D4: Audit evidence Flashcards
ISA for audit evidence
ISA 500: AUDIT EVIDENCE
ISA for initial audit engagement
ISA 510: INITIAL AUDIT ENGAGEMENT
ISA for audit documentation
ISA 230: AUDIT DOCUMENTATION
ISA for using internal auditor’s work
ISA 610: USING INTERNAL AUDITOR’S WORK
ISA for using expert’s work
ISA 620: Using expert’s work
ISA for related parties
ISA 550: Related parties
ISA for service organizations
ISA 402: Service organziations/ audit considerations relating to entities using service organizations
IAS 8
Changes in accounting policies and estimates
IAS 36
Impairment of assets
IAS 24
Related parties
How much audit evidence should be collected ?
it is based on auditor’s professional judgement
Certain factors on which auditor’s judgement is based to decide how much evidence to collect
- Whether it is high ROMM area
- Nature of the accounting processes and control systems
-auditor’s understanding of the entity and its industry - Materiality of the item
-quality of the evidence - results from other audit procedures is not great
Sufficiency of audit evidence:
auditor’s understanding of entity and its industry
if auditor has no understanding of the entity and unfamiliar with its industry then more evidence to be collected
Sufficiency of audit evidence:
nature of accounting processes and control systems
if client’s finance dept. appears to have poor knowledge of accounting std.s and its correct application then collect more evidence.
-also if client’s control systems are weak or has newly developed system that could have teething problem: collect more evidence
Sufficiency of audit evidence:
nature of accounting processes and control systems
if client’s finance dept. appears to have poor knowledge of accounting std.s and its correct application then collect more evidence.
-also if client’s control systems are weak or has newly developed system that could have teething problem: collect more evidence
Teething probs
- difficulties or problems arising in adopting a new system or adapting to a new environment.
cut off assertion’s importance
cut off assertion is important for online retailers who operate 24/7
Floor to sheet
completeness
sheet to floor
existence
sheet to sheet
completeness
ISA 510: initial audit engagements and why is it risk
- also known as first year engagements.
- These are risk as audit team is unfamiliar and lacks knowledge of client’s business and industry
- Auditors are very concerned about opening balances even if client has been previously audited because:
- Ingoing auditors don’t know how well did outgoing auditor perform the audit work
- ingoing auditors don’t know well qualified, competent and experienced were previous auditors and well independent were they from the client
- so ingoing auditors cannot rely on outgoing auditor’s work and must be very skeptical.
Key points to remember in first year audit
- determine if prior period closing balances have been bought forward correctly to the current period
- determine if opening balances reflect correct application of appropriate accounting policies
Steps to follow if client was previously audited
- Review prior year audit working papers to assess previous year auditor’s competence, skills , experience , independence and integrity.
- obtain recent set of F.S and auditor’s report to gain information relevant to opening balances.
- Review whether prior year audit report was modified and if it were then focus more in current year on the matter that resulted in modification of the report last year.
Matters specific to planning of initial audit and to be considered in audit strategy
- communicating with outgoing auditors and if possible reviewing prior year working papers
- consider matters that were raised when professional clearance was obtained: such as reasons behind outgoing auditors resigning from the engagement and difficulties faced during their audit course - to identify problematic areas of the audit and resolve it.
- consider matters discussed during firm’s appointment such as F.D leaving client before audit begins and mgmt’s solution to it.
- understanding the entity and its environment
- firm’s Q.C procedures for new client
- ROMM in opening balances and incorrect application of accounting policies
- using experienced audit team
Matters specific to planning of initial audit and to be considered in audit strategy
- communicating with outgoing auditors and if possible reviewing prior year working papers
- consider matters that were raised when professional clearance was obtained: such as reasons behind outgoing auditors resigning from the engagement and difficulties faced during their audit course - to identify problematic areas of the audit and resolve it.
- consider matters discussed during firm’s appointment such as F.D leaving client before audit begins and mgmt’s solution to it.
- understanding the entity and its environment
- firm’s Q.C procedures for new client
- ROMM in opening balances and incorrect application of accounting policies
- using experienced audit team
ISA 230: Audit documentation
- if it is not documented then it does not exist
- it is important for auditr to document the entire audit process to have evidence that they did comply with L&Rs, ISAs, Code of ethics and ISQCs and provided a quality audit to not be held liable and in support of anti-ML practices
Why would external auditors use internal auditor’s work ?
- To save time and resources
- by modifying the nature or timing and reducing the extent of audit procedures by relying upon and using internal auditor’s work.
- And allocating the saved time and resources to complex and subjective areas of the F.S
Factors to consider before relying upon internal auditor’s work :
- organizational status
- Level of competence
- systematic disciplined approach
Factors to consider before relying upon internal auditor’s work : organizational status
- Assess the status of internal audit dept. within the organization.
- Assess whether I.A dept.’s recommendations and reports are implemented and taken seriously by the board and whether optimal reporting structure exists.
Factors to consider before relying upon internal auditor’s work : Level of competence
- Assess whether I.A team is led by a qualified and competent I.A chief who is technically competent by determining his/her nature and status of qualification
- assess level of competence from I.A dept.’s overall findings reported about deficiencies in the system .
-As I.A dept. is responsible for designing and implementing I.C system so they might not find much weaknesses when they review due to self-review threat. - however, consider I.A’s competence in their findings from review of efficiency and effectiveness of I.Cs
Factors to consider before relying upon internal auditor’s work : systematic disciplined approach
- Assess whether I.A dept. applies a systematic disciplined approach in their work including quality controls
-evaluate whether effective Q.C like direction, supervision and review are carried out and consider nature of documentation.
I.A dept. qualification
- It is not mandatory for all I.A team members to be qualified and competent but it is mandatory for chief I.A to be qualified and competent.
-It is beneficial if the I.A dpet is led by qualified and competent leader who will manage the dept. well
Using I.A for direct assistance
- A provision from the ISA
2 things to obtain before using I.A for direct assistance
- obtain written agreement from an authorized representative of entity that it will allows I.A to follow external auditor’s instructions and will not intervene in work performed by I.A for external auditors.
and
- Obtain written agreement from internal auditors that they will keep confidential specific matters upon E.A instructions and will report to E.A of any threats to I.A ‘s objectivity.
*until these 2 agreements are not obtained, E.A cannot use I.A for direct assistance
* In some jurisdictions auditors are prohibited and even restricted to some extent of using I.A’s work.
Key point: using I.A for direct assistance
- Never assign work to I.A which includes significant judgement, high ROMM and areas where I.A was involved to address self-review threat
Problems with using I.As for direct assistance
- Gives rise to self-review threat
-I.A might not properly follow and adhere to E.A’s instructions
-Gives rise to familiarity threat between I.A and mgmt. and independence and mgmt. threat between E.A and mgmt. - Audit methodology and approach shared with I.A could also be shared by mgmt. by the I.A dept and then mgmt could easily hide their fraudulent activities and NOCLAR.
ISA 620: Using expert’s work - factors to consider before relying upon and using expert’s work
- SCOR
- S: Scope of the audit work
- C: Professional competence of the expert
- O: Objectivity of the expert
- R: Relevance of the conclusions made
ISA 620: - S: Scope of the audit work
- Scope of the work should be agreed between expert and auditor, including the objectives of work to be performed, audit methodology and key assumptions to be used and how expert’s work will be used by the auditor
- In evaluating the expert’s work , auditor should consider whether work performed by expert is based upon the scope of work agreed at the start of the engagement
- If expert has deviated from the agreed scope of work then the work is less reliable and relevant.
ISA 620: - C: Professional competence of the expert
- Auditor should assess expert’s professional competence by considering their membership to relevant professional body and its status.
- If there are doubts over expert’s competence then it reduces reliability of evidence collected.
ISA 620: - O: Objectivity of the expert
- Auditor should assess the objectivity of the expert by inquiring about their interests and relations which can be a threat to their objectivity.
- If expert’s objectivity is threatened then little or reliance can be placed on their work.
ISA 620: R: Relevance of the conclusions made
- Auditor should assess the relevance and adequacy of the expert’s findings
- by assessing the relevance, completeness and accuracy of the source data used
- evaluate reasonableness of the assumptions made and changes in audit methodology and key assumptions
- ensure expert’s findings are consistent with other relevant audit findings and auditor’s general understanding of the entity
- Inconsistencies should be investigated as it indicates evidence is not reliable.
service organization
- a 3rd party providing services to the user entity
service auditor
- auditor of the service organization who will provide assurance report upon request of service organization to user auditor
user entity
- entity who utilizes service organization’s services and whose F.S is being audited
user auditor
- auditor of the user entity
Factors to consider prior to auditing service organization
- it is imp. for user auditor to audit service organization because one of the client’s FSLI’s likelihood of being materially misstated is dependent on service organizations’ strength and effectiveness of I.Cs
- Understand the nature of the services provided to the user entity and its purpose.
- Assess competence and independence of service auditor from the service organization
- assess how I.Cs are designed and implemented in service organization.
- if possible, visit service organization to test controls
- if not possible then request for either type 1 or 2 report from service organization.
- assess whether S&A audit evidence is collected and its impact on the F.S.
type 1 report
- gives a list of I.Cs at a specific date
- gives info abt description and design of I.C
type 2 report
- gives info abt description, design and operating effectiveness of the I.Cs
- gives info about I.Cs over a period of time.
Key points: ISA 402
- If user auditor is not impressed with service auditor’s competence and independence then they can hire 3rd party auditor or local auditor if S.O is in different country.
- sometimes user auditor cannot visit S.O becoz cost of travelling is expensive to them so they request for assurance report
Mgmt.’s responsibility to R.P
- To identify and be aware of all related party transactions
- To make adequate disclosures about R.P transaction in the F.S.
Auditor’s responsibility to R.P
- To obtain written representations from mgmt about completeness of of info provided abt R.P and adequacy of disclosures made in the F.S.
Why is it imp. to disclose R.P transaction ?
- it is imp. R.P transactions are properly approved and authorized as they are not at arm’s length basis.
- so mgmt could easily manipulate it and conceal it , so imp. to disclose it .
Why do auditors find R.P risky or difficult for auditors to identify R.P ?
- Most organizations operate through a range of complex structures and relationships. Thus, increasing the complexity of R.P.
- Entity’s information and control system does not specifically identify transactions or balances of R.p.
- Mgmt is not aware of their responsibilities in relation to R.P and may not be aware of any RP existing.
- RP transactions don’t take place under normal conditions and events and value.
however, it is fine if mgmt wants to sell asset to RP at a value lower than M.V as long as it is approved and authorized in the board meeting mins.
-yet this create comparability issues as mgmt could have sold asset for a value different then value mentioned or even for free .
IAS 8: When can mgmt change accounting policies and estimates ?
- mgmt. can change accounting policies and estimates if req. by standard or interpretation
- also if it results in F.S showing relevant and reliable info about effects of transactions, events and conditions upon company’s financial position, performance and cashflows
IAS 8: Key disclosures
-disclose the following
1. Nature of the change in accounting policy or estimate
2. reasons behind change in accounting policy or estimate
3. amt. of adjustment to be made for current year and prior year period presented for each FSLI affected.
4. The amt of adjustment made to periods before those presented.
