AUD Flashcards
What is Audit Sampling?
Taking part of a population- subjecting it to audit procedures- projecting results to a population
What are the characteristics of Statistical Sampling?
Based on formulas
Helps find an appropriate audit sample
Helps evaluate evidence obtained
Helps evaluate results and quantify Sampling Risk
What are the characteristics of Non-Statistical Sampling?
Based on human decision
Equally acceptable as Statistical Sampling
What are the characteristics of Substantive Tests?
Variables sampling
Probability proportionate to size sampling
What type of sampling are Control Tests?
Attribute Sampling
What is Sampling Risk?
Risk that your sample isn’t representative of population
Can happen even if audit is done properly
What is the risk of assessing Control Risk too high?
A risk of Control Testing - Auditor works to make Control Risk lower
More substantive tests - Sample overstates Control Risk- Leads to an under-reliance on internal control- over-testing- and overall audit inefficiency
Audit ends up being effective (correct result)- but you do more work
What is the risk of assessing Control Risk too low?
A risk of Control Testing - Complement to Confidence Level
Inverse relationship to Sample Size
Higher accepted risk of assessing Control Risk too low = Smaller Sample
Lower accepted risk of assessing Control Risk too low = Larger Sample
What are the risks if the auditor concludes controls are operating effectively based on the sample and Control Risk is set too low?
Leads to higher Detection Risk - Fewer substantive tests
Sample understates Control Risk
This error leads to over-reliance on internal control- under-testing- and overall audit ineffectiveness.
Does NOT necessarily mean that the Financial Statements are materially misstated - it does mean that if there is one- you are less likely to find it
What is the risk of Incorrect Acceptance?
A risk of Substantive Testing - Auditor accepts a balance as fairly stated- when in fact it is not fairly stated
Hurts audit effectiveness
Wrong conclusion reached
Efficient- but not effective
What is the risk of Incorrect Rejection?
A risk of Substantive Testing - Auditor rejects balance as fairly stated when in fact it is fairly stated
Hurts audit efficiency
Wrong recommendations given
Effective- but not efficient
What is Non-Sampling Risk?
Risk of human (auditor) missing an error
Also called exception- error or deviation.
How does Sampling Risk compare to Non-Sampling Risk?
Sampling Risk deals with the chance that your audit sample is flawed
Non-Sampling risk deals with the chance that your human decisions/conclusions are flawed
What is Attribute Sampling?
Looking at Control Procedures - Were invoices approved when paid?
Errors are stated in terms of %- not dollar amounts
For example- 5 invoices out of 100 were not properly paid. Error rate is 5%
Hint: If you see Error Rate on the Exam- they are referring to Attribute Sampling.
How do you determine if Control Procedures are operating properly or not operating properly?
Control Procedures are either operating properly or they are not operating properly - based on Error Rate and the tolerance you have for errors
What is the Tolerable Rate?
Error rate in population that you are willing to accept/tolerate
Inverse relationship to Sample Size
Higher Tolerable Rate = Smaller Sample
Lower Tolerable Rate = Larger Sample
If you’re willing to accept a higher probability that errors exist- there is less pressure on the sample
What is the Expected Population Error Rate?
What Error Rate are you expecting? - Judgment call- based on experience
Direct relationship to Sample Size
More errors = Larger Sample
Less errors = Smaller Sample
What is the basic premise of Attribute Sampling?
Attribute in the sample gives information about the entire audit population
Used to estimate Internal Control error rate
For what is the Expected Population Deviation (error) Rate used?
Used to determine initial level of Control Risk
What is the Allowable Risk of Over-reliance?
Risk of Assessing Control Risk too low
Gives you the Sampling Risk
When is Attribute sampling used?
Attribute sampling is only useful when there is documented evidence (an audit trail) to test
Use when the existence of an error needs to be verified or debunked
What is Classic Variable Sampling?
Testing for a dollar amount
Value in sample gives information about value in entire population.
What functions are used in conjunction with Classic Variable Sampling?
Mean Per Unit = Sample Average x Number in Population
Stratification - Decreases effect of variance in population and reduces sample size
What are the characteristics of Probability Proportionate to Size (PPS) sampling?
A form of Variable Sampling
Does NOT use Standard Deviation
Auditor focuses on a dollar amount
Larger or more valuable items get picked more often as part of the sample
What is Projected Misstatement?
Misstatement found in sample - have to project it to remainder of population
How does Probability Proportionate to Size (PPS) sampling compare to Classic Variables sampling?
PPS:
Easier to use- Results in a stratified (homogenous) sample- Results in a smaller sample size to audit- Easy to design
Classic Variables Sampling:
Easy to expand sample size- Selecting zero and negative balances easy
What factors affect sample size?
Tolerable rate for error - Inverse relationship with sample size
Risk of assessing Control Risk too low - Inverse relationship with sample size
Expected population error rate - Direct relationship with sample size
Population size does NOT affect the sample size - as population is larger- sample size doesn’t grow.
What is the formula for Audit Sampling?
SER + ASR
What is Allowance for Sampling Risk?
The amount that you add to the Sampling Error Rate to get some cushion for your sample.
As high as you think the population error rate could go based on experience.
What is the Tolerable Error Rate?
The amount of error rate that you can accept - If population error rate is less than TER- then accept the Control as effective
If population error rate is more than TER- do more testing to get SER lower or conclude control isn’t effective. Do more substantive testing
What are the steps to develop a sampling plan?
Determine Test Objective - for example- have sales shipments been billed?
Define Population and Deviation - take a sample of shipping document- trace forward to see if billed
Determine Sample Size based on tolerable rate for error- risk of assessing Control Risk too low- and expected population error rate.
Select Sampling Technique
After a Sampling Plan is developed- what are the steps in sampling?
Perform the Sampling Plan
Evaluate Results
Document Results
What is Systematic Sampling?
Every certain # of a population is selected
Population needs to be randomly ordered
Primary advantage is that population doesn’t require pre-numbering
What is Sequential Sampling?
Also called Stop or Go sampling
Each audit step determines the next step
What is Discovery Sampling?
Audit is testing an area that is so crucial that zero population errors can be tolerated
Any phony employees on payroll?
How does Block Sampling compare to other sampling methods?
Easy to implement- but is the worst method of sampling.
What should be included for the Auditor’s address?
The City and State where located
What is Management Responsible for in regards to the Financial Statements?
Preparation and Fair Presentation of Financial Statements in accordance with the Applicable Financial Reporting Framework
What is Management Responsible for in regards to Internal Control?
Internal Control Design, Implementation, Maintenance
What are the headings in the Audit Report for an Unmodified Opinion?
(TIM-AA) Title; Introduction; Management Responsibility; Auditor Responsibility; Audit Opinion
What are the headings in the Audit Report for an Modified Opinion?
(TIMA-BA) Title; Introduction; Management Responsibility; Auditor Responsibility; Basis for (Modified) Opinion; Audit Opinion
In an Unmodified Opinion with Emphasis-of-Matter / Other-Matter sections, what is the order of the headings?
(TIM-AA EMO) Title; Introduction; Management Responsibility; Auditor Responsibility; Audit Opinion; Emphasis-of-Matter; Other-Matter
What are the requirements for referencing a Component Auditor in the Audit Report?
Component Financial Statements must be prepared using same Financial Reporting Framework as the Group Financial Statements; Component Auditor must have performed audit in accordance with GAAS or PCAOB Standards.
What must the Group Engagement Partner do if they assume responsibility for the Component Auditor’s work?
Perform additional audit procedures; Be involved in Component Auditors work; Perform Risk Assessment procedures; Assess Risk of Material Misstatement
What standards govern SSARS engagements?
Compilations are governed by SSARS (Statements on Standards for Accounting and Review Services)
Which clients can have compilation engagements?
Non-SEC (non-public) registrants only.
What is a Compilation?
Accountant puts together financial statements with information PROVIDED BY MANAGEMENT. No opinion is expressed and no assurances are given. Independence is not required.
What disclosures are required for Compilation engagements?
Disclosures not necessary must state that they are not included
What standards govern Review engagements?
SSARS (Statements on Standards for Accounting and Review Services)
What type of assurance is given in a Review engagement?
Reviews give limited assurance.
What procedures are required for Review engagements?
Analytical procedures are required for reviews. Compare results to documented predictions.
What is a Review engagement?
Financial statements are presented with no opinion expressed- and limited assurances are given. Independence is required for a review engagement.
What is a Forecast?
A prospective financial statement that uses normal circumstances. General and limited use allowed.
What is a Projection?
A prospective financial statement using hypothetical situations. Only limited use by the client is allowed.
What are the requirements for Agreed Upon Procedures?
Independence is required; Only limited use by the client is allowed.
What disclosures are required for remote likelihood of losses?
No disclosure required.
What disclosure is required for a probable loss contingency?
Accrue if estimable. Emphasis-of-Matter paragraph if not estimable.
What disclosure is made if a loss contingency is reasonably possible?
Auditor assesses need for Emphasis-of-Matter paragraph based on loss likelihood.
How is a gain contingency reported?
Gain contingencies are not reported.
How does an immaterial GAAP issue affect the audit opinion?
It doesn’t. Opinion is Unmodified.
How does a very material GAAP issue affect the Audit Report?
Modified-Adverse Opinion is issued. Emphasis-of-Matter paragraph is added after Opinion paragraph.
How do GAS standards compare to GAAS?
GAS is more strict than GAAS.
What is required under the Single Audit Act?
Funding Threshold is $750,000. An audit performed under governmental auditing standards (GAS). A report on internal control is required. GAAS and GAS don’t require the I/C report.
What should be included for the Auditor’s address?
The City and State where located
What is Management Responsible for in regards to the Financial Statements?
Preparation and Fair Presentation of Financial Statements in accordance with the Applicable Financial Reporting Framework
What is Management Responsible for in regards to Internal Control?
Internal Control Design, Implementation, Maintenance
What are the headings in the Audit Report for an Unmodified Opinion?
(TIM-AA) Title; Introduction; Management Responsibility; Auditor Responsibility; Audit Opinion
What are the headings in the Audit Report for an Modified Opinion?
(TIMA-BA) Title; Introduction; Management Responsibility; Auditor Responsibility; Basis for (Modified) Opinion; Audit Opinion
In an Unmodified Opinion with Emphasis-of-Matter / Other-Matter sections, what is the order of the headings?
(TIM-AA EMO) Title; Introduction; Management Responsibility; Auditor Responsibility; Audit Opinion; Emphasis-of-Matter; Other-Matter
What are the requirements for referencing a Component Auditor in the Audit Report?
Component Financial Statements must be prepared using same Financial Reporting Framework as the Group Financial Statements; Component Auditor must have performed audit in accordance with GAAS or PCAOB Standards.
What must the Group Engagement Partner do if they assume responsibility for the Component Auditor’s work?
Perform additional audit procedures; Be involved in Component Auditors work; Perform Risk Assessment procedures; Assess Risk of Material Misstatement
What standards govern SSARS engagements?
Compilations are governed by SSARS (Statements on Standards for Accounting and Review Services)
Which clients can have compilation engagements?
Non-SEC (non-public) registrants only.
What is a Compilation?
Accountant puts together financial statements with information PROVIDED BY MANAGEMENT. No opinion is expressed and no assurances are given. Independence is not required.
What disclosures are required for Compilation engagements?
Disclosures not necessary must state that they are not included
What standards govern Review engagements?
SSARS (Statements on Standards for Accounting and Review Services)
What type of assurance is given in a Review engagement?
Reviews give limited assurance.
What procedures are required for Review engagements?
Analytical procedures are required for reviews. Compare results to documented predictions.
What is a Review engagement?
Financial statements are presented with no opinion expressed- and limited assurances are given. Independence is required for a review engagement.
What is a Forecast?
A prospective financial statement that uses normal circumstances. General and limited use allowed.
What is a Projection?
A prospective financial statement using hypothetical situations. Only limited use by the client is allowed.
What are the requirements for Agreed Upon Procedures?
Independence is required; Only limited use by the client is allowed.
What disclosures are required for remote likelihood of losses?
No disclosure required.
What disclosure is required for a probable loss contingency?
Accrue if estimable. Emphasis-of-Matter paragraph if not estimable.
What disclosure is made if a loss contingency is reasonably possible?
Auditor assesses need for Emphasis-of-Matter paragraph based on loss likelihood.
How is a gain contingency reported?
Gain contingencies are not reported.
How does an immaterial GAAP issue affect the audit opinion?
It doesn’t. Opinion is Unmodified.
How does a very material GAAP issue affect the Audit Report?
Modified-Adverse Opinion is issued. Emphasis-of-Matter paragraph is added after Opinion paragraph.
How do GAS standards compare to GAAS?
GAS is more strict than GAAS.
What is required under the Single Audit Act?
Funding Threshold is $750,000. An audit performed under governmental auditing standards (GAS). A report on internal control is required. GAAS and GAS don’t require the I/C report.
What should be included for the Auditor’s address?
The City and State where located
What is Management Responsible for in regards to the Financial Statements?
Preparation and Fair Presentation of Financial Statements in accordance with the Applicable Financial Reporting Framework
What is Management Responsible for in regards to Internal Control?
Internal Control Design, Implementation, Maintenance
What are the headings in the Audit Report for an Unmodified Opinion?
(TIM-AA) Title; Introduction; Management Responsibility; Auditor Responsibility; Audit Opinion
What are the headings in the Audit Report for an Modified Opinion?
(TIMA-BA) Title; Introduction; Management Responsibility; Auditor Responsibility; Basis for (Modified) Opinion; Audit Opinion
In an Unmodified Opinion with Emphasis-of-Matter / Other-Matter sections, what is the order of the headings?
(TIM-AA EMO) Title; Introduction; Management Responsibility; Auditor Responsibility; Audit Opinion; Emphasis-of-Matter; Other-Matter
What are the requirements for referencing a Component Auditor in the Audit Report?
Component Financial Statements must be prepared using same Financial Reporting Framework as the Group Financial Statements; Component Auditor must have performed audit in accordance with GAAS or PCAOB Standards.
What must the Group Engagement Partner do if they assume responsibility for the Component Auditor’s work?
Perform additional audit procedures; Be involved in Component Auditors work; Perform Risk Assessment procedures; Assess Risk of Material Misstatement
What standards govern SSARS engagements?
Compilations are governed by SSARS (Statements on Standards for Accounting and Review Services)
Which clients can have compilation engagements?
Non-SEC (non-public) registrants only.
What is a Compilation?
Accountant puts together financial statements with information PROVIDED BY MANAGEMENT. No opinion is expressed and no assurances are given. Independence is not required.
What disclosures are required for Compilation engagements?
Disclosures not necessary must state that they are not included
What standards govern Review engagements?
SSARS (Statements on Standards for Accounting and Review Services)
What type of assurance is given in a Review engagement?
Reviews give limited assurance.
What procedures are required for Review engagements?
Analytical procedures are required for reviews. Compare results to documented predictions.
What is a Review engagement?
Financial statements are presented with no opinion expressed- and limited assurances are given. Independence is required for a review engagement.
What is a Forecast?
A prospective financial statement that uses normal circumstances. General and limited use allowed.
What is a Projection?
A prospective financial statement using hypothetical situations. Only limited use by the client is allowed.
What are the requirements for Agreed Upon Procedures?
Independence is required; Only limited use by the client is allowed.
What disclosures are required for remote likelihood of losses?
No disclosure required.
What disclosure is required for a probable loss contingency?
Accrue if estimable. Emphasis-of-Matter paragraph if not estimable.
What disclosure is made if a loss contingency is reasonably possible?
Auditor assesses need for Emphasis-of-Matter paragraph based on loss likelihood.
How is a gain contingency reported?
Gain contingencies are not reported.
How does an immaterial GAAP issue affect the audit opinion?
It doesn’t. Opinion is Unmodified.
How does a very material GAAP issue affect the Audit Report?
Modified-Adverse Opinion is issued. Emphasis-of-Matter paragraph is added after Opinion paragraph.
How do GAS standards compare to GAAS?
GAS is more strict than GAAS.
What is required under the Single Audit Act?
Funding Threshold is $750,000. An audit performed under governmental auditing standards (GAS). A report on internal control is required. GAAS and GAS don’t require the I/C report.
What is Audit Sampling?
Taking part of a population- subjecting it to audit procedures- projecting results to a population
What are the characteristics of Statistical Sampling?
Based on formulas
Helps find an appropriate audit sample
Helps evaluate evidence obtained
Helps evaluate results and quantify Sampling Risk
What are the characteristics of Non-Statistical Sampling?
Based on human decision
Equally acceptable as Statistical Sampling
What are the characteristics of Substantive Tests?
Variables sampling
Probability proportionate to size sampling
What type of sampling are Control Tests?
Attribute Sampling
What is Sampling Risk?
Risk that your sample isn’t representative of population
Can happen even if audit is done properly
What is the risk of assessing Control Risk too high?
A risk of Control Testing - Auditor works to make Control Risk lower
More substantive tests - Sample overstates Control Risk- Leads to an under-reliance on internal control- over-testing- and overall audit inefficiency
Audit ends up being effective (correct result)- but you do more work
What is the risk of assessing Control Risk too low?
A risk of Control Testing - Complement to Confidence Level
Inverse relationship to Sample Size
Higher accepted risk of assessing Control Risk too low = Smaller Sample
Lower accepted risk of assessing Control Risk too low = Larger Sample
What are the risks if the auditor concludes controls are operating effectively based on the sample and Control Risk is set too low?
Leads to higher Detection Risk - Fewer substantive tests
Sample understates Control Risk
This error leads to over-reliance on internal control- under-testing- and overall audit ineffectiveness.
Does NOT necessarily mean that the Financial Statements are materially misstated - it does mean that if there is one- you are less likely to find it
What is the risk of Incorrect Acceptance?
A risk of Substantive Testing - Auditor accepts a balance as fairly stated- when in fact it is not fairly stated
Hurts audit effectiveness
Wrong conclusion reached
Efficient- but not effective
What is the risk of Incorrect Rejection?
A risk of Substantive Testing - Auditor rejects balance as fairly stated when in fact it is fairly stated
Hurts audit efficiency
Wrong recommendations given
Effective- but not efficient
What is Non-Sampling Risk?
Risk of human (auditor) missing an error
Also called exception- error or deviation.
How does Sampling Risk compare to Non-Sampling Risk?
Sampling Risk deals with the chance that your audit sample is flawed
Non-Sampling risk deals with the chance that your human decisions/conclusions are flawed
What is Attribute Sampling?
Looking at Control Procedures - Were invoices approved when paid?
Errors are stated in terms of %- not dollar amounts
For example- 5 invoices out of 100 were not properly paid. Error rate is 5%
Hint: If you see Error Rate on the Exam- they are referring to Attribute Sampling.
How do you determine if Control Procedures are operating properly or not operating properly?
Control Procedures are either operating properly or they are not operating properly - based on Error Rate and the tolerance you have for errors
What is the Tolerable Rate?
Error rate in population that you are willing to accept/tolerate
Inverse relationship to Sample Size
Higher Tolerable Rate = Smaller Sample
Lower Tolerable Rate = Larger Sample
If you’re willing to accept a higher probability that errors exist- there is less pressure on the sample
What is the Expected Population Error Rate?
What Error Rate are you expecting? - Judgment call- based on experience
Direct relationship to Sample Size
More errors = Larger Sample
Less errors = Smaller Sample
What is the basic premise of Attribute Sampling?
Attribute in the sample gives information about the entire audit population
Used to estimate Internal Control error rate
For what is the Expected Population Deviation (error) Rate used?
Used to determine initial level of Control Risk
What is the Allowable Risk of Over-reliance?
Risk of Assessing Control Risk too low
Gives you the Sampling Risk
When is Attribute sampling used?
Attribute sampling is only useful when there is documented evidence (an audit trail) to test
Use when the existence of an error needs to be verified or debunked
What is Classic Variable Sampling?
Testing for a dollar amount
Value in sample gives information about value in entire population.
What functions are used in conjunction with Classic Variable Sampling?
Mean Per Unit = Sample Average x Number in Population
Stratification - Decreases effect of variance in population and reduces sample size
What are the characteristics of Probability Proportionate to Size (PPS) sampling?
A form of Variable Sampling
Does NOT use Standard Deviation
Auditor focuses on a dollar amount
Larger or more valuable items get picked more often as part of the sample
What is Projected Misstatement?
Misstatement found in sample - have to project it to remainder of population
How does Probability Proportionate to Size (PPS) sampling compare to Classic Variables sampling?
PPS:
Easier to use- Results in a stratified (homogenous) sample- Results in a smaller sample size to audit- Easy to design
Classic Variables Sampling:
Easy to expand sample size- Selecting zero and negative balances easy
What factors affect sample size?
Tolerable rate for error - Inverse relationship with sample size
Risk of assessing Control Risk too low - Inverse relationship with sample size
Expected population error rate - Direct relationship with sample size
Population size does NOT affect the sample size - as population is larger- sample size doesn’t grow.
What is the formula for Audit Sampling?
SER + ASR
What is Allowance for Sampling Risk?
The amount that you add to the Sampling Error Rate to get some cushion for your sample.
As high as you think the population error rate could go based on experience.
What is the Tolerable Error Rate?
The amount of error rate that you can accept - If population error rate is less than TER- then accept the Control as effective
If population error rate is more than TER- do more testing to get SER lower or conclude control isn’t effective. Do more substantive testing
What are the steps to develop a sampling plan?
Determine Test Objective - for example- have sales shipments been billed?
Define Population and Deviation - take a sample of shipping document- trace forward to see if billed
Determine Sample Size based on tolerable rate for error- risk of assessing Control Risk too low- and expected population error rate.
Select Sampling Technique
After a Sampling Plan is developed- what are the steps in sampling?
Perform the Sampling Plan
Evaluate Results
Document Results
What is Systematic Sampling?
Every certain # of a population is selected
Population needs to be randomly ordered
Primary advantage is that population doesn’t require pre-numbering
What is Sequential Sampling?
Also called Stop or Go sampling
Each audit step determines the next step
What is Discovery Sampling?
Audit is testing an area that is so crucial that zero population errors can be tolerated
Any phony employees on payroll?
How does Block Sampling compare to other sampling methods?
Easy to implement- but is the worst method of sampling.
What is the primary duty of an auditor?
To provide users of financial information with REASONABLE ASSURANCE that the financial statements are not materially misstated.
What is the auditor’s responsibility for detecting theft or fraud?
Auditors are not responsible for detecting theft or fraud.
Instead- they are responsible for providing REASONABLE ASSURANCE that the financial statements are not materially misstated.