Presentation on theme: "Pwc The PwC Audit A Continuous Improvement Approach to Audit Methodology A Continuous Improvement Approach to Audit Methodology."— Presentation transcript:
pwc The PwC Audit A Continuous Improvement Approach to Audit Methodology A Continuous Improvement Approach to Audit Methodology
PricewaterhouseCoopers1 Agenda Governance of PwC Audit Overview of recent evolution of PwC Audit Overview key elements of PwC Audit –Acceptance and Continuance –Audit Comfort Cycle –Substantive Procedures –Other Audit Procedures –Audit Committee Communications Plan
PricewaterhouseCoopers2 PwC Audit Governance Global Audit Policy Board Establish global overarching policy principles & goals and ratify policy statements. Global R&Q Ensure methodology is consistently implemented by providing feedback on practice issues. Global Audit Methodology Steering Group Drive execution of policy in practice through processes, tools, guidance, training content, etc. Implementation Partner Network
PricewaterhouseCoopers3 Towards Performance Audit: a continuous improvement program PwC Audit PwC Audit Audit Comfort Cycle Management controls focus Show me and Taking stock Team re- deployment 2001: Historical Financial Statements Opinion Changes in Deliverables Business analysis framework Enhanced audit guides/ practices Scaling up - different client situations MyClient integration 2002: Converged approach, enhanced testing guidance Enhanced client communications, transparency focus Application to small companies/ MNCs Better use of specialists and knowledge sources 2003: Time
PricewaterhouseCoopers4 Changing the Focus of the Audit Model Audit Risks Identified Risk Key Risk Key Risk Key Risk Key Risk Key Risk Business Risks
PricewaterhouseCoopers5 PwC Audit in 2004 Acceptance and Continuance (FRISK) Audit Comfort Cycle –Scoping –Understanding –Evaluating –Validating Substantive Testing Other Audit Procedures Audit Committee Communications Plan
PricewaterhouseCoopers6 PwC Audit Approach Other audit procedures Financial statements Completion No / Limited controls comfort Significant controls comfort Other audit evidenceMainly tests of detailssubstantive analytical procedures Audit Comfort Cycle Acceptance/Continuance Assessment
PricewaterhouseCoopers7 PwC Audit Approach – With Attestation Other audit procedures Financial statements Completion No / Limited controls comfort Significant controls comfort Other audit evidenceMainly tests of detailssubstantive analytical procedures Audit Comfort Cycle Broader and deeper assessment of COSO controls over financial reporting, including managements evaluation of those controls. e.g., estimates, fraud, tax accrual, more locations. Additional procedures deemed necessary to provide independent assurance on financial statements, taking into consideration the internal controls assessment. Report on managements assertions on internal controls over financial reporting Report on Financial Statements Acceptance/Continuance Assessment
PricewaterhouseCoopers8 Acceptance & Continuance Process Governance and oversight of management Past performance Managements expertise and skill Adequacy of management resources Audit relationship Audit adjustments Revenue recognition Accounting control Integrity and ethics Management inclination for intentional misstatement in financial reporting Reliability of estimates Incentive for intentional misstatements in financial reporting Risk of insolvency
PricewaterhouseCoopers9 Acceptance & Continuance Process Risk Conditions (13) (defined within Acceptance & Continuance module) Key Risks (user defined or selected from Master Data) Engagement Leader and Team Manager apply professional judgment in describing specific Key Risks that relate to the broader Risk Conditions Risk and Approach Schedule The Risk and Approach Schedule is populated by the Key Risks selected and completed by the Engagement Leader and Team Manager 123 MyClient Client File Audit Comfort Matrix
PricewaterhouseCoopers10 Audit Comfort Cycle 4 Key Questions What does management need to get comfort on? How does management get comfort? Are they entitled to that comfort? Can we audit that comfort? Market Overview StrategyValue Creating Activities Financial Performance OTHER AUDIT PROCEDURES FINANCIAL STATEMENTS COMPLETION ACCEPTANCE/CONTINUANCE ASSESSMENT SUBSTANTIVE AUDIT EVIDENCE MAINLY SUBSTANTIVE ANALYTICAL PROCEDURES SIGNIFICANT CONTROLS COMFORT NO/LIMITED CONTROLS COMFORT MAINLY TESTS OF DETAILS
PricewaterhouseCoopers11 Audit Comfort Cycle Market Overview StrategyValue Creating Activities Financial Performance OTHER AUDIT PROCEDURES FINANCIAL STATEMENTS COMPLETION ACCEPTANCE/CONTINUANCE ASSESSMENT SUBSTANTIVE AUDIT EVIDENCE MAINLY SUBSTANTIVE ANALYTICAL PROCEDURES SIGNIFICANT CONTROLS COMFORT NO/LIMITED CONTROLS COMFORT MAINLY TESTS OF DETAILS What does management need to get comfort on?
PricewaterhouseCoopers12 Scoping: Forming a Point of View Perform company and industry analytical procedures Research and analyze external communications Partners connect with staff members Document the teams understanding of the business Knowledge broker to capture and share industry information Form a point of view on the risks that management should be concerned about
PricewaterhouseCoopers13 Scoping: Business Analysis Framework
PricewaterhouseCoopers14 Scoping: Risk Assessment – Key Risks Key Risk We identify audit risk through understanding the entitys business objectives and related risks. Business Risks Audit Risks Key Risk Key risks are those conditions or factors within an audit that, in the judgment of the auditor, give rise to a greater risk of material financial misstatement or other matters resulting in the issuance of an inappropriate audit report.
PricewaterhouseCoopers15 Scoping: Analytical Procedures High Level –Understand the business –Identify areas of risk Disaggregated Account Level –Determine the nature, timing & extent of testing External benchmarking to peers, market trends –Looking for anomalies, areas of risk –Use of extensive knowledge management tools available
PricewaterhouseCoopers16 Scoping Translated into Audit Strategy Where controls over significant account balances or classes of transaction are not aligned, we will need to perform substantive tests of details. Stakeholders RisksControls Alignment Business Objectives
PricewaterhouseCoopers17 Scoping: Audit Team of Specialists Our best teams use our specialist capabilities to help in forming a point of view. Stakeholders Business Objectives Financial Risk Business Process Enterprise-wide Risk Systems & Technology Energy Trading Risk Business Resilience Project Management Internal Audit Security Data Risk Regulatory/ Compliance Performance Improvement Treasury RisksControls Alignment Computer-Assisted Audit Techniques Fraud
PricewaterhouseCoopers18 Scoping: Use of Specialists Policies for the use of Systems and Process Assurance specialists and Fraud Risk & Controls specialists are based around risk attributes Policies are for consultation with specialists – level of involvement remains a decision of engagement leader RequiredAt a minimum, Required to consider use of specialists at mobilization stage
PricewaterhouseCoopers19 Audit Comfort Cycle 4 Key Questions What does management need to get comfort on? Market Overview StrategyValue Creating Activities Financial Performance OTHER AUDIT PROCEDURES FINANCIAL STATEMENTS COMPLETION ACCEPTANCE/CONTINUANCE ASSESSMENT SUBSTANTIVE AUDIT EVIDENCE MAINLY SUBSTANTIVE ANALYTICAL PROCEDURES SIGNIFICANT CONTROLS COMFORT NO/LIMITED CONTROLS COMFORT MAINLY TESTS OF DETAILS How does management get comfort? Are they entitled to that comfort? Can we audit that comfort?
PricewaterhouseCoopers20 Applying Audit Comfort Cycle from the Top-Down Organize audit team to align with how management runs the business. Extend discussions about business objectives & risk to management controls. Understand & evaluate how management controls risk. Validate controls against engagement teams point of view. Audit controls from the top down Board Sr Mgmt Department Heads Operations Transaction Processing
PricewaterhouseCoopers21 Taking Stock: Real-Time Linkage in the Iterative Process Share team members cumulative knowledge Update risk identification and assessment Consider the audit comfort gained to date, by audit assertion Answer: Do we have enough comfort? Answer: What do we do next?
PricewaterhouseCoopers22 Business Risks related to achieving Objectives …… Business Process A Completeness Accuracy Validity Restricted Access Business Process B Completeness Accuracy Validity Restricted Access Business Process C Completeness Accuracy Validity Restricted Access Account Balances and Transactions General Computer Controls Account Balances and Transactions Connecting the Dots … Business Objectives Financial Statement Assertions/ Audit Objectives Classes of Transactions Occurrence Completeness Accuracy Cutoff Classification Account Balances Rights & Obligations Existence Completeness Accuracy/Valuation Presentation & Disclosure Occurrence/R&O Completeness Understandability Accuracy/Valuation
PricewaterhouseCoopers26 Achieving the Right Balance No/Limited Controls Comfort Significant Controls Comfort
PricewaterhouseCoopers27 Assurance Hierarchy Will we obtain audit assurance from tests of controls? Test controls. No further testing required. Can we obtain audit assurance from substantive analytical procedures? Perform substantive analytical procedures. Perform tests of details. Do we need additional audit assurance? No Yes No Yes
PricewaterhouseCoopers29 Other Audit Procedures: More Connecting the Dots management informationLink management information to financial statements adjustmentsReview adjustments necessary to reconcile management information to the financial statements indicative of fraudReview non-standard journal entries and other adjustments to ascertain whether entries may be indicative of fraud based upon the risk of management override on controls analytical procedures related to revenuePerform ongoing analytical procedures, including updating analytical procedures related to revenue
PricewaterhouseCoopers30 Audit Committee Communications Framework: Objectives Promote effective and candid communications Enhance timely reporting, dialogue and sharing views –Service approach –Risk and Control –Financial Reporting –Governance Provide consistency in our deliverables through recommended templates and practice aids
PricewaterhouseCoopers31 Service approach Risk and control Financial reporting Governance Ongoing assessment of needs & expectations [Indicate timing] Understanding the auditStaying informedResolution and completion Corporate governance: roles and practices Internal control and business issues report Assessing our performance and yours –Reporting timetable –Business unit scope –Engagement team –Other deliverables Risk analysis Perspectives on fraud risk Other regulatory requirements – plan Our audit plan Communications plan Risk condition alert Transparency of corporate reporting Reporting requirements –Internal control deficiencies –Accounting policies –Management judgments –Quality of earnings –Independence –Transparency Audit opinion Best practices in corporate reporting PwC principles and practices Engagement letter and independence confirmation Update on accounting/audit issues and risk analysis Quarterly review Getting started Audit Committee Communications Plan
PricewaterhouseCoopers32 The PwC Audit Global approach adaptable to all clients Designed for continuous improvement Performance metrics will play a larger role in future audits Audit quality is at the core of our long term business objectives.