1 / 50

Review of Introduction to Auditing

Review of Introduction to Auditing. Lynn Kingston, CPA Adjunct Faculty Portland State University. Definition of Auditing. Auditing is a systematic process of 1) obtaining and evaluating evidence regarding assertions about economic actions and events.

dexter-bonner
Download Presentation

Review of Introduction to Auditing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Review of Introduction to Auditing Lynn Kingston, CPA Adjunct Faculty Portland State University

  2. Definition of Auditing Auditing is a systematic process of 1) obtaining and evaluating evidence regarding assertions about economic actions and events 2) ascertaining the degree of correspondence between assertions and established criteria 3) Communicating the results to interested users

  3. Audit Evidence “Audit evidence is all the information used by the auditor in arriving at the conclusions on which the audit opinion is based.”

  4. Why are assertions important?

  5. Overview of Three Classes of Assertions

  6. Being Alert for Misstatements • Misstatements can result from either errors or fraud and may consist of any misstatement of an assertion • What is the difference between known misstatements and likely misstatements? • What is the auditor’s responsibility for immaterial misstatements? • What is the auditor’s responsibility to communicate misstatements to management?

  7. Understanding the Entity and Its Environment

  8. Goal: Assessing the Risk of Material Misstatement • Develop a knowledgeable perspective about the entity • Relate risks to what can go wrong and the F/S level of assertion level • Consider the magnitude of risks that could result (Material?) • Consider the likelihood of risks that could result

  9. Inherent Risk at the Financial Statement Level(Pervasive Risks) • Examples: • Management turnover, reputation, or accounting skills • Liquidity and going concern problems • Pressure to meet debt covenants • Changing industry conditions, etc. • Responses • Increased knowledge, skill, and ability of personnel assigned significant engagement responsibilities • Involvement of a specialist • Appropriate level of supervision of assistants

  10. Inherent Risk at the Assertion Level • Examples: • Difficult to audit accounts or transactions • Contentious or difficult accounting issues • Susceptibility to misappropriation • Complexity of calculations • Significant volume of transactions • Responses • Choices about nature, timing and extent of substantive tests depends on internal controls

  11. Fraud Defined • Acts Resulting in Material Misstatements • Intentional or Unintentional • 2 Types of Misstatements Relevant to Fraud • Fraudulent Financial Reporting • Misappropriation of Assets

  12. The Fraud Triangle

  13. Significant risks that require special audit consideration • Significant risks are often derived from business risks that may result in a material misstatement. • Whether the risk is a risk of fraud • Whether the risk is related to recent significant economic, accounting, or other developments and, therefore, requires specific attention • The complexity of transactions • Whether the risk involves significant transactions with related parties • The degree of subjectivity in measurement • Whether the risk involves significant nonroutine transactions

  14. Significant risks • Understand whether the entity has developed internal controls • Communicate significant deficiency or material weakness • Analytical procedures should not be the primary substantive test

  15. Internal Control • The auditor should obtain an understanding of the five components of internal control • The auditor should obtain a sufficient understanding by performing risk assessment procedures to evaluate the design of controls relevant to an audit of financial statements and to determine whether they have been implemented

  16. Internal Control • The auditor should know enough to: • Identify types of potential misstatements. • Consider factors that affect the risks of material misstatement. • Design tests of controls, when applicable, and substantive procedures.

  17. Components of Internal Control • Control Environment • Risk Assessment • Information and Communication • Monitoring • Control Activities Understand in Every Audit Depth of Understanding Depends on Audit strategy

  18. Control Environment Tone at the top that influences control consciousness • Integrity and Ethical Values • Commitment to Competence • Board of Directors and Audit Committee • Management’s Philosophy and Operating Style • Organizational Structure • Assignment of Authority and Responsibility • Human Resource Policies and Practices

  19. Risk Assessment Process

  20. Information and Communication • Information • Transactions • Audit Trail or Transaction Trail • Documents • Records • Communication

  21. Information and Communication Authorize Execute Risk of Misstatement Risk of Misstatement Record Report Risk when you change the content of information about at transaction or you change the form of information Consideration

  22. Monitoring • Ongoing monitoring programs • Separate evaluations • Element of reporting deficiencies to the management / governance

  23. Control Activities • Authorization • Segregation of Duties • Information Processing Controls • Computer General Controls • Computer Application Controls • Controls over the Financial Reporting Process • Physical Controls • Performance Reviews • Controls over Mgmt. Discretion in Financial Reporting

  24. Segregation of Duties

  25. Overview of Computer ControlsAnd Strategies for Test of Controls

  26. Computer General Controls • Organizational and operational controls • System development and documentation controls • Hardware and system controls • Access Controls • Data and Procedural Controls

  27. Application Controls • Programmed controls that identify and report possible misstatements in assertions

  28. How to identify key controls Completeness Start Here Authorize / Initiate Execute Record Start Here For Occurrence, Accuracy, and Classification Consideration

  29. Controls over the Financial Reporting Process Spreadsheets Financial Statements SQL Accounting Database Weak or No Controls Weak or No Controls Strong Controls

  30. Control Activities • Authorization • Segregation of Duties • Information Processing Controls • Computer General Controls • Computer Application Controls • Controls over the Financial Reporting Process • Physical Controls • Performance Reviews • Controls over Mgmt. Discretion in Financial Reporting

  31. Overall Conclusion about Internal Controls What is the cumulative effect of all five components of internal control for each assertion?

  32. PCAOB Auditing Standard #5 • A material weakness is a deficiency, or a combination of deficiencies, in internal control over financial reporting, such that there is a reasonable possibility that a material misstatement of the company's annual or interim financial statements will not be prevented or detected on a timely basis. • Note: There is a reasonable possibility of an event, as used in this standard, when the likelihood of the event is either "reasonably possible" or "probable," as those terms are used in Financial Accounting Standards Board Statement No. 5, Accounting for Contingencies ("FAS 5").3/

  33. PCAOB Auditing Standard #5 • A significant deficiency is a deficiency, or a combination of deficiencies, in internal control over financial reporting that is less severe than a material weakness, yet important enough to merit attention by those responsible for oversight of the company's financial reporting.

  34. Factors that influence judgments about likelihood • The nature of the financial statement accounts, disclosures, and assertions involved. For example, suspense accounts and related party transactions involve greater risk. • The susceptibility of the related assets or liabilities to loss or fraud. • The subjectivity and complexity of the amount involved, and the extent of judgment needed to determine that amount. • The cause and frequency of any known or detected exceptions related to the operating effectiveness of a control. • The interaction or relationship of the control with other controls. • The interaction of the control deficiency with other control deficiencies. • The possible future consequences of the deficiency.

  35. Factors that influence judgments about magnitude • The financial statement amounts or total of transactions exposed to the deficiency. • The volume of activity in the account balance or class of transactions exposed to the deficiency in the current period or expected in future periods.

  36. Analytical Procedures

  37. Effective Analytical Procedures

  38. Responses to risk at the assertion level • Nature • The nature of the audit procedures is of most importance in responding to the assessed risks. • Timing • Good internal controls are required to modify the timing of audit procedures • Extent • Directly related to test of details risk in the audit risk model • The auditor also needs to consider other factors related to sample size

  39. Nature and Timing of Test of Controls

  40. General Categories of Substantive Tests • Initial Procedures • Analytical Procedures • Tests of Details of Transactions • Tests of Details of Balances • Tests of Details of Accounting Estimates • Tests of Details of Disclosures

  41. Factors that influence performing substantive tests at an interim date • The control environment and other relevant controls • The availability of information at a later date that is necessary for the auditor’s procedures • The objective of the substantive procedure • The assessed risk of material misstatement • The nature of the class of transactions or account balance and relevant assertions • The ability of the auditor to reduce the risk that misstatements that exist at the period end are not detected by performing appropriate substantive procedures or substantive procedures combined with tests of controls to cover the remaining period in order to reduce the risk that misstatements that exist at period end are not detected

  42. Evaluating the sufficiency and appropriateness of evidence • At the end of the audit the auditor should cycle back through risk assessments made and evidence obtained to evaluate the effectiveness of the audit. • Significance of the potential misstatement in the relevant assertion and the likelihood of its having a material effect, individually or aggregated with other potential misstatements, on the financial statements. • Effectiveness of management’s responses and controls to address the risks. • Experience gained during previous audits with respect to similar potential misstatements. • Results of audit procedures performed, including whether such audit procedures identified specific instances of fraud or error. • Source and reliability of available information. • Persuasiveness of the audit evidence. • Understanding of the entity and its environment, including its internal control.

  43. Final Consideration • Evaluate known and likely misstatements • Consider material overstatement and understatements • The effect of misstatements in prior periods

  44. The Assurance Bucket Accounting 493/593 – Spring 2009

  45. Filling the Assurance Bucket Risk Assessment Procedures Risk Assessment Procedures

  46. Filling the Assurance Bucket Tests of Controls Risk Assessment Procedures Test of Controls

  47. Filling the Assurance Bucket Substantive Analytical Procedures Tests of Controls Risk Assessment Procedures Substantive Analytical Procedures

  48. Filling the Assurance Bucket Substantive Analytical Procedures Tests of Controls Risk Assessment Procedures Substantive Tests of Details Substantive Test of Details

  49. Filling the Financial Statement Assertion “Buckets” Substantive Analytical Procedures Tests of Controls Substantive Tests of Details Risk Assessment Procedures Completeness Cut-Off Existence Valuation

  50. Questions?

More Related