AUDIT

The general definition of an audit is a planned and documented activity performed by qualified personnel to determine by investigation, examination, or evaluation of objective evidence, the adequacy and compliance with established procedures, or applicable documents, and the effectiveness of implementation. The term may refer to audits in accounting, internal controls, quality management, project management, water management, and energy conservation. Auditing is defined as a systematic and independent examination of data, statements, records, operations and performances (financial or otherwise) of an enterprise for a stated purpose. In any auditing the auditor perceives and recognizes the propositions before him for examination, collects evidence, evaluates the same and on this basis formulates his judgment which is communicated through his audit report. The purpose is then to give an opinion on the adequacy of controls (financial and otherwise) within an environment they audit, to evaluate and improve the effectiveness of risk management, control, and governance processes.

ETYMOLOGY
Historically, the word auditing has been derived from Latin word audire which means to hear. According to Dicksee, traditionally auditing can be understood as an examination of accounting records undertaken with a view to establishing whether they completely reflect the transactions correctly for the related purpose. In addition the auditor also expresses his opinion on the character of the statements of accounts prepared from the accounting records so examined as to whether they portray a true and fair picture.

ACCOUNTING
Auditing is a vital part of accounting. Traditionally, audits were mainly associated with gaining information about financial systems and the financial records of a company or a business. Financial audits are performed to ascertain the validity and reliability of information, as well as to provide an assessment of a system's internal control. The goal of an audit is to express an opinion of the person / organization / system (etc.) in question, under evaluation based on work done on a test basis. Due to constraints, an audit seeks to provide only reasonable assurance that the statements are free from material error. Hence, statistical sampling is often adopted in audits. In the case of financial audits, a set of financial statements are said to be true and fair when they are free of material misstatements a concept influenced by both quantitative(numerical)

and qualitative factors. But recently, the argument that auditing should go beyond just true and fair is gaining momentum. And the US Public Company Accounting Oversight Board has come out with a concept release on the same. Cost accounting is a process for verifying the cost of manufacturing or producing of any article, on the basis of accounts measuring the use of material, labor or other items of cost. In simple words, the term, cost audit means a systematic and accurate verification of the cost accounts and records, and checking for adherence to the cost accounting objectives. According to the Institute of Cost and Management Accountants of Pakistan, a cost audit is "an examination of cost accounting records and verification of facts to ascertain that the cost of the product has been arrived at, in accordance with principles of cost accounting."

An audit must adhere to generally accepted standards established by governing bodies. These standards assure third parties or external users that they can rely upon the auditor's opinion on the fairness of financial statements, or other subjects on which the auditor expresses an opinion. The Definition for Audit and Assurance Standard AAS-1 by the Institute of Chartered Accountants of India (ICAI): "Auditing is the independent examination of financial information of any entity, whether profit oriented or not, and irrespective of its size or legal form, when such an examination is conducted with a view to expressing an opinion thereon." Auditors

Auditors of financial statements can be classified into two categories:

External auditor / Statutory auditor is an independent firm engaged by the client subject to the audit, to express an opinion on whether the company's financial statements are free of material misstatements, whether due to fraud or error. For publicly traded companies, external auditors may also be required to express an opinion over the effectiveness of internal

controls over financial reporting. External auditors may also be engaged to perform other agreedupon procedures, related or unrelated to financial statements. Most importantly, external auditors, though engaged and paid by the company being audited, are regarded as independent auditors. Cost auditor / Statutory Cost auditor is an independent firm engaged by the client subject to the Cost audit, to express an opinion on whether the company's Cost statements and Cost Sheet are free of material misstatements, whether due to fraud or error. For publicly traded companies, external auditors may also be required to express an opinion over the effectiveness of internal controls over Cost reporting. These are Specialized Person called Cost Accountants in India & CMA globally either Cost & management Accountant or Certified management Accountants.

 The most used external audit standards are the US GAAS of the American Institute of Certified Public Accountants; and the ISA International Standards on Auditing developed by the International Auditing and Assurance Standards Board of the International Federation of Accountants. Internal auditors are employed by the organizations they audit. They work for government agencies (federal, state and local); for publicly traded companies; and for non-profit companies across all industries. The internationally recognised standard setting body for the profession is the Institute of Internal Auditors - IIA (www.theiia.org). The IIA has defined internal auditing as follows: "Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Thus professional internal auditors provide independent and objective audit and consulting services focused on evaluating whether the board of directors, shareholders, stakeholders, and corporate executives has reasonable assurance that the organization's governance, risk management, and control processes are designed adequately and function effectively. Internal audit professionals (Certified Internal Auditors - CIAs) are governed by the international professional standards and code of conduct of the Institute of Internal Auditors. While internal auditors are not independent of the companies that employ them, independence and objectivity are a cornerstone of the IIA professional standards; and are discussed at length in the standards and the supporting practice guides and practice advisories. Professional internal auditors are mandated by the IIA standards to be independent of the business activities they audit. This independence and objectivity are achieved through the organizational placement and reporting lines of the internal audit

department. Internal auditors of publicly traded companies in the United States are required to report functionally to the board of directors directly, or a sub-committee of the board of directors (typically the audit committee), and not to management except for administrative purposes. As described often in the professional literature for the practice of internal auditing (such as Internal Auditor, the journal of the IIA) -, or other similar and generally recognized frameworks for management control when evaluating an entity's governance and control practices; and apply COSO's "Enterprise Risk Management-Integrated Framework" or other similar and generally recognized frameworks for entity-wide risk management when evaluating an organization's entity-wide risk management practices. Professional internal auditors also use Control SelfAssessment (CSA) as an effective process for performing their work.

Consultant auditors are external personnel contracted by the firm to perform an audit following the firm's auditing standards. This differs from the external auditor, who follows their own auditing standards. The level of independence is therefore somewhere between the internal auditor and the external auditor. The consultant auditor may work independently, or as part of the audit team that includes internal auditors. Consultant auditors are used when the firm lacks sufficient expertise to audit certain areas, or simply for staff augmentation when staff are not available.

PERFORMANCE AUDITS Safety, security, information systems performance, and environmental concerns are increasingly the subject of audits. There are now audit professionals who specialize in security audits and information systems audits. With nonprofit organizations and government agencies, there has been an increasing need for performance audits, examining their success in satisfying mission objectives.

QUALITY AUDITS Quality audits are performed to verify conformance to standards through review of objective evidence. A system of quality audits may verify the effectiveness of a quality management system. This is part of certifications such as ISO 9001. Quality audits are essential to verify the existence of objective evidence showing conformance to required processes, to assess how successfully processes have been implemented, and to judge the effectiveness of achieving any defined target levels. Quality audits are also necessary to provide evidence concerning reduction and elimination of problem areas, and they are a hands-on management tool for achieving continual improvement in an organization. To benefit the organization, quality auditing should not only report non-conformance and corrective actions but also highlight areas of good practice and provide evidence of conformance. In this way, other departments may share information and amend their working practices as a result, also enhancing continual improvement. Project management Projects can undergo 2 types of Project audits:

 Regular Health Check Audits: The aim of a regular health check audit is to understand the current state of a project in order to increase project success. Regulatory Audits: The aim of a regulatory audit is to verify that a project is compliant with regulations and standards. Best practices of NEMEA Compliance Center describe that, the regulatory audit must be accurate, objective, and independent while providing oversight and assurance to the organization.

ENERGY AUDITS An energy audit is an inspection, survey and analysis of energy flows for energy conservation in a building, process or system to reduce the amount of energy input into the system without negatively affecting the output(s).

OPERATIONS AUDIT An operations audit is an examination of the operations of the client's business. In this audit the auditor thoroughly examines the efficiency, effectiveness and economy of the operations with which the management of the entity (client) is achieving its objective. The operational audit goes beyond the internal controls issues since management does not achieve its objectives merely by compliance of satisfactory system of internal controls. Operational audits cover any matters which may be commercially unsound. The objective of operational audit is to examine Three E's, namely:Effectiveness doing the right things with least wastage of resources. Efficiency performing work in least possible time. Economy balance between benefits and costs to run the operations A control self-assessment is a commonly used tool for completing an operations audit.

STANDARD AUDIT 500

INTRODUCTION
Standard on Auditing (SA) 500, Basic Principles Governing an Audit, states The auditor should obtain sufficient appropriate audit evidence through the performance of compliance and substantive procedures to enable him to draw reasonable conclusions there from on which to base his opinion on the financial information. standard of Auditing 500 was revised in 1.04.2009 by the Institute of Chartered Accountants of India. Auditor needs to form an opinion after checking books of accounts. For the purpose of examining books auditor should obtain audit evidence to form a conclusion and to support his examination. As of the aim of reporting and forming conclusions on the financial statements different audit evidences are obtained by the auditor. Audit evidence helps to draw reasonable audit conclusions. Audit evidence should be obtained for both accounting information contained in the financial statements and also for other information. Auditor may obtain an internal evidence for example when sales are made by the client to the customers, sales invoices are issued to the customer, which forms an internal evidence which are further evidenced by receipt of money from the customers. Other examples of internal evidences are material issued note, goods received note or any other evidence generated internally by the client. There can also be internal external evidences prepared by the clients and later on issued to their customers for further processing and payment. For example any invoice which is prepared internally and issued to the customer for further processing and payment. There can also be other evidences that are not generated by the client and obtained by the auditor directly from third party. For instance, auditor can obtain balance confirmation certificates from the third party , may be debtors balance
8

confirmation , creditors balance confirmation and other such evidence obtained from the third party without dealing with the client. There can also be external internal evidence flowing from outside the clients organization into the clients organization, We can give here example of a purchase invoice. Thus in brief, the evidence can be 1. 2. 3. 4. Internal Evidence Internal- External evidence External Evidence External internal evidence.

However, it is important to know that external evidence which is obtained by the third party directly from the third party is a more reliable audit evidence. The simple reason behind this is clients involvement is absent . hence, chances of manipulation in this type of evidence by the client is not there.They are of two types: (i) tests of details of transactions and balances; (ii) analysis of significant ratios and trends, including the resulting enquiry of unusual fluctuations and items. The purpose of this Standard is to amplify the basic principle outlined above. In this Standard, the term financial information encompasses financial statements.

Compliance and substantive audit procedures

Compliance procedures are the tests of internal control. This is for the purpose to check whether there is internal control operating within the organization, whether it is operating effectively or not, whether the operation throughout the period was effective or not.

Substantive evidence is about whether the evidence obtained is complete, accurate , valid as to the information produced by the accounting system.

What is sufficiency and appropriateness of the audit evidence? Sufficient Audit evidence represents quantum of audit evidence obtained by the auditor and its appropriateness tells about its relevance. These two terms are inter related. Auditor decides to obtain more quantity of audit evidence is when there are chances of risk of material misstatement as per auditors assessment. Appropriateness refers to the reliability and relevance. Its reliability in turn depends upon the source and nature of audit evidence. Also the quantum of evidence depends upon the quality of evidence, the higher the quality of audit evidence obtained the less it is required. There can be different factors which influence sufficiency and appropriateness of audit evidence, it may be affected by the nature of the evidence, whether the internal control is sufficient or not etc. Also auditor is required to know about the materiality of the item. Other factors affecting sufficiency and appropriateness are size of the business, Previous audit experience,

10

Sufficient Appropriate Audit Evidence 1. Sufficiency and appropriateness are interrelated and apply to evidence obtained from both compliance and substantive procedures. Sufficiency refers to the quantum of audit evidence obtained; appropriateness relates to its relevance and reliability. Normally, the auditor finds it necessary to rely on evidence that is persuasive rather than conclusive. He may often seek evidence from different sources or of different nature to support the same assertion

2. The auditor should evaluate whether he has obtained sufficient appropriate audit evidence before he draws his conclusions therefrom. The audit evidence should, in total, enable the auditor to form an opinion on the financial information. In forming such an opinion, the auditor may obtain audit evidence on a selective basis by way of judgmental or statistical sampling Handbook of Auditing Pronouncements-I SA 500 IV-286 procedures. For example, the auditor may select only certain accounts receivable for confirmation purposes, or make a selection of personnel records for the purpose of testing that changes in payroll rates have been properly authorised.

3. The auditors judgement as to what is sufficient appropriate audit evidence is influenced by such factors as: (a) The degree of risk of misstatement which may be affected by factors such as: (i) the nature of the item; (ii) the adequacy of internal control; (iii) the nature or size of the business carried on by the entity; (iv) situations which may exert an unusual influence on management;

11

(v) the financial position of the entity. (b) The materiality of the item. (c) The experience gained during previous audits. (d) The results of auditing procedures, including fraud or error which may have been found. (e) The type of information available. (f) The trend indicated by accounting ratios and analysis.

4. Obtaining audit evidence from compliance procedures is intended to reasonably assure the auditor in respect of the following assertions: Existence that the internal control exists. Effectiveness that the internal control is operating effectively. Continuity that the internal control has so operated throughout the period of intended reliance.

Purpose of Auditing Standard SA 500 Audit Evidence The purpose of the Auditing Standard is to establish requirements and to provide application and other explanatory material to auditors regarding what constitutes audit evidence in an audit of a financial report, and to deal with the auditors responsibility to design and perform audit procedures to obtain sufficient appropriate audit evidence to be able to draw reasonable

conclusions on which to base the auditors opinion.

12

Main Features The Auditing Standard: (a) requires the auditor to consider the relevance and reliability of the information to be used as audit evidence; (b) Describes the responsibilities of the auditor when the information to be used as audit evidence has been prepared using the work of a managements expert; (c) describes the responsibilities of the auditor when the information to evidence has been produced by the entity; (d) Describes requirements for selecting items for testing to obtain audit evidence; and (e) Describes the auditors responsibilities when there is inconsistency in Audit evidence obtained from different sources or doubts over the reliability of information to be used as audit evidence. be used as audit

Types of Audit Evidence based on the means of collection. 1. Inspection

Inspection is done by the auditor of books of accounts and other relevant records. Inspection can be done internally or externally and types of evidence may be in paper form , electronic form etc. Even auditor may prefer to do physical examination of an asset for getting conclusive view about the asset appearing in the balance sheet. In this case it is said to be more reliable audit evidence. Its reliability depends upon the nature and source of audit evidence. Auditor may inspect the information in the books of accounts and to obtain reasonable reliability of what is appearing in

13

the books of accounts; auditor may cross check with other evidence and for in-depth examination and inspection decide to physical examine the asset.

2.observation
The auditor when watches the internal processes being performed within the organization of the client, it is said to be observation. It is the close verification of the processes performed by the client. We can take example of inventory counting in these cases. Auditor observes the inventory counting performed by the client and forms his conclusion about the control activities performed. By observation auditor can know about the internal control in the organization is strong or weak. He can also check by observing authorization procedures whether it is done properly and genuinely or not by the management.

3. External confirmation To check the genuineness of the transactions appearing in the books of accounts, auditor prefers to obtain external confirmation directly from the third party. It is always said that external evidence is more reliable than internal evidence because it is obtain externally without clients involvement and hence more reliable. We can take instance of balance confirmation in this case, for example debtors balance confirmation, creditors balance confirmation.

14

Factors from which reliability of audit evidence is increased

1. Evidence if the source is from outside the entity. 2. Internal evidence reliability increases when internal control is effective. 3. External evidence is more reliable than internal evidence as of the absence of the involvement of the client. 4. Written form evidence is more reliable 5. If the audit evidence is obtained from original documents then they are more reliable rather than photocopies of it.

While using the work of Management expert, what care needs to be taken by the auditor?
1. Alternative sources of audit evidence available or not is to be checked. 2. The nature, Complexity and risk of material misstatement involved should be kept in mind. 3. The nature, scope and objective of the expert work should be verified. 4. Management expert is from within or outside the organization should be checked because of the chances of biased opinion. 5. Whether the work of the management expert is being influenced by the exercise of control by the management should be verified 6. Whether Management expert follows technical performance standards or other professional and industry requirements should be checked. 7. The nature and extent of control on the Management Experts work should be kept in mind. 8. Previous experience if any with the management expert of the auditor should also be taken into consideration.
15

9. Knowledge and experience of the management expert should also be counted.

Reliability
i) Obtaining an Understanding of the Work of the Managements Expert An understanding of the work of the managements expert includes an understanding of the relevant field of expertise. An understanding of the relevant field of expertise may be obtained in conjunction with the auditors determination of whether the auditor has the expertise to evaluate the work of the managements expert, or whether the auditor needs an auditors expert for this purpose.

Aspects of the managements experts field relevant to the auditors understanding may include: Whether that experts field has areas of specialty within it that are relevant to the audit. Whether any professional or other standards and regulatory or legal requirements apply. What assumptions and methods are used by the managements expert, and whether they are generally accepted within that experts field and appropriate for financial reporting purposes. The nature of internal and external data or information the managements expert uses.

In the case of a managements expert engaged by the entity, there will ordinarily be engagement letter or other written form of agreement between the entity and that

an

expert.

Evaluating that agreement when obtaining an understanding of the work of the managements expert may assist the auditor in determining the appropriateness auditors purposes: The nature, scope and objectives of that experts work;
16

of the following for the

 The respective roles and responsibilities of management and that expert; and The nature, timing and extent of communication between management and that expert, including the form of any report to be provided by that expert.

In the case of a managements expert employed by the entity, it is less likely there will be a written agreement of this kind. Inquiry of the expert and other members of management may be the most appropriate way for the auditor to obtain the necessary understanding.

ii)

Evaluating the Appropriateness of the Managements Experts Work Considerations when evaluating the appropriateness of the managements experts work as audit evidence for the relevant assertion may include: The relevance and reasonableness of that experts findings or conclusions, their consistency with other audit evidence, and whether they have been appropriately reflected in the financial statements; If that experts work involves use of significant assumptions and methods, the relevance and reasonableness of those assumptions and methods; and If that experts work involves significant use of source data, the relevance, completeness, and accuracy of that source data.

iii)

Information Produced by the Entity and Used for the Auditors Purposes In order for the auditor to obtain reliable audit evidence, information produced by the entity that is used for performing audit procedures needs to be sufficiently complete and accurate. For example, the effectiveness of auditing revenue by applying standard prices to records of sales volume is affected by the accuracy of the price information and the completeness and accuracy

17

of the sales volume data. Similarly, if the auditor intends to test a population (for example, payments) for a certain characteristic (for example, authorization), the results of the test will be less reliable if the population from which items are selected for testing is not complete.

Obtaining audit evidence about the accuracy and completeness of such information may be performed concurrently with the actual audit procedure applied to the information when obtaining such audit evidence is an integral part of the audit procedure itself. In other situations, the auditor may have obtained audit evidence of the accuracy and completeness of such information by testing controls over the preparation and maintenance of the information. In some situations, however, the auditor may determine that additional audit procedures are needed.

In some cases, the auditor may intend to use information produced by the entity for other audit purposes. For example, the auditor may intend to make use of the entitys performance measures for the purpose of analytical procedures, or to make use of the entitys information produced for monitoring activities, such as internal auditors reports. In such cases, the appropriateness of the audit evidence obtained is affected by whether the information is sufficiently precise or detailed for the auditors purposes. For example, performance measures used by management may not be precise enough to detect material misstatements. iv) Selecting Items for Testing to Obtain Audit Evidence An effective test provides appropriate audit evidence to an extent that, taken with other audit evidence obtained or to be obtained, will be sufficient for the auditors purposes. In selecting items for testing, the auditor is required by determine the relevance and reliability of information

18

to be used as audit evidence; the other aspect of effectiveness (sufficiency) is an important consideration in selecting items to test. The means available to the auditor for Selecting items for testing are: (a) Selecting all items (100% examination); (b) Selecting specific items; and (c) Audit sampling. The application of any one or combination of these means may be appropriate depending on the particular circumstances, for example, the risks of material misstatement related to the assertion being tested, and the practicality and efficiency of the different means. Selecting All Items The auditor may decide that it will be most appropriate to examine the entire population of items that make up a class of transactions or account balance (or a stratum within that population). 100% examination is unlikely in the case of tests of controls; however, it is more common for tests of details. 100% examination may be appropriate when, for example: The population constitutes a small number of large value items; There is a significant risk and other means do not provide sufficient appropriate audit evidence; or The repetitive nature of a calculation or other process performed automatically by an information system makes a 100% examination cost Effective. Selecting Specific Items The auditor may decide to select specific items from a population. In making this decision, factors that may be relevant include the auditors understanding of the entity, the assessed risks

19

of material misstatement, and the characteristics of the population being tested. The judgmental selection of specific items is subject to non-sampling risk. Specific items selected may include: High value or key items. The auditor may decide to select specific items within a population because they are of high value, or exhibit some other characteristic, for example, items that are suspicious, unusual, particularly risk-prone or that have a history of error All items over a certain amount. The auditor may decide to examine items whose recorded values exceed a certain amount so as to verify a large proportion of the total amount of a class of transactions or account balance. Items to obtain information. The auditor may examine items to obtain information about matters such as the nature of the entity or the nature of transactions. While selective examination of specific items from a class of transactions or account balance will often be an efficient means of obtaining audit evidence, it does not constitute audit sampling. The results of audit procedures applied to items selected in this way cannot be projected to the entire population; accordingly, selective examination of specific items does not provide audit evidence concerning the remainder of the population.

Audit Sampling Audit sampling is designed to enable conclusions to be drawn about an entire Population on the basis of testing a sample drawn from it. Audit sampling is discussed in ISA 530. Inconsistency in, or Doubts over Reliability of, Audit Evidence Obtaining audit evidence from different sources or of a different nature may indicate that an individual item of audit evidence is not reliable, such as when audit evidence obtained from one source is inconsistent with that obtained from another. This may be the case when, for example,

20

responses to inquiries of management, internal audit, and others are inconsistent, or when responses to inquiries of those charged with governance made to corroborate the responses to inquiries of management are inconsistent with the response by management. ISA 230 includes a specific documentation requirement if the auditor identified information that is inconsistent with the auditors final conclusion regarding a significant matter.

Conclusion SA 500: Audit Evidence

1) Auditor is required to obtain sufficient appropriate audit evidence to enable them to draw reasonable conclusions on which they can base their opinion on financial information

2) Auditor normally relies on evidence that is persuasive rather than conclusive in nature. Auditor may obtain evidence on a selective basis by way of either judgmental or statistical sampling procedures. Evidence is obtained through performance of compliance and substantive procedures

3) Compliance procedures are tests designed to obtain reasonable assurance that internal controls on which audit reliance is placed are in effect. Substantive procedures are designed to obtain evidence as to completeness, accuracy and validity of data produced by accounting system

4) Obtaining audit evidence from compliance procedures is intended to reasonably assure the auditor in respect of assertions of existence, effectiveness and continuity. Obtaining audit evidence from substantive procedures is intended to reasonably assure the auditor in respect of assertions of existence, rights and obligations, occurrence, completeness, valuation, measurement, presentation and disclosure
21

5) To test the reliability, few generalisations are useful such as external evidence is more reliable than internal evidence, written evidence is more reliable than oral evidence and self-obtained evidence is more reliable than obtained through the entity

6) Auditor gains increased assurance when audit evidence obtained from different sources is consistent. Various methods for obtaining audit evidence include inspection, observation, inquiry and confirmation, computation and analytical review 7) Emphasis is to be laid on considering relevance and reliability of audit evidence obtained during the course of audit, and focus is to be laid on designing and performing audit procedures to obtain relevant and reliable audit evidence. Auditor for the purpose of performing audit and forming reasonable conclusion on the financial statement obtains audit evidence, which thus supports his conclusive opinion.

22