Académique Documents
Professionnel Documents
Culture Documents
Logistic
Refer to course information distribution during lecture 1 Adhere to the course information closely Some lecture notes and/or other reading materials will be uploaded to e-learning site Tutorial arrangements Assignment arrangements
Lecture Program
1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. Introduction to Auditing Overview of financial statement audits Materiality and audit risks Audit evidence procedures Audit planning and tests Internal control review Auditing the revenue cycle Auditing the purchasing cycle Auditing the inventory cycle Auditing cash Auditing property plant and equipment Auditing long term liabilities, shareholders equity & income statement items 13. Auditing payroll cycle
CAEA 2218 LECTURE 1 Slide 3
Definition of an audit
A systematic process of objectively gathering and evaluating evidence in order to ascertain whether assertions about economic actions and events made by individuals or organizations correspond with establish criteria and communicating the results of the examination to users of the reports in which assertions are made (American Accounting
Association, the association of US accounting academics)
or an entity has acted in accordance with procedures/regulations set by an autority (eg. tax authority; parent company )
evaluation of an entitys operations for the purpose of improving the efficiency and/or effectiveness of the entity. This has become known in the public sector as value for money or VFM audits NKRA national key results area
Internal Control over Financial Reporting Other Attestation Services (e.g., WebTrust, SysTrust)
Tax Services
Types of Auditors
Independent certified public accounting firms Governmental general accounting office auditors Internal Revenue agents Internal auditors
Audit objectives :
Lending credibility to financial and non-financial information provided by management in annual reports Provision of management advisory services Increased responsibility for detecting fraud and reporting doubts about going concern Helping to secure responsible corporate governance Reporting to regulatory authorities on (i) fraud detected during audit; and (ii) doubts about auditees solvency
Audit techniques:
Emergence of audit methodologies focusing on clients business risk (risk of auditees not meeting their objectives) Audit based on : - A thorough understanding of the client, its business, its industry and especially its risks; and - Identification of audit risk through analytical review Adaptation of auditing to the e-commerce, e-business environment
Auditor
Provides capital
Client
Client provides financial statements to users
External Users
CAEA 2218 LECTURE 1 Slide 15
DEPARTMENT FO FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES DR HASLIDA ABU HASAN
Auditing Standards
serve as guidelines and measures quality of the auditors performance GAAS generally accepted auditing standards: (1) General standards - adequate technical training & proficiency - independence - due professional care (2) Fieldwork standards - adequate planning & supervised assistants - obtain sufficient understanding of internal controls - obtain sufficient appropriate evidential matter (3) Reporting standards - GAAP - consistency - disclosure - opinion
CAEA 2218 LECTURE2-2Slide 2 2
GAAS
Management Assertions
Financial statements issued by management contain explicit and implicit assertions (1) Transactions - Management asserts that transactions related to inventory actually occurred (2) Account balances - Management asserts that the entity owns the inventory represented in the inventory account (3) Presentation and disclosures - Management asserts that the financial statements properly classify and present the inventory
Management Assertions
The auditors standard report states that the audit provides only reasonable assurance that the financial statements do not contain material misstatements Reasonable assurance implies some risk that a material misstatement could be present in the financial statements and the auditor will fail to detect it
CAEA 2218 LECTURE2-9Slide 9 2
Inherent risk
Sampling risk
Management integrity
Account risk
Business risk
FIGURE 3.3 The Component of audit risk Brenda Porter, Jon Simon and David Hatherly, Principles of External Auditing, 2nd Ed, 2003, John Wiley & Sons Ltd
Detection risk that a misstatement would not be detected which might be material either on its own, or when aggregated with other misstatements
Materiality
Materiality is the magnitude of an omission or misstatement of accounting information that, in light of surrounding circumstances, makes it probable that the judgment of a reasonable person relying on the information would have been changed or influenced by the omission or misstatement (material if its omission would reasonably influence decisions) Not capable of general mathematical definition Has qualitative and quantitative elements
Risk-based auditing
Concentrating audit procedures on the areas of the clients systems/records that are likely to be at most risk of error, misstatement or fraud Needs some decision criteria to determine the acceptable level of risk
Auditors rights
Access to the companys books and accounts Explanation from the companys management
CAEA 2218 LECTURE2-14 14 2 Slide
Auditors duties
1. STATUTORY DUTIES Companies Act Carry out investigation and form opinion as to whether proper accounting records have been kept, F/S are in agreement with the accounting records, auditors received all the information/explanation required, the received explanation/information is consistent with the F/S Under the Companies Acts, directors are required to prepare F/S which give a true and fair view of the companys state of affairs 2. COMMON LAW courts cases explain expectation from auditors such as reasonable skill, care, caution in the circumstances 3. PROFESSIONAL AUDITING STANDARDS AND GLINES informing/increasing the quality of audit work protecting the reputation of auditors shielding auditing from further government involvement mandatory compliance: disciplinary action may be taken by the profession (self regulation) 4. REGULATORY REQUIREMENTS requirements for listed companies, compliance with corporate governance requirements
CAEA 2218 LECTURE2-16 16 2 Slide
Ethical standards have been issued to promote alertness and define procedures to identify and assess significance of threats
CAEA 2218 LECTURE2-21 21 2 Slide
Audit phases
1. Client acceptance/continuance; and establishing an understanding with the client 2. Preliminary engagement activities 3. Establishing materiality and assess risks 4. Plan the audit 5. Consider and audit companys internal control 6. Audit business processes and related accounts 7. Complete the audit 8. Evaluate results and issue audit report
Audit Report
The auditors report (audit opinion) is the culmination of audit process For companies, auditor is statutorily required to report to the companys shareholders, although he/she should be aware that other interested parties/stakeholders will use the report The report communicates the auditors conclusion about, among other things:
The truth and fairness with which the statements portray the entitys financial position; and Their compliance (or otherwise) with the Companies Act
Audit Report
The auditor is also required to communicate with those charged with the companys governance. Will address: Various aspects of the audit; Various aspects of the entitys financial affairs; Material weaknesses in entitys financial affairs; material weaknesses in entitys control system uncovered by the audit; and Ways in which such control weaknesses may be overcome This communication is often referred to as a management letter (ML) ML normally focused exclusively on internal control weaknesses and how they might be rectified Current practices of ML is broader in scope, but maintain a private communication with the management and contents are not generally revealed to shareholders or other third parties
CAEA 2218 LECTURE2-25 25 2 Slide
Audit Report
Under the Companies Act 1965, the directors are responsible for preparing financial statements, and The auditors have responsibility of examining the financial statements, and its requirements indicate the issues auditors must look at to determine the type of audit report they will give. They are required to form and express an opinion as to whether they give a true and fair view of the companys state of affairs and its profit or loss for the period of account under consideration, and whether they comply with the provisions of the Act as regards form, content and notes Audit report usually is the only channel of communication between the auditor and shareholders of the company the financial statements of which have been subject to audit The report acts as a bridge taking the large volume of information possessed by auditors and conveying it to the shareholders in a much abbreviated form In order to convey information in a succinct form, the audit report has become an extremely formalised group of phrases, each of which has special significance. Any deviation from the standard format is regarded by auditors as significant and may provide important extra data
CAEA 2218 LECTURE2-26 26 2 Slide
Audit Report
Auditors have to understand the following details: The form of an unqualified report and the meaning of the phrases used; The situation where a qualified audit report is needed and how such report should be phrased; The situation where, although the opinion is unqualified, it may be relevant to include additional details emphasizing one particular aspect of the financial statements
AUDITOR CANNOT GUARANTEE OR CERTIFY THAT FINANCIAL STATEMENTS ARE CORRECT.
Audit Report
If financial statements are found to meet the necessary regulatory requirements and other requirements, and provide a true and fair view, the auditor may not have problem but if they do not meet the requirements or are in some other respect deemed by their auditors flawed or inadequate, the extent of that problem must be gauged in terms of the effect it will have on their overall opinion Auditors opinion on financial statements may be one of two basic types: 1. Unqualified/unmodified (i.e., clean); or 2. Qualified/modified (except for opinion; adverse opinion; and disclaimer of opinion).
DEPARTMENT FO FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES DR HASLIDA ABU HASAN
Inherent risk
Sampling risk
Management integrity
Account risk
Business risk
FIGURE 3.3 The Component of audit risk Brenda Porter, Jon Simon and David Hatherly, Principles of External Auditing, 2nd Ed, 2003, John Wiley & Sons Ltd
Engagement Risk
Auditors exposure to financial loss and damage to professional reputation. Client and 3rd party lawsuits Negative publicity Audit Risk Model :
Audit Risk = IR CR DR Inherent risk and control risk are risks that material misstatements exist Detection risk is risk that auditor fail to detect misstatements which include sampling risk, non-sampling risk, inappropriate audit procedures or misinterpreting audit results
AR =
IR CR
Auditee risk
DR
Significant changes in the entity (e.g., acquisitions and reorganizations). Significant changes in the industry. Significant new products, services, or lines of business. New locations. Significant changes in the IT environment. Operations in areas with unstable economies. High degree of complex regulation.
Identifies risks by considering the entity and its environment, including controls that relate to the risks; and by relating these risks to the classes of transactions and account balances in the financial statements. Relates the identified risks to what can go wrong at the assertion level. Considers whether the risks are of a magnitude that could result in a material misstatement. Considers the likelihood that the risks will result in a material misstatement.
Mistakes in gathering or processing financial data used to prepare financial statements. Unreasonable accounting estimates arising from oversight or misinterpretation of facts. Mistakes in the application of accounting principles relating to amount, classification, manner of presentation, or disclosure.
Misappropriation of assets
Stealing assets
Yes
Yes
Attempt to obtain audit evidence to determine whether, in fact, material fraud has occurred and, if so, its effect. Consider the implications for other aspects of the audit. Discuss the matter and the approach to further investigation with an appropriate level of management that is at least one level above those involved in committing the fraud and with senior management. If appropriate, suggest that the client consult with legal counsel.
If the results of the audit tests indicate a significant risk of fraud, the auditor should consider withdrawing from the engagement and communicating the reasons for withdrawal to the audit committee or others with equivalent authority and responsibility.
Materiality
The magnitude of an omission or misstatement of accounting information that makes it probable that the judgment of a reasonable person relying on the information would be changed or influenced by the omission or misstatement. Materiality is not an absolute, its determination requires professional judgment.
Materiality
The quantitative base for materiality is a percentage (typically 3 to 5 percent) of: total assets; total revenues; income before taxes; income from continuing operations; gross profit; three-year average of income before taxes The quantitative amounts may be adjusted lower for qualitative factors such as: first-year engagement; control weaknesses; management turnover; high market pressures; high fraud risk; higher than normal risk of bankruptcy
say, are those who know equal to those who do not know?"
[The Quran, Chapter 39(Az-Zumar ), Verse 9]
only those who have knowledge among His slaves fear Him"
[The Quran, Chapter 35(Faatir), Verse 28]
"What I fear most for you is a hypocrite with a knowledgeable tongue. Umar bin Al-Khattab, 2nd Caliph
DEPARTMENT FO FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES DR HASLIDA ABU HASAN
Management assertions about components of financial statements Evidence on the fairness of the financial statements
CAEA 2218 - LECTURE 4 Slide 2 - 24
Audit procedures
Management Assertions
1. 2. 3. 4. 5. Existence or occurrence Completeness Valuation or allocation Rights and obligations Presentation and disclosure
Audit Procedures
A set of audit procedures prepared to test assertions for a component of the financial statements is referred to as an audit program. Example:
Audit Program for Accounts Receivable Management Assertions Audit Procedures Existence Confirm receivables. Rights and Obligations Ask if receivables have been sold. Completeness Agree controlling account with total of subsidiary accounts. Examine sales invoices immediately before and after year-end for proper cutoff. Valuation or allocation Trace accounts from aged trial balance to subsidiary accounts. Test the adequacy of the allowance account. Presentation and disclosure Look for amounts due from related parties. Evaluate receivables for footnote disclosure.
CAEA 2218 - LECTURE 4 Slide 9 - 24
Audit Evidence
Auditors should obtain sufficient appropriate audit evidence to be able to draw reasonable conclusion on which to base the audit opinion. SAS 400.1 the facts presented to the mind of a person for the purpose of enabling him to decide a disputed question. Mautz (1958) the information the auditors obtain in arriving at the conclusions in which their report is based- comprises of source documents and accounting records underlying the financial statement assertions and corroborative information from other sources APB Glossary of Terms
CAEA 2218 -LECTURE 4 Slide 10 - 24
Audit Evidence
All the information used by the auditor in arriving at the conclusions on which the audit opinion is based. Nature of audit evidence records of initial entries and supporting records; general and subsidiary ledgers; adjustments to financial statements; invoices; worksheets; contracts; spreadsheets supporting cost allocations; other computations, reconciliations and disclosures
Audit Evidence
Usually is pervasive rather than conclusive, to be sought from different sources or of different nature to support same assertions Comprises information and impressions accumulated during course of the audit which, taken together, allow the auditor to form an opinion Audit evidence is influenced by: Assessment of risk at F/S level and individual account Nature of accounting and internal control systems Materiality of the item Timeliness of information provision Relevance Auditors knowledge and experience of the business Findings from audit procedures Source and reliability of the information (independent? third party expert? Qualifications of provider?
CAEA 2218 - LECTURE 4 Slide 12 - 24
Audit Evidence
Sufficiency is a measure of the quantity of audit evidence: Greater risk of misstatement requires higher quantity of audit evidence Higher quality of audit evidence results in a lower quantity of audit evidence Appropriateness is a measure of the quality of audit evidence relevance & reliability: Independence source of the evidence Effectiveness of internal control Auditors direct personal knowledge Documentary evidence Original documents
CAEA 2218 - LECTURE 4 Slide 13 - 24
Audit Evidence
Evaluation of audit evidence requires and understanding of the types and relative reliability of available evidence Auditor should be thorough in searching for evidence and not biased in its evaluation Procedures in obtaining evidence includes:
Inspection of records and documents Calculate and Recalculation Reconciliations Vouch; Read; Trace Examining Inquiry Scanning Confirm; Compare (analytical data) Observation Inspection of tangible assets physical evidence Analytical procedures Re-perform (of procedures)
CAEA 2218 - LECTURE 4 Slide 14 - 24
Audit Evidence
Mautz and Sharaf (1961) classified evidence into 3 classes: (i) natural evidence; (ii) created evidence; (iii) rational argumentation Auditors have to consider the relationship between the cost of obtaining audit evidence and the usefulness of the information obtained because resources at the disposal of auditors are limited, not least because audits have to be competitively tendered for and audit firm is profit-seeking
Reliability of evidence
High - inspection of tangible assets; re-performing; recalculation; inspection of records and documents Medium - scanning; confirmation; analytical procedures Low observation; inquiry
CAEA 2218 - LECTURE 4 Slide 15 - 24
Combining Evidence
Go beyond simple analysis to the implications of what found Look for relationships of cause and effect among variables
Analytical tasks
Understanding the knowledge of how things hang together
Ledger
Tracing (Completeness)
Evidence obtained from external documents is more reliable than evidence obtained from internal documents.
Inquiry
Inquiry
Information Frequently Confirmed by Auditors Cash balance Accounts receivable Inventory on consignment Accounts payable Bonds payable Common stock outstanding Insurance coverage Collateral for loans
Source of Confirmation Bank Individual customers Consignee Individual vendors Bondholders/trustee Registrar/transfer agent Insurance company Creditors
Confirmation
CAEA 2218 - LECTURE 4 Slide 19 - 24
Audit Documentation
The auditors principal record of the audit procedures performed, evidence obtained,and conclusions reached.
Audit documentation (working papers) have two functions: To provide support for the audit report. To aid in the conduct and supervision of the audit.
Audit Documentation
Audit documentation should: Demonstrate how the audit complied with auditing and related professional practice standards; Show that the underlying accounting records agreed with financial statements; Include a written audit program detailing auditing procedures necessary to accomplish audit objectives Enable knowledgeable and experienced reviewer to: understand the nature, timing, extent and results of audit procedures, evidence obtained and conclusions reached Determine who performed and reviewed the work, as well as dates of the work and reviews
Audit Documentation
Audit documentation is normally maintained in two files: Permanent files - Corporate charter; Important contracts; Chart of accounts; Internal control documentation; Organization chart; Terms of stock and bond issues; Accounting manual; Prior years analytical procedures Current files - Audit plan; audit report; Adjusting journal entries; Audit programs; Reclassification journal entries; Working trial balance; Current financial statements; Minutes of meetings; Working papers supporting accounts Format: Heading client name, title of the working paper, clients year end date Indexing and cross-referencing notations that provide a trail from financial statements to audit documents Tick marks notations made next to work paper items indicating auditor/reviewer actions
CAEA 2218 - LECTURE 4 Slide 23 - 24
Audit Documentation
Audit documentation should be organized so that audit team members and others can find evidence supporting financial statement accounts All audit documentation is the property of the auditor including documents prepared by clients at auditors request Regulations requires audit documentation to be retained for seven years from the completion date of the engagement
Jangan berpuasa tanpa agama. Jangan beragama tanpa Tuhan. Wahai orang-orang yang beriman, puasa diwajibkan ke atas kamu sebagaimana ia telah diwajibkan ke atas umat sebelummu, agar (dengan puasa itu) kamu menjadi insan yang bertaqwa [Al-Baqarah : 185]
DEPARTMENT FO FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES DR HASLIDA ABU HASAN
Are recorded Are sales sales amount transactions correct? recorded in the correct period
Brenda Porter, Jon Simon and David Hatherly, Principles of External Auditing 2nd Edition, 2003, John Wiley and Sons Ltd
Audit Steps
1-Appointment of auditors at AGM 2-Letter of engagement sent to client 3-Gain understanding of the clients Activities and circumstances 7-Test transactions and account balances
5-Gain understanding of the clients accounting systems and evaluate internal control 6-Test internal control strength through compliance testing
9-Reporting for: (i)Shareholders and external parties; (ii) Those charged with governance of the entity
Continuing a client:
o Evaluate client retention periodically - near audit completion or after a significant event o Consider conflict over accounting/auditing issues and dispute over fees if there are
The engagement letter formalizes the agreement reached between the auditor and client, engagement letter may also include:
1. Arrangement for use of specialists or internal auditor; 2. Any limitations of ability of the auditor or client; 3. Additional services to be provided and arrangements for these services.
Internal Auditors
Internal Auditors
Specialists
A major consideration is planning the audit is the need for specialist (AU 336). The use of an IT specialist is a significant aspect of most audit engagements. The presence of complex information technology may require the use of an IT specialist.
Illegal Acts
Direct and material : Consider laws & regulations as part of audit Material & Indirect : Be aware of its possibility of occurrence and investigate if brought to attention
Related Parties
Examples from FASB No. 57: Related Party Disclosure :
i- Affiliates of the enterprise; ii- Entities using equity method to account for investments; iii- Trusts for benefit of employees; ivPrincipal owners of enterprise; v- Management; vi- Immediate families of the principal owners & management; vii- Other parties that can have significant influence.
General strategy
Tests of Controls
Analytical Procedures
Stages of analytical procedures: 1. Preliminary analytical procedures - to assist the auditor to better understand the business and to plan the nature, timing, and extent of audit procedures. 2. Substantive analytical procedures - to obtain evidential matter about particular assertions related to account balances or classes of transactions. 3. Final analytical procedures - used as an overall review of the financial information in the final review stage of the audit. Types of analytical procedures Trend analysis Ratio analysis:
Short term liquidity ratio- current ratio, quick ratio, ratios of operating cash flow Activity ratio- receivables (AR) turnover, days outstanding in AR, inventory turnover, days of inventory on hand Profitability ratio- percentage of gross profit, profit margin, return on assets, return on equity Coverage ratio- debt to equity, times interest earned
Reasonableness analysis
CAEA 2218 - LECTURE 5 Slide 23
Tolerable differences size depends on the significance of the account, the desired
degree of reliance on the substantive analytical procedures, the level of disaggregation in the amount being tested, and the precision of the expectation.
Compare the expectation to the recorded amount and investigate any differences
greater than the tolerable difference Preliminary analytical procedures differences not requires corroborating evidence Final analytical procedures differences requires corroborating evidence
Example of Filling the Assurance Buckets for Each Assertion (Accounts Payable)
End of lecture 5
Translation of Sahih Bukhari: Volume 1, Book 3, Number 73: Narrated 'Abdullah bin Mas'ud: The Prophet said, "Do not wish to be like anyone except in two cases. (The first is) A person, whom Allah has given wealth and he spends it righteously; (the second is) the one whom Allah has given wisdom (the Holy Qur'an) and he acts according to it and teaches it to others." (Fateh-al-Bari page 177 Vol. 1) Volume 1, Book 3, Number 85: Narrated Abu Huraira: The Prophet said, "(Religious) knowledge will be taken away (by the death of religious scholars) ignorance (in religion) and afflictions will appear; and Harj will increase." It was asked, "What is Harj, O Allah's Apostle?" He replied by beckoning with his hand indicating "killing." (Fateh-al-Bari Page 192, Vol. 1)
4-29
DEPARTMENT FO FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES DR HASLIDA ABU HASAN
Internal Control
Internal controls is a company's policy for conducting business in a consistent manner, protecting sensitive information relating to customers and business operations and limiting the ability of employees and managers to conduct fraud or embezzlement. Public companies are held to a higher scrutiny regarding their internal controls since the passage of the Sarbanes-Oxley Act of 2002. This legislation was passed after the major accounting frauds found in Enron and WorldCom, two of the largest corporate bankruptcies in the history of U.S. business. Internal controls should be designed to limit the amount of internal business risk, although that is not always the case. A major risk with internal controls is who sets up the controls and reviews how the controls work in the daily operations of business operations. Companies that use internal managers or accountants to set up their internal controls process may not take an objective look at the company prior to designing the internal controls. This results in poor internal controls because internal employees may not believe their company has that many problems; this mindset leads to few or highly ineffective internal controls. When reviewing company processes and designing internal controls, management should consult an outside public accounting firm about designing and implementing internal controls. An outside look into company operations will usually find more areas needing internal controls, creating a stronger internal control system.
Internal Control
Once internal controls are in place, management must be responsible for reviewing the information produced by these controls to ensure the company is operating according to its internal guidelines. Managers may not be willing to take on the extra paperwork, leaving internal control reviews at a standstill when assessing their effectiveness. Companies normally use several managers and supervisors to review the internal control process, spreading the workload around the company. Using multiple levels of company management can also strengthen the review process, allowing several individuals to provide input for eliminating internal control risk. Internal controls may limit a company's ability to take on new operations or expand existing operations if the controls create too many barriers for reviewing new information. Companies may set up a system that only reviews business operations as they currently exist, not planning for a possible expansion or for growth. Inflexible internal controls will require managers to completely rework the internal controls systems for new operations, creating higher operating costs and increasing the time spent on business expansion. Once internal controls are in place and management reviews the internal controls for effectiveness, they should also review the flexibility of internal controls for gathering and reviewing new information.
CAEA 2218 - LECTURE 6 Slide 3
Internal Control
Internal control plays an important role in how management meets its stewardship or agency responsibilities. Management has the responsibility to maintain controls that provides reasonable assurance that adequate control exists over the entitys assets and records. Proper internal control not only ensures that assets and records are safeguarded but also creates an environment in which efficiency and effectiveness are encouraged and monitored. Management also needs a control system that generates reliable information for decision making. The auditor needs assurance about the reliability of the data generated by the information system in terms of how it affects the fairness of the financial statements and how well the assets and records of the entity are safeguarded. The auditor uses risk assessment procedures to obtain an understanding of the entitys internal control and uses this understanding to identify the types of potential misstatements, ascertain factors that affect the risk of material misstatement, and design tests of controls and substantive procedures.
Internal Control
The auditors understanding of the internal control is a major factor in determining the overall audit strategy. The auditors responsibilities for internal control are discussed under two major topics: (1) obtaining an understanding of internal control and (2) assessing control risk. Objectives of internal control: 1. Reliability of financial reporting 2. Efficiency and effectiveness of operations 3. Compliance with laws and regulations Internal controls pertaining to the preparation of financial statements for external purposes are relevant to an audit. Controls relating to operations and compliance objectives may be relevant when they relate to data the auditor uses to apply auditing procedures. The auditor should obtain an understanding of each of the five components of internal control in order to plan the audit. This knowledge is used to: 1.Identify types of potential misstatements 2.Design tests of controls and substantive procedures 3.Pinpoint the factors that affect the risk of material misstatement
CAEA 2218 - LECTURE 6 Slide 5
Control Risk
After obtaining an understanding of internal control, an auditor may choose to follow a (i) substantive strategy and set control risk at the maximum for some or all assertions because of one or all of the following factors: Controls do not pertain to an assertion Audit Risk Model Controls are assessed as ineffective Testing the effectiveness of controls is inefficient AR = IR CR DR (ii) reliance strategy if the auditors assess control risk below maximum and decided to rely on the internal control The risk assessment process should consider external and internal events and circumstances that may arise and adversely affect the entitys ability to initiate, record, process and report financial data consistent with the assertions of management in the financial statements. Client business risk can arise or change due to the following circumstances:
changes in the operating environment; changing personnel; rapid growth; new or revamped information systems; new business models, products, or activities; new accounting pronouncements; new technology; expanded international growth; corporate restructuring
CAEA 2218 - LECTURE 6 Slide 13
Control Risk
Auditors should consider client accounting system when assessing control procedures/risk - an effective accounting system gives appropriate consideration to establishing methods and records that will :
1.Identify and record all valid transactions. 2.Describe on a timely basis the transactions in sufficient detail to permit proper classification of transactions for financial reporting. 3.Measure the value of transactions in a manner that permits recording their proper monetary value in the financial statements. 4.Determine the time period in which transactions occurred to permit recording of transactions in the proper accounting period. 5.Properly present the transactions and related disclosures in the financial statements.
Controlprocedures that help ensure that Risk Control activities are the policies and
managements directives are carried out. Those control procedures that are relevant to the audit include 1. Performance reviews 2. Information processing 3. Segregation of duties 4. Physical controls
Monitoring of controls is a process that assesses the quality of internal control performance over time. Internal Auditors internal auditors evaluates internal control to ensure effective functionality of the organization. An effective internal audit function has clear lines of authority and reporting, qualified personnel, and adequate resources to enable these personnel to carry out their assigned duties. While the basic concepts of the five components should be present in all entities, they are likely to be less formal in a small or midsize entity than in a large entity. There are limitations to internal control, due to various factors, such as: management override of internal control; human error or mistakes; collusion
Substantive procedures
An auditor may reduce control risk below the maximum only on the basis of a service auditors report that includes tests of the controls.
Material weakness
A material weakness is a significant deficiency, or combination of significant deficiency that results in more than a remote likelihood that a material misstatement of the financial statements will not be prevented or detected.
Reportable conditions
Flowcharting symbols
End of lecture 6
Mankinds Reckoning has drawn very close to them, yet they heedlessly turn away. (Al-Anbiyaa 21:1) Say: Death, from which you are fleeing, will certainly catch up with you. Then you will be returned to the Knower of the Unseen and the Visible and He will inform you about what you did. (Al-Jumu`ah 62:8) Wherever you are, death will catch up with you, even if you are in impregnable fortresses. (An-Nisaa 4:78)
DEPARTMENT FO FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES DR HASLIDA ABU HASAN
Revenue Recognition
Revenue is an inflows/enhancements of assets of an entity or settlements of its liabilities (or a combination of both) from delivery or producing goods, rendering services, or other activities that constitute the entitys major or central operations. Three types of transactions are typically processed through the revenue cycle: 1. Sale of goods or rendering of a service for cash or credit; 2. Receipt of cash from the customer in payment for goods or services; 3. Return of goods by the customer for credit or cash. Numerous accounts are affected significant ones are: Sales transactions: trade receivables; sales; allowance for uncollectible; bad-debt expense Cash receipts transactions: cash; trade receivables; cash discounts Sales return and allowance transactions: sales returns; sales allowances; trade receivables
Purchases
Cash sales
Account receivable
Inventory
Inventory
Credit sales
By phone or internet
Input
To the IT Department
Error Correction
A
If a new customer, a credit check is run by the Credit Department. Otherwise, credit is checked by IT
CAEA 2218 - LECTURE 7 Slide 4
Shipping program
Error Report
To shipping department
CAEA 2218 - LECTURE 7 Slide 5
Ship goods
Approved shipping ticket Input to the billing program To customer with goods
Inventory
Sales
D
Daily shipping listing Daily sales report Daily remittance report To cash receipts department To sales department
C
CAEA 2218 - LECTURE 7 Slide 8
Weekly or Monthly
Customer statements
Customer
From bank Remittance advice transactions Error correction Remittance advice transactions
Accounts receivable
C
From bank Daily remittance report Reconciled by cash receipts clerks
Major Functions
Credit authorization appropriate approval of customer orders for creditworthiness, this process determines that the customer is able to pay for the goods or services purchased failure in authorization could lead to extensive bad debts for the entity Shipping shipping of goods that has been authorized, goods should not be shipped, nor should services be provided without proper authorization the main control is payment or proper credit authorization Billing issuance of sales invoices to customers and processing of adjustments for allowances, discounts and returns, a proper billing system ensures that all goods shipped/ services rendered are billed to customers Cash receipts processing of the receipts of cash from customers, all cash receipts must be properly identified and promptly deposited intact at the bank Accounts receivable recording of all sales invoices, collections and credit memoranda in individual customer accounts -all billings, adjustments, and cash collections must be properly recorded in the customersaccounts receivable records General ledger proper accumulation, classification, and summarization of revenues, collections, and receivables in the financial statement accounts - as related to the revenue process, the general ledger function must ensure that all revenues, collections, and receivables are properly recorded and classified Order entry acceptance of customer orders for goods and services into the system in accordance with management criteria
CAEA 2218 - LECTURE 7 Slide 12
X X X X
The flow of each transaction from initiation to inclusion in the financial statements.
Accounting records, supporting documents, and accounts that are involved in sales, cash receipts, and sales returns.
The process used to prepare estimates for bad debts and sales returns.
CAEA 2218 - LECTURE 7 Slide 13
Risk Assessment
Risk assessment process the auditor must understand how management considers risks that are relevant to the revenue process. The auditor should estimate the significance of the risk and assess the likelihood of occurrence. Inherent risk prevalent to the revenue cycle: 1. Industry related factors 2. Complexity and contentiousness of revenue recognition issues 3. Difficulty of auditing transactions and account balances 4. Misstatements detected in prior audits Control Environment understanding of control environment is generally completed on an overall entity basis; The auditor must understand how management assesses the design and operation of controls in the revenue process. This understanding should include how supervisory personnel review the personnel who perform the controls and evaluate the performance of the entitys IT function. Understanding & documenting internal control the auditor identifies what controls ensure that the assertions for transactions and events are being met, documentation of the auditors understanding can be accomplished by using (i) procedures manual; (ii) narrative descriptions; (iii) internal control qaires; (iv) flowcharts Control risk assessment: 1. Understanding and documenting the revenue process based on a reliance approach; 2. Planning and performing tests of controls on revenue transactions; 3. Setting and documenting the control risk for the revenue process
CAEA 2218 -LECTURE 7 Slide 14
Revenue Transactions
Assertions about Classes of Transactions and Events for the Period under Audit
All revenue and cash receipt transactions and events Occurrence that have been recorded have occurred and pertain to the entity. All revenue and cash receipt transactions and events that should have been recorded have been recorded. All revenue and cash receipts transactions and events Authorization are properly authorized. Amounts and other data relating to recorded revenue Accuracy and cash receipt transactions and events have been recorded appropriately.
Completeness
All revenue and cash receipt transactions and events have been recorded in the correct accounting period. All revenue and cash receipt transactions and events Classification have been recorded in the proper accounts.
Cutoff
Control procedures and test of controls next pages
CAEA 2218 - LECTURE 7 Slide 16
Revenue Transactions
Occurrence of revenues the auditor is concerned about two major types of material misstatements (i) sales to fictitious customer, (ii) recording revenue when goods have not been shipped or services have not been performed. The auditor needs assurance that all recorded revenue transactions are valid; Completeness of revenues the major misstatement that concerns both management and the auditor is that goods are shipped or services are performed and no revenue is recognized. Controls concerning completeness include (i) accounting for numerical sequence of shipping documents and sales invoices, (ii) matching shipping documents with sales invoices; (iii) reconciling sales invoices to daily sales reports Authorization of revenues possible misstatements due to improper authorization include shipping goods to or performing services for customers who are bad credit risks and making sales at unauthorized prices or terms. Test policies and procedures relating to authorization of revenue transactions. Accuracy of revenues the presence of an authorized price list and terms of trade reduces the risk of inaccuracies, the sales invoice should also be verified for mathematical accuracy before being sent to the customer. Cutoff of revenues sales may be recorded in the wrong accounting period unless proper controls are in place. All shipping documents should be forwarded to the billing department daily Classification of revenues the use of chart of accounts and proper codes for recording transactions should provide adequate assurance about the proper classification of revenue transactions
CAEA 2218 - LECTURE 7 Slide 17
Control Procedures and Tests of Controls Sales Returns and Allowances: Sales returns and allowances is usually not a material amount in the financial statements. However, credit memoranda that are used to process sales returns can also be used to cover an unauthorized shipment of goods or conceal a misappropriation of cash. As a result, all credit memoranda should be properly authorized.
Relating the Assessed Level of Control Risk to Substantive Procedures Accounts Receivables tests
Completeness auditors primary concern is whether all AR have been included in the AR subsidiary ledger and the general ledger (GL) AR account. Reconciliation of the aged trial balance to the GL account should detect an omission of receivables from either the subsidiary or GL Cutoff attempts to determine whether all revenue transactions and related AR are recorded in the proper period. Test a few shipping documents just prior to year end and test another few just after the year end determine whether all transactions tested were recorded in the proper period Rights and obligation the auditor must determine that all AR are owned by the entity, this is usually not a problem, however, in some cases AR may be sold with/without recourse Valuation and allocation AR should be shown on the balance sheet at net realizable value (gross minus allowance) The auditor must verify the adequacy of the allowance for uncollectible accounts. The first step is to prepare an aged trial balance and discuss results with the credit manager. Next, a comparison with last years results should be examined. Classification & Understandability major issues for presentation and disclosure classification are: (i) Identifying and reclassifying any material credits contained in accounts receivable. (ii) Segregating short-term and long-term receivables. (iii)Ensuring that different types of receivables are properly classified.
CAEA 2218 - LECTURE 7 Slide 21
Alternative Procedures
When the auditor does not receive responses to positive confirmations, alternative audit procedures are used. These alternative procedures include: Examination of subsequent cash receipts. Examination of customer orders, shipping documents, and duplicate sales invoices. Examination of other client documentation. Other types of receivables that are reported on the balance sheet may include (1) receivables from officers and employees, (2) receivables from related parties, and (3) notes receivables. The auditors concern with satisfying the assertions for these receivables is similar to that for trade accounts receivable. Each of these types of receivables is confirmed and evaluated for collectability. The transactions that result in receivables from related parties are examined to determine if they were at arms length. Notes receivable would also be confirmed and examined for repayment terms and whether interest income has been properly recognized.
CAEA 2218 - LECTURE 7 Slide 23
A dream
dan sesiapa yang taatkan Allah dan Rasulnya, akan dimasukkan nya ke dalam syurga yang mengalir di bawahnya beberapa sungai, mereka kekal di dalamnya; dan itulah kejayaan yang amat besar. An-Nisa: 13 (dua syurga) yang ada berjenis-jenis pohon dan buah-buahan. Ar-Rahman:48 pada keduanya juga terdapat buah-buahan, serta pohon-pohon kurma dan delima.Ar-Rahman: 68 sedang naungan pohon-pohon syurga itu dekat kepada mereka, dan buahbuahannya pula dapat dipetik dengan semudahnyaAl-Insan: 14 Rasulullah pbuh have said: sesungguhnya orang beriman ditempatkan di syurga dalam istana dari mutiara berongga, panjangnya adalah 60 batu, di dalamnya terdapat pelayan-pelayan buah-buahan di syurga seperti anggur, ia lebih putih dari susu, lebih manis dari madu, lebih lembut dari tepung dan tidak berbiji. Adapun tanaman di syurga, setelah benihnya disebar, maka ia tumbuh dalam sekejap dan sedia dimakan pada waktu itu juga (Hadis riwayat oleh Muslim)
DEPARTMENT OF FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES DR HASLIDA ABU HASAN
Vendor
Purchasing
Approved purchase requisition received
IT
Accounts Purchase payable order file master file
Input
Error corrections
PO #2 Filed
Numerically
Error report
Receiving
PO #1
Goods received, counted, and inspected Receiving report (RR) Enter vendor, quantity, and PO # Daily receiving log
From IT
Receiving
PO #1
Goods received, counted, and inspected Receiving report (RR) Enter vendor, quantity, and PO # Daily receiving log
From IT
Monthly reports
Report to A/P
Error report
Daily
General ledger
CAEA 2218 - LECTURE 8 Slide 8
Cashier
Checks
Checks
Checks
Input
To Vendors
CAEA 2218 - LECTURE 8 Slide 9
IT
X X X X X X X X
Compare purchase returns and allowances as a percentage of revenue or Under- or overstatement of purchase cost of sales to prior years' and industry returns. data.
Existence The auditors major concern is whether the recorded liabilities are valid obligations of the entity. The auditor should vouch a sample of items on the listing of accounts payable to other supporting documents.
CAEA 2218 - LECTURE 8 Slide 23
DEPARTMENT OF FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES SESSION 1 2010/2011 DR HASLIDA ABU HASAN
Human resource management process Assignment of direct and indirect labor costs
Sale of goods
Type of Documents and Records demand for the entitys 1. Production Schedule Based on the expected
2. 3. 4. 5. 6. products. Receiving Report Records the receipt of goods from vendors. Materials Requisition Used to track materials during the production process. Inventory Master File Contains all the important information related to the entitys inventory, including the perpetual inventory records. Production Data Information Contains information about the transfer of goods and related cost accumulation at each stage of production. Cost Accumulation and Variance Report Material, labor, and overhead costs are charged to inventory as part of the manufacturing process. The variance report compares actual costs to standard or budgeted costs. Inventory Status Report Shows the type and amount of products on hand. Shipping Order Used to remove goods from the perpetual inventory records.
Production Schedule Inventory Master File
7. 8.
Risk Assessment
INHERENT RISK If industry competition is intense, there may be problems with the proper valuation of inventory. Technology changes in certain industries may also promote material misstatement due to obsolescence. Products that are small and of high value are more susceptible to theft. The auditor must be alert to related-party transactions for acquiring raw materials and selling finished products. Prior-year misstatements are good indicators of potential misstatements in the current year. CONTROL RISK
Steps: 1. Understand and document the inventory management process based on a reliance strategy. 2. Plan and perform tests of controls on inventory transactions. 3. Set and document the control risk for the inventory management process.
CAEA 2218 2010/2011, LECTURE 9 Slide 6
Auditing Inventory
Auditing Standard Costs
Material Test the quantity and type of materials included in the product and the price of the materials. Labor Gather evidence about the type and amount of labor needed for production and the labor rate.
Overhead Review the clients method of overhead allocation for reasonableness, compliance with GAAP, and consistency.
CAEA 2218 2010/2011, LECTURE 9 Slide 11
Auditing Inventory
Observing Physical Inventory 1. Ensure that no production is scheduled. If production is scheduled proper controls must be established for movement between departments in order to prevent double counting. 2. Ensure that there is no movement of goods during the inventory count. 3. Make sure that the clients count teams are following the inventory count instructions. 4. Ensure that inventory tags are issued sequentially to individual departments. 5. Perform test counts and record a sample of counts in the working papers. 6. Obtain tag control information for testing the clients inventory compilation. 7. Obtain cutoff information, including the number of the last shipping and receiving documents issued. 8. Observe the condition of the inventory for items that may be obsolete, slow moving, or carried in excess quantities. 9. Inquire about goods held on consignment for others or held on a bill-andhold basis.
CAEA 2218 2010/2011, LECTURE 9 Slide 12
End of lEcturE 9
"Let there be no compulsion in religion; verily, the right path has become distinct from the wrong path; whoever rejects taghut (evil) and believes in Allah has grasped the most trust worthy hand-hold that never breaks; and Allah hear and know all things". (Qur'an, 2:256)
CAEA 2218 2010/2011, LECTURE 9 Slide 15
DEPARTMENT OF FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES SESSION 1 2010/2011 DR HASLIDA ABU HASAN
Balance-Related Assertions
7 to 10 Days
A cutoff bank statement normally covers the 7- to 10-day period after the date on which the bank account is reconciled. Any reconciling item should have cleared the clients bank account during the 7- to 10-day period.
DEPARTMENT OF FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES SESSION 1 2010/2011 DR HASLIDA ABU HASAN
LECTURE 11 Auditing for Prepaid Expenses, Intangible Assets and Tangible Assets of Property, Plant and Equipment
General ledger PP&E master file master file General ledger program General ledger report
If one individual is responsible for the PP&E records The PP&E records function should be and also for the general ledger functions, that segregated from the general ledger individual can conceal any defalcation that would function. normally be detected by reconciling subsidiary records with the general ledger control account. If one individual is responsible for the PP&E records The PP&E records function should be and also has custodial responsibility for the related segregated from the custodial function. assets, items may be stolen, and the theft can be concealed by adjustment of the accounting records. If a periodic physical inventory of PP&E If one individual who is responsible for the periodic is taken, the individual responsible for physical inventory of PP&E is also responsible for the the inventory should be independent of custodial and record-keeping functions, theft or the the custodial and record-keeping entity's capital assets can be concealed. functions. CAEA 2218 2010/2011, LECTURE 11 Slide 7 4-7
1. Explain the nature and fundamental concepts of auditing with emphasis on external auditors. 2. Distinguish auditors and managements objectives, responsibilities on audit of financial statements. 3. Describe the relevant statutory and regulatory requirements in the Malaysian auditing environment. 4. Apply relevant audit procedures and practical aspects of audit to transaction cycles and items of balance sheet and income statement. 5. Apply code of ethics and professional standards (MIA By-Laws) in auditing
4-11
DEPARTMENT OF FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES SESSION 1 2010/2011 DR HASLIDA ABU HASAN
LECTURE 12 Auditing for Long Term Liabilities, Stockholders Equity, and Income Statement Accounts
Assertions
Occurrence
Trace large cash receipts and payments to source documents and the general ledger. Review interest expense for payments to debt holders Completeness not listed on the debt analysis schedule. Review notes paid or renewed after the balance sheet date to determine if there are unrecorded liabilities at year-end. Evaluate lease contracts to determine if leases are properly accounted for as an operating or capital lease. Examine board minutes for evidence of proper authorization of notes or Authorization bonds. Accuracy Test a sample of receipts and payments. Review debt activity for a few days before and after year-end to Cutoff determine if the transactions are included in the proper period. Examine the due dates on notes or bonds for proper classification Classification between current and long-term debt.
CAEA 2218 2010/2011, LECTURE 12 Slide 4
Auditing Dividends
All dividends declared and paid will be audited because of concerns of violations of corporate bylaws or debt covenants. When an independent dividend-disbursing agent is used, the auditor can confirm the amount disbursed with the agent. This amount is agreed with the amount authorized by the board of directors. When an independent agent is not used, the auditor can recompute the amount of the dividend authorized by the board of directors and trace the amount to cash disbursements or dividends payable.
Tests of selected account balances The auditor may wish to examine key revenue and expense accounts in some detail. Usually, the auditor verifies the transactions in the account by examining the supporting documentation. Accounts audited in this manner may be related to income tax reporting and include legal and audit expense, travel and entertainment, charitable contributions, and other income and expense.
TUTORIAL QUESTIONS
DEPARTMENT OF FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES SESSION 1 2010/2011 DR HASLIDA ABU HASAN
Authorization of hiring, firing, wage-rate and salary adjustments, salaries, and payroll deductions. Review and approval of employees' attendance and time information; monitoring of employee scheduling, productivity, and payroll cost variances. Processing of employees' attendance and time information and coding of account distribution. Computation of gross pay, deductions, and net pay; recording and summarization of payments and verification of account distribution. Payment of employees' compensation and benefits.
Supervision
Proper accumulation, classification, and General ledger summarization of payroll in the general ledger.
Segregation of duties
Payroll Function
Initiation of wage or salary changes Initiation of employee hiring and firing Approval of wage and salary changes Updating of personnel records Updating of payroll records Approval of time cards and job classification Review of time data and payroll distribution Preparation of payroll Preparation and signing of payroll checks Distribution of payroll checks Undating of general ledger for payroll Comparison of payroll expense to budget Calculation and recording of payroll taxes
IT Treasurer
X X X X
X X
Segregation of duties
Payroll Function
Initiation of wage or salary changes Initiation of employee hiring and firing Approval of wage and salary changes Updating of personnel records Updating of payroll records Approval of time cards and job classification Review of time data and payroll distribution Preparation of payroll Preparation and signing of payroll checks Distribution of payroll checks Undating of general ledger for payroll Comparison of payroll expense to budget Calculation and recording of payroll taxes
IT Treasurer
X X X X
X X
Risk assessments
In assessing inherent risk the auditor may want to consider the effect of economic conditions on payroll costs, the supply of skilled workers, and the frequency of employee turnover. The auditor should be familiar with any existing labor contracts and the impact of regulation on the company. The inherent risk associated with non-officers of the company is generally considered low. The inherent risk associated with officers of the company may not be considered low because of the ability to take advantage of their high position. Control risk assessments steps follow similar procedures of understanding and document the HRM process, perform tests of control and set and document control risk.
Risk assessments
Control activities and test of controls: Occurrence the auditor want assurance that payments for payroll-related services are being made to valid employees for time actually worked. Controls must be in place to ensure that no payments are made to fictitious employees and payments to valid employees are stopped once the employee is terminated. Authorization the client must have controls for hiring and terminating employees, setting pay rates, making withholdings, awarding benefits, and issuing payroll checks. Accuracy The client must have controls for hiring and terminating employees, setting pay rates, making withholdings, awarding benefits, and issuing payroll checks. Classification If payroll expense is charged to the wrong accounts, the financial statement may be misstated. If payroll expense is not properly classified between direct and indirect labor, inventory and cost of goods sold may not be valued properly. If the results of the tests of controls for the payroll system support the planned level of control risk, the auditor conducts substantive procedures of payroll-related accounts at the assessed level. If the tests do not support the level of control risk, the nature and extent of substantive testing will be increased.
CAEA 2218 2010/2011, LECTURE 13 Slide 7
Trace a sample of payroll checks to the master employee list to verify validity. Trace a sample of time cards to the payroll register. Test a sample of payroll checks for proper authorization. Recompute a sample of payroll checks for gross pay, deductions, and net pay. Trace a sample of time cards before and after period end to the appropriate payroll report.
Examine a sample of payroll checks for proper classification into expense accounts.
Vouch selected amounts from account schedules for Existence accruals to supporting documents (payroll tax returns, corporate benefit policies, etc.. Review supporting documentation to determne that Rights and obligations the entity is legally obligated to pay the liability. Completeness Search for unrecorded liabilities. Obtain an account analysis schedule for accrued payroll liabilites; foot schedules for accrued payroll Valuation and Allocation liabilities. Compare amounts accrued to supporting documentation, such as payroll tax returns.
CAEA 2218 2010/2011, LECTURE 13 Slide 10
Assertions about Presentation and Disclosure Tests of Details of Disclosures Occurrence, and rights and Inquire about accruals to ensure that they are properly obligations disclosed. Complete financial reporting checklist to ensure that Completeness all financial statement disclosures related to payroll expense have been made. Review benefit contracts for proper disclosure of pension and postretirement benefits. Read footnotes Accuracy and valuation and other information to ensure that the information is accurate and properly presented at the appropriate amounts.
CAEA 2218 2010/2011, LECTURE 13 Slide 11