CAEA 2218 Lecture 1 - Introduction-AnytoPDF

DEPARTMENT FO FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES DR HASLIDA ABU HASAN
LECTURE 1 Logistics & Introduction to Auditing and Assurance Engagements
Logistic
Refer to course information distribution during lecture 1 Adhere to the course information closely Some lecture notes and/or other reading materials will be uploaded to e-learning site Tutorial arrangements Assignment arrangements
CAEA 2218 :LECTURE 1 Slide 2
Lecture Program
1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. Introduction to Auditing Overview of financial statement audits Materiality and audit risks Audit evidence procedures Audit planning and tests Internal control review Auditing the revenue cycle Auditing the purchasing cycle Auditing the inventory cycle Auditing cash Auditing property plant and equipment Auditing long term liabilities, shareholders equity & income statement items 13. Auditing payroll cycle
CAEA 2218 LECTURE 1 Slide 3
Definition of an audit
A systematic process of objectively gathering and evaluating evidence in order to ascertain whether assertions about economic actions and events made by individuals or organizations correspond with establish criteria and communicating the results of the examination to users of the reports in which assertions are made (American Accounting
Association, the association of US accounting academics)
Distinction between accounting and auditing

Accounting: identifies, organises, classifies,
summarises and communicates information about economic events a creative process
Auditing: gathers and evaluates evidence with

respect to the accounting /economic events an evaluative process
Classification of audit by their beneficiaries

External audits: undertaken by professionally qualified
and externally accredited auditors who are external to the audited business Big 4 and many other smaller audit firms. External audit are primarily for the benefit of shareholders and market efficiency.
Internal audits: traditionally undertaken by companys

own staff or auditing firms different from main auditor. Principally for the benefit of management, though the external auditor may draw upon the results of internal audits.
Classification of audit by their objectives :

(1) Certification audits: involve the examination of an entitys
financial statement which have been prepared by the entitys management and directors for the benefit of shareholders and other interested parties
(2) Compliance audits: aim to determine whether an individual
or an entity has acted in accordance with procedures/regulations set by an autority (eg. tax authority; parent company )
(3) Operational audits: involve the systematic examination and
evaluation of an entitys operations for the purpose of improving the efficiency and/or effectiveness of the entity. This has become known in the public sector as value for money or VFM audits NKRA national key results area
Assurance, Attestation, and Nonassurance Services

ASSURANCE SERVICES
ATTESTATION SERVICES Audits Reviews Certain Management Consulting
Internal Control over Financial Reporting Other Attestation Services (e.g., WebTrust, SysTrust)
Other Assurance Services

Assurance, Attestation, and Nonassurance Services

NONASSURANCE SERVICES
Other Management Consulting Certain Management Consulting
Accounting and Bookkeeping
Tax Services
Types of Auditors
Independent certified public accounting firms Governmental general accounting office auditors Internal Revenue agents Internal auditors
The Audit Society Michael Power

Certification audits or financial statement audit has always been regarded as a low-profile activity In the public sector, this activity sat alongside regularity (spent according to the authorisation) and propriety (proper standards, relevant to the use of public money have been met). From 1980s, growth of Value for Money or performance auditing. From 1990s, massive extension of breadth and coverage of the notion of audit. Some connection to the withdrawal of government from production eg. denationalization of utilities and substitution of regulation for ownership. Controversy about whether too many people watching rather than doing, particularly affects public sector but is much more general than that
The Role of Auditing
Audit objectives :
Lending credibility to financial and non-financial information provided by management in annual reports Provision of management advisory services Increased responsibility for detecting fraud and reporting doubts about going concern Helping to secure responsible corporate governance Reporting to regulatory authorities on (i) fraud detected during audit; and (ii) doubts about auditees solvency
Audit techniques:
Emergence of audit methodologies focusing on clients business risk (risk of auditees not meeting their objectives) Audit based on : - A thorough understanding of the client, its business, its industry and especially its risks; and - Identification of audit risk through analytical review Adaptation of auditing to the e-commerce, e-business environment
Relationships Among Auditors, Client, and External Users

Client or audit committee hires auditor Auditor issues report relied upon by users to reduce information risk
Auditor
Provides capital
Client
Client provides financial statements to users
External Users
Overview of the Financial Statement Audit Process
A need for theory:

A practical subject, wholly utilitarian Practice has developed without theory Public conception has evolved without theory
Can theory explain the existence of financial statement audit:

(1) AGENCY THEORY - Agency relationship : a contract under which one or more persons (principal) engage another person (agent) to perform some service on their behalf which involves delegating some decision making authority to the agent - assumptions : (a) rational utility maximisers; (b) information asymmetry - therefore auditors act as watchdog over the agents (directors) (2) INFORMATION HYPOTHESIS - an audit improves the quality of financial information (3) INSURANCE HYPHOTHESIS - audit serve as an insurance for managers (agents), managers shift responsibility for reported data to auditors and thus they lower the expected loss from litigation - politicians also demand audits for similar reasons, eg. to escape criticism in cases of failures
Audit Expectations Gap

A gap between what the public expects or needs and what the auditors can and should reasonably expect to accomplish Consider both perception of roles and ignorance gap Sources of expectation gap - Audit assurance: guarantee of accuracy versus a probabilistic statement, changing nature of auditors responsibility for detection of fraud - Audit reporting: perception of unqualified (clean) audit opinion, going concern debate - Audit independence: the centre of gap
Social Role of Auditing

To add credibility to financial statements (Mautz, 1975) Necessary for public to understand exactly what an audit can reasonably be expected to achieve Necessary that all relevant findings are communicated clearly
8 postulates about auditing (Mautz & Sharaf)

1. Financial statements and financial data are verifiable 2. There is no conflict of interest between the auditor and management of the enterprise under audit 3. The financial statements and other information submitted for verification are free from collusive and other unusual irregularities 4. The existence of a satisfactory system of internal control eliminates the probability of irregularities 5. Consistent application of GAAP will results in the fair presentation of the financial position and the results of operations 6. In the absence of clear evidence to the contrary, what has held true in the past for the enterprise under examination will hold true in the future 7. When examining financial data for the purpose of expressing an independent opinion, the auditor acts exclusively in the capacity of auditor 8. The professional status of the independent auditor imposes commensurate obligations
The 8 postulates led to 5 primary concepts of auditing

1. Evidence 2. Due audit care 3. Fair presentation 4. Independence 5. Ethical conduct
LECTURE 2 Overview of Financial Statement Audit
CAEA 2218 2010/2011,LECTURE 2 Slide 1
Auditing Standards
serve as guidelines and measures quality of the auditors performance GAAS generally accepted auditing standards: (1) General standards - adequate technical training & proficiency - independence - due professional care (2) Fieldwork standards - adequate planning & supervised assistants - obtain sufficient understanding of internal controls - obtain sufficient appropriate evidential matter (3) Reporting standards - GAAP - consistency - disclosure - opinion
CAEA 2218 LECTURE2-2Slide 2 2
GAAS
Management Assertions
Financial statements issued by management contain explicit and implicit assertions (1) Transactions - Management asserts that transactions related to inventory actually occurred (2) Account balances - Management asserts that the entity owns the inventory represented in the inventory account (3) Presentation and disclosures - Management asserts that the financial statements properly classify and present the inventory
Evidence Regarding Management Assertions & Sampling

Evidence that assists the auditor in evaluating managements financial statement assertions consists of the underlying accounting data and any corroborating information available to the auditor: RELEVANCE; RELIABILITY Sampling: inferences based on limited observations Auditors use (1) their knowledge about the transactions and/or (2) a sampling approach to examine the transactions. It would be too costly for the auditor to examine every transaction.
The Auditors Responsibility for Errors, Fraud, and Illegal Acts

The auditor has a responsibility to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or fraud Because of the nature of audit evidence and the characteristics of fraud, the auditor is able to obtain reasonable, but not absolute, assurance that material misstatements are detected The auditor has no responsibility to plan and perform the audit to obtain reasonable assurance that misstatements, whether caused by errors or fraud, that are not material to the financial statements will be detected
Ethics, Independence, and the Code of Professional Conduct

Ethics refers to a system or code of conduct based on moral duties and obligations that indicates how we should behave Professionalism refers to the conduct, aims, or qualities that characterize or mark a profession or professional person. All professions operate under some type of code of ethics or code of conduct
Clients Evaluation & Audit Risk

In conducting audit, the auditors need thorough understanding of the entity and its environment ( clients industry, regulations, operations, relationships, business strategies etc) Audit risk is the risk that the auditor will give an inappropriate audit opinion on financial statements:
Risk of material error occuring Inherent risk Internal control risk Risk of failing to detect material error Sampling risk Quality control risk
The auditors standard report states that the audit provides only reasonable assurance that the financial statements do not contain material misstatements Reasonable assurance implies some risk that a material misstatement could be present in the financial statements and the auditor will fail to detect it

AUDIT RISK
(the risk of expressing an unqualified opinion on materially misstated financial statements)
risk of material error occuring (non-controllable)
risk of failing to detect material error (controllable)
Inherent risk
Internal control risk
Sampling risk
Quality control risk
Management integrity
Account risk
Business risk
Failure to collect sufficient appropriate audit evidence and/evaluate it properly
FIGURE 3.3 The Component of audit risk Brenda Porter, Jon Simon and David Hatherly, Principles of External Auditing, 2nd Ed, 2003, John Wiley & Sons Ltd
CAEA 2218 LECTURE2-10 10 2 Slide

Inherent risk susceptibility of account balance/class of transactions to material misstatement Control risk that a misstatement could occur that could be material, either on its own or together with other misstatements, that would not be detected or prevented by accounting and internal control procedures, review the
Control environment Control procedures Managing risk and control monitoring
Detection risk that a misstatement would not be detected which might be material either on its own, or when aggregated with other misstatements
Materiality
Materiality is the magnitude of an omission or misstatement of accounting information that, in light of surrounding circumstances, makes it probable that the judgment of a reasonable person relying on the information would have been changed or influenced by the omission or misstatement (material if its omission would reasonably influence decisions) Not capable of general mathematical definition Has qualitative and quantitative elements
Risk-based auditing
Concentrating audit procedures on the areas of the clients systems/records that are likely to be at most risk of error, misstatement or fraud Needs some decision criteria to determine the acceptable level of risk
Legal and professional rights and duties

Who can be an auditor? Appointment and remuneration of auditors in theory in practice Removal and resignation of auditors May resign or be replaced Disclosure of circumstances Signals that are given to the market, media and stakeholders, both about auditee and auditors: What does a new appointment show? What does an unexpected exit show?
Auditors rights
Access to the companys books and accounts Explanation from the companys management
Auditors rights and responsibilities

Auditors rights
Access to the companys books and accounts Explanation from the companys management
Auditors responsibility to detect and report fraud, which includes

Misappropriation of corporate assets Manipulation of accounting information Deception of a third party
Auditors duties
1. STATUTORY DUTIES Companies Act Carry out investigation and form opinion as to whether proper accounting records have been kept, F/S are in agreement with the accounting records, auditors received all the information/explanation required, the received explanation/information is consistent with the F/S Under the Companies Acts, directors are required to prepare F/S which give a true and fair view of the companys state of affairs 2. COMMON LAW courts cases explain expectation from auditors such as reasonable skill, care, caution in the circumstances 3. PROFESSIONAL AUDITING STANDARDS AND GLINES informing/increasing the quality of audit work protecting the reputation of auditors shielding auditing from further government involvement mandatory compliance: disciplinary action may be taken by the profession (self regulation) 4. REGULATORY REQUIREMENTS requirements for listed companies, compliance with corporate governance requirements
Rules of professional conduct

1. 2. 3. 4. 5. Integrity Objectivity Competence Skill, care, diligence Courtesy and consideration
9 Fundamental principles of independent auditing (Auditors Code APB, 1996)

1. 2. 3. 4. 5. 6. 7. 8. 9. Accountability Integrity Objectivity and independence Competence Rigour Judgement Clear communication Association Providing value
Objectivity and independence

INDEPENDENCE: the cornerstone of auditing, an attitude of mind not a set of rules Auditors need to be independent (in fact) Possess an objective unbiased attitude of mind, evaluate evidence and express an opinion impartially without being influenced by personal bias And must also be seen to be independent (in appearance) not to give the impression to others that the auditor is not independent
Threats to auditors independence

Financial involvement with the audit client Personal or business relationship Favorable treatment from an audit client Litigation and other external pressures on the auditor Undue dependence on the audit client Provision of non-audit services to an audit client
Threats to objectivity and independence

Self-interest threat Self review threat Management threat Advocacy threat Familiarity threat Intimidation threat
Ethical standards have been issued to promote alertness and define procedures to identify and assess significance of threats
Proposal for strengthening independence

1. Mandatory rotation of auditing firm 2. Mandatory rotation of audit partner 3. Appointment of auditors by shareholder/stakeholder panel 4. More vigorous Audit Committees 5. Appointment of auditors by the government Other professional conduct issues conflict of interests, advertising, publicity, remuneration, insider dealing, money laundering, whistle-blowing
Audit phases
1. Client acceptance/continuance; and establishing an understanding with the client 2. Preliminary engagement activities 3. Establishing materiality and assess risks 4. Plan the audit 5. Consider and audit companys internal control 6. Audit business processes and related accounts 7. Complete the audit 8. Evaluate results and issue audit report
Audit Report
The auditors report (audit opinion) is the culmination of audit process For companies, auditor is statutorily required to report to the companys shareholders, although he/she should be aware that other interested parties/stakeholders will use the report The report communicates the auditors conclusion about, among other things:
The truth and fairness with which the statements portray the entitys financial position; and Their compliance (or otherwise) with the Companies Act
Audit Report
The auditor is also required to communicate with those charged with the companys governance. Will address: Various aspects of the audit; Various aspects of the entitys financial affairs; Material weaknesses in entitys financial affairs; material weaknesses in entitys control system uncovered by the audit; and Ways in which such control weaknesses may be overcome This communication is often referred to as a management letter (ML) ML normally focused exclusively on internal control weaknesses and how they might be rectified Current practices of ML is broader in scope, but maintain a private communication with the management and contents are not generally revealed to shareholders or other third parties
Audit Report
Under the Companies Act 1965, the directors are responsible for preparing financial statements, and The auditors have responsibility of examining the financial statements, and its requirements indicate the issues auditors must look at to determine the type of audit report they will give. They are required to form and express an opinion as to whether they give a true and fair view of the companys state of affairs and its profit or loss for the period of account under consideration, and whether they comply with the provisions of the Act as regards form, content and notes Audit report usually is the only channel of communication between the auditor and shareholders of the company the financial statements of which have been subject to audit The report acts as a bridge taking the large volume of information possessed by auditors and conveying it to the shareholders in a much abbreviated form In order to convey information in a succinct form, the audit report has become an extremely formalised group of phrases, each of which has special significance. Any deviation from the standard format is regarded by auditors as significant and may provide important extra data
Audit Report
Auditors have to understand the following details: The form of an unqualified report and the meaning of the phrases used; The situation where a qualified audit report is needed and how such report should be phrased; The situation where, although the opinion is unqualified, it may be relevant to include additional details emphasizing one particular aspect of the financial statements
AUDITOR CANNOT GUARANTEE OR CERTIFY THAT FINANCIAL STATEMENTS ARE CORRECT.
Audit Report
If financial statements are found to meet the necessary regulatory requirements and other requirements, and provide a true and fair view, the auditor may not have problem but if they do not meet the requirements or are in some other respect deemed by their auditors flawed or inadequate, the extent of that problem must be gauged in terms of the effect it will have on their overall opinion Auditors opinion on financial statements may be one of two basic types: 1. Unqualified/unmodified (i.e., clean); or 2. Qualified/modified (except for opinion; adverse opinion; and disclaimer of opinion).
The Audit Report

The title line of the audit report includes the word Independent, and usually, the report is addressed to the stockholders of the company. Basic elements of the audit report include title, introductory paragraph, statement of responsibilities of directors and auditors, a scope paragraph or basis of opinion, an opinion paragraph, an explanatory paragraph referring to the audit of internal control, auditors signature, the name of the auditor or audit firm, and the date of the audit report.
- Refer to auditors reports that come together with companies annual reports you could search annual reports for listed companies in Malaysia via www.bursamalaysia.com
The Audit Report

The auditor may issue a qualified opinion.
Suppose a clients financial statements contain a misstatement that the auditor considers material and the client refuses to correct the misstatement. The auditor will likely qualify the report, explaining that the financial statements are fairly stated except for the misstatement identified by the auditor.
The auditor may issue an adverse opinion.

Suppose a clients financial statements contain a misstatement that the auditor considers so material that it pervasively affects the interpretation of the financial statements. Given such a situation, the auditor will issue an adverse opinion, indicating that the financial statements are not fairly stated and should not be relied upon.
LECTURE 3 Risk Assessment and Materiality
CAEA 2218 -LECTURE 3 Slide 1 -30

AUDIT RISK
(the risk of expressing an unqualified opinion on materially misstated financial statements)
risk of material error occuring (non-controllable)
risk of failing to detect material error (controllable)
Inherent risk
Internal control risk
Sampling risk
Quality control risk
Management integrity
Account risk
Business risk
Failure to collect sufficient appropriate audit evidence and/evaluate it properly
FIGURE 3.3 The Component of audit risk Brenda Porter, Jon Simon and David Hatherly, Principles of External Auditing, 2nd Ed, 2003, John Wiley & Sons Ltd
CAEA 2218 - LECTURE 3 Slide 2 -30
Engagement Risk
Auditors exposure to financial loss and damage to professional reputation. Client and 3rd party lawsuits Negative publicity Audit Risk Model :
Audit Risk = IR CR DR Inherent risk and control risk are risks that material misstatements exist Detection risk is risk that auditor fail to detect misstatements which include sampling risk, non-sampling risk, inappropriate audit procedures or misinterpreting audit results
Using the Audit Risk Model

Assess the clients business risks.
Assess the risk of material misstatement due to error or fraud.
AR =
IR CR
Auditee risk
DR
Using the Audit Risk Model

Set a planned level of audit risk such that an opinion can be issued on the financial statements. Assess inherent risk and control risk. Use the audit risk equation to solve for the appropriate level of detection risk: AR = IR CR DR DR = AR / (IR CR) Auditors will calculate measures of audit risk and use the identified level to design audit procedures that could will reduce audit risk to an acceptable level.
Limitations of the Audit Risk Model

The audit risk model is a planning tool, but it has some limitations that must be considered when the model is used to revise an audit plan or to evaluate audit results. The desired level of audit risk may not actually be achieved. It does not consider potential auditor error. There is not way of knowing what the preliminary level of risk actually was.
The Auditors Risk Assessment Process

- Auditors must obtain sufficient understanding of the entity to identify business risks and comprehend the potential misstatements that may result - Business risks include any external or internal factors, pressures, and forces that bear on the entitys ability to survive and generate profit STEPS Perform risk assessment to obtain understanding of the entity and its environment, including internal control. Identify business risks that may result in material misstatements of the financial statements. Evaluate the entitys response to those business risks and obtain evidence of their implementation. Assess the risk of material misstatement at the assertion level and determine the audit procedures that are necessary based on that risk assessment. METHODS to achieve these would include inquiries of management and others, analytical procedures, observation and inspection
Identifying Business Risks

Examples of conditions or events that indicate the existence of business risks:
Significant changes in the entity (e.g., acquisitions and reorganizations). Significant changes in the industry. Significant new products, services, or lines of business. New locations. Significant changes in the IT environment. Operations in areas with unstable economies. High degree of complex regulation.
Assessing the Risk of Material Misstatement Due to Error or Fraud

To assess the risk of material misstatement, the auditor:
Identifies risks by considering the entity and its environment, including controls that relate to the risks; and by relating these risks to the classes of transactions and account balances in the financial statements. Relates the identified risks to what can go wrong at the assertion level. Considers whether the risks are of a magnitude that could result in a material misstatement. Considers the likelihood that the risks will result in a material misstatement.

Types of misstatements include:
A difference between the amount, classification, or presentation of a reported financial statement element, account, or item and the amount, classification, or presentation that would have been reported under GAAP. The omission of a financial statement element, account, or item. A financial statement disclosure that is not presented in accordance with GAAP. The omission of information required to be disclosed in accordance with GAAP.

Errors are unintentional misstatements:
Mistakes in gathering or processing financial data used to prepare financial statements. Unreasonable accounting estimates arising from oversight or misinterpretation of facts. Mistakes in the application of accounting principles relating to amount, classification, manner of presentation, or disclosure.

Fraud involves intentional misstatements. The fraud risk identification process includes:
Sources of information about possible fraud

Communications among the audit team Inquires of management and others Fraud risk factors Analytical procedures Other information
Conditions indicative of fraud

Incentives/pressures Opportunities Attitudes/rationalization
Auditor identifies risks of material misstatement due to fraud.


Three conditions usually exist when fraud occurs.
Incentive or pressure to commit fraud
Opportunity to commit fraud
Attitude or rationalization to justify fraud

Fraud involves intentional misstatements.
Fraudulent financial reporting
Misappropriation of assets

Fraudulent financial reporting includes acts such as the following:
Manipulation, falsification, or alteration of accounting records or supporting documents used to prepare financial statements. Misrepresentation in, or intentional omission from, the financial statements of events, transactions, or significant information. Intentional misapplication of accounting principles relating to amount, classification, manner of presentation, or disclosure.

Fraudulent Financial Reporting Risk Factors Relating to Incentive/Pressure include:
Excessive pressure for management to meet third party expectations Excessive pressure for management to meet financial targets Financial stability or profitability is threatened
Managements personal financial situation is threatened

Fraudulent Financial Reporting Risk Factors Relating to Opportunities include:
Nature of the industry Complex or unstable organizational structure
Ineffective monitoring of management
Deficient internal control

Risk Factors Relating to Attitudes/Rationalizations

Fraudulent Financial Reporting Risk Factors Relating to Attitudes/Rationalizations include:
Use of inappropriate accounting based on materiality
Poor communication channels for reporting inappropriate behavior
Failure to correct known reportable conditions
Weak ethical standards for Management behavior


Misappropriation of assets involves the theft of an entitys assets to the extent that financial statements are misstated. Examples include:
Stealing assets
Paying for goods and services not received
Embezzling cash received

Misappropriation of Assets Risk Factors for Misappropriation of Assets include:
Access to assets Inadequate separation of duties Lack of inventory control Employee disregard of internal control Adverse employee management relationships No mandatory vacation policy Personal financial pressures Small, valuable inventory items
Sudden changes in employee behavior

Auditors Response to the Risk Assessment

Assess the risk of material misstatement at the financial statement and assertion levels. Financial statement level risks Assertion level risks
Develop an overall response.
Yes
Do these risks relate pervasively to the financial statements?
Determine what can go wrong at the account or assertion level.
Assess the risk of material misstatement for the nonsignificant risks.
Is this a significant risk?
Yes
Respond to those risks.
Respond to significant risks.
Evaluation of Audit Test Results

At the completion of the audit, the auditor should consider whether the accumulated results of audit procedures affect the assessments of the entitys business risk and the risk of material misstatement. The total uncorrected misstatements that were detected should be aggregated to determine if they cause the financial statements to be materially misstated. If the auditor concludes that the total misstatements cause the financial statements to be materially misstated, the auditor should request management to eliminate the material misstatement. If the management does not do so, the auditor should issue a qualified or adverse opinion. If the auditor determines that the misstatement is or may be the result of fraud, and either has determined that the effect could be material or has been unable to evaluate whether the effect is material, the auditor should:
Evaluation of Audit Test Results

Attempt to obtain audit evidence to determine whether, in fact, material fraud has occurred and, if so, its effect. Consider the implications for other aspects of the audit. Discuss the matter and the approach to further investigation with an appropriate level of management that is at least one level above those involved in committing the fraud and with senior management. If appropriate, suggest that the client consult with legal counsel.
If the results of the audit tests indicate a significant risk of fraud, the auditor should consider withdrawing from the engagement and communicating the reasons for withdrawal to the audit committee or others with equivalent authority and responsibility.
Documentation of the Auditors Risk Assessment

The auditor should document: Discussions among engagement personnel. Procedures performed to identify and assess the risks of material misstatement due to fraud. Risks of identified material misstatement due to fraud and a description of the auditors response to the risks. Fraud risks or other conditions that result in additional audit procedures. The nature of the communications about fraud made to management, the audit committee, and others.
Communications about Fraud

Whenever the auditor has found evidence that a fraud may exist, that matter should be brought to the attention of an appropriate level of management. Fraud involving senior management and fraud that causes a material misstatement of the financial statement should be reported directly to the audit committee of the board of directors. The auditor should reach an understanding with the audit committee regarding the expected nature and extent of communications about misappropriations perpetrated by lower-level employees.
Communications about Fraud

The disclosure of fraud to parties other than the clients senior management and its audit committee ordinarily is not part of the auditors responsibility and ordinarily would be precluded by the auditors ethical and legal obligations of confidentiality. However, the auditor may have a duty to make disclosure to others outside the entity when the following conditions exist: To comply with certain legal and regulatory requirements To a successor auditor when the successor makes inquiries in accordance with the standards [Communications between Predecessor and Successor Auditors] In response to a subpoena To a funding agency or other specified agency in accordance with requirements for the audits of entities that receive governmental financial assistance
Materiality
The magnitude of an omission or misstatement of accounting information that makes it probable that the judgment of a reasonable person relying on the information would be changed or influenced by the omission or misstatement. Materiality is not an absolute, its determination requires professional judgment.
Materiality
The quantitative base for materiality is a percentage (typically 3 to 5 percent) of: total assets; total revenues; income before taxes; income from continuing operations; gross profit; three-year average of income before taxes The quantitative amounts may be adjusted lower for qualitative factors such as: first-year engagement; control weaknesses; management turnover; high market pressures; high fraud risk; higher than normal risk of bankruptcy
Steps in Applying Materiality on an Audit

Step 1: Determine a material level for the overall financial statements
(planning materiality)
Step 2: Determine tolerable misstatement

(allocation of materiality at individual account/class of transactions level)
Step 3: Evaluate auditing findings

(near the end of the audit)
say, are those who know equal to those who do not know?"
[The Quran, Chapter 39(Az-Zumar ), Verse 9]
only those who have knowledge among His slaves fear Him"
[The Quran, Chapter 35(Faatir), Verse 28]
"What I fear most for you is a hypocrite with a knowledgeable tongue. Umar bin Al-Khattab, 2nd Caliph
LECTURE 4 Audit Evidence and Procedures
CAEA 2218 - LECTURE 4 Slide 1 - 24
Relationship of Audit Evidence to the Audit Report

Financial statements Audit report
Management assertions about components of financial statements Evidence on the fairness of the financial statements
Audit procedures
1. 2. 3. 4. 5. Existence or occurrence Completeness Valuation or allocation Rights and obligations Presentation and disclosure
Transactions related audit objectives

Existence recorded transactions exists Completeness existing transactions are recorded Accuracy recorded transactions are stated at correct amounts Classification transactions are properly classified Timing transactions are recorded on the correct date Posting and summarization transactions are included in the master files and are correctly summarized
Management assertions Transactions related audit objectives

1- Existence or occurence Existence 2- Completeness Completeness 3- Valuation or allocation Accuracy; Classification; Timing; Posting and Summarization 4- Rights and Obligations na 5- Presentation and disclosure na
Balance related audit objectives

1- Existence amount included exists 2- Completeness existing amounts are included 3- Accuracy amounts included are stated at the correct amounts 4- Classification amounts are properly classified 5- Cutoff transactions are recorded in the proper period 6- Detail tie in account balances agree with master file amounts, and with general ledger 7- Realizable value assets are included at estimated realizable value 8- Rights and obligations assets must be owned 9- Presentation and disclosure account balances and disclosures are presented in financial statements
Management assertions Balance related audit objectives

1- Existence or occurence Existence 2- Completeness Completeness 3- Valuation or allocation Accuracy; Classification; Cut-off; Detail tie-in; Realizable value 4- Rights and Obligations Rights and obligations 5- Presentation and disclosure Presentation and disclosure
How audit objectives are met?

Auditor must obtain sufficient competent audit evidence to support all management assertions in the financial statements Audit process a methodology for organizing audit Audit procedures specific acts performed by the auditor to gather evidence to determine if specific assertions are being met : Risk assessment procedures Test of controls Substantive procedures
Audit Procedures
A set of audit procedures prepared to test assertions for a component of the financial statements is referred to as an audit program. Example:
Audit Program for Accounts Receivable Management Assertions Audit Procedures Existence Confirm receivables. Rights and Obligations Ask if receivables have been sold. Completeness Agree controlling account with total of subsidiary accounts. Examine sales invoices immediately before and after year-end for proper cutoff. Valuation or allocation Trace accounts from aged trial balance to subsidiary accounts. Test the adequacy of the allowance account. Presentation and disclosure Look for amounts due from related parties. Evaluate receivables for footnote disclosure.
Audit Evidence
Auditors should obtain sufficient appropriate audit evidence to be able to draw reasonable conclusion on which to base the audit opinion. SAS 400.1 the facts presented to the mind of a person for the purpose of enabling him to decide a disputed question. Mautz (1958) the information the auditors obtain in arriving at the conclusions in which their report is based- comprises of source documents and accounting records underlying the financial statement assertions and corroborative information from other sources APB Glossary of Terms
CAEA 2218 -LECTURE 4 Slide 10 - 24
Audit Evidence
All the information used by the auditor in arriving at the conclusions on which the audit opinion is based. Nature of audit evidence records of initial entries and supporting records; general and subsidiary ledgers; adjustments to financial statements; invoices; worksheets; contracts; spreadsheets supporting cost allocations; other computations, reconciliations and disclosures
Audit Evidence
Usually is pervasive rather than conclusive, to be sought from different sources or of different nature to support same assertions Comprises information and impressions accumulated during course of the audit which, taken together, allow the auditor to form an opinion Audit evidence is influenced by: Assessment of risk at F/S level and individual account Nature of accounting and internal control systems Materiality of the item Timeliness of information provision Relevance Auditors knowledge and experience of the business Findings from audit procedures Source and reliability of the information (independent? third party expert? Qualifications of provider?
Audit Evidence
Sufficiency is a measure of the quantity of audit evidence: Greater risk of misstatement requires higher quantity of audit evidence Higher quality of audit evidence results in a lower quantity of audit evidence Appropriateness is a measure of the quality of audit evidence relevance & reliability: Independence source of the evidence Effectiveness of internal control Auditors direct personal knowledge Documentary evidence Original documents
Audit Evidence
Evaluation of audit evidence requires and understanding of the types and relative reliability of available evidence Auditor should be thorough in searching for evidence and not biased in its evaluation Procedures in obtaining evidence includes:
Inspection of records and documents Calculate and Recalculation Reconciliations Vouch; Read; Trace Examining Inquiry Scanning Confirm; Compare (analytical data) Observation Inspection of tangible assets physical evidence Analytical procedures Re-perform (of procedures)
Audit Evidence
Mautz and Sharaf (1961) classified evidence into 3 classes: (i) natural evidence; (ii) created evidence; (iii) rational argumentation Auditors have to consider the relationship between the cost of obtaining audit evidence and the usefulness of the information obtained because resources at the disposal of auditors are limited, not least because audits have to be competitively tendered for and audit firm is profit-seeking
Reliability of evidence
High - inspection of tangible assets; re-performing; recalculation; inspection of records and documents Medium - scanning; confirmation; analytical procedures Low observation; inquiry
Combining Evidence
Go beyond simple analysis to the implications of what found Look for relationships of cause and effect among variables
Analytical tasks
Understanding the knowledge of how things hang together
Speculate or infer what the differences and similarities mean
How things within a topic relate to each other
Look for similarities, difference and the implications
Audit Procedures for Obtaining Audit Evidence

Vouching (Occurrence)
Source Documents
Ledger
Tracing (Completeness)
Inspection of records and documents
Evidence obtained from external documents is more reliable than evidence obtained from internal documents.

In conducting inquiry, the auditor should: Consider the knowledge, objectivity, experience, responsibility, and qualifications of the person to be questioned. Ask clear, concise, and relevant questions. Use open or closed questions appropriately. Listen actively and effectively. Consider the reactions and responses, then ask follow-up questions. Evaluate the response.
Inquiry

Inquiry
Information Frequently Confirmed by Auditors Cash balance Accounts receivable Inventory on consignment Accounts payable Bonds payable Common stock outstanding Insurance coverage Collateral for loans
Source of Confirmation Bank Individual customers Consignee Individual vendors Bondholders/trustee Registrar/transfer agent Insurance company Creditors
Confirmation

Recalculation - Determining the mathematical accuracy of documents or records. Re-perform - The auditors independent execution of procedures or controls that were originally performed as part of the internal control system. Observation - The process of watching a process or procedure being performed by others. Inspection of Intangible Assets - Physical examination of a tangible asset. Scanning - Review of accounting data to identify significant or unusual items. Analytical Procedures - Evaluations of financial information made by a study of plausible relationships among both financial and nonfinancial data.
Audit Documentation
The auditors principal record of the audit procedures performed, evidence obtained,and conclusions reached.
Audit documentation (working papers) have two functions: To provide support for the audit report. To aid in the conduct and supervision of the audit.
Audit Documentation
Audit documentation should: Demonstrate how the audit complied with auditing and related professional practice standards; Show that the underlying accounting records agreed with financial statements; Include a written audit program detailing auditing procedures necessary to accomplish audit objectives Enable knowledgeable and experienced reviewer to: understand the nature, timing, extent and results of audit procedures, evidence obtained and conclusions reached Determine who performed and reviewed the work, as well as dates of the work and reviews
Audit Documentation
Audit documentation is normally maintained in two files: Permanent files - Corporate charter; Important contracts; Chart of accounts; Internal control documentation; Organization chart; Terms of stock and bond issues; Accounting manual; Prior years analytical procedures Current files - Audit plan; audit report; Adjusting journal entries; Audit programs; Reclassification journal entries; Working trial balance; Current financial statements; Minutes of meetings; Working papers supporting accounts Format: Heading client name, title of the working paper, clients year end date Indexing and cross-referencing notations that provide a trail from financial statements to audit documents Tick marks notations made next to work paper items indicating auditor/reviewer actions
Audit Documentation
Audit documentation should be organized so that audit team members and others can find evidence supporting financial statement accounts All audit documentation is the property of the auditor including documents prepared by clients at auditors request Regulations requires audit documentation to be retained for seven years from the completion date of the engagement
Jangan berpuasa tanpa agama. Jangan beragama tanpa Tuhan. Wahai orang-orang yang beriman, puasa diwajibkan ke atas kamu sebagaimana ia telah diwajibkan ke atas umat sebelummu, agar (dengan puasa itu) kamu menjadi insan yang bertaqwa [Al-Baqarah : 185]
CAEA 2218 -LECTURE 4 Slide 25 - 24
LECTURE 5 Audit Planning and Tests
CAEA 2218 - LECTURE 5 Slide 1
Making an important distinction

Audit objectives is the object of the auditors investigation it is what the auditor is trying to find out and the purpose for which the audit procedures are performed Audit procedures are methods used to gather audit evidence; audit tests and audit techniques are often used interchangeably with audit procedures
Hierarchy of audit objectives

Overall audit objectives Do the financial statements give a true and fair view of the entitys financial position and performance General audit objectives
Are internal controls complied with?
Are sales fairly stated
Are contingent liabilities disclosed
Do the financial statements comply with applicable accounting standards
Specific audit objectives
Are sales transactions authorized?
Are recorded sales transactions valid?
Are recorded sales transactions complete?
Are sales transactions correctly classified?
Are recorded Are sales sales amount transactions correct? recorded in the correct period
Brenda Porter, Jon Simon and David Hatherly, Principles of External Auditing 2nd Edition, 2003, John Wiley and Sons Ltd
Audit Steps
1-Appointment of auditors at AGM 2-Letter of engagement sent to client 3-Gain understanding of the clients Activities and circumstances 7-Test transactions and account balances
8-Completion and review
4-Overall analytical review
5-Gain understanding of the clients accounting systems and evaluate internal control 6-Test internal control strength through compliance testing
9-Reporting for: (i)Shareholders and external parties; (ii) Those charged with governance of the entity
10-Re-appointment at companys AGM
CAEA 2218 -LECTURE 5 Slide 4
How Audit Phases relate to Planning

Client acceptance or continuance Establish an understanding with the client Preliminary engagements activities Assess risks and establish materiality
Plan the audit
Accepting / Continuing a client

Accepting a client:
1. 2. 3. 4. 5. 6. Obtain and review financial information; Inquire of third parties; Communicate with the predecessor auditor; Consider unusual business or audit risks; Determine if the firm is independent; Determine if the firm has the necessary skills and knowledge; 7. Determine if acceptance violates any applicable regulatory agency requirements or the Code of Professional Conduct.
Continuing a client:
o Evaluate client retention periodically - near audit completion or after a significant event o Consider conflict over accounting/auditing issues and dispute over fees if there are
Establish Terms of the Engagement

The terms of the engagement, which are documented in the engagement letter, should include the objectives of the engagement, managements responsibilities, the auditors responsibilities, and the limitations of the engagement. In establishing the terms of the engagement, three topics must be discussed:
1. The engagement letter; 2. The internal auditors; 3. The audit committee.
The engagement letter formalizes the agreement reached between the auditor and client, engagement letter may also include:
1. Arrangement for use of specialists or internal auditor; 2. Any limitations of ability of the auditor or client; 3. Additional services to be provided and arrangements for these services.
Internal Auditors
Internal Auditors
The Audit Committee

Is a sub-committee to board of directors No specific requirements for privately held companies Section 301 of Sarbanes-Oxley Act requires the following for audit committee members of publicly held companies: o Member of board of directors and independent. o Directly responsible for overseeing work of any o registered public accounting firm employed by the o company. o Must pre-approve all audit and non-audit services provided by its auditors. o Must establish procedures to follow for complaints. o Must have authority to engage independent counsel.
Preliminary Engagement Activities

Determine requirements of the audit engagement teams; Assess compliance with ethical requirements, including independence Assess risks and establish materiality: o Involve use of audit models o Restricts risk at account balance level o Achieve acceptable level of audit risk
Planning the Audit

Auditor should plan the audit work so as to perform the audit in an effective manner (SAS 200) Ensure that appropriate attention is devoted to the different areas of auditing Ensure that potential problems are identified Assists in the proper assignment of work to members of the audit team Coordination of audit work Ensures that audit performed in efficient and timely manner Details the audit strategy for conducting the audit Helps the auditor determine what resources needed to perform the audit work When preparing the audit plan, the auditor should be guided by the results of the risk assessment procedures performed to gain an understanding of the entity. Additional steps: Assess the need for specialist. Assess the possibility of illegal acts. Identify related parties. Conduct preliminary analytical procedures. Consider additional value-added services. Document Audit Strategy and Plan and Prepare Audit Programs
Specialists
A major consideration is planning the audit is the need for specialist (AU 336). The use of an IT specialist is a significant aspect of most audit engagements. The presence of complex information technology may require the use of an IT specialist.
Illegal Acts
Direct and material : Consider laws & regulations as part of audit Material & Indirect : Be aware of its possibility of occurrence and investigate if brought to attention
Related Parties
Examples from FASB No. 57: Related Party Disclosure :
i- Affiliates of the enterprise; ii- Entities using equity method to account for investments; iii- Trusts for benefit of employees; ivPrincipal owners of enterprise; v- Management; vi- Immediate families of the principal owners & management; vii- Other parties that can have significant influence.
How to Identify Related Parties o Review board minutes. o Review conflict-of-interest

statements. o Review transactions with major customers, suppliers, borrowers, and lenders. o Review large, unusual, or nonrecurring transactions especially at year end. o Review loan agreements for guarantees.
Diagram of Planning Process

Control risk Risk assessment Inherent risk
General strategy
Consider testing strategy
Consider types of tests
Prepare audit programs
Preliminary Analytical Procedures

To understand the clients business and transactions To identify financial statement accounts likely to contain errors By understanding the clients business and identifying where errors are likely to occur, the auditor can allocate more resources to investigate necessary accounts.
Additional Value-Added Services

Auditors who audit public companies are limited in the types of consulting services that they can offer their audit clients. Tax Planning System design and integration Internal reporting Risk assessment Benchmarking Electronic commerce
Document Audit Strategy and Plan

These involves documenting the decisions about audit tests: Nature Timing Extent The auditor documents how the client is managing its risk (via internal control processes) and the effects of the risks and controls on the planned audit procedures. Auditors ensure they have addressed the risks they identified by documenting the linkage from the clients business, objectives, and strategy to the audit plan. The auditors preliminary decision concerning control risk determines the level of control testing, which in turn affects the auditors substantive tests of the account balances and transactions.
Document Audit Strategy
Types of Audit Tests

Risk assessment procedures: used to obtain an understanding of the entity and its environment, including internal controls. Test of controls: directed toward the evaluation of the effectiveness of the design and implementation of internal controls; Involves inquiry, inspection, observation, walk through, reperformance Substantive procedures: detect material misstatements in a transaction class, account balance, and disclosure component of the financial statements; Includes (i) test of details- tests for errors or fraud in individual transactions (ii) analytical procedure- obtains evidential matter about particular assertions related to account balances or classes of transactions
Tests of Controls
Analytical Procedures
Stages of analytical procedures: 1. Preliminary analytical procedures - to assist the auditor to better understand the business and to plan the nature, timing, and extent of audit procedures. 2. Substantive analytical procedures - to obtain evidential matter about particular assertions related to account balances or classes of transactions. 3. Final analytical procedures - used as an overall review of the financial information in the final review stage of the audit. Types of analytical procedures Trend analysis Ratio analysis:
Short term liquidity ratio- current ratio, quick ratio, ratios of operating cash flow Activity ratio- receivables (AR) turnover, days outstanding in AR, inventory turnover, days of inventory on hand Profitability ratio- percentage of gross profit, profit margin, return on assets, return on equity Coverage ratio- debt to equity, times interest earned
Reasonableness analysis
Substantive Analytical Procedures Decision Process
Substantive Analytical Procedures Decision Process

Develop an expectation is the first step in the decision process for the amount or account balance. This is the most important step in performing analytical procedures. Auditing standards require the auditor to have an expectation whenever analytical procedures are used. An expectation can be developed using a variety of information sources such as financial and operating data, budgets and forecasts, industry publications, competitor information, managements analyses, analysts reports.
Tolerable differences size depends on the significance of the account, the desired
degree of reliance on the substantive analytical procedures, the level of disaggregation in the amount being tested, and the precision of the expectation.
Compare the expectation to the recorded amount and investigate any differences
greater than the tolerable difference Preliminary analytical procedures differences not requires corroborating evidence Final analytical procedures differences requires corroborating evidence
Audit Testing Hierarchy
Filling the Assurance Bucket
Example of Filling the Assurance Buckets for Each Assertion (Accounts Payable)
End of lecture 5
Translation of Sahih Bukhari: Volume 1, Book 3, Number 73: Narrated 'Abdullah bin Mas'ud: The Prophet said, "Do not wish to be like anyone except in two cases. (The first is) A person, whom Allah has given wealth and he spends it righteously; (the second is) the one whom Allah has given wisdom (the Holy Qur'an) and he acts according to it and teaches it to others." (Fateh-al-Bari page 177 Vol. 1) Volume 1, Book 3, Number 85: Narrated Abu Huraira: The Prophet said, "(Religious) knowledge will be taken away (by the death of religious scholars) ignorance (in religion) and afflictions will appear; and Harj will increase." It was asked, "What is Harj, O Allah's Apostle?" He replied by beckoning with his hand indicating "killing." (Fateh-al-Bari Page 192, Vol. 1)
4-29
LECTURE 6 Internal Control Review and Assessment of Control Risk
Internal Control
Internal controls is a company's policy for conducting business in a consistent manner, protecting sensitive information relating to customers and business operations and limiting the ability of employees and managers to conduct fraud or embezzlement. Public companies are held to a higher scrutiny regarding their internal controls since the passage of the Sarbanes-Oxley Act of 2002. This legislation was passed after the major accounting frauds found in Enron and WorldCom, two of the largest corporate bankruptcies in the history of U.S. business. Internal controls should be designed to limit the amount of internal business risk, although that is not always the case. A major risk with internal controls is who sets up the controls and reviews how the controls work in the daily operations of business operations. Companies that use internal managers or accountants to set up their internal controls process may not take an objective look at the company prior to designing the internal controls. This results in poor internal controls because internal employees may not believe their company has that many problems; this mindset leads to few or highly ineffective internal controls. When reviewing company processes and designing internal controls, management should consult an outside public accounting firm about designing and implementing internal controls. An outside look into company operations will usually find more areas needing internal controls, creating a stronger internal control system.
Internal Control
Once internal controls are in place, management must be responsible for reviewing the information produced by these controls to ensure the company is operating according to its internal guidelines. Managers may not be willing to take on the extra paperwork, leaving internal control reviews at a standstill when assessing their effectiveness. Companies normally use several managers and supervisors to review the internal control process, spreading the workload around the company. Using multiple levels of company management can also strengthen the review process, allowing several individuals to provide input for eliminating internal control risk. Internal controls may limit a company's ability to take on new operations or expand existing operations if the controls create too many barriers for reviewing new information. Companies may set up a system that only reviews business operations as they currently exist, not planning for a possible expansion or for growth. Inflexible internal controls will require managers to completely rework the internal controls systems for new operations, creating higher operating costs and increasing the time spent on business expansion. Once internal controls are in place and management reviews the internal controls for effectiveness, they should also review the flexibility of internal controls for gathering and reviewing new information.
Internal Control
Internal control plays an important role in how management meets its stewardship or agency responsibilities. Management has the responsibility to maintain controls that provides reasonable assurance that adequate control exists over the entitys assets and records. Proper internal control not only ensures that assets and records are safeguarded but also creates an environment in which efficiency and effectiveness are encouraged and monitored. Management also needs a control system that generates reliable information for decision making. The auditor needs assurance about the reliability of the data generated by the information system in terms of how it affects the fairness of the financial statements and how well the assets and records of the entity are safeguarded. The auditor uses risk assessment procedures to obtain an understanding of the entitys internal control and uses this understanding to identify the types of potential misstatements, ascertain factors that affect the risk of material misstatement, and design tests of controls and substantive procedures.
Internal Control
The auditors understanding of the internal control is a major factor in determining the overall audit strategy. The auditors responsibilities for internal control are discussed under two major topics: (1) obtaining an understanding of internal control and (2) assessing control risk. Objectives of internal control: 1. Reliability of financial reporting 2. Efficiency and effectiveness of operations 3. Compliance with laws and regulations Internal controls pertaining to the preparation of financial statements for external purposes are relevant to an audit. Controls relating to operations and compliance objectives may be relevant when they relate to data the auditor uses to apply auditing procedures. The auditor should obtain an understanding of each of the five components of internal control in order to plan the audit. This knowledge is used to: 1.Identify types of potential misstatements 2.Design tests of controls and substantive procedures 3.Pinpoint the factors that affect the risk of material misstatement
Other Auditors responsibility

Pursuant to paragraph 15.24 of the KLSE Listing Requirements, auditors are required to review the Directors Statement on Internal Control with regard to the state of internal control of the listed issuer and report the results thereof to the Board of Directors of the listed issuer (MIA Recommended Practice Guide 5) Objective of the review by auditors is to assess whether the Statement on Internal Control appropriately reflects processes the Directors (or its committees) have adopted in reviewing the sufficiency and integrity of the internal control system. Auditors will usually perform procedures to obtain appropriate evidence for this review. The auditors are not expected to actively search for misstatements or inconsistencies; however if found/aware discussion with Directors is necessary to seek to establish the significance of the lack of proper disclosure auditors should consider implications on their reporting responsibilities and may need to take legal advice should the Directors cannot be persuaded to amend the disclosure to auditors satisfaction. http://www.mia.org.my/handbook/guide/Default.htm
Components of Internal Control
Components of Internal Control
Internal Control Environment

Factors Affecting the control environment: 1. Communication and enforcement of integrity and ethical values 2. A commitment to competence 3. Participation of those charged with governance (board of directors or audit committee) 4. Management philosophy and operating style 5. Organizational structure 6. Assignment of authority and responsibility 7. Human resources policy and practices
Planning an Audit Strategy

Audit Risk Model
AR = IR CR DR
Assertions and control activities

Occurrence transactions and events that have been recorded have ocured and pertain to the entity Completeness all transactions and events that should have been recorded, have been recorded Authorization all transactions and events are properly classified Accuracy amounts and other data relating to recorded transactions and events have been recorded appropriately Cutoff transactions and events have been recorded in the correct accounting period Classification transactions and events have been recorded in the proper accounts
Assertions and control activities
Control Risk
After obtaining an understanding of internal control, an auditor may choose to follow a (i) substantive strategy and set control risk at the maximum for some or all assertions because of one or all of the following factors: Controls do not pertain to an assertion Audit Risk Model Controls are assessed as ineffective Testing the effectiveness of controls is inefficient AR = IR CR DR (ii) reliance strategy if the auditors assess control risk below maximum and decided to rely on the internal control The risk assessment process should consider external and internal events and circumstances that may arise and adversely affect the entitys ability to initiate, record, process and report financial data consistent with the assertions of management in the financial statements. Client business risk can arise or change due to the following circumstances:
changes in the operating environment; changing personnel; rapid growth; new or revamped information systems; new business models, products, or activities; new accounting pronouncements; new technology; expanded international growth; corporate restructuring
Control Risk
Auditors should consider client accounting system when assessing control procedures/risk - an effective accounting system gives appropriate consideration to establishing methods and records that will :
1.Identify and record all valid transactions. 2.Describe on a timely basis the transactions in sufficient detail to permit proper classification of transactions for financial reporting. 3.Measure the value of transactions in a manner that permits recording their proper monetary value in the financial statements. 4.Determine the time period in which transactions occurred to permit recording of transactions in the proper accounting period. 5.Properly present the transactions and related disclosures in the financial statements.
Controlprocedures that help ensure that Risk Control activities are the policies and
managements directives are carried out. Those control procedures that are relevant to the audit include 1. Performance reviews 2. Information processing 3. Segregation of duties 4. Physical controls
Monitoring of controls is a process that assesses the quality of internal control performance over time. Internal Auditors internal auditors evaluates internal control to ensure effective functionality of the organization. An effective internal audit function has clear lines of authority and reporting, qualified personnel, and adequate resources to enable these personnel to carry out their assigned duties. While the basic concepts of the five components should be present in all entities, they are likely to be less formal in a small or midsize entity than in a large entity. There are limitations to internal control, due to various factors, such as: management override of internal control; human error or mistakes; collusion
Factors contributing to fraud
Assessing Control Risk

Assessment of control risk involve a few steps: Identify specific controls that will be relied upon Perform tests controls Conclude on the achieved level of control risk
How to document the understanding of internal control? 1. Procedure manuals and organizational charts 2. Structured working paper 3. Internal control questionnaires/memorandum 4. Narrative description 5. Flowcharts
Documenting the Assessed Level of Control Risk
Substantive procedures
Timing of Audit Procedures

Audit procedures are performed at interim as well as at year end, example:
Auditing Accounting Applications Processed by Service Organizations

An audit client may have some or all of its accounting transactions processed by an outside service organization; Auditor will have to review the service provided as it involves accounting ; Auditor may issue report (s) on the service organizations operations:
Describes the service organizations controls and assesses whether they are suitably designed to achieve specified internal control objectives. Goes further by testing whether the controls provide reasonable assurance that the related control objectives were achieved during the period.
An auditor may reduce control risk below the maximum only on the basis of a service auditors report that includes tests of the controls.
Communication of Internal ControlRelated Matters

Reportable conditions
Significant deficiencies in the design or operation of internal control that could adversely affect the organizations ability to initiate, record, process, and report financial data consistent with managements assertions.
Material weakness
A material weakness is a significant deficiency, or combination of significant deficiency that results in more than a remote likelihood that a material misstatement of the financial statements will not be prevented or detected.
Reportable conditions
The Effect of Information Technology on Internal Control
Types of Controls in an IT Environment

General control data center & network operations; system software acquisition; change and maintenance; access security; application system acquisition, development, and maintenance Application controls data capture controls; data validation controls; processing controls; output controls; error controls
Types of Controls in an IT Environment
Flowcharting symbols
End of lecture 6
Mankinds Reckoning has drawn very close to them, yet they heedlessly turn away. (Al-Anbiyaa 21:1) Say: Death, from which you are fleeing, will certainly catch up with you. Then you will be returned to the Knower of the Unseen and the Visible and He will inform you about what you did. (Al-Jumu`ah 62:8) Wherever you are, death will catch up with you, even if you are in impregnable fortresses. (An-Nisaa 4:78)
LECTURE 7 Auditing the Revenue Cycle
Revenue Recognition
Revenue is an inflows/enhancements of assets of an entity or settlements of its liabilities (or a combination of both) from delivery or producing goods, rendering services, or other activities that constitute the entitys major or central operations. Three types of transactions are typically processed through the revenue cycle: 1. Sale of goods or rendering of a service for cash or credit; 2. Receipt of cash from the customer in payment for goods or services; 3. Return of goods by the customer for credit or cash. Numerous accounts are affected significant ones are: Sales transactions: trade receivables; sales; allowance for uncollectible; bad-debt expense Cash receipts transactions: cash; trade receivables; cash discounts Sales return and allowance transactions: sales returns; sales allowances; trade receivables
Overview of the Revenue Process

Cash Sale Credit Sale
Cash collection Purchases
Purchases
Cash sales
Account receivable
Inventory
Inventory
Credit sales
Revenue Process EarthWear Clothiers

Order Entry Department
By mail or fax
Customer sales order
By phone or internet
Input
To the IT Department
Error Correction
A
If a new customer, a credit check is run by the Credit Department. Otherwise, credit is checked by IT

IT Department
Customer Price Inventory Inventory Open orders Open orders
From order entry department
Data validation Batched program nightly
Shipping program
To order entry department
Error Report
To shipping department

Shipping Department
From shipping department Approved shipping ticket The shipping ticket forwarded to the customer contains quantity and price of each item purchased.
Ship goods
Approved shipping ticket Input to the billing program To customer with goods

IT Department
Open orders Shipping transactions A weekly open order report is prepared and reviewed by billing department. Outstanding orders are investigated.
Inventory
Billing program Sales Invoice Customer
Accounts receivable update For receivables processing

IT Department
Accounts receivable Shipping transactions Remittance transactions
Sales
Accounts receivable Weekly or Accounts receivable reporting update Monthly
D
Daily shipping listing Daily sales report Daily remittance report To cash receipts department To sales department
C

IT Department
Accounts receivable Remittance transactions Shipping transactions General ledger Reports Sales journal Cash receipts journal Aged trial balance Sales summary Remittance summary Journal entry summary
Accounts receivable reporting
Weekly or Monthly
Customer statements
Customer

Cash Receipts Department IT Department
From bank Remittance advice transactions Error correction Remittance advice transactions
Accounts receivable
C
From bank Daily remittance report Reconciled by cash receipts clerks
Cash remittance update Error report
Remittance advice listing
Documents and Records

Customer sales order contains the details of the type and quantity of products or services ordered by customer(s) Credit approval form for credit sales, the client must have a formal procedure for investigating the creditworthiness of the customer Open order report a report of all customer orders for which processing has not completed yet Shipping document a document serves as bill of lading and contains information on the type of product shipped, quantity and other relevant information Sales invoices used to bill the customer, contains information on the type of product or service, quantity, price and terms of trade Sales journal once sales invoice has been issued, the sales need to be recorded in the accounting records which is the sales journal to begin with Customer statement is mailed to the customer and contains details of all sales, cash receipt, and credit memorandum transactions Accounts receivable subsidiary ledger contains an account and the details of transactions for each customer Aged trial balance of accounts receivable summarizes all customer balances in the AR subsidiary ledger, will be classified as current of placed into one of several past due categories Remittance advice usually the portion of customers bill that should be return with payment Cash receipts journal to record the cash receipts of the entity Credit memorandum to record credits for the return of goods by a customer Write off authorization authorizes the write off of an uncollectible account receivable- final authorization is generally received from the treasurer Order entry initial function in the revenue process when new sales order is received
Major Functions
Credit authorization appropriate approval of customer orders for creditworthiness, this process determines that the customer is able to pay for the goods or services purchased failure in authorization could lead to extensive bad debts for the entity Shipping shipping of goods that has been authorized, goods should not be shipped, nor should services be provided without proper authorization the main control is payment or proper credit authorization Billing issuance of sales invoices to customers and processing of adjustments for allowances, discounts and returns, a proper billing system ensures that all goods shipped/ services rendered are billed to customers Cash receipts processing of the receipts of cash from customers, all cash receipts must be properly identified and promptly deposited intact at the bank Accounts receivable recording of all sales invoices, collections and credit memoranda in individual customer accounts -all billings, adjustments, and cash collections must be properly recorded in the customersaccounts receivable records General ledger proper accumulation, classification, and summarization of revenues, collections, and receivables in the financial statement accounts - as related to the revenue process, the general ledger function must ensure that all revenues, collections, and receivables are properly recorded and classified Order entry acceptance of customer orders for goods and services into the system in accordance with management criteria
Key Segregation of Duties

Department Order Accounts Cash Revenue and Accounts Receivable Entry Credit Shipping Receivable Receipts Receiving and preparing customer order X Approving credit X Shipping goods to customer X Preparing customer invoice X Updating accounts receivable records for sales X Receiving customer's remittance X Updating accounts receivable for remittance X Preparing accounts receivable aged trial balance X IT
X X X X
Information Systems and Communication

Process by which sales, cash receipts, and credit memoranda are initiated.
Auditors knowledge
The flow of each transaction from initiation to inclusion in the financial statements.
Accounting records, supporting documents, and accounts that are involved in sales, cash receipts, and sales returns.
The process used to prepare estimates for bad debts and sales returns.
Risk Assessment
Risk assessment process the auditor must understand how management considers risks that are relevant to the revenue process. The auditor should estimate the significance of the risk and assess the likelihood of occurrence. Inherent risk prevalent to the revenue cycle: 1. Industry related factors 2. Complexity and contentiousness of revenue recognition issues 3. Difficulty of auditing transactions and account balances 4. Misstatements detected in prior audits Control Environment understanding of control environment is generally completed on an overall entity basis; The auditor must understand how management assesses the design and operation of controls in the revenue process. This understanding should include how supervisory personnel review the personnel who perform the controls and evaluate the performance of the entitys IT function. Understanding & documenting internal control the auditor identifies what controls ensure that the assertions for transactions and events are being met, documentation of the auditors understanding can be accomplished by using (i) procedures manual; (ii) narrative descriptions; (iii) internal control qaires; (iv) flowcharts Control risk assessment: 1. Understanding and documenting the revenue process based on a reliance approach; 2. Planning and performing tests of controls on revenue transactions; 3. Setting and documenting the control risk for the revenue process
Planning and Performing Tests of Controls

The auditor systematically examines the clients revenue process to identify relevant controls that help to prevent, or detect and correct material misstatements. In order to properly set control risk, the auditor must test controls over the revenue process, example of the tests: Inquiry of client personnel Inspection of documents and records Observations of the operation of the control Walkthrough Reperformance of the control procedures If the results of the tests of controls support the planned level of control risk, the auditor conducts the planned level of substantive procedures for the account balances. The level of control risk for the revenue process can be set using either quantitative amounts or qualitative terms such as low, medium, or high
Revenue Transactions
Assertions about Classes of Transactions and Events for the Period under Audit
All revenue and cash receipt transactions and events Occurrence that have been recorded have occurred and pertain to the entity. All revenue and cash receipt transactions and events that should have been recorded have been recorded. All revenue and cash receipts transactions and events Authorization are properly authorized. Amounts and other data relating to recorded revenue Accuracy and cash receipt transactions and events have been recorded appropriately.
Completeness
All revenue and cash receipt transactions and events have been recorded in the correct accounting period. All revenue and cash receipt transactions and events Classification have been recorded in the proper accounts.
Cutoff
Control procedures and test of controls next pages
Revenue Transactions
Occurrence of revenues the auditor is concerned about two major types of material misstatements (i) sales to fictitious customer, (ii) recording revenue when goods have not been shipped or services have not been performed. The auditor needs assurance that all recorded revenue transactions are valid; Completeness of revenues the major misstatement that concerns both management and the auditor is that goods are shipped or services are performed and no revenue is recognized. Controls concerning completeness include (i) accounting for numerical sequence of shipping documents and sales invoices, (ii) matching shipping documents with sales invoices; (iii) reconciling sales invoices to daily sales reports Authorization of revenues possible misstatements due to improper authorization include shipping goods to or performing services for customers who are bad credit risks and making sales at unauthorized prices or terms. Test policies and procedures relating to authorization of revenue transactions. Accuracy of revenues the presence of an authorized price list and terms of trade reduces the risk of inaccuracies, the sales invoice should also be verified for mathematical accuracy before being sent to the customer. Cutoff of revenues sales may be recorded in the wrong accounting period unless proper controls are in place. All shipping documents should be forwarded to the billing department daily Classification of revenues the use of chart of accounts and proper codes for recording transactions should provide adequate assurance about the proper classification of revenue transactions
Cash Receipts Transactions

Occurrence of cash receipts the possible misstatement that concerns the auditor is that cash receipts are recorded but not deposited in the clients bank accounts; Completeness of cash receipts major misstatements is that cash/checks are stolen/missing/lost before being recorded in the cash receipts records; proper segregation of duties and a lockbox system are strong control relating to completeness Authorization of cash receipts terms of trade generally include discounts for payment within a specified period as a way of encouraging customers to pay on time/earlier Accuracy of cash receipts the wrong amount of cash could be recorded from the remittance advice or receipt could n accuracies, the sales invoice should also be verified for mathematical accuracy before being sent to the customer. Cutoff of cash receipts if client uses a lockbox system or if cash is deposited daily in the bank, there is a small possibility of cash being recorded in the wrong accounting period Classification of cash receipts the auditor seldom has major concerns about cash receipts being recorded in the wrong financial statement account
Control Procedures and Tests of Controls Sales Returns and Allowances: Sales returns and allowances is usually not a material amount in the financial statements. However, credit memoranda that are used to process sales returns can also be used to cover an unauthorized shipment of goods or conceal a misappropriation of cash. As a result, all credit memoranda should be properly authorized.
Relating the Assessed Level of Control Risk to Substantive Procedures

The auditors testing of control for revenue processing impacts the detection risk and therefore the level of substantive procedures impacted by the controls Auditing accounts receivable and related controls: 1. Substantive analytical procedures are used to examine plausible relationships among accounts receivable and related accounts. 2. Tests of details focus on transactions, account balances, or disclosures. Tests of details concentrate on the ending balance for accounts receivable and related accounts as well as related disclosures. Substantive Analytical Procedures: (ratios are used for comparative reasons) 1. Receivables turnover and days outstanding in accounts receivable. 2. Aging categories on aged trial balance of accounts receivable. 3. Bad-debts expense as a percent of revenue. 4. Allowance for uncollectible accounts as a percent of accounts receivable or credit sales. 5. Large account balances compared to last period.
Relating the Assessed Level of Control Risk to Substantive Procedures

For accounts receivables, allowance for doubtful accounts and bad-debt expense: Occurrence a sample of transactions from sales journal should be traced to the sales invoice, customer order and shipping document Completeness a sample of shipping documents should be traced to related sales invoice and customers account Authorization and accuracy compare prices and terms for sample of sales invoices with authorized price list Cutoff from a sample, compare date of sales invoices with date of shipment and date sale was recorded Classification for a sample of sales invoices, determine that each is properly classified in the revenue accounts
Relating the Assessed Level of Control Risk to Substantive Procedures Accounts Receivables tests
Completeness auditors primary concern is whether all AR have been included in the AR subsidiary ledger and the general ledger (GL) AR account. Reconciliation of the aged trial balance to the GL account should detect an omission of receivables from either the subsidiary or GL Cutoff attempts to determine whether all revenue transactions and related AR are recorded in the proper period. Test a few shipping documents just prior to year end and test another few just after the year end determine whether all transactions tested were recorded in the proper period Rights and obligation the auditor must determine that all AR are owned by the entity, this is usually not a problem, however, in some cases AR may be sold with/without recourse Valuation and allocation AR should be shown on the balance sheet at net realizable value (gross minus allowance) The auditor must verify the adequacy of the allowance for uncollectible accounts. The first step is to prepare an aged trial balance and discuss results with the credit manager. Next, a comparison with last years results should be examined. Classification & Understandability major issues for presentation and disclosure classification are: (i) Identifying and reclassifying any material credits contained in accounts receivable. (ii) Segregating short-term and long-term receivables. (iii)Ensuring that different types of receivables are properly classified.
The Confirmation Process Accounts Receivables

Confirmation is the process of obtaining information from third parties about the account receivable balance. Confirmation is a good source of evidence about the existence of the account receivable. The confirmation process should be controlled by the auditor. 1.Positive Confirmation requests that customers indicate whether they agree with the amount due to the client. A response is expected whether the customer agrees or disagrees with the balance indicated. 2.Negative Confirmation requests that the customer respond only when they disagree with the amount due to the client. Negative confirmations are used when the client has many small account balances and control risk is assessed as low. Timing AR may be confirmed at an interim date or year-end, the confirmation request should be sent soon after the end of the accounting period in order to maximize response rate Procedures the auditor should mail the confirmation request outside the client facilities a record should be maintained of the confirmations mailed and those returned, some cases may need 2nd request. For each exception received, the auditor should examine the reasons for the difference between the balance on the clients books and the balance indicated by the customer.
Alternative Procedures
When the auditor does not receive responses to positive confirmations, alternative audit procedures are used. These alternative procedures include: Examination of subsequent cash receipts. Examination of customer orders, shipping documents, and duplicate sales invoices. Examination of other client documentation. Other types of receivables that are reported on the balance sheet may include (1) receivables from officers and employees, (2) receivables from related parties, and (3) notes receivables. The auditors concern with satisfying the assertions for these receivables is similar to that for trade accounts receivable. Each of these types of receivables is confirmed and evaluated for collectability. The transactions that result in receivables from related parties are examined to determine if they were at arms length. Notes receivable would also be confirmed and examined for repayment terms and whether interest income has been properly recognized.
Evaluating the Audit Findings

When the auditor has completed the planned substantive procedures, the likely misstatement (projected misstatement plus an allowance for sampling risk) for accounts receivable is determined.
Likely misstatement less than tolerable misstatement Likely misstatement greater than tolerable misstatement
Accept the account as fairly presented
Account is not fairly presented.
A dream
dan sesiapa yang taatkan Allah dan Rasulnya, akan dimasukkan nya ke dalam syurga yang mengalir di bawahnya beberapa sungai, mereka kekal di dalamnya; dan itulah kejayaan yang amat besar. An-Nisa: 13 (dua syurga) yang ada berjenis-jenis pohon dan buah-buahan. Ar-Rahman:48 pada keduanya juga terdapat buah-buahan, serta pohon-pohon kurma dan delima.Ar-Rahman: 68 sedang naungan pohon-pohon syurga itu dekat kepada mereka, dan buahbuahannya pula dapat dipetik dengan semudahnyaAl-Insan: 14 Rasulullah pbuh have said: sesungguhnya orang beriman ditempatkan di syurga dalam istana dari mutiara berongga, panjangnya adalah 60 batu, di dalamnya terdapat pelayan-pelayan buah-buahan di syurga seperti anggur, ia lebih putih dari susu, lebih manis dari madu, lebih lembut dari tepung dan tidak berbiji. Adapun tanaman di syurga, setelah benihnya disebar, maka ia tumbuh dalam sekejap dan sedia dimakan pada waktu itu juga (Hadis riwayat oleh Muslim)
DEPARTMENT OF FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES DR HASLIDA ABU HASAN
LECTURE 8 Auditing the Purchasing Cycle
Expense and Liability Recognition

Expenses are outflows or other using up of assets or incurrences of liabilities from delivering or producing goods, rendering services or carrying out other activities that constitute the entitys ongoing major or central operations. Liabilities are probable future sacrifices of economic benefits arising from present obligations of a particular entity to transfer assets or provide services to other entities in the future as a result of past transactions or events.
Overview of the Purchasing Process

A purchase transaction usually begins with a purchase requisition generated by the user department. The purchasing department prepares a purchase order that is sent to the vendor. When the goods are received or the services rendered, a liability is recorded. Finally, the entity pays the vendor.
Purchase requisition Purchase order Receiving report and liability recorded
Vendor
Types of Transactions and Financial Statement Accounts Affected

Three types of transactions are processed through the purchasing process: 1. Purchase of goods and services for cash or credit. 2. Payment of the liabilities arising from such purchases. 3. Return of goods to suppliers for cash or credit.
Type of Transaction Purchase Transaction Account Affected Accounts payable Inventory Purchases or cost of goods sold Various asset and expense accounts Cash disbursement transaction Cash Accounts payable Cash discounts Various asset and expense accounts Purchase return transaction Purchase returns Purchase allowances Accounts payable Various asset and expense accounts
Flowchart of the Purchasing Process EarthWear Clothiers

Department
Requesting
Purchase requisition
Purchasing
Approved purchase requisition received
IT
Accounts Purchase payable order file master file
Input
Purchase order program Vendor

Purchase order (4 part)
Error corrections
PO #2 Filed
Numerically
Error report
A/P Receiving Purchasing

Department
PO #3
Receiving
PO #1
Accounts Payable (A/P)

Compare invoice to PO and RR Review account distribution Voucher packet Input Error correction
To IT
Goods received, counted, and inspected Receiving report (RR) Enter vendor, quantity, and PO # Daily receiving log
Receiving report Vendor invoice
From IT

Department
PO #3
Receiving
PO #1

Compare invoice to PO and RR Review account distribution Voucher packet Input Error correction
To IT
Goods received, counted, and inspected Receiving report (RR) Enter vendor, quantity, and PO # Daily receiving log
Receiving report Vendor invoice
From IT

Department
IT
Purchase order file A/P master file General ledger file
Open PO report Input from A/P
Accounts payable update
Weekly Monthly Daily
A/P reporting A/P listing Cash disbursement report
Monthly reports
A/P expense distribution report Voucher register Cash disbursements journal
Report to A/P
Error report
Daily
General ledger

Department
IT
A/P master file

Cash disbursement report
Cashier
Checks
Review documents and authorize payment
Cash disbursement program
Review checks and mail to vendors
Cash disbursement report
Checks
Checks
Input
To Vendors
Types of Documents and Records

1. Purchase Requisition request to purchase goods or services. 2. Purchase Order includes description, quality, and quantity or goods or services being purchased. 3. Receiving Report records the receipt of goods. 4. Vendor Invoice the bill from the vendor. 5. Voucher serves as the basis for recording a vendors invoice. 6. Voucher Register used to record vouchers for goods and services. 7. Accounts Payable Subsidiary Ledger includes amount owed to individual vendors. 8. Vendor Statement represents the purchase activity with vendor. 9. Check pays for goods or services. 10.Check Register contains columns to record credits to cash and debits to accounts payable and cash discounts.
The Major Functions

Functions of the Purchasing Process Initiation and approval of requests for goods and services Requisitioning by authorized individuals consistent with management criteria. Approval of purchase orders and proper execution as to Purchasing price, quantity, quality, and vendor. Receiving Receipt of properly authorized goods and services. Processing of vendor invoices for goods and services Invoice processing received; also, processing of adjustments for allowances, discounts, and returns. Disbursements Processing of payment to vendors. Recording of all vendor invoices, cash disbursements, and Accounts payable adjustments in individual vendor accounts. Proper accumulation, classification, and summarization of General ledger purchases, cash disbursements, and payables in the general ledger.
Key Functions and Duties

Segregation of Duties Possible Errors or Fraud
The purchasing function should be If one individual is responsible for the requisition, segregated from the requisitioning purchasing, and receiving functions, fictitious purchases can be made. This can result in the theft of goods and and receiving functions. possibly payment for unauthorized purchases. If one individual is responsible for the invoiceprocessing and accounts payable function, purchase The invoice-processing function transactions can be processed at the wrong price or should be segregated from the terms, or a cash disbursement can be processed for accounts payable function. goods not received. This can result in overpayment of goods or the theft of cash. If one individual is responsible for the disbursement function and also has access to the accounts payable The disbursement function should be records, unauthorized checks supported by fictitious segregated from the accounts documents can be issued, and unauthorized payable function. transactions can be recorded. This can result in theft of the entity's cash. If one individual isresponsible for the accounts payable The accounts payable function records and also for the general ledger, that individual should be segregated from the can conceal any defalcation that would normally be general ledger function. detected by reconciling subsidiary records with the general ledger control account.
The Key Segregation of Duties

Purchasing and Accounts Payable
Preparation and approval of purchase order Receipt, counting, and inspection of purchased materials Receipt of vendor invoices/matching to supporting documents Coding of account distributions Updating of accounts payable records Preparation of vendor checks Signing and mailing of vendor checks Preparation of the voucher register Reconciliation of voucher register to general ledger
Department Accounts Purchasing Receiving Payable Cashier's X X
IT
X X X X X X X X
Inherent & Control Risk Assessment

Industry-Related Factors adequacy of the raw material supply?; how volatile are raw material prices? Misstatements detected in prior audit Assessing control risk for purchasing process: 1. Understanding and documenting the purchasing process based on a reliance strategy; 2. Planning and performing tests of controls of purchase transactions; 3. Setting and documenting the control risk for the purchasing process; For each major class of transactions in the purchasing process, the auditor must obtain the following information: 1. How purchase, cash disbursements, and purchase return transactions are initiated. 2. The accounting records, supporting documents, and accounts involved in processing purchases, cash disbursements, and purchase returns. 3. The flow of each type of transaction from initiation to inclusion in the financial statements, including computer processing. 4. The process used to estimate accrued liabilities After testing controls, the auditor sets the level of control risk. When tests of controls support the planned level of control risk, no modifications are necessary to detection risk. The auditor may proceed with the substantive procedures as planned.
Control Activities and Tests of Controls Purchase Transactions

Assertions about Classes of Transactions and Events for the Period under Audit
All purchases and cash disbursements have been Occurrence recorded and have occurred and pertain to the entity. All purchases and cash disbursements that should Completeness have been recorded have been recorded. All purchase and cash disbursements are properly Authorization authorized. Amounts relating to recorded purchases and cash Accuracy disbursements have been recorded properly. Purchases and cash disbursements have been Cutoff recorded in the correct accounting period. Purchases and cash disbursements have been Classification recorded in the proper account.
Control Activities and Tests of Controls Purchase Transactions

Assertions Substantive Tests of Controls
Observe and evaluate proper segregation of duties. Test a sample of vouchers for the presence of an authorized purchase order Occurrence and receiving report. Examine paid vouchers and supporting documents for indication of cancellation. Review procedures for accounting for numerical sequence of purchase orders, receiving reports and vouchers. Trace a sample Completeness of receiving reports to their vendor invoices and vouchers. Trace a sample of vouchers to the purchases journal. Examine purchase requisitions or purchase orders for proper Authorization approval. Review client's competitive bidding process. Recompute the mathematical accuracy of vendor invoice. Agree information in the sample of vouchers for product, quantity, and Accuracy price. Examine reconciliation of vouchers to daily accounts payable report. Compare the dates on receiving reports with the dates on the Cutoff relevant vouchers. Compare the dates of vouchers with the dates they were recorded in the purchases journal. Review purchases journal and general ledger for reasonableness. Classification Examine a sample of vouchers for proper classification.
Control Activities and Tests of Controls Cash Disbursement Transactions

Occurrence the auditor is concerned with a misstatement caused by a cash disbursement being recorded in the clients record when no payment was made. The primary control procedures to prevent such misstatements include proper segregation of duties, independent reconciliation and review of vendor statements, and monthly bank reconciliations. Completeness the major audit concern is that a cash disbursement is made but not recorded in the records. The auditor should account for the numerical sequence of checks and reconcile the daily cash disbursements with posting to the accounts payable subsidiary records. Authorization proper segregation of duties reduces the likelihood that unauthorized cash disbursements are made. The individual who approves a purchase should not have direct access to the cash disbursement.
Control Activities and Tests of Controls Cash Disbursement Transactions

Accuracy One of the major audit concerns is that the payment amount is recorded incorrectly. To detect such an error, client personnel should reconcile the total of the checks issued each day with the daily cash disbursements report. Cutoff The auditors tests of controls include reviewing the reconciliation of checks with postings to the cash disbursements journal and accounts payable subsidiary records. The auditor also tests cash disbursements before and after year-end to ensure that transactions are recorded in the proper period. Classification The auditor is concerned that a cash disbursement may be charged to the wrong general ledger account. The use of a chart of accounts, as well as independent approval and review of the account code on the voucher should provide adequate control.
Control Activities and Tests of Controls

Purchase Return Transactions: Generally, the number and magnitude of purchase return transactions are not material. The auditor normally does not test controls relating to purchase returns. Substantive testing is used to test the reasonableness of the amount. Relating the Assessed Level of Control Risk to Substantive Procedures: If the results of the tests of controls support the achieved level of control risk, the auditor conducts substantive procedures at the planned level. If the results do not support the achieved level of control risk, the auditor reduces the detection risk, which will increase substantive procedures.
Auditing Accounts Payable & Accrued Expenses

Existence accounts payable and accrued expenses are valid liabilities Rights and obligation AP and accrued expenses are obligations of the entity Completeness All AP and accrued expenses have been recorded Valuation and allocation AP and accrued expenses are included in the financial statements at appropriate amounts, and any resulting valuation or allocation adjustments are appropriately recorded

Assertion about presentation and disclosure Occurrence and rights and obligations. All disclosed events, transactions, and other matters relating to accounts payable and accrued expenses have occurred and pertain to the entity. Completeness. All disclosures relating to accounts payable and accrued expenses that should have been included in the financial statements have been included. Classification and understandability. Financial information relating to accounts payable and accrued expenses is appropriately presented and described, and disclosures are clearly expressed. Accuracy and valuation. Financial and other information relating to accounts payable and accrued expenses are disclosed fairly and at appropriate amounts.

Substantive Analytical Procedures
Substantive Analytical Procedure Possible Misstatement Detected
Compare payables turnover and days outstanding in accounts payable to previous years' and industry data. Compare current-year balances in accounts payable and accruals with prior years' balances. Compare amounts owed to individual vendors in the current year's accounts payable listing to amounts owed in prior Under- or overstatment of liabilities and expenses. Under- or overstatment of liabilities and expenses. Under- or overstatment of liabilities and expenses.
Compare purchase returns and allowances as a percentage of revenue or Under- or overstatement of purchase cost of sales to prior years' and industry returns. data.
Tests of Details of Transactions, Account Balances, and Disclosures

Completeness Obtain a listing of accounts payable, foot the listing, and agree it to the general ledger control account. Selected vouchers or vendor accounts should be traced to the supporting documents or subsidiary accounts payable records to verify the accuracy of the details.
1. Ask management about control procedures used to identify unrecorded liabilities at the end of the period. 2. Obtain copies of vendors monthly statements and reconcile the amounts to the clients accounts payable records. 3. Confirm vendor accounts, including accounts with small or zero balances. 4. Vouch large-dollar items from the purchases journal and cash disbursements journal for a limited time after year-end. 5. Examine the files of unmatched purchase orders, receiving reports, and vendor invoices for any unrecorded liabilities.
Existence The auditors major concern is whether the recorded liabilities are valid obligations of the entity. The auditor should vouch a sample of items on the listing of accounts payable to other supporting documents.

Cutoff The auditor attempts to determine if all purchase transactions are recorded in the proper period. On most audits, the purchase cutoff is coordinated with the clients physical inventory count. Proper cutoff should also be determined for purchase return transactions. Rights and obligation There is little risk related to this assertion because clients seldom have an incentive to record liabilities that are not obligations of the entity. Valuation Accounts payable are recorded at either the gross amount of the invoice or net of cash discount amount. The valuation of accruals depends upon the type and nature of the accrued expense. Most accruals are relatively easy to value. Classification, Presentation, and Disclosure Major classification issues include . . . 1. Identifying and reclassifying any material debits contained in accounts payable. 2. Segregating short-term and long-term payables. 3. Ensuring that different types of payables are properly classified.

Disclosure Items for the Purchasing Process: Payables by type (trade, employees, etc.). Purchases from and payables to related parties. Short- and long-term payables. Dependence on a single vendor or a small number of vendors. Long-term purchase contracts, including any unusual purchase commitments. Costs by reportable segment of the business. Other Presentation DisclosureAssertion The auditor must ensure that all related party transactions have been identified. When the client has entered into formal long-term purchase contracts, adequate disclosure of the terms must be made. Accounts payable confirmations are used less often than accounts receivable confirmations. The auditor is able to examine externally created source documents relating to accounts payable. When confirmations are used they are usually positive and referred to as blank confirmations. The vendor is asked to supply the balance owed by the client.
Evaluating the Audit Findings

All identified misstatements should be aggregated. The likely misstatement is then compared to tolerable misstatement. If the likely misstatement is less than the tolerable misstatement, the auditor has evidence that the account is fairly presented. Conversely, if the likely misstatement exceeds the tolerable, the auditor should conclude that the account is not fairly presented.
DEPARTMENT OF FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES SESSION 1 2010/2011 DR HASLIDA ABU HASAN
LECTURE 9 Auditing the Inventory Cycle
CAEA 2218 2010/2011, LECTURE 9 Slide 1
Overview of the Inventory Management Process

Purchasing process Inventory management process Revenue process
Purchase of raw materials Payment of manufacturing overhead
Human resource management process Assignment of direct and indirect labor costs
Sale of goods
Type of Documents and Records demand for the entitys 1. Production Schedule Based on the expected
2. 3. 4. 5. 6. products. Receiving Report Records the receipt of goods from vendors. Materials Requisition Used to track materials during the production process. Inventory Master File Contains all the important information related to the entitys inventory, including the perpetual inventory records. Production Data Information Contains information about the transfer of goods and related cost accumulation at each stage of production. Cost Accumulation and Variance Report Material, labor, and overhead costs are charged to inventory as part of the manufacturing process. The variance report compares actual costs to standard or budgeted costs. Inventory Status Report Shows the type and amount of products on hand. Shipping Order Used to remove goods from the perpetual inventory records.
Production Schedule Inventory Master File
7. 8.
The Major Functions

Functions in the Inventory Management Process
Authorization of production activity and maintenance of Inventory management inventory at appropriate levels; issuance of purchase requisitions to the purchasing department. Custody of raw materials and issuance of raw materials to Raw materials stores manufacturing departments. Manufacturing Production of goods. Custody of finished goods and issuance of goods to the Finished goods stores shipping department. Cost accounting General ledger Maintenance of the costs of manufacturing and inventory in cost records. Proper accumulation, classification, and summarization of inventory and related costs in the general ledger.
Key Segregation of Duties

Segregation of Duties
The inventory management function should be segregated from the costaccounting function. The inventory stores function should be segregated from the costaccounting function. The cost-accounting function should be segregated from the general ledger function. The responsibility for supervising physical inventory should be separated from the inventory management and inventory stores functions.
Possible Errors or Fraud

If the individual responsible for inventory management also has access to the cost-accounting records, production and inventory costs can be manipulated. This may lead to an over- or understatement of inventory and net income. If one individual is responsible for both controlling and accounting for inventory, unauthorized shipments can be made or theft of goods can be covered up. If one individual is responsible for the inventory records and also for the general ledger, it is possible for that individual to conceal unauthorized shipments. This can result in the theft of goods, leading to an overstatement of inventory. If the individual responsible for production management or inventory stores functions is also responsible for the physical inventory, it is possible that inventory records to the physical inventory, resulting in an overstatement of inventory.
Risk Assessment
INHERENT RISK If industry competition is intense, there may be problems with the proper valuation of inventory. Technology changes in certain industries may also promote material misstatement due to obsolescence. Products that are small and of high value are more susceptible to theft. The auditor must be alert to related-party transactions for acquiring raw materials and selling finished products. Prior-year misstatements are good indicators of potential misstatements in the current year. CONTROL RISK
Steps: 1. Understand and document the inventory management process based on a reliance strategy. 2. Plan and perform tests of controls on inventory transactions. 3. Set and document the control risk for the inventory management process.
Control Activities and Tests of Controls Inventory Transactions

Assertion Test of Controls
Observe and evaluate proper segregation of duties. Review and test procedures for transfer of inventory. Review and test procedures for issuing materials to manufacturing Occurrence departments. Review and test client procedures for account for numerical sequence of materials requisitions. Observe the physical safeguards over inventory. Review and tests client's procedures for Completeness consignment goods. Review authorized production schedules. Review and test procedures for developing Authorization inventory levels and procedures used to control them. Review and test procedures for taking physical inventory. Review and test procedures used to develop standard costs. Review and test cost accumulation and variance reports. Review Accuracy and test procedures for identifying obsolete, slow-moving, and excess quantities. Review the reconciliation of perpetual inventory to general ledger control account. Review and test procedures for processing inventory included on receiving reports into the Cutoff perpetual records. Review and test procedures for removing inventory from perpetual records based on shipments of goods. Classification Review the procedures and forms used to classify inventory.
Control Activities and Tests of Controls Inventory Transactions

Occurrence of Inventory Transactions the auditors main concern is that all recorded inventory exists. The auditor should also be concerned that goods may be stolen. Review and observation are the main tests of controls used by the auditor to test the control procedures. Completeness of Inventory Transactions the primary control procedure for completeness relates to recording inventory that has been received. Controls are closely related to the purchasing process. Authorization of Inventory Transactions the auditors concern with authorization in the inventory system is with unauthorized purchase or production activity that may lead to excess levels of certain types of finished goods. Accuracy of Inventory Transactions inventory transactions that are not properly recorded result in misstatements that directly affect the amounts reported in the financial statements. Inventory purchases must be recorded at the correct price and actual quantity received. Inventory shipped must be properly recorded in cost of goods sold and the related revenue recognized. Classification of Inventory Transactions the client must have control procedures to ensure that inventory is properly classified as raw materials, work in process, or finished goods. By knowing which manufacturing department holds the inventory, the auditor is able to classify it by type.
Control Risk relation to Substantive Procedures

Assertions about Classes of Transactions and Events: Occurrence. Inventory transactions and events are valid. Completeness.All inventory transactions and events have been recorded. Authorization . All inventory transactions and events are properly authorized. Accuracy. Inventory transactions have been properly computed and ending inventory, and related revenue and cost of goods sold have been properly accumulated from journals and ledgers. Cutoff. Inventory receipts and shipments are recorded in the correct accounting period. Classification. Inventory is recorded in the proper accounts. Assertions about Account Balances at the Period End: Existence inventory recorded on the books and records actually exists Rights and obligations the entity has the legal rights of the recorded inventory Completeness all inventory is recorded Valuation and allocation inventory is properly recorded in accordance with GAAP Assertions about Presentation and disclosure: Occurrence & Rights and obligations all disclosed events, transactions, and other matters relating to inventory have occurred and pertain to the entity Completeness all disclosures relating to inventory that should have been included in the financial statements have been included Classification and understandability financial information relating to inventory is appropriately presented and described, and disclosures are clearly expressed Accuracy and valuation financial and other information relating to inventory are disclosed fairly and at appropriate amounts CAEA 2218 2010/2011, LECTURE 9 Slide 9
Auditing Inventory Substantive Analytical Procedures

Substantive Analytical Procedure Possible Misstatement Detected
Compare raw material, finished goods, and total inventory Obsolete, slow-moving, or excess inventory turnover to previous years' and industry averages. Compare days outstanding in inventory to previous years' Obsolete, slow-moving, or excess inventory and industry average. Compare gross profit percentage by product line with Unrecorded or fictitious inventory previous years' and industry data. Compare actual cost of goods sold to budgeted amounts. Over- or understated inventory Compare current-year standard costs with prior years' after Over- or understated inventory considering current conditions. Compare actual manufacturing overhead costs with Inclusion or exclusion of overhead costs budgeted or standard overhead costs.
Auditing Inventory
Auditing Standard Costs
Material Test the quantity and type of materials included in the product and the price of the materials. Labor Gather evidence about the type and amount of labor needed for production and the labor rate.
Overhead Review the clients method of overhead allocation for reasonableness, compliance with GAAP, and consistency.
Auditing Inventory
Observing Physical Inventory 1. Ensure that no production is scheduled. If production is scheduled proper controls must be established for movement between departments in order to prevent double counting. 2. Ensure that there is no movement of goods during the inventory count. 3. Make sure that the clients count teams are following the inventory count instructions. 4. Ensure that inventory tags are issued sequentially to individual departments. 5. Perform test counts and record a sample of counts in the working papers. 6. Obtain tag control information for testing the clients inventory compilation. 7. Obtain cutoff information, including the number of the last shipping and receiving documents issued. 8. Observe the condition of the inventory for items that may be obsolete, slow moving, or carried in excess quantities. 9. Inquire about goods held on consignment for others or held on a bill-andhold basis.
Tests of Details of Transactions, Account Balances, & Disclosures

Substantive tests of transactions: Occurrence vouch a sample of inventory additions to receiving reports and purchase requisition Completeness trace a sample of receiving reports to the inventory records Authorization test a sample of inventory shipments to ensure there is an approved shipping ticket and customer sales Accuracy re-compute mathematical accuracy of a sample of inventory transactions, audit standard costs or other methods used to price inventory Cutoff trace a sample of time cards before and after period and to the appropriate weekly inventory report Classification examine a sample of inventory checks for proper classification into expense accounts Test of details of account balances: Existence observe count of physical inventory Rights and obligations verify that inventory held on consignment for others or billand-hold goods are not included in inventory Completeness trace tests counts and tag control information to inventory compilation Valuation and allocation obtain a copy of the inventory compilation and agree totals to general ledger. Test mathematical accuracy of extensions and foot the inventory compilation. Inquire management on obsolete, slow-moving, excess inventory. Review book to physical adjustments for possible misstatements
Tests of Details of Transactions, Account Balances, & Disclosures

Assertions about Presentation and disclosure: Occurrence & Rights and obligations Inquire of management and review any loan agreements and board of directors' minutes for any indication that inventory has been pledged or assigned. Inquire of management about issues related to warranty obligations. Completeness Complete financial reporting checklist to ensure that all financial statement disclosures related to inventory are made. Classification and understandability Review inventory compilation for proper classification among raw materials, work in process, and finished goods. Read footnotes to ensure that required disclosures are understandable. Accuracy and valuation Determine if the cost method is accurately disclosed. Inquire of management abut issues related to LIFO liquidations. Read footnotes and other information to ensure that the information is accurate and properly presented at the appropriate amounts. Possible causes of book-to-physical differences: (1) Inventory cutoff errors. (2) Unreported scrap or spoilage. (3) Pilferage or theft. Examples of Disclosure Items: (i) Cost method (FIFO, LIFO, retail method); (ii) Components of inventory; (iii) Long-term purchase contracts.; (iv) Consigned inventory; (v) Purchases from related parties; (vi) LIFO liquidations; (vii) Pledged or assigned inventory (viii) Disclosure of unusual losses from write-downs (ix) Warranty obligations.
Evaluating the Audit Findings - Inventory

At the conclusion of testing, the auditor should aggregate all identified misstatements. The likely misstatement is compared to the tolerable misstatement allocated to the inventory account.
Likely misstatement < Tolerable misstatement

The auditor may accept the inventory account as fairly presented.
Likely misstatement > Tolerable misstatement

The auditor may conclude the inventory is not fairly presented.
End of lEcturE 9
"Let there be no compulsion in religion; verily, the right path has become distinct from the wrong path; whoever rejects taghut (evil) and believes in Allah has grasped the most trust worthy hand-hold that never breaks; and Allah hear and know all things". (Qur'an, 2:256)
LECTURE 10 Auditing Cash and Investment
Cash and Other Business Processes

Cash reported in the financial statements represents currency on hand and cash on deposit in bank accounts, including certificates of deposit, time deposits, and savings accounts. Cash equivalents are frequently combined with cash for presentation in the financial statements. Definition: Short-term, highly liquid investments that are readily convertible to cash or so near their maturity that there is little risk of change in their value. Examples: Treasury bills; commercial paper; and money market funds. Types of banking accounts : (i) General cash accounts; (ii) Imprest cash accounts; (iii) Branch Accounts In order to maximize its cash position, an entity implements procedures for accelerating the collection of cash receipts and properly delaying the payment of cash disbursements.
Cash and Other Business Processes
Substantive Analytical ProceduresCash

Because of the residual nature of the cash account, the auditors use of substantive analytical procedures for auditing cash is limited to: comparisons with prior years cash balances. comparisons with budgeted amounts. This limited use of substantive analytical procedures is normally offset by (1) extensive tests of controls and/or substantive tests of transactions for cash receipts and disbursements or (2) extensive tests of the entitys bank reconciliations. The reliability of the clients controls over cash (controls over cash receipts and control over cash disbursements as well as bank reconciliations) affects the nature and extent of the auditors tests of details.
Substantive Tests of Details of Transactions & Account Balances
Balance-Related Assertions
Auditing the General Cash Account

The auditor should first obtain (i) copies of bank reconciliation; (ii) standard bank confirmation and (iii) cutoff bank statement
Date of Last Bank Reconciliation
7 to 10 Days
A cutoff bank statement normally covers the 7- to 10-day period after the date on which the bank account is reconciled. Any reconciling item should have cleared the clients bank account during the 7- to 10-day period.

The auditor uses the following audit procedures to test the bank reconciliation: 1. Test the mathematical accuracy and agree the balance per the books to the general ledger. 2. Agree the bank balance on the reconciliation with the balance shown on the standard bank confirmation. 3. Trace the deposits in transit on the bank reconciliation to the cutoff bank statement. 4. Compare the outstanding checks on the bank reconciliation with the canceled checks in the cutoff bank statement for proper payee, amount and endorsement. 5. Agree any charges included on the bank statement to the bank reconciliation. 6. Agree the adjusted book balance to the cash account lead schedule. The audit of any imprest cash account such as payroll or a branch account follows the same basic audit steps for general cash accounts Petty cash are seldom material in organisation, however it has potential for defalcation substantive tests are rarely performed for petty cash, auditing the controlling documents surrounding petty cash should be sufficient

Some disclosure issues over cash are: 1. Accounting policies for defining cash and cash equivalents; 2. Any restrictions on cash such as a sinking fund requirement for funds allocated by the entitys board of directors for special purposes; 3. Contractual obligations to maintain compensation balances; 4. Cash balances restricted by foreign exchange controls; 5. Letters of credit A letter might be sent to banks to confirm the compensating balance disclosures Audit procedures related to fraud includes: Extended bank reconciliation; Tests for kiting; Proof of cash In some instances, the year-end bank reconciliation can be used to cover cash defalcations. This is usually accomplished by manipulating the reconciling items in the bank reconciliation. For example, suppose a client employee was able to steal $5,000 from the client. The clients cash balance at the bank would then be $5,000 less than reported on the clients books. The employee could hide the $5,000 shortage in the bank reconciliation by including a fictitious deposit in transit.
Auditing the General Cash Account Test for Kiting
Auditing for Investments

Investments items includes common stock, preferred stock; debt securities and hybrid securities Control risk assessments for investments focuses on assertion in terms of (i) occurrence and authorization; (ii) completeness; and (iii) accuracy and classification Key segregation of duties and possible errors avoided:
Auditing for Investments - Substantive Procedures
Auditing for Investments - Tests of Details

Existence: Auditing Standards state that the auditor should perform one of the following procedures when gathering evidence for existence: (i) Physical examination; (ii) Confirmation with the issuer; (iii) Confirmation with the custodian; (iv) Confirmation of unsettled transactions with the broker-dealer; (v) Confirmation with the counterparty; (vi) Reading executed agreements; Valuation and Allocation: The auditor must also determine if there has been any permanent decline in the value of an investment security. Auditing and accounting standards provide guidance for determining whether a decline in value below amortized cost is other than temporary; Here are some factors that may indicate a non-temporary impairment of investment value: Fair value is significantly below cost ; Decline in fair value is attributable to specific adverse conditions; Management does not possess both the intent and ability to hold the investment long enough to allow for recovery in fair value; A debt security has been downgraded by a rating agency; The financial condition of the issuer has deteriorated Permanently Impaired = Write down to new carrying amount Disclosure Assertions : Marketable securities need to be properly classified as held-to-maturity, trading, and available-for-sale. Held-to-maturity securities and individual available-for-sale securities should be classified as current or non-current assets based on whether management expects to convert them to cash within 12 months. All trading securities should be classified as current assets
LECTURE 11 Auditing for Prepaid Expenses, Intangible Assets and Tangible Assets of Property, Plant and Equipment
CAEA 2218 2010/2011, LECTURE 11 Slide 1 4-1
Auditing Prepaid Expenses

Other assets that provide economic benefit for less than a year are classified as current assets and are called prepaid expenses. Examples include: (i) Prepaid insurance; (ii) Prepaid rent; (iii) Prepaid interest. The inherent risk associated with prepaid expenses is generally assessed as low because the accounts do not involve any complex or contentious accounting issues. Because prepaid expenses are normally processed through the purchasing process, control procedures in purchasing should ensure that each item is properly authorized and recorded. Tests of Details of the Prepaid Insurance Account audit testing begins by obtaining a detail schedule of the prepaid insurance account.
Existence and Completeness confirm policy with insurance broker, examine supporting source documents; Rights and Obligations confirm policy beneficiary with the insurance broker; Valuation determine unexpired portion of policy and insurance expense. Classification determine propriety of distribution between manufacturing overhead and SG&Aexpense.
Auditing Intangible Assets

Intangible assets are assets that provide economic benefit for longer than a year, but lack physical substance. Examples of five general categories of intangible assets: 1. Marketing trademark, brand name, and Internet domain names. 2. Customer customer lists, order backlogs, and customer relationships. 3. Artistic items protected by copyright. 4. Contract licenses, franchises and broadcast rights. 5. Technology patented and unpatented technology. The inherent risk associated with intangible assets raises serious risk considerations. The accounting rules are complex and the transactions are difficult to audit. Accounting standards require different asset impairment tests for different classes of intangible assets (FAS 142). With the judgment and complexity association with valuation and estimation of intangible assets, the auditor would likely assess the inherent risk as high. Factors considered in Control Risks assessments: 1. The expertise and experience of those determining the fair value of the assets. 2. Controls over the process used to determine fair value measurements, including controls over data and segregation of duties between those committing the client to the purchase and those undertaking the valuation. 3. The extent to which the entity engages or employs valuation specialists. 4. The significant management assumptions used in determining fair value. 5. The integrity of change controls and security procedures for valuation models and relevant information systems, including approval processes (AU 328).
Auditing Intangible Assets

Tests of Details associated with valuation and impairment of intangible assets are often necessary because the complexity and degree of judgment increase the risk of material misstatement. Some substantive evidence is required for all significant accounts, and, as noted above, substantive analytical procedures are not likely to provide sufficient, appropriate evidence for significant transactions involving intangible assets. Four assertions are normally considered for tests of details of intangible assets: 1. Existence and completeness. 2. Valuation. 3. Rights and obligations. 4. Classification.
Auditing the Property Management Process

Property, plant and equipment usually represents a material amount in the financial statements. Recurring Engagement the auditor is able to focus on additions and retirements in the current period because amounts from prior periods have been subject to audit procedures. New Engagement the auditor has to verify the assets that make up the beginning balance in property, plant, and equipment. Four types of PP&E transactions may occur: 1. Acquisition of capital assets for cash or other nonmonetary considerations. 2. Disposition of capital assets through sale, exchange, retirement, or abandonment. 3. Depreciation of capital assets over their useful economic life. 4. Leasing of capital assets. There are three inherent risk factors that must be considered by the auditor: 1. Complex accounting issues; 2. Difficult-to-audit transactions (donated assets, non-monetary exchange, selfconstructed assets); 3. Misstatements detected in prior audit. Control procedures for the occurrence and authorization of property, plant, and equipment are normally part of the purchasing process. However, large capital asset transactions may be subject to additional controls. Companies should have an authorization table for approving capital asset transactions. Completeness detailed PPE subsidiary ledgers usually includes information about (i) description, location and ID number; (ii) date of acquisition and installed costs; (iii) depreciation methods for book and tax purpose salvage value, estimated useful life etc

Physical Plant IT Department
From purchasing process PP&E transaction file Specialized PP&E transactions Review for proper recording Input PP&E program PP&E transaction report Reconcile to Monthly PP&E general ledger subledger
General ledger PP&E master file master file General ledger program General ledger report

Segregation of Duties Possible Errors or Fraud
If one individual is responsible for initiating a capital asset transaction and also has final approval, fictitious or unauthorized purchases of assets can occur. This can result it purchases of unnecessary assets, assets that do not meet the company's quality control standards, or illegal payments to suppliers. The initiation function should be segregated from the final approval function.
If one individual is responsible for the PP&E records The PP&E records function should be and also for the general ledger functions, that segregated from the general ledger individual can conceal any defalcation that would function. normally be detected by reconciling subsidiary records with the general ledger control account. If one individual is responsible for the PP&E records The PP&E records function should be and also has custodial responsibility for the related segregated from the custodial function. assets, items may be stolen, and the theft can be concealed by adjustment of the accounting records. If a periodic physical inventory of PP&E If one individual who is responsible for the periodic is taken, the individual responsible for physical inventory of PP&E is also responsible for the the inventory should be independent of custodial and record-keeping functions, theft or the the custodial and record-keeping entity's capital assets can be concealed. functions. CAEA 2218 2010/2011, LECTURE 11 Slide 7 4-7

Substantive Analytical Procedures:
1. Compare prior-year balances in PP&E and depreciation expense with current-year balances. 2. Compute the ratio of depreciation expense to the related PP&E accounts and compare to prior years ratios. 3. Compute the ratio of repairs and maintenance expense to the related PP&E accounts and compare to prior years ratios. 4. Compute the ratio of insurance expense to related PP&E accounts and compare to prior years ratio. 5. Review capital budgets and compare the amounts spent with amounts budgeted.
Test of details of transactions, account balances and disclosures:

Completeness The auditor begins the process by obtaining a lead schedule and detailed schedules of additions and dispositions of assets. These schedules are footed and agreed to the general ledger. Cutoff Cutoff is normally part of the accounts payable and accrued expenses work. Vendors invoices from a few days before and after year-end are examined to determine if the assets is recorded in the proper accounting period. Classification First, the auditor must determine that the capital asset is recorded in the proper account. Second, the repairs and maintenance account should be reviewed to determine if any capital assets have been incorrectly recorded in these accounts. Finally, each material lease agreement should be reviewed for proper classification as operating or capital lease.

Test of details of transactions, account balances and disclosures (continued): Existence A list of all major additions should be obtained and each addition should be vouched to supporting documentation. For major acquisitions, the auditor may physically examine the capital asset. This is often done during the inventory observation. Major dispositions should be vouched to supporting documentation and examined for proper authorization. Rights and obligations In most cases, rights or ownership can be determined by examining vendors invoices and other supporting documents. In some cases, the auditor may wish to confirm property deeds or title documentation. Valuation and allocation Capital assets are valued at acquisition cost plus any costs necessary to make the asset operational. The auditor tests the recorded cost of major new additions to PP&E. The auditor may recompute, either manually or with the aid of a computer, the proper depreciation expense for the period. The auditor must test for permanent impairment of long-lived assets. While GAAP requires the comparison of future cash inflows to the assets carrying amount, this process can be quite difficult. Auditors may look to other sources of information to learn about impairments.

Test of details of transactions, account balances and disclosures (continued): Examples of disclosure items: 1. Classes of capital assets and valuation bases. 2. Depreciation methods and useful lives for financial reporting and tax purposes. 3. Nonoperating assets. 4. Construction or purchase commitments. 5. Liens and mortgages. 6. Acquisition or disposal of major operating facilities. 7. Capitalized and other lease arrangements. Evaluating the audit findings for PPE: If the likely misstatement is less than the tolerable misstatement, the evidence indicates that the PP&E accounts are fairly stated. If the likely misstatement is greater than the tolerable misstatement, the auditor would either require adjustment of the accounts or issue a qualified audit report.
1. Explain the nature and fundamental concepts of auditing with emphasis on external auditors. 2. Distinguish auditors and managements objectives, responsibilities on audit of financial statements. 3. Describe the relevant statutory and regulatory requirements in the Malaysian auditing environment. 4. Apply relevant audit procedures and practical aspects of audit to transaction cycles and items of balance sheet and income statement. 5. Apply code of ethics and professional standards (MIA By-Laws) in auditing
4-11
LECTURE 12 Auditing for Long Term Liabilities, Stockholders Equity, and Income Statement Accounts
Auditing Long Term Debt

The auditor must be assured that the amounts shown on the balance sheet for the various types of long-term debt are not materially misstated. This assurance extends to the recognition of interest expense. For the vast majority of entities, it is more efficient to follow a strategy of conducting substantive testing. The inherent risk for notes and bonds would normally be assessed as low to moderate because the volume of transactions are low, the accounting is not complex, and the client often receives third-party statements or amortization tables. However, the amounts are usually large and the financial markets have developed sophisticated instruments that have characteristics of both debt and equity. The inherent risk associated with these instruments is normally high. The control risk : when a substantive strategy is followed, the auditor still needs a sufficient understanding of the entitys internal control system over debt.

Assertion and Related Control Ativities
1. Occurrence and authorization (i) adequate documentation must verify that a note or bond was properly authorized; (ii) any significant debt commitments should be approved by the board of directors or by executives who have been delegated this authority. When the entity has proper controls for issuing debt transactions, it is generally easy for the auditor to test those transactions for occurrence and authorization at the end of the period. 2. Completeness The client should maintain a subsidiary ledger that contains information about all the long-term debt owed by the entity. The debt amount recorded in the subsidiary ledger should be reconciled to the general ledger control account regularly. 3. Valuation Notes and bonds are recorded at their face value less any unamortized discount or plus any unamortized premium. The effective interest method should be used to amortize discounts and premiums (the straight-line method may be used if the results are not materially different from the effective interest amounts). 4. Disclosure-Classification Controls should ensure that notes and bonds are properly classified in the financial statements. The major issue is to properly classify as a shortterm liability the portion of long-term debt that is due in the next year.

Substantive Procedures the auditor should examine any new debt agreements,
determine the status of prior debt agreements, and confirm balances and other relevant information with outside parties. Analytical procedures are useful because of the direct relationship between interest expense and the amount of long-term debt.
Assertions
Occurrence
Substantive Tests of Transaction

Examine copies of new note or bond agreements. Examine board of directors' minutes for approval of new lending agreements.
Trace large cash receipts and payments to source documents and the general ledger. Review interest expense for payments to debt holders Completeness not listed on the debt analysis schedule. Review notes paid or renewed after the balance sheet date to determine if there are unrecorded liabilities at year-end. Evaluate lease contracts to determine if leases are properly accounted for as an operating or capital lease. Examine board minutes for evidence of proper authorization of notes or Authorization bonds. Accuracy Test a sample of receipts and payments. Review debt activity for a few days before and after year-end to Cutoff determine if the transactions are included in the proper period. Examine the due dates on notes or bonds for proper classification Classification between current and long-term debt.

Year-End Balances Tests of Details of Account Balances
Existence Confirm notes or bonds directly with creditors. Rights and obligations Examine copies of note and bond agreements. Obtain an analysis of notes and bonds payable, and accrued interest; foot schedule and agree totals to the general ledger. Obtain a standard bank confirmation requesting specific Completeness information on notes from banks. Confirm notes or bonds with creditors. Inquire or management about "off-balance sheet" activities. Review board meeting minutes for debt-related activities. Examine new debt agreements to ensure that they were recorded at the proper value. Confirm the outstanding balance for notes or Valuation and bonds and the last date on which interest has been paid. allocation Recompute accrued interest. Verify computation of the amortization of premium or discount.
Auditing Stockholders Equity

The following three types of transactions are of importance to the auditor; (i) issuance of stock including transactions such as sale of stock for cash; the exchange of stock for assets; and issuance of stock for stock splits; (ii) repurchase of stock including both the reacquisition of stock and retirement of stock; (iii) payment of dividends including cash and stock dividends. The control risk : A substantive strategy is often used to audit stockholders equity because the number of transactions is usually small. The auditor must still be aware of the types of controls that are in place to prevent the misstatement of equity transactions. Large, publicly traded companies use a registrar and transfer agent to process and record equity transaction. Relevant information about equity transactions may be confirmed with the register and transfer agent.
Auditing Stockholders Equity

Assertion and control activities: 1. Occurrence Verify that stock and dividend transactions comply with corporate charter. 2. Accuracy Verify that stock and dividend transactions have been properly posted and summarized in the accounting records. 3. Authorization Verify that stock and dividend transactions have been properly approved. 4. Valuation Verify that stock and dividend transactions have been properly valued. When possible, the following duties should be segregated: 1. The individuals responsible for issuing, transferring, and canceling stock certificates should not have any accounting responsibilities. 2. The individual responsible for maintaining the detailed stockholders records should be independent of the maintenance of the general ledger control accounts. 3. The individual responsible for maintaining the detailed stockholders records should not also process cash receipts or disbursements. 4. Appropriate segregation of duties should be established among the preparation, recording, signing, and mailing of dividend checks.
Auditing Capital-Stock Accounts

Assertion and control activities: 1. Occurrence and completeness when outside agents are not used the auditor must (i) trace the transfers of shares between stockholders to the stock register and/or stock certificate book; (ii) foot the shares outstanding in the stock register and/or stock certificate book and agree them to total shares outstanding in the general ledger; (iii) examine any canceled stock certificates; (iv) account for and inspect any unissued stock certificates in the stock certificate book. 2. Valuation (i) when stock is issued for cash the valuation is straightforward. The proceeds from the sale are normally traced to the cash receipts records. (ii) when stock is exchanged for property, goods, or services, the valuation issue is more complex. Generally, fair market value is an issue and the accounting may involve a gain or loss. (iii) stock dividends may also create complex auditing issues. The auditor must recompute the dividend and trace the entries to the general ledger. 3. Completeness of disclosure examples of disclosure items include (i) number of shares authorized, issued, and outstanding for each class of stock; (ii) call privileges, prices, and dates of preferred stock; (iii) preferredstock sinking funds; (iv) stock option or purchase plans; (v) restrictions on retained earnings and dividends; (vi) any completed or pending transactions that may affect stockholdersequity.
Auditing Dividends
All dividends declared and paid will be audited because of concerns of violations of corporate bylaws or debt covenants. When an independent dividend-disbursing agent is used, the auditor can confirm the amount disbursed with the agent. This amount is agreed with the amount authorized by the board of directors. When an independent agent is not used, the auditor can recompute the amount of the dividend authorized by the board of directors and trace the amount to cash disbursements or dividends payable.
Auditing Retained Earnings

Under normal circumstances, retained earnings are affected by the current years income or loss and the dividends declared and or paid. The major exception is the existence of prior period adjustments, valuation accounts for certain marketable securities and foreign currency translation.
Auditing Income Statement Accounts

The audit of revenue and expense accounts depends on the extent of work conducted on the entitys control system and balance sheet accounts. Substantive procedures on selected income statement accounts include: 1. The results of testing controls for the various business processes; 2. The results of the detailed tests of balance sheet accounts and the related income statement accounts; 3. Performance of substantive analytical procedures on income statement accounts. 4. Detailed tests of selected income statement accounts. If control risk is set at the maximum the auditor does not rely on controls. Instead extensive substantive procedures are used. If a reliance strategy is followed the auditor determines if controls may be relied upon. If controls are operating effectively the auditor may reduce control risk below the maximum. Income statement accounts are normally audited in the course of auditing the related balance sheet accounts. Balance sheet accounts link to income statement accounts AR / Allowance for doubtful debt bad debt expense NR / Investments / Accrued interest receivable Interest expense PPE / Accumulated depreciation / Depreciation expense, gain/losses on sales or assets retirement Prepaid insurance insurance expense Long term debt / accrued interest payable interest expense
Auditing Income Statement Accounts

Substantive analytical procedures extensive use of analytical procedures in the audit of revenue and expense accounts; example common size statement comparing current to previous years; trend and ratio analysis.
Tests of selected account balances The auditor may wish to examine key revenue and expense accounts in some detail. Usually, the auditor verifies the transactions in the account by examining the supporting documentation. Accounts audited in this manner may be related to income tax reporting and include legal and audit expense, travel and entertainment, charitable contributions, and other income and expense.
TUTORIAL QUESTIONS
Problem 15-21, page 521 Problem 15-23, page 522
LECTURE 13 Auditing the Human Resource Management Process
Auditing the HRM

The human resource process starts with the establishment of sound policies for hiring, training, evaluating, counseling, promoting, compensating, and taking remedial actions for employees. The main concern of the auditor involves payroll transactions once an employee has been hired. Departments involve includes (i) operating; (ii) HRM; (iii) payroll; (iv) IT Transactions and accounts involve are the: 1. payments to employees cash, direct/indirect labor expense account ; 2. accrual and payment of payroll-related liabilities arising from employees services such as social securities, pension schemes, unemployment taxes etc cash and various accruals . Documents and records relevant are personnel records, including wagerate or salary authorizations; deduction authorization forms; time card; payroll check/direct deposit records; payroll register; payroll master file; payroll master file changes report; periodic payroll reports; various tax reports and forms.
Major HRM functions

Personnel
Authorization of hiring, firing, wage-rate and salary adjustments, salaries, and payroll deductions. Review and approval of employees' attendance and time information; monitoring of employee scheduling, productivity, and payroll cost variances. Processing of employees' attendance and time information and coding of account distribution. Computation of gross pay, deductions, and net pay; recording and summarization of payments and verification of account distribution. Payment of employees' compensation and benefits.
Supervision
Timekeeping Payroll processing Disbursement
Proper accumulation, classification, and General ledger summarization of payroll in the general ledger.
Segregation of duties
Payroll Function
Initiation of wage or salary changes Initiation of employee hiring and firing Approval of wage and salary changes Updating of personnel records Updating of payroll records Approval of time cards and job classification Review of time data and payroll distribution Preparation of payroll Preparation and signing of payroll checks Distribution of payroll checks Undating of general ledger for payroll Comparison of payroll expense to budget Calculation and recording of payroll taxes
Human TimeOperating Resource keeping Payroll X X X X X X X X
IT Treasurer
X X X X
X X
Segregation of duties
Payroll Function
Initiation of wage or salary changes Initiation of employee hiring and firing Approval of wage and salary changes Updating of personnel records Updating of payroll records Approval of time cards and job classification Review of time data and payroll distribution Preparation of payroll Preparation and signing of payroll checks Distribution of payroll checks Undating of general ledger for payroll Comparison of payroll expense to budget Calculation and recording of payroll taxes
Human TimeOperating Resource keeping Payroll X X X X X X X X
IT Treasurer
X X X X
X X
Risk assessments
In assessing inherent risk the auditor may want to consider the effect of economic conditions on payroll costs, the supply of skilled workers, and the frequency of employee turnover. The auditor should be familiar with any existing labor contracts and the impact of regulation on the company. The inherent risk associated with non-officers of the company is generally considered low. The inherent risk associated with officers of the company may not be considered low because of the ability to take advantage of their high position. Control risk assessments steps follow similar procedures of understanding and document the HRM process, perform tests of control and set and document control risk.
Risk assessments
Control activities and test of controls: Occurrence the auditor want assurance that payments for payroll-related services are being made to valid employees for time actually worked. Controls must be in place to ensure that no payments are made to fictitious employees and payments to valid employees are stopped once the employee is terminated. Authorization the client must have controls for hiring and terminating employees, setting pay rates, making withholdings, awarding benefits, and issuing payroll checks. Accuracy The client must have controls for hiring and terminating employees, setting pay rates, making withholdings, awarding benefits, and issuing payroll checks. Classification If payroll expense is charged to the wrong accounts, the financial statement may be misstated. If payroll expense is not properly classified between direct and indirect labor, inventory and cost of goods sold may not be valued properly. If the results of the tests of controls for the payroll system support the planned level of control risk, the auditor conducts substantive procedures of payroll-related accounts at the assessed level. If the tests do not support the level of control risk, the nature and extent of substantive testing will be increased.
Auditing payroll related accounts

Substantive analytical procedures: 1. Payroll Expense Accounts: Compare current year with prior years' payroll expense accounts Compare current and prior years' payroll costs as percent of sales and industry data Compare labor utilization rates and statistics with industry data Compare budgeted payroll expenses with actual payroll expenses Estimate sales commissions with formula and recorded sales 2. Payroll-Related Accrual Accounts: Compare current and prior years' balances in payroll related accounts Test reasonableness of accrual balance

Tests of Detail of Transactions, Account Balances, and Disclosures
Assertions about Transactions Occurrence Completeness Authorization Accuracy Cutoff Classification
Substantive Tests of Transaction
Trace a sample of payroll checks to the master employee list to verify validity. Trace a sample of time cards to the payroll register. Test a sample of payroll checks for proper authorization. Recompute a sample of payroll checks for gross pay, deductions, and net pay. Trace a sample of time cards before and after period end to the appropriate payroll report.
Examine a sample of payroll checks for proper classification into expense accounts.

Assertions about Account Balances at Period End
Tests of Details of Account Balances
Vouch selected amounts from account schedules for Existence accruals to supporting documents (payroll tax returns, corporate benefit policies, etc.. Review supporting documentation to determne that Rights and obligations the entity is legally obligated to pay the liability. Completeness Search for unrecorded liabilities. Obtain an account analysis schedule for accrued payroll liabilites; foot schedules for accrued payroll Valuation and Allocation liabilities. Compare amounts accrued to supporting documentation, such as payroll tax returns.

Assertions about Presentation and Disclosure Tests of Details of Disclosures Occurrence, and rights and Inquire about accruals to ensure that they are properly obligations disclosed. Complete financial reporting checklist to ensure that Completeness all financial statement disclosures related to payroll expense have been made. Review benefit contracts for proper disclosure of pension and postretirement benefits. Read footnotes Accuracy and valuation and other information to ensure that the information is accurate and properly presented at the appropriate amounts.

Payroll transactions affect many expense accounts, including direct and indirect manufacturing expense, general and administrative salaries, sales salaries, commissions, and payroll tax expenses. If the entitys internal control is reliable, the auditor does not need to conduct detailed tests of all these payroll expense accounts. Additional testing is necessary only when control weaknesses exist. The entity incurs a number of liabilities including payroll taxes withheld (federal and state income, medical and life insurance premiums, pension, and other miscellaneous deductions, accrued wages, bonuses, commissions etc. Audit objectives and procedures: Cutoff An examination of supporting documentation for the accruals provides evidence on the proper period for recording the expense or liability. Existence and valuation To verify the existence and valuation of an accrued payroll liability, the auditor can trace the amounts included on the account analysis working paper to supporting documentation such as payroll tax reports. Completeness The auditor must be aware of the normal payroll-related taxes that are paid by the entity and therefore should be able to determine if accruals have been made for payroll taxes such as Social Security taxes and unemployment insurance. TUTORIAL QUESTIONS (1) Problem 12-25 ; (2) Problem 12-26

CAEA 2218 Lecture 1 - Introduction-AnytoPDF

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

CAEA 2218 Lecture 1 - Introduction-AnytoPDF

Transféré par

Droits d'auteur :

Formats disponibles

DEPARTMENT FO FINANCIAL ACCOUNTING AND AUDITING CAEA 2218 AUDITING PRINCIPLES DR HASLIDA ABU HASAN

LECTURE 1 Logistics & Introduction to Auditing and Assurance Engagements

CAEA 2218 :LECTURE 1 Slide 2

CAEA 2218 LECTURE 1 Slide 4

Distinction between accounting and auditing

Auditing: gathers and evaluates evidence with

CAEA 2218 LECTURE 1 Slide 5

Classification of audit by their beneficiaries

Internal audits: traditionally undertaken by companys

CAEA 2218 LECTURE 1 Slide 6

Classification of audit by their objectives :

(2) Compliance audits: aim to determine whether an individual

(3) Operational audits: involve the systematic examination and

CAEA 2218 LECTURE 1 Slide 7

Assurance, Attestation, and Nonassurance Services

Other Assurance Services

Assurance, Attestation, and Nonassurance Services

Accounting and Bookkeeping

CAEA 2218 LECTURE 1 Slide 9

CAEA 2218 LECTURE 1 Slide 10

The Audit Society Michael Power

CAEA 2218 LECTURE 1 Slide 11

The Role of Auditing

CAEA 2218 LECTURE 1 Slide 12

CAEA 2218 LECTURE 1 Slide 13

CAEA 2218 LECTURE 1 Slide 14

Relationships Among Auditors, Client, and External Users

Overview of the Financial Statement Audit Process

CAEA 2218 LECTURE 1 Slide 16

A need for theory:

CAEA 2218 LECTURE 1 Slide 17

Can theory explain the existence of financial statement audit:

Audit Expectations Gap

Social Role of Auditing

CAEA 2218 LECTURE 1 Slide 20

8 postulates about auditing (Mautz & Sharaf)

CAEA 2218 LECTURE 1 Slide 21

The 8 postulates led to 5 primary concepts of auditing

LECTURE 2 Overview of Financial Statement Audit

CAEA 2218 2010/2011,LECTURE 2 Slide 1

CAEA 2218 LECTURE2-3Slide 3 2

CAEA 2218 LECTURE2-4Slide 4 2

CAEA 2218 LECTURE2-5Slide 5 2

Evidence Regarding Management Assertions & Sampling

CAEA 2218 LECTURE2-6Slide 6 2

The Auditors Responsibility for Errors, Fraud, and Illegal Acts

CAEA 2218 LECTURE2-7Slide 7 2

Ethics, Independence, and the Code of Professional Conduct

CAEA 2218 LECTURE2-8Slide 8 2

Clients Evaluation & Audit Risk

Clients Evaluation & Audit Risk

risk of material error occuring (non-controllable)

risk of failing to detect material error (controllable)

Internal control risk

Quality control risk

Failure to collect sufficient appropriate audit evidence and/evaluate it properly

CAEA 2218 LECTURE2-10 10 2 Slide

Clients Evaluation & Audit Risk

CAEA 2218 LECTURE2-11 11 2 Slide

CAEA 2218 LECTURE2-12 12 2 Slide

CAEA 2218 LECTURE2-13 13 2 Slide

Legal and professional rights and duties

Auditors rights and responsibilities

Auditors responsibility to detect and report fraud, which includes