Evaluating the Level of Planned

Substantive Tests
1. Assessment of control risks.
2. Auditors ensure assessment corresponds with planned level of
substantive tests, otherwise revision is necessary.
• Substantive procedures
- are performed to detect material misstatements at the
relevant assertion level
- include tests of details of classes of transactions, account
balances, and disclosures and substantive analytical procedures.
* The auditor should plan and perform substantive procedures to be
responsive to the related assessment of the risk of material misstatement.

Internal control and auditors’ substantive tests relationship:

As internal control is more effective ( lower control risk),

the auditor can perform less effective substantive tests ( higher detection risk)
 SITUATION COURSE OF ACTION

1. Final Control Risk < Planned Control Risk
( FCR < PCR)
2. Final Control Risk = Planned Control Risk
( FCR = PCR)
3. Final Control Risk > Planned Control Risk
( FCR > PCR)
• The auditor would reduce the
planned effectiveness of
substantive tests.
• The auditor would not modify
the planned effectiveness of
substantive tests.
• The auditor would need to
increase the planned
effectiveness of substantive
tests.
 Communication of Weakness
 If a control is NONEXISTENT: the transaction review should disclose the fact

If a significant control EXISTS BUT IS NOT FUNCTIONING: the test of controls
should discover it
 ABSENCE of explicit control: makes the system of underlying data weak

• Weakness removes an auditor’s objective basis for maximum reliance on the

underlying data, thus an explicit response is called for.
PSA 260R&R : require that all material weakness noted during audit examination be
communicated to those charged with governance.
 : such communication should be made as soon as practical and would
ordinarily in writing.
* documentation of communication
 Documentation of Test of Controls
 After evaluation of results of test of controls and the assessment of control risk, auditor is
required to document the assessed level of control risk in all cases. *
• Documentation for the basis for control risk = only required when control risk < max. level
 information to be documented:
Fact that auditor tested the
Control policies relied Results of auditor’s tests of
operating effectiveness of
upon by auditor controls.
control policies

 Nature, extent & timing of tests of controls performed to support an assessment of control
below the maximum or at low level SHOULD be recorded in working papers.
* working papers should describe:
Documents
Tests performed Client personnel examined
Other evidences
interviewed & their obtained to
Observations significant responses Exceptions &
corroborate inquiries
made implication
 CONTROL TESTING: Cash in bank: Bank reconciliation ( Sample Audit Program for Control Testing)
NATURE TIMING EXTENT RESPONSIBILITY WP
SCH.
1. OBSERVE the client’s staff performing the bank Interim and December Audit assistant A12
reconciliation ensuring the that the appropriate staff final visits and June
perform the reconciliation, at the appropriate time, and reconciliati
that it is supervised as planned. ons
2. INSPECT evidence of performance of bank Final visit September Audit assistant A13
reconciliation by the client’s staff, ensuring that the and
person performing the reconciliation signed and dated October
it, that it was performed by the person proposed at the reconciliati
appropriate time and that the supervisor signed the ons
reconciliation as evidence of her review
3. INQUIRE as to the procedures that took place when Interim and All months Audit assistant A14
the persons performing and supervising the final visits
reconciliations were on leave or were ill. Ensure that
such persons are competent, do not have incompatible
duties and are fully aware of how the reconciliations are
to be performed and supervised.
4. CONCLUDE as to the effectiveness of operation of Final visit Audit Senior A17
this control procedure