Chapter 10 - Audit approach Flashcards
What will auditors base their audit approach on?
Auditors design their audit approach based on the assessed risks of material misstatement at the assertion level. This means that the nature, timing, and extent of audit procedures are tailored to the specific risks identified during the risk assessment phase.
What are the two main methods of collecting evidence in an audit?
- Control testing
- Substantive testing
Define control testing in an audit
Control testing in an audit is the process of evaluating whether a company’s internal controls are properly designed and operating effectively to prevent or detect material misstatements in the financial statements.
Auditors perform control testing in two main ways:
- Walkthroughs: A walkthrough involves tracing a transaction through the entire process, from initiation to recording in the financial statements, while observing and inquiring about the controls applied at each step. This allows the auditor to understand the process and assess whether the controls are designed appropriately. It often combines observation, inspection of documents, and discussion with personnel. Walkthroughs provide preliminary evidence, but are not sufficient by themselves to conclude on operating effectiveness.
- Tests of Controls: These are more detailed procedures designed to evaluate whether controls have been consistently applied over a period of time. Methods include re-performance, inspection, observation, and inquiry. These tests provide direct audit evidence about the operating effectiveness of controls.
Define substantive testing in an audit
Substantive testing in an audit refers to procedures performed by auditors to detect material misstatements in financial statements. These tests are designed to gather direct evidence about the accuracy, completeness, and validity of financial statement balances and transactions.
Substantive testing is typically carried out through two types of procedures:
Tests of Detail: These involve examining individual transactions, account balances, or disclosures to gather evidence about their accuracy and verify that amounts recorded in the financial statements are correct. Tests of detail provide high-quality, specific evidence and are particularly useful when the risk of material misstatement is high - a MUST for all material items.
Analytical Procedures: These involve evaluating financial information by studying plausible relationships among data, both financial and non-financial. This allows auditors to identify unusual trends, fluctuations, or inconsistencies that may indicate misstatements. Analytical procedures are generally less detailed than tests of detail, but they are efficient and useful, especially when the auditor expects the data to behave predictably.
Substantive testing is a key part of an audit and includes:
* Tests of Detail – in-depth examination of specific items or transactions
* Analytical Procedures – review and evaluation of data trends and relationships
Auditors use one or both types depending on the nature, timing, and extent of audit evidence required, based on assessed risks.
Give some examples of the use of tests of detail
- Checking invoices to support revenue entries
- Confirming account balances with third parties (e.g., banks or customers)
- Inspecting inventory for existence and valuation
Give some examples of the use of analytical procedures
- Comparing gross margin this year to prior years and investigating significant changes
- Estimating expected interest income based on average balances and interest rates
- Using ratio analysis to detect anomalies (e.g., days receivable increasing sharply)
What factors influence the choice of methods for collecting evidence in an audit?
How much substantive testing they do depends on the results of any controls testing done:
* If controls were expected to operate effectively, and testing proves that they did, substantive testing can be reduced.
* If controls were expected to operate effectively, and testing proves that they did NOT, additional substantive testing may have to be done.
* If controls are not tested at all, enough substantive testing much be done to reduce the overall audit risk to an acceptable level.
There may also be occasions where it is not possible to obtain sufficient evidence using only a substantive approach, and auditors must test controls if this is the case and vice versa.
What is data analytics in auditing and why is it important?
Data analytics is the use of technology to enhance audit quality by analysing client data stored digitally. It helps auditors identify trends, anomalies, and risks more efficiently across all audit stages—from planning to substantive testing and control testing.
How is data analytics used in audit planning and risk assessment, and why is it beneficial?
Data analytics enhances planning and risk assessment by enabling auditors to:
* Trends - Visualise trends using graphics that compare current results to prior periods or budgets, helping to spot significant fluctuations early.
* Ratio analysis - Perform month-by-month ratio analysis (e.g. gross margin %, current ratio), identifying unexpected changes that may indicate risk.
* Detect unusual transactions - such as manual journals or entries not generated by the system, which may indicate override or fraud.
* Identify duplication of invoices or journals - which can signal errors or manipulation.
* Analyse unstructured data - (e.g. customer complaints on social media or internal emails) to uncover risks not visible in financial data.
These tools allow for a deeper and broader understanding of risk, enabling a more targeted and effective audit approach.
How is data analytics applied in substantive testing, and what are the advantages?
Auditors use data analytics in substantive procedures to:
* Test the entire population rather than relying on sample testing, improving audit assurance.
* Compare purchase and sale prices over time to detect possible misstatements or inventory issues (e.g. cost vs NRV).
* Calculate receivables collection periods or inventory turnover by product, customer, or unit, identifying slow-moving items or collection problems.
* Analyse gross margin trends at the product level to detect unusual or negative margins, indicating possible errors or fraud.
* Perform detailed recalculations of depreciation for fixed assets item-by-item to confirm accuracy and consistency with accounting policies.
These tests are more accurate and efficient than manual testing and help auditors focus on anomalies and high-risk areas
How is data analytics used in testing controls, and what limitations should auditors be aware of?
Data analytics supports control testing by:
* Matching orders to dispatch notes to sales invoices to cash receipts, checking for completeness and accuracy across the sales process.
* Reviewing user activity logs to identify who posted transactions and whether they had appropriate authority (e.g. segregation of duties).
* Highlighting patterns or anomalies in system usage that may indicate control breakdowns.
But auditors must be aware of the limitations:
* Analytics relies heavily on the quality of client data and internal controls, if the underlying data or controls are weak, the analytics may produce misleading results.
* Auditors must understand the system structure to interpret results correctly and assess the reliability of audit evidence.
While data analytics can provide valuable insights, it’s not a substitute for good controls—it must be used alongside professional scepticism and system understanding.
