AUDIT EVIDENCE

INTRODUCTION
Audit evidence refers to information or data used or collected by auditors as part of their audit
works so that they could conclude their opinion on whether or not financial statements are prepared
in all material respect and accordance with the applicable financial reporting frameworks.
Before auditors could conclude the financial statements as a whole or any part, they need to make
sure that the evidence they obtain is sufficient enough with appropriate quality to conclude.

TYPES OF AUDIT EVIDENCE

Auditors use audit evidence in many different forms and sources. Audit evidence could be data or
information, physical or nonphysical. Examples of audit evidence may include:
 Financial statements
 Accounting information
 Bank accounts
 Management Accounts
 Fixed Assets Register
 Payrolls Listing
 Banks Statements
 Bank confirmation
 Invoices
 Receipts
 And other documents used by businesses to support financial transactions or events in the
financial statements.
Audit evidence could also be in form of video, email, audio, and verbal.

QUALITY OF AUDIT EVIDENCE

The quality of audit evidence is essential to ensure that the auditor’s conclusion is correct. If the
information is not strong or low quality, the audit risk of making an incorrect audit opinions is
high.
The quality of audit evidence is dependent mainly on the form and source of the evidence. For
example:
 External Source: The evidence that is obtained directly from external parties like
customers, suppliers, or banks are more reliable than obtaining from clients. For example,
accounts receivable confirmations that are obtained from client’s customers are more
reliable than the records that are prepared by clients.
 Prepare by Auditor: The evidence that is prepared by auditors themselves are more reliable
than the one that is prepared by or obtained from the client. For example, the bank
reconciliation that is prepared by the auditor is more reliable than the bank reconciliation
prepared by the client’s accountant.
 Prepare by client: The level of reliability of evidence that is obtained from client depends
on the reliability and effectiveness of the client’s internal control system.
 Written form: The audit evidence that is in written form is more reliable than the one that
is verbal. For example, management confirmation in the form of email is more reliable than
the confirmation by verbal interaction.
 Original Form: Original invoices that are used to support the payment transactions are more
reliable than the copy of invoices.

1
Since the quality of audit evidence is important, the standard or local authority that controls audit
firms required the audit firm to have the proper audit manual, policy and procedures in place so
that the firm could maintain the quality of the audit and the quality of audit evidence.

SUFFICIENT APPROPRIATE AUDIT EVIDENCE

ISA 500 states that “The auditor must plan and perform audit procedures to obtain sufficient
appropriate audit evidence to provide a reasonable basis for his or her opinion”

Sufficient and appropriate audit evidence is important for the auditors to form audit opinions. Audit
Risks that auditors might face also depend on audit sufficient and appropriate evidence.

Audit evidence is obtained by the auditor throughout the audit process/all audit stages, including
the planning stage, execution stage, and conclusion stages. And to gather this evidence, the
auditors use many different technologies and procedures/programs suitable for them.

Sufficiency is the measure of the quantity of the audit evidence. The quantity of audit evidence
needed is affected by the following:
1. Risk of material misstatements(in the audit of financial statements) or the risk associated
with the control (in the audit of internal control over financial reporting)
As risk increases, the amount of evidence that the auditor should obtain also increase. For example,
ordinarily more evidence is needed to respond to significant risks.
2. Quality of audit evidence obtained
As the quality of the evidence increases, the need for additional corroborating evidence decreases.
Obtaining more of the same type of evidence, however cannot compensate for the poor quality of
that evidence.

Appropriateness is the measure of the quality of the audit evidence ie its relevance and reliability.
To be appropriate, audit evidence must be both relevant and reliable in providing support for the
conclusions on which auditor’s opinion is based.

RELEVANCE AND RELIABILITY

The relevance of audit evidence refer to its relationship to the assertion or objective of the control
being tested. The relevance of audit evidence depends on:
a) The design of the procedure used to test the assertion or control in particular whether it
is designed to either test the assertion or control and whether to test for understatement
or overstatement
b) The timing of the audit procedure used to test the assertion or control
The reliability of evidence depends on the nature and source of the evidence and the circumstances
under which it is obtained. For example, in general:
 Evidence obtained from a knowledgeable source that is independent of the company is
more reliable than evidence obtained only from internal company sources
 The reliability of information generated internally by the company is increased when the
company’s controls over that information are effective.
 Evidence obtained directly by the auditor is more reliable than evidence obtained
indirectly

2
  Evidence provided by original documents is more reliable than evidence obtained by
photocopies or facsimiles or documents that have been scanned, digitized or otherwise
converted into electronic form. The reliability of such evidence depends on the controls
over the conversion process and the maintenance of those documents.
Note: the auditor is not expected to be an expert in document authentication. However, if
conditions indicate that a document may not be authentic or that the terms in a document have
been modified but the modifications have not been disclosed to the auditor, the auditor should
modify the audit procedures or perform additional audit procedures to respond to those conditions
and should evaluate the effect, if any, on the other aspects of the audit.

USING INFORMATION PROVIDED BY THE COMPANY (CLIENT)

When using information produced by the company as audit evidence, the auditor should evaluate
whether the information is sufficient and appropriate for purposes of the audit by performing
procedures to.
 Test the accuracy and completeness of the information, or test the controls over the
accuracy and completeness of that information: and
 Evaluate whether the information is sufficiently precise and detailed for purposes of the
audit.

THE USE OF ASSERTIONS IN OBTAINING AUDIT EVIDENCE

When financial statements are presented, the underlying assumption is that these FSs are presented
fairly in conformity with the applicable financial reporting framework. Management implicitly or
explicitly makes assertions regarding the recognition, measurement, presentation and disclosure
of the various elements of the financial statements and related disclosures. These assertions can be
classified into the following categories.

 Existence or Occurrence: Assets and liabilities of the company exist at a given date and
that recorded transactions have occurred during a given period.
 Completeness: All transactions and accounts that should be included in the financial
statements have all been included.
 Valuation or Allocation. Assets, Liabilities, Equity, revenues and expenses components
have been included in the financial statements at appropriate amounts
 Rights and Obligations. The company holds or controls rights to the assets and liabilities
are obligations of the company at a given time
 Presentation and Disclosure. The components of the financial statements are properly
classified described and disclosed. etc

Therefore auditors should gather audit evidence that aims at confirming and collaborating the
above assertions; ensuring its sufficiency and appropriateness as well as its relevance and
reliability (quality). There should be a procedure/program on how such evidence should be
gathered.

SELECTING ITEMS FOR TESTING TO OBTAIN AUDIT EVIDENCE

Designing substantive tests and tests of control includes determining the means of selecting items
for testing from among the items included in an account or the occurrences of a control.

3
The auditor should determine the means of selecting items for testing to obtain evidence that in
combination with other relevant evidence is sufficient to meet the objectives of the audit procedure.
The alternative means of selecting items for testing are;
 Selecting all items-Testing the entire population of items especially for smsll number of
large value items
 Selecting specific items-Testing all of the items in a population that have a specified
characteristics such as key items, all items over a certain amount etc
 Audit sampling-Testing items less than 100% of the entire population
The particular means or combination of means of selecting items for testing that is appropriate
depends on the nature of the audit procedure, characteristics of the control or the items in the
account being tested and the evidence necessary to meet the objective of the audit procedure.

EVIDENCE GATHERING TECHNIQUES

The auditor is required to gather sufficient appropriate audit evidence. There are six major
evidence gathering techniques as follows;
 Inspection-this involves looking at records, documents, physical assets as well as
examining perusing, reading reviewing scanning, scrutinizing and vouching. Inspection
supports existence and valuation.
 Observation –involves watching staff perform procedures. Observation is important when
determining control risk. Observation is highly reliable at a point in time but not over a
long time period e.g surprise cash count.
 Enquiry-used to obtain oral evidence. Enquiry must be collaborated with other types of
evidence
 Computation-involves recalculations of key figures like depreciation, allowance/provision
for doubtful accounts etc
 Confirmation-verifying accounting records. Confirmation supports the management
assertions of existence, ownership, valuation etc
 Analysis-used at the beginning, middle and end of the audit e. g ratio analysis, comparisons
etc. This supports completeness, valuation, measurement and statements presentation

USING WORK OF AN EXPERT

Who is an expert?
IAS 620 defines an expert as:
An individual or organization possessing expertise in a field other than accounting or auditing
whose work in that field is used by the auditor in obtaining sufficient appropriate audit evidence.

An auditor’s expert may be either an auditor’s internal expert (who is a partner or staff including
temporary staff of the audit firm or a network firm) or an auditor’s external expert.

Examples of specialists/experts who may be relied upon by the auditor include

Valuers, Actuaries, stockbrokers, Architects, Lawyers, Quantity Surveyors, Medical Doctors etc

Points to Consider
Generally, in deciding whether the auditor needs to have a specialist opinion, they should consider:
 The knowledge and ability of the audit team

4
  The risk of material misstatement based on the nature, complexity and materiality of the
issue being considered
 The quantity and quality of the other audit evidence which can be obtained
Factors which may influence the auditor to rely or not to rely on the work of a particular
expert/specialist:
a) Competence of the specialist. This is indicated by the technical qualifications, certification
and licensing or membership to professional bodies. The expert also should have some
level of reputation or standing in the area of expertise.
b) Experience of the specialist. The expert should have appropriate experience to carry out
the work
c) The independence of the specialist. The degree of relationship with the client may be a
factor here.

During the process of appointing the expert

If it is the intention of the auditor to place reliance on the work of the specialist, it is important to
hold consultation between the auditor, client and specialist at the time the specialist is being
appointed to reach an agreement on the work to be performed. The agreement should cover
 Objectives, scope and subject matter of the specialist’s work
 Assumptions on which the specialist’s work depends and their compatibility with the
accounts. For example are going concern or market value to be taken
 A statement of the bases used in previous years and any changes to be made
 The use to be made of the specialist’s findings
 The source of information to be provided to the specialist
 The identification of any relationship that may affect the specialist’s objectivity

Evaluation of the specialist’s evidence

1) The sufficiency and appropriateness of the expert’s evidence will depend on:
 The nature of the evidence required
 The materiality of the items being evidenced
 The auditor’s assessment of the competence of the specialist
 The independence of the specialist from the client
2) The auditor has to review the findings of the specialist and draw his/her own conclusion.
In doing this they will look at:
 the source of data used
 the assumptions and method used and their consistency with the previous periods
 at what stage was the expert’s work carried out
 an overall evaluation of the expert’s work in light with the auditor’s own knowledge
of the business and the industry and result of other audit procedure which may
collaborate with expert’s opinion.
3) If the auditors are not satisfied with the expert’s work, they have the following options
 Try again with another expert
 Discuss the situation with the client and the expert together to see if difficulties can
be resolved
 Apply additional audit procedures
 As a last resort, it may be necessary to modify or qualify the report for lack of
evidence.

5
 AUDIT PROCEDURES
Audit procedures are the processes, techniques, and methods that auditors perform to obtain audit
evidence, enabling them to conclude on the set audit objective(s) and express their opinion.
Sometimes we call audit procedures audit programs. These two terms are referring to the same
thing.

Auditors normally prepare audit procedures at the planning stages upon identifying audit
objectives, audit scope, audit approach, and audit risks.

Auditors design audit procedures to detect all kinds of risks identified and ensure that the required
audit evidence is obtained sufficiently and appropriately.

Normally, audit partners need to approve audit plans and audit procedures before the audit team
performs their testing. This is to make sure that all concerns or risks are addressed in the
procedures.

Audit procedures might be different from client to client and period to period. This is because
internal control over financial reporting is different from one client to another, and the control
might be changing from time to time.
The auditor might need to update audit procedures from time to time even though his/her firm or
team had audited past financial statements.

These procedures can be classified into two categories:

 Risk Assessment procedures (aimed at testing and confirming the existence, effectiveness
and compliance to the internal control system) These may include management
/governance structures, authorizations, authority limits etc
 Further audit procedures( Substantive procedures and analytical reviews/procedures)

Typically, five types of audit procedures normally used by auditors to obtain audit evidence
include Analytical review, inquiry, observation, inspection, and recalculation and re-performance
1) Analytical Review/procedure
Analytical review is not only the procedure that used to obtain audit evidence, it is also used to
assess the unusual transactions or events as the principle or basic to perform other procedures.
For example, when auditor found there is unusual transactions or event as the result of using
analytical review, the auditor will use other applicable procedures to obtain evidence.
The analytical procedure could be used for the types of transactions or events that occur regularly
or connect with others transactions or events. Use of ratio analysis can be used to make
comparisons to prior periods, budgets, forecasts, similar industries etc.
For example, we can use the analytical procedure to assess the reasonableness of depreciation that
records in the financial statements. The main reason is that depreciation expenses are calculated
systematically and occur regularly.
2) Inquiry
Auditors inquire from an accountant and related management to gather information and explain
the matter found by auditors.

6
Sometimes auditors inquire about the business process and how financial transactions are
recording and the major control on business transactions.
The inquiry is also one of the most important audit procedures and it could be used in different
stages.
For example, the auditor might inquire about management at the planning stage. The auditor could
also inquire management to confirm the contingent liabilities at the end of the audit work.
Audit inquiry is sometimes used by the auditor to obtain the audit evidence and sometimes is used
to understand some nature of business or accounting transactions to gain enough knowledge to
design and perform testing.
However, information from inquiry sometimes is hard to be used as audit evidence.
The audit evidence found as the result of your testing after an inquiry is strong to be used as audit
evidence rather than information from the inquiry itself.
3) Observation
Observation is one of the audit procedures that auditors use to understand and gather audit
evidence mainly to the real process or how clients have done some specific business processes.
This kind of audit procedure mainly confirms the process that the client has told you, physical
confirmation, or some time used to obtain audit evidence to make their own projection, which will
be used for comparison with the client figure.
For example, an auditor joins client stock take at the year-end and observes whether the way they
count is the correct procedures or not.
In this procedure, the audit is not to confirm whether the client counts their inventories correctly
or not, but it is to confirm whether the client counting procedure is correct or not.
Another thing is the auditor tries to confirm whether the counting has really existed.
However, in practice, sometimes the auditor not only observes how the client counts but also
jointly performs counting inventories.
Sometimes auditors using observation are not only for observing in counting fixed assets or
inventories but also for testing the reasonableness of revenue. Here is how,
For example, the auditor performs the reasonableness testing of revenue recording in the restaurant
and based on the accounting record fact check with their understanding. The revenue seems not
completely recorded.
In this case, the auditor might perform one week or two weeks observation in the restaurant and
then make their own estimate of whether or not the revenue is reasonable.
In banking, management of queues and customer care/service can too be observed by the auditor.
etc
4) Inspection
Inspection refers to verification or vouching documents. This is one of the most important, and
60% of audit work involves the inspection of documents.
For example, the auditor examines the sales invoices that are recorded in the financial reports.
The auditor might examine whether the invoice issued by the client is really based on the goods
received. And the goods received are actually a reflection of what the company ordered.
The auditor might also examine the payment voucher against the authority that approves the
payment vouchers.
The auditor might also inspect the supporting documents recording the inventory’s movement
during the year. This is including the documents related to purchasing raw material.
5) Recalculation

7
Recalculation is the type of audit procedure normally done by re-performing the works performed
by the client to assess if there is any difference between the audit’s work and the client’s work.
For example, the auditor might re-perform depreciation calculation and assess if there any
difference between auditor calculation and the client’s calculation.
The auditor might also perform the recalculation on monthly salary expenses prepared by the
payroll and finance department to ensure that the net salaries paid to the employee are correct.
Bank reconciliations can be also reviewed by the auditor
Recalculation is the procedure that used to confirm the accuracy of transaction that involves
calculation.

DESIGNING THE AUDIT PROCEDURE

Audit procedures are normally designed by auditors based on the characteristic of target
transactions or event’s risks associated with and the approach the auditor plans to responds to those
risks.
Risk assessment contributes significantly to how auditors design the right audit procedures.
Right audit procedures help the auditor perform their work more effectively and contributes to the
auditor in minimizing audit risks (detection risk).
When designing the audit procedure, the auditor must ensure that the procedure addresses three
important things.
 The assertion that the auditor wants to confirm
 Procedure to test that assertion
 Reason to perform the procedure
After performing a risk assessment, the auditor will be identify the risks that they think might
happen to financial statements.
For example, the auditor might think the inventories that are reported in the financial statement
might not exist. In this case, existence is the assertion that the auditor wants to test.
Therefore, inventories observation is the procedure that should be included in the inventories’ audit
procedure.
How to perform, the number of inventories tests to be observed needs to be stated clearly to make
sure that the auditor in charge of this cycle could understand.

REVISING AUDIT PROCEDURES DURING THE SUBSTANTIVE TESTING

Audit procedures are initially prepared at the planning stage based on the risks assessed according
to the internal controls environment and internal control over financial reporting.
The auditor’s understanding of the client’s internal control system over financial reporting or the
information they obtained at the time of planning might not be correct and sufficient.
Therefore, if during the substantive testing, the auditor notes that the audit procedures are not
addressing the possible risks ie procedures are not sufficient to address the risks, then audit
procedure could be revised. The revision might need to get approval from the audit partner.
Auditors can also assess if the procedures that are performed in the substantive testing are correct
or sufficient or not while they are in the conclusion stage.

8
If the procedures are not sufficient or incorrect, then the procedures are needed to be revised, and
then additional works are needed to be done.
Before the execution of audit procedures, auditors need to get those procedures approved by audit
partners first. The revision of audit procedures in all stages: planning, substantive/execution, and
conclusion also need to be approved by audit partners.