The Audit Process

Question 1

Who is the Auditor

Answer 1

An independent professional who reviews a company’s financial records to ensure accuracy and compliance with laws. Appointed by shareholders to act as a watchdog on their behalf.

Question 2

What is the ‘watchdog, not a bloodhound’ Principle

Answer 2

It means auditors verify records (watchdog role) but are not required to actively hunt for fraud (bloodhound role), as established in Kingston Cotton Mills (1896).

Question 3

What is an Audit (Standard Viewpoint)

Answer 3

Purpose: To enhance confidence in financial statements for intended users.

Method: Auditor issues an opinion on whether statements comply with a financial reporting framework (e.g., IFRS/GAAP).

Key Focus: Fair presentation or “true and fair view” of financials.

Linked to ISA(UK)200, which governs auditor objectives and conduct.

Question 4

What is an Audit (Google Persepctive)

Answer 4

Auditor’s Role: An independent professional reviewing financial records for accuracy and compliance.

Purpose: Provides assurance to stakeholders that financial information is reliable and trustworthy.

Emphasis: Practical focus on detecting errors/fraud and ensuring legal adherence.

Question 5

3 Key Similarities Between Both Audit Definitions

Answer 5

Need for independent review of financial information.

Goal to enhance confidence/assurance for users (investors, regulators, etc.).

Focus on accuracy and reliability of reported data.

Question 6

What’s ISA(UK)200?

Answer 6

Sets the overall objectives of an independent auditor.

Defines how to conduct an audit in line with International Standards on Auditing (ISA).

Emphasizes opinion on fair presentation per financial reporting frameworks.

Question 7

What are the 4 Main Phases of an Audit

Answer 7

Obtaining the audit (e.g., deciding to accept the engagement, clearance from previous auditors, signing an engagement letter per ISA 210).

Planning the audit (assessing risks, materiality, and internal controls).

Conducting fieldwork (compliance/substantive testing, evidence gathering).

Forming an opinion (evaluating results, issuing the audit report).

Question 8

What are Directors Responsible for in Auditing

Answer 8

Preparing accurate financial records (free from error/fraud).

Maintaining accounting records.

Setting strategic objectives.

Appointing senior management (e.g., CEO, CFO).

Reporting to shareholders and other stakeholders.

Question 9

What are Auditors Responsible for in Auditing

Answer 9

Performing an independent annual audit of financial records.

Reporting whether the directors’ report matches the financial statements.

Assessing internal controls and audit risks.

Issuing an opinion on the “true and fair view” of financials.

Question 10

What are the Two Main Audit Objectives

Answer 10

Primary Objective:
Collect sufficient evidence to form the overall audit opinion and partial opinions.

Ancillary Objectives:
Maximize audit efficiency/minimize costs (may conflict with primary objective).
Minimize client disruption during the audit.

Question 11

What are the Two Main Types of Audit Testing

Answer 11

Compliance Testing: Checks if internal controls operate effectively (focus on processes, not monetary values).

Substantive Testing: Verifies account balances (focus on monetary amounts, validity, and accuracy).

Question 12

What is Compliance Testing, Why does it Matter?

Answer 12

Tests whether key internal controls (e.g., approvals, segregation of duties) are functioning as designed.

Importance:
Reduces audit risk by relying on strong controls.
Determines the extent of substantive testing needed.
Focuses on processes, not monetary values.

Question 13

What is Substantive Testing, Why does it Matter?

Answer 13

Detailed testing of account balances (e.g., tracing invoices to confirm receivables).

Importance:
Verifies financial statement accuracy.
Confirms existence, ownership, valuation, and completeness of items.
Focuses on monetary amounts.

Question 14

What else does Substantive Testing Check

Answer 14

Completeness: All transactions are recorded.

Ownership: Assets belong to the company.

Valuation: Items are correctly valued.

Classification: Transactions are in the right accounts.

Cut-off: Transactions are recorded in the correct period.

Disclosure: Financial statements include all required info.

Question 15

What is an Internal Control System

Answer 15

A system of policies and procedures implemented by management to help ensure:

Orderly and efficient business operations

Safeguarding of assets

Prevention/detection of fraud and error

Accuracy/completeness of accounting records

Timely preparation of reliable financial information
Consists of the control environment and control procedures.

Question 16

What are the 7 Key Components of an Internal Control System

Answer 16

Organization (clear structure/delegation)

Duty segregation (separate authority/execution/custody/recording)

Physical custody (security measures)

Authorization & approval (limits/audit trails)

Arithmetic/accounting (reconciliations/control accounts)

Personnel (competence/trustworthiness)

Supervision/management (budget analysis/internal audit)

Question 17

Explain the Authorisation/ Approval Controls

Answer 17

Ensures transactions are valid/appropriate

Danger signals: Fictitious/inappropriate transactions

Meaning: Weak controls may allow unauthorized transactions

Characteristics: Defined limits, audit trails

Question 18

Explain Arithmetic/ Accounting Controls

Answer 18

Ensures accurate accounting records

Danger signals: Incomplete/false transactions, cut-off errors

Meaning: Potential recording errors or manipulation

Characteristics: Reconciliations, control accounts, trial balance

Question 19

Explain Personnel Controls

Answer 19

Focuses on staff competence/trustworthiness

Danger signal: Peter Principle (promotion to incompetence)

Meaning: Staff may lack skills/integrity for their roles

Characteristics: Proper hiring/training procedures

Question 20

Explain Supervision/ Management Controls

Answer 20

Oversees IC effectiveness

Danger signals: Lack of budget review, weak internal audit

Meaning: Errors/fraud may go undetected

Characteristics: Variance analysis, internal audit function

Question 21

Why isn’t there a ‘typical’ IC System

Answer 21

Systems vary based on:

Company size/complexity

Organizational structure

Nature/number of transactions

Staff capabilities

Geographic distribution
Must be tailored to each organization’s specific needs/risks.

Question 22

How do Auditors Utilise IC Systems

Answer 22

Evaluate system design/implementation

Assess control risk

Test compliance (if controls appear strong)

Determine reliance level on controls

Plan substantive testing based on control risk

Adjust nature/timing/extent of audit procedures

Question 23

What is Compliance Testing (again)

Answer 23

Tests whether controls actually operate as designed

Conducted only if controls appear strong initially

Focuses on processes (not monetary amounts)

Results determine extent of substantive testing needed

Question 24

What is Substantive Testing (again)

Answer 24

Detailed testing of account balances

Verifies validity, completeness, ownership, etc.

Focuses on monetary amounts

Extent depends on control risk assessment

Question 25

The 4 Steps in Evaluating an Internal Control Syste,

Answer 25

Understand design & implementation Assess ability to prevent/detect material misstatements Determine appropriate audit approach * Strong IC → More reliance → Less substantive testing * Weak IC → Less reliance → More substantive testing Evaluation includes documentation review, interviews, and testing.

Question 26

How do Auditors 'Understand' an IC System

Answer 26

They may look in the client’s procedures manual if one exists. They talk to client staff to gain an understanding of how the controls operate in practice. They may make use of an Internal Control Questionnaire (ICQ), which is a set of questions designed to gather information about the client's control environment and specific control activities. They may perform a ‘walk through’ test, which involves tracing a transaction from its initiation through the accounting system to its eventual recording in the financial statements. This helps the auditor understand the flow of transactions and the controls in place at each stag

Question 27

How do Auditors Document an IC System

Answer 27

System Descriptions: Detailed narratives of processes Control objectives for each process Key control activities Visual Representations: Flowcharts showing process flows Decision trees for control points Swimlane diagrams for responsibility assignment Control Matrices: Mapping controls to risks Identifying control owners Documenting frequency of controls Supporting Evidence: Copies of key forms and reports Samples of authorization signatures System screenshots for automated controls

Question 28

How is an IC System Evaluated

Answer 28

Two-stage process: Design evaluation: Assess if controls are theoretically strong If weak: No compliance testing needed If strong: Proceed to stage 2 Compliance testing: Verify if controls operate as designed

Question 29

What is Control Risk Assessment

Answer 29

The auditor's judgment about whether ICs will fail to prevent/detect material misstatements: Based on design evaluation + compliance testing Higher CR → More substantive testing required

Question 30

How is Control Risk Assessed in Practice

Answer 30

Historically: Professional judgment + informal guidelines Currently: Statistical techniques (more scientific/defensible) Outcome determines: Detection risk (DR) level Extent of substantive procedures

Question 31

What are the 8 forms of Audit Evidence, Order from most to least persuasive

Answer 31

1️⃣ Direct confirmation (external+independent) 2️⃣ Physical examination (auditor's direct verification) 3️⃣ Re-performance (auditor's independent execution) 4️⃣ External documentation (third-party prepared) 5️⃣ Observation (time-sensitive verification) 6️⃣ Analytical procedures (requires corroboration) 7️⃣ Internal documentation (client-prepared) 8️⃣ Client enquiries (inherently biased)

Question 32

What are 4 Factors that make Audit Evidence Persuasive

Answer 32

Objectivity: External > internal evidence Provider qualifications: Expert sources preferred Independence: Third-party > client-provided Auditor's direct knowledge: Observation > inquiry

Question 33

Why is Direct Confirmations the most persuasive of evidence?

Answer 33

Objectivity: High (written third-party response) Independence: High (external to client) Key factor: Provider qualifications (must be knowledgeable) Risk: Non-response or client interference

Question 34

How does Documentation persuasiveness vary?

Answer 34

External docs (more persuasive): Invoices from suppliers Bank statements Internal docs (less persuasive): Client-prepared spreadsheets Internal memos

Question 35

Why are Client Enquiries least persuasive

Answer 35

Objectivity: Low (self-reported information) Independence: None (client is provider) Mitigation: Corroborate with other evidence Example: Management representations

Question 36

When are Analytical Procedures Most persuasive

Answer 36

High persuasiveness when: Using reliable external data (e.g., industry benchmarks) Showing predictable relationships (e.g., cost of sales vs. revenue) Low persuasiveness when: Standalone (requires other evidence) Using client-prepared estimates

Question 37

What is Analytical Review in Auditing

Answer 37

"Evaluations of financial information through analysis of plausible relationships among financial/non-financial data" (SAS No.56)

Question 38

Why do Auditors perform Analytical Reviews

Answer 38

1️⃣ Planning: Understand business risks/areas of focus 2️⃣ Substantive Testing: Gather evidence on account balances 3️⃣ Final Review: "Smell test" before opinion issuance (Salad Oil Swindle example) 4️⃣ Risk Assessment: Links to Audit Risk Model components

Question 39

What types of Analytical Reviews Exist

Answer 39

Simple → Complex: Ratio Analysis (e.g., current ratio) Trend Analysis (3-5 year comparisons

Question 40

Why has Analytical Review grown in importance in recent years

Answer 40

It's easy to do and saves in costs whilst maintaining high audit quality Highlights problems in the areas at the planning stage Fits into a version of the Audit Risk Model

Question 41

What is and Audit Risk

Answer 41

The probability that audited financial statements contain material misstatements even after receiving an unqualified ("clean") opinion Occurs when auditors fail to detect significant errors or fraud Represented by the formula: AR = IR × CR × DR Example: Auditor approves financials that overstate revenue by 10%

Question 42

What's a Type I Error (False Positive)

Answer 42

Auditor's decision: Issues clean opinion Reality: Financial statements are materially misstated Consequences: Most serious error - can lead to investor losses and legal liability Called "false positive" because system appears fine when it's not Example: Approving financials with undiscovered fraudulent revenue recognition

Question 43

Type II Error (False Negative)

Answer 43

Auditor's decision: Issues modified/adverse opinion Reality: Financial statements are actually correct Consequences: Unnecessary audit work and client dissatisfaction Called "false negative" because finds problems where none exist Example: Flagging legitimate transactions as suspicious

Question 44

Explain the Components of AR = IR x CR x DR

Answer 44

IR (Inherent Risk): Natural risk of material misstatement due to account nature (e.g., complex estimates) CR (Control Risk): Risk client's controls fail to prevent/detect misstatements DR (Detection Risk): Risk audit procedures fail to catch misstatements Relationship: Multiplicative - high IR/CR requires lower DR Application: Used to plan audit procedures

Question 45

When might Auditors use Alternative risk models

Answer 45

ARR × TD Model: ARR (Analytical Review Risk): Risk analytical procedures miss errors TD (Tests of Detail Risk): Risk detailed testing misses errors Used when relying heavily on analytics IR × CR × DR × SR Model: Adds SR (Sampling Risk): Risk sample isn't representative Used for audits with extensive sampling

Question 46

How can Auditors Control Detection Risk?

Answer 46

Nature: Use more reliable procedures (e.g., confirmation vs inquiry) Timing: Perform tests closer to year-end Extent: Increase sample sizes Trade-off: Lower DR requires more work = higher costs Example: For high risk areas, use 100% testing instead of sampling

Question 47

What are the 4 Factors that increase inherent risk?

Answer 47

Transaction complexity: Derivatives, M&A accounting Subjectivity: Bad debt allowances, asset impairments External factors: Rapid industry changes, new regulations Historical issues: Past restatements or errors Example: Tech company with complex revenue recognition policies

Question 48

What is Materiality in Auditing

Answer 48

A financial reporting concept adopted by auditors The threshold where misstatements could influence users' economic decisions Two key aspects: Quantitative: Size of error (e.g., 5% of profit) Qualitative: Nature of error (e.g., fraud vs. mistake) Example: A 1Merrorina100M revenue company may be immaterial, but the same $1M in executive bonuses would be material

Question 49

What are the 4 Key Characteristics of Materiality

Answer 49

User-focused: Based on needs of financial statement users (investors, creditors) Context-dependent: Considers: Company size Industry Economic conditions Judgment-based: No fixed rules - requires professional scepticism Dynamic: Can change year-to-year (e.g., during crises)

Question 50

When might an item be considered Material

Answer 50

Quantitatively: Exceeds calculated thresholds (e.g., >5% of net income) Qualitatively: * Involves fraud/illegal acts * Affects debt covenant compliance * Changes loss to profit (or vice versa) * Impacts executive compensation * Concerns related-party transactions Example: A $50k fraud is material even if <1% of revenue

Question 51

What is Tolerable Error Rate (TER)

Answer 51

Maximum error in an account balance auditors will accept Typically 50-75% of overall materiality Used to: Determine sample sizes Evaluate audit findings Decide if adjustments are needed Formula: TER = Materiality × Risk Factor

Question 52

What Qualitative Factors make Errors Material

Answer 52

Intent: Fraud > unintentional errors Masking: Hiding poor performance Regulatory: Non-compliance consequences User impact: Affects key ratios/trends Psychological: Rounding thresholds (9.9Mvs10M) Case Example: WorldCom capitalized $3.8B in expenses - quantitatively large but also qualitatively material due to intentional deception

Question 53

How do Auditors apply Materiality in Practice?

Answer 53

Planning: Set preliminary materiality (often 5% of normalized profit) Testing: Use TER for individual accounts Evaluation: Aggregate uncorrected misstatements Reporting: Determine if aggregate errors exceed materiality Professional Judgment Required: Must consider both numbers and context

Question 54

What is Quality of Errors

Answer 54

Errors in small items may indicate: Control weaknesses Potential for larger undetected errors "Iceberg" risk (small visible errors hint at bigger problems) Audit Approach: Investigate patterns of small errors that could be symptomatic

Question 55

What's Statistical Sampling

Answer 55

A mathematically-based sampling method that: Provides measurable conclusions about populations Quantifies sampling risk Uses probability theory Contrasts with judgmental sampling Key feature: Every item has known selection probability Example: Randomly selecting 100 invoices from 10,000 using computer-generated numbers

Question 56

What Audit Problems does Statistical Sampling Solve

Answer 56

Detection limitation: Measures how sampling reduces error detection capability Efficiency dilemma: Mathematically determines optimal sample size Defensibility: Provides objective basis for audit conclusions Example: Justifying why testing 200 items is sufficient for 50,000 transactions

Question 57

What are the Advantages of Statistical Sampling

Answer 57

Objectivity: Removes auditor bias in sample selection Precision: Quantifies sampling risk (e.g., 95% confidence) Efficiency: Calculates minimum required sample size Defensibility: Provides audit evidence that can withstand scrutiny Regulatory benefit: Meets PCAOB/SEC requirements

Question 58

What are the Disadvantages of Statistical Sampling

Answer 58

Cost: Requires specialized training/software Constraints: Needs clearly defined population Rigidity: May exclude professional judgment MUS limitation: Works best with near-zero error expectations Practical reality: Often modified for real-world conditions

Question 59

What makes a Sample Representative

Answer 59

Must reflect population characteristics through: Random selection: Equal chance for all items Stratification: Grouping similar items Adequate size: Mathematically determined Failure example: Only testing Q4 transactions would be non-representative

Question 60

How does Population Homogenity affect Sampling

Answer 60

Homogeneous populations: * Single sampling approach sufficient * Example: All cash disbursements under $10k Heterogeneous populations: * Requires stratification * Example: Separating capital vs. expense transactions Audit impact: Affects sample size calculations

Question 61

What factors determine statistical sample size

Answer 61

Confidence level (e.g., 90% vs 95%) Tolerable Error Rate (TER): Max acceptable error Expected Error Rate: Auditor's pre-test estimate Formula: n = (Confidence factor × Population value) / TER Practice tip: Higher risk = larger sample