Audit Risk Planning & Documentation Flashcards
When Audit planning starts?
It starts a few weeks before the start of audit so that audit could be performed in an effective and efficient manner
Mandatory as well as needed to be documented.
What are the advantages or importance of audit planning?
Helps auditor in
-identify and resolve problems on a timely basis
-helps give appropriate attention to risky areas
-helps perform audit in effective manner
-helps in selection of appropriate audit team
-Helps in supervision and review of work
Parts Of Audit Planning?
Overall audit strategy
Developing an audit plan
What are the contents of audit palanning and audit strategy?
Audit strategy
-understand entity and it’s environment
-Use if Experts
-what resources are to be deployed
-Financial reporting framework
-availability of Clint personnel
-selection of team
Audit Planning
Materiality
Timetable of planned audit work
Description of nature timing and extent of planned audit procedures
Description of nature timing and extent of planned risk assessment procedures
What is Working Paper?
an audit procedure performed but not documented is like it was never performed.
So Audit procedures are documented on a piece of paper called working paper.
Working papers are a record of:
-Procedures performed
-Evidence collected
-conclusions
Examples:
-Inventory Check
-Bank Confirmation
Advantages/importance of working paper?
It is imp because:
-helps in legal issues
-control i.e; helps partner in checking work of team
-acts as a proof
-hepls in audit planning of next years especially in case of opening balances
Contents(qualities and features) of Woking Paper?
Firm name
Name of client
B/s date
Procedure performed
Evidence obtained
Who prepared
Who received
2 types of working Paper
How long to retain working paper?
Standarized and automated working paper?
Interim and Final Audit remaining?
Materiality and Performance Materiality?
Material Info:
The misstatements/omissions in f/s which individually or in aggregate can change the decisions or users on financial statements.
Performance Mateiality:
The auditors sets a lower amount than materiality for financial statements as a whole in order to reduce the probability that the aggregate of uncorrected misstatements exceeds total materiality.
3 Questions related to
Entity and its Environment
why
what
how
What is Fraud and Error?
Any international act done through deception to get an unjust or illegal advantage by one or more individual members of management, those charged with governnance, Employees or third parties.
Management and Employee fraud Differ.
Types of Fraud?
-
-
-
-
-
-
-
Responsibilities of Management and Auditor in Fraud?
what auditor has to get in written representation from Management related to fraud and error?
Auditor should get following written representations related to fraud and error from management:
-they have fulfilled their responsibility to design, implement and maintain controls to detect and prevent any fraud and error
-they have disclosed the managements assessment of risk and fraud in f/s to auditor
-They have disclosed to auditor their knowledge of allegations of any fraud/suspected fraud communicated by employees, former employees analysts etc.
Explain Communication Of Fraud to Those charged with Governance?
If auditor finds any fraud or receives information that a fraud may exist, he must inform to management.
If he finds fraud in which management may be involved, he must inform to those charged with governnance.
If he thinks there is need or if those charged with governance are also involved, he needs to report to regulatory bodies.
What is Compliance and non- compliance?
Following all rules and regulations is called compliance and vice versa….
Indicators of Non- Compliance?
audit procedures in case of Non Compliance?
1- Obtain the understanding of act and circumstances
2 - Obtain further information to evaluate possible effects on financial statements
3 - Discuss with the management and those charged with Governance
4 - Consider to obtain legal advice
5- Evaluate effects on auditors opinion if Sufficient Information not obtained
Reporting the non-compliance?
Discuss this with those charged with governance,
if they are suspected to be involved than report to audit committee but if it not exists take legal advice
Consider the effect of non-compliance on the auditor’s report. Ensure sufficient audit evidence is obtained if management or governance obstructs the reflection of material non-compliance in financial statements
Determine if reporting to regulatory bodies is required
Inherent and Controls risk in NPO?
Inherent Risk:
Regulation is complex
Tax rules for NPO are complex
There is lack of predictable income
There is uncertainity of future income
Donations are quite Significant
Control Risks:
Directors/trustees may give less time to organization
Frequency of Direectors/trustees meetings is less
Directors are less qualified
trustees may not be independent from each other
How Audit is reported for NPO?
If there is statuatory requirement of audit for NPO, then a normal audit report like for a limited company shall be made but if it for some other purpose than some alteration may be made:
Addresse of report
Scope of engagement
What audit relates to
Responsibilities of auditor and trustees
Explain analytical procedures?
Analytical procedures are performed to get an understanding of the entity and its environment and in the overall review at the end of audit.
It is done by comparing with:
last year
Budgets
Industry average
It is done at 3 Stages:
Risk assessment stage
Performance Stage
Opinion Stage
What is service organization and explain
User entity
User Auditor
Service Organization
Service Auditors
User Entity: an entity whose financial statements are being audited
User Auditor: Auditor of user Entity
Service Organization: Organization which provides services to the user entity regarding financial statements
Service Auditor: Auditor of service Organization which at request of service organization provides assurance report on controls of service organization to user auditor
Responsibility:
The user auditor is solely responsible for the audit opinion. The service auditor’s name must not be mentioned in the audit report. If mentioned, clearly state that the service auditor is not responsible.
Using The work of an Expert?
Management Expert
Auditor Expert
Expert; a person who ha speciality in any field other than auditing and accounting is called an expert
Management Expert: a person who ha speciality in any field other than auditing and accounting an is used by management to prepare f/s
Auditor Expert: a person who ha speciality in any field other than auditing and accounting and is used by auditor to collect evidence
auditor should check some factors:
independence
Licence
Competent
Responsibility:
The auditor is solely responsible for the audit opinion. The expert name must not be mentioned in the audit report. If mentioned, clearly state that the expert is not responsible.
Using The work of an internal auditor?
Page 19 Audit Risk Handout
Accounting Estimates
Page 19 Audit Risk Handout
Audit risk and types of audit risk?
Inherent risk:
is the susceptibility of an assertion about a class of transaction, account balance or
disclosure to a misstatement that could be material either individually or when aggregated with other
misstatements, before consideration of any related controls
Examples:
Changes in the nature of the industry the company operates in.
Going concern issues and loss of significant customers.
Expanding into new territories.
A high degree of regulation over certain areas of the business
Control risk:
is the risk that a misstatement, that could occur in an assertion about a class of transaction,
account balance or disclosure and that could be material, either individually or when aggregated with
other misstatements, will not be prevented, or detected and corrected on a timely basis by the entity’s
internal control
Examples:
Deficiencies in internal control
Changes in the IT environment
Detection risk:
is the risk that the procedures performed by the auditor to reduce audit risk to an
acceptably low level will not detect a misstatement that exists and that could be material, either
individually or when aggregated with other misstatements
Examples:
Poor planning
Incorrect sample sizes
Incorrect sampling techniques performed
Audit and Assurance (AA)
What are computer assisted audit techniques? Also give advantages and disadvantages?
Use of computer software for audi work is called CAAT’s.
Advantages:
Cost-effective in long term if client does not change its system hence improved efficiency
Reduces waste of time on random manual calculations
Helps in increasing sample size hence reduced overall risk
Auditor can check greater no of items more quickly
Disadvantages:
Setting up software for CAAT can be time consuming and costly
Audit team will be needed to be trained to use this
Cliens data may be corrupted or lost during use of CAAT’s
Types of Computer assisted audit techniques?
TEST OF DATA:
It is used for the test of controls. It is done by entering data into client system and comparing results obtained with predetermined results.
E.g:
1- To check whether inventory system is integrated with website or not, place a dummy order which is not in stock. the system should reject it
2- To check whether customer’s account balance exceeds limit, place a dummy order exceeding credit limit, the system should reject it
Audit Software:
It is used for subtantative procedures. It consists of computer programs for performing audit procedures that process data related to audit significance from clients accounting system.
E.g:
1- Recalculate the total of an item to ensure accuracy
2- Compare X with X to ensure completeness