AUDIT Flashcards
Agency Risk
managers not acting in best interest of shareholders
Engagement letter
the practitioner and the client.
The purpose of the engagement letter is to lay out the terms of the engagement, including the following:
- the objective and scope of the audit of the financial statements
- the responsibilities of the practitioner
- the responsibilities of management
- identification of the applicable financial reporting framework for the preparation of the financial statements
- reference to the expected form and content of any reports to be issued by the practitioner and a statement that there may be circumstances in which a report may differ from its expected form and content
- the basis on which fees are computed and any billing arrangements
Materiality (CAS 320)
- focus on users and their objectives
- planning: which procedures to focus on
executing: evaluate errors discovered n determine if any additional procedures are needed.
Guidelines for calc of materiality - focus on sensitivity to misstatement
very = lower
not as much = higher
ofit entities:
- 3% to 7% of normalized income before tax
- 1% to 3% of revenues or expenses
- 1% to 3% of total assets
- 3% to 5% of equity
Not-for-profit entities:
- 1% to 3% of revenues or expenses
- 1% to 3% of total assets
Materiality Steps
- User and objs
2.Determine base (normalized income or total assets) and remove not normal income (nibt)
3.Calculate materiality
more sensitive = lower percentage. always conclude why you chose this base = overall materiality - performance materiality = audit focused = how much audit work to be done = if risk high, PM is lower so 60%
- specific materiality (users)
must not exceed overall materiality - affects users decision eg. bank having max limit of inv. etc 1%?
- SPM: so a % of the SM.
Which of the following best describes when an auditor is required to consider materiality in an audit?
Incorrect Response
a)
During the planning phase of the audit
Correct Answer
b)
Throughout the entire audit
c)
At the end of the audit
d)
When risk is assessed
Answer b) is correct. Materiality should be calculated in the planning stage and subsequently reassessed to incorporate changes in the needs and sensitivities of the users.
Audit Risk CAS 200
AR = RMM*DR RMM=IR*CR DR based on procedures n risk that they won't find wrong stuff IR,CR based on OFSL n assertion level DR needs to be low if RMM high
RMM at OSFL
Affects entire organization, not just an account or transaction either inherent or from controls
Don’t forget those that reduce risk
IR risk factor examples
highly competitive = greater chance of overstatements
foreign currency risk
pressures from board or society
CR risk factor examples
no formal policies n processes
high employee turnover
having a knowledgable CPA
Which of the following statements is true?
a) Inherent risk is the susceptibility of an assertion to a material misstatement, either individually or when aggregated with other misstatements, assuming that there are some related controls.
b) Control risk is the risk that a material misstatement, either individually or when aggregated with other misstatements, will not be prevented, or detected and corrected, on a timely basis by related controls.
c) Inherent risk is the risk that a material misstatement, either individually or when aggregated with other misstatements, will not be prevented, or detected and corrected, on a timely basis by the entity’s internal control.
d) Detection risk is the risk that an error will not be prevented, or detected and corrected, on a timely basis by the entity’s internal control.
Answer c) is incorrect. This statement is false. See CAS 200.13 (n)(i) — inherent risk is independent of any related controls. Answer b) is correct. Control risk is the risk that a material misstatement, either individually or when aggregated with other misstatements, will not be prevented, or detected and corrected, on a timely basis by related controls. See CAS 200.13 (n)(ii).
Which of the following statements is true in relation to the auditor’s requirement in identifying and assessing the risks of material misstatement?
a) An auditor is required to obtain an understanding of all control activities in an entity.
b) An auditor is required to obtain an understanding of an entity’s relevant controls by evaluating the design of the controls and determining whether the controls have been implemented as designed.
c) The auditor is permitted to solely use inquiry of the entity’s personnel as a risk assessment procedure to obtain audit evidence about the design and implementation of the internal controls.
d) An auditor is only required to obtain an understanding of controls if a combined approach is planned to be taken.
Answer d) is incorrect. Per CPA Canada Handbook – Assurance, CAS 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment, paragraph 12, the auditor is required to obtain an understanding of internal controls relevant to the audit, regardless of the planned approach. Answer b) is correct. This is consistent with CPA Canada Handbook – Assurance, CAS 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment,
paragraph 13.
FRAUD (CAS 240)
There are two types of fraud: fraudulent financial reporting (USUALLY AT MGMT LEVEL) and misappropriation of assets (EMPLOYEE LEVEL or smaller orgs)
Fraud triangle consists of
ROI - risk of dr is higher
- Incentives and pressures
- Opportunity (usually internal control risks)
- Rationalization and attitude
Going Concern (CAS 570)
stay alert for triggers that suggest negative changes for the entity. Consider whether there is an impact to its ability to continue to operate
Mgmt should include 12 month cashflow to prove that they are a going concern
Material + Going Concern exists
Disclose = unmodified opinion with an emphasis of matter
If not = qualified or adverse opinion
Going concern and the preparation of statements
If well prepared = unmodified opinion with an emphasis of matter
If not = adverse opinion
Approach (CAS 330)
Last step in planning process.
Combined or substantive procedures
sets scope, timing and direction of audit
`
Combined Approach
both test of controls and substantive procedures
-that controls are working effectively (CR LOW so less sub. tests needed.) n substantive is not enough
so controls are enough!!!!
Why choose a substantive Approach
—> assertion level
test of details (transactions + a/c balances) OR
analytical procedures
- internal controls not reliable so CR high = weak controls
weak controls
or
low volume/high $ transactions and say WHY
What to consider when deciding to use substantive or combined?
What led to the RMM?
IR: Likelihood of mm due to class or transactions
CR: relevant controls not effective enough
Analytical Procedures
Reliability of prior info etc.
Annualize I/S amounts
Assertions
Execution of audit
Assertions for Account Balances on Balance Sheet
VERC
• Existence - do they exist? overstatement
• Completeness - all been recorded? understatement
• Rights and obligations - legal claim/control rights?
• Valuation and allocation - correct amt? estimates?
Assertions for Account Balances on IS
COCCA
• Occurrence - have they occurred. overstatement
• Completeness - all been recorded? understatement
above are opposites…
• Accuracy - affects measurement eg bad debt
• Cut-off - are they recorded in correct period?
• Classification - are they in the correct account
Assertions for P&D
• Occurrence • Rights and obligations • Completeness • Classification +Understandability - is the disclosure understandable • Accuracy+Valuation COCURA
Audit Evidence (CAS 500)
2nd stage: responding to risk
What is Sufficiency
balance of quantity n quality of evidence obtained
Appropriateness of audit evidence
reliability n relevance
Differences between internally generated, externally generated but held by client and externally generated
IG = Least persuasive EGC = somewhat persuasive eg supplier invoice EG = directly from a third source
Types of Substantive Procedures
the execution stage CORIRIA Inspection Observation Inquiry External Confirmation Recalculation Reperformance Analytical procedures
Simple approach for procedures
- what could be wrong in the financial statements and why?
- piece of documentation from the client that supports the balance you are looking at (accounts receivable detail, asset valuation, revenue listing, and so on).
- Test that documentation by comparing it with support (recalculate, vouch to invoices, inspect terms, and so on).
Substantive P: Cash
overstatement = existence
Cash is gone so look at ledger so compare to that and bank rec
Substantive P: Loans
always look at the rights n obligations to ensure covenant has not yet been broken
board minutes or bank confirmation
Substantive P: Acs Rec and Inventory and PPE
depends on type of business
existence n valuation - overstatement
Existence: If stolen, it no longer exists but may not have been removed from the PPE listing.
Substantive P: liabilities
understatement = completeness
Sales assertion
occurrence, accuracy, and cut-off
Cost of sales assertions
completeness, accuracy, and cut-off (use stuff from before n after period end).
Expenses assertions
understatement = completeness n cutoff n accuracy
r&M is it capital or an expense
Rules of professional conduct
Objectivity Integrity n due care professional competence confidentiality professional behaviour
Independence
Self interest threats self review threats advocacy threats familiarity threats intimidation threats