1 / 11

Tools and Techniques for the Auditor: Fieldwork PEMPAL, Skopje, April 2019

Tools and Techniques for the Auditor: Fieldwork PEMPAL, Skopje, April 2019. Fieldwork phase.

sidone
Download Presentation

Tools and Techniques for the Auditor: Fieldwork PEMPAL, Skopje, April 2019

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Tools and Techniques for the Auditor: Fieldwork PEMPAL, Skopje, April 2019

  2. Fieldwork phase • Fieldwork is defined as the process of gathering evidence and analyzing and evaluating that evidence in accordance with the audit proposal. The purpose of fieldwork is to collect sufficient and relevant evidence to reach a conclusion or finding and to support to recommendations. • Audit techniques are tools, methods or processes by means of which an auditor collects necessary evidence to support his opinion in respect of the propositions or assertions submitted by the client to him for his examination. • Standard 2310 – Identifying Information • Internal auditors must identify sufficient, reliable, relevant, and useful information to achieve the engagement’s objectives.

  3. Terminology related to audit techniques • Audit sources: sources where to get information/data from. E.g. employees/management; documents; IT-system; • Audit evidence: information gathered during an audit. For example: interview report, specific aspects of documents, financial report, log file of an IT-system. Note: evidence is not a finding yet! • Audit findings: the differences between the criteria from the reference framework and the evidence obtained from the audit object (reality): the gaps! • Audit Conclusions:answer to the key audit questions / audit objective based on a solid analysis of the audit findings; • Audit opinion:statement made by the auditor in which an audit object is valued. Usually it concerns an opinion on the trueness and fairness of the financial statements (FA) Planning: determine audit techniques Fieldwork: execute audit techniques Analysis:

  4. Some notions regarding audit techniques • Applicable techniques highly depend on type, objective (assurance? consulting?), object of the audit, defined audit criteria; • Applicable audit techniques are dependable on available time, capacity, knowledge/skills, level of assurance, accessibility of data; • Already in the preliminary phase/study audit evidence is gathered and audit techniques are applied; • Sufficiency of audit evidence is the measure of the quantity of audit evidence. Appropriateness of evidence is the quality of the evidence, i.e., its relevance and reliability to support the auditor's opinion.

  5. An overview of Audit Techniques (not exhaustive) • Financial Audit: • Sampling: statistical / non-statistical  note: more a supportive tool than really audit technique; • Substantive testing (already in preliminary phase of the audit): e.g. analytical review procedures: analysis of accounts, comparison/relation/connection between financial data; • Compliance checks; • Physical checks/observation: e.g. inventory check; • Testing of Financial Controls: e.g. system based controls (in coordination with IT-audit), controls embedded in the Financial Administration (e.g. segregation of duties); • Document study, financial accounts/financial statements (detailed control); • Analysis of non-financial information (efficiency indicators, management control statement) • Interviews.

  6. Performance/operational audit:

  7. An overview of Audit Techniques (not exhaustive) • Performance/operational audit: • Sampling: statistical / non-statistical  note: more a supportive tool than really audit technique; • Document study (mostly preliminary phase); • Process analysis (mostly preliminary phase) • Interviews: individual or group (in combination with supportive evidence, ATLAS.TI); • Surveys; • Examination of specific evidence: e.g. adherence to procedures; authorizations; • Control (Risk) Self Assessments: C(R)SA; • Observation; • Workshops: e.g. gaming, C(R)SA, brown paper sessions in depth process analysis.

  8. An overview of Audit Techniques (not exhaustive) • IT audit: • Sampling: statistical / non-statistical  note: more a supportive tool than really audit technique; • Document study (mostly preliminary phase); • Process analysis (mostly preliminary phase); • Testing of General Controls (e.g. access management and change management and Application controls (design and practice: walk through testing, PEN-testing); • Log file analysis; • Interviews; • IT-tooling, CAATs (aiding the IT-audit process) and CAATTs (for large volumes of data, no sampling) data analysis and data/process-mining; • Analytical review of data by using CAATs.

  9. Computer-Assisted Audit Tooling (CAATS) • Tools to analyze data • Process mining • Analyzing machine data with Splunk • Real-time network and server information with Splunk dashboard • Log file analysis • Tools for IT security • Center for Internet Security • Assess quality of digital certificates • Check computers for common security misconfigurations • CAATs is in the Netherlands used in all types of audits. For Financial Audit it is essential

  10. IT-audit tooling: some tools used in the Netherlands

More Related