Chapter 7 - Evidence Flashcards
ISA 500 Audit Evidence requires auditors to do what?
obtain sufficient appropriate audit evidence to be able to draw reasonable conclusions on which to base the audit opinion
What is ‘sufficient’?
- Quality
- Enough
What is ‘appropriate’?
- Relevant
- Reliable
What is realiability?
Can we trust the financial statements
What is the format of the evidence?
Written v Verbal
Originals v Copies
What are the 2 types of audit procedures?
- tests of controls
- substantive procedures
What are the 2 areas of relability?
- source
- format
What is sufficient (quantity)?
Depends on factors such as:
- risk
- materiality
- reliability
What are assertions?
implicit claims or representations made by management regarding the financial statements in order for them to show a true and fair view.
What are assertions relate to the SPL?
- Occurence
- Accuracy
- Cut-off
What are assertions relate to SPL and SFP?
- Completeness
- Classification
- Presentation
What are assertions relate to SFP?
- Existence
- Accuracy, valuation and allocation
- Rights and obligations
What is occurence?
Transactions that have been recorded have occurred and pertain to the entity
What is completeness?
All transactions should have been recorded have been recorded
What is accuracy?
Amounts have been recorded appropriately
What is cut-off?
Transactions have been recorded in the correct accounts period
What is classification?
Transactions have been recorded in the proper accounts
What is presentation?
Transactions and events are appropriate aggregated and clearly described and related disclosures are relevant and understandable
What is existence?
Assets, liabilities and equity interest exist
In relation to the procedures, in the first instance these procedures are split into what groups?
- Tests of controls
- Substantive procedures
What are rights and obligations?
The entity owns the assets, and liabilities are the obligations of the entity
What are tests of controls?
- tests of control are designed to evaluate the operating effectiveness of controls in preventing or detecting and correcting material misstatement
What are substantive procedures?
substantive procedures are designed to detect material misstatement at the assertion level
What is included in substantive procedures?
- tests of detail
- analytical procedures
What are tests of detail?
tests of detail to verify individual transactions and balances
What are substantive analytical procedures?
using movements and ratios to identify unexpected relationships and errors in the FS
The stronger the control system the what?
The lower the control risk and as a result, there is a lower risk of material misstatement in the financial statements
in order to be able to rely on controls the auditor will need to what?
- ascertain how the system operates
- document the system in audit working papers
- Test the operation of the system
- Assess the design and operating effectiveness of the control system?
- determine the impact on the audit approach for specific classes of transactions account balances and disclosures.
what type of items do substantive procedures get carried out on?
material items
What are the types of audit procedures? (AEIOU)
Analytical procedures
Enquiry and confirmation
Inspection
Observation
recalcUlation and reperformance
What is an auditor’s expert?
an individual or organisation whose work is used by the auditor to assist in obtaining sufficient appropriate audit evidence
What are the 3 main areas where the work of others may be used?
- Experts
- Internal audit
- Service organisations
What is a management’s expert?
an individual or organisation whose work is used by the entity to assist in the preparation of the financial statements
ISA 500 Audit Evidence provides guidance on what?
in what the auditor should consider before relying on the work of management’s expert.
What must the auditor do when using the work of an expert?
- evaluate the competence, capabilities and objectivity of that expert
- obtain an understanding of the work of that expert
- evaluate the appropriateness of that expert’s work as audit evidence for the relevant assertion.
What are the steps involved when working with an auditor’s expert?
Step1: Decide which expert to use
Step 2: Engagement letter/contract
Step 3: Evaluate the expert’s work for audit purposes
What are the 2 ways in which the internal audit function may be of use to the external auditor?
- Using the internal auditor’s work
- Direct assistance from the internal auditor
Auditors may be able to cooperate with a client’s internal audit department and place reliance on their procedures in place of performing their own in areas such as what?
- Tests of controls
- risk assessment
- fraud investigations
- compliance with laws and regulations
How would we assess the internal audit function?
- objectivity
- competence
- Systematic and disciplined approach
How would we assess the specific work that may be relied upon?
- work was properly planned, performed, supervised, reviewed and documented
- evidence to support auditors conclusions
- conclusions reached are appropriate
What are some examples of work that the internal auditor may perform?
- Testing of the operating effectiveness of controls
- substantive procedures involving limited judgement
- observations of inventory controls
- tracing transactions through the information system relevant to financial reporting
- testing of compliance with regulatory requirements
What is outsourcing?
When a client pays another organisation, referred to as a service organisation, to perform an activity for them
What are some examples of outsourcing?
- internal audit
- receivables collection
- the entire finance function
- payroll
What must the auditor need to consider in relation to the work performed by a service organisation?
Planning and risk assessment
Controls testing
Substantive procedures
How will the auditor assess the controls of a service organisation?
auditor can visit the service organisation to perform tests of control, or ask the external auditor of the service organisation to provide information in a type 1 or type 2 report
What is a type 1 report?
contains:
- a description of the design of the service organisations controls prepared by management of the service organisation
- a report by the service organisations external auditor with an opinion on the description
- an opinion on whether the controls are suitable
What is a type 2 report?
contains:
- a description of the design and effectiveness of the service organisations controls prepared by management of the service organisation
- a report by the service organisations external auditor with an opinion on the description
- an opinion on whether the controls are suitable and effective
- description of the tests of control performed by the external auditor
Would the external auditor refer to the fact that they have obtained evidence using a third party in their report and why?
No, because solely their responsibility for their audit opinion
What are the 3 ways an auditor make a choice on which items to test?
- select all items
- select specific items
- sampling
When would the auditor select all items to test?
if the population is relatively small, or if the auditor requires a high level of assurance over a balance
Items with what specific characteristics may be chosen for testing?
- high value items within a population
- all items over a certain amount
- items to obtain information
What is sampling?
The application of audit procedures to less than 100% of items within a population of audit relevance such that all sampling units have a chance of selection in order to provide the auditor with a reasonable basis on which to draw conclusions about the entire population
When sampling the auditor must choose what sample?
A representative sample
For a sample to be representative it must be what?
must have the same characteristics as the other items in the population from which it was chosen
In order to reduce sampling risk what can the auditor do?
increase the size of the sample selected or use stratification
What is stratification?
Used in conjunction with sampling. The process of breaking down a population into smaller subpopulations.
What are subpopulations?
Each subpopulation is a group of items (sampling units) which have similar characteristics.
What are the 2 sampling methods?
- Statistical sampling
- Non-statistical sampling
What is statistical sampling?
refers to any sampling method which involves the use of random selection and probability theory to evaluate the results
What is random selection?
ensures that all items in the population have an equal chance of selection, for example by using random number tables
What is systematic selection?
involves selecting items using a constant interval between selections, the first interval having a random start e.g., a random number table suggests item 34 for the first item, and we then pick items 1,034 then 2,034 etc
What is monetary unit selection?
involves selecting items using a monetary interval (say $1000) with the first having a random start.
What is non-statistical sampling?
takes a more subjective approach and refers to any sampling method that does not meet the definition of statistical sampling
What is haphazard selection?
when items are selected with no particular reasoning
What is block selection?
items are chosen that are all next to each other in the population. This may be used during controls testing
What are deviations?
Any issued identified during a test of control
What happens if deviations are identified?
- compare the deviation rate with the amount of deviation that is considered acceptable
- If the actual level of deviation exceeds the tolerable deviation rate, the level of substantive testing on that area will need to be increased
- Communicate the control deficiencies to management and those charged with governance so they can take corrective action
What are misstatements?
Any issues identified during a substantive test
What happens if misstatements are identified?
- Compare the amount of misstatement identified with the amount of misstatement that is considered acceptable
- consider the nature and cause
- if misstatement not isolated, project the misstatement across the whole population to assess the amount that could be present
- if the actual level of misstatement exceeds tolerable misstatement, the level of testing needs to be increased
- communicate the misstatement to management and those with governance
What are the 3 automated tools and techniques?
- Test data
- Audit software
- data analytics
What is the use of test data?
Test the computerised controls within the system
What is the use of audit software?
Substantive testing
Basic data analysis
What is test data?
Data is put into the client’s system.
Auditor can see if the system correctly processes it.
Data may be real or dummy
What is audit software?
Client data is analysed using the auditor’s software
Auditor can check calculations and identify items for testing quickly and easily
What are some advantages of test data?
Enables the auditor to test programmed controls which wouldn’t otherwise be able to be tested
What are some advantages of audit software?
calculations and casting reports will be quicker
more transactions can be tested
cost effective once set up
What are some disadvantages of test data?
risk of corrupting the clients systems
requires time to be spent on the clients system if used in a live environment which may not be convenient for the client
What are some disadvantages of audit software?
bespoke software can be expensive to set up
training of audit staff will be required incurring costs
What are data analytics?
the science of examining large data sets (big data) with the purpose of drawing conclusions
What are some features of data analytics?
- allows 100% of a population to be tested
- can be sued at all stages of the audit
- use within the profession is constantly evolving
What are benefits of data analytics?
- increase audit quality by allowing more items to be tested
- increase efficiency as the time taken to test those items will be reduced
The auditor can use data analytics to obtain audit evidence at what stages of the audit?
- planning and risk assessment stage
- final audit stage
