Evidence and Risk Flashcards
Collection of evidence to support the opinion.
Evidence and Risk
Evidence consists of client accounting data and supporting documentation from client or from third parties.
Evidence and Risk
Evidence has an inverse relationship with Detection Risk
The one aspect of Audit Risk an auditor can control through (N)ature (T)iming (E)xtent of audit procedures.
Inherent Risk and Control risk are outside of auditor’s control.
Evidence and Risk
Detection Risk which is decreased by gathering evidence.
Evidence and Risk
Inherent Risk and Control Risk are outside of an auditor’s control.
Evidence and Risk
Less Evidence collected. Opens door for incremental audit risk - Internal Control should be strong.
Business and transactions should be relatively stable and predictable.
(N) Less-competent Evidence collected
(T) Interim testing acceptable
(E) Fewer transactions are verified.
Evidence and Risk
More Evidence collected
(N) More-competent Evidence collected
(T) End of year balance testing
(E) More transactions are verified
Evidence and Risk
Auditors are there to verify that
Assets & Revenues are not overstated
Expenses & Liabilities are not understated
Exception - if the CPA Exam states that it is a tax-driven company flip them around
Evidence and Risk
Cost vs. Benefit is a primary constraint.
Evidence and Risk
Sufficient (quantity)
Appropriate: Relevant & Reliable (Quality)
Evidence and Risk
Best evidence: Observation of activity by auditor.
2nd Best: Originates from External Parties and is sent directly to auditor (or failing that items are generated by third party and provided to auditor by the client such as a bank statement)
Weakest: Oral evidence from management.
Evidence and Risk
Third party documents are more persuasive and credible than internally-prepared docs
Auditor Knowledge = Most Persuasive
3rd Party info given to auditor
3rd Party info given to client
Internally-prepared doc
Evidence and Risk
Test substance/amounts/values. They help to reduce the risk of material misstatements. They only test accuracy of financial statements and dollar amounts - they don’t test internal controls.
Evidence and Risk
Trace (or Vouch) Reconcile Analytical Procedures Confirmations Examine evidence that supports management assertions.
(T.R.A.C.E.)
Evidence and Risk
Auditors focus first on Balance Sheet Accounts then associated Income Statement items
Evidence and Risk
Assurance Level is High.
Acceptable Detection Risk is Low.
Evidence and Risk
If Acceptable DR is High - Negative Confirmation is used - Customer only responds if balance is materially wrong.
If Acceptable DR is Low - Positive Confirmation is used - Customer asked to confirm by telling auditor the balance.
Corresponding Income Statement Account - Revenue
Evidence and Risk
Review purchase orders/invoices
Confirm with Vendors
Corresponding Income Statement Account - Various Expenses
Evidence and Risk
Examine purchase agreements
Look at Board Minutes
Is Inventory held as collateral?
Corresponding Income Statement Account - COGS
Evidence and Risk
Should match last year’s ending balance.
Evidence and Risk
If Beginning Balance Additions Subtractions are OK then Ending Balances should also be OK.
Evidence and Risk
Foot all balances - Check the Math
Trace Cash Flow items to other Financial Statements
Check classifications - Operating Activities Investing Activities Financing Activities
Evidence and Risk
Interest Paid
Income Taxes Paid
Non-cash Transactions
Cash and Cash Equivalents Definitions
Evidence and Risk
Results as if you had used Indirect Method
Non-cash Transactions
Cash and Cash Equivalents Definition
Evidence and Risk
Subsequent events occur after the Balance Sheet Date but before the audit report is issued.
Auditor needs to make inquiries and assess if they affect the audit report.
Evidence and Risk
If audit report has already been issued and auditor becomes aware of a situation that was present as of the BS date client should issue a disclosure to financial statement users and/or revise the financial statement.
Regulatory agencies might need to get involved under some circumstances.
Evidence and Risk
If auditor discovers that they forgot to perform a substantive procedure auditor should determine if other substantive procedures performed served as a substitute.
Otherwise support for their audit opinion could be jeopardized.
Evidence and Risk
REQUIRED When planning the audit (preliminary)
REQUIRED When reviewing the audit (final)
Analytical procedures may be also performed optionally along with the substantive testing.
Use of Analytical Procedures in the audit must be documented.
Evidence and Risk
Helps the Auditor:
Determine if Management Assertions are reasonable
Develop audit plan
Develop some expectations about the financial statement and hopefully bring to light any glaring errors on financial statement
Evidence and Risk
Analytical Procedure focus is on dollar amounts (not internal controls)
Analyzes Financial Data: Do Financial Statements Make Sense?
Comparison of data between years
Evidence and Risk
Current Ratio = Current Assets / Current Liabilities
Evidence and Risk
Quick Ratio = Liquid Assets / Current Liabilities
Evidence and Risk
Asset Turnover = Net Sales / Average Assets
Evidence and Risk
Inventory Turnover = COGS / Average Inventory
Evidence and Risk
Gross Margin % = Gross Margin / Sales
Evidence and Risk
Ratios are Analytical Procedures
Evidence and Risk
Budget vs. Actual comparisons are Analytical Procedures.
Evidence and Risk
Ratio analysis
Budget vs. Actual comparison
Comparison of data between years
Use of non-financial data to predict expected values for financial data
Evidence and Risk
Management assertions help the auditor to plan the audit and select substantive tests.
Evidence and Risk
Presentation - Cutoff Classification - Is it in the right period and category?
Existence/ Occurrence - Did it happen? Does it exist?
Rights & Obligations - Does the company own them?
Completeness - Was everything recorded?
Valuation - Are they worth the amount at which they are recorded?
(PERCV)
Evidence and Risk
Occurrence
Cutoff
Classification
Completeness
Accuracy
Evidence and Risk
Occurrence
Completeness
Classification
Accuracy
Evidence and Risk
No it is an extended procedure.
For example you don’t have to take a loan covenant document and go search out that it’s a valid loan covenant. Instead you consider the source - if it’s externally prepared it’s more persuasive.
Evidence and Risk
First and foremost you need to understand management’s rationale and methods for developing estimates before you can judge reasonableness.
Next Auditor should formulate their own opinion on what a good estimate should be and compare it.
Finally determine if subsequent events affect the estimate.
Evidence and Risk
Audit workpapers are the property of the auditor.
They can be paper or electronic.
They must include a WRITTEN audit program (either paper or electronic).
Evidence and Risk
Information pertaining to the current year’s audit.
Evidence and Risk
Information used for this audit and future audits which is updated as needed.
Evidence and Risk
Must be kept for 5 years after the audit release date or according to regulations whichever is longer.
Must be kept for 7 years under PCAOB Audit
PCAOB audits also require an Engagement Completion Document
Evidence and Risk
Any experienced auditor should be able to look at your work and understand what you did.
Evidence and Risk
If further documents are added to the work papers after the audit report is issued it must be documented as to who added them why they were added and any effects on the audit report.
Evidence and Risk
After the audit report is released the firm has 60 days to subtract from the file.
You can still add to the file if you document it but you cannot delete any information after 60 days.
Note - for SEC auditors the PCAOB only allows deletions up to 45 days after issuance of the audit report.
Evidence and Risk
