people are involved in carrying out steps in some andor all stages of a process

People are involved in carrying out steps in some

This preview shows page 127 - 129 out of 346 pages.

people are involved in carrying out steps in some and/or all stages of a process, including performing control activities IT systems involved in the process record the transactions and store the data used to produce the financial statements. In addition, automated controls operate within the IT systems.
Image of page 127
Audit & Assurance Chartered Accountants Program Page 4-20 Core content – Unit 4 Example – Understanding the flow of a transaction in a sales process The point at which a transaction begins – a triggering event Example : A customer calls the sales department and places an order over the phone Initiation The point at which the transaction is first entered into the entity's information system Example : A sales representative keys the customer's phone order (date, customer ID, customer name, product code, quantity, sales amount) into the sales database This is the broadest phase and covers any steps that need to be taken before the transaction can be reported in the general ledger Example : The sales database generates an 'end of day' (EOD) file containing all the sales orders entered into the database during the day, which is uploaded to the server at 10pm each night Recording Processing The point at which the transaction is reported in the general ledger – i.e. when the journal entry is posted Example : The accounting system automatically records a sales journal (DR Accounts Receivable/CR Sales) using the information in each EOD file Reporting The auditor may choose to perform a walk-through (discussed below) as part of obtaining an understanding of the flow of transactions in a process. Required reading ISA 315 (Revised) paras 18 and 20–21 and related application paragraphs. Obtaining an understanding of relevant process level controls As mentioned earlier in this unit, auditors do not need to obtain an understanding of all controls implemented by management. Their focus is on obtaining an understanding of controls relevant to the audit. The auditor uses their professional judgement in making this determination. Note, however, that whenever the auditor determines that a significant risk exists, they must evaluate the design and implementation of controls over the significant risk. Types of process level controls To assess which control would be most effective in addressing the identified risk, the auditor would consider the activity performed and the type of control. Controls can be categorised in many ways – for example, by their objective, their degree of dependence on IT and the nature of the control. The objective of a control relates to how the control attempts to address the risk – that is, either by preventing, or detecting and correcting, a material misstatement.
Image of page 128
Image of page 129

You've reached the end of your free preview.

Want to read all 346 pages?

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture