Overall Audit Planand Audit Program Chapter 13
Midterm topic guide will be ready and posted to the website by sometime Saturday (2/25)
Types of Audit Tests Procedures to obtain an understanding of internal control (Ch 10) Focused on understanding the design and operation of aspects of I/C necessary to plan the rest of the audit Tests of control (Ch 10) Procedures used to obtain evidence needed to assess control risk.
Types of Audit Tests Substantive tests of transactions Procedures designed to test for dollar misstatements of financial statement balances. • Analytical procedures (Ch 8) • To indicate possible misstatements • To reduce tests of details of balances Tests of details of balances Focus on ending G/L balances
Audit risk model AAR IR × CR = PDR Types of audit tests Procedures to obtain an understanding of internal control + Tests of controls (TOC) + Substantive tests of transactions (STOC) Types of Audit Tests and the Audit Risk Model
Audit risk model AAR IR × CR = PDR Types of audit tests Analytical procedures (AP) + Tests of details of balances (TDP) = Sufficient competent evidence per GASS Types of Audit Tests andthe Audit Risk Model
Type of Evidence Physical examination Confirmation Documentation Observation Type of Test Procedures for I/C Tests of controls Substantive T.O.T. Analytical procedures Tests of details Relationship Between Types of Tests and Evidence (Table 13-2) Reperformance Analytical Inquiries of the client
C3 Acceptable assurance Audit assurance from control risk assessment and tests of control C2 AUDIT ASSURANCE C1 Audit assurance from substantive tests No assurance A C B INTERNAL CONTROL EFFECTIVENESS Weak control Strong control Reliance on controls: C3 – None, C2 – Some, C1 – Maximum Audit Assurance at Different Levels of Internal Control Effectiveness (Figure 13-3)
Impact of Information Technology onAudit Testing SAS 80 (AU 326) and SAS 94 (AU 319) provide guidance for auditors of entities that transmit, process, maintain, or access significant information electronically.
Program change controls Access controls Impact of Information Technology on Audit Testing Computer assisted audit techniques (CAATS) may be used to test automated controls or data. Reports produced by IT may be used to test the effectiveness of IT general controls.
Audit Program It is convenient to think of the audit program as consisting of the three major classes of tests: Tests of controls and substantive tests of transactions Analytical procedures Tests of details and balances
Design tests of controls and substantive tests of transactions to meet transaction-related audit objectives. Assess control risk. Determine extent of testing controls. Designing Controls and Substantive Tests of Transactions (Figure 13-4) Perform procedures to understand internal control. Audit procedures Sample size Items to select Timing
Partial View of Table 13-4Tests of Details of Balances – Audit Program
Phases of the Audit Process • Plan and design an audit approach. 2. Perform tests of controls and substantive tests of transactions. 3. Perform analytical procedures and tests of details of balances. 4. Complete the audit and issue an audit report.
Transaction-related Balance-related 1. Existence 2. Completeness 3. Accuracy 4. Classification 5. Timing 6. Posting and summarization 1. Existence 2. Completeness 3. Accuracy 4. Classification 5. Cutoff 6. Detail tie-in 7. Realizable value 8. Rights and obligations 9. Presentation and disclosure Audit Objectives (Ch. 6)
Types of Evidence (Ch. 7) 1. Physical examination 2. Confirmation 3. Documentation 4. Analytical procedures 5. Observation 6. Inquiry of the client 7. Reperformance
Phase I Plan and design an audit approach. Phase III Perform analytical procedures and tests of details of balances. Phase II Perform tests of controls and substantive tests of transactions. Phase IV Complete the audit and issue an audit report. Summary of the Audit Process
Understand the client’s business and industry. Assess client’s business risk. Perform preliminary analytical procedures. Summary of the Audit Process:Phase I Accept client and perform initial planning.
Understand internal control and assess control risk. Gather information to assess fraud risks. Develop overall audit plan and audit program. Summary of the Audit Process:Phase I Set materiality and assess acceptable audit risk and inherent risk.
Plan to reduce assessed level of control risk? No Yes Perform tests of controls. Perform substantive tests of transactions. Assess likelihood of misstatements in financial statements. Summary of the Audit Process:Phase II
Low Medium High or unknown Summary of the Audit Process:Phase III Perform analytical procedures. Perform tests of key items. Perform additional tests of details of balances.
Review for contingent liabilities. Review for subsequent events. Accumulate final evidence. Evaluate results. Issue audit report. Communicate with audit committee and management. Summary of the Audit Process:Phase IV