ACT 4497 Lecture ch11

ACT 4497 Lecture ch11 - Assurance Services and the...

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Assurance Services and the Integrity of th Modern Auditing: Modern Auditing: Financial Reporting, 8 Edition California Polytechnic State University at San Luis Obispo William C. Boynton Portland State University Raymond N. Johnson Chapter 11 – Audit Procedures in Response to Assessed Risks: Tests of Controls Steps in Assessing Control Risk Steps in Assessing Control Risk Process for Assessing Control Risk Process for Assessing Control Risk • Consider Knowledge Acquired from Procedures to Obtain an Understanding • Identify Potential Misstatements Process for Assessing Control Risk Process for Assessing Control Risk • Identify Necessary Controls – Nature of controls to prevent or detect and correct misstatements – Nature of controls implemented by management – Significance of each control – Risk that designed controls may not operate effectively Control Design for Specific Assertions Control Design for Specific Assertions • Completeness Assertion • Existence or Occurrence Assertion • Valuation and Allocation Assertion • Presentation and Disclosure Assertion Identify Necessary Controls Identify Necessary Controls Process for Assessing Control Risk Process for Assessing Control Risk • Perform Tests of Controls – Evidence about effectiveness of the design and operation of controls • Evaluate Evidence and Make Assessment – Matter of professional judgment – Identify strengths and deficiencies – Express quantitatively or qualitatively Strategies for Performing Tests of Strategies for Performing Tests of Controls in an IT Environment • User Controls • Application Controls • General Controls and Manual Followup Procedures Overview of Computer Controls Overview of Computer Controls Computer­Assisted Audit Techniques Computer­Assisted Audit Techniques (CAATs) • Auditing through the computer • Advantageous when: – Significant part of internal controls is imbedded in a computer program – Significant gaps in visible audit trail – Large volumes of records to be tested Types of CAATs Types of CAATs • Parallel Simulation • Test Data • Integrated Test Facility • Continuous Monitoring of On­line Real­ time Systems Parallel Simulation versus Test Data Parallel Simulation versus Test Data Continuous Monitoring of On­Line Real­ Continuous Monitoring of On­Line Real­ Time Systems • Continuous Monitoring • Audit Hook • Tagging Transactions • Audit Log Methodologies for Meeting the Second Methodologies for Meeting the Second Standard of Fieldwork Effects of Preliminary Audit Strategies Effects of Preliminary Audit Strategies • Primarily Substantive Approaches • Lower Assessed Level of Control Risk Designing Tests of Controls Designing Tests of Controls Designed to evaluate the operating effectiveness of a control concerned with: • How the control was applied • Consistency with which it was applied • By whom it was applied Nature of Tests of Controls Nature of Tests of Controls • Inquiries of entity personnel • Inspection of items indicating performance of the control • Observation of the application of the control • Reperformance of the application of the control by the auditor Timing of Tests of Controls Timing of Tests of Controls • One Occasion versus Multiple Occasions • Timing Issues – Interim Period – Remaining Period – Results from Prior Periods Extent of Tests of Controls Extent of Tests of Controls • Nature of the Control • Frequency of Operation • Importance of the Control Designing Tests of Controls Designing Tests of Controls • Staffing Tests of Controls • Audit Programs for Tests of Controls • Dual­Purpose Tests Additional Considerations Additional Considerations • Assessing Control Risk for Account Balance Assertions Affected by a Single Transaction Class • Assessing Control Risk for Account Balance Assertions Affected by Multiple Transaction Classes Account Balance Assertions and Account Balance Assertions and Transaction Class Assertions Account Balance Assertions and Account Balance Assertions and Transaction Class Assertions Documenting the Assessed Level of Documenting the Assessed Level of Control Risk • Control Risk Assessed at the Maximum – Only the conclusion is documented • Control Risk Assessed at Below the Maximum – Basis for assessment must be documented Communicating Internal Control Communicating Internal Control Matters • Internal Control Deficiency • Significant Deficiency • Material Weakness ...
View Full Document

Ask a homework question - tutors are online