Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Rittenberg/Schwieger/Johnstone Auditing: A Business Risk Approach Sixth Edition Chapter 7 Performing an Integrated Audit Copyright © 2008 Thomson South-Western,

Published byCandace Blair Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Rittenberg/Schwieger/Johnstone Auditing: A Business Risk Approach Sixth Edition Chapter 7 Performing an Integrated Audit Copyright © 2008 Thomson South-Western,"— Presentation transcript:

1 1 Rittenberg/Schwieger/Johnstone Auditing: A Business Risk Approach Sixth Edition Chapter 7 Performing an Integrated Audit Copyright © 2008 Thomson South-Western, a part of the Thomson Corporation. Thomson, the Star logo, and South-Western are trademarks used herein under license.

2 2 The Integrated Audit  The Sarbanes-Oxley Act of 2002 requires publicly held companies to report on the effectiveness of their internal controls over financial reporting  The Public Company Accounting Oversight Board requires external auditors to perform an integrated audit of the effectiveness of internal controls and financial reporting  In essence, the auditor must attest to both the financial statements and management's assertions regarding the effectiveness of internal controls over financial reporting

3 3 An Overview of Account Processes and Audit Testing

4 4 Important Elements of the Integrated Audit  The objective of both internal control and the external audit is developing confidence in the fairness of financial reports including all material account balances and needed disclosures.  The control environment is pervasive and affects the process of recording transactions, making estimates, and making adjusting entries.  If the control environment is strong and the controls over transaction processing, adjusting, and estimating are good, then both management and the auditor would have a high degree of confidence that the financial accounts are fairly stated and financial disclosures are adequate.  There is potential for errors in input, processing, estimating, or adjusting even if internal controls are considered effective.

5 5 Important Elements of the Integrated Audit (continued)  Because errors could still occur, there is a need to do some, albeit limited and selective, testing of account balances and reviews of disclosures.  There are three sources of evidence that the auditor can use to gather and evaluate the fairness of the financial statements. They are evidence derived from: 1.Tests that indicate that internal controls over transaction processing, adjusting, and estimating financial statement line items are effective 2.Tracing the recording of transactions through processes to determine that they are appropriately recorded in the account balances 3.Directly testing the account balance(s)

6 6 How do auditors form opinions of the quality of internal controls?  The auditor gathers information on the quality of internal controls by:  Assessing the quality of management’s process in developing his or her opinion on internal control over financial reporting  Evaluating the design of controls and the operation of controls that the auditor believes are designed effectively  Making inferences about the quality of internal control based on findings in the financial statement audit

7 7 What is contained in the unqualified report?  The internal control report  The auditor provides an opinion on the effectiveness of internal control in the context of agreed-upon criteria, i.e., the COSO internal control integrated framework.  The auditor’s opinion considers both the design and the operating effectiveness of internal control.  The auditor recognizes and conveys to users that there are limitations of internal control that can affect its effectiveness in the future.

8 8 The Five Phases of Planning the Integrated Audit Phase 1: Identifies and assesses business risk and determines the implications for audit risk. Business risk is used to consider both the motivation for misstatement as well as the areas in which misstatements may exist. Phase 2: Assesses fraud risk and brainstorms how fraud might occur within the organization (see Chapter 9). Phase 3: Considers the process used by management to assess internal control and addressing internal control deficiencies in a timely manner, including the following: (following slide)

9 9  Documenting significant processes and controls within those processes  Documenting the other COSO control elements, especially the control environment, risk analysis, and monitoring process  Testing the effectiveness of important controls as a basis for establishing the quality of controls (first year and potentially thereafter when new processes or controls are introduced)  Monitoring the effectiveness of previously identified controls  Testing of important control activities to determine that there is no deterioration of controls  Correcting control deficiencies The Five Phases of Planning the Integrated Audit (Phase 3, ontinued)

10 10  Assessesing the effectiveness of internal control over financial reporting  Developing their report on internal control Phase 4: Determines which controls must be tested within each of the COSO elements, considering:  The control environment, which having a pervasive effect on internal control  The importance of various processes, including transaction processing, adjusting entries, and estimates, that affect material financial statement accounts  The controls that must be evaluated and tested in order to reach a conclusion on the effectiveness of internal control  The need to corroborate control testing with direct tests of account balances The Five Phases of Planning the Integrated Audit (continued)

11 11 Phase 5: Determines the most efficient approach to achieve the dual objectives of reporting on internal control and on the financial statements and executing the audit plan. The Five Phases of Planning the Integrated Audit (Continued)

12 12 Top-Down, Risk Based Approach  A top-down, risk-based approach requires auditors to consider the materiality of account balances and processes along with the risks that the account balance maybe misstated. The approach requires auditors to identify:  Account balances or related disclosures that might be materially misstated  Potential causes of the misstatement  Important processes that may affect one or more account balances

13 13  Risk Analysis: The Starting Point  Understand the risk the business faces in meeting objectives  Understand the risks that may motivate management or others to misstate financial statements  Account Balances and Risk Analysis  The Control Environment: Always Important to an Integrated Audit  Materiality of Account Balances Top-Down, Risk Based Approach

14 14 Summary of Top-Down Risk- Based Audit Approach

15 15 Searching for Audit Efficiency 1. How much assurance can be obtained regarding financial reporting risk when a strong control environment is present and working? 2. If control activities within major processes are working properly throughout the year, what is the residual risk that remains that an account balance can still be misstated? 3. What is the risk that the analysis of internal controls is incorrect? 4. Which account balances might contain more than an acceptable amount of risk that a material misstatement could occur? 5. How would a misstatement in a material account balance most likely occur? 6. What are the most effective direct tests of account balances to determine whether there is a misstatement in the account balance?

16 16 Residual Risk  Residual risk is the probability that an account balance might be misstated after processing and the application of internal controls.  From an auditor’s view, the residual risk is based on:  The strength of the control environment  The design of the controls within major processes  The operation of the controls, management’s process to monitor the effectiveness of its controls  The auditor’s confidence that the assessment of residual risk is accurate

17 17 Likely Nature of Misstatements and Efficiency of Audit Tests  Be recorded in the wrong period  Contain unusual rights of return provisions  Contain terms that are more consistent with consignment rather than sale  Be concentrated in a very few customers, many of which are international customers and may have different credit risks than most other customers

18 18 How do auditors minimize risk related to the internal control audit?  Only material processes and material account balances need to be tested by the auditor.  Material processes must be evaluated for design and operation to support the auditor’s opinion on internal controls.  Some material account balances will need to be tested— even with excellent internal controls—because the risk of misstatement is too high to control audit risk at an acceptable level.  If there are no deficiencies in either the design or operation of internal controls over significant processing, the transactions associated with those processes will either require minimal or no direct audit testing.  The time requirement to meet SEC filing requirements encourages auditors, to the extent possible, to place more reliance on the control processes that are effective.

19 19 Auditing Accounts  The riskiness of the account dictates the number of direct tests of accounts that need to be performed.  The subjectivity of estimates, where material, requires that the affected account must be addressed with direct tests of the accounts.  Non-standard and large adjusting entries should be directly tested.  The size of the account (materiality) influences, but does not totally dictate, whether direct testing should be performed.

20 20  The extent of testing performed by management, as well as the control testing performed by the auditor, will influence the amount of direct testing of account balances to be performed.  The confidence the auditor has from all sources (knowledge of the business and industry, results of control testing, knowledge of system changes, previous misstatements) influences the amount of direct testing.  The existence of other corroborating tests of the account balance, such as from knowledge gained from testing related accounts, also affects the amount of direct testing to be performed. Auditing Accounts (continued)

21 21 FACTORS AFFECTING EXTENT OF DIRECT TESTING TO BE PERFORMED Audit Evidence Factors Auditor Assessment Effect on Direct Testing Performed Audit RiskLowMore direct testing Business RiskHighMore direct testing Subjectivity of accounting process HighMore direct testing Materiality of account balance Highly material account More direct testing Effectiveness of internal control Internal controls are effective Less direct testing

22 22 Evaluating Internal Control over Financial Reporting  Control Environment  Risk Management  Information and Communication  Monitoring

23 23 Testing Control Activities  Understand Important Supporting Systems  Transaction-based Systems  Perform Test of Controls

Download ppt "1 Rittenberg/Schwieger/Johnstone Auditing: A Business Risk Approach Sixth Edition Chapter 7 Performing an Integrated Audit Copyright © 2008 Thomson South-Western,"

Similar presentations

Chapter 4 Risk Assessment McGraw-Hill/Irwin

Chapter 4 Risk Assessment McGraw-Hill/Irwin
©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley 9 - 1 Materiality and Risk Chapter 9.

©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Materiality and Risk Chapter 9.
Auditing Concepts.

Auditing Concepts.
Chapter 1 An Introduction to Assurance and Financial Statement Auditing McGraw-Hill/Irwin Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights.

Chapter 1 An Introduction to Assurance and Financial Statement Auditing McGraw-Hill/Irwin Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights.
Learning Objectives LO1 Describe the current audit environment, including developments in regulatory oversight and provincial regulation of public accountants.

Learning Objectives LO1 Describe the current audit environment, including developments in regulatory oversight and provincial regulation of public accountants.
An Introduction to Assurance and Financial Statement Auditing

An Introduction to Assurance and Financial Statement Auditing
An Introduction to Assurance and Financial Statement Auditing

An Introduction to Assurance and Financial Statement Auditing
Current Developments at the PCAOB Ensuring Integrity: 3 rd Annual Auditing Conference at Baruch College December 4, 2008.

Current Developments at the PCAOB Ensuring Integrity: 3 rd Annual Auditing Conference at Baruch College December 4, 2008.
Review of Introduction to Auditing

Review of Introduction to Auditing
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.

6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
Introduction to Financial Statements and Other Financial Reporting Topics COPYRIGHT ©2007 Thomson South-Western, a part of the Thomson Corporation. Thomson,

Introduction to Financial Statements and Other Financial Reporting Topics COPYRIGHT ©2007 Thomson South-Western, a part of the Thomson Corporation. Thomson,
Auditing A Risk-Based Approach To Conducting A Quality Audit

Auditing A Risk-Based Approach To Conducting A Quality Audit
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.

18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
Internal Control in a Financial Statement Audit

Internal Control in a Financial Statement Audit
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
Nature of an Integrated Audit

Nature of an Integrated Audit
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.

Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
INTERNAL CONTROL OVER FINANCIAL REPORTING

INTERNAL CONTROL OVER FINANCIAL REPORTING

Similar presentations

Ads by Google