Planning an Internal Audit JM García Merced

Brainstorm

Set Audit Objectives Purpose: To ensure that sufficient appropriate audit evidence will be obtained There are three elements to be identified: A. Criteria – What will the operation to be audited be judged against (eg. policy manuals, laws, professional standards, public opinion etc)? B. Cause - What are the reasons for the differences between the criteria and what the auditor will find? C. Effect - What is the result or impact of this difference between the criteria and findings? The audit objectives will usually be posed as a question, eg. Have bulk purchases of stationary been made in excess (cause) of actual and current industry norms (criteria) thereby increasing storage and other costs (effect).

Set Scope Purpose: - To manage expectations on what will be achieved by the audit by setting the boundaries of what will and will not be included. Review and update if necessary, but ensure that this is communicated to all concerned with the management and results of the audit.

Staff Plan Assigning staff with the appropriate skills and knowledge for the job Assigning an adequate number of experienced staff and supervisors to the audit Providing on the job training

Analytical Reviews To understand the ralationships between various data. The focus is on determining the reasonableness of the data. Ratio analysis, vertical and horizontal analysis The outcome of the review is to provide a red flag to the auditor so that he or she can adjust the audit scope and procedures accordingly

Planning Materiality Materiality is defined as the magnitude of a mistatement that would influence the judgement of a reasonable user. Audit procedures must be designed to provide reasonableassurance of detecting material mistatements. The lower the materiality, the greater the precision Materiality is to be evaluated in relation to a specific operation under consideration as well as all other operations affected by it.

Risk Assessment High risk areas should receive high priority and low risk areas should be given low priority. Factors to be used in risk analysis include Financial exposure and potential loss Results of prior audits Major operating changes

Audit Risk Risk that the auditor may unknowingly fail to modify appropriately the opinion on F/S that are materially misstated. Risk of Material Misstatement Inherent risk – is the susceptibility of an assertion to a material misstatements assuming there are no related controls. Control risk – is the risk that a material misstatement that could occur in an assertion will not be prevented or detected Detection risk – is the risk that the auditor will not detect a material misstatement that exists

Audit Risk & Relationship Risk of material misstatement vs. detection risk The auditor may: Change the effectiveness of the audit procedures Change the timing of audit procedures Change the extent of audit procedures Pass key: A change in the assessment of control risk requires a change in audit procedures

Audit Risk & Materiality – Consideration During an Audit Used to: – Design procedures – Identify risk – Design further audit procedures – Evaluate financial statements taken as a whole Auditor’s response: – Personnel assigned to the engagement – Potential need of a specialist – Appropriate level of supervision of assistants

Background Information Search

Review of Internal Controls

Preliminary Survey

Audit Work Program Road map for the auditor Provides the necessary guidance to proceed with the detailed audit work Should focus on major activities and key controls To achieve the engagement objectives