ac316_11 - AC 316 Auditing Audit Planning and Documentation...

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: AC 316 Auditing Audit Planning and Documentation Thammasat School of Business To enable the auditor to obtain To sufficient competent evidence To help keep audit costs To reasonable To avoid misunderstandings with To the client Purposes of Audit Planning Preplan the Audit Decide whether to accept or Decide continue doing the audit for a client Identify the client’s reasons for Identify audit Obtain an engagement letter Obtain Select staff for engagement Select Obtain knowledge of client’s Obtain industry and business Tour the plant and offices Tour Identify related parties Identify Evaluate need for outside Evaluate specialists Obtain Background Information Corporate Charter and Bylaws Corporate Minutes of Meeting Minutes Contracts Contracts Obtain Information Obtain About Client’s Legal Obligations Perform Preliminary Analytical Procedures Understanding the client’s Understanding industry and business Assess going concern Assess Indicate possible Indicate misstatements Reduce detailed tests Reduce Working Papers Working papers are the records kept by the auditor of the procedures applied, the tests performed, the information obtained, and the pertinent conclusions reached in the engagement. Overall Objective: To aid the auditor in providing reasonable assurance that an adequate audit was conducted in accordance with GAAS Purposes of Working Papers Purposes of Working Purposes Papers Specific Objectives: Basis for planning the audit Basis Record of the evidence Record accumulated and the results of the tests Data for deciding the proper type Data of audit report Basis for review by supervisors (or Basis managers) and partners managers Permanent Files Permanent Current Files Current Contents & Organization Data of a historical or continuing Data nature pertinent to the current audit All working papers applicable to the All year under audit Permanent Files Articles of corporation, bylaws, bond Articles indentures, and contracts Analyses, from previous year, of accounts Analyses that have continuing importance to the auditor Information related to the understanding Information of internal control and assessment of control risk The results of analytical procedures from The Current Files Current Audit program Audit General information General Working trial balance Working Adjusting and reclassification Adjusting entries Supporting schedules Supporting Supporting Schedules Supporting Analysis Analysis Trial balance or list Trial Reconciliation of amounts Reconciliation Tests of reasonableness Tests Summary of procedures Summary Examination of supporting documents Examination Informational Informational Outside documentation Outside Preparation of WPs Identification Identification Index and Cross-reference Index Audit procedure performed Audit Tick marks Tick Conclusions Conclusions Ownership of WPs Working papers are the Working property of the auditor Confidentiality of WPs Professional ethics Professional WP can be provided to someone WP else only with the express permission of the client ...The End ... Five Types of Tests Procedures to obtain an Procedures understanding of Internal Control Tests of controls Tests Substantive tests of transactions Substantive Analytical procedures Analytical Tests of details of balances Tests Overall Audit Plan and Overall Audit Program Tests & Evidence Relationship: Tests & Evidence Relationship Relative costs: Ranking Relative Evidence Mix The combination of five types of The tests used for any given cycle Relationship between tests of Relationship controls & substantive tests Trade-off between tests of Trade controls & substantive tests Tests of controls and Tests substantive tests of transactions Analytical procedures Analytical Tests of details of balances Tests Design of Design The Audit Program Internal Control and Control Risk Definition is the system that consists of many specific policies and procedures designed to provide management with reasonable assurance that the entity’s important goals and objectives will be met. Client Concerns A effective control system: Reliability of financial reporting Reliability Effectiveness and efficiency of Effectiveness operations Compliance with applicable laws Compliance and regulations Internal Control Auditor Concerns Auditor GAAP of field work Reliability of financial reporting Reliability Emphasis on controls over classes Emphasis of transactions Key Concepts Three key concepts in the study of internal control: Management’s responsibility Management Reasonable assurance Reasonable Inherent limitations Inherent Transaction-related audit objectives Transaction Components of IC Five components: The control environment The Risk assessment Risk Control activities Control Information and communication Information Monitoring Monitoring Control Environment Integrity and ethical values Integrity Commitment to competence Commitment Board of directors or audit Board committee participation Management’s philosophy and Management operating style Control Environment Control Organizational structure Organizational Assignment of authority and Assignment responsibility Human resource policies and Human practices Risk Assessment Risk is the possibility that errors Risk and irregularities will occur. Management assesses risks as Management part of designing and operating internal controls to minimize errors and irregularities. Control Activities Adequate separation of duties Adequate Proper authorization of transactions Proper and activities Adequate documents and records Adequate Physical control over assets and Physical records Independent checks on performance Independent Adequate Separation of Duties Separation of these duties: Separation Authorization (A) Authorization Bookkeeping (B) Bookkeeping Custody of assets (C) Custody Separation of duties within EDP Separation Systems analyst, Programmer, Systems Computer operator, Librarian, Data control group Proper Authorization Proper of Transactions and Activities Every transaction must be Every properly authorized. General & Specific General authorization Authorization (policy decision) Authorization Vs Approval (implementation) Documents and records should be Prenumbered consecutively Prenumbered Prepared at the time the Prepared transaction takes place Sufficiently simple Sufficiently Designed for multiple use to Designed minimize the number of different forms Adequate Documents and Records Documents and records should be Constructed in the manner that Constructed encourages correct preparation Other factors: Chart of accounts Chart Systems manuals Systems Adequate Documents and Records Physical Control Over Assets and Records Physical precautions Physical Safeguarding assets and records Safeguarding Safeguarding EDP equipment, Safeguarding programs, and data files Physical controls Physical Access controls Access Backup and recovery procedures Backup Independent Checks on Independent Performance Internal verification to make sure Internal that the procedures are followed Independence is required Independence The purpose to be met To identify, assemble, classify, To analyze, record, and report the transactions and to maintain accountability for the related assets Information and Communication Monitoring Ongoing or periodic assessment Ongoing of the quality of internal control performance by management Internal audit function Internal Size of business and internal Size control Obtain understanding of internal Obtain control for design and operation Assess control risk Assess Test controls Test Detection risk and substantive Detection tests IC and Control Risk Understanding of IC Understanding Procedures: Update and evaluate auditor’s Update previous experience with the entity Make inquiries of client personnel Make Read client’s policy & system manuals Read Examine documents and records Examine Observe entity activities & operations Observe Understanding of IC Documentation: Narrative Narrative Flowchart Flowchart IC questionnaire IC “No” = potential IC weaknesses Identify transaction-related audit Identify objectives Identify specific controls Identify Identify and evaluate weaknesses Identify The control risk matrix The Assess control risk Assess Communicate reportable conditions Communicate and related matters Assess Control Risk Identify existing controls Identify Identify the absence of key Identify controls Determine potential material Determine misstatements that could result Consider the possibility of Consider compensating controls Identify & Evaluate Weaknesses Communicate Communicate Reportable Conditions Audit Committee Communications Audit Management letters Management Procedures: Make inquiries of appropriate Make client personnel Examine documents, records, Examine and reports Observe control-related Observe activities Reperform client procedures Reperform Tests of Controls Tests of Control Extent of Procedures Reliance on evidence from prior Reliance year’s audit Testing less than the entire audit Testing period AC 316 Auditing Materiality and Risk Thammasat School of Business Materiality Materiality The magnitude of an omission or misstatement of accounting information that makes it probable that the judgement of a reasonable person relying on the information would have been changed or influenced by the omission or misstatement. PDR Audit Risk Model = AAR / (IR x CR) Planned Detection Risk Accepted Audit Risk = Inherent Risk = Control Risk PDR = PDR AAR = AAR IR IR CR CR Inherent Risk A measure of the auditor’s assessment of the likelihood that there are material misstatements in a segment before considering t h e e f f e c t i v e n e s s of i n t e r n a l c o n t r o l s . Inherent risk is the susceptibility of the F/Ss to material misstatement, assuming no internal controls. no Control Risk A measure of the auditor’s assessment of the likelihood that misstatements exceeding a tolerable amount in a segment will not be prevented or detected by the client’s internal controls. Accepted Audit Risk Accepted A measurement of how willing the auditor is to accept that the F/Ss may be materially misstated after the audit is completed and an unqualified opinion has been issued. Planned Detection Risk A measure of the risk that audit evidence for a segment will fail to detect misstatements exceeding a tolerable amount, if such misstatements exist. Inherent Risk Nature of the client’s business Nature Integrity of management Integrity Client motivation Client Results of previous audits Results Initial Vs. Repeat engagement Initial Related parties Related Non-routine transactions Non Inherent Risk Inherent Judgement required to correctly Judgement record account balances and transactions Susceptibility to Susceptibility defalcation Makeup of the Makeup population ...
View Full Document

Ask a homework question - tutors are online