14) Audit Strategy, Approach & Plan Flashcards
what is the purpose of audit strategy?
to guide the development of the audit plan
what the four components of audit strategy?
1) scope
2) timing
3) direction
4) resources
which factors can impact audit scope?
(range of work to cover)
- reporting requirements
- group engagements
- specialized knowledge
- effect of CAATs
- number and location of components to audit
what can CAATs help with?
reduce the amount of work for the auditor to do as it automates certain IT processes
what is the timing of the audit?
the timeline of the audit
which factors can impact timing of the audit?
- client’s reporting timetable
- interim and final audit timelines (more interim, less final audit work)
- firm-specific deadlines
- plans for meetings
what is direction of the audit?
factors which the auditor believes will impact the direction of the engagement team’s efforts
which factors can impact direction of the audit?
- significant business developments
- areas of high ROMM
- effectiveness of controls
- mgmt commitment to control environment
what are the resources of the audit?
human, physical, logical tools which will be required to execute the audit
which factors can impact resources of the audit?
- number of team members
- experience / expertise
- equipment and software
- travel and logistics, budget
what is the purpose of the audit approach?
considers whether the auditor should test controls
what are the two audit approaches we can use?
- substantive approach
- combined approach
what are the 3 components of the audit approach?
1) necessary
2) possible
3) desirable
what do we consider for necessity?
- high volume of transactions
- high complexity of transactions
- high automation of transactions
- no visible audit trail
what do we consider for possibility?
- if there are operationally effective controls in place (no controls, no test)
- ITGC are operating effectively
- sound control environment
- resources and expertise to test controls
what do we consider for desirability?
- cost-benefit advantage to the firm
- client requests
- will provide value-added insight for client
- will allow audit staff to get training (new tech)
- auditor can rely on the 3-year rolling cycle for testing of controls
what are the 3 components of the audit plan?
1) nature
2) timing
3) extent
what do we look at for the nature of the audit procedure?
- purpose (ToC or substantive procedure)
- type
how do we determine the purpose of an audit procedure?
look at the approach
what is the timing of an audit procedure?
when is the audit performed / period to which the audit evidence applies
what are the two main timeframes for audit procedures?
- interim testing
- year-end testing
why would we do interim testing?
- obtain evidence throughout the year
- identify issues earlier
- less pressure at y/e
why would we do year-end testing?
- it is when info becomes available
- some procedures require finalized AFS
- there are high-risk areas: so we ensure mgmt did not just continue doing fraud after the interim test, we test the results of the entire year
what other factors should we consider for timing of the audit procedures?
- control environment – operates effectively all year round, not just during testing
- availability of info
- nature of risk (can only do procedure when risk is expected to happen)
what is the extent of an audit procedure?
the quantity of work to be performed
which factors can affect the extent of audit procedures?
- leve of ROMM and materiality
- level of assurance required
- use of CAATs (lowers cost)
