misstatement
worksheet or summary of possible misstatement. This worksheet is a summary of
immaterial misstatements not adjusted at the time they were found, used to help the auditor
assess whether the combined amount is material.
3. Financial report disclosure: many audit firms require the completion of a financial
statement disclosure checklist for every engagement. These questionnaires are designed to

P a g e | 89
AUDIT REVISION
remind the auditor of common disclosure problems encounter on audits, and to facilitate the
final review of the entire audit by independent partner.
4. Working paper view: There are three main reasons why it is essential that the working
papers be thoroughly reviewed by another knowledgeable member of the audit firm at the
completion of the auditing.
 To evaluate the performance of inexperienced personnel. The lack of experience can
affect to make professional judgments in complex situations
 To ensure that the audit meets the public accounting firm‘s standard of performance
 To counteract the bias that often enters into the auditor‘s judgment.
5. Independent review
Communicate with the audit committee and management

 Communicate any irregularities (ASA 240)
 Communicate reportable internal control structure conditions
 Communicate auditor independence requirements
 Other communication with the audit committee (ASA 260)
 Management letter
Subsequent discovery of facts

If the auditor becomes aware after the audited financial statements have been issued that some
information included in the statements is materially misleading, the auditor is obliged to inform
statement users and may decide to re-issue the opinion unless the report is changed

Audit Magical Document

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Audit Magical Document

Uploaded by

Copyright:

Available Formats

Page |1

Chapter 1: DEMAND FOR AUDIT AND ASSURANCE SERVICES ............................................ 2

Chapter 2: AUDITS REPORT ........................................................................................................... 9

TOPIC 2: AUDITORS STATUTORY – RESPONSIBILITIES – AUDIT OBJECTIVES

Chapter 3: AUDITORS‘ LEGAL ENVIRONMENT ...................................................................... 13

Chapter 4: AUDIT QUALITY AND ETHICS ................................................................................ 14

Chapter 5: AUDITING RESPONSIBILITIES AND OBJECTIVES .............................................. 21

TOPIC 3: AUDIT` EVIDENCE (chapter 6) ..........................................................................27

TOPIC 4: AUDIT PLANNING – MATERIALITY AND RISK (Chapter 7+8) .......................33

Chapter 7: AUDIT PLANNING AND DOCUMENTATION ..................................................33

Chapter 8: MATERIALITY AND RISK ...............................................................................46

TOPIC 5: INTERNAL CONTROL AND CONTROL RISK (CHAPTER 9) ..........................53

TOPIC 6: AUDIT STRATEGY PLANS AND PROGRAMS (CHAPTER 12) .......................65

TOPIC 8: AUDITING OF OTHER TRANSACTION CYCLES (Chapter: 16 + 17) ...............74

TOPIC 9: AUDIT SAMPLING AND INTERNAL AUDITS (Chapter 15 + 19) ......................80

Chapter 15: AUDIT SAMPLING .........................................................................................80

Chapter 19: OTHER ASSURANCE AND ENVIRONMENT .................................................82

TOPIC 10: COMPLETING THE AUDIT (Chapter 18) ........................................................83

NGUYEN HOANG MINH DAT – S3192470

TOPIC 1: OVERVIEW OF AUDIT (CHAPTER 1 & 2)

NGUYEN HOANG MINH DAT – S3192470

Reasonable assurance engagement:

Limited assurance engagement:

NGUYEN HOANG MINH DAT – S3192470

CAUSES OF INFORMATION RISK

Complex exchange transaction: exchange transactions between organizations have become

REDUCING INFORMATION RISK

NGUYEN HOANG MINH DAT – S3192470

NGUYEN HOANG MINH DAT – S3192470

NGUYEN HOANG MINH DAT – S3192470

DISTINCTION BETWEEN AUDITING AND ACCOUNTING

NGUYEN HOANG MINH DAT – S3192470

DIFFERENCE AND SIMILARITY IN AUDITS OF FINANCIAL STATEMENT,

AUDITS OF COMPLIANCE PERFORMANCE

NGUYEN HOANG MINH DAT – S3192470

Chapter 2: AUDITS REPORT

CONDITION REQUIRING A DEPARTURE

Condition 1 – The auditor has a disagreement with management

NGUYEN HOANG MINH DAT – S3192470

AUDIT REPORT OTHER THAN UNQUALIFIED

NGUYEN HOANG MINH DAT – S3192470

Measurability: The dollar error of some misstatement cannot be measured accurately.

NGUYEN HOANG MINH DAT – S3192470

UNQUALIFIED AUDIT REPORT WITH AN EMPHASIS OF MATTER

Significant uncertainties: A number of estimates are customarily made by management in the

NGUYEN HOANG MINH DAT – S3192470

TOPIC 2: AUDITORS STATUTORY – RESPONSIBILITIES

NGUYEN HOANG MINH DAT – S3192470

CHAPTER 4: AUDIT QUALITY AND ETHICS

Australian regulatory mechanisms addressing corporate governance emphasize accountability and

NGUYEN HOANG MINH DAT – S3192470

NGUYEN HOANG MINH DAT – S3192470

FUNDAMENTAL PRICIPLES OF PROFESSIONAL ETHICS

NGUYEN HOANG MINH DAT – S3192470

 Ownership of a financial interest in the client.  self-interest threat

AUDIT FEES AND INDEPENDENCE

NGUYEN HOANG MINH DAT – S3192470

NGUYEN HOANG MINH DAT – S3192470

AIDS TO MAINTAIN INDEPENDENCE AND INTEGRITY OF THE AUDIT

Question: What is an audit committee and what are its functions?

NGUYEN HOANG MINH DAT – S3192470

 Establish and monitor effective internal and management controls

Question: How can audit committees help preserve auditor independence?