@4 Auditing and Assurance Services - WSU

Auditing and Assurance Services Module Courses: Auditing Principles and Practices I& II
WOLAITA SODO UNIVERSITY

COLLEGE OF BUSINESS AND ECONOMICS
DEPARTMENT OF ACCOUNTING AND FINANCE
Module name: Auditing and Assurance Services

Courses included: Auditing Principles and Practices I (AcFn4061)
Auditing Principles and Practices II (AcFn4062)
Prepared by:
Mr. Mulatu Amare (Assistant Professor), Coordinator
Mr. Temesgen Tesfaye (Msc, Lecturer)
Megabit 2015E.C (March, 2023)

Wolaita Soddo, Ethiopia
WSU CoBE department of Accounting & Finance Megabit 2015E.C i

Course Objectives & Core Competences to be acquired

After studying this course, the students should be able to:
 Describe the nature of an audit and explain the economic and legal basis for
auditing.
 The auditor's legal liability to clients and third parties.
 Explain how materiality and various risk assessments impact the audit program.
 Determine the audit procedure needed to audit any assertion.
 Explain why auditors use sampling and apply audit-sampling techniques for evidence
acquisition and evaluation.
 Identify and assess risks of material misstatement at both the assertion and overall
financial statement levels and respond to identified risks by designing and
implementing tests of controls & substantive tests for a variety of financial statement
elements.
 Apply the concepts of audit planning, risk assessment, and obtaining an
understanding of the internal control structure to the sales and collection cycle, the
acquisition and payments cycle, the human resources and payroll cycle, the
inventory and distribution cycle and the capital acquisition and repayment cycles.
 Complete the audit and describe the procedures required for completing the audit,
including reviews for contingent liabilities and subsequent events.
 Recognize the major effects of computerization of accounting systems on a
company's operations and on the audit approach and explain the use of computer-
assisted audit techniques (CAAT).
WSU CoBE department of Accounting & Finance Megabit 2015E.C i

Table of Contents
CHAPTER ONE ........................................................................................................................................... 1
THE NATURE, PURPOSE, SCOPE OF AUDIT AND ASSURANCE SERVICES .................................. 1
1.1. Meaning of Audit ............................................................................................................................... 1
1.2. Assurance Services: Overview........................................................................................................... 1
1.3.Why Audits are Conducted ................................................................................................................. 2
1.4. Types of Audit and Auditors.............................................................................................................. 3
CHAPTER TWO .......................................................................................................................................... 7
THE AUDITING PROFESSION ................................................................................................................. 7
2.1.The Regulatory Framework of Governing Auditing ........................................................................... 7
2.2.International Standards on Auditing (ISA) ......................................................................................... 8
2.3.Professional Ethics: Fundamental Principles, Threats and Safeguards............................................... 9
2.4.Legal Liability of Auditors ............................................................................................................... 12
CHAPTER THREE .................................................................................................................................... 14
MATERIALITY AND RISK ASSESSMENT ........................................................................................... 14
3.1. Audit Risk ........................................................................................................................................ 14
3.2.Materiality ......................................................................................................................................... 15
CHAPTER FOUR....................................................................................................................................... 20
CLIENT ACCEPTANCE AND PLANNING THE AUDIT ...................................................................... 20
4.1Client Acceptance and Continuance .................................................................................................. 20
4.2. Planning the Audit ........................................................................................................................... 20
4.3Appointment, Remuneration, and Removal of Auditors ................................................................... 21
CHAPTER FIVE ........................................................................................................................................ 23
AUDIT RESPONSIBILITY, OBJECTIVES, EVIDENCE AND RECORDING ...................................... 23
5.1Audit Responsibility .......................................................................................................................... 23
5.2Management Assertions ..................................................................................................................... 24
5.3Audit Objectives ................................................................................................................................ 24
5.4Auditing principles............................................................................................................................. 26
5.5Audit standards .................................................................................................................................. 26
5.6Audit Evidence................................................................................................................................... 28
5.7Audit Documentation ......................................................................................................................... 29
CHAPTER SIX ........................................................................................................................................... 30
INTERNAL CONTROL ............................................................................................................................. 30
6.1Meaning and Objectives of internal controls ..................................................................................... 30
6.2The Basic Elements of internal controls ............................................................................................ 31
6.3Inherent Limitations ........................................................................................................................... 32
WSU CoBE department of Accounting & Finance Megabit 2015E.C ii

CHAPTER SEVEN .................................................................................................................................... 36

AUDIT REPORT ........................................................................................................................................ 36
7.1Types of Audit Reports .......................................................................................................................... 36
7.2Basic Contents of a Standard Audit Report ....................................................................................... 38
CHAPTER EIGHT ..................................................................................................................................... 41
AUDIT SAMPLING AND TESTING ....................................................................................................... 41
8.1Audit Sampling Concepts .................................................................................................................. 41
8.2Audit Test........................................................................................................................................... 44
8.3Audit Test of Controls ....................................................................................................................... 45
8.3 Audit Test Of Control Vs. Substantive Audit Procedure .................................................................. 47
CHAPTER NINE ........................................................................................................................................ 50
AUDIT OF SALES AND COLLECTION CYCLE ................................................................................... 50
9.2Internal Control for Sales ................................................................................................................... 52
9.3Tests of Controls & Substantive Tests ofTransactions .......................................................................... 52
CHAPTER TEN.......................................................................................................................................... 58
AUDIT OF PAYROLL AND PERSONNEL CYCLE ............................................................................... 58
10.1 Overview of the cycle ..................................................................................................................... 58
10.2Internal control system ..................................................................................................................... 58
CHAPTER ELEVEN .................................................................................................................................. 67
AUDIT OF ACQUISITION AND PAYMENT CYCLE ........................................................................... 67
11.1 Overview of the cycle ..................................................................................................................... 67
11.2The Audit of Property, Plant and Equipment ................................................................................... 67
CHAPTER TWELVE ................................................................................................................................. 78
AUDIT OF INVENTORY AND WAREHOUSE CYCLE ........................................................................ 78
12.1Nature of inventory .......................................................................................................................... 78
12.2 Control activities and Tests of Controls .......................................................................................... 79
12.3 Auditing Cost accounting................................................................................................................ 80
12.2Observing physical inventory .......................................................................................................... 81
CHAPTER THRTEEN ............................................................................................................................... 86
AUDIT OF THE CAPITAL AND REPAYMENT CYCLE ...................................................................... 86
13.1Overview of the cycle ...................................................................................................................... 86
13.2Key Internal Control ........................................................................................................................ 87
13.3Auditing Long-term debt ................................................................................................................. 88
13.4Auditing Capital stock ..................................................................................................................... 89
13.5Auditing Dividends .......................................................................................................................... 90
13.6Auditing Retained Earnings ............................................................................................................. 91
WSU CoBE department of Accounting & Finance Megabit 2015E.C iii

CHAPTER FOURTEEN ............................................................................................................................ 94

AUDIT OF CASH BALANCES ................................................................................................................ 94
14. 1Cash in the Bank and transaction Cycles ........................................................................................ 95
14.2Audit of the General Cash Account ................................................................................................. 95
CHAPTER FIFTEEN ............................................................................................................................... 104
COMPLETING THE AUDIT ................................................................................................................... 104
15.1Review of Contingent Liabilities and Commitments ..................................................................... 104
15.1 Review of Subsequent Events ....................................................................................................... 105
15.2Communication with the Audit Committee and Management....................................................... 106
15.2Management Letter ........................................................................................................................ 107
CHAPTER SIXTEEN ............................................................................................................................... 111
AUDITING COMPUTERIZED ACCOUNTING SYSTEMS: AN OVERVIEW ................................... 111
16.1Impact of Information Technology on the Audit Process .............................................................. 111
16.2Controls in a computerized environment ....................................................................................... 112
16.2Computer assisted techniques (CAATS) in gathering audit evidence ........................................... 113
Text and reference books .......................................................................................................................... 120
WSU CoBE department of Accounting & Finance Megabit 2015E.C iv

CHAPTER ONE
THE NATURE, PURPOSE, SCOPE OF AUDIT AND ASSURANCE SERVICES

1.1. Meaning of Audit
Auditing is the accumulation and evaluation of evidence about information to determine and
report on the degree of correspondence between the information and established criteria.
Auditing should be done by a competent and independent person.
Auditing enable the auditor to express opinion whether the financial statements are prepared, in
all material respects, in accordance with an identified financial reporting framework. This
framework (criterion) might be generally accepted accounting principles (GAAP), or the
national standard of a particular country.
Financial statements include balance sheet, income statement, statement of cash flow, notes and
explanatory material that are identified as being part of financial statements.
The phrases used to express the auditor’s opinion are that the financial statements ‘give a trued
and fair view’ or ‘present fairly in all material respective’.
Note that the auditor does not certify the financial statements or guarantee that the financial
statements are correct, he reports that in his opinion they give a ‘true and fair view’, or present
fairly’ the financial position.
1.2. Assurance Services: Overview

Assurance services are an independent examination of a company’s processes and controls.
Assurance aims to reduce information risk by improving the quality or context of the
information. Accounting professionals are qualified independent practitioners who can perform
such services. Reducing risk allows intended users to refrain from making impaired decisions.
Thus, assurance improves decision-making for users, such as investors and analysts.
Assurance focuses on analyzing the processes, controls, and operations of an organization. It

looks to determine whether the business is operating with appropriate accuracy. For example, a
WSU CoBE department of Accounting & Finance Megabit 2015E.C 1
CPA will be hired to provide an assessment of a business’s procedures surrounding the

preparation of their accounting and/or financial records.
1.3. Why Audits are conducted

There is a need for auditing when ownership is separated from control. At a practical level, it
helps prevent or detect misstatements-errors or fraud. It may prevent or detect misstatements on
the part of (1) the employees who actually handle the money, or (2) management. Auditing is
needed to enhance the credibility of financial information prepared by an entity. The
independent audit requirement fulfills the need to ensure that those financial statements are
objective, free from bias and manipulation and relevant to the needs of users.
An audit determines whether an organization is providing a true and fair view of its financial
performance and position, which on its own is something any organization wants to achieve.
Audit is an important term used in accounting that describes the examination and verification of
a company’s financial records. It is to ensure that financial information is represented fairly and
accurately.
Also, audits are performed to ensure that financial statements are prepared in accordance with
the relevant accounting standards. The three primary financial statements are: Income
statement, balance sheet and cash flow statement. Financial statements are prepared internally
by management utilizing relevant accounting standards, such as International Financial
Reporting Standards (IFRS) or Generally Accepted Accounting Principles (GAAP). They are
developed to provide useful information to shareholders, creditors, government entities,
customers, suppliers, partners, etc.
Financial statements capture the operating, investing, and financing activities of a company
through various recorded transactions. Because the financial statements are developed
internally, there is a high risk of fraudulent behavior by the preparers of the statements. Without
proper regulations and standards, preparers can easily misrepresent their financial positioning to
make the company appear more profitable or successful than they actually are. Auditing is
crucial to ensure that companies represent their financial positioning fairly and accurately and
in accordance with accounting standards.

Check Your Progress Exercise – 1

Why auditors cannot provide absolute assurance?
……………………………………………………………………………………………………
……………………………………………………………………………………………………
…………………………………………………………………………………………….
1.4. Types of Audit and Auditors

The three primary types of audits include compliance audits, operational audits, and
financial statement audits. Although all audits involve an investigation of supporting
information, each type of audit has a different purpose. Compliance audits determine whether
the company has complied with regulations and policies established by contractual agreements,
governmental agencies, company management, or other high authority. Operational audits
assess operating policies and procedures for efficiency and effectiveness. Financial statement
audits determine whether the company has prepared and presented its financial statements
fairly, and in accordance with established financial accounting criteria.
The four types of auditors are external, internal, forensic and government. All are professionals
who use specialized knowledge to prepare specific types of audit reports.
An external auditor is a third-party consultant who independently reviews a company's

financial records, including purchasing records, payroll, accounts payable and receivable,
expense reports, inventory and tax payments. External auditors look for financial misstatements
resulting from errors, fraud or embezzlement. Because they are hired by a company and not
employed by it, they have no stake in the outcome of the audit and can, therefore, examine
records without bias.
Internal auditors perform the same functions as external auditors except that they are
employees of the company they are auditing. Internal auditors are important to a company's
decision-making process, as they look at aspects of the business such as risk management,
corporate governance, organizational objectives, operational efficiency and compliance.
Internal auditors identify and help rectify problems before an external audit.

Forensic auditors perform audits with the understanding that their findings will be used in a
court of law for a trial or some form of mediation. Forensic audits are used to investigate fraud,
embezzlement or other financial crimes. A forensic auditor may be called upon to testify during
trial proceedings. Forensic audits are usually conducted by Certified Fraud Examiners (CFEs)
or accountants who specialize in the field of forensic accounting. Forensic auditors may also be
involved in audits that do not involve financial fraud, including divorces, business closures and
bankruptcy filings.
Government auditors perform audits of government agencies and of private businesses and
individuals engaged in activities that are subject to government regulations. Government
auditors perform financial audits as well as compliance audits.
In Ethiopia audits seem to be done primary on account of government regulation. For example,
NGOS are audited because the assets of the NGOS are deemed a “national asset,” the use of
which is ultimately accountable to the government of Ethiopia.
Auditing in Ethiopia could be viewed in five main areas.

1. The office of the auditor general (OAG)
The powers and functions of the office of the OG are circumscribed through the proclamations
that established it, its sphere of activity lies in government audit.
2. The audit service corporation.
The duty and functions of this entity involve mostly commercial audits of commercial and
productive enterprises wholly or partially owned by government.
3. Private audit firms.
4. Ministry of finance audit and inspection.
Auditing activity in this area includes audit of ministries and government departments by MF
auditors and inspectors, including tax audit by Inland Revenue authorities.
5. State corporations’ and enterprises’ auditors.
These are audits performed by internal auditors within enterprise.
Check you Progress Exercise – 2

What is the contribution of internal auditor in the audit of annual financial statements?
……………………………………………………………………………………………………
……………………………………………………………………………………………………
…………………………………………………………………………………………….
Part I. Short Answer

(a) Give a definition of an audit, and explain the basic features of auditing.
(b) What is the principal use and significance of auditing to users of financial statements?
Part II. Multiple Choices
1. How does an independent audit aid in the communication of economic data?
a) It confirms the accuracy management’s financial representations.
b) It lends credibility to the financial statements.
c) It guarantees that financial data are fairly presented.
d) It assures the readers of financial statements that any fraudulent activity has been
corrected.
2. What is the essence of the external audit function?
a) To detect fraud
b) To examine individual transactions so that the auditor may certify their validity.
c) To determine whether the client’s financial statements are fairly stated.
d) To assure the consistent application of correct accounting procedures.
3. Primary purpose of an operational audit is to provide:
a) Means of assurance that internal control structure is functioning as planned.
b) A measure of management performance in meeting organizational goals.
c) The results of internal audits of financial and accounting matters to a company’s top-level
management.
d) Aid to the independent auditor who is conducting the audit of the financial statements.
4. Compared to the eternal auditor, what is more likely to concern an intern auditor?
a) Fairness of the financial statements c) Management policies and procedures
b) Cost accounting procedures d) generally accepted accounting principles.

5. Which of the following criteria is unique to the auditor’s function?

a) General competence
b) Familiarity with the particular industry of which the client is a part.
c) Due professional care d) Independence

CHAPTER TWO
THE AUDITING PROFESSION

Introduction
Standards are established to measure the quality and performance of individuals and
organizations. Standards relating to the auditing profession concern themselves both with the
CPA’s professional qualities and with the judgment exercised by CPA’s in the performance of
their professional engagement. Our purpose in this topic is to make clear the nature of generally
accepted auditing standards (GAAS). In our discussion of GAAS, we consider mainly on the
nature of the independent auditor’s report.
2.1.The Regulatory Framework of Governing Auditing

The regulatory framework of auditing consists of rules and regulations that fall under the
scope of national legislation, quoted companies and also corporate governance. Auditors,
both internal and external, must be aware of the regulatory framework for auditing applicable to
the industry of their client because a key objective of any organization will be to comply with
appropriate regulations. They should also keep abreast of any change that occurs as it could
influence the role and performance of the audit. Basically, the regulatory framework that
surrounds the auditing profession includes both national and international regulations.
a) National Level:
 National Legislation: Generally, most companies are not permitted to operate unless
they are incorporated under national legislation. The legislation sets out the rules
and regulations.
 Regulations affecting all organizations: There are specific regulations that
govern the operations of particular business activities, for example, those
industry in which the organization operates.

b) International Level
 International regulation also plays a major role in regulating the audit function. It
sets the standards and requirements for auditors and provides guidance for countries

that do not have a well-established national regulatory framework. This contributes

to the recognition of professional accountancy qualifications among these countries.
2.2. International Standards on Auditing (ISA)

International Standards on Auditing (ISA) refers to professional standards dealing with the
responsibilities of the independent auditor while conducting the financial audit of financial info.
These standards are issued by International Federation of Accountants (IFAC) through the
International Auditing and Assurance Standards Board (IAASB). The ISAs include requirements
and objectives along with application and other explanatory material. The auditor is obligatory to
have knowledge about the whole text of an ISA, counting its application and other explanatory
material, to be aware of the objectives and to apply the requirements aptly.
List of the Standards
The key standards issued by the ISA include:

 Respective responsibilities
 Audit planning
 Internal control
 Audit evidence
 Using work of other experts
 Audit conclusions and audit report
 Specialized areas
 Structure of ISAs
Every ISA is structured in individual sections as:
A) Introduction
Introductory material can include the purpose, scope, and subject matter of the ISA, as well as
the responsibilities of the auditor and others in context in which the ISA is established.
B) Objective
Every ISA consists of as clear statement about the objective of the auditor in the audit area

addressed by that ISA.

C) Definitions
For higher understanding of the ISAs, pertinent terms are delineated in each ISA.
D) Requirements
Every objective is shored up by clearly stated requirements. Requirements are always expressed
by the phrase “the auditor shall.”
E) Application and other explanatory material
The application and other explanatory material explains more exactly what is meant by a
requirement or is intended to cover, or includes examples of procedures that can be appropriate
under certain circumstances.
Objectives of the ISA
The ISA objectives are two-fold:
 Analyzing the comparability of national accounting as well as auditing standards with

international standards, determine the degree with which applicable auditing and
accounting standards are complied, and analyze strengths and weaknesses of the
institutional framework in sustaining high-quality financial reporting.
 Assist the country in developing and implementing a country action plan for
improvement of institutional capacity with a view of strengthening the corporate financial
reporting system of the country.
2.3. Professional Ethics: Fundamental Principles, Threats and Safeguards

All recognized professions have developed codes of professional ethics. Professional ethics refer
to the basic principles of right action for the member of a profession. Professional ethics may be
regarded as a mixture of moral and practical concepts. Thus the professional ethics of an
accountant would signify his behavior towards his fellows in the profession and other
professions and towards members of the public.
The fundamental purpose of such codes is to provide members with guidelines for maintaining a
professional attitude and conducting themselves in a manner that will enhance the professional
stature of their discipline.

The AICPA code of professional conduct considers the following to be followed by auditors
(accountants) in the conduct of professional relations with others.
Integrity: - An accountant should be straightforward, honest and sincere in his approach to
his professional work.
Objectivity: - An accountant should be fair and should not allow bias to override his
objectivity. When reporting on financial statements, which come his review, he should
maintain an impartial attitude.
Independence: - When in public practice, an accountant should both be and appear to be
free of any interest which might be regarded, whatever its actual effect, as being
incompatible with integrity and objectivity.
Confidentiality: - A professional accountant should respect the confidentiality of
information acquired in the course of his work and should not disclose any such
information to a third party without specific authority or unless there is a legal or
professional duty to disclose.
Technical standards: - An accountant should carry out his professional work in accordance
with the technical and professional standards relevant to that work.
Professional competence: - An accountant has a duty to maintain his level of competence
throughout his professional career. He should only undertake works, which he or his firm
can expect to complete with professional competence.
Ethical behavior: - An accountant should conduct himself with a good reputation of the
profession and refrain from any conduct, which might bring discredit to the profession.
Contingent fess: - The AICPA code of professional conduct prohibits a CPA firm from
rendering any professional services on a contingent fee basis.
Responsibilities to colleagues: - The auditor should promote cooperation and good
relations with other members of the profession.
Advertising: - The advertising should not be false or misleading,” should not contravene
“professional good taste,” should not make “unfavorable reflection on the competence or
integrity of the profession,” and should not” involve a statement the contents of which”
cannot be substantiated.

Ethical conflict
An ethical conflict (also known as an ethical dilemma) is when two ethical principles demand
opposite results in the same situation. In order to resolve the conflict a choice must be made that
by definition will leave at least one of the ethical principles compromised.
A key reason behind many ethical conflicts is a conflict of interest between taking decisions in
one’s own self-interest versus making decisions in the best interest of a client. For example an
auditor has a moral obligation to earn money to feed, clothe and house his family. To purely
satisfy this obligation they may take decisions that are not in the best interest of a client – for
example reducing the extent of audit work and using more junior staff to save money on costs
and generate bigger profits for the audit firm. However, the reduction in audit work and use of
more junior staff would mean that the auditor has not complied with audit standards nor
delivered the statutory audit that the client has paid for.
An ethical conflict may arise with confidential information that an accountant encounters, for
example on the discovery of a fraud. The defrauded party (which may for example be the client
company, an employee, a supplier, the shareholders or perhaps a bank) has suffered in some way
and the auditor is aware of this. The auditor’s primary responsibility is to provide an opinion on
whether the financial statements provide a true and fair view not to report fraud to the plaintiff -
it is normally the choice of the company how to proceed (unless crimes such as terrorism or
money laundering are involved).
With both of the above examples numerous different courses of action could be justified using
the theories you have encountered previously. However, professional codes of ethics are
employed in the accountancy profession in order to establish consistent behaviour and a robust
ethical conflict resolution process.
Rules-based and principles-based approaches to ethical conflicts
When accountants are faced with an ethical conflict they need to know what to do. If there is a
threat to their compliance with the fundamental principles of the ethical code, how should they

ensure their compliance and deal with the threat? There are two possible approaches that the
professional accountancy bodies could take, a rules based approach and a principles-based
approach.
i) A rules-based approach is to identify each possible ethical problem or ethical dilemma
that could arise in the work of an accountant, and specify what the accountant must do in
each situation.
ii) A principles-based approach is to specify the principles that should be applied when
trying to resolve an ethical problem, offer some general guidelines, but leave it to the
judgment of the accountant to apply the principles sensibly in each particular situation.

1. What is the basic purpose of a code of ethics for a profession?
……………………………………………………………………………………………………
……………………………………………………………………………………………………
2. Who makes the ultimate decision as to whether or not auditors maintain an appearance of
independence from their audit clients?
a) Auditors b) Client c) Audit committee d) Public
3. In which of the following situations would a CPA firm be in violation of the rules of
professional code of conduct in determining it fess?
a) A fee based on whether or not the auditor’s report leads to the approval of the client’s
application for a bank loan.
b) A fee to be established at a later date by the court due to the bankruptcy of the client.
c) A fee based on the nature of engagement rather than upon the actual time spent on the
engagement.
d) A fee based on the fee charged by the client’s former auditors.
2.4.Legal Liability of Auditors

Concerns about the legal liability of auditors continue to grow every day. Financial auditors are
highly important people because, ultimately, they are responsible for enhancing the reliability of
financial statements for external users. Like other professionals, they can face civil and criminal
liabilities in the performance of their duties.

Without independent and competent auditors, many fraud cases worldwide would’ve gone
unnoticed, notwithstanding all the other cases that are still undiscovered. One code of
professional conduct states that auditors must go about their business with due care. Due care is
the “prudent person” concept. Due care generally implies four things:
1. The auditor must possess the requisite skills to evaluate financial statements.
2. The auditor has a duty to employ such skill with reasonable care and diligence.
3. The auditor undertakes his task(s) with good faith and integrity but is not infallible.
4. The auditor may be liable for negligence, bad faith, or dishonesty, but not for mere errors in
judgment.
Sources of Legal Liability for an Auditor

1) Client: Breach of Contract. Auditors obtain an engagement letter and any breach of the
stated terms can be a valid reason for legal action by the company against the auditor.
2) Financial Statement Users: Negligence. The auditor has failed to use due care and has
failed to identify a material misstatement. By not identifying a material misstatement,
financial statement users are harmed, as they may rely on the published financials when
making an investment decision.
3) Government: Fraud, also known as Gross Negligence. The auditor has knowingly
issued an incorrect audit report. The government requires public company financial
statements to accurately reflect the company’s actual results. If an incorrect audit report
is issued, then this undermines the government’s duty to help protect investors.
1. A CPA firm will be liable for any fraudulent scheme it does not detect.
a) Trueb) False
2. A CPA firm will not be liable if it can show that it exercised the ordinary care and skill
of a reasonable man in the conduct of its own affairs.
a) Trueb) False

CHAPTER THREE
MATERIALITY AND RISK ASSESSMENT
3.1. Audit Risk

Audit risk is defined as ‘the risk that the auditor expresses an inappropriate audit opinion when
the financial statements are materially misstated. Audit risk is a function of the risks of material
misstatement and detection risk’. Hence, audit risk is made up of two components – risks of
material misstatement and detection risk.
Risk of material misstatement is defined as ‘the risk that the financial statements are
materially misstated prior to audit. This consists of two components... inherent risk ... control
risk.’
Inherent risk is ‘the susceptibility of an assertion about a class of transaction, account balance
or disclosure to a misstatement that could be material, either individually or when aggregated
with other misstatements, before consideration of any related controls.’
Control risk is ‘the risk that a misstatement that could occur in an assertion about a class of
transaction, account balance or disclosure and that could be material, either individually or
when aggregated with other misstatements, will not be prevented, or detected and corrected, on
a timely basis by the entity’s internal control.’
Detection risk is defined as ‘the risk that the procedures performed by the auditor to reduce
audit risk to an acceptably low level will not detect a misstatement that exists and that could be
material, either individually or when aggregated with other misstatements.’
Risk assessment procedures

SA 315 goes on to identify the following three risk assessment procedures:
a) Making inquiries of management and others within the entity

Auditors must have discussions with the client’s management about its objectives and
expectations, and its plans for achieving those goals.
b) Analytical procedures
Analytical procedures performed as risk assessment procedures should help the auditor in
identifying unusual transactions or positions. They may identify aspects of the entity of which
the auditor was unaware, and may assist in assessing the risks of material misstatement in order
to provide a basis for designing and implementing responses to the assessed risks.
c) Observation and inspection
Observation and inspection may also provide information about the entity and its environment.
Examples of such audit procedures can potentially cover a very broad area, including
observation or inspection of the entity’s operations, documents, and reports prepared by
management, and also of the entity’s premises and plant facilities.
3.2.Materiality
Materiality in auditing is defined as the magnitude of an omission or misstatement of
accounting information that, in the light of surrounding circumstances, makes it probable that
the judgment of a reasonable person relying on the information would have been changed or
influenced by the omission or misstatement.
The auditors’ responsibility is to determine whether financial statements are materially

misstated. If the auditor determines a material misstatement, he or she will bring it to the
client’s attention to correct. If the client refuses to correct the statements, a qualified or an
adverse opinion must be issued, depending on how material the misstatement is. Therefore,
auditors must have a thorough knowledge of the application of materiality. Materiality is
relative to the size and particular circumstances of individual companies.
In planning an audit, the auditor should assess materiality at the two levels:
a) Materiality at the Financial Statement Level
Financial statements are materially misstated when they contain errors or irregularities whose
effect, individually or in the aggregate, is important enough to prevent the statements from
being presented fairly following Accounting Standards.In this context, misstatements may result
from the misapplication of applicable Accounting Standards, departures from fact, or omissions

of the necessary information. The financial statement materiality at the financial statement level
enables auditors to determine which account balances to audit and how to evaluate the effects of
misstatements in financial information as a whole.In audit planning, the auditor should
recognize that there may be more than one level of materiality relating to the financial
statement. Each statement could have several levels.
For the income statement, materiality could be related to total revenues, operating profit, net
profit before tax, or net profit. For the statement of financial position, materiality could be
based on shareholders’ equity, assets, or liability class total.
b) Materiality at the Account Balance Level

Account balance materiality is the minimum misstatement in an account balance to be
considered materially misstated. Misstatement up to that level is known as a tolerable
misstatement. The concept of materiality at the account balance level should not be confused
with the term material account balance.
The latter term refers to the size of a recorded account balance, whereas the concept of
materiality pertains to the amount of misstatement that could affect a user’s decision. The
recorded balance of an account generally represents the upper limit on the amount by which an
account can be overstated.
In making judgments about materiality at the account balance level, the auditor must consider
the relationship between it and financial report materiality. This consideration should lead the
auditor to plan the audit to detect misstatements that may be immaterial individually but that
may be material to the financial report taken as a whole when aggregated with misstatements in
other account balances.
In making judgments about materiality at the account balance level, the auditor must consider
the relationship between it and financial statement materiality. This consideration should lead
the auditor to plan the audit to detect misstatements that may be immaterial individually but
that, when aggregated with misstatements in other account balances, may be material to the

financial statements taken as a whole

Part I. Choose the best answer
1. Enterprise risk management is the responsibility of: a
a) Company management c) The company’s insurance providers
b) The external auditors d) All of the above.
2. Failure to meet company objectives is a result of
a) Information risk b) Audit risk c) Business risk d) Inherent risk.
3. Auditing standards do not require auditors of financial statements to
a) Understand the nature of errors and frauds
b) Assess the risk of occurrence of errors and frauds
c) Design audits to provide reasonable assurance of detecting errors and frauds
d) Report all errors and frauds found to police authorities
4. If sales were overstated by recording a false credit sale at the end of the year, where could
you find the false “dangling debit”?
a) Inventory b) Cost of goods sold c) Bad debt expense d) Accounts receivable
5. One of the typical characteristics of management fraud is
a) Falsification of documents in order to misappropriate funds from an employer.
b) Victimization of investors through the use of materially misleading financial statements.
c) Illegal acts committed by management to evade laws and regulations.
d) Conversion of stolen inventory to cash deposited in a falsified bank account.
6. Which of the following circumstances would most likely cause an audit team to perform
extended procedures?
a) Supporting documents are produced when requested.
b) The client made several large adjustments at or near year-end.
c) Thecompanyhasrecentlyhiredanewchieffinancialofficerafterthepreviousoneretired.
d) The company maintains several different petty cash funds.
7. The likelihood that material misstatements may have entered the accounting system and not
been detected and corrected by the client’s internal control is referred to as
a) Inherent risk. b) Control risk. c) Detection risk. d) Risk of material misstatement.

8. If an auditor establishes a relatively high level for materiality, then the auditor will:
Enterprise risk management is the responsibility of:
a. Company management.
b. The external auditors.
c. The company’s insurance providers.
d. All of the above.
Failure to meet company objectives is a result of
a. Information risk.
b. Audit risk.
c.Business risk.
d.Inherent risk.
Auditing standards do not require auditors of financial statements to
a. Understand the nature of errors and frauds.
b. Assess the risk of occurrence of errors and frauds.
c. Design audits to provide reasonable assurance of detecting errors and frauds.
d. Report all errors and frauds found to police authorities.
If sales were overstated by recording a false credit sale at the end of the year, where could you
find the false
“dangling debit”?
a. Inventory.
b. Cost of goods sold.
c.Bad debt expense.
D.Accounts receivable.
One of the typical characteristics of management fraud is
a. Falsification of documents in order to misappropriate funds from an employer.
b. Victimization of investors through the use of materially misleading financial statements.
c.Illegal acts committed by management to evade laws and regulations.
d.Conversion of stolen inventory to cash deposited in a falsified bank account.
Which of the following circumstances would most likely cause an audit team to perform
extended procedures?
a. Supporting documents are produced when requested.

b. The client made several large adjustments at or near year-end.

c.Thecompanyhasrecentlyhiredanewchieffinancialofficerafterthepreviousoneretired.
d.The company maintains several different petty cash funds.
The likelihood that material misstatements may have entered the accounting system and not been
detected and
corrected by the client’s internal control is referred to as
a. Inherent risk.
b. Control risk.
c.Detection risk.
d.Risk of material misstatement.
a) Accumulate more evidence than if a lower level had been set.
b) Accumulate less evidence than if a lower level had been set.
c) Accumulate approximately the same evidence as would be the case were materiality
lower.
d) Accumulate an undetermined amount of evidence.
9. Why do auditors establish a preliminary judgment about materiality?
a) To determine the appropriate level of audit experience required for the work.
b) So that the client can know what records to make available to the auditor.
c) To plan the appropriate audit evidence to accumulate and develop an overall audit
strategy.
d) To finalize the assessment of control risk.
10. Auditors generally allocate the preliminary judgment about materiality to the:
a) Balance sheet only.
b) Income statement only.
c) Income statement and balance sheet.
d) Statement of cash flows.

CHAPTER FOUR
CLIENT ACCEPTANCE AND PLANNING THE AUDIT
4.1Client Acceptance and Continuance

A public accounting firm must use care in deciding which clients are acceptable. The firm’s legal
and professional responsibilities are such that clients who lack integrity or argue constantly about
the proper conduct of the audit and fees can cause more problems than they are worth. Some
public accounting firms may refuse clients in what they perceive to be high-risk industries (for
example, software technology) and may even discontinue auditing existing clients in those
industries. Some smaller public accounting firms will not do audits of publicly held clients
because of the complexity of regulatory filings and the potential litigation risk. If we relate this
to overall audit risk, an auditor is unlikely to accept a new client or continue serving an existing
client if overall acceptable audit risk is below the threshold the firm is willing to accept.
4.2. Planning the Audit

Generally accepted auditing standards require adequate planning. The purpose of planning is to
provide for effective conduct of the audit (CAS 300, par. 04), and there are three main reasons
why the auditor should plan engagements properly:
1) To enable the auditor to obtain sufficient appropriate audit evidence.
2) To help keep audit costs reasonable.
3) To avoid misunderstandings with the client.
Obtaining sufficient appropriate audit evidence is essential if the public accounting firm is to
minimize legal liability and maintain a good reputation in the professional community. Keeping
costs reasonable helps the firm remains competitive and retains its clients. Avoiding
misunderstandings with the client is important for good client relations and for facilitating
quality work at reasonable costs.
Initial audit planning, which is performed early in the engagement, involves the following steps:
1) The auditor decides whether to accept or continue doing the audit for the client. This

decision is typically made by an experienced auditor (usually a partner) who is in a position

to make important decisions.
2) The auditor conducts an independence threat analysis.
3) The auditor identifies the client’s reasons for the audit. This information is likely to affect
the remaining parts of the audit.
4) To avoid misunderstandings, the auditor obtains an understanding with the client about the
terms of the engagement. This is laid out in the engagement letter.
5) The auditor develops an overall audit strategy, including engagement staffing.
4.3Appointment, Remuneration, and Removal of Auditors

The Commercial Code of Federal Democratic Republic of Ethiopia set how auditors are
appointed, remunerated, and removed and also their responsibilities to third parties and the
clients. The following section deals with the appointment remuneration and revocation of
auditors especially those of auditors appointed to the public.
Article 368 Appointment of auditors
1) The general meeting of every company limited by shares shall elect one or more auditors
and one or more assistant auditors.
2) Shareholders representing not less than 20 % of the capital may appoint an auditor selected
by them.
3) Where there is more than one auditor, they may exercise their duties jointly or separately
4) A body corporate may act as auditor
Art. 369- Nomination and term of Appointment
1) Auditors shall be elected by the meeting of subscribers and thereafter by the annual general
meeting.
2) Auditors elected by the meeting of subscribers shall hold office until the first annual
meeting. Auditors elected at an annual general meeting hold office for three years.
3) When signing as auditor, an auditor shall add the name of the company whose accounts he

is auditing.
Art.370. Persons Not Competent
1) The following persons may not be elected as auditors.

a. Founders, contributors in kind, beneficiaries holding special benefits, directors of the
company or of one of its subscribers or of its holding companies.
b. Spouses or relatives by consanguinity of affinity to the fourth degree inclusive, of the
person mentioned in sub-art-(1) (a).
c. Person who receives from the persons mentioned in sub- art. (1) (a) a salary or
periodical remuneration in connection with duties other than those of an auditors.
2) Auditor may not be appointed directors or managers of the company which they audit, nor
of one of its subscribers or its or of its holding company with in three years from the date of
the termination of their functions.
3) Reports submitted by an auditor and adopted by the annual general meeting shall not, save
in the case of fraud, be invalid merely by reason of the fact that the provisions of this Article
have not been observed.
Art 372.Remuneration
1) The remuneration of auditors shall be fixed by the general meeting on their appointment.
2) Where the general meeting fails to agree on the remuneration of the auditors, the Ministry
of commerce and Industry may on the application of any interested party fix the
remuneration.
Art. 371. Revocation of the appointment of Auditors
A general meeting may at any time revoke the appointment of any auditor without prejudice to
any claim he/she may have for wrongful dismiss

CHAPTER FIVE
AUDIT RESPONSIBILITY, OBJECTIVES, EVIDENCE AND RECORDING
5.1Audit Responsibility
As part of an audit in accordance with ISAs, the auditor exercises professional judgment and
maintains professional careers throughout the audit and has the following responsibilities:
 Identifies and assesses the risks of material misstatement of the entity’s (or where relevant,
the consolidated) financial statements, whether due to fraud or error, designs and performs
audit procedures responsive to those risks, and obtains audit evidence that is sufficient and
appropriate to provide a basis for the auditor’s opinion.
 Obtains an understanding of internal control relevant to the audit in order to design audit
procedures that are appropriate in the circumstances, but not for the purpose of expressing
an opinion on the effectiveness of the entity’s (or where relevant, the group’s) internal
control.
 Evaluates the appropriateness of accounting policies used and the reasonableness of
accounting estimates and related disclosures made by the directors.
 Concludes on the appropriateness of the directors’ use of the going concern basis of
accounting and, based on the audit evidence obtained, whether a material uncertainty exists
related to events or conditions that may cast significant doubt on the entity’s (or where
relevant, the group’s) ability to continue as a going concern.
 Evaluates the overall presentation, structure and content of the financial statements,
including the disclosures, and whether the financial statements represent the underlying
transactions and events in a manner that achieves fair presentation (i.e gives a true and fair
view).
 Where the auditor is required to report on consolidated financial statements, obtains
sufficient appropriate audit evidence regarding the financial information of the entities or
business activities within the group to express an opinion on the consolidated financial
statements.

5.2Management Assertions
Management assertions, or in other words, financial statement assertions, are claims made by the
company’s management related to specific business aspects. Such claims include the
measurement, recognition, disclosure, and presentation of financial information about the
company’s statements.
The auditor must prove the management prepared assertions which can be confirmed. During an
internal audit, auditors pay attention to any detail to detect fraud, so it’s critical to prepare
financial statement assertions correctly to pass the auditors’ test.
Typically, financial statement assertions fall into the following three categories:
 Transaction-level assertions;
 Account balance assertions;
 Presentation & disclosure assertions.
Assertions have major differences, and accountants need to ensure everything is prepared
correctly.
5.3Audit Objectives
The objective of the ordinary examination of financial statements by the auditor is expression of
an opinion on the fairness of the financial statements. It is customary in the audit to identify
audit objectives for the audit in general and for each account reported in the financial statements.
These objectives are derived from management’s assertions.
The auditor’s objectives are closely related to management assertions. Audit objectives are
intended to provide a framework to help the auditor accumulate sufficient and competent
evidence required by the third standard of fieldwork and decide the proper evidence to
accumulate given the circumstances of the engagement.
A distinction must be made between general audit objectives and specific audit objectives for
each account balance. The general audit objectives discussed here are applicable to every
account balance but stated in broad terms. Specific audit objectives are applied to each account

balance on the financial statement.
The relevance of the audit evidence should be considered in relation to the general audit
objectives of statements. To achieve this objective the auditor needs to support the following
financial statement assertions (i.e. assertions by management embodied in the financial
statements).
1) Existence: - an asset or liability exists at a given date. Auditors spend a great deal of
time on this assertion confirming the existence of assets such as inventories, plant assets,
receivable, and cash. Clearly this is a fundamental assertion; no other assertion is
relevant if the asset or liability does not exist.
2) Completeness: - there are no unrecorded assets or liabilities, transaction or events.
3) Occurrence: - a transaction or event occurred during the relevant accounting period (i.e.
has correct cut-off been applied?).
4) Measurement: - a transaction or event is recorded at the proper amount and in the
correct period.
5) Ownership: - an asset pertains (i.e. belongs) to the entity.
6) Valuation: - the asset or liability is recorded at an appropriate carrying value.
7) Presentation and disclosure: - must be in accordance with the relevant legislation and
accounting standards (i.e. the applicable financial reporting framework).
After the general objectives are understood, specific objectives for each account balance on the
financial statements can be developed.
Check Your Progress Exercise-1

1. What are assertions and what are the seven classifications of assertions?
……………………………………………………………………………………………………
……………………………………………………………………………………………………
…………………………………………………………………………………………….

5.4Auditing principles
Auditing principles are generally, guidelines that help direct or chart goals and aims. Principles
are based on concepts or assumptions, and/or developed from particular observations. The
following are the basic principles:
1) Integrity, objectivity and independence. The auditor should be straightforward, honest,
and sincere in his approach to his professional work.
2) Confidentiality: - the audit should respect the confidentiality of information acquired in
the course of his work and should not disclose any such information to a third party
without specific authority unless there is legal or professional duty to disclose.
3) Skills and competence: - the audit should be performed and the reports prepared with
due professional care by persons who have adequate training, experience and competence
in auditing.
4) Documentation: - the auditor should document matters which are important in providing
evidence that the auditor was carried out with the basic principles.
5) Planning: - the auditor should plan his work to enable him to conduct an effective audit
in efficient and timely manner.
6) Audit evidence: - the auditor should obtain sufficient appropriate audit evidence through
the performance of compliance and substantive procedures to enable him to draw
conclusion there from and give opinion on the financial statements.
7) Accounting system and internal control: The auditor should gain or understanding of
the accounting system and related internal controls to determine the nature, extent, and
timing of audit procedures.
5.5Audit standards
Standards are authoritative rules for measuring the quality of performance. The existence of
generally accepted auditing standards is evidence that auditors are very concerned with the
maintenance of a uniformly high quality of audit work by all independent public accountants.

The GAAS are stated in their entirety as follows:

General standards
1) The examination is to be performed by a person or persons having adequate technical
training and proficiency as auditor.
2) In all matters relating to the assignment, an independence in mental attitude is to be
maintained by the auditor or auditors.
3) Due professional care is to be exercised in the performance of the examination and the
preparation of the report.
Standards of fieldwork
1) The work is to be adequately planned and assistants, if any, are to be properly
supervised.
2) The auditor should obtain a sufficient understanding of the internal control structure to
plan the audit and to determine the nature, extent and timing of tests to be performed.
3) Sufficient competent evidential matter is to be obtained through inspection, observation,
inquiries, and confirmation to afford a reasonable basis for an opinion regarding the
financial statements under examination.
Standards of reporting
1) The report shall state whether the financial statements are presented in accordance with
generally accepted accounting principles.
2) The report shall identify those circumstances in which such principles have not been
consistently observed in the current period in relation to the preceding period.
3) Informative disclosures in the financial statements are to be regarded as reasonably
adequate unless otherwise stated in the report.
4) The report shall either contain an expression of opinion regarding the financial
statements, taken as a whole, or an assertion to the effect than an opinion cannot be
expressed.
Keep in mind, however, that these standards represent the minimum requirements for all audit
engagements.

Check Your Progress Exercise -2

What three categories are GAAS divided into?
……………………………………………………………………………………………………
……………………………………………………………………………………………………
……………………………………………………………………………………………
5.6Audit Evidence
Auditing evidence is the information collected for review of a company's financial transactions,
internal control practices, and other items necessary for the certification of financial statements
by an auditor or certified public accountant (CPA).
Good auditing evidence can be measured by the extent of the following characteristics:
Sufficiency: Sufficiency takes into account whether or not the material provided is of an
adequate quantity that would allow auditors to make an accurate judgment. If an auditor was
given just one bank statement of a company, it would not be enough to make any
determinations on the financial standing of that company.
Reliability: Reliability seeks to determine whether or not the material can be trusted and
counted on for forming an opinion. Reliability typically factors from the source of the
information.
Source: The source of accounting evidence can be obtained directly from the company or
externally. Externally sourced information is generally regarded as more trustworthy and is
therefore preferred.
Nature: Nature refers to the type of information that is received. For example, the information
can be provided through legal documents, presentations, orally from employees, or through a
physical confirmation.

Check Your Progress Exercise - 3

1. Define audit evidence.
……………………………………………………………………………………………………
……………………………………………………………………………………………………
……………………………………………………………………………………………
5.7Audit Documentation
Audit documentation is the written record of the basis for the auditor's conclusions that provides
the support for the auditor's representations, whether those representations are contained in the
auditor's report or otherwise. Audit documentation also facilitates the planning, performance, and
supervision of the engagement, and is the basis for the review of the quality of the work because
it provides the reviewer with written documentation of the evidence supporting the auditor's
significant conclusions. Among other things, audit documentation includes records of the
planning and performance of the work, the procedures performed, evidence obtained, and
conclusions reached by the auditor. Audit documentation also may be referred to as work papers
or working papers.

CHAPTER SIX
INTERNAL CONTROL
6.1Meaning and Objectives of internal controls

Internal Control can be defined as a system designed, introduced and maintained by the
company’s management and top-level executives, to provide a substantial degree of assurance in
achieving business objective, while complying with the policies and laws, safeguarding the
assets, maintaining efficiency and effectiveness in regular operations and reliability of financial
statements.
Objectives of Internal Control System

 To ensure that the business transactions take place as per the general and specific
authorization of the management.
 To make sure that there is a sequential and systematic recording of every transaction, with
the accurate amount in their respective account and in the accounting period in which they
take place. It confirms that the financial statement fulfils the relevant statutory
requirements.
 To provide security to the company’s assets from unauthorised use. For this purpose,
physical security systems are used to provide protection such as security guards, anti-theft
devices, surveillance cameras, etc.
 To compare the assets in the record with that of the existing ones at regular intervals and
report to those charged with governance (TCWG), in case any difference is found.
 To evaluate the system of accounting for complete authorisation of the transactions.
 To review the working of the organization and the loopholes in the operations and take
necessary steps for its correction.
 To ensure there is the optimum utilization of the firm’s resources, i.e. men, material,
machine and money.
 To find out whether the financial statements are in alignment with the accounting concepts
and principles.

An ideal internal control system of an organization is one that ensures best possible utilization
of the resources, and that too for the intended use and helps to mitigate the risk involved in it
concerning the wastage of organization’s funds and other resources.
6.2The Basic Elements of internal controls

a) Control environment
The foundation of internal controls is the tone of your business at management level. Integrity
and ethical values, management philosophy and operating style, and assignment of authority
and responsibility fall under the control environment umbrella.
b) Risk assessment
Risk assessment is the evaluation of your business flow and exposure to risk. A number of risks
are present for all organizations on a daily basis. It’s essential to identify and analyze these risks
in order to prevent an adverse event from occurring. You should perform risk assessments
continuously.
c) Control activities
Control activities are the policies and procedures of your business. Activities include top-level
reviews, and segregation of duties. Establish new procedures and set up a perception of control
so that the flow of responsibilities and transactions is diversified among staff – as much as
possible.
d) Information and communication
This is the exchange of information within your business. Clear lines of communication
shouldn’t just flow from management to employees, but from employees to management so that
each member of the team can successfully carry out their responsibilities.
e) Monitoring
Monitoring is the process of assessing your internal control performance. The board should
evaluate management and supervisory activities, the budget and all other financial documents.
Recruit board members who are independent from the organization and have the financial
expertise to do so.

6.3Inherent Limitations
Inherent limitations are such features of audit that constrains the auditor to obtain absolute
assurance. It is because of these inherent limitations of audit the practitioner cannot assure the
users of financial statements that financial statements are absolutely free of (material)
misstatements. As a result of these limitations auditor is expected provide reasonable assurance
which is high level of assurance i.e. reasonably high but not touching the levels of absoluteness.
Inherent limitations cannot be completely eliminated but the effects of such limitations can be
reduced to an appropriate level. On auditor’s part, the effects of inherent limitations are reduced
by taking appropriate steps e.g. proper planning to conduct audit engagement especially the risk
prone areas, adequate supervision of junior members of audit team etc.
Inherent limitations of an audit does not arise due to any particular reason rather there are
several reasons that contribute and collectively restricts auditor in many different ways to limit
him only to reasonable assurance. Here is a list of some of the limitations auditor faces while
conducting audit engagement:

Part I. Choose the best answer
1. Which of the following is responsible for establishing a private company’s internal control?
a) Management
b) Auditors
c) Management and auditors
d) Committee of Sponsoring Organizations.
2. Which of the following is not one of the three primary objectives of effective internal
control?
a) Reliability of financial reporting
b) Efficiency and effectiveness of operations
c) Compliance with laws and regulations
d) Assurance of elimination of business risk.

3. The Public Company Accounting Oversight Board states that reasonable assurance allows
a) Small likelihood of ineffective internal controls
b) Remote likelihood that material misstatements will not be prevented or
detected by internal control
c) Likelihood that material misstatements will not be prevented or detected by internal
control
d) High likelihood that material misstatements will not be prevented or detected
by internal control.
4. Two key concepts that underlie management’s design and implementation of internal control
are:
a) Costs and materiality
b) Absolute assurance and costs
c) Inherent limitations and reasonable assurance
d) Collusion and materiality
5. Internal controls can never be considered as absolutely effective because:
a) Their effectiveness is limited by the competency and dependability of employees
b) Not all organizations have internal audit departments
c) Controls are designed to prevent and detect only material misstatements
d) Internal controls prevent separation of duties.
6. A major control available in a small company, which might not be feasible in a big company,
is:
a) A wider segregation of duties
b) A voucher system
c) Fewer transactions to process
d) The owner-manager’s personal interest and close relationship with personnel.
7. Which of the following is responsible for establishing internal controls for a public
company?
a) Management
b) The PCAOB
c) Management and auditors
d) Committee of Sponsoring Organizations.

8. An act of two or more employees to steal assets or misstate records is frequently referred to
as:
a) Collusion
b) A material weakness
c) A control deficiency
d) A significant deficiency
9. When the auditor attempts to understand the operation of the accounting system by tracing
afew transactions through the accounting system, the auditor is said to be:
a) Tracing
b) Vouching
c) Performing a walk-through
d) Testing controls.
10. Sarbanes-Oxley requires management to issue an internal control report that
includes twospecific items. Which of the following is one of these two requirements?
a) A statement that management is responsible for establishing and maintaining an adequate
internal control structure and procedures for financial reporting.
b) A statement thatmanagement and the board of directors are jointly responsible for
establishing and maintaining an adequate internal control structure and procedures for
financial reporting.
c) A statement that management, the board of directors, and the external auditors are jointly
responsible for establishing and maintaining an adequate internal control structure and
procedures for financial reporting.
d) A statement that the external auditors are solely responsible
11. Which of management’s concerns with respect to implementing internal controls is the
auditor primarily concerned?
a) Efficiency of operations
b) Reliability of financial reporting
c) Effectiveness of operations
d) Compliance with applicable laws and regulations.
12. Which of the following activities would be least likely to strengthen a company’s internal
control?

a) Separating accounting from other financial operations.

b) Maintaining insurance for fire and theft.
c) Fixing responsibility for the performance of employee duties.
d) Carefully selecting and training employees.
13. Management must disclose material weaknesses in internal control:
a) Whenever the weakness is deemed significant to a single class of transactions
b) Whenever the weakness is significant to overall financial reporting objectives
c) If the weakness exists at the end of the year
d) Only if the auditor identifies the weakness as significant
14. When auditing a private company, the auditor should obtain an understanding of internal
control sufficient to:
a) Provide reasonable protection against client fraud and defalcations by client employees
b) Assess control risk
c) Provide a basis for suggestions to the client for improving the accounting system
d) Provide a method for safeguarding assets, checking the accuracy and reliability of
accounting data, promoting operational efficiency, and encouraging adherence
to prescribed managerial policies
15. Internal controls can never be regarded as completely effective. Even if company
personnelcould design an ideal system, its effectiveness depends on the:
a) Adequacy of the computer system
b) Proper implementation by management
c) Ability of the internal audit staff to maintain it
d) Competency and dependability of the people using it

CHAPTER SEVEN
AUDIT REPORT
Introduction
An audit report is a written opinion of an auditor regarding an entity's financial statements. The
report is written in a standard format, as mandated by generally accepted auditing standards
(GAAS). GAAS requires or allows certain variations in the report, depending upon the
circumstances of the audit work in which the auditor engages.The audit report is usually the only
channel of communication between the shareholders of the company whose financial statements
have been subject to audit and the auditors. As such the report acts as a bridge taking the large
volume of information possessed by auditors and conveying it to the shareholders in a much
abbreviated form. In order to convey information in a succinct form, the audit report has become
an extremely formalized group of phrases, each of which has special significance.
7.1Types of Audit Reports
There are four types of audit reports:

A. Unqualified Opinion: Auditors most often give this type of report. It contains no adverse
comments or disclaimers about the audit process. A clean report indicates that the auditor is
satisfied with the findings.For convenient reference, the auditors’ standard (unqualified)
report is presented below.
Auditors’ report to the shareholders of XYZ
We have audited the accompanying balance sheet of the XYZ Company as of December 31, 19 x
1, and the related statements of income, retained earnings, and cash flows for the year then
ended. There financial statements are the responsibility of the company’s management. Our
responsibility is to express an opinion on those financial statements based on our audit.
We conducted an audit in accordance with generally accepted auditing standards. Those

standards require that we plan and perform an audit to obtain reasonable assurance whether the
financial statements are free of material misstatement. An audit includes examining, on a test
basis, evidence supporting the amounts and disclosures in the financial statements. An audit

also includes assessing the accounting policies used and significant estimates made by
management, as well as evaluating the overall financial statements presentation. We believe
that our audit provide a reasonable basis for our audit opinion.
In our opinion, the financial statements give a true and fair view of (or present fairly in all
material respects) the financial position of the company as of December 31, 19 x 1 and the
results of its operations and its cash flows for the year then ended in accordance with GAAP.
ABC Auditors
Date
Address
B. Qualified Opinion: Auditors use this type of report when they lack confidence in a specific
process or transaction uncovered in their findings. In the report, they state the reasons that
they cannot present an unqualified opinion. The auditors’ reports should have a separate
reservation paragraph disclosing the reasons for the qualification.
C. Adverse Opinion: When auditors are dissatisfied with their findings, they issue this type of
report. Adverse opinions raise a red flag that there is potential for fraud.
Example, an audit report that included an adverse opinion might have an opinion paragraph
such as the one as follows:
In our opinion, because of the effects of the matters discussed in the preceding paragraph, these
financial statements do not present fairly the financial positions of the company as at December
31, 19 x 1, and the results of its operations and cash flow position for the year then ended, in
accordance with generally accepted accounting principles.
D. Denial (Disclaimer) Opinion: Auditors make disclaimer reports when they feel that a
company limited their ability to conduct the audit or did not answer questions satisfactorily.
In such cases, auditors distance themselves from providing any opinions on financial
statements.


1. Identify the four basic types of opinions that an auditor may issue.
…………………………………………………………………………………………
…………………………………………………………………………………………
…………………………………………………………………………………………
………………………
2. What is meant by the term reservation?
…………………………………………………………………………………………
…………………………………………………………………………………………
…………………………………………………………………………………………
………………………
7.2Basic Contents of a Standard Audit Report

The audit report is the auditor’s formal means of communicating to interested parties a
conclusion about the audited financial statements. In issuing an audit report, the auditor must
meet the four generally accepted auditing standard of reporting.
A standard report is the most common report issued. It contains an unqualified opinion stating
that the financial statements present fairly in all material respects, the financial position, results
of operations and cash flows of the entity in conformity with generally accepted accounting
principles. An opinion on the basis of an audit performed in accordance with GAAS is called
the standard report.
Elements of audit report:

Because of its importance in a financial statement audit, a basic understanding of the form and,
the content of the standard report essential.
a) Title: The title indicates the nature of the report. The title should be like “Auditor’s report
or Branch auditor Report”.
b) Addressee: The auditor’s report should address the person to whom it is meant to be
followed. Generally, the audit report is submitted to the board of directors or stockholders of
an entity.
c) Opening or Introductory Paragraph: the introductory paragraph should identify types of

service performed, financial statements audited, dates of statements, management‘s

responsibility for statements,auditor’s responsibility for an opinion.
d) Scope Paragraph: the scope polygraph specifies the work performed by an auditor. The
scope paragraph should indicate that the auditor had planned and performed the audit to
obtain reasonable assurance whether financial statements are free from material
misstatement. Specifically, the scope paragraph describes the audit as including – assessing
accounting principles used and significant estimates made by management, evaluating
overall financial statements presentation.
e) Opinion Paragraph: the opinion paragraph of the report should state the auditor’s opinion
as to whether the financial statements give a true and fair view in conformity with financial
reporting framework and comply with the statutory disclosure requirements.
f) Signature: The report should be signed the personal name of the auditor or in the name of
the audit firm or both.
g) Date: The date of the report should be the date when the auditor has obtained sufficient
appropriate evidence to support the opinion. It should not be earlier than the date when
management approves the financial statements.

Part I. Select the best answer
1. The auditors’ report should be dated as of the date the:
a) Report is delivered to the client.
b) Examination is substantially completed.
c) Fiscal period under audit ends.
d) Review of the working papers is completed.
2. An auditor’s responsibility to express opinion on the financial statements is represented in
the:
a) Introductory paragraph.
b) Scope paragraph.
c) Opinion paragraph.
d) Explanatory paragraph.
3. Assume that the opinion paragraph of an auditor’s report begins as follows: “with the

foregoing explanation, these financial statements present fairly” This is:

a) An unqualified opinion.
b) A denial opinion.
c) An except for opinion.
d) Adverse opinion.
4. If a publicly held company issues financial reports that purport to present its financial
position and results of operation but omits the statement of cash flows, the auditor ordinarily
will express a(an)
a) Unqualified opinion c) Qualified opinion
b) Adverse opinion d) Disclaimer
5. What type of audit report (unqualified opinion, except for opinion, adverse opinion, denial of
opinion) should the auditors generally issue in each of the following situations? Explain.
a) Client imposed restriction limit very significantly the scope of the auditors’ procedures.
b) The auditors decide that it is necessary to make reference to their report of another public
accounting firm (the secondary auditors).
c) The auditors believe that the financial statements have been stated in conformity with
generally accepted accounting principles in all respects other than the treatment and
disclosure of a material uncertainty.

CHAPTER EIGHT
AUDIT SAMPLING AND TESTING
Introduction
Audit sampling is an investigative tool in which less than 100% of the total items within the
population of items are selected to be audited. It is an auditing technique that provides
supporting evidence that allows auditors to issue audit opinions without having to audit every
single item and transaction.
8.1Audit Sampling Concepts

Audit sampling is the use of an audit procedure on a selection of the items within an account
balance or class of transactions. The sampling method used should yield an equal probability that
each unit in the sample could be selected. The intent behind doing so is to evaluate some aspect
of the information. Audit sampling is needed when population sizes are large, since examining
the entire population would be highly inefficient.
Methods of sampling
ISA 530 recognizes that there are many methods of selecting a sample, but it considers five
principal methods of audit sampling as follows:
 Random selection
 Systematic selection
 Monetary unit sampling
 Haphazard selection, and
 Block selection.
a) Random selection
This method of sampling ensures that all items within a population stand an equal chance of
selection by the use of random number tables or random number generators. The sampling units
could be physical items, such as sales invoices or monetary units.
b) Systematic selection

The method divides the number of sampling units within a population into the sample size to
generate a sampling interval. The starting point for the sample can be generated randomly, but
ISA 530 recognizes that it is more likely to be ‘truly’ random if the uses of random number
generators or random number tables are used. Consider the following example:
Example 1
You are the auditor of Jones Co and are undertaking substantive testing on the sales for the year
ended 31 December 2010. You have established that the ‘source’ documentation that initiates a
sales transaction is the goods dispatch note and you have obtained details of the first and last
goods dispatched notes raised in the year to 31 December 2010, which are numbered 10,000 to
15,000 respectively.
The random number generator has suggested a start of 42 and the sample size is 50. You will
therefore start from goods dispatch note number (10,000 + 42) 10,042 and then sample every
100th goods dispatch note thereafter until your sample size reaches 50.
c) Monetary unit sampling

The method of sampling is a value-weighted selection whereby sample size, selection and
evaluation will result in a conclusion in monetary amounts. The objective of monetary unit
sampling (MUS) is to determine the accuracy of financial accounts. The steps involved in
monetary unit sampling are to:
 Determine a sample size
 Select the sample
 Perform the audit procedures
 Evaluate the results and arriving at a conclusion about the population.
MUS is based on attribute sampling techniques and is often used in tests of controls and
appropriate when each sample can be placed into one of two classifications – ‘exception’ or ‘no
exception’. It turns monetary amounts into units – for example, a receivable balance of $50
contains 50 sampling units. Monetary balances can also be subject to varying degrees of
exception – for example, a payables balance of $7,000 can be understated by $7, $70, $700 or
$7,000 and the auditor will clearly be interested in the larger misstatement.

d) Haphazard sampling
When the auditor uses this method of sampling, he does so without following a structured
technique. ISA 530 also recognizes that this method of sampling is not appropriate when using
statistical sampling (see further in the article). Care must be taken by the auditor when adopting
haphazard sampling to avoid any conscious bias or predictability. The objective of audit
sampling is to ensure that all items that make up a population stand an equal chance of selection.
This objective cannot be achieved if the auditor deliberately avoids items that are difficult to
locate or deliberately avoids certain items.
e) Block selection
This method of sampling involves selecting a block (or blocks) of contiguous items from within
a population. Block selection is rarely used in modern auditing merely because valid references
cannot be made beyond the period or block examined. In situations when the auditor uses block
selection as a sampling technique, many blocks should be selected to help minimize sampling
risk.
An example of block selection is where the auditor may examine all the remittances from
customers in the month of January. Similarly, the auditor may only examine remittance advices
that are numbered 300 to 340.
The above sampling methods can be summarized into statistical and non-statistical sampling as
follows:
Statistical sampling Non-statistical sampling

 Random sampling  Haphazard sampling
 Systematic sampling  Block selection
 Monetary unit sampling
Sampling risk
Sampling risk is the risk that the auditor’s conclusions based on a sample may be different from
the conclusion if the entire population were the subject of the same audit procedure.

ISA 530 recognizes that sampling risk can lead to two types of erroneous conclusion:
1. The auditor concludes that controls are operating effectively, when in fact they are not.
Insofar as substantive testing is concerned (which is primarily used to test for material
misstatement), the auditor may conclude that a material misstatement does not exist, when in
fact it does. These erroneous conclusions will more than likely lead to an incorrect opinion
being formed by the auditor.
2. The auditor concludes that controls are not operating effectively, when in fact they are. In
terms of substantive testing, the auditor may conclude that a material misstatement exists
when, in fact, it does not. In contrast to leading to an incorrect opinion, these errors of
conclusion will lead to additional work, which would otherwise be unnecessary leading to
audit inefficiency.
Non-sampling risk is the risk that the auditor forms the wrong conclusion, which is unrelated to
sampling risk. An example of such a situation would be where the auditor adopts inappropriate
audit procedures, or does not recognize a control deviation.
8.2Audit Test
An audit test is a set of control procedures or processes carried out by the auditors, being internal
or external, which involves taking a sample of a group of similar transactions to gauge the
accuracy and fairness with which the financial statements of an individual or an organization.
Such an audit is done before going ahead with the finalization of financial statements that will be
presented to the stakeholders. This audit process helps to understand whether the company’s
internal functions are strong enough to identify and prevent fraud related to the company’s
financial data. In case of errors, the sample size is expanded.
Key Takeaways
1. Audit test of control is the process where auditors examine and confirm the efficacy of a
company’s controls to record its financial transactions.
2. It tests the financial accounts and finds any errors, omissions, or significant inaccuracies. In
case some error is detected, the sample size is increased to get more clarity.

3. It focuses on the general ledgers’ ultimate balances, carried forward to the balance sheet, the
company’s financial picture for the general public.
4. A process used by auditors to determine the accuracy with which transactions are recorded
by performing an audit test on a sample of a similar group of transactions.
8.3Audit Test of Controls

Audit test of control is the method of testing whether the financial reporting process is efficient
enough to detect and avert any fraud. This will ensure the shareholders get a true and fair picture
of the company’s financial condition. It is a procedure adopted by an auditor to test a sample of a
similar group of transactions to conclude the fairness with which the transactions are recorded.
The main purpose of internal audit test of controls is to check and verify the level of
effectiveness of controls followed by an organization while recording its financial transactions. It
ensures that it tests and detects any error, omission, or material misstatements in the financial
statements
Once an auditorcarries out test of controls in audit, based on results, he may decide to further
take some samples for testing or rely on clients’ internal controls. However, this audit process is
extremely important fro any organization, to reduce material misstatement risks and misuse of
the same.
Internal audit test of controls involves undertaking tests in five ways to arrive at a wholesome
picture of the effectiveness of internal controls and whether there are any errors, omissions, or
material misstatements while preparing the organization’s financial statements. The list given
below will explain what are test of controls in auditing.
a) Risk Assessment:Undertaken to identify and understand risks, the company entails

considering the environment within which it operates.
b) Test of Control:It aims to test the effectiveness of internal controlscarried out by the
company. The auditor undertakes a detailed examination of controls.
c) Substantive Test – Transactions:The main aim of this test is to identify whether any fraud,

error, or material misstatement exists in the organization.

d) Substantive Test – Procedures: It is similar to the test discussed above; however, this one
aims at evaluating the financial statements by carrying out a detailed study of the
relationship of actually recorded amounts with the expected. It involves financial as well as
non-financial data.
e) Test of Balances:It focuses on the end balances of the general ledgers, which are eventually
carried forward to the balance sheet, which is the face of the company financials.
Advantages
 It helps an audit select a few samples from a large group of transactions. Thus, it reduces
the volume of work involved.
 Saves a lot of time;
 Eventually saves the workforce and labor employed.
 Saves on cost on account of lesser time involved and low workforce associated;
 From the auditors’ point of view, it will ensure more clients.
 Improves efficiency, as auditing similar voluminous transactions can be tiring.
 The testing sample will give comfort about the overall control over systems in an
organization because of proper understanding about what are test of controls in auditing
for the organization.
 Samples are selected randomly, and thus, there is no control by management board of
directorsaccounting staff, or any other person. Thus they remain alert and careful while
posting financial transactions at each stage.
 It can help the auditor assess the fairness of the preparation of the financial statements.
Disadvantages
The audit test selects sample transactions for testing, and it is very well possible that any
transaction about fraud may get left out.
The auditor’s responsibility increases who has to be sure that the sample covers all the
aspects of transactions being carried out by the organization, and should leave no stone
unturned to check on any undetected errors or frauds.
Audit Testing may work where the volume of transactions is very high. It will make no
sense to follow audit testing from organizations operating on a small scale.
It is possible that since the management, board, and accounting staff knows’ that audit

shall be done using a sample testing method, they may remain careless in the hopes that
any fraud or error may not get caught by the auditor.
The auditor may leave complicated transactions out of its sample and only focus on
simpler transactions to ease work.
Risky in case there are no or weak internal controls.
8.3 Audit Test Of Control Vs. Substantive Audit Procedure

Audit test of control states whether the internal procedure is strong enough to prevent of
financial misstatement, whereas substantive audit is process where auditors identify financial
misstatements. However, the differences between them are as follows:
Audit test of control Substantive Audit Procedure

It is a test of the controls to prevent financial It is the process of identifying financial
misstatement. misstatement.
It ensures that the financial record keeping It ensures the company presents a true and
system is effective in preventing fraud. fair picture of the company’s financial
condition to shareholders.
It is designed to put a strong control system It is designed to make the accounting system
to prevent fraud. accurate and valid.
Control system should be there before Substantive audit is dependent on control
substantive audit. system.

1. A sample in which the characteristics of the sample are the same as those of the population
is a(n)
a) Variables sample b) Representative sample c) Attributes sample d) Random sample
2. When the auditor decides to select less than 100 percent of the population for testing, the
auditor is said to use
a) Audit sampling c) Poor judgment.
b) Representative sampling d) Estimation sampling
3. To determine if a sample is truly representative of the population, an auditor would be

required to
a) Conduct multiple samples of the same population
b) Never use sampling because of the expense involved
c) Audit the entire population
d) Use systematic sample selection
4. One of the causes of non - sampling risk is
a) Choosing the wrong sample size.
b) Ineffective audit procedures
c) Inadequate sample size
d) Exceptions being found in the sample
5. Which one of the choices below is most correct regarding a cause of sampling risk?
a) Ineffective use of audit procedures
b) Testing less than the entire population
c) Use of extensive tests of controls
d) Use of random sampling
6. Which of the following is the risk that audit tests will not uncover existing exceptions in a
sample?
a) Sampling risk b) Non sampling risk c) Audit risk d) Detection risk
7. Which of the following is the risk that an auditor will reach an incorrect conclusion because
a sample is not representative of the population?
8. Which of the following is the risk that audit tests will not uncover existing exceptions in a
sample?
9. Which of the following is the risk that an auditor will reach an incorrect conclusion because
a sample is not representative of the population?
10. The process which requires the calculation of an interval and then selects the items based on
the size of the interval is
a) Statistical sampling

b) Random sample selection

c) Systematic sample selection
d) Computerized sample selection.
11. When the auditor goes through a population and selects items using nonprobabilistic
selection methods, without regard to their size, source, or other distinguishing
characteristics, it is called
a) Block sample selection
b) Haphazard selection
c) Systematic sample selection
d) Statistical selection.
12. When auditors wish to evaluate a sample statistically, an acceptable selection method is:
a) Systematic sample selection
b) Judgmental selection
c) Haphazard selection
d) Block sample selection
13. Which is not a method used by auditors to generate random numbers?
a) Electronic spreadsheets
b) Systematic sample generators
c) Random number generators
d) Generalized audit software

CHAPTER NINE
AUDIT OF SALES AND COLLECTION CYCLE
Introduction
An auditor determines if the financial statement amounts of sales and accounts receivable are
correct by verifying individual transactions. Accounts receivable balances are tested by sending
confirmation letters to customers to obtain objective assurance that the balance is correct. The
auditor also chooses sales transactions from the sales ledger and verifies that there are
legitimate sales receipts to back up the transaction. To test the accuracy of the sales figure, the
auditor reviews sales transactions in the ledger close to the financial statement date to ensure
that the company only included sales prior to that date.
The overall objective in the audit of the sales and collection cycle is to evaluate whether the
account balances affected by the cycles are fairly presented in accordance with GAAP.
 Accounts in the sales and collection cycle includes: Sales, A/Receivable, Cash in Bank,
Cash Discounts Taken, Allowance for Uncollectible Accounts, and Bad Debt Expense.
 Classes of transactions in the sales and collection cycle are – Sales (cash and sales
on account), Cash receipts, Sales returns and allowances, Charge-off of uncollectible
accounts and Estimate of baddebt expense.
9.1Overview of the cycle

The Sales and Collection Cycle involves the decisions and processes necessary for the transfer
of the ownership of goods and services to customers after they are made available for sale.
It begins with are quest by a customer and ends with the conversion of material or service
into an account receivable, and ultimately into cash.
The revenue and collection cycle in a company is a repeating set of business activities and
processing operations associated with providing goods and services to customers and the
collection of payments for those sales. An efficient revenue and collection cycle is essential to
ensure steady cash flow for a company.A sales and collection cycle flowchart outlines the

revenue cycle activities, beginning when a customer purchases a good or service and ending
when the company receives the full payment.
Sales and Credit Departments

The sales department is responsible for receiving the customer order and preparing a sales order
that it sends to the credit department for a customer credit check. It is important that the
salespeople do not perform these credit checks because they may be inclined to be lenient with
credit decisions to help their sales numbers.Once the credit department checks the customer's
credit and approves the order, it is transferred to the shipping department.
Shipping Goods to Customers

When the sales order is complete, the company gathers the goods and prepares the order to be
shipped.
If there is adequate inventory for the order, it is sent off in a single shipment, but if some of the
order is not available, multiple shipments may be sent to the customer. Either way, it is necessary
to mark off items as complete when they are sent off to customers to avoid duplication. After the
order is shipped, a shipping document is created and sent to accounts receivable along with the
sales order.
Billing and Cash Collection

When a company makes a sale but has not yet received payment for it, that sale enters the
accounts receivable cycle. Most businesses allow customers to receive goods or services before
payment, believing in good faith that they will receive their money after the customer receives an
invoice.
Accounts receivable is responsible for taking the sales order and shipping document and
generating a sales invoice that the company sends to the customer.In addition to sending out the
invoice, accounts receivable departments keep track of which customers have paid and which
payments are overdue. After a company receives the payment, the accounting department
removes the balance from accounts receivable and documents it accordingly.
Auditing the Cycle

To ensure a company is not misreporting its revenues or accounts receivable, someone outside
the company tests the sales transactions and internal controls the company has put in place to
determine if they are reliable. If the controls are determined to be strong, the auditor reduces the
amount of transaction testing. If errors are found, the auditor increases the amount of
transaction testing.
Although the purpose of the sales and collection cycle audit is to verify the company's numbers
are accurate, it is not uncommon for these procedures to uncover fraud within a company.
9.2Internal Control for Sales

To limit the chance for theft and other mishaps, companies establish internal controls for sales
that ensure there is segregation of duties along each part of the cycle. For example, one person
should not be responsible for receiving orders, recording sales and receiving the payments. Also,
controls are put in place to guarantee that sales are documented accurately and in the correct
period.Without this, a company runs the risk of information mishandling and inefficiencies along
the cycle.
9.3Tests of Controls & Substantive Tests ofTransactions

Internal controls can serve two purposes: to protect a business from accounting fraud, asset loss,
or similar failures of financial reporting; and to assure that the business meets regulatory
compliance obligations.An audit evaluates the accuracy of a company’s financial statements
and the effectiveness of its system of internal controls, seeking to identify control weaknesses.
Audits typically include some form of substantive testing, which tests for material
misstatements and errors. These substantive audit procedures review, test, and analyze a
company’s financial records.
A) Substantive Testing

Substantive testing is a type of audit that looks for flaws in financial records. These tests are
required as proof to back up the claim that a company’s financial records are comprehensive,
valid, and accurate.
Substantive testing is known as the phase of an audit where the auditor gathers samples to
identify any material misstatements in the client’s accounting records or other information. This
proof is required to support the judgment that a company’s financial records are complete,
relevant, and accurate.Substantive audit procedures provide evidence about the truth of each
material assertion in the financial statements. On the other hand, tests may also reveal monetary
errors or misstatements in the recording or presentation of transactions and balances.
Substantive testing is performed according to Generally Accepted Auditing Standards (GAAS).

These standards require the auditor to understand the controls relevant to the audit, and to assess
whether those controls are designed effectively to prevent (or at least detect and correct)
material misstatements that may appear in the financial statements.
The Goal of Substantive Testing
The main goal of substantive testing is to provide reasonable assurance about the validity and
correctness of financial reporting, or to identify material misstatements. Substantive procedures
are therefore designed to obtain audit evidence about the completeness, accuracy, and validity
of the data produced by the accounting system.
Types of Substantive Tests

There are three types of substantive tests, explained below.
a) Analytical procedures: Substantive analytical procedures entail comparing several financial
and operational data sets to examine if trends and relationships are consistent. These
techniques are intended to alert you to potential issues with your financial records, which
you can then investigate further.
b) Test of details of transactions: A test of transactions focuses on the individual transactions
that make up an account balance. This test of details is done to check for the accuracy of the

financial statement transactions. Auditors typically choose a sample to test whether the
details match the transaction recorded in a company’s books.
c) Tests of details of balances: A test of balances is done to check whether any material
misstatement exists in the balances of the financial statements’ accounts. This test of details
tries to demonstrate that the tests of control and the substantive tests related to transactions
are all reasonable.
Best Practices for Substantive Testing
The auditor determines the tests’ nature, scope, and timing to assure that they meet an
acceptable level of risk detection.
1. Nature:This relates to the efficacy and type of audit procedure used by an auditor based on
whatever level of risk is acceptable. The methods are more expensive and extensive if the
acceptable level of risk is low. Conversely, the procedures are less expensive (and less
effective) when the acceptable level of risk is higher.
2. Extent: This is the quantity of evidence an auditor gathers depending upon how substantive
testing is conducted. Procedures that need more tests and larger sample sizes are frequently
required when acceptable risk is low. When it’s high, processes require fewer tests and
smaller sample sizes.
3. Timing: This relates to how the timing of an audit event might change due to the acceptable
risk level. The auditor may perform audits in the middle of the month if controls are solid
and the expected level of risk identification is minimal. Conversely, the auditor may audit
closer to month- or year-end if the expected risk is high.
B) Control Testing
Control testing is an audit procedure used to determine whether internal controls effectively
prevent or discover material misstatements at the appropriate assertion level. Control tests
determine whether a policy or practice is well-designed to prevent or detect significant
misstatements in a financial statement. The operating effectiveness of controls focuses on three
questions: how is the control applied, is it consistently applied during the year, and who applies
it?
The Goal of Control Testing

Control testing’s ultimate goal is to evaluate the performance of the internal control system to
improve the organization’s operations, financial reporting, and compliance. With these
objectives in mind, an auditor uses several evaluation techniques to understand control
procedures fully. For example, using a risk-based approach to audit testing, an auditor can focus
on areas where risk is most likely to occur, identify problems, and recommend improving the
effectiveness of a control.
Types of Control Tests

a) Concurrent test: The auditor obtains an understanding of a process that also provides
evidence on the effectiveness of the control policy or practice. These tests are performed
based on the discretion of the auditor. For example, auditors may inquire about the
budgeting system to verify users’ familiarity with the processes.
b) Planned test of control: An auditor will look for evidence of proper and consistent
application of control policies and procedures throughout the audited year.
Best Practices for Control Testing
The following best practices can help you test controls more effectively.
 Prioritize testing of controls: Large organizations routinely have hundreds or even

thousands of documented controls. For each control under consideration, determine its
effect on the organization, and then use this information to determine the nature and
frequency of testing that you should perform.In addition, consider the specific regulations
or compliance standards that the organization must follow, such as the Sarbanes–Oxley Act
(SOX) or General Data Protection Regulation (GDPR). Requirements for these standards
will often guide the testing process and determine which controls to test first.
 Design an appropriate test for each control:The nature of the control often determines the
testing approach. For example, if the organization relies on controls to mitigate significant
risks, you should test that control more frequently. You may also evaluate the design of the
control before testing its operation.
 Documenting and tracking identified problems:An essential aspect of control testing is to
remediate issues encountered during testing quickly. Always check corrections by
rerunning the test program after allowing time for the remediation to verify that all

problems have been resolved.

1. Which of the following is an example of a control for the audit objective that deals with
making sure the cash receipts are deposited and recorded at the amount received?
a) Recording cash on a daily basis
b) Independent bank reconciliation
c) Comparison of cash receipt totals to a summary report
d) Restrictively endorsed check
2. The testing of controls and substantive tests of transactions in the sales and collection cycle
affects the:
a) Confirmation of accounts payable
b) Confirmation of accounts receivable
c) Confirmation of long-term debt
d) Confirmation of fixed assets
3. Which of the following is not an account affected by the sales and collection cycle?
a) Cash
b) Accounts receivable
c) Allowance for doubtful accounts
d) Sales of Accounts Receivables
4. What event initiates a transaction in the sales and collection cycle?
a) Receipt of cash
b) Delivery of product to a customer
c) Identification of a new customer
d) Customer request for goods
5. It is a document that is matched with the customer order to assure that the correct quantity
and type of goods are shipped.
a) Sales order b) Customer order c) Vendor invoice d) Sales invoice
6. What critical event must take place before goods can be shipped in order to assure payment

can be reasonably expected?

a) Determination of correct delivery address
b) Credit approval
c) Matching of shipping document with sales invoice
d) Receipt of sales order from the customer
7. Which of the following can be used as substantive test for receivables and sales transactions?
a) Confirm receivable with debtors.
b) Perform analytical procedures.
c) Review the year-end cutoff of sales transactions.
d) All of the above.
8. Which of the following is (are) primary audit objective for receivables/sales?
a) Clerical accuracy
b) Existence
c) Valuation
d) Statement Presentation
9. Which assertions relating to receivables/sales are addressed when auditors select a sample of
sales invoices and compare details to shipping documents?
a) Existence b) Ownership c) Valuation d) All

CHAPTER TEN
AUDIT OF PAYROLL AND PERSONNEL CYCLE
10.1 Overview of the cycle

A payroll audit is an analysis of a company’s payroll processes to ensure accuracy. Payroll audits
examine things like the business’s active employees, pay rates, wages, and tax withholdings.
You should conduct a payroll audit at least once per year to verify your process is up-to-date and
legally compliant.As Government sets aside substantial amounts for salaries and allowances, the
systematic and proper management of the same should be ascertained by the audit of salaries and
allowances.
10.2Internal control system

All public bodies should maintain an appropriate internal control system with regard to
controlling salaries and allowances including the following:
a. Personal files of employees
Ascertaining that the personnel section maintains adequate records regarding employees’
salary information (e.g. information originating from staff recruitment, the salary of
incoming and outgoing staff; changes in salary scales; changes in personal circumstances
that have an impact on salary, deductions and allowances; the amount of approved
deductions and the formal documents supporting the current level of payments);
Ensuring that staff employment, transfer, departure, change in salary, details of
deductions and the like are approved under the signature of an authorized official and
sent to payroll section before the payroll sheet is prepared;
Ascertaining that the personal files of employees are in the safekeeping of a designated
staff member who is not part of the Accounts Division and Payroll Section.
b. Attendance sheet
Ensuring the accuracy of attendance sheets (or other documents confirming the
performance of distinct duties) and their approval by designated officials;
nsuring that documents confirming entitlements to over-time or other monetary benefits
are signed by the immediate superior of the employee (the superior must not be engaged

in payroll preparation and effecting of salary payment);

Verifying that duties such as ascertaining the accuracy of attendance sheets and the
preparation of payroll are not carried out by the same staff.
c. Payroll sheet
Checking that gross pay, deductions, allowances and unclaimed salary have been
computed accurately and on the basis of current scales and eligibility;
Ascertaining that the accuracy of payroll calculations is verified by a staff member other
than those preparing the payroll;
Checking that staff engaged in payroll preparation and the computation of pay are
independent of staff engaged in the keeping of personnel files.
d. Deductions from salary
Ensuring that deductions of a repetitive nature such as those for personal income tax,
pension, repayment of loan and the like, are allocated separate columns in the payroll
sheet;
Ascertaining that deductions other than those determined by law (such as deduction for
edir contribution, resettlement bank loan, family allowance, and the like) are deducted
from the salary of an employee only after a written application from the employee is
authorized by the concerned official and that such documents are kept in the personal file
of the employee;
Checking that collections from salary deductions are paid to the concerned public bodies
and other beneficiaries in full and in a timely manner.
e. Payment of salary
Checking that any changes to staff salaries, arising from such factors as the employment
of new staff, promotion, dismissal, fine or court judgment, are communicated to the
payroll section before the preparation of the payroll sheet;
Assuring when allowances are paid in addition to basic salary, that documents exist in
the individual personnel files of officials and ordinary staff members receiving
allowances, which certify their eligibility to the allowances;
Ascertaining that the payroll sheet prepared for effecting the payment of wages to daily
laborers is supported by contracts of employment and a signed attendance sheet;
Confirming that the different duties in the payroll section ranging from initiation of

payroll calculations to delivering the payroll sheet for the effecting of salary payment
are carried out by different persons;
Checking that the various staff members who are engaged in preparing, reviewing and
approving the payroll sign in their respective places on the payroll sheet;
Ascertaining that the accuracy of details in the payroll sheet such as names, working
hours, over time, salary scale and the computation of deductibles, is verified by a staff
member who is entirely independent of those who have prepared the payroll sheet;
Ensuring that the total salary payment for each month is compared with the payment
made in the previous month and that the causes of any difference are identified and
explained.
Audit objectives
The objectives of the audit of salaries and allowances include but are not limited to the
following:
to ascertain that there is a strong internal control system to prevent theft and fraudulent acts
during the preparation of payroll sheet, recording and effecting of salary payment;
to ascertain that deductions from salaries are made in accordance with the existing
proclamation and other relevant legislation;
to ascertain that the salary payment being effected is for services rendered by employees
and to ensure that the persons who receive salaries actually exist, and are in fact entitled to
the payment of salary.
to ascertain that the payment of allowances is effected strictly in accordance with the
relevant legislation;
to ensure that the arrangements made with respect to unclaimed salary are in accordance
with regulations and that the unpaid sums are correctly retained and properly recorded;
to ensure that the necessary controlling mechanisms exist to prevent unclaimed salary being
utilized improperly.
f. Audit procedures
The following audit procedures should be followed in order to ensure the proper control of
salaries and wages: -
A. Personal file of employees

See whether the personnel section holds employees’ personal files, which contain
information such as letter of engagement, letter of resignation, notification letter of salary
scale, documents related to special deductible items, and other relevant information;
Ensure that employees’ engagement, resignation, change in salary scale and details of
special deductible items have been approved by a designated official and that appropriate
instructions are sent to the payroll section before the payroll for the month is prepared;
Check that documents kept in employees’ personal files have been signed by officials who
are not involved in payroll preparation;
Ascertain that employees’ personal files are kept in the custody of a staff member who is
not part of the accounts division or payroll section.
B. Attendance sheet
Ensure that the accuracy of attendance sheets (or similar documents for those under
contract) have been approved by appropriate officials not involved in the preparation of
payroll;
Ascertain that staff members who are responsible for ensuring the accuracy of
attendance sheets are not involved in the preparation of payroll;
Check that documents giving an entitlement to the payment of overtime and other
benefits are signed by the immediate superior of the employee who is eligible for that
entitlement (and that such superior is not involved in the preparation of payroll and
effecting of salary payment).
C. Computation of Payroll
Ascertain that the payroll clerk does not have direct access to employees’ personal files;
Ensure that the computation of gross pay and deductibles have been made in
compliance with the present scales of pay and eligibility;
Check that the staff member who verifies the accuracy of the computation of payroll,
has no involvement in payroll preparation.
D. Deductions from salary
See that a separate column is maintained in the payroll sheet for deductibles of a
repetitive nature such as income tax, pension, repayment of loan and the like;
Check deductions other than those authorized by law (such as deduction for edir
contribution, resettlement bank loan, family allowance, and the like) to ensure that the

deduction is in accordance with an approved written application from the employee (or
other official document) and that such documentary evidence is kept in the personal file
of the employee;
Ascertain that collections from deductibles have been paid to the correct beneficiary
account in full and in a timely manner.
E. Payment of salary
Ascertain that documentary evidence relating to matters such as salary scale changes, the
employment of new staff, promotion, resignation, penalty or court order has been sent to
payroll section before the payroll for the month is prepared;
Ensure that contracts and properly signed attendance sheets support the payroll sheet for
daily laborers;
See that documentary evidence of entitlement for the payment of allowances is kept in
the personal files of those employees and officials who are eligible for such payment;
Check that necessary caution has been exercised to prevent an employee from being
involved in the whole process of payroll preparation, from its initiation to the delivery of
the payroll sheet for salary payment to be effected;
Ascertain that the accuracy of details shown in the payroll sheet such as names, gross
salary, working hours, over time and the computation of deductibles has been verified by
an official with no involvement in payroll sheet preparation;
Ascertain that the payroll sheets have been signed by the payroll clerk, the staff member
responsible for checking and finally by the designated official who authorizes the
payment;
Verify that the salary payment for each month has been compared with the payment for
the previous month and that the causes of any differences are identified and reconciled;
Check that every employee on the payroll signs on the payroll sheet to acknowledge the
receipt of the net pay;
Check that no employee is allowed to take the salary of another employee without a
written delegation.
F. Unclaimed salary
Verify unclaimed salaries against summation of net pays unclaimed on payroll sheets;
Ascertain that unclaimed salaries are deposited in to the bank within predefined period

of time.
G. Accounting records
Test postings of payrolls to subsidiary and general ledgers;
Compare actual expenditure against the budget.

1. The payroll cycle consists of how many classes of transactions?

a) One b) Two c) Three d) Four
2. Which of the following statements is false?
a) The payroll cycle consists of one class of transactions
b) Balance sheet accounts related to payroll are generally more significant than
related transactions.
c) Internal controls over payroll are effective for most companies.
d) Small companies usually have effective controls over payroll.
3. Which of the following is not correct regarding controls over the processing of payroll?
a) The person authorized to sign paychecks should not be otherwise involved
in the preparation of the payroll.
b) A check-signing machine should not be used to replace a manual signature.
c) Distribution of pay checks should be performed by someone who is not involved in the
other payroll functions.
d) Unclaimed paychecks should be immediately returned for redeposit.
4. Which of the following types of audit procedures is ordinarily emphasized the
least when auditing payroll?
a) Tests of controls
b) Tests of transactions
c) Analytical procedures
d) Tests of details of balances
5. The payroll and personnel cycle begins with which of the following events?
a) Interviewing job candidates.

b) Hiring a new employee

c) Existing employees submitting requests for payment for work performed
d) Issuance of paychecks
6. Most systems of internal control for payroll are:
a) Loosely structured but well controlled.
b) Loosely structured and loosely controlled.
c) Highly structured and well controlled.
d) Highly structured but loosely controlled.
7. The payroll and personnel cycle ends with which of the following events?
a) Interviewing job candidates.
b) Hiring a new employee.
c) Existing employees submitting requests for payment for work performed.
d) Issuance of paychecks.
8. The retirement savings deductions, number of exemptions for withholding allowances,
uniondues deductions, and other deductions are found on what form?
a) Time cards
b) Deduction authorization form
c) Rate authorization form
d) Job time ticket
9. It includes all payroll transactions processed by the accounting system for a given period of
time.
a) Payroll journal b) Payroll transaction file c) Time report d) payroll summary
10. An imprest payroll account ordinarily carries a balance that is:
a) Larger than the other company bank accounts.
b) Larger than the amount of the periodic payroll disbursement.
c) Small d) Below zero
11. Records that include data such as employment date, performance ratings and pay rates are
the:
a) Personnel records
b) Employee screening forms.
c) Summary payroll reports.

d) Employee folders
12. To minimize the opportunity for fraud, unclaimed salary checks should be:
a) Deposited in a special bank account.
b) Kept in the payroll department.
c) Left with the employee’s supervisor.
d) Held for the employee in the personnel department.
13. Which of the following type of employee typically does not complete time cards?
a) Hourly employees.
b) Salaried employees.
c) All employees must complete time cards.
d) Time cards are typically completed by salaried employees, but may also be completed by
hourly employees.
14. When examining payroll transactions, an auditor is primarily concerned with the possibility
of:
a) Incorrect summaries of employee time records.
b) Overpayments and unauthorized payments.
c) Under withholding of amounts required to be withheld.
d) Posting of gross payroll amounts to incorrect salary expense accounts.
15. For which of the following functions is the use of prenumbered documents least important?
a) Use of prenumbered time cards in the payroll function.
b) Use of prenumbered sales invoices in the sales function.
c) Use of prenumbered receiving reports in the acquisitions function.
d) Use of prenumbered deposit slips in the cash receipts function.
16. Which of the following statements about payroll checks is correct?
a) After a payroll check is cashed and returned to the employee it is referred
to as adepository check.
b) As soon as a payroll check is signed by an authorized employee, it becomes an asset.
c) Payroll checks are written for the amount of gross pay due employees.
d) It is rare that payroll checks are direct-deposited into employees’ bank accounts.
17. Which of the following is not an advantage of using an imprest payroll account?
a) It limits the company’s exposure to payroll fraud.

b) It allows the delegation of payroll check-signing duties.

c) Companies have fewer banking transactions.
d) It facilitates cash management.
18. No individual with access to time cards, payroll records, or checks should also be permitted
access to:
a) The computer b) Job time tickets c) Personnel records d) The canceled check file

CHAPTER ELEVEN
AUDIT OF ACQUISITION AND PAYMENT CYCLE
11.1 Overview of the cycle

The Acquisition and Payment Cycle (also referred to as the PPP Cycle for Purchases, Payables,
and Payments) consists mainly of two classes of transactions. The first class is the acquisition
class. The typical journal entry for this class of transactions is a debit to inventory or an expense
and a credit to accounts payable. The classification assertion is highly important in this scenario
because there are many possible debits that can fulfill the journal entry.
The second class of transactions in the acquisition and payment cycle is the cash disbursements
class. The typical journal entry for this class is simply a debit to accounts payable and a credit to
cash. All in all, this cycle is mainly about incurringpayables and paying off those payables with
cash. Although many companies follow different internal processes and use electronic-based
methods, the following flowchart is a typical business process in the acquisition and payment
cycle.
11.2The Audit of Property, Plant and Equipment

The term property, plant and equipment (fixed assets) include all tangible assets with a service
life of more than one year that are used in the operation of the business and are not acquired for
the purpose of resale. Three major subgroups of such assets are generally recognized.
Land, such as property used in the operation of the business, has the significant characteristics of
not being subject to depreciation. Building machinery, equipment and land improvements, such
as fences and parking lots, have limited service lives and are subject to depreciation. Natural
resources (wasting assets), such as oil wells, coal mines, and tracts of timber, are subject to

depletion as the natural resources are extracted or removed. Fixed asset constitute a significant
proportion of the total assets of many organizations particularly those engaged in manufacturing
activities. Audit of fixed asset is, therefore generally considered to be an important part of an
independent financial audit. Though the number of transactions involving fixed assets is smaller
in number, the amount involved in these transactions will be very high. Hence the auditor has to
give more attention while auditing the transactions relating to fixed asset.
The auditor’s objectives in the audit of fixed assets are

Consider internal control over property, plant and equipment.
Determine the existence of recorded property, plant and equipment.
Establish the completeness of recorded property, plant and equipment.
Establish that the client has ownership rights to the recorded property, plant and
equipment.
Establish the clerical accuracy of schedules of property, plant, and equipment.
Determine that the valuation or allocation of the cost of property, plant, and equipment
is in accordance with generally accepted accounting principles.
Determine that the presentation and disclosures of property, plant, and equipment,
including disclosure of depreciation methods is appropriate.
In conjunction with the audit of property, plant, and equipment, the auditors also obtain
evidence about the related accounts of depreciation expenses, accumulated depreciation, and
repair and maintenance expenses.
Internal controls relating to fixed assets
The auditor studies and evaluates the accounting system and the effectiveness of internal control
relating to fixed assets. The auditor’s study and evaluation of internal control relating to fixed
assets covers the following aspects:
1. Segregation and rotation of duties: The auditor has to see whether there is proper
segregation of various duties relating to fixed assets such as
 Authorization of acquisition and disposals

 Execution of transactions relating to execution and disposals

 Recording of transactions
 Physical custody of items.
The auditor also has to see whether the duties of various persons relating to fixed assets are
rotated periodically or not.
2. Authorization of acquisition, transfer and disposal of fixed assets:The auditor has to check
the internal control relating to capital budgeting. i.e., whether the proposal for capital
expenditure has been received in time in the proper format, approved by the top management
and whether it is properly communicated to the various departments after the approval.
 Whether a written authorization from a senior level of the management is included in the
budget.
 Whether the organization have laid down proper procedures for acquisition of fixed
assets i.e. for inviting quotations, selection of suppliers, approval of prices, payment
terms, safeguard for timely delivery etc.
 Whether the purchases are made on the basis of competitive bids. And whether there is
requirement for documenting the reasons for making purchases other than at lowest
price.
 Whether the control over receipt of fixed assets are effective ie., whether the technical
specifications of the assets received are verified with the purchase orders before
accepting and if rejected whether the debit notes are raised promptly.
 Whether periodic comparisons of the actual expenditures of the fixed assets are
compared with the capital expenditure budget and whether approval from the competent
authority is received if there is a deviation from the budget.
 Whether there any system of getting prior approval from the competent authority in case
of transfer of fixed assets from one department to another?
 Whether adequate controls exist for disposal of fixed assets i.e. with proper
authorization, invitation of quotations, approval of prices, proper documentation etc
3. Maintenance of records and documents:The auditor has to check whether the company
maintains proper records of fixed assets including those items, which are fully depreciated.
 Whether the organization maintains the record of assets given on lease or used by the
organization but owned by others.

 Whether a register containing title deeds of the assets are maintained properly.
 Whether the title deeds or registration documents are kept in safe custody and verified
periodically.
 Whether the organization maintained a detail record of projects which are in progress.
 Whether the expenditures incurred are properly allocated between capital and revenue.
4. Accountability for and safeguarding of fixed assets:
 Whether there is any system for identification of fixed assets.
 Whether adequate safeguards are made to protect the fixed assets from fire, theft
accessibility to unauthorized persons, and use of locks burglar alarms etc.
 Whether the fixed assets are properly insured and the auditor has to check regarding the
adequacy of the cover the time period, etc.
 Whether the fixed assets are physically verified on a periodic basis including those assets
lying with third parties.
 Whether follow up action has been taken for the discrepancies between the record books
and physical verifications.
 Whether there is any system for identifying and reporting damaged, obsolete and idle
fixed assets.
5. Independent checks:The auditor has to see whether there is any internal audit for fixed assets
and determining the coverage and effectiveness of the internal audit. The auditor has to
examine the scope of the work of the internal auditors and their reports.
Substantive procedures for fixed assets

The auditor determines the nature timing and extent of substantive procedures relating to fixed
assets after evaluating the effectiveness of internal controls. The procedures normally followed
are the following
(A). Examination of records and documents.
 Verify the opening balances from the previous years financial statements or ledger
accounts.
 Verify the additions made during the year from the approval of appropriate authority
copies of purchase orders, invoices receiving reports, acknowledgement form the
supplier and bank statement.

 Verify the assets constructed during the year by examining work order records,
statement of allocation and apportionments of costs, certificate of work performed,
contractors bills, invoices of suppliers of materials, bank statement etc.
 Verify the major repairs and maintenance to ensure no revenue expenditure related to
the capital assets is included.
 Verify the disposal or retirement of fixed assets by examining the approval of
appropriate authority, quotations invited from buyers, contract with the buyer, copy of
the sale bills, evidence of physical deliveries etc.
 Examine whether the book values and accumulated depreciation of the fixed assets
disposed or discarded are properly adjusted accounting the resulting gains or losses
properly.
 Verify the minutes of the board of directors, agreements, and correspondence with
lawyers to identify any charges or encumbrances on the fixed assets.
 Verify the arithmetical accuracy of the fixed asset records.
 Verify whether the value shown in the financial statement is after charging adequate
depreciation.
 Examine the evidence of ownership of fixed assets.
(B). Review or observation of a second verification
Though the physical verification is the duty of the management, the auditor can review or
observe the verification by examining the documents relating to the physical verification.
The procedures followed are:
 Review the instructions issued to the staff entrusted with the responsibility of physical
verification and judges the appropriateness and adequacy of the instructions.
 Assess the competence of the personnel conducting the physical verification.
 Examine the frequency of the verification and verify whether it is reasonable in the
circumstances of the case.
 When direct physical verification is not possible examine any indirect evidence of the
existence of the fixed assets.
 Tests check the fixed asset record with the physical verification records.

 Examine the appropriate follow up action taken for the discrepancies revealed by
physical verification with the fixed asset records.
 Examine whether appropriate adjustments have been made in the fixed asset records and
financial accounts for obsolescence, damage, or other losses reveled by the physical
verification.
(C). Examination of Valuation and disclosure
 Examine whether the fixed assets have been valued according to the generally accepted
accounting principles.
 Examine whether adequate depreciation have been provided.
 Examine whether the fixed assets have been revalued in a systematic/ scientific/
appraisal basis considering the future life and the possibility of obsolescence.
 Examine the basis on which the consideration has been approportionated to various
assets when several assets have been purchased for a consolidated price.
 Examine the relevant documents such as title deeds agreements etc in order to ascertain
the extent of the shares of the organization when the organization owns assets jointly
with others.
(D). Analytical Procedures
The analytical procedures employed by the auditors in the audit of fixed assets are the
following:
 Compare the additions or disposals of fixed assets made during the year with the
budgeted figures.
 Compare the ratio of depreciation for the current year to the average book value of the
fixed assets with the corresponding figures of the previous year.
 Compare the amount of repairs and maintenance of the current year with the figures of
the previous year.
 Compare the ratio of actual capacity utilization with the installed capacity of the current
year with the figures of the previous year.
(E). Obtaining Management Representation
The auditor has to obtain an appropriate representation form the management concerning the

fixed assets stating that the fixed assets shown in the balance sheet are arrived at after
considering all capital expenditures on additions, eliminating the cost and accumulated
depreciation relating to the items discarded, destroyed and disposed off and adequate
depreciation has been provided for during the current year.
Audit program for auditing fixed assets
The following procedures are typical of the work required in many engagements for the
verification of property, plant and equipment.
A) Consider internal control over property, plant and equipment
1. Obtain an understanding of internal control over property, plant and equipment
Auditors may use written description, flow chart or internal control questionnaire to describe
the nature of client’s internal control structure. After preparing description of internal
control, the auditors will determine whether the controls as described to them have been placed
in operation, whether there is appropriate segregation of duties and considered the
misstatements that may occur.
2. Assess control risk and design additional tests of control for the assertions about property,
plant, and equipment.
Based on an understanding of the client’s internal control over property, plant and equipment,
the auditors develop their planned assessed level of control risk for the various financial
statement assertion assertions and obtain additional evidences of the operating effectiveness of
the client’s controls by designating additional tests of control.
3. Perform additional tests of controls for those controls that the auditors plant to consider to
support their planned assessed levels of control risk.
As auditors obtain an understanding of the client’s internal control; certain tests of control are
performed. E.g. select a sample of purchase of plant and equipment to test the control related to
authorization, receipts and proper recording of the transactions.

4. Reassess control risk for each of the major financial statements assertions about property,
plant, and equipment based on the results of tests of controls and, if necessary, modify
substantive tests.
The final step in the auditor’s consideration of internal control involves a reassessment of
control risk based on the results of the tests of control. On the basis of the reassessed level of
control risk auditor modify their planned program of substantive testing procedures for
property, plant, and equipment assertions.

1. Which of the following procedures concerning accounts receivable would an auditor

most likely perform to obtain evidence in support of an assessed level of control risk
below the maximum?
a) Observing an entity’s employee prepare the schedule of past due accounts receivable.
b) Sending confirmation requests to an entity’s principal customers to verify the existence of
accounts receivable.
c) Inspecting an entity’s analysis of accounts receivable for unusual balances.
d) Comparing an entity’s uncollectible accounts expense to actual uncollectible accounts
receivable.
2. All of the following are accounts that fall under the acquisition and payment cycle except:
a) Accounts payable
b) Property, plant, and equipment
c) Accounts receivable
d) Prepaid expenses
3. An auditor can improve the efficiency and effectiveness of an audit of fixed assets by
performing which of the following tests separately?
a) Verification of depreciation expenses
b) Verification current year disposals

c) Verification of current year acquisitions

d) All of the above
4. Auditing of fixed assets differs from that of current assets because:
a) Fixed assets are kept for shorter periods
b) The number of acquisitions is greater for fixed assets
c) The dollar amount for fixed is usually smaller
d) None of the above
5. To begin an audit of current year acquisitions, the auditor should request the client provide
them with:
a) General ledger
b) The property master file
c) Vendor invoices
d) Repair and maintenance logs
6. Disposal of fixed assets that are handled improperly can affect:
a) Balance sheet
b) Statement of cash flow
c) Income statement
d) All of the financial statements
7. The most important balance-related objectives for depreciation expense is:
a) Completeness
b) Accuracy
c) Existence
d) Cutoff
8. An auditor should review the client's insurance policies to determine if:
a) The client is over-paying for insurance
b) The client has rights to the policy
c) A and B only
d) The client has chosen the correct insurance provider
9. An analytical procedure that compares individual expenses with budgets is concerned with:
a) Misstatements of sales
b) Misstatement of cash

c) Misstatements of budgets
d) Misstatements of expenses and related balance sheet accounts
10. Legal expenses should be reviewed for the possible existence of:
a) Deferred assets
b) Contingent liabilities
c) Long-term assets
d) Additional sales
11. The classes of transactions in the acquisition and payment cycle include acquisition of:
a) Goods
b) Goods and services
c) Goods and services, and cash disbursements.
d) Goods and services, cash disbursements, and purchase returns and allowances.
12. The overall objective in the audit of the acquisition and payment cycle is:
a) Tensure the reliability of the affected accounts.
b) To ensure the accuracy of the affected accounts.
c) To evaluate whether the affected accounts are fairly stated in accordance with GAAP.
d) To evaluate whether fraudulent payments were made.
13. The audit of the acquisition and payment cycle often takes ____ time to audit than other
cycles.
a) Less b) About the same c) More d) No less
14. What typically initiates the acquisitions and payment cycle?
a) Issuance of a purchase requisition or request for purchase of goods/services.
b) Issuance of payment to vendor.
c) Approval of a new vendor.
d) Purchase requisition.
15. What typically ends the acquisitions and payment cycle?
a) Issuance of a purchase requisition or request for purchase of goods/services.
b) Issuance of a payment to a vendor.
c) Approval of a new vendor.
d) Purchase requisition.
16. The receipt of goods and services in the normal course of business represents the date

clientsnormally recognize:
a) Income b) the liability c) Warranty assets d) Expenses.
17. Which of the following accounts isnotincluded in the acquisitions class of transactions?
a) Inventory b) Prepaid expenses c) Purchase discounts d) Accounts payable.
18. A document used by organizations to establish a formal means of recording and
controllingacquisitions which usually contains a package of documents about the acquisition
is the:
a) Voucher b) Purchase order c) Receiving report d) Purchase requisition

CHAPTER TWELVE
AUDIT OF INVENTORY AND WAREHOUSE CYCLE
Introduction
Inventories are major items on the balance sheet, i.e. in total assets, especially in the current asset
section. Inventories play also a very significant and important role in preparation of income
statement and determination of net income or loss. This unit discusses the typical internal control
procedures and the auditors’ objectives in the examination of inventories..
The processing of purchases transactions involves the following purchasing functions:

 Requisitioning goods and services.
 Preparing purchase orders.
 Receiving the goods.
 Storing goods received for inventory.
 Preparing the payment voucher.
 Recording the liability.
12.1Nature of inventory
Audit of inventory is complicated by a number of factors including:
Variety (diversity) of items.
High volume of activity.
Various (sometimes complex) valuation.
Difficulty in identifying obsolete or defective inventory.
Many frauds involve the inventory account.
Easily transportable making it subject to double counting.
May be stored at multiple locations, some may be remote.
May be returned by customers

12.2 Control activities and Tests of Controls

A. Flow of Inventory
Receiving raw materials
Put raw materials in to storage
Put raw materials in to production
Put finished goods in to storage
Ship finished goods to customers
B. Business functions in the cycle
The sequence of functions in the inventory and warehousing cycle are the following:
a. An employee recognizes a need for purchase; completes a requisition and sends it to
purchasing (Requisitioning).
b. Purchasing shops for the appropriate quality at the best price, then prepares a
purchase order.
c. When goods arrive from the vendor, the receiving department inspects, counts, andprepares
a receiving report (Receiving).
d. Goods are moved from receiving to a warehouse; raw materials perpetual inventory master
file is updated.
e. When needed, goods are moved from the warehouse to production; raw materialsperpetual
inventory master file and cost accounting records are updated.
f. When finished, goods are moved from production to the warehouse; finished
goodsperpetual inventory master file and cost accounting records are updated.
g. When sold, goods are shipped and perpetual inventory records are updated.
C. Accounts Affected
Raw materials
Direct labor
Manufacturing overhead
Work-in-Process
Finished goods
Cost of goods sold etc

D. Audit of Inventory
Part of audit Cycle in which tested
Acquire and record raw materials,labor,and Acquisition and payment pluspayroll and
overhead personnel
Internally transfer assets and costs Inventory and warehousing
Ship goods and record revenue andcosts Sales and collection
Physically observe inventory Inventory and warehousing
Price and compile inventory Inventory and warehousing
12.3 Auditing Cost accounting

A. Cost Accounting Controls
Physical controls over raw materials, work in process, and finished goods.
 Purpose: to prevent loss of inventory due to theft or misuse.
 Control Measures:
 Physically segregate storage areas for raw materials, work in process,
andfinished goods
 Restrict access to storage
 Assign responsible custodian
 Use of pre numbered documents
 Segregation of duties (e.g. separate responsibility for perpetual
inventorymaster file from custodian of inventories)
 Controls over related costs
 Integrate production and accounting records for the purpose of pricing
finishedgoods, controlling costs, and costing inventory
B. Tests of cost accounting
Auditor’s primary concerns:
 Physical controls over inventory.
 Suggested procedures: Observation and inquiry.
 Documents and records for transferring inventory

 Test for existence of recorded transfers

 Test whether all actual transfers were recorded
 Test for the accuracy of the quantity, description, and date of all
recordedtransfers
Specific procedures:
 Understand internal controls for recording transfers
 Account for a numerical sequence of raw materials requisition
 Examine raw materials requisition for proper approval
 Compare raw materials requisitions with raw materials perpetual
inventorymaster file (for quantity, description, and date of all recorded
transfers)
 compare completed production records with perpetual inventory master file
 Perpetual inventory master file
 Test for the reliability of master file. The reliability of perpetual
inventorymaster file affects the timing and nature physical examination.
 Examine documents supporting additions and reductions ofinventory
amounts in master file.
 Unit cost records (Procedures)
 Understand internal controls in costing accounting systems.
 Trace the units and unit costs of raw materials to additions recorded in
perpetual inventory master file.
 Trace the total costs to cost accounting records.
 Trace the payroll summary directly to production cost records.
 Determine the reasonableness of manufacturing overhead
allocationmethods and their consistency
12.2Observing physical inventory

A. Assess Business and control risks.
 The auditor is required to obtain an understanding of the client’s
business and industry risk.

 Common sources of business risk:

 Short product cycle
 Potential obsolescence
 Use of just in time system
 Reliance on a few key suppliers
 Use of sophisticated inventory management technology.
 Auditor’s key considerations:
 Inventory valuation method selected by management
 Potential for inventory obsolescence
 Risk of mixing consignments with own inventory
 Procedure: conduct a tour of the client’s inventory facilities.
 The auditor is required to decide on tolerable misstatement based on the results
ofbusiness risk assessment. Situations under which misstatements are expected:
 Inventory stored in multiple locations
 Complex costing methods
 Greater potentials for obsolescence
 After assessing business risk, the auditor should assess control risk by focusing
on:
 Internal controls over perpetual records
 Physical controls over inventory
 Inventory counts
 Inventory compilation and pricing
B. Inventory observation requirements
 Required by auditing standards

“Auditors should satisfy themselves about the effectiveness of the client’s methods of counting
inventory and the reliance they can place on the client’s representations about the quantities
and physical conditions of the inventories”
 To meet the requirements, auditors must:
 Be present at the time the client counts their inventory for determining
year-end balances

 Observe the client’s counting procedures

 Make inquiries of client personnel about their counting procedures
 Make their own independent tests of the physical count
 Responsibilities in inventory taking:
 Client
o Set up procedures for inventorytaking
o Make actual counts
o Record the counts
 Auditor
o Evaluate the client’s procedures
o Observe the count procedures
o Conduct test counts of inventory
o Draw conclusions about the adequacy of the physicalinventory
 Exceptions to physical examination of inventories:
 Inventories housed in a public warehouse
 Inventories overseen by outside custodians if inventory does
not representsignificant portion
 Alternative procedures when physical examination is not needed:
 Confirmation from public warehouse or outside custodian
 Investigate the custodian’s inventory procedures
 Obtain an independent accountants reports on the custodian control
proceduresover the custody of goods
C. Controls over physical count
 Timing of physical count
 Elements of the client’s physical count of inventory
 Proper client instructions for the physical count
 Supervision by the responsible personnel of the client
 Independent internal verification of the counts by client personnel
 Independent reconciliation of the physical counts with perpetual
inventory master files
 Adequate client control over count sheet or tags used to record

inventorycounts
D. Audit Decisions
 The auditor’s decisions in the physical observation of inventory include:
a. Selecting audit procedures
b. Deciding on the timing of procedures
 Physical count may be taken either before year end or at year end
 If physical count has taken place before year end, the
auditor can testtransactions recorded in the perpetual inventory master
file from the date of the count to the end of the year.
 When there are no perpetual and the inventory is material, the client
must take acomplete physical count near the end of the accounting
period
c. Determining sample size
 Sample size in physical observation may be considered in terms of the
total number of hours spent rather than the number of inventory
items countedbecause the auditors concentrate on observing the client’s
procedures instead ofselecting items of testing.
 The key determinants of the amount of time needed to test inventory are:
o The adequacy of internal controls over the physical count
o The accuracy of the perpetual inventory master file
o Total birr amount and type of inventory
o Number of different significant inventory locations
o Nature and extent of misstatements discovered in previous years,
and
o Other inherent risks
1. Inventory compilation tests are used to:
a) Verify whether physical counts were correctly summarized
b) Verify inventory was correctly footed to equal the general ledger inventory balance
c) Verify that inventory quantities and prices were correctly extended

d) All of the above

2. An auditor should verify the transfer of inventory from one location to another to assure that:
a) Average costs are within industry standards
b) All transfers are recorded
c) Unit prices are adequate
d) All of the above
3. Which of the following is an analytical procedure used in the inventory cycle?
a) Gross margin percentage
b) Current ratio
c) Inventory turnover
d) A and C only
4. Determinants such as adequacy of internal controls and the number of locations influence the
amount of____________ an auditor spend observing inventory counts.
a) Effort b) Resources c) Time d) Dollars
5. Standard cost records produce____________, which are useful in determining the
reasonableness of production records.
a) Equivalent units b) Variables c)Averages d) Variances
6. An auditor must consider which rule when pricing inventory?
a) Lower of cost or market b) Cost c) Turnover d) Market
7. Which of the following cycles are integrated with the inventory and warehousing cycle?
a) Acquisitions and Payment Cycle
b) Payroll and Personnel Cycle
c) Sales and Collection Cycle
d) All of the above

CHAPTER THRTEEN
AUDIT OF THE CAPITAL AND REPAYMENT CYCLE
13.1Overview of the cycle

Capital acquisition and repayment cycle is the transaction cycle involving the acquisition of
capital resources in the form of interest-bearing debt and owners’ equity, and the repayment of
the capital.
Four unique characteristics of the capital acquisition and repayment cycle significantly
influence the audit of these accounts:
o Relatively few transactions affect the account balances, but each transaction is often
highly material in amount.
o The exclusion of a single transaction could be material in itself.
o There is a legal relationship between the client entity and the holder of the stock,
bond, or similar ownership document.
o There is a direct relationship between the interest and dividend accounts and debt and
equity.
Overview of Accounts for Notes Payable
 Auditors commonly include tests of principal and interest payments as a part of the audit
of the acquisition and payment cycle, because the payments are recorded in the cash
disbursements journal.
 Identify significant risk and assess risk of material misstatement for notes payable and
Related Accounts.
 Auditors often learn about capital acquisition transactions while gaining an
understandingof the client’s business and industry.
Assess Inherent Risk and Fraud Risk
 Inherent risks are primarily concerned with the authorization of notes payable, receipt of
funds, recording of transactions, and compliance with the debt covenants.
 One particular factor that can increase inherent risk and fraud risk is the presence of

related-party transactions.
 The most important balance-related assertions in notes payable are completeness and
accuracy because misstatement could be material if even one note is omitted or
incorrect.
 The following are risks of fraud and error for notes payable:
 Errors in calculating interest payments, posting such amounts to the wrong period,or
omitting them.
 Misclassifying debt as equity or vice versa, or misclassifications between current and
long-term.
 Recording debt transactions in the wrong period.
 Incorrect or inaccurate disclosure of terms or amounts.
 Deliberate misclassification of debt as revenue or other fraudulent manipulations
13.2Key Internal Control

 Proper authorization of transactions.
o Type, nature, timing, and terms (if any) should be approved by the board of
directors as evidenced in the minutes of meetings.
 Proper recordkeeping and adequate segregation of duties between maintaining owners’
equity records and handling cash and stock certificates:
o In addition, there should be (1) well-defined policies for preparing share
certificates and recording share transactions and (2) independent verification of
both transaction details and amounts.
o One of the objectives of the controls is to maintain current share capital records,
which will be used to pay dividends or repurchase shares (part of the acquisitions
and payments cycle) and to record issues of shares.
 The use of an independent registrar and share transfer agent.
o The independent registrar issues share in accordance with the provisions in the
articles of incorporation and as authorized by the board of directors.
o The share transfer agent maintains shareholder records (including changes in
ownership), adding independence to this process.

13.3Auditing Long-term debt

In determining the tests of details of balances for long-term debts such as bonds payable,
mortgage payable, notes payable, the auditor considers tolerable misstatement, inherent risk,
control risk, the results of tests of controls and substantive tests of transactions, and the results of
analytical procedures. Tolerable misstatement if often set at a low level because it is often
possible to completely audit the account balance or the transactions affecting the account
balance. Inherent risk is also typically set at a low level because it is usually easy to determine
the correct account value. Auditors are normally most concerned about the adequacy of
disclosures, such as collateral and covenant restrictions for notes payable.
Audit Objectives and Procedures

 The following assertions, audit objectives and audit procedures apply to long term debts:
1) Existence or Occurrence
 Audit Objectives
 To determine that long- term debts exist at year end.
 Audit Procedures
 Obtain an analysis of long term debt accounts and related interest,
premium and discount accounts.
 Review debt agreements and confirm with payees the principal amount
maturity date, interest rate, etc.
 Inspect bonds redeemed, retired or surrendered during the period.
2) Completeness
 To determine that all transactions relating to long-term debts are
properly recorded.
 Trace authorization for issuance of debtto credits to the long-term debt
account.
 Vouch borrowing and repayment transactions and review transactions
to supporting documents occurring near year-end.

3) Rights and Obligations

 To determine that long term debts represent valid obligation of the
entity.
 Review minutes of board of directors' meetings.
 Review payments and renewals after the statement of financial position
date.
4) Valuation or Allocation
 To determine that the long-term debts are recorded at the proper
amount.
 Recalculate interest expense and amortization of premium or discount
if any.
 Ascertain the amount of long-term debt maturing within one year.
5) Presentation and Disclosure
 To determine that long term debts are presented and disclosed in
accordance with PAS/PFRS.
 Send confirmation letters to financial institution to obtain information
about finance arrangement.
 Evaluate presentation in the financial statement of the long-term debt.
Examine classification of obligation as either secured or unsecured.
13.4Auditing Capital stock

The following are risks of fraud and error for owners’ equity and its related accounts:
 Misclassifying equity as debt, or misclassifications between current and long-term
equity.
 Recording equity transactions in the wrong period.
 Incorrect or inaccurate disclosure of terms or amounts.

 Equity issues or dividends that violate debt covenants.

 Backdating stock options.
 Paying dividends to wrong parties or at incorrect amounts.
 Deliberately misclassifying equity as revenue or other fraudulent manipulations
There are four main concerns in auditing share capital:
 Existing share capital transactions are recorded (completeness).
o If a registrar or transfer agent is used, the auditor confirms balances and
transactions with them.
 Recorded share capital transactions exist and are accurately recorded (occurrence and
accuracy).
o All share capital transactions are verified (e.g., due to mergers, issuance, or
repurchase) by looking for authorizations in the minutes of board of directors’
meetings and agreement with share transfer agent records (usingconfirmations or
physical inspection at their offices).
o Changes due to mergers and acquisitions will require inspection of relevant legal
documents and may require auditor specialist assistance on the audit team.
 Share capital is accurately recorded (accuracy).
o Confirmation with the share transfer agent will provide balances and details.
 Share capital is fully presented and clearly disclosed (completeness and
understandability.
13.5Auditing Dividends
 The emphasis in the audit of dividends is on the transactions rather than the ending
balance.
 The following are the most important objectives, including those concerning dividends
payable:
o Recorded dividends occurred (occurrence).
o Existing dividends are recorded (completeness).
o Dividends are accurately recorded (accuracy)
o Dividends that exist are paid to shareholders (existence).

o Dividends payable are recorded (completeness).

o Dividends payable are accurately recorded (accuracy).
 Existence of recorded dividends can be checked by examining the minutes of board of
directors’ meetings for the amount of the dividend per share and the dividend date.
 The accuracy of a dividend declaration can be audited by re-computing the amount on
thebasis of the dividend per share and the number of shares outstanding.
13.6Auditing Retained Earnings

 The starting point for the audit of retained earnings is an analysis of retained earnings
for the entire year.
 The audit of the credit to retained earnings for net income for the year (or the debit for a
loss) is accomplished by tracing the entry in retained earnings to the net earnings figure
on the income statement.
 Once the auditor is satisfied that the recorded transactions are appropriately classified as
retained earnings transactions, the next step is to decide whether they are accurately
recorded.
 Another important consideration in the audit of retained earnings is evaluating whether
there are any transactions that should have been included but were not.

1. Which of the following is a characteristic of the capital acquisition and repayment cycle?
a) A legal relationship exists between the client and holder
b) There are several transactions
c) An individual relationship exists between the interest and dividends accounts and debt
and equity
d) A single transaction is usually immaterial
2. Which of the following accounts is not part of the capital acquisition and repayment cycle?
a) Treasury stock
b) Contracts payable

c) Unearned revenue
d) Accrued interest
3. When reviewing controls over notes payable, an auditor should determine if:
a) There are proper documents and records
b) There is proper authorization for issuing of new notes
c) There are adequate controls over the repayment of principle and interest
d) All of the above
4. The usual starting point for an audit of notes payable is:
a) Inquiries to lenders
b) The recalculation of interest expense
c) A schedule of note payable
d) Confirmations to lenders
5. A publicly held corporation differs from a closely held corporation in that:
a) Publicly held corporations have few shareholders
b) Publicly held corporations have few transactions affecting the capital stock account
c) Publicly held corporations rarely pay dividends
6. The audit objective of existence for notes payable is tested by:
a) Tracing totals to the General Ledger
b) Footing the notes payable account
c) Tracing the notes payable to the master file
d) Examining board of directors minutes
7. Which of the following owner's equity activities usually requires the approval of the Board of
Directors?
b) Declaration of dividends
c) Recording of comprehensive income
d) Closing of books
e) All of the above
8. An independent registrar is a:
a) A document that is produced externally
b) A record of stockholders

c) A control to prevent the improper issue of stock certificates

9. The simplest way to verify the number of shares outstanding at the balance sheet date is:
a) A confirmation from the transfer agent
b) A confirmation from the board of director
c) A confirmation from all shareholders
10. An auditor can verify that the presentation and disclosure-related objectives for capitol stock
activities are satisfied by reviewing the :
a) Corporate Charter
b) Minutes of the board of directors
c) A and B only
d) Shareholder contracts

CHAPTER FOURTEEN
AUDIT OF CASH BALANCES
Introduction
Every business needs to maintain a certain amount of cash to use in settlement of its current
liabilities. In addition, some firms sell goods and services primarily in cash, so they may have
significant cash balances on hand from cash receipts. These cash balances may be aggregated
into a number of bank accounts, including the following:
 Checking account. This is the general account into which customer payments flow, and
from which payables payments aredisbursed.
 Branch account. A company may operate a separate bank account for each of its branch
locations, which is intended to takein and disburse funds related to local operations.
 Payroll account. This account receives funding for each successive payroll, which is
drawn down as employees cash theirpaychecks.
 Petty cash. This account is maintained internally (it is not a bankaccount), and contains a
small amount of cash for incidental cashpurchases.Savings account. A client may have a
separate bank account thatis only used for earning interest on excess funds.
The largest amount of transaction volume usually runs through the checking account. The payroll
account usually involves a lesser, though still substantial, number of transactions. The total
amount of petty cash held within a business at any given time is likely to be immaterial, though
the total amount of expenditures paid for by this means could bematerial. A client may have no
savings account at all, if it instead puts excess cash into marketable securities and other
investments.
The audit of cash is considered an important part of an audit mainly due to two reasons:
a) Almost all business transactions will be ultimately settled through the cash accounts,
the audit of cash accounts also assists in the verification of other asset and liability
accounts as well as revenue and expenses.
b) Cash is the highly liquid asset in a company and it is an area of high inherent risk

since there is a relatively high risk of misappropriation.
14. 1Cash in the Bank and transaction Cycles

Test of the bank reconciliation often identify these misstatements:
 Failure to include a check that has not cleared the bank on theoutstanding check list, even
though it has been recorded in the cash disbursements.
 Cash received by the client subsequent to the balance sheet datebut recorded as cash
receipts in the current year.
 Deposits recorded as cash receipts near the end of the year,deposited in the bank in the
same month, and included in thebank reconciliation as a deposit in transit.
 Payments on notes payable debited directly to the bank balanceby the bank but not
entered in the client’s records.
Reconciliations of cash most likely will not detect these misstatements:
 Failure to bill a customer.
 An embezzlement of cash by intercepting cash receipts from customers before theyare
recorded, with the account charged off as a bad debt.
 Duplicate payment of a vendor’s invoice.
 Improper payments of officers’ personal expenditures–Payment of raw materials that
were not received.
 Payment to an employee for more hours than he or she worked.
 Payment of interest to a related party for an amount in excess of the going rate.
14.2Audit of the General Cash Account

The auditor needs togain an understanding of the client’s controls over its cash. Given
theunusually high risk of fraud associated with cash, a client may need alarge number of
controls, including many of the controls noted in thefollowing bullet points. The auditor could
use a questionnaire to discussvarious aspects of cash controls with the client. The auditor may
alsowant to conduct tests of controls by tracing a selection of cash receiptsand disbursements
through the business, to see if controls were properlyapplied at each step in the relevant process.
A very cash-specific controlstest is to verify that the entire amount of cash receipts recorded for

aspecific day match the amount stated on the bank deposit slip for thesame day.
A. Accept Cash
 Open the mail and record cash receipts:Someone not otherwiseinvolved in the handling or
recordation of cash receipts opens themail, records all cash and checks received, and then
forwards thecash receipts to the cashier. To strengthen this control, two people should jointly
open the mail.
 Endorse for deposit only:The person opening the mail shouldalso immediately endorse all
checks received with a “For Deposit Only” stamp, preferably one that also lists the client’s
bank account number. This makes it much more difficult for someone toextract a check and
deposit it into some other account.
 Direct payments to lockbox:An excellent control is to set up alockbox at a bank, and direct
customers to send their paymentsdirectly to the bank. This eliminates all risk of cash or
checks being stolen from within the business.
 Record cash in cash register: The primary purpose of a cash register is as its name indicates
it registers the amount of cash received. It also prints a receipt for the customer and visually
displays the amount recorded. Therefore, when there is any reason-able expectation for a
large number of cash receipts, the clientshould always have a cash register available for
recording thetransactions.
 Record cash on pre-numbered receipts: In situations where relatively small quantities of
cash are anticipated, it may not becost-effective to operate a cash register. If so, record cash
received on pre-numbered receipts, and be sure to use the receiptsconsecutively. By doing so,
one can scan through the numberson the receipts to see if any receipts are missing. A missing
receipt indicates that cash has not been recorded.
 Give receipt to customer: If a customer is paying with cash,cashiers should give customers a
copy of the receipt. If the cashis recorded in a cash register, the amount printed on the
receiptwill match the amount punched into the register. If the cash isrecorded on pre-
numbered receipts, the form should be a two part form, so that the amount written on it by
the clerk is identical for the versions kept by the customer and the company.Handing over a
receipt is a reasonable control, since it meansthat the recipient might examine the receipt to
see if the amountrecorded matches what they paid.

 Match cash register cash to receipts: Once a sales clerk’s shifthas ended, a third party
should match the amount of receipts recorded by the register to the total amount of cash in
the register.This should be recorded on a signed reconciliation form.
B. Record Cash
 Apply cash at once: The cashier should apply cash to customeraccounts as soon as the
cash is received. Doing so means that thecash will then be shifted off the premises and
deposited, leavinglittle time for anyone to steal it.
 Apply cash based on check copies:This control can be appliedin two situations. If the
client is using a bank lockbox, the bankwill either mail copies of all checks and
remittance advices received to the client, or it will make them available on a websiteas
scanned images; in either case, the cashier uses these documents as the basis for cash
applications. In the second situation,the cashier photocopies all checks, thereby allowing
for the immediate deposit of the checks and a somewhat more leisurelyapplication of the
payments to outstanding receivables.
 Record undocumented receipts in a clearing account: One ofthe best ways to destroy
accounts receivable record accuracy isto apply cash receipts to receivables even when
there is no indication of the invoice numbers to which they should be applied.Instead,
these receipts should always be recorded into a clearingaccount for further review.
 Match documents:The cashier should match the initial list ofchecks generated by the
person opening the mail to the relatedcash receipts journal. This highlights cash that the
cashier maynot have applied to receivables, and will also spot any cash thatwas removed
between the mailroom and the cashier’s office.
C. Deposit Cash
 Deposit daily:If checks or cash are left on-site overnight, thereis an increased chance
that they may be stolen. To mitigate thisrisk, always deposit cash and checks at the end
of every businessday.
 Lock up cash during transport: Store all cash in a locked container while transporting it
to the bank for deposit. This is not agood control, since someone could steal the entire
container. Abetter approach for transporting large amounts of cash is to hirean armored
car company to transport the cash on behalf of thecompany.
 Match cash receipts journal to bank receipt:When funds aredeposited at the bank, the

bank clerk hands over a receipt for theamount deposited. The person transporting the
cash to the bankgives this receipt to the cashier, who compares it to the cash receipts
journal. If the numbers do not match, it may mean that theperson transporting the cash
removed some cash prior to the deposit, though it may also mean that either the cashier
or the bankincorrectly recorded the amount of cash.
 Match remote deposit capture report to cash receipts journal: If the client is using a
check scanner to convert checks to electronic images and deposit them remotely, the
scanning softwareshould generate a report that shows the images of all checksscanned.
Compare this report to the cash receipts journal to ensure that all checks were scanned
and accepted by the bank. Also, store a copy of the report as evidence of transmission to
thebank.
 Destroy scanned checks:If the client is using remote depositcapture to scan checks on-
site, the checks could still be incorrectly included in a normal deposit to the bank. To
avoid this, either destroy the scanned checks entirely or perforate or disfigurethem to
such an extent that they could not reasonably be deposited.
 PaymentSplit checks printing and signing: One person should preparechecks, and a
different person should sign them. By doing so,there is a cross-check on the issuance of
cash.
 Store all checks in a locked location:Unused check stock shouldalways be stored in a
locked location. Otherwise, checks can bestolen and fraudulently filled out and cashed.
This means thatany signature plates or stamps should also be stored in a lockedlocation.
 Secure check-printing equipment: Some printers are only usedfor check printing. If so,
keep them in a locked location so thatno one can print checks and have the integrated
signature plateautomatically sign the checks.
 Track the sequence of check numbers used:Maintain a log inwhich are listed the range
of check numbers used during a checkrun. This is useful for determining if any checks
in storage mightbe missing. This log should not be kept with the stored checks,since
someone could steal the log at the same time they stealchecks.
 Require manual check signing:A client can require that allchecks be signed. This is
actually a relatively weak control, sincefew check signers delve into why checks are
being issued, andrarely question the amounts paid. If a client chooses to use a signature

plate or stamp instead, it is much more important to havea strong purchase order system;
the purchasing staff becomes thede facto approvers of invoices by issuing purchase
orders earlierin the payables process flow.
 Require an additional check signer: If the amount of a check exceeds a certain amount,
require a second check signer. This control supposedly gives multiple senior-level
people the chance tostop making a payment. In reality, it is more likely to only intro-
duce another step into the payment process without reallystrengthening the control
environment.
 Lock up undistributed checks: If the client does not distributechecks at once, they
should be stored in a locked location. Otherwise, there is a risk of theft, with the person
stealing the checksmodifying them sufficiently to cash them.
 Initiate banking transactions from a dedicated computer: It ispossible for someone to
use keystroke logging software to detectthe user identification and password information
that a businessuses to authorize direct deposit and wire transfer information. Toreduce
the risk, set up a separate computer that is only used to initiate transactions with the
bank. This reduces the risk that key stroke logging software might be inadvertently
downloaded ontothe machine from an e-mail or other transaction.
 Pay from a separate account: There is a risk that someone coulduse an ACH
(Automated Clearing House -a type of electronic bank-to-bank payment) debit
transaction to move funds out of a client’sbank account. To reduce this risk, only shift
sufficient funds intoa checking account to cover the amount of outstanding checks,ACH
payments, and wire transfers that have not yet cleared thebank.
 Password-protect the direct deposit file: Some companies accumulate bank account
information for their supplier paymentsin a computer file, while others may access it
online in theirbank’s systems. In either case, the file should be password protected to
prevent tampering with the accounts.
 Different person verifies or approves wire transfers: When acompany authorizes a wire
transfer, one person issues the instructions to the bank, and a different person verifies or
approvesthe transaction.
D. Petty Cash
 Require a monthly petty cash funding review:There should notbe so much cash in the

petty cash box that it represents a serioustemptation for someone to steal it. Instead,
schedule a monthlyreview to see if more cash is needed, and set the petty cashamount to
a level that should have the remaining cash balancerunning low by about the time of the
review.
 Require receipts for all cash withdrawals: When employees request funds from petty
cash, they should always submit a receiptin exchange. This receipt may be a receipt
from a supplier whomthe employee has just paid out of his own pocket, or it may be
aform filled out by the employee, stating the purpose of the payout. The amount on the
receipt should always match the exactamount paid out, so that the sum of the cash and
the receipts inthe petty cash box at any time always equal the designated funding level
for the box.
 Employees sign for cash received: Whenever an employee takespetty cash, he or she
must sign a “Received of Petty Cash” form,which states the amount paid out. The petty
cash custodian thenstaples the receipt submitted by the employee to the Received
ofPetty Cash form. This information packet remains within the pet-ty cash box,
providing evidence that cash was paid out for a certain purpose and that a specific
person received the cash. It islater extracted and attached to a journal entry documenting
theuse of cash.
 Fill out receipts in ink:An employee could submit a receipt orReceived of Petty Cash
form in exchange for cash from the pettycash box, after which the petty cash custodian
could increase theamount on the receipt or form and remove the related amount ofextra
cash. To make it more difficult to alter receipts and formsin this way, require employees
to complete them in ink, not pencil.
 Reconcile petty cash: An essential step in petty cash processingis to periodically
reconcile the account. This involves adding upthe amount of cash and receipts in the
petty cash box, matchingit to the designated petty cash balance, and researching any
differences. Petty cash is an area in which errors are common, so aperiodic
reconciliation is needed to keep the petty cash recordsclose to reality.
1. Which of the following controls most likely would reduce the risk of diversion of

customer receipts by an entity’s employees?

a) A bank lockbox system.
b) Prenumbered remittance advices.
c) Monthly bank reconciliations.
d) Daily deposit of cash receipts.
2. Sound internal control dictates that immediately upon receiving checks from customers
by mail, a responsible employee should
a) Add the checks to the daily cash summary.
b) Verify that each check is supported by a pre numbered sales invoice.
c) Prepare a duplicate listing of checks received.
d) Record the checks in the cash receipts journal.
3. An auditor suspects that a client’s cashier is misappropriating cash receipts for personal
use by lapping customer checks received in the mail. In attempting touncover this
embezzlement scheme, the auditor most likely would compare the
a) Dates checks are deposited per bank statements with the dates remittance credits are
recorded.
b) Daily cash summaries with the sums of the cash receipts journal entries.
c) Individual bank deposit slips with the details of the monthly bank statements.
d) Dates uncollectible accounts are authorized to be written off with the dates the
write-offs are actually recorded.
4. Upon receipt of customers’ checks in the mailroom, a responsible employee should
prepare a remittance listing that is forwarded to the cashier. A Copy of the listing
should be sent to the
a) Internal auditor to investigate the listing for unusual transactions.
b) Treasurer to compare the listing with the monthly bank statement.
c) Accounts receivable bookkeeper to update the subsidiary accounts receivable records.
d) Entity’s bank to compare the listing with the cashier’s deposit slip.
5. In testing controls over cash disbursements, an auditor most likely would determine that
the person who signs checks also
a) Reviews the monthly bank reconciliation.
b) Returns the checks to accounts payable.

c) Is denied access to the supporting documents.

d) Is responsible for mailing the checks.
6. Which of the following misstatements will probably not be discovered as part of an audit of
the bank reconciliations?
a) Failure to include a check that has not cleared the bank on the outstanding check list,
even though it has been recorded in the cash disbursements journal
b) Duplicate payments of a vendor invoice
c) Cash received by the client subsequent to the balance sheet date but recorded as cash
receipts in the current year
d) Payment on notes payable debited directly to the bank by the bank but not entered in the
client's records
7. Which of the following is a typical imprest cash account?
a) General cash account
b) Petty cash account
c) Payroll account
d) B and C only
8. Which of the following is a cash equivalent?
a) Long term investment
b) Marketable securities
c) Certificates of deposit
d) B and C only
9. During the bank reconciliation process, an employee should perform the following steps :
a) Account for the numerical sequence of checks
b) Examine outstanding checks for signatures, endorsements and cancellations
c) Review month-end interbank transfers
d) A and C only
10. The counting of cash on the last day of the year and subsequently tracing the cash to deposits
in transit and the cash receipts journal relates to which audit objective for cash?
a) Detail-tie-in b) Accuracy c) Completeness d) Cutoff
11. Banks are _________ for searching their records for bank balances or loans beyond those
included on the standard bank confirmation form.

a) Required b) Not required c) Responsible d) Not responsible

12. Which of the following procedures may uncover fraud in the cash receipts area?
a) Tests to detect lapping
b) Analytical
c) Aging of receipts
13. An auditor performs a proof of cash to verify that:
a) All deposits in the bank were recorded in the accounting records
b) All amounts that were paid by the bank were recorded
c) All recorded cash receipts were deposited
d) All recorded cash disbursements were paid by the bank
e) All of the above
14. _____________ is the transferring of money from one bank to another and incorrectly
recording the transaction.
a) Frauding b) Dating c) Kiting d) Flipping
15. If internal control is properly designed, the same employee should not be permitted to
a) Sign checks and cancel supporting documents.
b) Receive merchandise and prepare a receiving report.
c) Prepare disbursement vouchers and sign checks.
d) Initiate a request to order merchandise and approve merchandise received.
16. Failure to detect material dollar errors in the financial statements is a risk which theauditor
primarily mitigates by
a) Performing substantive tests.
b) Performing tests of controls.
c) Assessing internal control.
d) Obtaining a client representation letter.

CHAPTER FIFTEEN
COMPLETING THE AUDIT
15.1Review of Contingent Liabilities and Commitments

Contingency is an existing condition, situation, or set of circumstances involving uncertainty as
to possible gain (gain contingency) or loss (loss contingency) to an entity that will ultimately be
resolved when one or more future events occur or fail to occur.The following sections discuss the
disclosure considerations for loss and gain contingencies as provided by ASC 450.
Loss contingencies
There are three separate potential recognition, presentation and disclosure outcomes with regard
to loss contingencies. Depending on the facts and circumstances, loss contingencies may require
a reporting entity to:
1. Accrue a liability and disclose the nature of the contingency
2. Disclose the loss contingency, but not accrue a liability
3. Neither accrues nor disclose.
Accrual and disclosure required
A loss contingency should be accrued if it is both (1) probable and (2) reasonably
estimable.Reporting entities should evaluate any information available prior to issuance of the
financial statements to determine whether a loss contingency is probable at the balance sheet
date. Events giving rise to new information often occur in the period between the balance sheet
date and financial statement issuance. However, it is important to distinguish between events that
provide additional information with respect to conditions that existed at the balance sheet date
and events that provide information with respect to conditions that did not exist at the balance
sheet date.

It is not appropriate to accrue a liability at the balance sheet date for a loss contingency related to
a condition that did not exist at the balance sheet date. The amount of a contingent liability
should be estimated and evaluated independent from any claim for recovery.
Discounting the accrued liability

Accrued liabilities for contingencies are generally not discounted. However, discounting a
liability is acceptable when the aggregate amount of the liability and the timing of cash payments
for the liability are fixed or reliably determinable. For example, this may occur when a large
volume of relatively small claims have a highly predictable settlement pattern (e.g., workers
compensation claims).
Accounting and disclosures relating to loss contingencies specifies that the discount rate used
should produce an amount at which the liability could be settled in an arm's length transaction
with a third party.
The discount rate used should not exceed the interest rate on monetary assets that are essentially
risk-free and have maturities comparable to that of the liability. In many instances, it is difficult
in practice to determine the discount rate that would result from an insurance company or other
third party settlement/transfer transaction. The insurance company or third party would expect to
be compensated for the risks assumed along with a profit; therefore, the rate to assume the
liability is generally less than the risk-free rate. However, because these settlement rates are often
not determinable, practice has gravitated toward using the risk-free rate of monetary assets that
have comparable maturities. We believe the guidance on discounting should apply to all
contingent liabilities, and to private and public companies.
15.1 Review of Subsequent Events

In almost all circumstances, financial statements will not be finalized until a period of time has
elapsed between the year-end date and the date on which the financial statements are (expected
to be) issued. Therefore, regard has to be given to events that occur between the reporting date
and the date on which the financial statements are (expected to be) authorized for issue.
IAS 10, Events After the Reporting Period stipulates the accounting and disclosure requirements

concerning transactions and events that occur between the reporting date and the (expected) date
of approval of the financial statements. Among other things, IAS 10 determines when an event
that occurs after the reporting date will result in the financial statements being adjusted, or where
such events merely require disclosure within the financial statements. Such events are referred
to in IAS 10 as ‘adjusting’ or ‘non-adjusting’ events.
An event after the reporting period that provides further evidence of conditions that existed at the
end of the reporting period, including an event that indicates that the going concern assumption
in relation to the whole or part of the enterprise is not appropriate.
15.2Communication with the Audit Committee and Management

The auditor should discuss with the audit committee any significant issues that the auditor
discussed with management in connection with the appointment or retention of the auditor,
including significant discussions regarding the application of accounting principles and auditing
standards.
The auditor should establish an understanding of the terms of the audit engagement with the
audit committee. This understanding includes communicating to the audit committee the
following:
 The objective of the audit;
 The responsibilities of the auditor; and
 The responsibilities of management.
The auditor should record the understanding of the terms of the audit engagement in an
engagement letter and provide the engagement letter to the audit committee annually. The
auditor should have the engagement letter executed by the appropriate party or parties on behalf
of the company
If the appropriate party or parties are other than the audit committee, or its chair on behalf of the
audit committee, the auditor should determine that the audit committee has acknowledged and
agreed to the terms of the engagement.

The auditor should inquire of the audit committee about whether it is aware of matters relevant to
the audit, including, but not limited to, violations or possible violations of laws or
regulations.The auditor should communicate to the audit committee an overview of the overall
audit strategy, including the timing of the audit, and discuss with the audit committee the
significant risks identified during the auditor's risk assessment procedures.This overview is
intended to provide information about the audit, but not specific details that would compromise
the effectiveness of the audit procedures.
15.2Management Letter
Management Letter means a letter prepared by the auditor which discusses findings and
recommendations for improvements in internal control that were identified during the audit and
were not required to be included in the auditor's report on internal control, and other
management issues.
In an audit of financial statements, professional standards require that auditors obtain an

understanding of internal controls to the extent necessary to plan the audit. Auditors use this
understanding of internal controls to assess the risk of material misstatement of the financial
statements and to design appropriate audit procedures to minimize that risk.
The definition of good internal controls is that they allow errors and other misstatements to be
prevented or detected and corrected by (the nonprofit’s) employees in the normal course of
performing their duties. If the auditors detect an unexpected material misstatement during your
audit, it could indicate that your internal controls are not functioning properly. Conversely, lack
of an actual misstatement doesn’t necessarily mean that your internal controls are working. As
long as there’s a reasonable possibility for material misstatement of account balances or
financial statement disclosures, your internal controls are considered to be deficient.
Auditors evaluate each internal control deficiency noted during the audit to determine whether
the deficiency, or a combination of deficiencies, is severe enough to be considered a material
weakness or significant deficiency. In assessing the deficiency, auditors consider the magnitude
of potential misstatements of your financial statements as well as the likelihood that internal

controls would not prevent or detect and correct the misstatements. One common example of a
deficiency in internal control that’s severe enough to be considered a material weakness or
significant deficiency is when an organization lacks the knowledge and training to prepare its
own financial statements, including footnote disclosures.
Deficiencies in internal control deemed to be either significant deficiencies or material

weaknesses must be communicated in writing to management or those charged with
governance, even if they were corrected during the audit. Management and those charged with
governance of the nonprofit are responsible for evaluating the costs and benefits of correcting a
deficiency. Failure to take corrective action does not constitute a (separate) significant
deficiency or material weakness unless the “organization” lacks a reasonable explanation for the
decision. For example, nonprofits that lack the ability to prepare their own financial statements
often find it cost prohibitive to remedy the deficiency by training current employees or by
hiring additional employees or another service provider to prepare them. Nonprofits may opt to
document their explanation via a Management Response in the written communication.
Regardless of the explanation, material weaknesses and significant deficiencies that are not
remediated must continue to be communicated in writing until the deficiency is corrected.
Other internal control deficiencies identified during the audit that are not considered severe
enough to be significant deficiencies or material weaknesses need not be communicated in
writing. If auditors determine the deficiencies are important enough to merit management’s
attention, they may choose to orally communicate them. Unlike material weaknesses and
significant deficiencies, once the other internal control deficiencies are communicated to
management, auditors are not required to repeat them, even if the deficiencies have not been
remediated.
Auditors may choose to include the other internal control deficiencies in written communication
for various reasons. It can be a way to ensure that all appropriate parties are aware of a
deficiency and have the opportunity to address it. Written communication also serves as a
reference document for management in its ongoing evaluation of the nonprofit’s internal
controls.

Other internal control deficiencies, such as failure to consistently maintain proper supporting
documentation for expenses, may become significant deficiencies if not corrected by
management. This depends, in part, on the pervasiveness of the deficiency. Auditors may
include such other internal control deficiencies in their annual written communications to
prompt continued monitoring by management or those charged with governance.
During the course of an audit, the auditors might also identify other matters that aren’t
considered deficiencies in internal control, but are opportunities for strengthening procedures
and/or operating deficiencies. There is no requirement for the auditors to communicate other
matters in writing, although this is sometimes done as a value-added service to the organization.
While it may often feel as if the auditors have examined your organization’s internal controls
with a magnifying glass, it’s important to note that their consideration of internal control over
financial statement reporting is not conducted for the purpose of identifying all deficiencies in
internal control that might be material weaknesses or significant deficiencies, or for the purpose
of expressing an opinion on your internal controls. Material weaknesses or significant
deficiencies may exist that were not identified during the audit, and auditors are required to
disclose this in their written communication.
It’s sometimes difficult to perceive the auditors’ written communication, commonly referred to
as a Management Letter, as anything other than a black mark on an otherwise clean audit report.
But it may help to understand its purpose. The Management Letter is intended to provide
management and those charged with governance with valuable information regarding their
organization. Used properly, the Management Letter can be a beneficial tool for assisting
management or those charged with governance in fulfilling their responsibilities.


1. Which of the following statements offers the BEST explanation of contingent liabilities?
a) Contingent liabilities are obligations that have already occurred but do not need to be
included on the balance sheet.
b) Contingent liabilities are obligations that have a low probability of occurring and must be
listed on the income statement.
c) Contingent liabilities are obligations that are included on the income statement.
d) Contingent liabilities are obligations that have a high probability of occurring and must
be listed on the balance sheet.
2. How can product recalls be a contingent liability?
a) They can be a contingent liability if there is a low probability of the products being
recalled.
b) They can be a contingent liability if there is a high probability of the products working to
the satisfaction of the customer.
c) They can be a contingent liability if there is a high probability of the products being
recalled.
d) They can be a contingent liability if there is a tax benefit to the company recalling the
product.

CHAPTER SIXTEEN
AUDITING COMPUTERIZED ACCOUNTING SYSTEMS: AN OVERVIEW
Introduction
The effectiveness of an information system’s controls is evaluated through an information
systems audit. An audit aims to establish whether information systems are safeguarding
corporate assets, maintaining the integrity of stored and communicated data, supporting
corporate objectives effectively, and operating efficiently. It is a part of a more general financial
audit that verifies an organization’s accounting records and financial statements. Information
systems are designed so that every financial transaction can be traced. In other words, an audit
trail must exist that can establish where each transaction originated and how it was processed.
Aside from financial audits, operational audits are used to evaluate the effectiveness and
efficiency of information systems operations, and technological audits verify that information
technologies are appropriately chosen, configured, and implemented.
16.1Impact of Information Technology on the Audit Process

Information technology affects the reduction of audit risk through electronic data processing and
electronic auditing, which helps auditors reduce the likelihood of errors in audit work and
increase the probability of discovery, which in turn leads to a reduction in audit risk.Most errors
in data processed by computerized information systems can be traced to errors made when the
data was being input into the system. Controls over input fulfill the following objectives.
4. Completeness of input: This ensures that all transactions that took place
have been processed.
5. Accuracy:This ensures that the recorded transactions have been captured
accurately.
6. Validity:This ensures that only valid or genuine transactions appropriately
authorized have been recorded. It also ensures credibility and reliability of
recorded transactions

16.2Controls in a computerized environment

To mitigate the risks occasioned by the features of a computerized information system, the
management should design internal controls over the system. These controls are mainly
classified into general controls and application controls.
A) General controls
These relate to the environment within which the computer based systems are developed,
maintained and operated aimed at providing reasonable assurance that the overall objectives of
internal controls are achieved e.g. completeness, accuracy and validity of financial information.
The objective of the general controls is to ensure the proper development and implementation of
applications and the integrity of program files and information. These controls could either
be manual or programmed and are classified into:
 System development controls:These relate to controls that must be exercised by
the client when developing new systems or modifying existing systems. The controls
that can be exercised during systems development can be discussed in the following
groupings
 Access controls:The success of computerized information systems is largely
dependent on the accuracy, validity and credibility of the data processed by the
system. Access controls to computer hardware, software and data files is therefore vital.
Access controls provide assurance that only authorized individuals use the system
and that the usage is for authorized purposes only. Access may be restricted to
specified persons, files, functions or computer devices. This can be achieved using
both physical and programmed controls. Examples of access controls include
o Physical restriction of access to computer facilities to specified persons
only e.g. fileservers should be maintained in a secure location where access is
granted to only specified persons.
o Controls over computers stored in the user department could be improved by
making sure that vital data on programs are not left running when the computer
is left unattended
o Passwords should be used by all staff when accessing computer facilities.
 Computer operations and other controls: The organization should have a

reconstruction or disaster recovery plan that will allow it to regenerate important

programs and data files in case of disasters or accidental destructions. The recovery plan
should create back up or duplicate copies of important data files and programs which
should be stored off site. The recovery plan should also be tested on regular basis to
ensure that it indeed works.
16.2Computer assisted techniques (CAATS) in gathering audit evidence

Computer Assisted Audit Technique is the implementation of taking audit evidence material
using a computer, an audit is carried out using a computer or software to support the
implementation of the examination. Audit techniques are methods used by auditors to collect
audit evidence.There are two broad categories of CAAT such as audit software and test data.
A) Audit software
Audit software is used to interrogate a client's system. It can be either packaged, off-the-shelf
software or it can be purpose written to work on a client's system. The main advantage of these
programs is that they can be used to scrutinize large volumes of data, which it would be
inefficient to do manually. The programs can then present the results so that they can be
investigated further.
Specific procedures they can perform include:

 Extracting samples according to specified criteria, such as:
o Random;
o Over a certain amount;
o Below a certain amount;
o At certain dates.
 Calculating ratios and select indicators that fail to meet certain pre-defined criteria (i.e.
benchmarking);
 Check arithmetical accuracy (for example additions);
 Preparing reports (budget vs actual);
 Stratification of data (such as invoices by customer or age);
 Produce letters to send out to customers and suppliers; and

 Tracing transactions through the computerized system.

These procedures can simplify the auditor's task by selecting samples for testing, identifying
risk areas and by performing certain substantive procedures. The software does not, however,
replace the need for the auditor's own procedures.
B) Test data
Test data involves the auditor submitting 'dummy' data into the client's system to ensure that the
system correctly processes it and that it prevents or detects and corrects misstatements. The
objective of this is to test the operation of application controls within the system.
To be successful test data should include both data with errors built into it and data without
errors. Examples of errors include:
 Codes that do not exist, e.g. customer, supplier and employee;
 Transactions above pre-determined limits, e.g. salaries above contracted amounts, credit
above limits agreed with customer;
 Invoices with arithmetical errors; and
 Submitting data with incorrect batch control totals.
Data maybe processed during a normal operational cycle ('live' test data) or during a special run
at a point in time outside the normal operational cycle ('dead' test data). Both has their
advantages and disadvantages:
 Live tests could interfere with the operation of the system or corrupt master files/standing
data;
 Dead testing avoids this scenario but only gives assurance that the system works when
not operating live. This may not be reflective of the strains the system is put under in
normal conditions.
Advantages of CAATs
CAATs allow the auditor to:
 Independently access the data stored on a computer system without dependence on the
client;
 Test the reliability of client software, i.e. the IT application controls (the results of which
can then be used to assess control risk and design further audit procedures);

 Increase the accuracy of audit tests; and

 Perform audit tests more efficiently, which in the long-term will result in a more cost
effective audit.
Disadvantages of CAATs
 CAATs can be expensive and time consuming to set up, the software must either be
purchased or designed (in which case specialist IT staff will be needed);
 Client permission and cooperation may be difficult to obtain;
 Potential incompatibility with the client's computer system;
 The audit team may not have sufficient IT skills and knowledge to create the complex
data extracts and programming required;
 The audit team may not have the knowledge or training needed to understand the results
of the CAATs; and
 Data may be corrupted or lost during the application of CAATs.
Other techniques
There are other forms of CAAT that are becoming increasingly common as computer
technology develops, although the cost and sophistication involved currently limits their use to
the larger accountancy firms with greater resources. These include:
 Integrated test facilities - this involves the creation of dummy ledgers and records to
which test data can be sent. This enables more frequent and efficient test data procedures
to be performed live and the information can simply be ignored by the client when
printing out their internal records; and
 Embedded audit software - this requires a purpose written audit program to be
embedded into the client's accounting system. The program will be designed to perform
certain tasks (similar to audit software) with the advantage that it can be turned on and off
at the auditor's wish throughout the accounting year. This will allow the auditor to gather
information on certain transactions (perhaps material ones) for later testing and will also
 Identify peculiarities that require attention during the final audit.


1. What are the features of computerized accounting software?
a) Storage of accounting data and online input
b) Instantly produces different reports
c) Group different account
d) All of the above
2. If an organization wants to develop a computerized accounting system according to its need
as the business of the organization is complex. Which software should opt for?
a) Ready to use software
b) Customized software
c) Tailor-made software
d) All of the above
3. The ________of a vendor is also an important factor to consider while opting for
computerized accounting software.
a) Level of profit b) Honesty c) Capability d) None of the above
4. What are the factors to be considered while using source accounting software?
a) Flexibility b) Adaptability c) Interest in management d) Both a and b
5. What are the advantages of tailor-made software?
a) These are ready-made software
b) Low cost
c) High secrecy of data
6. What are not advantages of a computerized accounting system?
a) High speed
b) High reliability
c) Reduced training cost
7. What are the features of a computerized accounting system?
a) It facilitates off-line input and storage of accounting data
b) This system never fails

c) It generates a print-out of purchase and sale invoices

8. Which among these is not an example of system utility software?
a) Anti-virus utility to scan a computer for viruses
b) Microsoft-office package
c) Disk compression utility to compress contents of a disk for increasing the capacity of a
disk
d) Disk partitioning to divide a single drive into multiple logical drives
9. An accounting information system processes financial transactions and events based on
_______.
a) Governing principles
b) Management principles
c) Accepted principles
d) Generally accepted accounting principles
10. The data storage system which remains hidden from the user and responds to the requirement
of the user to the extent the user is authorized to access is known as _____.
a) Back-end database
b) Front-end database
c) Data processing
d) Reporting system
11. The criterion fulfilled by an effective accounting report is __________.
a) Relevance, Timeliness, Accuracy, Completeness, and Summarization
b) Relevance, Timeliness, Accuracy, Completeness, and Globalization
c) Relevance, Legibility, Speed, Automation
d) Reliability, Accuracy, Scalability, Efficiency, and Quality
12. Which among these cannot be treated as a limitation of a computerized accounting system?
a) Security breach
b) Staff opposition
c) Automated document production
d) Cost of training

13. When any manual accounting system is transformed into a computerized accounting system,
what do the employees of an organization undertake?
a) Resist the change
b) Accept the change
c) Do nothing
d) Take training
14. Accounting furnishes data on
a) Income and cost for the managers
b) Financial conditions of the institutions
c) Company’s tax liability for a particular year
d) All the above
15. Long term assets having no physical existence but, possessing a value are called
a) Intangible assets
b) Fixed assets
c) Current assets
d) Investments
16. The assets that can be easily converted into cash within a short period, i.e., 1 year or less are
known as
a) Current assets
b) Fixed assets
c) Intangible assets
d) Investments
17. The debts which are to be repaid within a short period (a year or less) are referred to as,
a) Current Liabilities
b) Fixed liabilities
c) Contingent liabilities
d) All the above
18. Accounting provides information on
a) Cost and income for managers
b) Company’s tax liability for a particular year
c) Financial conditions of an institution

d) All of the above

19. The following is not a type of liability
a) Short term b) Current c) Fixed d) Contingent
20. The basic sequence in the accounting process can best be described as:
a) Transaction, journal entry, source document, ledger account, trial balance.
b) Source document, transaction, ledger account, journal entry, trial balance.
c) Transaction, source document, journal entry, trial balance, ledger account.
d) Transaction, source document, journal entry, ledger account, trial balance.

Text and reference books

 Arens, Elder and Beasley (2016) Auditing and Assurance Service, Global Edition, 16th
Edition.
 Hayes R., Wallage P., and Gortemake H., (2014) Principles of Auditing: An
Introduction to International Standards on Auditing, 3rd Edition.
 Leung P., Coram P. (2015) Modern Auditing and Assurance Services, 6th Edition,
Wiley.
 Messier. Glover, Prawitt. (2016) Auditing & Assurance Services, 9th Edition, with ACL
software McGraw- Hill.
 Louwers, T. Ramsay, (2012). Auditing & Assurance Services (5th ed.). Boston, MA:
McGraw‐Hill.
 R. Whittington and K. Pany; (2014) Principles of Auditing & Other Assurance Services
19th Edition, McGraw-Hill Irwin.
 Timothy Louwers, Robert Ramsey, et. al., 2008 ) (Auditing and Assurance Services (3rd
ed.). Irwin McGraw-Hill,

@4 Auditing and Assurance Services - WSU

Uploaded by

Copyright:

Available Formats

@4 Auditing and Assurance Services - WSU

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

@4 Auditing and Assurance Services - WSU

Uploaded by

Copyright:

Available Formats

Auditing and Assurance Services Module Courses: Auditing Principles and Practices I& II

WOLAITA SODO UNIVERSITY

Module name: Auditing and Assurance Services

Megabit 2015E.C (March, 2023)

WSU CoBE department of Accounting & Finance Megabit 2015E.C i

Course Objectives & Core Competences to be acquired

WSU CoBE department of Accounting & Finance Megabit 2015E.C i

WSU CoBE department of Accounting & Finance Megabit 2015E.C ii

CHAPTER SEVEN .................................................................................................................................... 36

WSU CoBE department of Accounting & Finance Megabit 2015E.C iii

CHAPTER FOURTEEN ............................................................................................................................ 94

WSU CoBE department of Accounting & Finance Megabit 2015E.C iv

THE NATURE, PURPOSE, SCOPE OF AUDIT AND ASSURANCE SERVICES

1.2. Assurance Services: Overview

Assurance focuses on analyzing the processes, controls, and operations of an organization. It

CPA will be hired to provide an assessment of a business’s procedures surrounding the

1.3. Why Audits are conducted

WSU CoBE department of Accounting & Finance Megabit 2015E.C 2

Check Your Progress Exercise – 1

1.4. Types of Audit and Auditors

An external auditor is a third-party consultant who independently reviews a company's

WSU CoBE department of Accounting & Finance Megabit 2015E.C 3

Auditing in Ethiopia could be viewed in five main areas.

Check you Progress Exercise – 2

WSU CoBE department of Accounting & Finance Megabit 2015E.C 4

Check Your Progress Exercise – 3

Part I. Short Answer

WSU CoBE department of Accounting & Finance Megabit 2015E.C 5

5. Which of the following criteria is unique to the auditor’s function?

WSU CoBE department of Accounting & Finance Megabit 2015E.C 6

THE AUDITING PROFESSION

2.1.The Regulatory Framework of Governing Auditing

industry in which the organization operates.

WSU CoBE department of Accounting & Finance Megabit 2015E.C 7

that do not have a well-established national regulatory framework. This contributes

2.2. International Standards on Auditing (ISA)

List of the Standards

The key standards issued by the ISA include:

WSU CoBE department of Accounting & Finance Megabit 2015E.C 8

addressed by that ISA.

 Analyzing the comparability of national accounting as well as auditing standards with

2.3. Professional Ethics: Fundamental Principles, Threats and Safeguards

WSU CoBE department of Accounting & Finance Megabit 2015E.C 9

WSU CoBE department of Accounting & Finance Megabit 2015E.C 10

Rules-based and principles-based approaches to ethical conflicts

WSU CoBE department of Accounting & Finance Megabit 2015E.C 11

Check Your Progress Exercise – 1

2.4.Legal Liability of Auditors

WSU CoBE department of Accounting & Finance Megabit 2015E.C 12

Sources of Legal Liability for an Auditor

WSU CoBE department of Accounting & Finance Megabit 2015E.C 13

MATERIALITY AND RISK ASSESSMENT

3.1. Audit Risk

Risk assessment procedures

WSU CoBE department of Accounting & Finance Megabit 2015E.C 14

The auditors’ responsibility is to determine whether financial statements are materially

WSU CoBE department of Accounting & Finance Megabit 2015E.C 15

b) Materiality at the Account Balance Level

WSU CoBE department of Accounting & Finance Megabit 2015E.C 16

financial statements taken as a whole