Vous êtes sur la page 1sur 59

Slide 6.

Principles of Auditing: An Introduction to


International Standards on Auditing

Chapter 6 – Main Audit Concepts and


Planning the Audit (ISA 300, 315, 320)

Rick Hayes, Hans Gortemaker


and Philip Wallage

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.2

Definisi Perencanaan
International Standards on Auditing (ISA)
300, ‘Perencanaan Audit laporan
Keuangan’, menyatakan, ‘tujuan auditor
adalah untuk merencanakan audit,
sehingga audit dapat dilakukan secara
efektif...Auditor harus menetapkan
keseluruhan strategi audit yang
menetapkan ruang lingkup, waktu dan
arah audit, dan yang memandu
pengembangan rencana audit.’

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.3

Perencanaan – Fase II dari Model Proses


Audit - Tujuan
Menentukan jumlah dan tipe bukti dan reviu
yang diperlukan untuk memberikan
keyakinan kepada auditor bahwa tidak
terdapat salah saji material dalam laporan
keuangan.

Illustration 6.1 Audit Process Model

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.4

Perencanaan – Fase II dari Model Proses


Audit – Prosedur

Illustration 6.1 Audit Process Model (Continued)

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.5

Memahami Entitas dan Lingkungannya -


Risiko Audit menurut ISA
• ISA 315 mengidentifikasi dan menetapkan
risiko salah saji material melalui
pemahaman entitas dan lingkunganya.
• ISA 330 Respon Auditor terhadap Risiko
yang ditetapkan.
• ISA 500 Bukti Audit

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.6

Prosedur Menetapkan Risiko (ISA 315.6)

• Pertanyaan kepada manajemen


• Prosedur Analitis
• Observasi dan Inspeksi

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.7

Inquires of management and personnel


Objectives? (profit, investment,
product) Expectations? (customers,
suppliers, product, shareholders,
banks, government) Reports?
(SEC, public, government)

Business operations?
(market, locations);
Investments

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.8

Prosedur Analitis

Prosedur ini membantu auditor dalam


mengidentifikasi transaksi-transaksi atau
keadaan yang tidak biasa. Prosedur analitis
biasanya melibatkan perbandingan hasil
perusahaan dengan hasil industri. Terdapat
sejumlah publikasi dari rasio-rasio dan tren
industri berskala besar yang dapat membantu
auditor pada saat melakukan prosedur
analitis.(Lihat Bab 7 ‘Internal Control and Control
Risk’).

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.9

Inspeksi and observasi

Observasi aktivitas inti,


membaca laporan manajemen,
manual pengendalian internal

meninjau fasilitas (persediaan,


aktiva tetap, kebersihan,
kebiasaan kerja , pengendalian
internal , pemisahan tugas)

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.10

Diskusi Tim Audit

ISA 315 membutuhkan


diskusi tim yang luas
tentang kerentanan laporan
keuangan entitas terhadap
salah saji material

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.11

ISA 315 membedakan aspek-aspek


relevan berikut dalam memahami entitas
dan lingkungannya
• Industri, regulasi, kerangka pelaporan
keuangan
• Sifat dasar dari Entitas, meliputi :
• Operasi bisnis
• Jenis investasi
• Struktur modal dan pembiayaan
• Kepemilikan dan struktur tata kelola
• Kebijakan Akuntansi
• Tujuan dan Strategi
• Pengukuran dan peninjauan kinerja
keuangan
Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.12

Memahami Entitas dan Lingkungannya


Audit Strategis

Illustration 6.2 Global Systems Perspective on Client Business Risk

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.13

Sifat Dasar Entitas


• Operasi Bisnis
• Investasi
• Kebijakan akuntansi keuangan

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.14

Operasi Bisnis

Informasi yang diperoleh mengenai


operasi bisnis meliputi :
•Sifat dari sumber pendapatan
•Produk dan jasa
•Pasar
•Lokasi fasilitas perusahaan
•Pekerjaan
•Pelanggan dan pemasok kunci

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.15

Investasi
Transaksi penting sebagai informasi yang
harus dikumpulkan meliputi :
•Akuisisi, merger dan pelepasan divisi bisnis
•Penggunaan instrumen keuangan derivatif
•Jenis investasi besar perusahaan
•Aktivitas Penanaman Modal
•Investasi dalam entitas non konsolidasi
seperti usaha bersama (joint ventures),
entitas tujuan khusus (special purpose
entities) dan Persekutuan.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.16

Kebijakan Akuntansi Keuangan


• Kebijakan akuntansi perusahaan
• Penilaian pertimbangan akuntansi
• Penyajian and pengungkapan
• Akuntansi nilai wajar
• Akuntansi untuk transaksi yang rumit dan
tidak biasa

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.17

Menyelidiki posisi hukum perusahaan


• Anggaran Dasar dan Anggaran Rumah
Tangga Perusahaan
• Risalah rapat dewan direksi dan
pemegang saham
• Kontrak

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.18

Tujuan entitas, strategi dan risiko bisnis


terkait
• Auditor juga akan mempertimbangkan tujuan
dan strategi entitas, dan risiko bisnis terkait
yang dapat mempengaruhi laporan keuangan.
• Kondisi yang signifikan, peristiwa, keadaan
sekitar atau tindakan yang dapat berdampak
buruk terhadap kemampuan entitas untuk
mencapai tujuan dan melaksanakan
strateginya akan menimbulkan risiko bisnis.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.19

Auditor dapat menggunakan kerangka kerja


berorientasi strategi, yang mana membutuhkan
langkah-langkah berikut ini :
1. Memahami keuntungan strategis klien
2. Memahami risiko yang mengancam tujuan bisnis klien
3. Memahami proses kunci dan kompetensi terkait untuk mewujudkan
keuntungan strategis
4. Mengukur dan tolak ukur kinerja proses
5. Mendokumentasikan pemahaman tentang kemampuan klien untuk
menciptakan nilai dan menghasilkan arus kas masa depan dengan
menggunakan model bisnis klien, analisis proses, indikator kinerja utama dan
profil risiko bisnis.
6. Menggunakan kerangka keputusan pengetahuan bisnis yang komprehensif
untuk mengembangkan ekspektasi tentang asersi kunci yang terkandung
dalam laporan keuangan secara keseluruhan.
7. membandingkan hasil keuangan yang dilaporkan dengan ekspektasi dan
merancang pekerjaan pengujian audit tambahan untuk mengatasi
kesenjangan antara ekspektasi.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.20

Pengukuran dan reviu kinerja keuangan

Illustration 6.8 Measurement and Review of the Entity’s Financial Performance

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.21

Prosedur Analitis
• Auditor biasanya menerapkan prosedur
analitis pada tahap perencanaan untuk
membantu memahami bisnis dan
mengidentifikasi area risiko potensial.
• Prosedur analitis dalam merencanakan
audit menggunakan informasi keuangan
maupun non keuangan ( contoh :
hubungan antara penjualan dan volume
barang yang dijual)

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.22

Menilai Risiko berdasarkan bukti


Untuk menilai risiko salah saji, auditor melaksanakan empat tugas
:
1. mengidentifikasi risiko dengan mengembangkan
pemahaman lingkungan perusahaan, termasuk
pengendalian relevan yang terkait dengan risiko.
2. menghubungkan risiko yang teridentifikasi dengan apa yang
salah dengan asersi manajemen tentang kelengkapan,
eksistensi, penilaian, keterjadian dan pengukuran transaksi
atau asersi tentang hak, kewajiban, presentasi dan
pengungkapan.
3. menentukan apakah risikonya sangat besar yang dapat
mengakibatkan salah saji material dalam laporan keuangan.
4. mempertimbangkan kesamaan yang risikonya akan
mengakibatkan salah saji material dalam laporan keuangan
dan dampaknya terhadap kelas transaksi, saldo akun, dan
pengungkapan.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.23

Risiko Bisnis
Risisko Bisnis adalah hasil dari kondisi signifikan,
peristiwa, keadaan sekitar atau tindakan yang dapat
berdampak buruk terhadap kemampuan entitas untuk
mencapai tujuannya dan menerapkan strateginya.
• Operasi di daerah yang secara ekonomi tidak stabil
• Operasi yang terpapar di pasar yang tidak stabil
• Tingkat regulasi yang rumit
• Keberlangsungan hidup dan masalah likuiditas termasuk
hilangnya pelanggan yang signifikan
• Kendala ketersediaan modal dan kredit
• Perubahan industri dimana entitas beroperasi

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.24

Risiko Audit
• Risiko audit adalah risiko dimana auditor
menyatakan opini audit yang tidak tepat ketika
laporan keuangan mengandung salah saji
material.
Hal ini meliputi :
• Risiko salah saji material
• Inherent risk
• Control risk
• Risiko Deteksi
• Illustration 6.11 shows a symbolic graphic used by
AICPA to illustrate how audit risk works.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.25

Risiko salah saji material – Inherent risk


Risiko melekat (Inherent risk) adalah kerentanan
saldo akun atau kelompok transaksi terhadap
kemungkinan salah saji yang bersifat material-baik
untuk masing-masing saldo akun atau kelompok
transaksi maupun saat digabungkan dengan salah
saji dari saldo akun atau kelompok transaksi
lainnya - dengan asumsi tidak terdapat
pengendalian internal yang terkait.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.26

Risiko Salah Saji Material – Control risk


Control risk adalah risiko salah saji yang dapat
terjadi pada saldo akun atau kelompok transaksi
yang bersifat material - baik untuk masing-
masing saldo atau kelompok transaksi maupun
saat digabungkan dengan salah saji dari saldo
akun atau kelompok transaksi lainnya - tidak
dapat dicegah atau dideteksi atau dikoreksi
secara tepat waktu dengan sistem akuntansi
dan sistem pengendalian internal.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.27

Detection risk
Detection risk adalah risiko dimana prosedur-
prosedur substantif auditor tidak dapat
mendeteksi salah saji yang terdapat pada
saldo akun atau kelompok transaksi yang
bersifat material, baik untuk masing-masing
saldo akun atau kelompok transaksi maupun
saat digabungkan dengan salah saji dari saldo
akun atau kelompok transaksi lainnya.

Audit Risk = F(IR, CR, DR)

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.28

Illustration 6.12 Interrelationship of the Components of Audit Risk

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.29

Illustration 6.13 Relationship between Inherent, Control and Detection Risk

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.30

Risiko Signifikan

• Risiko Signifikan umumnya berkaitan dengan


hal-hal yang memerlukan pertimbangan dan
transaksi tidak rutin yang signifikan.
• Risiko salah saji material mungkin lebih besar
untuk hal yang memerlukan pertimbangan
material karena membutuhkan estimasi
akuntansi atau pengakuan pendapatan dan
asumsi-asumsi tentang pengaruh sejumlah
dampak dari peristiwa masa depan,
dibandingkan dengan transaksi biasa.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.31

Dalam menetapkan apakah risiko signifikan atau


tidak, auditor mempertimbangkan hal-hal berikut :

 Apakah risiko tersebut adalah risiko karena kecurangan


 Kemungkinan terjadinya risiko
 Apakah risiko tersebut terkait dengan perekonomian
penting saat ini, akuntansi atau perkembangan lainnya,
sehingga membutuhkan perhatian khusus.
 Kompleksitas transaksi yang dapat menimbulkan risiko
 Apakah risiko tersebut melibatkan sejumlah transaksi
signifikan dengan pihak yang berelasi
 Tingkat subjektivitas dalam pengukuran informasi
keuangan yang terkait dengan risiko.
 Apakah saldo tersebut melibatkan sejumlah transaksi
signifikan yang berada diluar aktivitas normal bisnis
entitas, atau sebaliknya, yang timbul dari pemahaman
yang tidak biasa terhadap entitas dan lingkungannya.
Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.32

Materialitas

‘Salah saji atau kelalaian bersifat material jika


salah saji tersebut diperkirakan dapat mempengaruhi
pengambilan keputusan ekonomi para pengguna
berdasarkan laporan keuangan yang ada’

Materialitas dipengaruhi oleh ukuran,


sifat dasar, dan keadaan

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.33

Materialitas (Lanjutan)
• Pertimbangan tentang materialitas dibuat untuk
menyoroti situasi-situasi sekitar, yang
dipengaruhi oleh ukuran dan sifat dasar dari
salah saji, atau kombinasi antara keduanya.
• Pertimbangan tentang berbagai hal yang bersifat
material oleh para pengguna laporan keuangan
yang didasarkan pada pertimbangan atas
kebutuhan laporan keuangan secara umum oleh
sekelompok pengguna. Kemungkinan pengaruh
salah saji pada masing-masing pengguna secara
khusus, yang mana kebutuhannya mungkin
bervariasi, tidak dipertimbangkan.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.34

Materiality size, nature, circumstances


Size of the item: penggunaan materialitas yang
paling umum dilakukan terhadap ukuran komponen
yang dipertimbangkan.
Nature of the item: Sifat dasar komponen
merupakan karakteristik kualitatif.
Circumstances: materialitas dari kesalahan
bergantung pada situasi-situasi dari keterjadiannya.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.35

Low materiality level

There are additional costs for an auditor to audit


with a lower materiality.
– The lower the materiality, the more costly is the audit.
– If any error of whatever small size needs to be found
in the audit, the auditor would spend significantly
more time than when a certain level of imprecision
(higher materiality level) is considered acceptable.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.36

Rules of thumb in setting materiality levels


In practice every accounting firm has its own set of
guidelines or ‘rules of thumb’ materiality related to a financial
statement base such as net income, total revenues, etc.
Rules of thumb commonly used in practice include:
5 to 10 per cent of net income before taxes;
5 to 10 per cent of current assets;
5 to 10 per cent of current liabilities;
0.5 to 2 per cent of total assets;
0.5 to 2 per cent of total revenues;
1 to 5 per cent of total equity.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.37

Fraud and irregularities

The audit standards define fraud as ‘an


intentional act by one or more individuals among
management, those charged with governance,
employees, or third parties, involving the use of
deception to obtain an unjust or illegal advantage.’

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.38

Inherent limitations with misstatements


resulting from fraud
• The risk of not detecting fraud is higher than the risk
of not detecting error because fraud may involve
sophisticated and carefully organised schemes
designed to conceal it (such as forgery, deliberate
failure to record transactions).
• Collusion may cause the auditor to believe that audit
evidence is persuasive when it is, in fact, false.
• Because management is frequently in a position to
manipulate accounting records or override controls,
the risk of the auditor not detecting management
fraud is greater than for employee fraud.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.39

Two types of intentional misstatements


1. Fraudulent financial reporting involves
intentional misstatements including omissions of
amounts or disclosures in financial statements to
deceive financial statement users.
2. Misappropriation of assets involves the theft of
an entity’s assets and is often perpetrated by
employees in relatively small and immaterial
amounts.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.40

Necessary for fraud to occur

• Perceived pressure
– A situation where someone believes that they have
a need to commit a fraud.
• Perceived opportunity
– A situation where someone believes they have a
favourable or promising combination of
circumstances to commit an undetectable fraud.
• Rationalisation
– To devise a self-satisfying but incorrect reasons for
one’s behaviour.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.41

Fraud triangle – Three elements are


common to every fraud

Illustration 6.15 The Fraud Triangle

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.42

Discussion with engagement team and risk


assessment procedures
ISA 315 requires a discussion among the
engagement team members which places particular
emphasis on how and where the entity’s financial
statements may be susceptible to material
misstatement due to fraud, including how fraud
might occur, setting aside beliefs that management
and those charged with governance are honest and
have integrity.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.43

Risk assessment procedures that may indicate


fraud include inquiries of management
regarding:
• Management’s assessment of the risk that the
financial statements may be materially misstated due
to fraud, including the nature, extent and frequency
of such assessments.
• Management’s process for identifying and responding
to the risks of fraud, including any specific risks of
fraud that has been brought to management’s
attention, and classes of transactions, account
balances or disclosures for which a risk of fraud is
likely to exist.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.44

Risk assessment procedures that may indicate


fraud include inquiries of management
regarding: (Continued)
• Any management communication to those charged
with governance regarding the risks of fraud in the
entity; and, to employees regarding management
views on business practices and ethical behaviour.
• Whether management has knowledge of any actual,
suspected or alleged fraud affecting the entity.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.45

The auditor must design and


perform audit procedures to:
• Test the appropriateness of journal entries recorded
in the general ledger and other adjustments made in
the preparation of the financial statements; review
journal entries or any adjustments made at the end of
a reporting period; and test journal entries throughout
the audit period.
• Review accounting estimates for biases and evaluate
whether they represent a risk of material
misstatement due to fraud.
• Review significant transactions that are outside the
normal course of business for the entity.
Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.46

Reporting the fraud


• If the auditor has identified a fraud, it is her duty to
communicate these matters to management. The
auditor will report to those charred with governance
any identified or suspected fraud involving
management or employees who have significant
roles in internal control.
• If the auditor has identified or suspects a fraud, she
must determine whether there is a responsibility to
report it to third parties outside the entity (such as
government regulators).
• The auditor’s legal responsibilities may override the
duty of confidentiality in some circumstances.
Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.47

Auditor’s expert

An auditor’s expert is an individual or


organisation possessing expertise in a field other
than accounting or auditing, whose work in that
field is used by the auditor to assist the auditor
in obtaining sufficient appropriate audit evidence.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.48

When using an expert’s work the


auditor must:
• Determine expert’s
• Competence (professional certifications)
• Capabilities
• Objectivity.
• The auditor shall agree, in writing when appropriate,
with the auditor’s expert:
• The nature, scope and objectives of that expert’s work.
• The respective roles and responsibilities of the auditor
and that expert.
• The nature, timing and extent of communication.
• The need for the auditor’s expert to observe
confidentiality.
Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.49

Using the work of the auditee’s internal auditors

• The internal audit function is an appraisal activity


established or provided as a service to the entity.
Its functions include, amongst other things,
examining, evaluating and monitoring the adequacy
and effectiveness of internal control.
• Internal auditors are those individuals who perform
the activities of the internal audit function.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.50

If internal auditor’s work is used in the audit

If the external auditor uses specific work of the


internal auditors, the external auditor must include
in the audit documentation the conclusions reached
regarding the evaluation of the adequacy of the
work of the internal auditors and the audit
procedures performed by the external auditor on
that work.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.51

Auditee use of a service organisation

A service organisation is a third-party organisation


(or segment of a third-party organisation) that
provides services to user entities that are part of
those entities’ information systems relevant to
financial reporting.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.52

The auditor must obtain an understanding of


the controls of the service organisation from
one or more of the following procedures:
• Obtaining a type 1 or type 2 report
• Contacting the service organisation
• Visiting the service organisation and performing
procedures
• Or using another auditor to perform procedures
that will provide the necessary controls
information at the service organisation.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.53

Type 1 and 2 internal control reports


The Type 1 report is a report on the description
and design of controls at a service organisation
encompassing:
a.A description by management of the service
organisation, service organisation’s system, control
objectives and related controls.
b.A report by the service auditor conveying her
opinion of the service organisation’s system.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.54

The Type 2 report, called ‘report on the description, design


and operating effectiveness of controls at a service
organisation’ encompasses:
a.Management’s description of the service organisation,
service organisation’s system, control objectives and related
controls, and, in some cases, their operating effectiveness
throughout a specified period.
b.A report by the service auditor conveying her opinion
on the description of the service organisation’s system,
control objectives and related controls, the suitability of the
design of the controls to achieve the specified control
objectives and the operating effectiveness of the controls.
c.A description of the service auditor’s tests of the controls
and the results thereof.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.55

Discussions with those charged with


governance
The auditor may seek the views of those charged
with governance about the appropriate person(s)
in the entity’s governance structure with whom to
communicate, the allocation of responsibilities
between those charged with governance and
management, the entity’s objectives and strategies
and the related business risks that may result in
material misstatements, significant communications
with regulators and matters they believe warrant
particular attention during the audit.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.56

Typically, an audit planning memorandum would


contain the following sections:

• Background information
• Objectives of the audit
• Assessment of engagement risk
• Other auditors or experts
• Materiality
• Inherent risks
• Conclusions regarding the control environment
• Level of reliance on the client’s CIS systems
• Quality of the accounting and internal control systems
• Audit approach
• Timing and scheduling of audit work
• Audit budget

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.57

The audit plan (programme)

• The audit plan includes the details of the


planned audit procedures for material classes of
transactions, account balances and disclosures.
• As the auditor performs audit procedures
outlined in the audit plan, the audit plan is
updated and changed to reflect the further audit
procedures considered necessary given the
circumstances.

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.58

• Audit evidence
If the auditor determines from the understanding of
the business that inherent risk is low and from the
understanding of internal controls that control risk is
low, then less evidence is required.
• Audit procedures
In planning the timing of audit work, crucial
procedures should be performed first.
• Documentation
The auditor should document the overall audit
strategy and the audit plan, including reasons
for significant changes made during the audit
engagement.
Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014
Slide 6.59

Thank you for your attention

Any Questions?

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014