Professional Documents
Culture Documents
Province of Rizal
Binangonan Campus
COLLEGE OF ACCOUNTANCY
Reporters:
External Audits
● is an independent attestation performed by an expert (auditor), who expresses
an opinion regarding the presentation of financial statements.
Internal Audits
● an internal audit function established within an organization to examine and
evaluate its activities as a service to organization
Fraud Audits
● The objective of this audit is to investigate anomalies and gather evidence of fraud
that may lead to criminal conviction.
1. Auditing standards
● General standards
a. Must have adequate technical training and proficiency
b. Must have independence of mental attitude
c. Must exercise due professional care in the performance of audit and
preparation of report
● Standards of Fieldwork
a. Audit work must be adequately planned
b. Must gain sufficient understanding of the internal control structure
c. Must obtain sufficient, competent evidence
● Reporting standards
a. Must state if financial statements was prepared according to GAAP
b. Must identify circumstance of inconsistency
c. Must identify items that do not have informative disclosure
d. Report shall contain an expression of auditor’s opinion
2. A Systematic Process
● Conducting an audit is a systematic and logical process
● Systematic approach is particularly important to the IT environment. Logical
framework for conducting an IT audit is critical to help auditor identify all
important processes and data files
4. Obtaining evidence
● Auditors seek evidential matter that corroborates management assertions
● Evidence is collected by performing test of controls and substantive tests
● Test of controls – establish if internal control is functioning properly
● Substantive test – determine if accounting databases fairly reflect the
transactions and account balances
5. Ascertaining Materiality
● Auditors must determine if weaknesses in internal control and misstatements
found are material.
● By determining materiality, the auditor can concentrate on areas that have a
higher likelihood of containing significant errors or weaknesses, ensuring that
their work is focused on matters that are most relevant to the financial statements
6. Communication Results
● Auditors must communicate the results to interested users
● Renders report to the audit committee
Audit risk
● The probability that the author will render an unqualified opinion on financial
statements that are, in fact, materially misstated, caused by errors or
irregularities or both.
● Errors – unintentional mistakes.
● Irregularities – intentional misrepresentations associated with the commission of
fraud.
1. Inherent risk
● Associated with the unique characteristic of the business or industry of the client.
● Auditors cannot reduce the level of inherent risk.
● It is influenced by factors such as the complexity of transactions, the nature of
the industry, the entity's size, and the regulatory environment. Higher inherent
risk indicates a greater likelihood of material misstatements.
2. Control risk
● Is the likelihood that the control structure is flawed because controls are either
absent or inadequate to prevent or detect errors in the accounts.
● Reflects the effectiveness of the entity's internal control system in mitigating
inherent risk.
● Auditors assess the level of control risk by performing a test of control.
3. Detection risk
● Risk that the auditor is willing to take that errors not detected or prevented.
● It is influenced by the nature, timing, and extent of audit procedures performed by
the auditors. Higher detection risk indicates a higher probability of auditors not
detecting material misstatements.
THE IT AUDIT
● Audit Planning – must gain a thorough understanding about the firm to plan
other phases of audit.
● Test of Controls – its objective is to determine whether adequate internal
controls are in place and functioning properly.
● Substantive Testing– audit process that focuses on financial data.
INTERNAL CONTROL
Copyright Law–1976
- Added software and other intellectual properties into the existing copyright
protection laws.
1. Keeps records that fairly and reasonably reflect the transaction of the firm and its
financial position.
2. Maintain a system of internal control that provides assurance that the org’s
objectives are met.
MODIFYING PRINCIPLES
a. The Control Environment - foundation for other four control components, it sets the
tone for the organization and influences the control awareness of its management and
employees. It includes the following elements:
● Integrity and ethical values of management.
● Structure of the organization
● Participation of board of directors and audit committee.
● Management Philosophy and operating style
● Procedure for delegating responsibility and authority.
● Management methods for assessing performance.
● External influences (regulatory agencies).
● Organization's policies and practices for managing its human resources.
d. Monitoring – is the process by which the quality of internal control design and
operation can be assessed.
e. Control activities – are the policies and procedures used to ensure that appropriate
actions are taken to deal with the organization’s identified risks.
INFORMATION TECHNOLOGY CONTROL