Audit Procedures and Techniques

Created and Submitted by:

Avila, Nathalie Y. - 1 (1.1) and 4 (4.5 - 4.8)
Medina, Amery Joy - 2 (2.1 - 2.2) and 5 (5.1 - 5.2)
Fernandez, Genevieve 3 (3.1 - 3.2)
Ibasco, Nerie - 4 (4.1 - 4.4)
Villas, Ishielmae - 6 (6.1 - 6.2)

1. Planning and Risk Assessment Procedures (Avila)

1.1. Risk Assessment Procedures This pertains to and includes all of the activities involved in
the process of determining and evaluating audit risks.

● Understand the Entity’s Business and Industry. The auditor must obtain an understanding
of the entity and its environment, including its internal control, sufficient to identify and assess
the risks of material misstatement and to design and perform further audit procedures that are
most appropriate and responsive to the identified risks. This understanding must particularly
encompass the: (a) industry, regulatory, and other external factors, (b) nature, (c) objectives,
strategies and related business risks that may result in a material misstatement of the financial
statements, (d) financial performance measurement and review methods, and (e) internal
control of the entity. The auditor must obtain an understanding of these specific aspects of the
entity by performing certain risk assessment procedures. Those procedures include: (a)
inquiries of management and others within the entity; (b) analytical procedures; and (c)
observation and inspection. It is not required for the auditor to perform all of these procedures
for every aspect of the understanding but they are involved in the process of obtaining the
required understanding for the auditor. The entire process of doing such must be characterized
by the continuous gathering, updating, and analyzing of data and information throughout the
audit as acquiring more and newer knowledge is necessary to ensure that understanding
regarding the entity and its environment remains relevant and accurate.

● Identify Risks of Material Misstatement. Risks of material misstatement, including both

inherent and control risks, must be identified and assessed by the auditor at the financial
statement and assertion levels. This includes relating identified risks to potential material
misstatements at the assertion level and evaluating the magnitude and likelihood of their
material impact. It also involves determining whether or not any of the identified or assessed
risks qualify as significant risks that require special audit consideration or risks for which
substantive procedures alone do not provide sufficient appropriate audit evidence. It is required
for the auditor to accomplish these objectives by using and considering relevant information and
audit evidence derived from risk assessment procedures conducted throughout the process of
obtaining an understanding of the entity and its environment, relevant controls, classes of
transactions, account balances, and disclosures in the financial statements. The auditor also
may choose to perform substantive procedures or tests of controls simultaneously or at the
same time with risk assessment procedures in the case that they have deemed it to be much
more efficient or effective in achieving the audit objectives.

● Analyze Key Financial Statement Areas with Higher Risk. Part of the responsibilities and
objectives of the auditor in identifying risks of material misstatement and performing risk
assessment procedures is to determine and analyze which areas within the financial statements
have higher risks or are more susceptible to material misstatement. Special and increased audit
consideration must be given to these identified higher risk areas as they present a greater
probability and degree of material misstatement occurrence. The auditor must use professional
judgment to identify those key financial statement areas with higher risk and analyze them to
determine the nature, extent, and timing of further audit procedures.

Simple routine transactions that are subject to systematic processing are less likely to give rise
to significant risks as they have lower inherent risks whereas the opposite is true for complex
non-routine transactions. Significant risks often relate to fraud, complex transactions, related-
party dealings, or unusual business activities, and may involve subjective measurements with
high uncertainty. Non-routine transactions and judgmental matters, such as accounting
estimates, are also common sources of significant risks, especially when they involve complex
calculations or require substantial management intervention.

For significant risks, the auditor must evaluate the design and implementation of relevant
controls, considering how management addresses these risks, including review processes,
expert involvement, and governance oversight. If management fails to implement appropriate
controls such that it results in a material control weakness, the auditor is required to inform
those charged with governance and reassess the risk implications for the audit.

2. Internal Control Procedures (Medina)

Systematic processes, which enable the organization to ensure the financial statements are
accurate, and operational processes are efficient, are known as internal control procedures.
They ensure compliance with legal and regulatory requirements and protect assets. Internal
control procedures - the general performance of which covers practically all areas of
authorization, documentation, reconciliation, and security - is generally followed.

2.1. Walkthroughs
A walkthrough process would involve evaluation wherein the auditor traces a transaction from
initiation, recording, and the reporting done of the accounting system. The auditor will observe
this at every single step to understand the flow of transactions and to determine weakness or
gaps in the control process.

The main emphasis of a walkthrough is on ensuring that there is adequate design as well as
effective implementation of internal controls. This will allow the auditors to understand the
operational details of how a transaction is processed and assess whether they are appropriately
designed to reduce related risks. An auditor often uses walkthroughs at the start of an audit
especially when the auditor lacks knowledge regarding how the client operates or has recently
experienced changes in the control environment and/or just begun a new system or procedures.

Example: An auditor might perform a walkthrough of a purchase transaction. They would begin
by observing how a purchase requisition is initiated, approved, and converted into a purchase
order. They would then trace how the order is processed, received, invoiced, and ultimately
recorded in the financial accounts. By following each step, the auditor assesses if control
procedures (such as approval and matching of orders and invoices) are being consistently
applied.

2.2. Control Testing

Control testing checks both the design and operating effectiveness of internal controls. This is a
means of determining whether, in fact, controls are operative and effective in preventing and
detecting material misstatements in financial reporting.

Testing Design Effectiveness: Design effectiveness testing evaluates whether a control is

adequately designed to mitigate a specific risk. In other words, it assesses whether the control,
as designed, would prevent or detect an error or fraud if operating correctly. Ensures that the
control is structured in a way that aligns with the organization’s goals for risk mitigation.

Example: An auditor might test the design effectiveness of a control related to payroll. They
review procedures to confirm that each payroll transaction requires approval by a supervisor,
ensuring that payments cannot be made without proper authorization. The auditor concludes
whether the control, as designed, is capable of achieving its intended purpose.

Testing Operating Effectiveness: Operating effectiveness testing assesses whether controls

are consistently operating as designed. This involves verifying that controls are functioning as
intended in real-world scenarios and are applied consistently over a certain period. Determines
whether a control is functioning as expected and can be relied upon for accuracy and
compliance.

Example: If testing the operating effectiveness of the payroll approval control, the auditor may
select a sample of payroll transactions over several months to ensure that each one includes
proper approval from a supervisor. Based on the results, the auditor can conclude whether the
control is reliable for ensuring accuracy and compliance.

3. Substantive Audit Procedures (Fernandez)

3.1. Analytical Procedures

● Perform Trend Analysis, Ratio Analysis, or Comparative Analysis

Trend Analysis: Refers to collecting previous data in order to find trends and expect future
developments. A base year may be identified, future years can be calculated as a percentage of
the base year, and the trend percent may be used to construct a trend analysis.

Ratio Analysis: involves using financial statement ratios to evaluate the past performance,
current financial state, and strengths and weaknesses of a company. The current ratio, debt
ratio, and return on equity ratio are some of the examples of financial ratios.

Comparative Analysis: Pertains to and includes comparing a company's financial ratios

against those of its rivals, the industry, or other benchmarks. This can assist in determining how
well a company is doing in relation to others in its sector. It is critical to take industry
benchmarks and the larger macroeconomic context into account when analyzing financial data.

● Investigate Fluctuations, Inconsistencies, or Deviations from Expectations.

Fluctuations involve substantial fluctuations in account balances or financial measures over
time that may suggest underlying concerns. Inconsistencies in financial accounts include
mismatched costs or revenues that do not match other data sources.

Differences between actual outcomes and what was anticipated, budgeted, or expected might
indicate accounting mistakes or business concerns. Auditors must investigate these factors in
order to determine reasons, validate data correctness, and assess the credibility of financial
information.

3.2. Test of Details

● Tests of Transactions: Examine Individual Transactions to verify Validity and Accuracy
Tests of details for transactions include assessing particular transactions to determine their
legality, correctness, and conformity with applicable requirements. This treatment includes:

Verification: includes ensuring that each transaction is actual, fully approved, and documented.
Accuracy: Verifying that amounts, dates, and accounts are properly reported.
Completeness: Ensuring that all relevant transactions are reflected in the financial statements.

These tests assist auditors in determining the integrity of individual transactions and ensuring
that financial records correctly reflect corporate activity.

● Tests of Balances: Directly Test Year-End Balances (e.g., receivables, payables, inventory)
Tests of balances include closely evaluating year-end balances for accounts such as
receivables, payables, and inventories to ensure they are accurate, legitimate, and accurately
reflected in the financial statements. Audit processes and strategies for testing these balances
often include:
Confirmation: Auditors send verification queries to clients to check the amount owing. This
confirms the presence and correctness of receivables and may contain positive or negative
confirmations, based on risk assessments.

Physical inspection: Auditors physically inspect the year-end inventory count to ensure that it
exists as stated and in saleable condition. They may also review inventory in transit toward the
end of the year to ensure it is documented in the correct period.

Reconciliation: Auditors compare the balances in the general ledger with vendor statements
and supporting documents (such as purchase orders and invoices) to ensure that payables are
correctly stated. Auditors may also review reconciliations of bank accounts to ensure that cash
balances are correctly stated.

Cut-off Testing: Ensures that transactions near the year-end are recorded in the correct period.
For example, for payables and receivables, auditors will check that transactions occurring near
the cut-off date are included in the proper financial period.

Valuation: Auditors assess the allowance for doubtful accounts to ensure that it is reasonable
based on historical trends and current information about customer creditworthiness. They also
verify that inventory is valued appropriately using methods like lower cost or market value and
checking for obsolete or slow-moving inventory.

Review of Subsequent Events: Auditors may look for post-year-end events, such as payments
or settlements, that could impact the accuracy of year-end balances for receivables or payables.

4. Audit Techniques (Ibasco)

4.1. Inspection
● Inspect Physical Documents (e.g., invoices, contracts) and Accounting Records (e.g.,
journal entries). Inspecting physical documents is an audit procedure that involves examining
records and documents to gather evidence and determine if financial statements are accurate.
The purpose of this procedure is to verify the accuracy of the financial statements and ensure
there are no material misstatements. Auditors can examine documents in both paper and
electronic forms or physically inspect assets. They may also use vouching, a method where
auditors manually check the details of supporting documents. The reliability of the evidence
depends on the nature and source of the documents, as well as the effectiveness of controls
over their production. Original documents are considered more reliable than photocopies or
facsimiles.

● Inspect Tangible Assets (e.g., inventory, property) To Confirm Existence and Condition.
Inspecting tangible assets, such as inventory, property, vehicles, and equipment, is an audit
procedure used to confirm the existence of these assets and assess their condition, including
identifying any defects or impairments. This process ensures that the reported assets are
accurate and reliable. In legal proceedings, a party may request to inspect and copy tangible
items held by another party. This request can extend to testing, measuring, photographing, or
delivering the items to a specified location for further examination.

4.2. Observation: This is an audit procedure where auditors directly watch or monitor activities,
processes, or operations to assess how internal controls are being implemented and followed.
Auditors observe activities and operations to assess how internal controls are being
implemented and functioning in practice. This procedure is particularly useful when there is no
formal documentation available outlining the operation of a control unit. By directly observing
processes, auditors can evaluate whether controls are being followed as intended and identify
any discrepancies or weaknesses in the control system.

● Observe Internal Control Procedures (e.g. inventory counts, authorizations). Internal

control procedures are policies and practices implemented by an organization to ensure the
accuracy, reliability, and integrity of its financial reporting, protect assets, and ensure
compliance with laws and regulations. Observing or monitoring these controls allows auditors to
directly assess whether they are being properly followed and functioning as intended. By
monitoring activities such as inventory counts or the authorization process, auditors can
evaluate the effectiveness of the controls in place and identify any weaknesses or areas for
improvement that may pose a risk to the accuracy of the financial statements or the efficiency of
the organization's operations.

● Observe Staff Performing Tasks to Verify Processes. Watch staff perform their daily tasks
to verify that processes are being followed correctly. This could involve shadowing employees
while they carry out their duties, such as processing invoices or handling cash, to ensure
adherence to protocols and accuracy.

4.3. Inquiry
● Conduct Interviews with Management, Employees, or Third Parties to Gather
Information. During an audit, conducting interviews with management, employees, or third
parties helps gather information about processes, controls, and potential risks to assess
compliance and identify areas for improvement.

● Use Inquiry to corroborate other Audit Evidence. Using inquiry to corroborate other audit
evidence involves asking questions to verify or clarify information gathered from other sources,
ensuring consistency and confirming the reliability of the evidence in supporting audit
conclusions.

4.4. Confirmation
● External Confirmation: Involves sending requests to third parties, such as customers,
suppliers, or banks, to independently verify specific balances, transactions, or details. It
functions and helps to ensure the accuracy and completeness of the financial information being
audited.

● Confirm Bank Account Balances, Accounts Receivable, or other Financial Information.

This involves sending requests to third parties (e.g., banks, customers, suppliers) to verify the
accuracy of the reported balances or transactions by providing independent evidence to support
the financial statements.

(Avila)
4.5. Recalculation - This refers to the process or act of verifying the accuracy of numerical
calculations in the records of the entity or client. As an audit technique, it involves independently
performing calculations to confirm the correctness of amounts recorded in the financial
statements.

● Recompute Calculations (e.g., depreciation, interest, tax) to Verify Accuracy. This

involves recalculating specific financial figures, such as depreciation expense, interest, and tax,
to confirm that they have been calculated correctly according to the applicable accounting
policies and tax regulations.

● Recheck Mathematical Accuracy of Journal entries and Financial Statement Balances.

The auditor verifies the mathematical correctness of journal entries and balances within the
financial statements. This ensures that errors in basic arithmetic or data entry do not lead to
inaccuracies in the reported figures.

4.6. Reperformance - Pertains to the independent execution of the procedures or controls of

the entity by the auditor.

● Independently Perform the Same Procedures As the Entity (e.g., recalculating

balances, confirming accounts) To Check For Accuracy - Reperformance involves the
auditor independently executing the same procedures that the entity has performed, such as
recalculating balances or confirming accounts, to verify accuracy. It enables the auditor to
identify potential misstatements in the financial statements by ensuring that the entity’s
calculations and procedures were carried out correctly and verifying that figures reported align
with the underlying data and processes.

4.7. Vouching - Is the act or process of reviewing and examining documentary evidence
supporting or substantiating the accounting entries and transactions of the entity. This is done
by an auditor to confirm the authenticity and accuracy of the recorded transactions and ensure
that each entry in the financial statements is supported by valid documentation and reflects a
legitimate business activity.
● Trace Transactions From the Financial Statements Back to the Source Documents
(e.g., invoices, contracts) to Verify Authenticity - Vouching involves tracing transactions from
the financial statements back to the original source documents, such as invoices and contracts,
to verify the authenticity and accuracy of each transaction. This process helps the auditor
confirm that recorded entries are properly documented, relate to real business activities, and
comply with the applicable accounting policies and standards.

4.8. Tracing - Refers to following transactions or balances from their original source documents
forward to their recording in the financial statements. It is an audit technique that helps the
auditor to detect any omissions or errors in the entity’s accounting records by verifying the
completeness of recorded information and ensuring that all legitimate transactions have been
properly captured and included in the financial statements.

● Trace Transactions from Source Documents to the Accounting Records to Verify that
Transactions were Properly Recorded. Tracing is the act of following a transaction or balance
from its original source document to the accounting records. It involves verifying the
completeness of recorded information by ensuring that each transaction has been properly and
accurately recorded and included in the financial statements.

5. Sampling Techniques (Medina)

5.1. Statistical Sampling - Statistical sampling is based on probability, meaning that every item
in the population has a known chance of selection. This type of sampling offers an objective and
quantifiable basis as it allows conclusions to be generalized from the sample to the entire
population with a certain level of confidence.

● Random Sampling: Random sampling is a procedure in which sampling units are randomly
selected from the population with a fair chance of each unit being picked. Such a method is
basic to statistical sampling because it minimizes biases that may come with wrong
generalizations of the findings to a whole population. Random sampling is ideal when a truly
representative sample is needed and when the population is homogeneous.

Use random number generators or software tools to assign a random number to each item in
the population, then select items based on those random numbers. This can also be done
manually by drawing lots or using random selection tables

In auditing, if a company has 1,000 purchase transactions for the year, an auditor could
randomly select a sample of 50 transactions using random number generation, ensuring that
each transaction had an equal chance of being picked.
● Systematic Sampling: Systematic sampling involves selecting every nth item from a list or
dataset. Here, n is calculated by dividing the population size by the desired sample size (e.g., if
a population has 1,000 items and the desired sample size is 100, n would be 10).

Systematic sampling is beneficial when data is already organized in a sequential manner and
when there is no inherent order or pattern that could bias the selection. Start by choosing a
random starting point in the dataset. From that starting point, select every nth item until the
sample size is reached.

Example: An auditor may select every 5th sales invoice from a monthly record. If the month has
500 invoices and the desired sample size is 100, selecting every 5th invoice (after randomly
choosing a starting point) provides a systematic sample.

● Stratified Sampling: In stratified sampling, the population is divided into subgroups or “strata”
based on certain characteristics (such as value, type, or region). A sample is then drawn from
each stratum to ensure that all relevant subgroups are represented in the final sample.

This method is particularly useful when the population is heterogeneous and includes distinct
subgroups that need individual representation. For example, an organization’s revenue sources
could vary significantly by region or customer segment. Define and identify the strata
(subgroups) within the population. Determine the sample size for each stratum, often
proportional to the subgroup’s size within the population.

Example: An auditor assessing a bank’s loan portfolio might group loans by size: small,
medium, and large. They would then randomly select samples from each size category to
assess the portfolio’s risk and performance comprehensively.

5.2. Non-Statistical Sampling - Relies on professional judgment rather than probability-based

selection. This approach can be more subjective, as the auditor selects items based on criteria
they believe are most relevant to the audit objectives or where they feel risk may be higher.

Judgmental Sampling: Also known as “purposive sampling,” is based on the auditor’s

professional knowledge and experience. Instead of using a statistical model, the auditor relies
on their judgment to choose items that they believe are representative or significant to the audit
goals. This sampling method is most suitable when certain items are more likely to have issues
or when there are specific areas of high risk that require detailed examination. It’s often used in
exploratory or initial audit phases to gain insights into potential risk areas. The auditor examines
the population and identifies items that they believe are more likely to exhibit risk or unusual
characteristics.
Example: If an auditor suspects that high-value transactions are more likely to have errors, they
may choose to examine only transactions over a certain value threshold rather than taking a
random or systematic sample.

Technique Basis of Selection Strengths Limitations

Random Probability Reduces selection bias, May require larger

Sampling suitable for general samples; potential
representation clustering

Systematic Every nth item Simple, consistent Hidden patterns may

Sampling coverage across the introduce bias
dataset

Stratified Subgroup Ensures each subgroup Complex setup,

Sampling representation is represented, lowers requires knowledge
sampling error of subgroups

Judgmental Auditor judgment Focuses on high-risk No statistical

Sampling areas, flexible assurance, prone to
auditor bias

6. Conclusion and Evaluation of Evidence (Villas)

Conclusion and evaluation of evidence are essential in auditing for verifying the accuracy and
reliability of financial statements. By systematically reviewing whether the gathered audit
evidence sufficiently and accurately supports the assertions made by the organization, auditors
can ensure that their final conclusions are well-supported, credible, and in compliance with
applicable standards and regulations. This process helps to confirm the effectiveness of internal
controls, the existence of assets, and the integrity of financial reporting by ensuring that the
audit findings are both relevant and reliable.

6.1. Evaluate Sufficiency and Appropriateness of Evidence - Evaluating the sufficiency and
appropriateness of evidence is crucial in auditing to ensure that audit conclusions are well-
supported and credible. Sufficiency of evidence refers to having enough audit evidence to
support the auditor's findings and opinions. It considers whether there is a sufficient quantity
and variety of evidence to form a valid conclusion regarding the financial statements.
Appropriateness, on the other hand, examines the relevance and quality of the evidence,
assessing whether the evidence is directly related to the audit objectives and whether it comes
from reliable, credible sources. Together, these evaluations help auditors determine if the
evidence is both adequate and suitable for forming a well-founded and reliable audit opinion.

● Assess Whether the Evidence gathered is Sufficient and Reliable to form an Opinion.
To assess whether the evidence gathered is sufficient and reliable for forming an opinion, it is
essential to evaluate both the quantity and quality of the information. Sufficient evidence means
there is enough data or examples to comprehensively address the claim or question. Reliability
focuses on the trustworthiness of the sources, including their credibility, expertise, and lack of
bias. By examining both sufficiency and reliability, one can determine if the evidence effectively
supports an opinion or if further investigation is needed. This ensures that conclusions are
based on sound, well-supported foundations.

● Evaluate Whether the Evidence covers all High-Risk Areas and Assertions. Evaluating
whether evidence covers all high-risk areas and assertions is essential for a thorough and
credible audit. High-risk areas include aspects of the financial statements or internal controls
that, if not properly supported by evidence, could lead to material misstatements or compliance
issues. Ensuring that evidence addresses these critical areas helps reduce the likelihood of
gaps that might undermine the auditor's opinion. It involves assessing whether each significant
assertion, such as the existence of assets or the accuracy of financial transactions, is backed by
reliable, relevant audit evidence. This comprehensive approach ensures that all essential
elements of the financial statements are thoroughly supported, helping to form a well-founded
and defensible audit opinion.

6.2. Review and Final Procedures - Are the last steps in completing an audit. This phase
involves carefully reviewing all audit evidence, verifying that all audit objectives and regulatory
requirements are met, and ensuring that the conclusions align with the intended audit opinion.
Final procedures might include cross-checking the evidence, ensuring all significant assertions
are supported, or seeking additional feedback from senior auditors to identify any potential gaps
or weaknesses. These steps help guarantee that the audit report is polished, reliable, and ready
for presentation to stakeholders.

● Ensure All Areas have been Addressed and that Audit Evidence is Complete. Ensuring
that all areas have been addressed and that audit evidence is complete is critical for a thorough
and effective audit. This process involves verifying that each audit objective has been examined
and that all significant areas have been covered, leaving no gaps in the evaluation. Complete
audit evidence means gathering sufficient, relevant, and reliable information to support the
findings and conclusions. This step helps establish the accuracy and validity of the audit report.
Ultimately, it builds confidence that the audit findings are comprehensive and well-supported.

● Review Audit Documentation to Verify Consistency with Findings. Reviewing audit

documentation to verify consistency with findings is a vital step in ensuring the accuracy and
credibility of an audit report. This involves comparing the documented evidence and work
performed against the audit conclusions to confirm that each finding is fully supported by the
data gathered. Consistency checks help identify any discrepancies or oversights that could
affect the reliability of the report. By aligning the documentation with the findings, auditors can
ensure the audit reflects an honest, complete, and unbiased assessment. This process
ultimately enhances the quality and trustworthiness of the audit report.