AUDIT TEST/ujian audit

A. The purpose of audit tests

The purpose of audit tests, or audit procedures, is to allow the auditor to collect sufficient
appropriate audit evidence to be able to conclude with reasonable assurance that the financial
statements (FS) are free of material misstatement. If sufficient appropriate audit evidence
cannot be obtained, or the evidence points to a material misstatement in the FS, the auditor
will have to issue a modified audit opinion.

B. Misstatements will find their way into published financial statements only if three
events all happen:
a. An error is made in the first place. The risk of that happening is known as ‘inherent
risk’, and assessing that is a very big part of audit planning.
b. The client’s internal control system does not prevent, identify or correct the error.
This is known as ‘control risk’.
c. The auditor does not detect the error during the audit. This is known as ‘detection
risk’.
d. There are therefore two lines of defence preventing an error that has occurred from
ending up in the published FS: the internal control system and the work auditor carries
out.

If the client’s internal control system is good, there is a reduced likelihood that there will be
an error in the FS and the auditor will reduce the amount of audit work to be carried out. If
the internal control system is poor, the auditor will have to perform much more work as the
audit is the only defence left against a material misstatement appearing in the published FS.

C. Therefore, the auditor must:

a. Assess the effectiveness of the internal control system. This means investigating both
its design and its operation. The operation of the internal controls is assessed by
carrying out tests of control.
b. Obtain additional, direct evidence about the amounts shown in the FS. This evidence
is obtained using substantive testing.
c. Consider the receivables amount in the SOFP. One way in which this could be
misstated would be if it were incorrectly valued, perhaps because a large balance was
owed by a customer who was unlikely to pay.
D. The controls that would help to prevent that include:
a. Take up credit references on new customers.
b. Establish a credit limit.
c. Producing aged receivables analyses.
d. The follow up amounts that are not paid on time.
e. The operation of these controls needs to be tested. For example:
f. Look at the client’s files where credit references are kept to ensure that every
customer was investigated. The auditor would inspect the references.
g. Look for evidence of new orders being rejected if they would breach the credit limit.
This could be tested by inspecting copies of notifications sent to customers. The
auditor might also consider using test data to observe if an order exceeding the credit
limit is actually rejected.
h. Inspecting notes made by the credit controller of conversations held with slow payers
and perhaps enquiring about the follow-up procedures that are carried out.
i. Each of these audit tests are testing a control or control procedure. They are therefore
testing of control. These tests are not investigating the receivables balance in the
SOFP. I repeat, a test of control tests controls, not amounts in the FS.

E. Tests of control (ujian kawalan) can be grouped into:

1. Enquiry and confirmation. For example, ask the credit controller about the way in which
customers are encouraged to pay and ask how these customers are identified and how often
they are followed up. This is a relatively weak source of evidence because the credit
controller might exaggerate his or her efforts.

2. Inspection. For example, the credit references or notes made by the credit controller of
conversations. Even when internal control systems are very good, the auditor will always
carry out tests on the figures in the FS. The work has to address all the assertions made by
each material figure. For example, valuation, completeness, existence etc. These tests are
substantive tests and consist of:

3. Analytical procedures and Tests of detail.

So, staying with receivables, the auditor would calculate the receivables collection period. If
this were not too large and broadly in line with previous periods, the auditor would have
gained some evidence about valuation (i.e. most debts not very old).

Tests of detail would include:

 a. Writing to customers asking them to confirm the amount owed (existence and
ownership).
b. Tracing, by inspection, some sales invoices to the Dr side of customers’ accounts
(existence and ownership).
c. Observation/inspection of amounts received after year end. This gives evidence about
valuation because if a payment is received subsequently the debt was obviously not
bad.
d. Recalculation of bad debt provisions.

Substantive tests( ujian pematuhan) therefore include analytical procedures in addition to

the four classes of audit procedures available for testing controls, so giving the well-known
mnemonic AEIOU:

1. Analytical procedures

2. Enquiry and confirmation

3. Inspection

4. Observation

5. RecalcUlation and reperformance

Remember if the tests of control show that controls are not operating correctly, the auditor
will have to increase the substantive tests. For example, if the client does little to assess
customers’ credit worthiness to ensure, as far as possible, that debts are recoverable, the
auditor will have to do much more work on the receivables figure in the SOFP to be satisfied
that the amount is valued at a true and fair amount.
Substantive testing or substantive procedure is the technique used by the auditor to obtain the
audit evidence in order to support auditor opinion. Substantive testing is part of the
substantive audit approach and it is performing at the execution stage of the audit.

It is different to test of control. The number of samples in substantive testing is depending on

many factors. For example, the audit approach that considered by the audit manager or
partner whether they decided to use a systematic approach, a substantive audit approach or
else.
Normally, if the audit approach to be used is substantive, then the volume of samples to be
reviewed is higher than a systematic approach.

It is different from the control test. In control testing, auditor wants to assess the internal
control that designed and implement by auditor especially the internal control over financial
reporting.
Substantive testing is sometimes called detail testing where the main objective is to verify the
balances, transactions, and disclosures of financial statements.

The auditor could not use the result of the test of control to make the conclusion that the
financial statements are true and fair view. The result of the test of control could only
conclude the internal control context.

Principally, substantive testing is to confirm the following financial assertion:

1. Financial Assertions:
2. Verified existence,
3. Confirmed rights and obligations,
4. Check validity,
5. Verified completeness.
6. Check occurrence
7. Check completeness,
8. Confirmed accuracy,
9. Verified authorization,
10. test cut-off,
11. check classification.
Explanation:
i. As mention above, the substantive audit procedures are performing at the execution
stage after auditors prepared audit planning. After audit performs understand client
internal control, and test of control, then auditors will assess whether they can rely on
the control or not.

ii. If auditors could rely on, then there are fewer works to do in substantive testing. But
the auditor concluded that the control could not rely on it. Then, testing might be up to
100%.
 iii. Normally, auditor designed their testing based on the samples selected and then
verified with the supporting document. Sampling will follow the guidance from the
international standard on auditing.

iv. The testing will be different from the balance sheet items and income statements
items. Normally, if both of these items are correct, then the items in the statement of
change in equity, statement of cash flow are also correct.

Substantive Audit Testing Flow Chart:

Example:
Let start with the substantive test of revenue.

For example, you are an auditor and your senior gives you the revenue cycle for testing. And
you will have some questions about what should you do in control testing and what should
you do in substantive testing.

Basically, you will have to start with the control test by testing all significant controls or key
control related to the revenues.

These testing just to confirm whether the control over the revenue cycle is working or not. It
is not to confirm whether the revenue transactions, amount and classification is correct.
Now once you performed and conclude that the control over the revenue cycle is working
properly, then it is the time to considers substantive testing.

The substantive testing here is to confirm whether the revenue that records in the income
statement is correct or not. I said correct or not here is just to give you the simple words. In
revenue testing, you might confirm many areas like:

Testing to confirm cut off

Confirm the total amount (total sales amount or revenue) by vouching and analytical review
with the cost of sales or inventories.
Customers confirmation ( AR confirmation)
Check revenue recognition
And so on.