CHARACTERICTICS OF COMPUTER (CAATs) INFORMATION SYSTEMS (LCECSV) SOME OF THE COMMONLY USED CAATs Lack of visible transaction trails INCLUDE (TIP) Consistency of performance Ease of Access to data and computer Test data Programs (EADCP) Integrated test facility (ITF) Concentration of duties Parallel simulation Systems generated transactions Vulnerability of data and program storage OTHER CAATs (highly complicated media (VDPSM) computerized system)
INTERNAL CONTROL PROCEDURES Snapshots
CLASSIFIED INTO TWO System control audit review files (SCARF)
General controls CHAPTER 8
Application controls TWO TYPES OF SUBSTANTIVE TEST (AT) GENERAL CONTROL (OSADM) Analytical Procedures OVERALL COMPUTER INFORMATION Test of details SYSTEM CONTROLS INCLUDE: THE FOLLOWING GENERALIZATION MAY Organizational controls BE HELPFUL IN ASSESSING THE Systems development and documentation PREDICTABILITY OF THE ACCOUNTS. controls (IAR) Access controls Data recovery controls Income statement account are more Monitoring controls predictable compare to balance sheet accounts ORGANIZATIONAL CONTROLS Accounts that are not subject to Segregation between the CIS department management discretion are generally and user department predictable. Segregation of duties within the CIS Relationships in a stable environment are department more predictable than those in a dynamic or unstable environment. APPLICATION CONTROLS THESE INCLUDES TEST OF DETAILS
Controls over input Test of details of balance
Controls over processing Test of details on transaction Controls over output EFFEECTIVENESS OF SUBSTANTIVE TEST EXAMPLE OF INPUT CONTOLS INCLUDE: affected by it’s; (NTE)
Key verification Nature of substantive test
Field check Timing of substantive test Validity check Extent of substantive test Self-checking digit AUDIT EVIDENCE CONSISTS OF; (UC) Limit check Control totals Underlying accounting data Corroborating information IN TESTING APPLICATION CONTROLS, THE AUDITOR MAY EITHER: (AU) WHEN OBTAINING AUDIT EVIDENCE Providing adequate defense in case FROM EITHER TEST OF CONTROL OR of litigation. SUBSTANTIVE TEST, AUDITOR CONSIDER; FORM, CONTENT AND EXTENT OF AUDIT Sufficiency DOCUMENT Appropriateness IN DECIDING ON FORM, CONTENT AND FACTORS MAY BE CONSIDERED IN EXTENT OF AUDIT DOCUMENT WHAT EVALUATING THE SUFFICIENCY OF WOULD ENABLE AN EXPERIENCE EVIDENCE; (CMRE) AUDITOR, HAVING NO PREVIOUS CONNECTION WITH AUDIT, TO The competence of evidence UNDERSTAND; The materiality of the item being examined The risk involved in a particular account The nature, timing and extent of the audit Experience gained during previous audit procedures performed to comply with PSAs may indicate the amount of evidence taken and applicable legal and regulatory before and whether such evidence was requirements; enough. The results of the audit procedures and the audit evidence obtained; and GENERALIZATIONS COULD HELP THE Significant matters arising during the audit AUDITOR IN ASSESSING THE and the conclusions reach thereon. RELIABILITY OF AUDIT EVIDENCE; IMPORTANT ITEM WOULD NORMALLY Audit evidence obtained from independent REQUIRE AUDIT DOCUMENTATION outside sources (for example, confirmation received from a third party) is more reliable Significant matters than that generated internally Depart from a basic principle or an essential Audit evidence generated internally is more procedure reliable when the related accounting and Nature, timing and extent or audit internal control systems are effective procedures performed Audit evidence obtained directly by the auditor is more reliable than that obtained IN DOCUMENTING THE NATURE, TIMING from the entity AND EXTENT OF AUDIT PROCEDURE Audit evidence is the forms of documents PERFORM, AUDITOR SHOULD RECORD and written representations is more Who performed the audit work and the date reliable than oral representations. such work was completed; and FUNCTION OF WORKING PAPER Who reviewed the audit work performed and the date and extent of such review Working paper are prepared primarily to CLASSIFICATION OF WORKING PAPER Support the auditor’s opinion on financial statement Permanent file Support the auditor’s representation Current file as to compliance with PSA PERMANENT FILE INCLUDE (CMEOAI) Assist the auditor in the planning, performance, review and supervision Copies of the article of incorporation and by of the engagement. laws Major contracts Secondarily, working paper also assist the Engagement letter auditor in Organizational chart Planning future audits Analyses of long-term account such as plant Providing information useful in asset, long-term liabilities and stockholders’ rendering other service (MAS or Tax accounts consultancy) Internal control analyses CURRENT FILE NORMALLY INCLUDES (AAWLDC) AUDIT SAMPLING PLANS A copy of the financial statements Audit programs Attribute sampling Working trial balance Variable sampling Lead schedules BASIC STEPS IN AUDIT SAMPLING Detailed schedules (DDDSAE) Correspondence with other parties such as lawyers, customers, bank and management. 1. Define the objective of the test 2. Determine the audit procedure to be TECHNIQUES MAY BE USED BY THE performed AUDITOR WHEN PREPARING WORKING 3. Determine the sample size PAPERS (HICT) 4. Select the sample Heading 5. Apply the procedure Indexing 6. Evaluate the sample result Cross-indexing/ cross referencing DIFFERENT BETWEEN AUDIT SAMPLING Tick marks AND 100% EXAMINATION IS THAT AUDIT CHAPTER 9 SAMPLING;
RISK IN SAMPLING Determine the sample size
Select of sample and Sampling risk Projection of errors in evaluating the sample Non-sampling risk results TWO TYPES OF SAMPLING RISK THREE FACTORS AFFECTING THE DETERMINATION OF SAMPLE RISK FOR Alpha Risk TEST CONTROLS (ATE) Beta Risk Acceptable sampling risk AUDITORS CONTROL SAMPLING RISK BY Tolerable deviation rate Increasing the sample size, and (ISS) Expected deviation rate Using an appropriate sample selection SAMPLE SELECTION METHOD FOR TEST method (UASSM) CONTROLS NON-SAMPLING RISK CAN BE MINIMIZED THREE PRINCIPAL METHOD OF BY (PA) SELECTING SAMPLES Proper planning; and Random number selection Adequate direction, review and supervision Systematic selection of the audit team (ADRSAT) Haphazard selection TWO SAMPLING APPROACHES CAN BE GENERAL GUIDELINES MAY USED WHEN USE TO GATHER SAE EVALUATION SAMPLE RESULTS FOR Statistical Sampling TEST OF CONTROLS Non-statistical sampling 1. Determine the sample deviation rate STATISTICAL SAMPLING HELPS THE 2. Compare the sample deviation rate with the AUDITO R TO (DMO) tolerable deviation rate and draw an overall conclusion about the population Design an efficient sample Measure the sufficiency of evidence obtained; and Objectively evaluate the sample results OTHER SAMPLING APPLICATION FOR TEST OF CONTROLS Sequential Sampling Discovery sampling FACTORS IN DETERMINING THE SAMPLE SIZE FOR SUBSTANTIVE TEST (ATEV) Acceptable sampling risk Tolerable misstatement Expected misstatement Variation in the population SAMPLE SELECTION METHOD SELECTING A SAMPLE FOR SUBSTANTIVE TESTS (SV) Stratified sampling Value weighted selection EVALUATING SAMPLE RESULTS FOR SUBSTANTIVE TEST Project the misstatement to the population Compare the projected misstatement together with the tolerable misstatement and draw an overall conclusion (CPMTTMDOC)