2 Presentation Outline Application of Audit Testing Selecting Tests to PerformDesign of the Audit ProgramA Summary of the Audit Process
3 I. Application of Audit Testing Tests of ControlsTesting for Monetary MisstatementReduction of RiskAudit Assurance at Different Levels of Internal Control EffectivenessSimultaneous Testing of Controls and Substantive Testing of TransactionsTiming of Audit Testing
4 Examination of employee time cards for approval of overtime. A. Tests of ControlsAudit procedures to test the operating effectiveness of control policies and procedures in support of a reduced assessed control risk. Some examples include:Matching of vendor invoices against a purchase order and receiving report before approving invoice for payment.Examination of employee time cards for approval of overtime.
5 B. Testing for Monetary Misstatement Substantive Tests ofTransactionsTesting for monetarymisstatements to determineif the following 6 transaction-related audit objectiveshave been met:ExistenceCompletenessAccuracyClassificationTimingPosting and SummarizationTests of Details ofBalancesTesting for monetarymisstatements to determine if thefollowing 9 balance-related auditobjectives have been met:ExistenceCompletenessAccuracyClassificationCutoffDetail tie-inRealizable valueRights and obligationsPresentation and disclosure
6 C. Reduction of Risk Control Risk Procedures to gain an understanding of internal controlTests of controlsOnce the auditor obtains an initial understanding of controls, tests of controls must be performed to obtain evidence regarding the effectiveness of controls. Stronger controls will allow the auditor to assess control risk below the maximum.Detection RiskSubstantive tests of transactionsAnalytical proceduresTests of details of balancesThe more evidence an auditor collects from the above procedures, the lower the detection risk. Detection risk must be lower when control risk is higher.
7 D. Audit Assurance at Different Levels of Internal Control Effectiveness AcceptableassuranceAudit assurancefrom control riskassessment andtests of controlC2AuditassurancefromsubstantivetestsAUDIT ASSURANCEC1NoassuranceACBINTERNAL CONTROL EFFECTIVENESSWeak controlStrong controlReliance on controls: C3 – None, C2 – Some, C1 – Maximum
8 E. Simultaneous Testing of Controls and Substantive Testing of Transactions The determination of control risk affects the type of procedures and sample size for the substantive testing of transactions.For purposes of convenience, the testing of controls and substantive testing of transactions will often occur simultaneously.In such situations the auditor will make an assumption about the results of tests of controls. If the testing of controls indicates that internal control is worst than expected, substantive testing of transactions will have to be modified accordingly.
9 F. Timing of Audit Testing Auditors frequently consider it desirable to perform audit tests prior to year end. Certain procedures may be performed at an interim time (prior to client’s year end) :Update depreciation schedulesExamine new loan agreementsVouch transactionsAnalyze changes in client’s accounting systemReview board of director minutesIf strong internal controls exist the auditor may also:Observe physical inventoriesConfirm account balances
10 II. Selecting Tests to Perform The Cost of TestingAppropriate Evidence for Audit TestingRisk and Testing in the Audit Process
11 A. The Cost of TestingGoing from the most to least costly, the types of tests are:Tests of details of balancesSubstantive tests of transactionsTests of controlsProcedures to obtain an understanding of internal controlsAnalytical procedures
12 B. Appropriate Evidence for Audit Testing ExaminationPhysicalConfirmationDocumentationObservationType of EvidenceInquiries ofthe clientReperformanceperformanceAnalyticType of TestProcedures for internal controlTests of controlsSubstantive tests of transactionsAnalytical proceduresTests of details of balances
13 C. Risk and Testing in the Audit Process Substantive Testing of TransactionsIn some situations it may be more efficient to assess control risk at a higher level and reduce or eliminate tests of controls. This depends on cost of testing controls versus the additional substantive testing that would result from a higher control risk.Tests of Details of BalancesIf tolerable misstatement is low, and inherent risk and control risk are high, planned tests of details of balances must be high.
14 III. Design of the Audit Program Most audits design an audit program in the following three parts:Tests of Controls and Substantive Tests of TransactionsAnalytical ProceduresTests of Details of Balances
15 A. Tests of Controls and Substantive Tests of Transactions A four-step approach when the auditor plans to reduce assessed control risk below the maximum:Transaction related audit objectives are applied to the class of transactions being tested, such as sales.Key controls that should reduce control risk for each transaction-related audit objective are identified.For all internal controls used to reduce the initial assessment of control risk below the maximum (key controls), appropriate tests of controls are developed.Design appropriate substantive tests of transactions, considering weaknesses in internal control and expected results of tests of controls (allows for simultaneous tests of controls and substantive testing).Note: If control risk is assessed at 1.0, only substantive tests oftransactions will be used in this part of the audit program.
16 B. Analytical Procedures Analytical procedures may be performed during 3 different stages of the audit:In the planning stage to help the auditor understand the client’s business and determine other evidence needed to satisfy acceptable audit risk.During the audit, especially during substantive testing.Near the end of the audit as a final test of reasonableness.
17 C. Tests of Details of Balances If the results of tests of controls, substantive tests of transactions, and analytical procedures are not consistent with the predictions, tests of details of balances will need to be changed as the audit progresses.Figure 13-6 on page 388 illustrates the testing methodologyusing Accounts Receivable
19 Summary of the Audit Process - Phase I (Planning) Accept client and perform initial planning.Understand the client’s business and industry.Assess client’s business risk.Perform preliminary analytical procedures.Set materiality and assess acceptable audit riskand inherent risk.Understand internal control and assess control risk.Develop overall audit plan and audit program.
20 Summary of the Audit Process - Phase II (Begin Field Work) FromPhase IPlan to reduce assessedlevel of control risk?NoYesPerform tests of controls.Perform substantive tests of transactions.Assess likelihood of misstatements infinancial statements.
21 Summary of the Audit Process Phase III (End of Fieldwork) FromPhase IILikelihood of Misstatementin Financial StatementsLow Medium High orunknownPerform analytical procedures.Perform tests of key items.Perform additional tests of details of balances.
22 Summary of the Audit Process Phase IV (Wrap-Up) FromPhase IIIReview for contingent liabilities.Review for subsequent events.Accumulate final evidence.Evaluate results.Issue audit report.Communicate with auditcommittee and management.