Audit procedure

Dr. Antonella Russo

AUDIT PROCEDURES RESPONSIVE TO THE ASSESSED
RISKS OF MATERIAL MISSTATEMENT

The auditor must design and perform further audit

procedures in order to obtain audit evidence whose
nature, timing and extent are based on, and are
responsive to, the assessed risks.
 The nature of an audit procedure refers to its purpose (that
is, test of controls or substantive procedure) and its type
(that is, inspection, observation, inquiry, confirmation,
recalculation, re-performance or analytical procedure).
 Timing of an audit procedure refers to when it is performed,
or the period or date to which the audit evidence applies.
 Extent of an audit procedure refers to the quantity to be
performed, for example, a sample size or the number of
observations of a control activity.
NATURE OF THE AUDIT PROCEDURE

 Tests of controls;
 Substantive tests of transactions;

 Analytical procedures;
 Tests of details of balances;
 Search for unrecorded liabilities
TEST OF CONTROL

 Test of controls are audit procedures

designed to evaluate the operating
effectiveness of controls in preventing, or
detecting and correcting, material
misstatements at the assertion level.
 The greater the reliance the auditor
places on the effectiveness of a control,
the more persuasive the audit evidence
the auditor must obtain. – ISA 330
METHODS FOR OBTAINING CONTROLS AUDIT
EVIDENCE

Risk assessment procedures to obtain audit

evidence about the design and
implementation of relevant controls may
include:
a. Inquiring of entity personnel
b. Observing and re-performing the application
of a specific control
c. Inspecting documents and reports
d. Tracing transactions through the information
system.
PRELIMINARY ASSESSMENT OF CONTROL RISK

 Consider the results of previous audits that

involved evaluating the operating
effectiveness of internal control.
 Discuss the possibility of audit risk with audit
firm personnel.
 Interview entity personnel to find evidence of
management’s commitment to the design,
implementation and maintenance of sound
internal control.
 Knowledge of the industry and the
environment.
TOOLS AND TECHNIQUES
As part of the planning process the auditor should
document the client’s system (if it’s the first audit) or
review and amend system documentation
appropriately

There are two main tools for this

 Flow charts
 Internal control questionnaires ICQs

 Test of control
FLOW CHARTS
Flow charts are a pictorial representation of a
client’s system using standardised symbols

They should chart document flows

Advantages
Easy to see flow of documents
Relatively straightforward to update

Disadvantages
Can be complex to draw
Need to be supported with narrative
notes
INTERNAL CONTROL QUESTIONNAIRES
These are simple questionnaires designed to elicit
information about the system.

They are used to ascertain and record the client’s

system

They are asking the Who? What? How? When? type

questions and require descriptive answers.

They supplement flow charts and narrative notes

which, combined, can be the first indications of
possible systems weaknesses.
WALK THROUGH TESTS

Once the client’s system has been

documented the auditor will ‘walk through’
it.

This means the auditor will test a very low

number of transactions – say two or three to
ensure that a control or procedure which is
supposed to exist or operate actually does.
TESTS OF CONTROLS

These are tests of control procedures rather than

detailed tests of individual transactions or balances.

The auditor will look for evidence that control

procedures are operating satisfactorily and can be
relied upon.

This is known as compliance testing.

TESTS OF CONTROLS
 Testsof controls include looking for
evidence of such things as
authorisation procedures

maintenance of control accounts

reconciliations

checks of arithmetical accuracy

comparison of stock or cash counts

with accounting records
 restricted access to assets and
records, etc.
TESTS OF CONTROLS
Auditors will not be able to rely on controls if they find
errors in their control testing unless they can satisfy
themselves that the exception is an isolated departure
(e.g., an error was made on a day a temporary clerk was
employed).

Where exceptions found are unacceptably high, control

risk will need to be reassessed i.e. the internal control
system cannot be relied upon to the extent originally
envisaged.
REVENUES SYSTEM
 SALES
Control objectives
 Sales made in accordance with company objectives

 Customer orders are authorised, controlled and

recorded and are completed promptly and fully
 Goods and services supplied are invoiced

 Goods returned and claims are recorded so as to

determine any liability
 To ensure that all sales revenues are included in the
accounting records accurately
 Ensure all sales are paid for and to minimise losses
through bad debts and/or returns
SUGGESTED ICQ QUESTIONS FOR SALES
 Are all sales orders signed by the credit controller as
an indication that credit approval has been given?
 Are all sales orders signed or initialled by an
authorised person as an indication that the order is
accepted?
 Are sequentially numbered despatch noted prepared
from sales orders, are details independently checked,
and is the sequence checked for missing despatch
notes?
 Are despatch note numbers evidenced on all sales
orders?
 Are stock items selected for all orders independently
checked to the despatch note details, and are all
despatch notes signed by both the preparer and
checker?
SUGGESTED ICQ QUESTIONS FOR SALES
 Are goods being despatched checked at the gate
against details on the authorised despatch note?

 Is the customer’s signature obtained on the proof of

delivery copy of the despatch note as evidence of
delivery?

 Are all sequentially numbered sales invoices prepared

for all despatch notes, is the sequence checked for
missing invoices, and are invoice details
independently agreed:
 For calculations?
 To sales orders?
 To despatch notes?
SUGGESTED ICQ QUESTIONS FOR
SALES

 Are sales invoice numbers evidenced on

all despatch notes?

 Isthere proper segregation of duties

between those responsible for the
following functions:
 The preparation of sales orders?
 The authorisation of sales orders?
 The custody and despatch of goods?
 The preparation of sales invoices?
ICEQ QUESTIONS FOR SALES
 Can goods be sold without proper authorisation?
 Can goods be despatched without being invoiced?
 Can goods be invoiced without being recorded at the
correct amounts?
 Can debtors accounts be improperly credited?
 Can debts go uncollected?
 Can cash and cheques be received but not be properly
recorded?
 Can debtors be shown in the financial statements at
amounts which are over or understated?
 TESTS OF CONTROLS
Sales orders
 Sequence check

 Evidence of approval from credit control

Despatch Notes
 Sequence check

 Customer signs for delivery – check

signed delivery notes
 Evidence of match to sales
invoice/customer order
 TESTS OF CONTROLS
Sales invoices
Test for sequence/numbering
Evidence of
 matching to despatch note and order

 checking of additions and calculations

 account coding

 initialling for work done

 approval for processing

 TESTS OF CONTROLS
Credit notes
 Evidence of goods returned from customer

 Note reason why goods returned

Sales ledger
 evidence of reconciliation to control
account
 evidence of statements sent to customers

 evidence of authorisation for adjustments

 SIGNIFICANT DEFICIENCIES IN
INTERNAL CONTROL
ISA 265 – Communicating deficiencies in internal control to those
charged with governance and management

A formal letter addressed to the management by the external

auditors following the completion of the audit work.
Include details of
 Controls are not able to detect misstatements in financial
reporting because they are not working properly

 Controls which are missing

It is a courtesy to management to agree the content of any such letter
with them before it is issued. It also helps the auditor to avoid any
errors of fact or principle!
 SIGNIFICANT DEFICIENCIES
Include :
Description of deficiency

Effect of deficiency

Purpose of audit – not to redesign financial

systems
Only items identified during audit – not every
possible problem

Also report to management (as opposed to directors)

same weaknesses plus other which were less significant
but which they ought to know about.
Reports must be made on a timely basis so after each
phase of the audit is usual
 SUBSTANTIVE PROCEDURES
Defined
A substantive procedure is an audit procedure
designed to detect material misstatements at the
assertion level.
Two types – (1) tests of details of classes of
transactions, account balances and disclosures and
(2) substantive analytical procedures.
 NATURE OF SUBSTANTIVE PROCEDURES
 Tests of details of transactions are audit
procedures related to examining the
processing of particular classes of
transactions through the accounting
systems.
 Tests of balances are substantive tests that
provide either reasonable assurance of the
validity of a general ledger balance or
identifies a misstatement in the account.
 Analytical procedures.
 TESTS OF BALANCES
• Tests of balances are used to examine the actual
details making up high turnover accounts such as
cash, accounts receivable, accounts payable, etc.
Why is tests of balances so important?
• Because the auditor’s ultimate objective is to
express an opinion on financial statements that
are made up of account balances.
TESTS OF BALANCES (CONTINUED)
In tests of balances the auditor is concerned
with overstatement or understatement of the
line item in the financial statement.
• Test makes use of the inherent properties of
double-entry accounting systems.
• From the auditor’s perspective, this means that
a test of one side of the transaction
simultaneously tests the other side of the
transactions.
SEARCH FOR UNRECORDED LIABILITIES

 A substantive test usually performed on accounts

payable is a search for unrecorded liabilities. This
test provides evidence as a completeness and some
evidence as to valuation.
 To search for unrecorded liabilities, the auditor
reviews disbursements made by the client for a
period after the balance sheet date.
 Due to pressure from vendors, most unrecorded
accounts payable are paid within a reasonable time
after the balance sheet date. By reviewing cash
disbursements subsequent to the balance sheet date,
the auditor has a good idea of the potential
population of unrecorded accounts payable.
 ANALYTICAL PROCEDURES
 Analytical procedures (AP) are evaluations
of financial information through analysis of
plausible relationships among both financial
and non-financial data.
 AP encompass such investigation as
necessary of identified fluctuations or
relationships that differ from expected
values by a significant amount.
 ANALYTICAL PROCEDURES (CONTINUED)

A basic premise of using analytical procedures

is that there exist plausible relationships among
data and these relationships can reasonably be
expected to continue.
 Analytical procedures include the comparison of
the entity’s financial statements with prior
period information, anticipated results such as
budgets, and similar industry information.
 General analytical procedures include trend
analysis, ratio analysis, statistical and data
mining analysis and reasonableness tests.
 GENERAL ANALYTICAL PROCEDURES
Trend analysis is the analysis of changes in an
account balance over time.
Ratio analysis is the comparison of relationships
between financial statement accounts, the
comparison of an account with non-financial data
or the comparison of relationships between firms in
an industry.
Reasonableness testing is the analysis of account
balances or changes in account balances within an
accounting period in terms of their ‘reasonableness’
in light of expected relationships between accounts.
Statistical analysis and data mining is the
analysis of data using statistical methods.
REQUIRED ANALYTICAL PROCEDURES
The auditor’s responsibility is to perform
analytical procedures near the end of the
audit that assist the auditor when forming an
overall conclusion on whether the financial
statements are consistent with the auditor’s
understanding of the entity.
PERFORMING ANALYTICAL PROCEDURES MAY BE
THOUGHT OF AS A FOUR-PHASE PROCESS:
 Phase one – formulate expectations
(expectations)
 Phase two – compare the expected value to the
recorded amount (identification)
 Phase three – investigate possible explanations
for a difference between expected and recorded
values (investigation)
 Phase four – evaluate the impact of the
differences between expectation and recorded
amounts on the audit and the financial
statements (evaluation).
SOURCES FOR COMPARISON OF INFORMATION
 Comparable information for prior periods
 Anticipated results (such as budgets and
forecasts, or auditor expectations)
 Elements of financial information within the
period
 Similar industry information
 Non-financial information.
ANALYTICAL PROCEDURES AND GOING CONCERN
PROBLEM INDICATIONS

 Financial indications
 Net liability, borrowings near maturity, adverse
ratios, losses, late payments, change to cash on
delivery.
 Operating indications
 Management turnover, loss of market or licence
or supplier, shortages and labour problems.
 Other indications
 Non-compliance with statutory requirements,
legal proceedings, changes in legislation.
THE TYPE OF THE AUDIT PROCEDURES FOR
GATHERING EVIDENCE

 Evidence-gathering techniques are techniques

employed by an auditor to obtain evidence.
 Evidence-gathering techniques are:
 Inquiry
 Observation
 Inspection (physical evidence and
examination of documents)
 Recalculation
 Re-performance
 Confirmation
 Analytical procedures.
 Inquiry

Inquiry consists of seeking information of

knowledgeable persons inside (client) or
outside the entity.
It cannot be regarded as conclusive because it
is not from an independent source and might
be biased in the client’s favour.
The auditor must gather evidence to corroborate
inquiry evidence by other alternative procedures.
 Inquiry (Continued)

Famous court case of Escott et al. vs.

BarChris Const. Corp. 1968, wherein the
court ruled against the auditor because he did
not seek supporting evidence related to
inquiries made with management. The court
stated he was,
‘too easily satisfied with glib answers to his
inquiries.’
 OBSERVATION
 Observation consists of looking at a process
or procedure being performed by others.
 For example, the observation by the auditor
of the counting of inventories by the entity’s
personnel or by the performance of internal
control procedures that leave no audit trail.
 Observation should be supported by other
types of evidence.
 COUNT OF PHYSICAL INVENTORY

ISA 501 ‘When inventory is material to the

financial statements, the auditor should
obtain sufficient appropriate audit evidence
regarding its existence and condition by
attendance at physical inventory counting.’
ALTERNATIVE INVENTORY PROCEDURES

If unable to attend the physical inventory count

on the date planned due to unforeseen
circumstances, the auditor should take or
observe some physical counts on an alternative
date and, when necessary, perform tests of
controls of intervening transactions.
 An example is inspection of documentation
of the subsequent sale of specific inventory
items acquired or purchased prior to the
physical inventory count, may provide
sufficient appropriate audit evidence about the
existence and condition of inventory.
 INSPECTION
Inspection consists of examining records or
documents, or tangible assets.
Examples of evidence gathering by inspection
techniques is the review by an auditor of sales
orders, sales invoices, shipping documents,
bank statements, electronic records (via
CAATs), mechanical inspection of assets, etc.
INTERNAL DOCUMENTS AND EXTERNAL DOCUMENTS
 Internal documents processed under good
internal controls are more reliable than those
processed under weak controls.
 External documents may be processed by
both internal and external parties
representing agreement.
 External documents like title to property,
insurance policies and contracts are very
reliable evidence.
 VOUCHING AND TRACING
 Vouching is the use of documentation to
support recorded transactions or amounts. It is
an audit process whereby the auditor selects
sample items from an account and goes
backward through the accounting system to
find the source documentation that supports
the item selected.
 Tracing is an audit procedure whereby the
auditor selects sample items from basic source
documents and proceeds forward through the
accounting system to find the final recording
of the transactions (e.g. in the ledger).
RECALCULATION AND RE-PERFORMANCE
Recalculation consists of checking the mathematical
accuracy of source documents and accounting
records or of performing independent calculations.
Re-performance is the auditor’s independent
execution of procedures or controls that were
originally performed as part of the entity’s internal
control, either manually or through the use of
CAATs.
RECALCULATION
Examples:
• Extending sales invoices
• Adding journals and subsidiary records
• Checking calculations of depreciation
• Checking mechanical accuracy of records
and ledgers.
 CONFIRMATION
 An auditor may use a confirmation in response to a
significant risk.
 The auditor must ordinarily confirm accounts
receivable.
 Written confirmations received from third parties
are highly persuasive, but very costly and an
inconvenience for those who are asked to supply
them.
EXTERNAL CONFIRMATION
 Defined: An external confirmation represents
audit evidence obtained by the auditor as a
direct written response to the auditor from a
third party (the confirming party), in paper
form, or by electronic or other medium.
Four key characteristics:
1. Information is requested by client auditor.
2. Request and response is in writing, sent to the
auditor.
3. Response comes from an independent third party.
4. Positive confirmation involves a receipt of
information.
• Positive confirmation: A request that the
confirming party respond directly to the auditor
indicating whether the confirming party agrees
or disagrees with the information in the request,
or providing the requested information.
• Reliable evidence
• Negative confirmation: A request that the
confirming party respond directly to the auditor
only if the confirming party disagrees with the
information provided in the request.
• Use for large number small balances, low control
risk, response is expected.
RELIABILITY OF PROCEDURES
A list of the most reliable to the least
reliable evidence gathering techniques are in
general:
1. Recalculation
2. Inspection
3. Re-performance
4. Observation
5. Confirmation
6. Analytical procedures
7. Inquiry
COST OF PROCEDURES
 The auditor considers the relationship between
the cost of obtaining audit evidence and the
usefulness of the information obtained. The
evidence-gathering procedures in order of cost
from most costly to least costly are in
general:
1. Confirmation
2. Inspection
3. Recalculation
4. Re-performance
5. Observation
6. Analytical procedures
7. Inquiry
AUDIT PROCEDURES AND AUDIT SAMPLING
Audit sampling (sampling) is the application
of audit procedures to less than 100% of items
within a population of relevant items such that
all sampling units have a chance of selection in
order to provide the auditor with a reasonable
basis on which to draw conclusions about the
entire population (e.g. invoices, shipping
documents, and other original source material).
Audit sampling can use either a statistical
or a non-statistical approach.
AN ISSUE OF AUDIT WORK: AUDIT OF ESTIMATES

 Some financial statement items cannot be

measured precisely, but can only be
estimated. These items are accounting
estimates.
 An accounting estimate is an
approximation of a monetary amount in the
absence of a precise means of measurement.
This term is used for an amount measured at
fair value where there is estimation
uncertainty, as well as for other amounts
that require estimation.
TESTING ESTIMATES
In order to provide a basis for the identification
and assessment of the risks of material
misstatement for accounting estimates, the
auditor must obtain an understanding of how
management identifies accounting estimates
that are needed and how these estimates are
made.
THE AUDITOR MUST GAIN AN UNDERSTANDING OF
THE DATA ON WHICH THEY ARE BASED, INCLUDING:

• the method and model used in making the

accounting estimate;
• relevant controls;
• whether management has used an expert;
• the assumptions underlying the accounting
estimates;
• whether there has been, or ought to have been,
a change from the prior period in the methods
for making the accounting estimates, and if so,
why;
• whether and, if so, how management has
assessed the effect of estimation uncertainty.
WRITTEN REPRESENTATIONS AND
DOCUMENTATION ON AUDIT OF ESTIMATES
• The auditor must obtain written representations
from management and those charged with
governance, saying that they believe significant
assumptions used in making their accounting
estimates are reasonable.
• The auditor must include in the audit
documentation the basis for the conclusions about
the reasonableness of accounting estimates and
their disclosure that give rise to significant risks;
and indicators of possible management bias,
if any.
EVALUATION OF MISSTATEMENTS IDENTIFIED DURING
THE AUDIT

 The objective of the auditor is to evaluate the

effect of identified misstatements on the audit;
and the effect of uncorrected misstatements
on the financial statements.
 Uncorrected misstatements are misstatements
that the auditor has accumulated during the
audit and that have not been corrected.
Generally if misstatements are found, the auditor asks
management to correct them.
• If management corrects the misstatements
that were detected, the auditor must still
perform additional audit procedures to
determine
whether misstatements remain.
• If management refuses to correct some or all
of the misstatements communicated by the
auditor, the auditor should take into account
management’s reasons for not making the
corrections.
 The auditor must request a written representation
from management and those charged with
governance whether they believe the effects of
uncorrected misstatements are immaterial,
individually and in aggregate, to the financial
statements as a whole.
 In their workpaper documentation the auditor must
include:
• the amount below which misstatements would be
regarded as clearly trivial;
• all misstatements accumulated during the audit and
whether they have been corrected;
• the auditor’s conclusion as to whether uncorrected
misstatements are material, individually or in
aggregate and the basis for that conclusion.