Revision slides

• Chapter 8 – Audit risk assessment

• Chapter 9 – Materiality and audit evidence
• Chapter 10 – Test of controls
• Chapter 11 – Designing Substantive procedures
• Chapter 12 – Managing auditing data
• Chapter 13 – Completing the Audit
Chapter 9 - Learning objectives

After studying this presentation, you should be able to:

9.1define the concept of materiality and its relationship
with audit evidence
9.2describe alternative audit strategies
9.3indicate the factors that affect the sufficiency and
appropriateness of audit evidence
9.4describe the types and classifications of auditing
procedures that may be used in an audit.
Introduction
• Now that we have considered issues associated with accepting the
audit engagement, planning the audit and assessing risk, we will go
thru the nature of the investigation that an auditor undertakes to
arrive at an opinion as to the fairness of the financial statements.
• In this chapter, we look at the fundamental issues relating to the
audit process:
• the threshold of materiality that the auditor uses in identifying misstatements that
could materially affect the decisions and judgements of users relying on the financial
statements
• the considerations involved in choosing the appropriate audit strategy
• the types of evidence available to the auditor
• the procedures used by auditors in obtaining the different types of evidence.
LO 1: Materiality
• Define the concept of materiality and its relationship with audit
evidence.
• Materiality underlies the application of auditing standards and thus has
a pervasive effect in a financial statement audit.
• Auditors must consider materiality in planning the audit and evaluating
the extent of material misstatements.
• ASA 320 describes the concept of materiality as:
misstatements, including omissions, are considered to be
material if they, individually or in the aggregate, could
reasonably be expected to influence the economic decisions of
users taken on the basis of the financial report.
The concept of materiality

• The assessment of what is material is a matter of the

auditors’ professional judgment of the needs of the
reasonable person relying on the information.
• There is an inverse relationship between materiality and
audit risk.
• Where the auditor considers there is a higher risk of
misstatement, materiality will be set at a lower level.
Preliminary judgements about
materiality
• In planning an audit, the auditor should assess materiality
with the following considerations:
• The level of materiality for the financial report as a whole
• Determine performance materiality for the purposes of assessing
the risks of material misstatement and determining the nature,
timing and extent of further audit procedures.
• Include in the documentation the decisions and factors that have
been taken into account in arriving at the overall materiality and
the performance materiality levels
• Revise levels of materiality as audit progresses.
Materiality for the financial
report as a whole
• Auditor considers the following factors when choosing a
benchmark (ASA 320):
• Elements of the financial report
• If there is any items on which the attention of the users tends
to be focused
• Nature of the entity
• Entity’s ownership structure and way it is financed
• Relative volatility of the benchmark.
Quantitative considerations

• Auditor selects a base and applies a percentage to that

base
• Commonly used bases and materiality levels:
Materiality for particular classes of
transactions, account balances or disclosures

• Account balance materiality is the minimum misstatement

that can exist in an account balance for it to be considered
materially misstated
• Misstatement up to that level = tolerable misstatement
• Understatements may also be material
• Auditor must plan audit to detect misstatements that,
although immaterial individually, may be material to the
financial statements taken as a whole when aggregated
with misstatements in other account balances
The relationship between materiality
and audit evidence
• Materiality, like risk, is a key factor that affects an auditor’s
judgement about the sufficiency of audit evidence
• The lower the materiality level, the greater the amount of
evidence needed (inverse relationship)
• The larger or more significant an account balance, the greater
the amount of evidence needed (direct relationship)
• Uncorrected aggregated misstatements include:
• Specific misstatements identified by the auditor
• Projected errors.
LO:2 - Audit strategies
• Describe alternative audit strategies.
• The audit strategy taken is an important decision that
significantly affects the detailed work performed in the
audit.
• The interrelationship amongst evidence, materiality and
the components of audit risk affects the auditor’s decision
on the type of strategy chosen.
• If the auditor assesses that appropriate controls do not
exist or are likely to be ineffective, then a predominantly
substantive approach will be adopted.
Developing the audit strategy
• A more efficient audit can be performed if controls are
judged to be effective enough to enable a reduction in the
level of substantive procedures undertaken
• An audit strategy that relies on internal controls to
support the use of a reduced level of substantive
procedures is sometimes referred to as a lower assessed
level of control risk approach
• This is not a single strategy, but a range of strategies
determined by the relative effectiveness of applicable
control procedures (combined with assessments of
inherent risk and materiality)
Developing the audit strategy
• The auditor must make four separate decisions before
adopting such a strategy, and each decision (except the
first) must be supported by relevant evidence:
1. Is it cost-effective to adopt a lower assessed level
of control risk strategy?
2. Are control procedures effectively designed?
3. Are control procedures effectively operated?
4. Do the results of substantive procedures confirm
the assessment of control risk?
Effect of the assessment of effectiveness
of controls on substantive procedures
• Auditor may vary the nature, timing or extent of
substantive procedures to achieve the desired level of
audit risk:
• Depends on the assessment of effectiveness of internal controls.
• Nature of substantive procedures may vary between tests
of details and analytical procedures
• If high level of detection risk is tolerated, analytical
procedures may be sufficient:
• Analytical procedures preferred as less costly to perform.
• But, tests of details provides more persuasive evidence
The relationship between strategies
and transaction classes
• The rationale is that many internal controls focus on the
processing of a single type of transaction
• Double entry means that each transaction class affects two or
more account balances:

For example: sales transactions relate to accounts

receivable in the balance sheet and to
sales in the income statement
Learning objective 9.3
• Indicate the factors that affect the sufficiency and
appropriateness of audit evidence.
• Here we are going to look at the nature of audit evidence and
what is meant by the terms ‘sufficient’ and ‘appropriate’, and
also review the different types of corroborating information the
auditor might obtain.
• Therefore in order to arrive at the audit opinion, the objective of
the auditor is to obtain sufficient appropriate audit evidence
regarding the assessed risks of material misstatement, through
designing and implementing appropriate responses to those risks.
The nature of audit evidence
• Audit evidence means information used by the auditor in
arriving at the conclusions on which the opinion is based. It
consists of:
• underlying accounting data
• all corroborating information available to the auditor.
• Underlying accounting data includes:
• books of original entry
• general and subsidiary ledgers
• related accounting manuals
• also includes informal and memorandum records, such as
worksheets, calculations and reconciliations.
Appropriateness of audit
evidence
• Relevance means that evidence must be sufficient with
respect to each of the auditor’s objectives.
• The reliability of evidence is influenced by factors such as
the source and nature of the information, and its
timeliness and objectivity.
• The auditor is not expected or required to have an
absolute, certain or guaranteed basis for an opinion.
• In arriving at a professional judgement of reasonable
assurance, the auditor is guided by the persuasiveness of
the evidence.
18
Appropriateness of audit
evidence
• Given that professional judgment is involved, different
auditors will not always reach identical conclusions about
the quantity and quality of evidence needed to reach an
opinion on financial statements .
• Management is responsible for the financial statements
and is also in a position to control much of the
corroborating evidence and underlying accounting data
• Auditors use professional scepticism to achieve an appropriate
balance between distrusting management and placing complete
trust in the integrity of management.

19
LO # 4 - Auditing procedures
• Describe the types and classifications of auditing
procedures that may be used in an audit.

• Auditing procedures are methods and techniques used by the

auditor to gather and evaluate audit evidence.
• Each procedure has a particular advantage for obtaining evidence
for an assertion.

• In selecting a procedure, the auditor must take care to balance

the potential effectiveness of the procedure in meeting specific
objectives against the cost of performing the procedure.

20
 SUMMARY
• Materiality is considered at both the financial statement and account balance levels, and may be
expressed in either quantitative or non-quantitative financial statement terms. There is an inverse
relationship between materiality levels and the level of evidence needed.
• In conducting the audit, different strategies can be adopted. After understanding the entity and its
environment (including its internal control) in order to assess the risks of material misstatement,
the audit strategy can be developed. The two ends of the spectrum of audit strategies are the
predominantly substantive approach and combined approach (lower assessed level of control risk).
• The auditor achieves the overall objective of rendering an opinion on general purpose financial
reports by collecting and evaluating evidence relating to numerous specific audit objectives. These
objectives are derived from the management assertions contained in the components of the
financial statements. In performing the audit, the auditor exercises professional judgement in
selecting from a variety of auditing procedures and types of evidence to meet the numerous
specific audit objectives.
• The auditor also exercises judgement at the conclusion of the audit in evaluating whether sufficient
appropriate evidence has been obtained to afford a reasonable basis for the opinion on the
financial statements overall.
 Review Question
Control activities are detailed policies and procedures that
management establishes to help ensure that its directives are carried
out.
• List the four different categories of control activities and give an
example of each.
 Attempting the question
There are four categories of internal controls:
• information processing controls
• segregation of duties
• physical controls
• performance reviews.
• 
• Lets deal with the first one.
1. Information processing controls
• Definition - are used to check. accuracy, completeness, and authorization of transactions.
• Acceptable examples would include:
• general controls (organisational controls, systems development and maintenance controls, access
controls or data and procedural controls) or
• application controls (input controls, processing controls or output controls) that are specific to a
computerized system.
• 
 Attempting the question cont..
2. Segregation of duties
• Definition -  is a basic building block of sustainable risk management and internal
controls for a business. The principle of SOD is based on
shared responsibilities of a key process that disperses the critical functions of
that process to more than one person or department.
• Acceptable examples should adhere to the following principles:
• Responsibility for executing a transaction, recording the transaction and maintaining
custody of the assets resulting from the transaction should be assigned to different
people.
• The various steps involved in executing a transaction should be assigned to different
individuals or departments.
• Responsibility for certain accounting operations should be segregated.
 
 Attempting the question cont..
Physical controls
• Definition: -  is the implementation of security measures in a defined structure
used to deter or prevent unauthorized access to sensitive material.
• Acceptable examples would include:
• direct or indirect controls that physically limit access to assets and important records.
Performance reviews
• Definition - a formal assessment in which a manager evaluates an employee’s
work performance, identifies strengths and weaknesses, offers feedback, and
sets goals for future performance.
• Acceptable examples include:
• management reviewing reports, considering actual performance compared to expected or past
performance, or
• analyzing the relationships of different sets of data.