College of Economics and Business Administration

Course : Principles of Auditing

Course Code : BSAC2104
CHAPTER 5: AUDIT EVIDENCE AND AUDIT PROCEDURE
Specialization: Accounting and Finance
Learning Outcomes

1. Describe the overall audit process, the concept of audit evidence, audit
risk and materiality, audit procedures required to meet the objectives,
and the concept of financial statement assertions.

2. Explain how an auditor assesses the risk of material misstatement and

plans an audit of financial statements.
 CONTENTS

1. Concept of Audit Evidence

2. Audit Planning and Risk Assessment
3. Concept of Audit Risk
4. Concept of Materiality
5. Relationship between Audit Risk, Materiality and Audit Evidence
6. Financial Statement Assertions
7. Audit Objectives and Audit Procedures
8. Types of Audit Test
 Concept of Audit Evidence
Audit Evidence
• Audit evidence refers to all the information (accounting data, documents, invoices, etc.) used by the auditor in arriving at the

conclusions on which the auditor’s opinion is based.

• The audit evidence provides grounds for believing that a particular thing is true or not by providing support for a fact or a point in

question. So, the evidences collected by the auditor must support the contents of the auditor’s report.
• Auditors are not expected to look at all the information that might exist in a company. They will often select samples of evidence to

test the accounting data.

Sufficient and Appropriate Audit Evidence:

• The appropriateness of audit evidence is the measure of the quality of it, that is, its relevance and its reliability in providing support

for the conclusions on which the auditor’s opinion is based.

• The sufficiency of audit evidence is the measure of the quantity of audit evidence. The quantity of audit evidence required is

affected by the auditor’s assessment of the risks of material misstatement and also by the quality of such audit evidence.
 Essential Qualities of Audit Evidence
1. Sufficient: The audit evidence are said to be sufficient when they are in adequate quantity. The audit evidence enables the

auditor to form an opinion on the financial information. Sufficient evidence can be obtained by test checking instead of 100%

checking.

2. Reliable: Evidences obtained by auditor are persuasive rather than conclusive in nature therefore evidence cannot be100%

reliable. The reliability of audit evidence depends upon:

a. Source: Evidence obtained within the organization is known as internal source and which is obtained from outside is known as external

(E.g.: confirmation from a third party). External sources of evidence are more reliable than internal sources.

b. Nature: Audit evidence can be verbal (explanation from client’s staff), visual (physical verification of stock) or documentary (bills

attached to vouchers).

3. Relevant: The obtained audit evidence must be relevant to the matter being checked. For e.g. the balance stock in hand to

be checked then the relevant evidence shall the physical verification.

Reliable Audit Evidence
External Audit evidence from external source is more reliable than that obtained from the
entity's records because it is from an independent source.

Direct Evidence obtained directly by auditors is more reliable than that obtained indirectly
or by inference.

Records Evidence obtained from the entity's records is more reliable when the related
control system operates effectively

Written Evidence in the form of documents (paper or electronic) or written representations

are more reliable than oral representations, since oral representations can be
retracted.
Originals Original documents are more reliable than photocopies or facsimiles, which can
easily be altered by the client.
 Techniques of Collecting Audit Evidence
1. Inspection: Inspection of tangible assets that are recorded in the accounting records. Inspecting the documentary
evidence like deed papers, certificates etc. relating to the audit whether in possession of the entity or the third parties.

2. Observation: This involves watching a procedure or process being performed by others. Like physical counting of
inventory, cash count etc.

3. Enquiry: This involves seeking information from client staff or external sources or third parties having knowledge about
a particular item or activity.

4. Confirmation: This is the process of obtaining a representation of information or of an existing condition directly from a
third-party such as:
a) confirmation from bank of actual bank balance.
b) confirmation of real accounts receivable balance from credit customers.
 Techniques of Collecting Audit Evidence
5. Recalculation: It involves checking of the arithmetical accuracy of source documents and accounting
records.

6. Analytical Review Procedures: Evaluating and comparing financial and/or non-financial data for
plausible relationships.
It also includes the investigation of identified fluctuations and relationships that are inconsistent
with other relevant information or deviate significantly from predicted amounts.
E.g.: Analysis of significant ratios and trends for investigating unusual fluctuation and items.

7. Reperformance/ Independent Execution: The auditor performs the procedures and controls that
were originally performed as part of entity’s internal control system.
 Audit Planning

• According to ISA 300 - Planning an Audit of Financial Statements, the auditor

should plan the audit work so that the audit will be performed in an effective
manner.

• Audit planning is very important and the auditors state in the auditor’s report
that they planned and performed their audit.

• Planning ensures that the risk of performing a poor-quality audit (and ultimately
giving an inappropriate audit opinion) is reduced to an acceptable level.
 Objectives of Audit Planning

 In modern-day auditing, auditors tend to follow a risk-based

approach, tailoring their work around the circumstances
surrounding the client.
 This approach should help the auditors:
• To identify the main risk areas early in the planning stage
• To base the audit plan around those risks
• To carry out an efficient audit that minimizes audit risk
and detection risk
 Benefits of Planning an
Audit
Audits are potentially complex, risky and expensive processes. Although firms have
internal manuals and standardized procedures, it is vital that engagements are
planned.

Benefits
• Devotes appropriate attention to important areas of the audit.
• Identifies and resolves potential problems on a timely basis.
• Organizes and manages the audit so that it is performed in an effective and
efficient manner.
• Selects team members with appropriate competencies.
• Directs and supervises the team and reviews their work.
 Understanding the entity and its environment

 According to ISA – 315, the Auditor is required to identify and assess the risks of
material misstatement through understanding the entity and its environment.
 Assuming the client has not previously used the audit firm before, a new set of
auditors can gain an initial understanding of the client by:
• Obtaining the latest set of financial statements and performing an analytical
review of those statements
• Requesting a meeting with the management and internal audit team of the client
to discuss key factors relevant to the audit
• Searching the internet for articles and reports on the client
• Requesting permission to meet the current auditors and review their audit files
 Understanding the entity and its environment -
Matters to consider

Matters to consider when obtaining an understanding of an entity include:

• Industry, regulatory and other external factors.

E.g.: market competition, financial reporting framework, general economic conditions, government policy,
company law
• Nature of the entity
E.g.: revenue streams, locations, key customers and suppliers
• Selection and application of accounting policies
E.g.: new reporting standards, changes in accounting policies
• Objectives, strategies and related business risks
E.g.: new products, expansion, use of IT
• Internal control system
E.g.: rules, procedures, process
 Understanding the entity and its environment -Assessing
the risks of material misstatements

• A thorough risk assessment is needed to help the auditor fully understand

the client, which is vital for an effective audit.
• Any unusual items or risks have to be identified early so that they could
be addressed in a timely manner and incorporated within audit programs.
• This will allow higher risk areas to be audited by more experienced staff.
• Ultimately, the auditor needs to perform a risk analysis to reduce the risk
of an inappropriate audit opinion being given.
• It will also help the auditor assess whether the client is a going concern.
 Concept of Audit Risk

Audit risk is the risk of the auditor providing an inappropriate opinion

on the financial statements, particularly when those financial statements

contain a material misstatement.

Audit risk has two elements:

1. Risk that the financial statements contain a material misstatement.

- dependent on the entity

(inherent risk and control risk)

2. Risk that the auditors will fail to detect any material misstatements.

- dependent on the auditor

(detection risk).
 Types of Audit Risk

1. Inherent Risk: The risk of a material misstatement in the financial statements arising due to error or omission as a result of factors other

than failure of internal controls.

Examples: Human error/intervention, complexity of transaction, collusion among employees, non-routine transactions, faulty

judgment (all leads to material misstatements).

2. Control Risk: The risk of a material misstatement that was caused due to lapse of internal controls are control risks. This type of risk

occurs because the entity’s existing internal control system has failed to prevent and correct the errors on a timely basis.

Examples: Poorly designed internal check for sales, absence of proper segregation of duties, no proper documentation and filing

systems.

3. Detection Risk: The risk that the auditors fail to detect a material misstatement in the financial statements.

Examples: Poor audit planning, wrong sample size selection, wrong audit procedures.
 Audit Risk Model

Audit Risk = Inherent risk x Control risk x Detection risk

• Audit risk may be considered as the product of the various risks which may be encountered in the performance of the audit.

• In order to keep the overall audit risk below acceptable limit, the auditor must assess the level of risk pertaining to each component of audit

risk.
Audit Risk Model
Audit Risk Model
 Concept of Materiality
• An accounting information is material if its misstatement (i.e., omission or erroneous statement) influences the economic decisions of users

taken on the basis of such information.

• The size and nature of the item determine its materiality.

• Materiality is judged by the auditor using his professional knowledge and experience since materiality of an item varies with circumstances.

• An auditor considers materiality in the following:

a) in each class of transactions

b) in individual account balances

c) at the overall financial information presented.

• Improper description of accounting policies and practices or non-compliance of legal and regulatory requirements or qualitative / quantitative

misstatements may be considered as material if they influence the decision of users.

 Relationship between Materiality and Audit Risk
 The auditor should consider materiality and its relationship with audit risk when conducting an audit. Materiality should be considered by the auditor

when:

a) Determining the nature, timing and extent of audit procedures;

b) Evaluating the effect of misstatements.

 An auditor as per his professional judgment establishes an acceptable materiality level to detect quantitatively material misstatements; both the

amount (quantity) and nature (quality) of misstatements need to be considered.

• Example: Improper description of an accounting policy when it is likely that a user of the financial statements would be misled by the

description.

 The auditor needs to consider the possibility of misstatements of relatively small amounts that, cumulatively, could have a material effect on the

financial information.

• Example: An error in a month-end (or other periodic) procedures could be an indication of a potential material misstatement if that error is

repeated each month or each period, as the case may be.

 Financial Statement Assertions

• Assertions simply means the act of stating, using and claiming something strongly.

• Assertions are representations by management that are expressed and contained in

financial statement components.

• In effect, by presenting financial statements, management is stating, either explicitly

or implicitly, certain things about the company’s financial position and operations.
 Financial Statement Assertions

1. Accuracy: All the information contained within the financial statements has been accurately recorded.

2. Existence/Occurrence: Reported assets and liabilities actually exist at the balance sheet date, and transactions reported in the

income statement actually occurred during the period covered by the financial statements.

3. Completeness: All transactions and accounts that should be included in the financial statements are included, or there are no

undisclosed assets, liabilities or transactions.

4. Rights and Obligations: The Company owns and has clear title to the assets, the liabilities are the obligations of the company,

and the company was actually a party to reported transactions.

5. Understandability: The information contained in the financial statements has been clearly presented with no intent to

confuse/unclear the financial results of the entity.

6. Valuation/Allocation: The assets and liabilities are valued properly, and the revenue and expenses are measured properly.

7. Presentation and Disclosure: The assets, liabilities, revenue and expenses are properly described and disclosed in the financial

statements.
 Audit Objectives

In obtaining audit evidence to support the financial statement assertions, the auditor develops specific audit objectives relating to each assertions. The

following audit objectives are discussed in detail as:

1. Validity: The validity objective is related to the existence and occurrence assertion and it ensures that all recorded transactions fairly represent

the economic events that actually occurred, are lawful in nature, and have been executed in accordance with management's general

authorization.

Example: Inventories included in the balance sheet physically exist or inventories represent items held for sale in the normal course of

business.

2. Completeness: Completeness related to completeness assertion and addresses whether all transactions are included in the account.

Example: Inventory quantities include all products, materials and supplies owned by the company that are in transit or stored outside

locations. Inventory listings are accurately compiled, and the totals are properly included in the inventory accounts.

3. Cutoff: The cutoff objective is also related to the completeness assertion and is concerned with whether the transactions included in the account

are recorded in the proper period.

4. Ownership: This audit objective is concerned with rights and obligation assertion and ensure whether the assets and liabilities belong to the

entity.

Example: Auditor may audit that recorded accounts receivable have been sold and therefore, no longer belong to the entity.
 Audit Objectives

5. Accuracy: Accuracy objective is related to valuation or allocation assertion and

addresses proper accumulation of transactions and amounts from journals and ledgers.
6. Valuation: The valuation objectives is related to valuation or allocation assertion
and is concerned with ensuring that the assets and liabilities shown in the balance sheet
are recorded in proper amount.
7. Classification: This objective ensures whether the transactions be included in the
correct account and that accounts have been properly presented in the financial
statements.
8. Disclosure: This objective relates to the presentation and disclosure assertion and is
concerned with ensuring that all required footnote disclosures are made.
Example: If accounts receivable are pledged as security for debt, such
information should be disclosed in the financial statements.
 Audit Procedures

 Audit procedures are used by auditors to determine the integrity of the financial reports and assertions made by their
clients.
 The specific audit procedures used will vary by client, depending on the nature of the business and the audit assertions
that the auditors need to validate/prove.
 Audit procedure takes into account:
1. The nature and materiality of the particular financial statement components (account balance or class of transactions).
2. The nature of the audit objective to be achieved.
3. The assessed level of control risk.
4. The relative risk of error or irregularities.
5. The kinds and competence of available evidence.
6. The expected efficiency and effectiveness of possible audit procedure.
 Types of Audit Tests

 An audit test is an audit procedure performed by either an external or internal auditor in order to assess the accuracy of various financial statement assertions.
 The two common types of such tests are:

1. Test of Controls and 2. Substantive Tests

1. Test of Controls: Test of control is conducted to examine:

• the effectiveness of the design of the internal control structure and
• the operating effectiveness of the policies/procedures and how they were applied

These tests reduce control risk.

The auditor may conduct two tests under test of control:

a) No Trial: This involves inquiries and observation of client personnel and routines to determine how internal control structures policies and

procedures are performed and who perform them. For example, he will see whether cash is handled by someone who does not record cash

transactions.

b) Documents Trial: This involves inspection of the documents to see whether an internal control structure policy or procedure, such as

approval or other checking was performed and who performed it as indicated by signatures and initials.
 Types of Audit Tests

2. Substantive Tests: These tests conducted to examine the validity and the propriety of accounting treatment of transactions and
balances or conversely, of errors or irregularities therein. These tests reduce detection risk. There are two general categories of substantive
tests:
(i) Analytical Procedures and (ii) Tests of details of transactions or balances

(i) Analytical Procedure: Analytical types of tests involve study and comparison of relationships among accounting data and related
information. They focus on the reasonableness of relationships and also identify unusual fluctuations for investigation.
For example, auditor might test the reasonableness of the revenue of a hotel by multiplying the average number of occupied rooms
by the standard room rate by the number of days in the period.
Analytical procedures are used for three purposes:
(a) To assist the auditor in planning other audit procedures.
(b) As a substantive test to obtain evidence about an assertion.
(c) As an overall review of financial information near the end of audit.
 Types of Audit Tests

2. Substantive Tests
(ii) Tests of Details
 This type of substantive test involves obtaining evidential matter on items (or details) included in an account
balance or class of transactions.

 Thus, tests of details are also referred to as follows:

(a) Tests of Transactions: These are the test of processing of individual transactions by inspection of the
documents and accounting records involved in processing.
For example: Tracing a sample of shipping documents to the sales journal to see whether shipments have
been recorded as sales.
(b) Tests of Balances: These are the tests applied directly to the details of balances in general ledger accounts.
For example: Confirming the balances of accounts in the accounts receivable subsidiary ledger with
individual customers.
References
• Available at:
https://www.icsi.edu/media/webmodules/publications/FULL%20FAA%20PDF.pdf
https://accounting-simplified.com/audit/risk-assessment/auditrisk.html
• https://www.caprep18.com/blog/download-ca-intermediate-study-material-8929
• Messier, WF, Jr. (2000 p114 to 119), “Auditing and Assurance Services A Systematic
Approach” Irwin McGraw-Hill Ibid (p159 – 167)
• ACCA Paper F8 Audit and Assurance Study Text, BPP Learning Media Ltd BPP House,
Aldine Place London W12 8AA
• F8 AA KAPLAN Study Text 2020-21
• https://opentuition.com/acca/aa/
 GLOSSARY OF TERMS
• Audit risk—Audit risk is the risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated.
• Assertions—Representations by management, explicit or otherwise, that are embodied in the financial statements
• Assurance engagement risk—The risk that the practitioner expresses an inappropriate conclusion when the subject matter information is materially misstated.
• Audit documentation—The record of audit procedures performed,3 relevant audit evidence obtained, and conclusions the auditor reached (terms such as “working papers” or
“workpapers” are also sometimes used).
• Audit evidence—All of the information used by the auditor in arriving at the conclusions on which the audit opinion is based. Audit evidence includes the information contained in
the accounting records underlying the financial statements and other information.
• Audit of financial statements—The objective of an audit of financial statements is to enable the auditor to express an opinion whether the financial statements are prepared, in
all material respects, in accordance with an applicable financial reporting framework.
• Accounting estimate—An approximation of the amount of an item in the absence of a precise means of measurement.
• Assertions—Representations by management, explicit or otherwise, that are embodied in the financial statements.
• Audit sampling—The application of audit procedures to less than 100% of items within an account balance or class of transactions such that all sampling units have a chance of
selection
• ACCOUNTING ESTIMATE An approximation of a monetary amount in the absence of a precise means of measurement.
• Audit file— One or more folders or other storage media, in physical or electronic form, containing the records that comprise the audit documentation for a specific engagement.
 GLOSSARY OF TERMS
• Confirmation—A specific type of inquiry that is the process of obtaining a representation of information or of an existing condition directly from a third
party.
• Control activities—Those policies and procedures that help ensure that management directives are carried out. Control activities are a component of
internal control.
• Control environment—Includes the governance and management functions and the attitudes, awareness and actions of those charged with governance
and management concerning the entity’s internal control and its importance in the entity. The control environment is a component of internal control.
• Entity’s risk assessment process—A component of internal control that is the entity’s process for identifying business risks relevant to financial
reporting objectives and deciding about actions to address those risks, and the results thereof.
• External confirmation—The process of obtaining and evaluating audit evidence through a direct communication from a third party in response to a
request for information about a particular item affecting assertions made by management in the financial statements.
• Entity’s risk assessment process—A component of internal control that is the entity’s process for identifying business risks relevant to financial
reporting objectives and deciding about actions to address those risks, and the results thereof
• Fair value—The amount for which an asset could be exchanged, or a liability settled, between knowledgeable, willing parties in an arm’s length
transaction.
• Inquiry—Inquiry consists of seeking information of knowledgeable persons, both financial and non-financial, throughout the entity or outside the entity.
• Inspection (as an audit procedure)—Examining records or documents, whether internal or external, or tangible assets.
 GLOSSARY OF TERMS

• Management—Comprises officers and others who also perform senior managerial functions. Management includes those charged with governance only in those

instances when they perform such functions.

• Management fraud—Fraud involving one or more members of management or those charged with governance.
• Management representations—Representations made by management to the auditor during the course of an audit, either unsolicited or in response to specific

inquiries.
• Material inconsistency—Exists when other information contradicts information contained in the audited financial statements. A material inconsistency may raise

doubt about the audit conclusions drawn from audit evidence previously obtained and, possibly, about the basis for the auditor’s opinion on the financial statements.
• Material misstatement of fact—Exists in other information when such information, not related to matters appearing in the audited financial statements, is

incorrectly stated or presented.

• Material weakness—A weakness in internal control that could have a material effect on the financial statements.
• Materiality—Information is material if its omission or misstatement could influence the economic decisions of users taken on the basis of the financial statements.

Materiality depends on the size of the item or error judged in the particular circumstances of its omission or misstatement. Thus, materiality provides a threshold or

cutoff point rather

• Misappropriation of assets—Involves the theft of an entity’s assets and is often perpetrated by employees in relatively small and immaterial amounts. However, it

can also involve management who are usually more capable of disguising or concealing misappropriations in ways that are difficult to detect.
• Misstatement—A misstatement of the financial statements that can arise from fraud or error (also see Fraud and Error).
GLOSSARY OF TERMS
• Confirmation—A specific type of inquiry that is the process of obtaining a representation of information or of
an existing condition directly from a third party.
• Substantive procedures—Audit procedures performed to detect material misstatements at the assertion
level; they include: (a) Tests of details of classes of transactions, account balances; and disclosures and (b)
Substantive analytical procedures.
• Inherent risk—Inherent risk is the susceptibility of an assertion to a misstatement, that could be material,
individually or when aggregated with other misstatements assuming that there were no related internal
controls.
• Control risk—Control risk is the risk that a misstatement that could occur in an assertion and that could be
material, individually or when aggregated with other misstatements, will not be prevented or detected and
corrected on a timely basis by the entity’s internal control.
• Detection risk is the risk that the auditor’s procedures will not detect a misstatement that exists in an
assertion that could be material, individually or when aggregated with other misstatements.
CONTACT INFORMATION:

Name of the Staff : Wijdan Salim

Office:: BS050
Email: bs187@utas.edu.om

VERSION
HISTORY
Version No Date Approved Changes incorporated

05 Sem. (I) 2023-2024 Update and Revision of PPT

35