AUD 1 Flashcards
AUD Reports
What should be included for the Auditor’s address?
The City and State where located
AUD Reports
What is Management Responsible for in regards to the Financial Statements?
Preparation and Fair Presentation of Financial Statements in accordance with the Applicable Financial Reporting Framework
AUD Reports
What is Management Responsible for in regards to Internal Control?
Internal Control Design, Implementation, Maintenance
AUD Reports
What are the headings in the Audit Report for an Unmodified Opinion?
(TIM-AA) Title; Introduction; Management Responsibility; Auditor Responsibility; Audit Opinion
AUD Reports
What are the headings in the Audit Report for an Modified Opinion?
(TIMA-BA) Title; Introduction; Management Responsibility; Auditor Responsibility; Basis for (Modified) Opinion; Audit Opinion
AUD Reports
In an Unmodified Opinion with Emphasis-of-Matter / Other-Matter sections, what is the order of the headings?
(TIM-AA EMO) Title; Introduction; Management Responsibility; Auditor Responsibility; Audit Opinion; Emphasis-of-Matter; Other-Matter
AUD Reports
What are the requirements for referencing a Component Auditor in the Audit Report?
Component Financial Statements must be prepared using same Financial Reporting Framework as the Group Financial Statements; Component Auditor must have performed audit in accordance with GAAS or PCAOB Standards.
AUD Reports
What must the Group Engagement Partner do if they assume responsibility for the Component Auditor’s work?
Perform additional audit procedures; Be involved in Component Auditors work; Perform Risk Assessment procedures; Assess Risk of Material Misstatement
AUD Reports
What standards govern SSARS engagements?
Compilations are governed by SSARS (Statements on Standards for Accounting and Review Services)
AUD Reports
Which clients can have compilation engagements?
Non-SEC (non-public) registrants only.
AUD Reports
What is a Compilation?
Accountant puts together financial statements with information PROVIDED BY MANAGEMENT. No opinion is expressed and no assurances are given. Independence is not required.
AUD Reports
What disclosures are required for Compilation engagements?
Disclosures not necessary must state that they are not included
AUD Reports
What standards govern Review engagements?
SSARS (Statements on Standards for Accounting and Review Services)
AUD Reports
What type of assurance is given in a Review engagement?
Reviews give limited assurance.
AUD Reports
What procedures are required for Review engagements?
Analytical procedures are required for reviews. Compare results to documented predictions.
AUD Reports
What is a Review engagement?
Financial statements are presented with no opinion expressed- and limited assurances are given. Independence is required for a review engagement.
AUD Reports
What is a Forecast?
A prospective financial statement that uses normal circumstances. General and limited use allowed.
AUD Reports
What is a Projection?
A prospective financial statement using hypothetical situations. Only limited use by the client is allowed.
AUD Reports
What are the requirements for Agreed Upon Procedures?
Independence is required; Only limited use by the client is allowed.
AUD Reports
What disclosures are required for remote likelihood of losses?
No disclosure required.
AUD Reports
What disclosure is required for a probable loss contingency?
Accrue if estimable. Emphasis-of-Matter paragraph if not estimable.
AUD Reports
What disclosure is made if a loss contingency is reasonably possible?
Auditor assesses need for Emphasis-of-Matter paragraph based on loss likelihood.
AUD Reports
How is a gain contingency reported?
Gain contingencies are not reported.
AUD Reports
How does an immaterial GAAP issue affect the audit opinion?
It doesn’t. Opinion is Unmodified.
AUD Reports
How does a very material GAAP issue affect the Audit Report?
Modified-Adverse Opinion is issued. Emphasis-of-Matter paragraph is added after Opinion paragraph.
AUD Reports
How do GAS standards compare to GAAS?
GAS is more strict than GAAS.
AUD Reports
What is required under the Single Audit Act?
An audit performed under governmental auditing standards (GAS). A report on internal control is required. GAAS and GAS don’t require the I/C report.
AUD Sampling
What is Audit Sampling?
Taking part of a population- subjecting it to audit procedures- projecting results to a population
AUD Sampling
What are the characteristics of Statistical Sampling?
Based on formulas
Helps find an appropriate audit sample
Helps evaluate evidence obtained
Helps evaluate results and quantify Sampling Risk
AUD Sampling
What are the characteristics of Non-Statistical Sampling?
Based on human decision
Equally acceptable as Statistical Sampling
AUD Sampling
What are the characteristics of Substantive Tests?
Variables sampling
Probability proportionate to size sampling
AUD Sampling
What type of sampling are Control Tests?
Attribute Sampling
AUD Sampling
What is Sampling Risk?
Risk that your sample isn’t representative of population
Can happen even if audit is done properly
AUD Sampling
What is the risk of assessing Control Risk too high?
A risk of Control Testing - Auditor works to make Control Risk lower
More substantive tests - Sample overstates Control Risk- Leads to an under-reliance on internal control- over-testing- and overall audit inefficiency
Audit ends up being effective (correct result)- but you do more work
AUD Sampling
What is the risk of assessing Control Risk too low?
A risk of Control Testing - Complement to Confidence Level
Inverse relationship to Sample Size
Higher accepted risk of assessing Control Risk too low = Smaller Sample
Lower accepted risk of assessing Control Risk too low = Larger Sample
AUD Sampling
What are the risks if the auditor concludes controls are operating effectively based on the sample and Control Risk is set too low?
Leads to higher Detection Risk - Fewer substantive tests
Sample understates Control Risk
This error leads to over-reliance on internal control- under-testing- and overall audit ineffectiveness.
Does NOT necessarily mean that the Financial Statements are materially misstated - it does mean that if there is one- you are less likely to find it
AUD Sampling
What is the risk of Incorrect Acceptance?
A risk of Substantive Testing - Auditor accepts a balance as fairly stated- when in fact it is not fairly stated
Hurts audit effectiveness
Wrong conclusion reached
Efficient- but not effective
AUD Sampling
What is the risk of Incorrect Rejection?
A risk of Substantive Testing - Auditor rejects balance as fairly stated when in fact it is fairly stated
Hurts audit efficiency
Wrong recommendations given
Effective- but not efficient
AUD Sampling
What is Non-Sampling Risk?
Risk of human (auditor) missing an error
Also called exception- error or deviation.
AUD Sampling
How does Sampling Risk compare to Non-Sampling Risk?
Sampling Risk deals with the chance that your audit sample is flawed
Non-Sampling risk deals with the chance that your human decisions/conclusions are flawed
AUD Sampling
What is Attribute Sampling?
Looking at Control Procedures - Were invoices approved when paid?
Errors are stated in terms of %- not dollar amounts
For example- 5 invoices out of 100 were not properly paid. Error rate is 5%
Hint: If you see Error Rate on the Exam- they are referring to Attribute Sampling.
AUD Sampling
How do you determine if Control Procedures are operating properly or not operating properly?
Control Procedures are either operating properly or they are not operating properly - based on Error Rate and the tolerance you have for errors
AUD Sampling
What is the Tolerable Rate?
Error rate in population that you are willing to accept/tolerate
Inverse relationship to Sample Size
Higher Tolerable Rate = Smaller Sample
Lower Tolerable Rate = Larger Sample
If you’re willing to accept a higher probability that errors exist- there is less pressure on the sample
AUD Sampling
What is the Expected Population Error Rate?
What Error Rate are you expecting? - Judgment call- based on experience
Direct relationship to Sample Size
More errors = Larger Sample
Less errors = Smaller Sample
AUD Sampling
What is the basic premise of Attribute Sampling?
Attribute in the sample gives information about the entire audit population
Used to estimate Internal Control error rate
AUD Sampling
For what is the Expected Population Deviation (error) Rate used?
Used to determine initial level of Control Risk
AUD Sampling
What is the Allowable Risk of Over-reliance?
Risk of Assessing Control Risk too low
Gives you the Sampling Risk
AUD Sampling
When is Attribute sampling used?
Attribute sampling is only useful when there is documented evidence (an audit trail) to test
Use when the existence of an error needs to be verified or debunked
AUD Sampling
What is Classic Variable Sampling?
Testing for a dollar amount
Value in sample gives information about value in entire population.
AUD Sampling
What functions are used in conjunction with Classic Variable Sampling?
Mean Per Unit = Sample Average x Number in Population
Stratification - Decreases effect of variance in population and reduces sample size
AUD Sampling
What are the characteristics of Probability Proportionate to Size (PPS) sampling?
A form of Variable Sampling
Does NOT use Standard Deviation
Auditor focuses on a dollar amount
Larger or more valuable items get picked more often as part of the sample
AUD Sampling
What is Projected Misstatement?
Misstatement found in sample - have to project it to remainder of population
AUD Sampling
How does Probability Proportionate to Size (PPS) sampling compare to Classic Variables sampling?
PPS:
Easier to use- Results in a stratified (homogenous) sample- Results in a smaller sample size to audit- Easy to design
Classic Variables Sampling:
Easy to expand sample size- Selecting zero and negative balances easy
AUD Sampling
What factors affect sample size?
Tolerable rate for error - Inverse relationship with sample size
Risk of assessing Control Risk too low - Inverse relationship with sample size
Expected population error rate - Direct relationship with sample size
Population size does NOT affect the sample size - as population is larger- sample size doesn’t grow.
AUD Sampling
What is the formula for Audit Sampling?
SER + ASR < TER
SER = Sample Error Rate
ASR = Allowance for Sampling Risk
TER = Tolerable Error Rate
AUD Sampling
What is Allowance for Sampling Risk?
The amount that you add to the Sampling Error Rate to get some cushion for your sample.
As high as you think the population error rate could go based on experience.
AUD Sampling
What is the Tolerable Error Rate?
The amount of error rate that you can accept - If population error rate is less than TER- then accept the Control as effective
If population error rate is more than TER- do more testing to get SER lower or conclude control isn’t effective. Do more substantive testing
AUD Sampling
What are the steps to develop a sampling plan?
Determine Test Objective - for example- have sales shipments been billed?
Define Population and Deviation - take a sample of shipping document- trace forward to see if billed
Determine Sample Size based on tolerable rate for error- risk of assessing Control Risk too low- and expected population error rate.
Select Sampling Technique
AUD Sampling
After a Sampling Plan is developed- what are the steps in sampling?
Perform the Sampling Plan
Evaluate Results
Document Results
AUD Sampling
What is Systematic Sampling?
Every certain # of a population is selected
Population needs to be randomly ordered
Primary advantage is that population doesn’t require pre-numbering
AUD Sampling
What is Sequential Sampling?
Also called Stop or Go sampling
Each audit step determines the next step
AUD Sampling
What is Discovery Sampling?
Audit is testing an area that is so crucial that zero population errors can be tolerated
Any phony employees on payroll?
AUD Sampling
How does Block Sampling compare to other sampling methods?
Easy to implement- but is the worst method of sampling.
AUD Engagement Planning
What is the primary duty of an auditor?
To provide users of financial information with REASONABLE ASSURANCE that the financial statements are not materially misstated.
AUD Engagement Planning
What is the auditor’s responsibility for detecting theft or fraud?
Auditors are not responsible for detecting theft or fraud.
Instead- they are responsible for providing REASONABLE ASSURANCE that the financial statements are not materially misstated.
AUD Engagement Planning
When should an auditor be hired in relation to the balance sheet date for optimum audit planning and efficiency?
The earlier the auditor is hired- the better for audit planning and efficiency.
AUD Engagement Planning
When can audit procedures be performed at interim dates?
If Control Risk for the accounts and/or transactions is low- audit procedures can be performed at interim dates.
The auditor then reviews changes in the balances at year-end.
AUD Engagement Planning
When can an auditor accept an engagement offered after the year is already closed?
The auditor can take the engagement if they are able to overcome the limitations of the engagement.
AUD Engagement Planning
For what does an auditor use professional skepticism?
To plan the scope of the audit
To plan the objectives of the audit
AUD Engagement Planning
How can analytical procedures be performed in audit planning?
The auditor can compare actual versus forecasted numbers.
AUD Engagement Planning
What must an auditor have in order to discuss issues relating to a predecessor auditor’s work?
If issues relating to predecessor auditor’s work on previous Financial Statements come up during the current audit- Auditor must have client’s permission to discuss the issue.
AUD Engagement Planning
What questions must an auditor ask with respect to procedures carried out by assistants?
Were they adequately performed? (Review the working papers)
Are the results consistent with the audit report?
AUD Engagement Planning
How is audit strategy mapped out?
Auditor determines what the reporting objectives are.
Auditor determines the scope of the audit.
AUD Engagement Planning
Describe the key components of maintaining auditor independence.
Auditor must be independent in fact and appearance
Honesty
No direct financial interest
No indirect material financial interest
AUD Engagement Planning
Describe Due Professional Care
Technical abilities mirror those held by peers in the profession
Follow GAAS Standards
Obtain a Reasonable Level of Assurance
Maintain Reasonable Level of Skepticism
Supervise Audit Staff
Review judgment at every level
AUD Engagement Planning
What should an auditor do prior to accepting an audit engagement?
Review the previous financial statements
Speak to third parties
Contact predecessor auditor to evaluate whether engagement should be accepted (must have client permission)
AUD Engagement Planning
What questions should be asked by an auditor prior to taking an engagement?
Note: must have permission of client to contact predecessor auditor (no permission = no engagement)
Why the Auditor Change?
Any Serious Discussions with Audit Committee?
How is Management Integrity? Disagreements?
How was Internal Control?
Understand Industry or Be Willing to Learn
Consider Scope Limitation - Limited evidence available = no engagement
AUD Engagement Planning
What should be included in an audit engagement agreement?
Note: must be written
Objectives of Engagement
Limitations of Engagement
Responsibilities of Management - Provide written assertions
Responsibilities of Auditor - Limited error/fraud responsibility
Expectations of Access to Records
Financial Statements (and Disclosures) are Management’s Responsibility
Compliance with Laws
Internal Control
AUD Engagement Planning
What is management’s responsibility with respect to the financial statements?
Management is responsible for financial statements and adequacy of disclosures.
Presentation & Disclosure
Existence (Tests Overstatements)
Rights & Obligations
Completeness (Tests Understatements)
Valuation & Allocation
AUD Engagement Planning
What is the purpose of the Audit Committee?
Responsible for Hiring Auditor
Oversees Internal Control
Must Agree with Auditor on: Responsibility of the Parties- Audit Fee- Timing of the Audit- Audit Plan
Acts as Liaison Between Auditor and the Board
Auditor Communicates Concerns about: Internal Control Deficiencies- Errors- Fraud- Illegal Activities
AUD Engagement Planning
How is Audit Risk calculated?
Inherent Risk x Control Risk x Detection Risk
Risk that material mistakes- errors- omissions- or fraud will result in an inaccurate audit report
Based on Auditor Judgment
Measured in both Qualitative and Quantitative
AUD Engagement Planning
Describe Control Risk
Risk that internal control will not detect error or fraud
Auditor cannot control this.
AUD Engagement Planning
Describe Inherent Risk.
Which transactions have a higher level of risk?
Auditor cannot control
AUD Engagement Planning
Describe Detection Risk.
Will the auditor fail to detect a material misstatement?
Auditor CAN control
Do testing at year-end
Increase substantive testing
Run more effective tests
AUD Engagement Planning
What responses should an auditor take based on different levels of acceptable detection risk (DR)? What type of tests should be performed?
Less Acceptable DR = Run More Substantive Tests
More Acceptable DR = Run Less Substantive Tests
More Substantive Tests (DR down) = Less Audit Risk; (AR = IR x CR x DR)
Less Substantive Tests (DR up) = More Audit Risk; (AR = IR x CR x DR)
AUD Engagement Planning
What are quantitative measurements versus non-quantitative measurements with respect to risk?
Quantitative Measurements - Inherent- Control- and Detection Risk can all be measured in terms of percentages
Non-Quantitative Measurements - Inherent- Control- and Detection Risk can all be measured in terms of acceptable ranges
AUD Engagement Planning
Whose responsibility is it to FIND and PREVENT fraud?
It is Management’s responsibility.
AUD Engagement Planning
What is the auditor’s responsibility with respect to fraud and illegal acts?
Assess the RISK that such things will lead to material misstatements
Design the audit to provide reasonable assurance against fraud- illegal acts that directly and materially affect the financial statements
Report ALL management fraud to the audit committee (minor fraud by low-level employees not reported to committee)
Perform required inquiries and procedures (management inquiries- analytical procedures- discussions with audit personnel about fraud)
AUD Engagement Planning
What are the three factors that affect/influence fraud?
Fraud is born out of:
Rationalization
Incentive
Opportunity
(RIO)
AUD Engagement Planning
What is the difference between fraud and errors?
Errors are unintentional- fraud is intentional.
AUD Engagement Planning
What red flags may indicate higher risk in an audit?
Management compensation tied to stock
Aggressive financial forecasting
Former auditor disagreed with Management
Records not available for audit
Current audit procedures may need to be reconsidered if red flags exist.
AUD Engagement Planning
Describe the characteristics of a Fraud Risk Factor.
Has been observed in similar situations
Does NOT necessarily mean that there is a material weakness in internal control
Leads to an auditor taking action
AUD Engagement Planning
What does an examination of internal control accomplish with respect to illegal acts?
Internal control analysis can result in the conclusion that IC is weak- but probably won’t identify illegal acts
AUD Engagement Planning
What is the purpose of adjusting audit procedures in light of fraud risk factors identified during an audit?
Strives to make audit engagement procedures less patterned and predictable
Re-evaluates management’s application of accounting procedures
Finds and assigns audit personnel with relevant skills in this area
AUD Engagement Planning
What should be documented with respect to fraud risk factors in an audit?
Any fraud risks identified that could lead to material misstatement
Audit procedures performed to assess risks
Nature of communication made to audit committee and company management
Disclosure to third parties regarding fraud not normally the auditor’s responsibility
Fraud by management should normally be reported to the audit committee- NOT the SEC.
AUD Engagement Planning
What was the effect of the SOX Act of 2002?
Created PCAOB
Designates Officer responsibility for internal control
Must disclose significant internal control weaknesses to auditor and audit committee
Must disclose any level of fraud discovered by employees with internal control responsibilities
AUD Engagement Planning
What is the Hierarchy of Authoritative Literature?
- Statements on Auditing Standards (SAS)
- Auditing Interpretations- AICPA Guides & SOPs
- Industry Articles (no authority)
AUD Engagement Planning
What quality control activities are undertaken by CPA firms with audit practices?
Firm Leadership exhibits quality and leads by example and sets the tone for the organization
Firm should Monitor and document that its policies and procedures are being followed
Firm should have Relevant Ethical Requirements
Acceptance and continuance of client engagements should continue to be evaluated for client integrity- auditor competency- and legality
Firm should have competent and ethical personnel
Firm engagements are performed- supervised- and reviewed in accordance with professional standards and regulations.
AUD Engagement Planning
Which literature governs Compilation services?
SSARS - Statements on Standards for Accounting and Review Services
These govern reporting for non-public entities only
AUD Engagement Planning
What is the independence requirement for Compilations?
Independence NOT required for Compilations
No Internal Control work allowed
No assurance given
AUD Engagement Planning
What type of assurance is provided by a Compilation?
Compilations are not an assurance service. No assurance is provided.
AUD Engagement Planning
What type of assurance is provided by Review services?
Reviews provide NEGATIVE assurance.
AUD Engagement Planning
What is the independence requirement for a Review?
Reviews require independence.
No Internal Control work allowed
Performs analytical procedures
No material indirect financial interest allowed
No immaterial direct financial interest allowed
AUD Engagement Planning
For compilations and reviews- what knowledge must a service provider have?
Must have an understanding of the client industry.
AUD Engagement Planning
What are attestation services?
CPA expresses a conclusion about an assertion - Compliance with laws
NOT considered a Consulting engagement
Independence Required
AUD Engagement Planning
What is the independence requirement for consulting services?
Independence is not required for consulting services.
AUD Engagement Planning
Describe the limitations on Prospective Financial Statements?
Report is restricted to specified users.
Agreed-upon procedures are implemented.
AUD Engagement Planning
What is the role of the Group Engagement Team?
Develop Audit Strategy; Communicate with Component Auditors; Perform work on the Consolidation Process; Evaluate Audit Conclusions; Understand work of Component Auditors;
AUD Engagement Planning
Who is on the Group Engagement Team?
Firm Partners; Group Engagement Partner; Audit Staff
AUD Engagement Planning
Who establishes the Materiality threshold for the Component Auditor?
The Group Engagement Team; The Materiality threshold must be lower than the Group Materiality threshold
AUD Engagement Planning
What is the Group Engagement Partner responsible for?
Group Audit Engagement Direction - Supervision - Performance and the Audit Report
AUD Engagement Planning
What is the role of a Component Auditor
Audit a component of the entity
AUD Engagement Planning
What should the Group Engagement Team do if a Component Auditor audits a Significant Component due to Financial Materiality?
Audit the Financial Information
AUD Engagement Planning
What should the Group Engagement Team do if a Component Auditor audits a Significant Component due to Risk of Material Misstatement?
Perform Audit Procedures
AUD Engagement Planning
What should the Group Engagement Team do if a Component Auditor audits a Non-Significant Component?
Analytical Procedures performed at Group Level
AUD Engagement Planning
Why does an Auditor do if they suspect legal proceedings could contribute to a Material Misstagement?
Contact Client external counsel through a Letter of Inquiry
AUD Evidence and Risk
What is the majority of an auditor’s work in determining an audit opinion?
Collection of evidence to support the opinion.
AUD Evidence and Risk
Of what does audit Evidence consist?
Evidence consists of client accounting data and supporting documentation from client or from third parties.
AUD Evidence and Risk
What is the relationship between Evidence and Detection Risk?
Evidence has an inverse relationship with Detection Risk
The one aspect of Audit Risk an auditor can control through (N)ature (T)iming (E)xtent of audit procedures.
Inherent Risk and Control risk are outside of auditor’s control.
AUD Evidence and Risk
Which aspects of Audit Risk can an auditor control?
Detection Risk which is decreased by gathering evidence.
AUD Evidence and Risk
Which aspects of Audit Risk can an auditor NOT control?
Inherent Risk and Control Risk are outside of an auditor’s control.
AUD Evidence and Risk
How does a high level of acceptable Detection Risk affect an audit?
Less Evidence collected. Opens door for incremental audit risk - Internal Control should be strong.
Business and transactions should be relatively stable and predictable.
(N) Less-competent Evidence collected
(T) Interim testing acceptable
(E) Fewer transactions are verified.
AUD Evidence and Risk
What should occur when a low level of Detection Risk is acceptable?
More Evidence collected
(N) More-competent Evidence collected
(T) End of year balance testing
(E) More transactions are verified
AUD Evidence and Risk
What are the primary risks in an audit for a typical for-profit company?
Auditors are there to verify that
Assets & Revenues are not overstated
Expenses & Liabilities are not understated
Exception - if the CPA Exam states that it is a tax-driven company flip them around
AUD Evidence and Risk
What is the primary constraint on audit evidence?
Cost vs. Benefit is a primary constraint.
AUD Evidence and Risk
What characteristics should audit evidence have?
Sufficient (quantity)
Appropriate: Relevant & Reliable (Quality)
AUD Evidence and Risk
How does the quality of audit evidence vary depending on who has provided it?
Best evidence: Observation of activity by auditor.
2nd Best: Originates from External Parties and is sent directly to auditor (or failing that items are generated by third party and provided to auditor by the client such as a bank statement)
Weakest: Oral evidence from management.
AUD Evidence and Risk
Which documents are the most persuasive and credible?
Third party documents are more persuasive and credible than internally-prepared docs
Auditor Knowledge = Most Persuasive
3rd Party info given to auditor
3rd Party info given to client
Internally-prepared doc
AUD Evidence and Risk
What are Substantive Procedures?
Test substance/amounts/values. They help to reduce the risk of material misstatements. They only test accuracy of financial statements and dollar amounts - they don’t test internal controls.
AUD Evidence and Risk
What are the substantive tests that are most often performed?
Trace (or Vouch) Reconcile Analytical Procedures Confirmations Examine evidence that supports management assertions.
(T.R.A.C.E.)
AUD Evidence and Risk
When performing audit procedures what should auditors focus on?
Auditors focus first on Balance Sheet Accounts then associated Income Statement items
AUD Evidence and Risk
How is Cash audited?
Assurance Level is High.
Acceptable Detection Risk is Low.
AUD Evidence and Risk
How is Accounts Receivable audited?
If Acceptable DR is High - Negative Confirmation is used - Customer only responds if balance is materially wrong.
If Acceptable DR is Low - Positive Confirmation is used - Customer asked to confirm by telling auditor the balance.
Corresponding Income Statement Account - Revenue
AUD Evidence and Risk
How is Accounts Payable audited?
Review purchase orders/invoices
Confirm with Vendors
Corresponding Income Statement Account - Various Expenses
AUD Evidence and Risk
How is Inventory audited?
Examine purchase agreements
Look at Board Minutes
Is Inventory held as collateral?
Corresponding Income Statement Account - COGS
AUD Evidence and Risk
How are beginning balances audited?
Should match last year’s ending balance.
AUD Evidence and Risk
What is the general presumption for auditing Ending Balances?
If Beginning Balance Additions Subtractions are OK then Ending Balances should also be OK.
AUD Evidence and Risk
How is a Statement of Cash Flows audited?
Foot all balances - Check the Math
Trace Cash Flow items to other Financial Statements
Check classifications - Operating Activities Investing Activities Financing Activities
AUD Evidence and Risk
Under the Indirect Method what must be disclosed on a Statement of Cash Flows?
Interest Paid
Income Taxes Paid
Non-cash Transactions
Cash and Cash Equivalents Definitions
AUD Evidence and Risk
Under the Direct Method what must be disclosed on a Statement of Cash Flows?
Results as if you had used Indirect Method
Non-cash Transactions
Cash and Cash Equivalents Definition
AUD Evidence and Risk
What are Subsequent Events and what do they require?
Subsequent events occur after the Balance Sheet Date but before the audit report is issued.
Auditor needs to make inquiries and assess if they affect the audit report.
AUD Evidence and Risk
What should occur if the audit report has already been issued and the auditor becomes aware of a situation that was present as of the Balance Sheet date (a subsequent event)?
If audit report has already been issued and auditor becomes aware of a situation that was present as of the BS date client should issue a disclosure to financial statement users and/or revise the financial statement.
Regulatory agencies might need to get involved under some circumstances.
AUD Evidence and Risk
What should an auditor do if they discover they have forgotten to perform a substantive procedure?
If auditor discovers that they forgot to perform a substantive procedure auditor should determine if other substantive procedures performed served as a substitute.
Otherwise support for their audit opinion could be jeopardized.
AUD Evidence and Risk
When are Analytical Procedures required?
REQUIRED When planning the audit (preliminary)
REQUIRED When reviewing the audit (final)
Analytical procedures may be also performed optionally along with the substantive testing.
Use of Analytical Procedures in the audit must be documented.
AUD Evidence and Risk
How do Analytical Procedures assist the auditor?
Helps the Auditor:
Determine if Management Assertions are reasonable
Develop audit plan
Develop some expectations about the financial statement and hopefully bring to light any glaring errors on financial statement
AUD Evidence and Risk
What is the focus of Analytical Procedures?
Analytical Procedure focus is on dollar amounts (not internal controls)
Analyzes Financial Data: Do Financial Statements Make Sense?
Comparison of data between years
AUD Evidence and Risk
How is the Current Ratio calculated?
Current Ratio = Current Assets / Current Liabilities
AUD Evidence and Risk
How is the Quick Ratio calculated?
Quick Ratio = Liquid Assets / Current Liabilities
AUD Evidence and Risk
How is the Asset Turnover calculated?
Asset Turnover = Net Sales / Average Assets
AUD Evidence and Risk
How is the Inventory Turnover calculated?
Inventory Turnover = COGS / Average Inventory
AUD Evidence and Risk
How is Gross Margin % calculated?
Gross Margin % = Gross Margin / Sales
AUD Evidence and Risk
What type of testing are ratios?
Ratios are Analytical Procedures
AUD Evidence and Risk
What type of procedure is a Budget vs. Actual comparison?
Budget vs. Actual comparisons are Analytical Procedures.
AUD Evidence and Risk
List Common Types of Analytical Procedures
Ratio analysis
Budget vs. Actual comparison
Comparison of data between years
Use of non-financial data to predict expected values for financial data
AUD Evidence and Risk
How do management assertions affect the audit?
Management assertions help the auditor to plan the audit and select substantive tests.
AUD Evidence and Risk
What assertions do auditors test?
Presentation - Cutoff Classification - Is it in the right period and category?
Existence/ Occurrence - Did it happen? Does it exist?
Rights & Obligations - Does the company own them?
Completeness - Was everything recorded?
Valuation - Are they worth the amount at which they are recorded?
(PERCV)
AUD Evidence and Risk
What assertions are tests for transaction classes?
Occurrence
Cutoff
Classification
Completeness
Accuracy
AUD Evidence and Risk
For which assertions are disclosures tested?
Occurrence
Completeness
Classification
Accuracy
AUD Evidence and Risk
Is testing the validity of direct evidence a basic audit procedure?
No it is an extended procedure.
For example you don’t have to take a loan covenant document and go search out that it’s a valid loan covenant. Instead you consider the source - if it’s externally prepared it’s more persuasive.
AUD Evidence and Risk
How are Management Estimates audited?
First and foremost you need to understand management’s rationale and methods for developing estimates before you can judge reasonableness.
Next Auditor should formulate their own opinion on what a good estimate should be and compare it.
Finally determine if subsequent events affect the estimate.
AUD Evidence and Risk
Whose property are audit documentation (audit workpapers)? In what form must they be?
Audit workpapers are the property of the auditor.
They can be paper or electronic.
They must include a WRITTEN audit program (either paper or electronic).
AUD Evidence and Risk
What is the Current File?
Information pertaining to the current year’s audit.
AUD Evidence and Risk
What is the Permanent File?
Information used for this audit and future audits which is updated as needed.
AUD Evidence and Risk
How long must audit workpapers be maintained?
Must be kept for 5 years after the audit release date or according to regulations whichever is longer.
Must be kept for 7 years under PCAOB Audit
PCAOB audits also require an Engagement Completion Document
AUD Evidence and Risk
What is the primary requirement for audit workpapers besides being written?
Any experienced auditor should be able to look at your work and understand what you did.
AUD Evidence and Risk
How should documents added to work papers be treated?
If further documents are added to the work papers after the audit report is issued it must be documented as to who added them why they were added and any effects on the audit report.
AUD Evidence and Risk
How should documents removed from workpapers be treated?
After the audit report is released the firm has 60 days to subtract from the file.
You can still add to the file if you document it but you cannot delete any information after 60 days.
Note - for SEC auditors the PCAOB only allows deletions up to 45 days after issuance of the audit report.
AUD IT
When is an audit of IT NOT required?
Controls are redundant to another department
The system does not appear to be reliable and testing controls would not be an efficient use of time
Costs exceed benefit
AUD IT
When can an audit of IT be performed without directly interacting with the system?
System isn’t complex or complicated
System output is detailed
AUD IT
What is the role of a Database Administrator?
Maintains database
Restricts access
Responsible for IT internal control
AUD IT
What is the role of a Systems Analyst?
Recommends changes or upgrades
Liaison between IT and users
AUD IT
What is the role of the data Librarian?
Responsible for disc storage
Holds system documentation
AUD IT
What is the benefit of Generalized Audit Software in an audit?
Uses computer speed to quickly sort data and files- which leads to a more efficient audit
Compatible with different client IT systems
Extracts evidence from client databases
Tests data without auditor needing to spend time learning the IT system in detail
Client-tailored or commercially produced
AUD IT
What is a Relational Database?
Group of related spreadsheets
Retrieves information through Queries
AUD IT
What is a Data Definition Language?
A language that defines a database and gives information on database structure.
It maintains tables- which can be joined together.
It establishes database constraints.
AUD IT
What functions are performed by a Data Manipulation Language?
Maintains and queries a database
Auditor needs information- so client uses DML to get the information needed
AUD IT
What functions are performed by a Data Control Language?
A Data Control Language controls a database and restricts access to the database.
AUD IT
What are Check Digits?
A numerical character consistently added to a set of numbers.
It makes it more difficult for a fraudulent account to be set up or go undetected.
AUD IT
What is the purpose of a Code Review?
A Code Review tests a program’s processing logic.
Advantageous because auditor gains a greater understanding of the program.
AUD IT
What is the purpose of a Limit Test?
Examines data and looks for reasonableness using upper and lower limits to determine if data fits the correct range.
Did anyone score higher than 100%?
AUD IT
What is the Test Data Method?
Auditor processes data with client’s computer - fake transactions are used to test program control procedures.
Each control needs to only be tested once
Problem with this method - fake data could combine with real data.
AUD IT
How can Operating Systems Logs be utilized during an audit?
Auditor can review logs to see which applications were run and by whom.
AUD IT
What is the purpose of Access Security Software?
Helpful in online environments
Restricts computer access - may use encryption.
AUD IT
How can Library Management Software assist with an audit?
Library Management Software logs any changes to system/applications etc.
AUD IT
How can Embedded Audit Modules in software be utilized in an audit?
Assist with audit calculations
Enable continuous monitoring in an audit environment that is changing
Weakness: requires implementation into the system design
Example: SCARF - Collects information based on some criteria and can be analyzed at a later time (necessary because the audit environment is continually changing)
AUD IT
What is an Audit Hook?
An Audit Hook is an application instruction that gives auditor control over the application.
AUD IT
What is the purpose of Transaction Tagging?
Transaction Tagging allows logging of company transactions and activities.
AUD IT
How do Extended Records assist in audit trail creation?
Extended Records add audit data to financial records.
AUD IT
How does Real Time Processing affect an audit?
Destroys prior data when updated
aka Destructive Updating
Requires well-documented Audit Trail
AUD IT
What is the risk of auditing System outputs versus Application outputs?
If the auditor only audits the outputs of a computer system and doesn’t also audit the software applications- an error in the applications could be missed.
AUD IT
What is a Compiler?
Software that translates source program (similar to English) into a language that the computer can understand
AUD IT
How is Parallel Simulation utilized during an audit?
Client data is processed using Generalized Audit Software (GAS)
Sample size can be expanded without significantly increasing the audit cost
GAS output compared to client output
AUD IT
What does auditing internal control in a company’s IT environment accomplish?
Plan the rest of audit- Shorter audit trails that may expire- Less documentation
Assess the level of Control Risk - Unauthorized access to systems or data is more difficult to catch
Systems access controls adds another layer to separation of duties analysis
Focus should be on the general controls- new systems development- current systems changes- and program or data access control or computer ops control changes
