Chapter 7: Planning audit Flashcards
Why plan an audit
To devote attention to important areas
Identify problems and ensure resolved quickly
Perform efficient/effective audit
What is included in audit strategy? What is in audit plan?
List of staff. Understanding entity. Materiality. Some analytical procedures (not detailed)
More detail than strategy. Says how we will conduct audit and includes instructions
What is a general IT control?
Managing access through authorisation and privileged access. You manage programs through segregation of duties.
What is ISA315
315- auditors should understand FR framework (accounting principles, accounting for financial instruments and revenue recognition)
Give materiality benchmarks and two different types
Material by size:
0.5% - 1% revenue
1% - 2% Total Assets
5% PBT
Material nature: misleading descriptions (such as policies), transactions with directors, related party transactions
What are analytical procedures? How do we perform them and what are the limitations?
carried out in planning stage to identify risk and used as substantive procedure to gather audit evidence (helps form conclusion)
o limitations: require experienced staff, high knowledge and experience of entity (first year), quality depends on reliability of source data
o how to perform: understand business - develop expectation - compare to actual
unexpected variation= risk
What is GPM, OPM, ROCE, Current Ratio including formulas
GPM= GP/Rev x 100 (profitability before overhead, OPM after overheads)
ROCE= Operating profit / (equity + debt) x 100 (How effectively resources used to generate profit)
Current Ratio= Current Asset / Current Liability (ability to pay current liability from current asset- remove inv to show quick ratio)
What is gearing, TR collection, TP payment and inventory holding period
Gearing= Net debt/ Equity (how much reliance is on external finance)
TR collection= TR/Rev x 365 (avg time to collect cash from credit customers)
TP payment = TP/Purch x 365 (avg time to pay suppliers)
Define business and climate risk (2 types)
Business- affects entities ability to achieve obj (financial, operational, compliance)
Physical- risk exposed due to climate change
Transition- risk exposed to transition to lower carbon economy e.g. new tech investment
What is an audit risk and give the types
Risk auditor expressing inappropriate opinion
ROMM prior to start: Inherent and control
Detection risk: sampling (conclusion from sample different to whole population) and non sampling
How should an auditor manage risk and how do controls effect testing
Determine response to risks (FS level) and perform audit procedures to respond to risks (assertion level)
if controls effective: perform test of control which if is effective limit ST
o if ineffective, perform ST (AP, tests of detail)
List 4 examples of IT Security Controls
Business continuity planning- ensure business can continue in event of disaster
system development and maintenance- conduct project securely and ensure systems are protected
physical security= prevent unauthorised access
compliance- comply with legal requirements
