Practice Deck Flashcards
What is the Audit Process
Client Acceptance
Planning
Risk Assessment
Substantive Procedures
Report
Parts of Client Acceptance and continuance
Basically, you want to understand if the client has integrity.
Also need to be independent
You can reach out to prior auditor.
When is the Engagement letter created. What is it? What does it entail?
Created right AFTER accepting or continuing an engagement.
Written contract that spells:
Engagement objectives
Mgmt responsibilities (ultimately
responsible for F/S
Auditor responsibilities
Limitations (reasonable assurance)
Additional services that will be provided (ex/ tax services)
Use of specialists
Etc
Planning
Get understanding of business
Figure out some things they can have
issues with based on understanding
Set materiality threshold here
Risk Assessment
Deciding how much I can rely on clients I/C
Tells me if I need more or less substantive procedures
Substantive procedures
Tests, processes to see if F/S are accurate and testing mgmt assertions to determine if theres been material misstatement in transactions or ending bal
2 types
Test of details
Substantive Analytical Procedures
Test of details
Test of transactions- Tracing (confirmation)
Test of Ending bal-
Vouching- Existence/Occurence,
Confirmation letters
Substantive analytical procedures
Analyzing trends and relationships for financial and nonfinancial info
Performance Materiality
Less than Materiality for F/S as a whole to reduce probability that undetected misstatements are more that materiality
Tolerable Misstatement
The max amount of a SINGLE/TEST SAMPLE misstatement the auditor is willing to accept.
Calculated by applying performance materiality to a specific sampling procedure.
Materiality
Material amount considered for F/S taken as a whole.
Audit Data Analytic (ADA)
Audit procedure used to analyze data patterns, find anomalies, extract information.
Can be used for control testing, anaylticl procedures (for risk assessment or substantive procedure) and as a test of details or to help form audit conclusions
What are the 5 suggested steps for an ADA?
- Plan the audit
- Access and prepare the data for the ADA
- Consider the relevance and reliability of this data
- Perform the ADA
- Evaluate the results
Basically: 1- Plan it 2- Get the info. 3- Do I need this info? 4- Use the info 5- Look at results of the process
What happens during step 2 of the ADA process
We Extract, Transform, Load
Extract- get the data from client by
requesting/downloading
Transform- cleaning/reformatting data to
fit formatting needed for our
processing
Load- load it into analysis software
Part of Transformation Process
Aggregating- Summarizing smaller info
categories into a bigger
one. Like zip codes into
counties.
Joining- combines different data types for
a result (Combine weather data
online with sale data internally to
forecast sales
Transposing- switching columns into
rows, or Mult columns into
rows (or row to column)
Sorting- rearranges info into a useful
order. (Think excel)
Filtering- Allows view in specific criteria (think excel)
What are the 4 types of ADA techniques and what are they used for?
Details:
Descriptive Analytics- What has
happened
Diagnostic Analytics- Why it happened
Predictive Analytics- What will happen
Prescriptive Analytics- How to make it
happen
What is big data
Big data holds the nature of the type of info to be used in ADA
Data amounts so big it can be analyzed using normal processes (like spreadsheet)
This data comes from multiple sources (spreadsheets, emails, apps, questionnaires, social media posts, etc.)
Big Data has the 4 Vs that makes it useful
Volume- the amount/size of data to
analyze
Velocity- frequency/speed at which data
is generated, processed and
analyzed
Variety- Form of data (structured,
unstructured, semi-structured.)
Veracity- quality/trustworthiness,
accuracy, and precision of data
What type of assurance does a review provided? What procedures are involved in conducting one?
Limited/Negative Assurance
Primarily analytical procedures and inquiries of personnel
NOT auditing procedures by any means
What kinds of situations should be discussed with governance vs audit team?
Governance- things that affect the F/S
Audit Team- things that affect the audit
Management Assertions and what they mean
- Completeness- says all necessary transactions and accounts have
been included in the F/S. - Occurrence- say all transactions in the F/S actually happened
- Accuracy- says all transactions/events are recorded at right
amount. - Cutoff- says all transactions/events recorded in the right
accounting period
5.
How do we evaluate the results of control testing? and what does it say about the control we’re testing?
Ex/
Sample size- 150
Test deviations- 8
Tolerable Rate- 6%
Expected population deviation- 4%
Allowance for sampling risk- 1%
We compare the upper limit precision limit (UPL) w/ the tolerable rate (TR)
UPL= Sample deviation rate + Allowance for sample risk
so:
Sample deviation rate= 8/150= .0533=5.33%
UPL= 5.33%+1%= 6.33%
TR= 6%
UPL less or equal to TR= Control is effective
UPL more than TR= Control is no effective
*Expected population deviation- helps us calculate what sample size
to use. We don’t use it to evaluate results.
If RMM is high, what can we do?
Audit Risk- RMM (inherent risk x control risk) X Detection risk
If RMM is high, we need to reduce Detection risk
Detection risk is the risk we will not detect a mat. misstatement
W can reduce it by:
1. Doing more sub. testing
2. Emphasizing professional skepticism
3. Providing more supervision
4. Reducing predictability of procedures
5. Changing the nature, timing and extent of procedures
(includes 1)
What is Sampling Risk?
When should an auditor disclose the use of a specialist?
Unmodified opinion: NO need
Modified- Add explanatory language indicating use of specialist
Reminder that auditor shares NO responsibility w/ specialist.
