Chapter 4 - Planning an audit (basics) Flashcards
PERFORMANCE
Gross profit margin
Gross Profit/Revenue x 100%
Profitability BEFORE looking at overhead expenses
PERFORMANCE
Operating margin
Operating Profit/ Revenue x 100%
Profitability AFTER looking at overhead expenses
PERFORMANCE
Return on capital employed
Operating Profit/ Equity + Debt x 100%
How effectively resources are used to generate profit
List some of the benefits of planning:
- Attention to important areas
- Problems identified timely
- Organised effectively/efficiently
- Staff with appropriate competence selected
- Facilitates direction of work
- Aids coordination of work
Is Audit Strategy detailed or rough/general
Overall/Rough/General
What are the general principles covered in Audit strategy?
- Understanding the entity/environment
- Materiality
- Analytical Procedures
- Risk Assessment
- Audit Approach
- Coordination of audit (timing, team, locations, deadlines, budget)
What 4 sources can you use to obtain an understanding?
- Firm
- Client
- Yourself
- “Other”
How can you use your FIRM to obtain an understanding?
- Partner
- Management briefing
- Industry experts
- Last year’s team
How can you use the CLIENT to obtain an understanding?
- Discussion
- Observation
- Analytical Procedures
- Website
You can use your past experiences to obtain an understanding of the client.
TRUE/FALSE
TRUE
List some OTHER ways to obtain an understanding of a client.
- Websites
- Companies House
- Industry Surveys
- Credit reference agencies
What should the auditor understand about the ENVIRONMENT?
- Law and Regulations
- Industry conditions (competition, tech, seasonality)
- Data protection regulations
What should the auditor understand about the ENTITY?
- Operations
- Internal Control Systems
- Accounting Policies
- Objectives/Strategies
- Structure/Finance
- Investments
Define MATERIALITY
Omission or misstatement of that information could influence the user’s economic decisions taken on the basis of the F/S.
What are the materiality ranges for:
Profit before Tax
Gross Profit
Revenue
Total Assets
Net Assets
Profit after Tax
Profit before Tax 5%
Gross Profit 0.5% - 1%
Revenue 0.5% - 1%
Total Assets 1% - 2%
Net Assets 2% - 5%
Profit after Tax 5% - 10%
Matters can be MATERIAL by NATURE
Suggest how.
- Related Party Transactions
- Small amounts that impact critical points
- turning profit into loss
- net assets into net liabilities
- affect Companies 2006 threshold to determines if a company is small or medium sized
- Misleading descriptions (accounting policies)
Define PERFORMANCE MATERIALITY
Below materiality threshold
Reduce the risk of small misstatements aggregating to exceed materiality for the whole F/S
WHEN do we use ANALYTICAL PROCEDURES?
- Planning stage (identify risk)
- Evidence stage (substantive procedures)
- Completion stage (forming conclusion on F/S)
What are the LIMITATIONS of analytic procedures?
- Need a sound knowledge of entity (difficult if first year audit)
- Experienced staff required
- Quality depends on source data
SHORT - TERM LIQUIDITY
Current Ratio
Current Assets/Current Liability
Assess ability to pay current liabilities from current assets
SHORT - TERM LIQUIDITY
Quick Ratio
Current Assets excluding inventory/Current liability
Assess ability to pay current liabilities from reasonably liquid assets
Solvency
Gearing ratio
Net Debt/Equity
Assess reliance on external finance
Solvency
Interest Cover
Profit before Interest Payable/Interest payable
Assess ability to pay interest charges
Efficiency
Trade receivables collection period
Trade receivables/Revenue x 365
Assess average time taken to collect cash from credit customers
Efficiency
Inventory Holding Period
Inventory/Cost of Sales x 365
Assess average time inventory is held
Efficiency
Trade payables payment period
Trade payables/Purchase x 365
Assess average time taken to pay suppliers
Define business risk
Risk that could affect an entity’s ability to achieve objectives/execute strategies.
Define audit risk
Risk that the auditor expresses an inappropriate opinion on the F/S
Audit risk is made up of what three risks:
1.
2.
3.
- Inherent risk
- Control risk
- Detection risk
Explain inherent risk
A material misstatement in the balances, transactions, disclosures that are not related to internal controls
Explain control risk
A misstatement is not prevented/detected/corrected by internal control systems.
Explain detection risk
Procedures performed by the auditor won’t detect a material misstatement
Detection risk is made up of:
1.
2.
- Sampling risk
2. Non Sampling risk
What is a sampling risk?
A conclusion drawn from the results of a sample test is different from the conclusions that would have been drawn from the whole population.
What are some RISK factors that are common to most audits?
- Management override
- Journals
- Revenue Recognition
- Cyber security
What is management override?
Management manipulate accounting records.
How can JOURNALS be a risk factors?
- Inappropriate/Fraudulent activities
- Unusual items
- Round number entries
- Journals made by individuals who don’t norm do so
- made outside of office hours
- posting to suspense account
The risk of misstatement is higher where management reward is linked to revenue/profit
TRUE/FALSE
TRUE
LIST some audit approaches to reduce AUDIT RISK.
- Emphasise professional scepticism to staff
- Assign extra/more experienced staff
- Use experts/internal auditors
- Provide more supervision
- Incorporate more unpredictability
At the assertion level, the responses to assessed risk should be adjusted by:
1.
2.
3.
- Nature - type of test
- Extent - how much testing
- Timing - during the year/at year end/after year end
If the auditor wants to rely on the work of others, internal audit/third party, it needs to be assessed on:
General assessment: competent and independent
Specific assessment: is it suitable for the purpose
Why should you do limited substantive testing even if controls are expected to be effective and are actually effective?
Inherent limitation of controls (collusion, management override, human error, non routine transaction)
The audit procedure should include the nature/timing/extent of:
- Planned risk assessment procedures
- Further audit procedures
DATA ANALYTICS can be embedded into the AUDIT PLAN to:
- Transaction analysis (looks at 100% of transactions, controls might have failed)
- Judgmental areas (sensitivity analysis to test assumptions on NRV of inventory)
- Analytical Procedures (use external market/economic data to form expectations)
BENEFITS of using data analytics:
- Practical way to deal with Big data
- Enables 100% checking (no sampling risk)
- Enhances quality of info (visual representation of results)
- Faster
- Audit procedures carried out on a continuous basis rather than at year end only
The results of data analytics still need to be evaluated using professional skills and judgement of the auditor to analyse results and draw conclusions
TRUE/FALSE
TRUE
PROBLEMS of using data analytics:
- Cost especially in small firms
- Staff training
- Data security must be ensured
- Quality of analytics depend on underlying data used
What is cyber-security?
Protection of DATA, SYSTEMS, NETWORKS in cyberspace.
No unauthorized modification/disclosure/destruction.
Protect information systems from failure.
What are the KEY RISKS of an entity’s IT systems:
Hacking
Fraud theft of funds
Deliberate sabotage
Viruses
Denial of service attacks
What are the BUSINESS risks of an entity’s IT system?
- Reputational Damage
- Breaches of Data Protection Legislation –> FINES
- Misstatements in F/S
List the IT SECURITY CONTROLS.
Business Continuity Planning - business will continue even if disaster/system failure
System Access Control - Protect systems/Detect unauthorized access
Compliance - with legal requirements and organisational policies
Personnel Security - trustworthy employees/training/reporting arrangements
Security policy - written version available to all employees
(look in workbook)
What is cloud computing?
Access data from any location
What are the benefits of cloud computing?
Saving costs compared to traditional IT storage at site
What are the problems of cloud computing?
Passes control to cloud-based service provider
Data could be lost, stolen or corrupted
Consider if they’re reliable
