Audit 5 Flashcards Preview

AUD > Audit 5 > Flashcards

Flashcards in Audit 5 Deck (18):

Rules of properly applying statistical analysis

Rule1. Always assume that the population being sampled is normally distributed, that is, it can be described “normal,” or “bell-shaped,” curve.

Rule 2. For the estimates that the CPA makes about the population to have mathematical validity, the samples have to be unrestricted and randomly selected(NO BIAS an equal chance of being selected)

Rule 3. If the sample is large enough and is randomly selected, the sample will likely have the same statistical characteristics(mean and standard deviation) as the underlying population, i.e., it will be representative of the population

Rule 4. Standard deviation is a measure of “variability,” which refers to the range of values within the population.


Sampling concepts DO NOT apply to

R-isk assessment procedures performed to obtain an understanding of IC
A-nalysis of security and access controls
T-ests of automated application controls when effective general controls are present
S-ome tests related to the operation of the control environment or the accounting system


Steps when conducting an attribute sampling application

1. O-bjective of the test gets defined
2. P-opulation gets defined
3. S-ampling unit gets defined
4. A-ttributes of interest get defined
5. S-ize of sample gets determined
6. S-ample gets selected
7. E-valuate the sample results
8. F-orm conclusions about the IC tested
9. D-ocument the sampling procedure


Size of sample gets determined step of when conducting an attribute sampling application conduct the following procedures

L-ow: Risk of assessing Control Risk(CR) too low
E-xpected deviation rate
T-olerable deviation
S-ize of population


Three commonly used classical variable sampling plans

Means-per-Unit Estimation

Ratio Estimation

Difference Estimation


Steps for substantive testing

1. O-bjective of the test gets defined
2. P-opulation gets defined
3. U-nit(Samplinge) gets defined
4. S-ize of the sample gets determined
5. S-elect the sample
6. E-valuate the sample results
7. C-onclusions about the balances (or Transactions) tested are formed
8. D-ocument the sampling procedure


Sample size will increase as the following increase (direct relationship)

E-xpected misstatement
S-tandard deviation(population variability)
A-ssessed level of risk


Sample size will decrease as the following increase (Inverse relationship)

Tolerable misstatement

Acceptable level of risk


Levels of deficiency

C-ontrol deficiency
S-ignificant deficiency
M-aterial weakness


Managers’ response includes


Plan to fix

Cost/Benefit-do not fix


Integrated audits-Auditor Requirements (Issuers and non-issuers)

The audit or examination of IC should be integrated with an audit of the F/S

Auditor should use the same control criteria to perform the audit or examination of IC as management uses for its evaluation of the effectiveness of the entity’s IC

Tests of Controls should be designed to provide sufficient appropriate evidence


Integrated Audits-Management Requirements (Issuers only) SOX

States management’s responsibility for establishing and maintaining an adequate IC structure and procedures for financial reporting

Contains an assessment, as of the end of the most recent fiscal year of the issuer, of the effectiveness of the IC structure and procedures of issuer for financial reporting


Integrated Audits- Management Requirements (NON-issuers only)

E-valuates the effectiveness of the entity’s IC suitable and available criteria
S-upports its assertion about the effectiveness of IC with sufficient appropriate evidence
A-ccept responsibility for the effectiveness of IC
W-ritten Provides a written assertion about the effectiveness of the entity’s IC in a report that accompanies the auditor’s report


Written Representations (issuers and non-issuers)

C-hanges States whether there were any significant changes to IC after the “as of” date of the report.
A-cknowledges its responsibility

F-raud Describes fraud resulting in material misstatement or fraud involving senior management or key employees
A-ssertion stated: States the assertion and specifies the criteria
N-OT rely: Affirms that management did not rely on the auditor’s procedures as the basis for the assertion
D-isclosed Confirms that all significant deficiencies and material weaknesses have been disclosed to the auditor


Controls that might address the Fraud Risk Assessment include controls over

S-ignificant transactions
P-eriod-end journal entries and adjustments
R-elated party transactions
U-nusual transactions
E-stimates: Significant management estimates


Communications with Management and the audit committee (Issuers only)

Must communicate(in writing) to management and the audit committee, all material weaknesses prior to the issuance of the auditor’s report on IC

Communicate any identified significant deficiencies(in writing) to the audit committee

Communicate to management(in writing) all deficiencies in IC and inform the audit committee

An audit does not provide assurance that all control deficiencies or all significant deficiencies have been identified


Specific functions of the audit committee

F-ee: set the audit fee
R-eccomendations: Ensure that any recommendations made by the auditor are given proper attention
I-ndependence assured
C-ommunication is maintained between auditor and the board of directors
S-olve disagreements regarding accounting treatment

E-valuates the IC of the company with the help of the independent auditor
R-eports are made for the board of directors and the stockholders when necessary
S-elect and appoint the independent auditor


Three primary purposes for obtaining written representations from management

C-onfirm representations explicitly or implicitly given to the auditor
A-ppropriateness: Indicate/document the continuing appropriateness of such representations
R-educe possibilities of misunderstanding concerning matters that are the subject of the representations