Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

AA > Ch 4 - Planning an audit (basics) > Flashcards

Ch 4 - Planning an audit (basics) Flashcards

(91 cards)

Start Studying
1
Q

What are the benefits of planning an audit?

A

Attention is devoted to important areas
- i.e. areas that are more likely to include material errors
Potential problems are identified and resolved on a timely basis
Audit is organised to ensure it is performed in an effective and efficient way
As this allows a profit to be made
Staff with appropriate level of competence can be selected
Facilitates direction, supervision and review of audit work
Aids co-ordination of work done by auditors of components or experts
E.g. if one auditor does consolidated FS, they might not have done indiv FS so would work with auditor of indiv FS to help understand

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Why is it important that an Audit is organised to ensure it is performed in an effective and efficient way?

A

Allows for profit to be made

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What must an auditor do at the strat of an audit?

A

ISA 300 requires the auditor to

  • plan the audit engagement
  • establish and document an overall audit strategy and a detailed audit plan
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Is the overall audit strategy and detailed audit plan set in stone in planning?

A

No, These documents should be updated as necessary as the audit progresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How is an overall audit strategy done for clients?

A

This is specific to each indiv client

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does the audit strategy cover?

A 
the main general areas of planning such as 
The entity and its env
Materiality
Preliminary analytical procedures 
Risk assessment 
Audit approach
Co-ordination of the audit
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the main general areas of planning?

A 
The entity and its env
Materiality
Preliminary analytical procedures 
Risk assessment 
Audit approach
Co-ordination of the audit
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What must be co-ordinated in the audit strategy?

A 
Timing
Teams
Locations
Budgets 
Deadlines
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How can auditors assess risk properly?

A

only possible with a thorough understanding of the client

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Why is it important for an auditor to understand the entity and its env?

A

ISA 315 and 330 require the auditor to assess risk, which is only possible with a thorough understanding of the client
An understanding of the entity and its env underpins all the benefits of planning we saw earlier in the chapter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the 4 forms of obtaining understanding of an entity and its env?

A

Firm
You
Client
Other

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How can the firm understand an entity and its env?

A

Partner
Manager briefing
Industry experts
Last years team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How can you understand an entity and its env?

A

Through past experience

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How can the client help the auditor to understand an entity and its env?

A

Discussion
Observation
Watch what they actually do to see how it works
Website/brochures
Helps determine their aims
E.g. if they want to be listed soon or show huge growth, may require more attention to sales figures
Analytical procedures
Draft figures for the current year can be a good indicator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What other things help the auditor to understand an entity and its env?

A 
Industry surveys 
Compare to competitors 
Credit reference agencies 
Companies House
Internet search
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What areas must the auditor understand?

A 
Environment 
- Laws and regulations
- Industry conditions
Entity 
- Operations
- Ownership and governance 
- Investments
-Structure & finance 
- Accounting policies
- Objectives and strategies
- System of internal control
- Use of outsourcing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Define materiality

A

ISA 320 states that info is material if its omission or misstatement could influence the economic decisions of users taken on the basis of the FS
Materiality is therefore a matter of professional judgement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is materiality a matter of?

A

Materiality is therefore a matter of professional judgement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are the general thresholds for materiality?

A

0.5-1% of revenue
5-10% of profit before tax
1-2% of gross assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Give some examples of materiality by nature

A
  • Matters relating to directors or related party transactions which are required to be disclosed in FS regardless of their value
  • Small amounts that impact on critical points
    Examples
    Change a profit to a loss
    Net assets to net liabilities
    Affect thresholds such as whether a company is a small or medium sized company under CA
    Descriptions which are misleading
    E.g. of accounting policies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is performance materiality?

A

Performance materiality is an amount set at less than materiality for FS as a whole, to reduce the risk that the aggregate of smaller misstatements in the indiv acc balances or classes of transactions could exceed materiality for the FS as a whole

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is the purpose of performance materiality?

A

to reduce the risk that the aggregate of smaller misstatements in the indiv acc balances or classes of transactions could exceed materiality for the FS as a whole

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Why and when are analytical procedures used?

A

During planning

To identify risks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What are the 3 uses of analytical procedures?

A

During planning, help to identify risks
Can be used as a form of substantive procedures to gather audit evidence (ISA 520)
Must be used to assist in forming an overall conclusion on the FS (ISA 520)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Why are analytical procedures useful at the planning stage?
To give an overall perspective on the FS using both financial and non-financial data
26
What are the limitations to analytical procedures?
Require sound knowledge/experience in the entity, which may be limited on a first year audit Experienced staff may be required to carry them out Quality of the analytical procedures depends on the reliability of the source data
27
How do you perform analytical procedures?
Understand the business Develop an expectation Compare actual to expectation Unexpected variations create risk
28
How can analytical procedures be formed?
Analytical procedures can be performed using simple trends or complex calculations predicting figures in the FS Acc ratios can be used
29
How do you calc and what is the interpretation of | Gross profit margin
Gross profit/revenue * 100% | Assess profitability before taking OH into acc
30
How do you calc and what is the interpretation of operating margin?
Operatingprofit/ revenue * 100% | Assess profitability after taking OH into acc
31
How do you calc and what is the interpretation of | return on capital employed?
Operating profit / equity + debt * 100% | Measure how effectively resources are used to generate profit
32
What are the 3 key performance ratios?
Gross profit margin Operatin margin Return on capital employed
33
What are the 2 key ST liquidity ratios?
Current ratio | Quick ratio
34
How do you calc and what is the interpretation of | Current ratio
current assets / current liabilities | Assess ability to pay current liabilities from current assets
35
How do you calc and what is the interpretation of | Quick ratio
Current assets less inv / current liability = assesses ability to pay current liabilities from reasonably liquid assets
36
What are the 2 solvency ratios?
Gearing ratio | Interest cover
37
How do you calc and what is the interpretation of | Gearing ratio
Net debt / equity | Assess reliance on external finance
38
How do you calc and what is the interpretation of | Interest cover
Profit before interest payable / interest payable | Assess ability to pay interest charges
39
What are the 3 key efficiency ratios?
Trade receivables collection period Inventory holding period Trade payables payment period
40
How do you calc and what is the interpretation of | Trade receivables collection period
Trade receivables / revenue * 365 | Assess average time taken to collect cash from credit customers
41
How do you calc and what is the interpretation of | Inventory holding period
Inventory / CoS * 365 | Assess the average length of time inv held
42
How do you calc and what is the interpretation of | Trade payables payment period
Trade payables / purchases * 365 | Average time taken for suppliers to pay
43
What is business risk?
risk that could adversely affect an entity’s ability to achieve its objectives and execute its strategies
44
What are the types of business risk?
Financial Operational Compliance based
45
Who should manage business risk?
DIRECTORS
46
When are auditors related to business risks
Auditors are ONLY interested in business risks that impact the FS
47
What is audit risk?
risk that the auditor expresses an inappropriate opinion on the FS Audit risk = inherent risk x control risk x detection risk
48
What is entity risk?
risk that the FS are materially misstated and is made up of Inherent risk Control risk Detection risk
49
What is inherent risk?
susceptibility of the assertion about transactions, balances or disclosure to a misstatement which could be material, assuming there were no related internal costs
50
What is control risk?
risk that a misstatement isn’t prevented, detected or corrected by an entity’s internal control systems
51
What is detection risk?
risk that procedures performed by an auditor doesn’t detect a misstatement that exists and is made up of Sampling risk Non-sampling risk
52
What is sampling risk?
risk that the conclusion drawn from the results of a sample test is diff to the conclusion that would’ve been drawn had the whole population been tested
53
What is non-sampling risk
risk of drawing the wrong conclusions for other reasons than sampling
54
What are the signif risk areas that requite special audit consideration?
``` Fraud Related party transactions Subjective items Complex items Unusual transactions ```
55
What risks must an auditor identify?
ISA 315 requires the auditor to identify specific risks arising at each audit client
56
What are the specific risks that are common in most audits?
Management override Risk i present in every audit engagement Management is in a unique position to manipulate acc records so audits must assess the risk during the planning stage Journals Fraudulent activity may be carried out using inappropriate or unauthorised journal entries Auditor should test journal entries for Unusual items Round number entries Journals made by indivs who don’t normally do so Journals made outside office hours Postings to suspense accounts Revenue recognition Risk of misstatement is higher where management reward is linked to revenue or profit Cyber security
57
What is management override risk?
Risk is present in every audit engagement | Management is in a unique position to manipulate acc records so audits must assess the risk during the planning stage
58
What is journal risk and how should they be tested?
Fraudulent activity may be carried out using inappropriate or unauthorised journal entries Auditor should test journal entries for Unusual items Round number entries Journals made by indivs who don’t normally do so Journals made outside office hours Postings to suspense accounts
59
What is revenue recognition risk?
Risk of misstatement is higher where management reward is linked to revenue or profit
60
In the audit approach, how should an auditor reduce the audit risk to suitable level?
Determine overall responses to assessed risk at the FS level Perform audit procedures to response to a assessed risks at the assertion level
61
What are involved in the overall responses of reducing audit risk to an acceptable level?
Emphasise staff need to maintain professional scepticism Assign extra/more experienced staff Use the work of experts, internal auditors and other auditors Provide more supervision on the audit Incorporate more unpredictability into audit procedures
62
What are involved in the responses at assertion level of reducing audit risk to an acceptable level?
Adjust the nature,natures tent and timing of procedures in response to assessed risks Nature: type of test Extent: how much testing Timing: during the year, at the y.e and after y.e
63
What must the auditor assess when planning to rely on the work of others?
General assessment Consider whether third party is competent and independent Specific assessment Consider whether the piece of work on which the auditor wants to place reliance on is suitable for this purpose
64
What is the specific assessment required when the auditor intends to rely on info from others ?
Consider whether the piece of work on which the auditor wants to place reliance on is suitable for this purpose
65
What is the general assessment required when the auditor intends to rely on info from others ?
Consider whether third party is competent and independent
66
What must an auditor do if they expect controls to be effective?
Test controls if found to be effective, do limited substantive testing If not found, do significantly substantive testing
67
What must an auditor do if they don't expect controls to be effective?
Carry out substantive testing | i.e. analytical procedures and tests of detail
68
What action is required when signif substantive testing is required?
Analytical procedures | Tests of detail
69
What must be done when carrying out limited substantive testing?
Perform some substantive testing due to inherent limitations of control
70
What should the audit plan be guided by?
Overall audit strategy
71
What should the audit plan include a description of?
Nature, extent and timing of planned risk assessment procedures Nature, extent and timing of further audit procedures at the assertion level HOWEVER Plan will develop over time, so the auditor doesn’t play how to audit indiv acc balances until they have considered the results of their risk assessment procedures Audit plan should be modified where necessary in response to new info, or the results of audit testing carried out
72
Why is an audit plan not rigid?
Plan will develop over time, so the auditor doesn’t play how to audit indiv acc balances until they have considered the results of their risk assessment procedures Audit plan should be modified where necessary in response to new info, or the results of audit testing carried out
73
When must an audit plan be modified?
where necessary in response to new info, or the results of audit testing carried out
74
What is cyber security?
Cyber security protects systems, networks and data in cyberspace
75
What does cyber security include?
The protection of data from unauthorised modification, disclosure or destruction The protection of the info systems from failure
76
Why is cyber security v important for most orgs?
Increasing use of technology and constantly evolving risk makes this v important for most organisations
77
What are the key risk areas for entity's IT system?
``` Hacking Fraudulent theft of funds Deliberate sabotage E.g. commercial espionage/malicious damage Viruses, malware and other corruption Denial of Service attacks ```
78
What are the risks for businesses that auditors must react to?
Reputational damage Breaches of data protection legislation leading to fines Misstatements in FS
79
What should IT security controls cover?
prevention, detection, deterrance and recovery procedures
80
What practical measures are included in IT security controls?
Business continuity planning Measure to ensure the business can continue in the event of a disaster/system failure Systems access control Protection of systems and detection of unauthorised activity Systems development maintenance IT projects should be conducted securely and development/maintenance should ensure systems/data are protected Physical and env security Prevention of unauthorised access, damage, theft or interference with assets/systems Compliance Monitor compliance with legal requirements and organisational policies Personnel security Recruitment of trustworthy employees, training and reporting arrangements Security organisation Clear reporting lines and responsibility for info security Computer and network management Protection of system integrity (e.g. from viruses/malware) and info especially when exchanged between organisations Asset classification and control Assign ownership of info assets Security policy Written policy available to all employees
81
What does business continuity planning do?
Measure to ensure the business can continue in the event of a disaster/system failure
82
What does systems access control do?
Protection of systems and detection of unauthorised activity
83
What does systems development maintenance do?
IT projects should be conducted securely and development/maintenance should ensure systems/data are protected
84
What is physical and env security?
Prevention of unauthorised access, damage, theft or interference with assets/systems
85
What is personnel security?
Recruitment of trustworthy employees, training and reporting arrangements
86
What are computer and network management?
Protection of system integrity (e.g. from viruses/malware) and info especially when exchanged between organisations
87
What is security policy?
Written policy available to all employees
88
What is cloud computing
allowing users to access data from any location
89
What are the benefits of cloud computing?
Creates cost savings compared to traditional IT storage on site
90
What are the disadvantages of cloud computing?
passes on control of data to a cloud-service provider | Creates danger that inadequate cyber security could lead to data being lost, corrupted stolen
91
What must auditors consider re cloud computing?
consider whether the cloud-based service provider’s controls are reliable

AA (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions