456 midterm Flashcards Preview

acctg > 456 midterm > Flashcards

Flashcards in 456 midterm Deck (201):
1

what is an audit

engagement where practitioner issues written report and concludes on a subject matter for which accountable party is responsible

2

what are the five types of audit and explain them

1. financial statement audit
2. compliance audit - making sure info is in compliance with particular act
3. operational audit - looking at how things are being opperated
4. comprehensive audit - doing more than one thing at the same time
5. internal audit - internal departments provide assurance about aspects of activities

3

what is management's responsibility

to prepare the financial statements (charged with governance)

4

what are five attributes that financial statements should include

relevant - impact user's decisions
reliable - unbiased
comparable - through time
understandable
fair presentation - according to standards or framework

5

what is auditors responsilibty

provide level of assurance that numbers are fair

6

what are three attributes auditors should have

professional skepticism
professional judgement
due care

7

what is professional skepticism

open and questioning mind - not accepting everything as true and not accepting everything as false

8

what is due care

do work thoroughly, properly, correctly

9

who are the users of financial statements

shareholders, owners of business
investors
suppliers
customers
lenders
employees
government
general public

10

reasons why users demand audited financial statements

remoteness - can't see what managers are doing, dont have access to entity
complexity - don't have accounting/legal knowledge
competing incentives - can be biased
reliability - need to make sure info is reliable, have real consequences

11

what are the three frameworks

agency theory
information hypothesis
insurance hypothesis

12

what is the agency theory

managers behave opportunistically
focused on own self interests
so shareholders willing to pay to have them monitored
good quality managers willing to have audits

13

what is information hypothesis

users value higher quality information when they know it's accurate
audited info more valued- lower risk premium

14

what is insurance hypothesis

investors use audited info to insure against potential losses

15

what are the limitations of an audit

no guarentee that statements are free from error/fraud
required to be performed within reasonable period and cost
judgement is required in process - not always right

16

what are the different levels of assurance

reasonable assurance
moderate assurance
no assurance

17

what reports are the different levels of assurance related with?

reasonable assurance - audit
moderate assurance - review engagement
limited assurance - notice to reader / compilation engagement

18

what is reasonable assurance

gathering sufficient evidence to form positive expression of opinion regarding whether info being assured is presented fairly
highest, but not absolute, assurance

19

what is moderate assurance

gathering sufficient evidence to form negative expression of opinion regarding reliability of information being assured
nothing has come to attention of reader

20

what is no assurance

reports on factual findings (ie mathematical accuracy) and does not express an opinion

21

what are misstatements?

only happens in audit or review engagement
differences between reported financial statement and correct reporting required by standards
can't force them to change misstatement but can tell them the consequences

22

what are the factors to consider when evaluating

risk of additional misstatements remaining undetected
effects of misstatements on debt covenants/contracts
whether error or judgemental misstatement
reversing effect on current year's financial report on misstatements identified in previous year
recurring differences will be more material in future
fraud, illegal acts
significance of financial statement element affected by misstatement
effect of misstatements on segment info/key ratio
changes net income into net loss

23

what is a schedule of uncorrected differences

auditor keeps list of all the errors they find in order to assess overall effect on financial statements and/or individual items/balances
consider effect on future year's reports

24

what is another name for schedule of uncorrected differences

summary of unadjusted differences
summary of uncorrected differences

25

what is the significance of prior year misstatements

immaterial in previous year but could be material this year
consider potential to reverse in next year

26

what is the format of an audit report

name of audit firm/address
addressed to shareholders/board
audit opinion
basis for opinion
key audit matters - judgement
responsibility of management
responsibility of auditor
other reporting responsibilities
name of engagement partner
auditors signature
date
auditors address

27

how do you form an opinion

1. evaluate audit evidence obtained
2. evaluate effects of unrecorded misstatements and qualitative aspects of entity's accounting
3. evaluate whether financial statements are properly prepared/presented according to standards
4. evaluate fair presentation of statements in accordance with applicable reporting framework

28

what are the different audit opinions

unmodified opinion
qualified opinion
adverse opinion
disclaimer of opinion

29

what is an unmodified opinion

unqualified or clean

30

what is a qualified opinion

auditor concludes financial statements contain material misstatement or wasn't able to obtain sufficient appropriate evidence but misstatement was material but NOT pervasive

31

what is an adverse opinion

misstatement is material and pervasive
statements are not fair

32

what is a disclaimer of opinion

wasn't able to obtain sufficient appropriate evidence so wasn't able to form an opinion and is material and pervasive

33

limitation of scope

auditor's inability to perform procedures or an imposition by entity
ie timing problems
records damaged/not complete
restricted to locations
if material but not pervasive: qualified
if material and pervasive: disclaimer of opinion

34

why might an auditor need to modify the opinion

emphasize certain matter - emphasis of matter (doesn't affect opinion, could still be unqualified)
express qualified, adverse, disclaimer of opinion

35

conditions leading to modified audit report?

significant uncertainty exists that should be brought to reader's attention
limitation of scope
disagreement with management regarding application of accounting policies or disclosure

36

what is emphasis of matter

applies when resolution of matter is dependent on future actions and events not under direct control of entity but may affect statements and matter IS disclosed in statements

37

what are some examples of when to use emphasis of matter

significant uncertainty: going concern, litigation
additional disclosures
early adoption of new accounting standard with significant impacts on statement
major catastrophe
subsequent event resulting in new information after year end

38

what are examples regulators

auditing and assurance oversight council (AASOC)
auditing and assurance standards board (AASB)
international auditing and assurance standards board (IAASB)
Canadian Business Corporation Act (CBCA)
Canadian Securities Administrator (CSA)
Canadian Public Accountability Board (CPAB)
Toronto Stock Exchange (TSX)
Professional Accounting Bodies (CPA Canada, CPA Alberta)

39

what is the audit expectation gap

differences between expectations of assurance providers and statement users

40

what causes the audit expectation gap

unrealistic expectations including:
auditor providing complete assurance
auditor guaranteeing future viability of entity
unqualified opinion denotes complete accuracy
auditor will find all frauds

41

how can you reduce the expectation gap?

auditors performing their duties appropriately
undertaking peer reviews of work performed
reviewing and updating auditing standards
educating the public
enhanced reporting explaining audit processes and levels of opinion auditors provide
greater attention to the risk of material fraud occuring

42

what are the fundamental ethical principles auditors must have

integrity - straightforward and honest
objectivity - unbiased, don't allow things to influence you
professional competence and due care - maintain knowledge and skill at level required
confidentiality - refrain from disclosing information
professional behaviour - comply with rules and regulations and don't harm reputation of profession

43

what is auditor independence

ability to act with integrity, objectivity and with professional skepticism

44

what are the two types of independence auditors must have

independence of mind - ability to act independently, actual independency
independence in appearance - belief by others that independence of mind has been achieved, perceived independence

45

what are the five threats to independence

self interest
self review
advocacy
familiarity
intimidation

46

what is self interest threat and give an example

audit firm has financial interest in audit client
ie shares owned in the client

47

what is the self review threat and give an example

auditor needs to form opinion on own work done by themself
ie preparing info for client that is then assured

48

what is the advocacy threat and give an example

audit firm believed to act on behalf of client
ie encouraging others to buy client's shares

49

what is the familiarity threat and give an example

when close relationship exists between assurance firm and client
ie former partner of firm is CEO at client

50

what is the intimidation threat and give an example

auditor feels threatened by client's staff and is unable to act objectively, fearing negative consequences
ie threat that client will use different assurance firm next year if they're not given a clean opinion

51

what are the additional requirements for public companies with market capitalization and book value of total assets greater than $10 million

audit partner rotated off every 7 years with 5 year break from audit engagement
audit committee must pre-approve all services provided to by the client
partners can't be directly compensated for selling non assurance services
if engagement team member accepts employment in financial reporting role with client, firm refrains from being auditor of client for one year from last filing - cooling off period

52

what are the safeguards to independence (three categories)

created by profession, legislation, regulation:
quality control standards
code of ethics
legislative requirement to be independent
created by clients:
corporate governance to guide and control
policies and procedures
audit committee - liaise, enhance independence
created by accounting firms:
quality control procedures
client acceptance and continuance
rotation policies
provide continuing education for staff

53

what groups do auditors have relationships with

shareholders
board of directors
audit committee
internal auditors

54

describe auditor's relationship with shareholders

audit report addressed to them
formal responsibility for auditor appointment

55

describe auditor's relationship with board of directors

ensure company is being run to benefit shareholders
executive and non executive members (majority should be independent)

56

describe auditor's relationship with audit commitee

acts on behalf of board in financial reporting and audit matters
aid to auditor independence
meet with external and internal auditors

57

describe auditor's relationship with internal auditors

if effective internal audits, external auditor can modify nature and timing of procedures and reduce extent of testing
depends on internal auditor's:
objectivity
technical competence ie training
due professional care
communication with external auditors

58

what legal liability do auditors have

must exercise due care and be diligent in applying standards and documenting work

59

when can auditor be found negligent and liable for damages under tort law

duty of care was owed
breach of duty
loss was suffered as a consequence of that breach

60

what legal liability do auditors have to clients

1. contract- failed duty of care implicit in acting as auditor and explicit in engagement letter
2. negligence/tort law - failed in performance of audit by being careless and breaching duty of care

61

what legal liability do auditors have to third parties

negligence/tort law

62

how do you determine legal liability to third parties

need to establish duty of care was owed to third party
auditors negligence was responsible to third party's loss
must establish auditor was aware third party was going to use financial statement
must establish third party relied on financial statements for purpose they were prepared

63

what is contributory negligence

plaintiff and the defendant can be proven to both be negligent and each party must be held responsible in proportion to their guilt

64

steps to take to avoid litigation

hire competent staff, regular training
comply with ethical and auditor regulations
implement policies and procedures
client acceptance
staff allocation
ethical and independence issue identification
adequate work documentation - to show in court
gather adequate and appropriate evidence to support opinion
meet with client's audit committee to discuss significant issues arising in audit
follow up significant weaknesses in client's internal control procedures from last year

65

what are the three steps of client acceptance and continuance

1. access client integrity
2. assess audit firm's ability to meet ethical requirements, service client
3. prepare client engagement letter

66

what should auditor consider when assessing client integrity

reputation of client
client's reason for switching auditor
client's attitude to risk exposure and management
client's attitude to using internal controls
appropriateness of client's interpretation of accounting rules
client's willingness to allow auditor full access to info required to form opinion
client's attitude and willingness to pay fair amount for audit work

67

where can auditor obtain info from when assessing client integrity

talking with prior auditor
client personnel
third parties
key competitors
reading press articles

68

what are ethical requirements auditor should consider with client acceptance

threats to fundamental principles arise from appointment
ensure audit firm has sufficient staff available with required knowledge to complete audit
consider potential safeguards and remedies
decline appointment if threat insurmountable

69

what is a client engagement letter

prepared by auditor and acknowledged by client
explains scope of audit, timing of aspects of audit, overview of client responsibilities
identifies reporting framework and forms content of report
confirms auditors right of access to info, independence considerations
sets fees

70

what are the stages of an audit

1. planning
2. performing/execution
3. reporting

71

what are examples of preliminary risk identification

fraud risk
going concern risk
corporate governance
understand internal controls
understand IT environment
significant accounts
significant transactions of processes
closing procedures
materiality
understand client
identify related parties

72

what are the three levels to gaining an understanding of the client

entity level issues
industry level issues
economy level issues

73

what is entity level issues and examples

understanding the client in detail to understand accounts at risk:
 identification and appropriate disclosure of client’s related parties ie parent companies, subsidiaries, investments
 it’s major customers
 it’s major suppliers
 client’s capacity to adapt to changes in technology and other trends
 warranties and discounts offered to customers
 client operations
 employee contracts, relations with employees
 sources of financing
 ownership structure
 ID related parties

74

what is industry level issues and examples

understanding the client's position in the industry
 risks from nature of industry and client’s position within it
 compare client to national and international competitors – level of competition
 auditor may have special industry expertise and knowledge
 competitive pressure on client’s profits, ability to withstand industry downturn
 client’s reputation relative to competitors, risk of losing business and profits
 level of gov. support for industry and impact of government regulation
 overall level of demand for industry goods

75

what is economy level issues and examples

how do overall economic conditions affect the client
 Interest rate changes, financial crises
 Shareholder expectations of increasing profits in good times
 What are specific pressures on client to understate/overstate profits in these conditions

76

what is fraud risk

auditor must assess risk of material misstatement due to fraud

77

what must auditor do when assessing fraud risk

adopt attitude of professional skepticism
maintain independent questioning mind
search thoroughly for evidence to validate info provided by client
don't just rely on past experience with client, remain independent of client

78

what are the two types of fraud

1. financial reporting fraud
2. misappropriation of assets fraud

79

what are examples of financial reporting fraud

improper asset values, unrecorded liabilities
delaying expenses, bringing forward revenues
fictitious revenues, understating expenses
inappropriate application of accounting principles

80

what are examples of misappropriation of assets fraud?

using company credit card for personal items
failure to remove ex employees from payroll
unauthorized discounts/refunds to customers
theft of stock/other assets

81

what are incentives/pressures client may be inclined to commit fraud

competitive pressures, falling demand, falling profits, threat of bankruptcy
rapid growth, low cash with high profits
pressure to meet market expectations, plants to list on stock exchange
about to enter into significant new contracts
remuneration tied to profits

82

opportunities for fraud to be committed

accounts that rely on estimates and judgements
high volume of transactions near year end
significant related party transactions
complex or unusual transactions
significant adjusting entires and reversals after year end
poor corporate governance, poor internal controls
high staff turnover

83

rationalizations to fraud

poor tone at the top
poor attitudes to internal controls
excessive focus on maximizing profits/share prices
poor attitudes to compliance with accounting regulations
rationalization that other companies 'do it too'

84

auditor should perform specific procedures related to fraud

ask management if they're aware/suspect a fraud
all audit team members should attend team planning meeting where they review significant fraud risk factors and financial statement elements susceptible to ffraud
perform preliminary analytics to aid in identifying unusual relationships
consider risk of management override

85

what is going concern risk

consider whether appropriate to assume client remains a going concern

86

what are indicators of going concern risk

significant debt/equity ratio
long term loans due with no alternative financing
prolonged losses, inability to pay debts when due
loss of significant customer, supplier problems
high staff turnover, loss of key personnel, srikes
problems obtaining raw materials, inputs
poor growth planning, inadequate risk management
being under investigation for non compliance
competitive pressures, drought etc

87

if going concern is in doubt, what additional audit procedures should you undertake?

assess cash flow, revenues, expenses, interim results
review debt contracts, board meeting minutes
discussions with client management and auditor

88

what factors reduce going concern risk?

letter of guarantee from parent company
availability of assets/segment of business for sale for cash
ability to raise funds through share issue or borrowing
ability to sell unprofitable segment of business

89

what is corporate governance

the rules, systems and processes within companies used to guide and control activities

90

what are risks associated with IT environment?

unauthorized access to computers, software, data
errors in programs
lack of backup and loss of data
appropriate IT installation and security procedures and training for staff

91

what are the two client controls to reduce IT risks

general controls - doesn't relate to specific application
ie password protections, authorization
application controls -
ie who can access payroll software, debits/credits have to equal in accounting software

92

what are some risks associated with inadequate client closing procedures

revenue/expense accounts should include all transactions in year and none from other periods
accrued assets and liabilities are complete
assets and liabilities should include all relevant items

93

what are the audit procedures to assess adequacy of client closing procedures

assess adequacy of client interim reporting procedures
check accuracy of accrual calculations
analyze results to assess reasonableness
consider pressures on client to overstate profit or report smoothed income
trace transactions around year end to documents to determine appropriate dates

94

what are the stages in audit risk minimization

1. identification of accounts and related assertions most at risk of material misstatement (inherent risk)
2. assessment of client's system of internal controls (control risk)
3. auditor plans to undertake detailed testing of each identified account to the extent determined necessary

95

what is significant rask

identified and assessed risk of material misstatement that requires special audit consideration

96

what does significant risk involve

involves fraud
related to significant economic/accounting development
involves complex transactions
involves significant related party transactions
involves subjectivity in measurement of financial info

97

what is the function of audit risk (mathematical function)

AR = IR x CR x DR
audit risk = inherent risk x control risk x detection risk

98

what is inherent risk

risk that material misstatement could occur

99

what is control risk

risk that client's system of internal controls will not prevent or detect material misstatement

100

what is detection risk

risk that auditor's testing procedures will not be effective in detecting a material misstatement if there is one

101

what is the relationship between inherent/control risk and detection risk

inverse relationship - the higher inherent and control risk, the lower we want detection risk to be

102

when should you do more and less substantive testing based on control/inherent risk

if IR and CR are high, DR is set as low and more substantive testing will be performed
if IR and CR are low, DR is set as high and less substantive testing will be performed

103

what is materiality

guides audit planning, testing and assessment of information in financial statement
info is material if it impacts the decision making process of users of the financial statement

104

what are qualitative materiality factors

nature of the item
ie fraud, non compliance with laws, related party transactions
use professional judgement based upon knowledge of client and needs of users

105

what are quantitative materiality factors

magnitude of item - percentage of base figure

106

what are common bases and percents of materiality

5-10% pretax normalized profit
0.5-1% total assets
0.5-5% equity
0.5-2% revenues/expenditures
0.5-5% gross profit
or average of above measures

107

what is performance materiality

amount less than the planning materiality to reduce likelihood that any uncorrected misstatements do not exceed overall materiality -- 60-85%

108

how do materiality and audit risk differ

materiality is about the users, audit risk is about the business
lower materiality if client is higher risk

109

what is specific performance materiality

materiality for particular class of transactions - materiality is dropped if higher risk transactions ie debt covenant

110

what is audit strategy

determination of the amount of time spent testing client's internal controls and conducting detailed testing of transactions and account balances
-sets scope, timing and direction of the audit
-provides basis for developing detailed audit plan
-based on preliminary assessments of IR and CR

111

client performance measures

in gaining understanding of client, auditor should learn how client measures its own performance
-liquidity - ability of company to meet needs for cash in short term and long term
-profitability - concerned about shareholders ie how much are they willing to pay per dollar of earnings

112

what are analytical procedures and when are they conducted

evaluation of financial info by studying plausible links among financial and non financial data
conducted throughout audit in:
planning - highlight unusual fluctuations, identify risk
execution - estimating account balances
reporting - overall review

113

what are common analytical procedures

simple comparisons
trend analysis (horizontal analysis)
common size analysis (vertical analysis)
ratio analysis

114

what is trend analysis

ratios over time, comparison of account balances over time
select base year and restate accounts in subsequent years as % of that base
ie COGS as percentage of sales

115

what is common size analysis

comparison of account balances with a single line item
allows auditor to see how much account contributes to totals in statements
can trace relative contribution of various accounts through time
ie AR as percentage of total assets

116

what is ratio analysis

liquidity ratios, solvency ratios, inventory turnover

117

what are factors to consider when conducting analytical procedures

reliability of client data
ability to make comparisons over time
following sources generally considered reliable (audited info)

118

what are the three categories of assertions

assertions about classes of transactions - items related to daily operations of the firm, things on income statement
assertions about account balances - on balance sheet
assertions about presentation and disclosure - how things are presented on balance sheet and notes disclosure

119

what are the assertions about classes of transactions

occurrence
completeness
accuracy
cut-off
classification

120

what is occurrence assertion

transactions and events that have been recorded have occurred and pertain to the entity

121

what is completeness assertion
(transactions)

all transactions and events that should have been recorded have been recorded

122

what is accuracy assertion

amounts and other data relating to recorded transactions and events have been recorded properly

123

what is cut-off assertion

transactions and events have been recorded in the correct accounting period

124

what is classifications assertion

transactions and events have been recorded in the proper account

125

what are the assertions about account balances at year end

existence
rights and obligations
completeness
valuation and allocation

126

what is existence assertion

assets, liabilities and equity interests exist

127

what are rights and obligations assertion

entity holds or controls the rights to assets and liabilities are the obligation of the entity

128

what is completeness assertion
(account balances)

assets, liabilities, equity interests that should have been recorded are recorded

129

what is valuation and allocation assertion

assets, liabilities, and equity are included in financial report at appropriate amounts and any resulting valuation or allocation adjustments are appropriately recorded

130

what are the assertions about presentation and disclosure

occurrence, rights and obligations
completeness
classification and understandability
accuracy and valuation

131

what is occurrence, rights and obligations assertion

disclosed events/transactions/other have occurred and pertain to entity

132

what is completeness assertion
(presentation and disclosure)

all disclosures that should have been included in financial report have been included

133

what is classification and understandability assertion

financial info is appropriate presented and described and disclosures are clearly expressed- users able to understand it

134

what is accuracy and valuation assertions

financial and other info is disclosed fairly and at appropriate amounts

135

what characteristics should good evidence have

sufficient - quantity of evidence
appropriate - quality of evidence
relevant
reliable

136

what are the seven types of evidence

written/documentary
verbal
computational
physical
electronic
confirmations
representations - legal letter

137

what is an external confirmation

evidence obtained as a direct written response to the auditor from the third party
ie bank confirmation

138

what is a negative and positive confirmation

negative - only reply if the information is wrong
positive - reply either way

139

what are the steps in using an expert

1. assess the need to use an expert
2. scope of work to be carried out
3. assess capability of expert
4. assess objectivity of expert
5. assess expert's report
6. responsibility for the conclusion - rests with auditor

140

when using work of another auditor, what should you consider

same standard
objectivity
gathering sufficient, appropriate evidence

141

what are evidence gathering procedures

inspection of records and documents
inspection of tangible assets
observation of client staff
enquiry
recalculations
reperformance
analytical procedures

142

what should you consider when drawing conclusions

does the auditor have sufficient, appropriate evidence on which to base conclusions
does evidence address significant risks faced by the client
form an audit opinion and report

143

what are working papers

document each stage of audit
provides evidence of work completed, details evidence
demonstrate to third party what you did
defense against negligence claim
current and permanent file (ie 5 year long loan details)

144

audit plan

contains audit procedures for testing controls and conducting substantive tests

145

when is assessment of control risk made

after gaining an understanding of the client during the planning stage

146

what are examples of control testing procedures

inspection of documents for evidence of authorization
inspection of documents for evidence that details been checked by appropriate client personnel
observation of client personnel performing various tasks ie opening mail, conducting inv. Count
enquiry of client personnel about how they perform their tasks
re-performing control procedures to test their effectiveness

147

what are the three types of substantive testing

substantive tests of transactions
substantive tests of balances
analytical procedures

148

what is the nature of audit testing

purpose of the test (assertion) and procedure used (inspection, observation, enquiry, confirmation, recalculation, reperformance, analytical)

149

what is the timing of audit testing

date that audit evidence relates to
stage of audit when procedures are done - interim vs year end

150

what testing is done in interim and what testing is done year-end

interim - control testing, low risk accounts
year- end - high risk accounts, accounts affected by high deviations in control tests, cut-off assertion

151

what is the extent of audit testing

amount of audit evidence gathered:
increase extent of control testing when control risk is low
reduce extent of substantive testing and increase extent of reliance on analytical procedures when lower control risk
do little or no control testing with predominantly substantive strategy b/c high control risk

152

what is audit sampling

auditor doesn't test entire group of transactions in balance
sample of items tested should be representative of population

153

what is sampling risk

risk that sample chosen by auditor is not representative of the population available for testing and causes auditor to arrive at inappropriate conclusion

154

what are the two consequences of sampling risk

1. risk that audit will be ineffective ie conclude that balance is correct when it's not
2. risk that audit will be inefficient ie conclude it's wrong and end up doing more testing when it was actually right

155

what does sampling risk test in controls and substantive tests

controls - deviations
substantive tests - misstatements

156

what is non-sampling risk?

risk auditor makes inappropriate conclusion for reason unrelate to sampling issues

157

what are examples of non-sampling risk

use inappropriate audit procedures
rely too heavily on unreliable evidence
spend too little time testing high risk accounts/critical controls

158

what is statistical sampling

involves random selection and probability theory to evaluate results and sampling risk
allows measurement of sampling risk
can be costly

159

what is non statistical sampling

allows auditor to use judgement to select sample items
used when account is low risk
more common in smaller companies
sometimes judgement is good

160

what are the 5 sampling methods

random selection
systematic selection
haphazard selection
block selection
judgemental selection

161

what is random selection

person can't influence choice of items
each item has equal chance of being selected
sample can be stratified before selecting random sample to increase efficiency

162

what is systematic selection

divide # of items in population by sample size, giving sampling interval n. select starting point and take every nth item
can randomly order first to make more random

163

what is haphazard selection

auditor does not use methodical technique
personal bias could affect choice

164

what is block selection

select items grouped together ie stock of invoices
sequence of items might make this inappropriate
not statistical

165

what is judgemental selection

auditor chooses items based on judgement
non statistical

166

what factors should you consider when selecting sample?

consider:
detection risk
and planning materiality
define error for test, set tolerable error and confidence level required

167

how to define population

control testing - draw sample from entire financial year
substantive testing - population from which sample is drawn must be defined according to assertion being tested

168

what are factors that influence control testing sample size

o larger sample size if auditor intends to rely more heavily on control to reduce substantive testing
o smaller sample size if auditor willing to tolerate higher deviation rate for that control
o larger sample size if auditor expects population to have higher rate of deviation for that control
o larger sample size if auditor requires greater confidence that control is operating effectively (ie wants lower control risk)

169

what are factors that influence substantive sample size

o larger sample size if auditor assesses risk of material misstatement as greater (higher IR, CR)
o smaller sample size if auditor also using other substantive procedures for same assertion
o larger sample size if auditor requires greater confidence from results of tests (requires lower DR)
o smaller sample size if auditor willing to accept greater total error (higher tolerable misstatement)
o greater sample size if auditor expects to find greater misstatement in population
o smaller sample size if auditor using stratification of population
o very little change to sample size if population has more sampling units (once you’re at a point, there’s no change)

170

what do sample tests provide evidence for (for control and substantive tests)

control - control is effective within entire population
substantive test - class or transactions of account balance tested is fairly stated

171

what do you do if errors are found in sample?

control test - calculate deviation rate for population
substantive test - calculate misstatement of transactions/account balance for population

172

how do you project monetary errors in sample to population

remove unique errors
consider if sample stratified
projected error = size of error/size of sample x size of population
is total projected error tolerable?
more testing required?

173

what is internal control

encompasses the entity's resources, systems, process, culture, structure and tasks

174

what internal controls do auditors focus on?

ones that have direct impact on entity's financial recording, compliance and asset safeguarding

175

what are the three characteristics of internal control

process designed, implemented and maintained
by those charged with governance, management and other personnel
to provide reasonable assurance about achievement of entity's objectives

176

what three things should internal control regard

with regard to
reliability of financial reporting
effectiveness and efficiency of operations
compliance with applicable laws and regulations

177

what are the 7 objectives of internal controls

real
recorded
valued
classified
summarized
posted
timely

178

what are limitations of internal control systems

human error that results in control breakdown
ineffective understanding of control's purpose
collusion by two or more individuals to avoid control
software program being overridden/disabled
management decisions about nature or extent of controls being implemented - cost/benefit analysis

179

what are the five parts of entity level internal controls

1. the control environment - culture, structure and discipline of an entity
2. the entity's risk assessment process - how entity identifies and responds to risk
3. information systems and communications
4. control activities - policies and procedures that help make sure management's directives are carried out
5. monitoring of control

180

what should auditor consider when understanding client's control activities

• Extent of reliance on IT
• Existence of necessary policies and procedures
• Extent to which control policies are being applied
• Clarity of management objectives for controls
• Existence of planning and reporting systems for performance and investigation of variance, and management action to follow up
• Extent of segregation of duties
• Software controls over access to data and programs
• Periodic comparison between records and assets
• Safeguards over access to documents, records, assets

181

why is entity internal control difficult in small entities

difficult to implement formal controls
reliance on owner - can detect material errors but also has potential to override controls
difficult to segregate duties
so auditor should increase substantive procedures to compensate for weak controls

182

what are transaction level controls

impact a particular transaction or group of transactions
aimed at preventing or detecting errors

183

what does an auditor do to gain understanding of transaction level controls

1. identifies major events and transactions in process
2. identifies risks to correct processing - WCGW
3. for each WCGW, auditor identifies one or more controls
4. understanding is documented and used to guide evaluation and testing of internal controls

184

what are preventative controls

helps to avoid errors from occurring
BUT avoiding an error does not always result in evidence that control worked or worked efectively

185

what are detective controls

necessary to discover fraud or errors that occurred during transactions period

186

what are four components of detective controls

completely and accurately capture all relevant data
identify all potentially significant errors
performed on consistent and regular basis
include follow up and correction on timely basis of any misstatements/issues detected

187

manual v automoated controls

manual controls don't rely on IT for operation
automated controls generally rely on client's IT
can also have IT dependent manual controls

188

what are auditor's techniques for testing controls

enquiry
observation
inspection of physical evidence
reperformance
professional judgement

189

what is professional judgement used to decide when testing controls

which controls to select or testing
how much testing is required
timing of tests of controls

190

what should you consider when deciding whether there's a need for additional tests of controls

results of enquiries and observation
evidence provided by other tests
changes in overall environment

191

what's important when documenting conclusions

results of control testing documented in working papers
document in sufficient detail to allow another audit to perform same test
just in case you end up in court

192

what are common forms of documenting controls

narratives
flowcharts
combination of narratives and flowcharts
checklists and preformatted questionnaries

193

how do you identify strengths and weaknesses in controls

identify strengths and weaknesses that have financial reporting impact
identify internal control exceptions where control did not operate as intended
draw conclusions about control risk

194

what is the purpose of management letters

management might not have known they have weaknesses in control system so auditor needs to tell them
requires auditor to provide those charged with governance timely observations arising that are significant and relevant to financial reporting process
recommendations based on internal control weaknesses
professional judgement required about matters to include
allows management to document their actions in response and inform those with governance
can use both interim and final management letters

195

what are factors that make audit evidence reliable

obtained through auditor's direct personal knowledge
obtained through independent provider
high degree of objectivity
provider has adequate qualifications
system of internal control producing the information is effective

196

what must the audit documentation of audit procedures include?

1. identify characteristics of the specific items or matters tested
2 who performed the audit work and dates work was completed
3. who reviewed the audit work performed and the date and extent of review

197

what are advantages of statistical sampling

helps auditor design efficient sample
helps auditor measure sufficiency of evidence obtained
helps auditor quantify sampling risk

198

what are disadvantages of statistical sampling

costs of training auditors in proper use of sampling techniques
costs of designing and conducting sampling application
potential lack of consistent application across audit teams due to complexity

199

what duties should be segregated

authorization or approval of transactions affecting assets
custody of assets
recording or reporting of transactions
control over processing of transaction separated from recording or reporting transaction

200

what are four things to create a strong control environemnt

have code of conduct and ensure all employees are aware of it and follow it
hire competent ethical employees
assign responsibility and authority - have job descriptions
ensure human resource policies are in place over hiring, training, evaluating, counselling, promoting and compensating employees

201

what are the four types of tests

inquiry
observation
inspection of physical evidence
re-performance