Chapter 13

Overall Audit Plan

and Audit Program

13 - 1

Presentation Outline
I. Application of Audit Testing
II. Selecting Tests to Perform
III. Design of the Audit Program
IV. A Summary of the Audit Process

13 - 2

I. Application of Audit Testing

A. Tests of Controls
B. Testing for Monetary Misstatement
C. Reduction of Risk
D. Audit Assurance at Different Levels of
Internal Control Effectiveness
E. Simultaneous Testing of Controls and
Substantive Testing of Transactions
F. Timing of Audit Testing
13 - 3

A. Tests of Controls

Audit procedures to test the operating effectiveness of

control policies and procedures in support of a
reduced assessed control risk. Some examples
include:
Matching of vendor invoices against a purchase order
and receiving report before approving invoice for
payment.
Examination of employee time cards for approval of
overtime.
13 - 4

B. Testing for Monetary Misstatement

Substantive Tests of
Transactions
Testing for monetary
misstatements to determine
if the following 6 transactionrelated audit objectives
have been met:
Existence
Completeness
Accuracy
Classification
Timing
Posting and Summarization

Tests of Details of
Balances
Testing for monetary
misstatements to determine if the
following 9 balance-related audit
objectives have been met:
Existence
Completeness
Accuracy
Classification
Cutoff
Detail tie-in
Realizable value
Rights and obligations
Presentation and disclosure
13 - 5

C. Reduction of Risk
Control Risk
Procedures to gain an
understanding of internal
control
Tests of controls
Once the auditor obtains an
initial understanding of
controls, tests of controls must
be performed to obtain
evidence regarding the
effectiveness of controls.
Stronger controls will allow
the auditor to assess control
risk below the maximum.

Detection Risk
Substantive tests of
transactions
Analytical procedures
Tests of details of
balances
The more evidence an
auditor collects from the
above procedures, the
lower the detection risk.
Detection risk must be
lower when control risk
is higher.

13 - 6

Acceptable
assurance

No
assurance

AUDIT ASSURANCE

D. Audit Assurance at Different Levels of Internal

Control Effectiveness
C3

Audit
assurance
from
substantive
tests

C2
C1

Audit assurance
from control risk
assessment and
tests of control

A
C
B
INTERNAL CONTROL EFFECTIVENESS
Weak control
Strong control
Reliance on controls: C3 None, C2 Some, C1 Maximum
13 - 7

E. Simultaneous Testing of Controls and

Substantive Testing of Transactions
The determination of control risk affects the type of
procedures and sample size for the substantive testing of
transactions.
For purposes of convenience, the testing of controls and
substantive testing of transactions will often occur
simultaneously.
In such situations the auditor will make an assumption
about the results of tests of controls. If the testing of
controls indicates that internal control is worst than
expected, substantive testing of transactions will have to
be modified accordingly.
13 - 8

F. Timing of Audit Testing

Auditors frequently consider it desirable to perform audit
tests prior to year end. Certain procedures may be
performed at an interim time (prior to clients year end) :
Update depreciation schedules
Examine new loan agreements
Vouch transactions
Analyze changes in clients accounting system
Review board of director minutes
If strong internal controls exist the auditor may also:
Observe physical inventories
Confirm account balances

13 - 9

II. Selecting Tests to Perform

A. The Cost of Testing

B. Appropriate Evidence for Audit Testing
C. Risk and Testing in the Audit Process

13 - 10

A. The Cost of Testing

Going from the most to least
costly, the types of tests
are:
Tests of details of balances
Substantive tests of
transactions
Tests of controls
Procedures to obtain an
understanding of internal
controls
Analytical procedures
13 - 11

B. Appropriate Evidence for Audit Testing

Analytic
performance

Reperformance

Inquiries of
the client

Observation

Procedures for internal control

Tests of controls
Substantive tests of transactions
Analytical procedures
Tests of details of balances

Documentation

Type of Test

Physical
Examination
Confirmation

Type of Evidence

13 - 12

C. Risk and Testing in the Audit Process

Substantive Testing of
Transactions
In some situations it may be more
efficient to assess control risk at
a higher level and reduce or
eliminate tests of controls. This
depends on cost of testing
controls versus the additional
substantive testing that would
result from a higher control
risk.

Tests of Details of
Balances
If tolerable misstatement
is low, and inherent risk
and control risk are
high, planned tests of
details of balances must
be high.

13 - 13

III. Design of the Audit Program

Most audits design an audit program in the

following three parts:
A. Tests of Controls and Substantive Tests of
Transactions
B. Analytical Procedures
C. Tests of Details of Balances

13 - 14

A. Tests of Controls and Substantive Tests of Transactions

A four-step approach when the auditor plans to reduce
assessed control risk below the maximum:
Transaction related audit objectives are applied to the class
of transactions being tested, such as sales.
Key controls that should reduce control risk for each
transaction-related audit objective are identified.
For all internal controls used to reduce the initial assessment
of control risk below the maximum (key controls),
appropriate tests of controls are developed.
Design appropriate substantive tests of transactions,
considering weaknesses in internal control and expected
results of tests of controls (allows for simultaneous tests of
controls and substantive testing).
Note: If control risk is assessed at 1.0, only substantive tests of
transactions will be used in this part of the audit program. 13 - 15

B. Analytical Procedures

Analytical procedures may be performed during 3 different stages of

the audit:
In the planning stage to help the auditor understand the clients
business and determine other evidence needed to satisfy
acceptable audit risk.
During the audit, especially during substantive testing.
Near the end of the audit as a final test of reasonableness. 13 - 16

C. Tests of Details of Balances

If the results of tests of

controls, substantive
tests of transactions, and
analytical procedures
are not consistent with
the predictions, tests of
details of balances will
need to be changed as
the audit progresses.
Figure 13-6 on page 388 illustrates the testing methodology
using Accounts Receivable

13 - 17

IV. A Summary
of the Audit
Process

13 - 18

Summary of the Audit Process - Phase I (Planning)

Accept client and perform initial planning.
Understand the clients business and industry.
Assess clients business risk.
Perform preliminary analytical procedures.
Set materiality and assess acceptable audit risk
and inherent risk.
Understand internal control and assess control risk.
Develop overall audit plan and audit program.

13 - 19

Summary of the Audit Process - Phase II (Begin Field Work)

From
Phase I

Plan to reduce assessed

level of control risk?

No

Yes
Perform tests of controls.
Perform substantive tests of transactions.
Assess likelihood of misstatements in
financial statements.

13 - 20

Summary of the Audit Process Phase III (End of Fieldwork)

From
Phase II

Likelihood of Misstatement
in Financial Statements
Low
Medium High or
unknown

Perform analytical procedures.

Perform tests of key items.
Perform additional tests of details of balances.
13 - 21

Summary of the Audit Process Phase IV (Wrap-Up)

From
Phase III

Review for contingent liabilities.

Review for subsequent events.
Accumulate final evidence.
Evaluate results.
Issue audit report.
Communicate with audit
committee and management.

13 - 22