Professional Documents
Culture Documents
Week 5 Internal Control and Risk Assessments PowerPoint
Week 5 Internal Control and Risk Assessments PowerPoint
)
&
audit risk model
Week 5
The
watch
Objective
Understand
Understand
Understand
Understand
evidence.
Risk Assessment
Planning
Fraud risk
Complexity of transactions
Unusual transactions
Revision
Management responsibility
Management must establish and maintain the entity's control
structure, which aids management by ensuring:
irregularities are prevented or detected and corrected;
assets are safeguarded;
financial records are accurately reflected;
adherence to management policies;
operational efficiency is promoted that prevents; and
unnecessary duplication of effort.
Because of its inherent limitations, an internal control
structure cannot be regarded as completely effective,
regardless of the care taken in its design and implementation.
8
Auditor responsibility
ASA 315 para 12 states that:
The auditor shall obtain an understanding of
internal control relevant to the audit
The auditors understanding of the internal control is then used
to plan the audit and to determine the nature, timing and
extent of tests to be performed.
The above has to be done in the context of the internal
control structure as defined in ASA 315.
10
Control environment
Sets the tone of the entity towards control
consciousness and includes:
Enforcement of integrity and ethical values
example: setting the tone at the top of the entity by demonstrating integrity
and ethical behaviour.
Commitment to competence
example: adequate knowledge and skills at every level in the entity.
11
Control environment
Participation by those charged with governance
Managements philosophy and operating style
example: approach to taking and monitoring business risks.
Organisational structure
Assignment of authority and responsibility
Human resource policies and practices
example: screening prospective employees.
12
13
Risk Exposure
Detection risk (ISA(NZ)200:13c; A42-A44)
Audit Strategy
Substantive
Test
Low or very
Predominantly
low
substantive approach
High
Low
17
Materiality
Audit opinion is about whether a financial statement is free from
MATERIAL misstatement. Therefore it is important to identify what is
material for a certain audit.
The higher the risk, the lower the materiality level. The video below
explains it.
ISA(NZ) 500:4
The auditor should obtain sufficient appropriate audit
evidence to be able to draw reasonable conclusions
on which to base the audit opinion
Sufficient = enough
Appropriate = relevant and reliable
Reasonable = rational basis for an opinion
20
Audit Evidence
Relevance and Reliability (ISANZ A26-A31)
21
Audit Procedures
Analytical procedures
Inspecting
Tracing
Vouching
Confirming
Enquiring
Counting
Observing
Re-performing
22
tests
substantive
procedures (test of
details) to test transactions and
balances
23
24
re-performance of procedures
Audit must test the control for the whole financial period.
For audit efficiency, the test of controls should be performed as late in the interim
period as possible.
Extent of tests
More extensive tests of controls provide more evidence of the effectiveness of control.
The extent of tests is influenced by the nature of the control (ie automated, ITdependent or manual)
Refer Figure 14.2 in the textbook for an illustration of an audit program designed
Textbook Chapter 9 PPT9 for tests of controls (p.597)
25
analytical procedures
27
29
May
30