www.Kay Sohl Consulting.org
How an Auditor Looks at
Internal Control
NASCSP State CSBG Monitors Training
November 17, 2010
Workshop Leader: Kay Sohl
www.Kay Sohl Consulting.org
Session Focus:
• Role & goal of independent audits
• Why auditors consider internal controls
• COSO framework
• System problems/implementation errors
• Testing controls & compliance
• Reports & findings
www.Kay Sohl Consulting.org
Quick Quiz?
1. What’s the purpose of an independent
audit of financial statements?
2. How is an A-133 audit different from a
“standard” audit of financial statements?
3. Who can conduct independent audits
and/or A-133 audits?
www.Kay Sohl Consulting.org
Independent Audits
• Board engages CPA to conduct
independent audit
• Management responsible for preparing
accurate financial statements
• Auditor responsible for opinion on extent
to which readers can rely on the
statements
www.Kay Sohl Consulting.org
Purpose of Independent Audit
Get auditor’s opinion about whether the
entity’s financial statements fairly present
the financial position and results of
activities in accord with standards of US
GAAP
www.Kay Sohl Consulting.org
Essential Requirements for
Auditors
• Independence
• Professional competence
• Sufficient study & testing to form basis for
opinion
• Work & communication in accord with
Generally Accepted Auditing Standards
www.Kay Sohl Consulting.org
GAAS
• Generally Accepted Audit Standards
• Developed by AICPA
• Published in Statements on Auditing
Standards (SAS)
• Significant changes since 2006
www.Kay Sohl Consulting.org
New Auditing Standards
• Require more rigorous analysis of risks
of misstatement and design of audit
procedures to test for significant risks
• Require disclosure to the board of
material weaknesses and significant
deficiencies
www.Kay Sohl Consulting.org
All Audits Require Auditor to:
• Understand the nature of the “business”
• Assess risks of misstatement &
noncompliance
• Understand controls to address risks
• Test controls
• Analyze results of test
• Determine significance of problems
www.Kay Sohl Consulting.org
Yellow Book Audits
• Government Auditing Standards
http://www.gao.gov/govaud/ybk01.htm
• Guides audits of individual federal
awards when A-133 not required
• Contains core requirements used for A-
133 audits
http://www.gao.gov/govaud/ybk01.htm
www.Kay Sohl Consulting.org
A-133 Audits
• Required when combined federal expenditures of
$500,000 or more within the organization’s fiscal
year
• Described in Office of Management & Budget
Circular A-133
• Include all standard independent audit procedures
and reports
• Require additional testing and reporting on
compliance with federal funds requirements
www.Kay Sohl Consulting.org
A-133 Audits- continued
• Include auditor’s opinion on compliance
wit ...
www.Kay Sohl Consulting.org How an Auditor Looks at In.docx
1. www.Kay Sohl Consulting.org
How an Auditor Looks at
Internal Control
NASCSP State CSBG Monitors Training
November 17, 2010
Workshop Leader: Kay Sohl
www.Kay Sohl Consulting.org
Session Focus:
• Role & goal of independent audits
• Why auditors consider internal controls
• COSO framework
• System problems/implementation errors
• Testing controls & compliance
2. • Reports & findings
www.Kay Sohl Consulting.org
Quick Quiz?
1. What’s the purpose of an independent
audit of financial statements?
2. How is an A-133 audit different from a
“standard” audit of financial statements?
3. Who can conduct independent audits
and/or A-133 audits?
www.Kay Sohl Consulting.org
Independent Audits
• Board engages CPA to conduct
independent audit
• Management responsible for preparing
accurate financial statements
• Auditor responsible for opinion on extent
3. to which readers can rely on the
statements
www.Kay Sohl Consulting.org
Purpose of Independent Audit
Get auditor’s opinion about whether the
entity’s financial statements fairly present
the financial position and results of
activities in accord with standards of US
GAAP
www.Kay Sohl Consulting.org
Essential Requirements for
Auditors
• Independence
• Professional competence
• Sufficient study & testing to form basis for
opinion
4. • Work & communication in accord with
Generally Accepted Auditing Standards
www.Kay Sohl Consulting.org
GAAS
• Generally Accepted Audit Standards
• Developed by AICPA
• Published in Statements on Auditing
Standards (SAS)
• Significant changes since 2006
www.Kay Sohl Consulting.org
New Auditing Standards
• Require more rigorous analysis of risks
of misstatement and design of audit
procedures to test for significant risks
• Require disclosure to the board of
material weaknesses and significant
deficiencies
5. www.Kay Sohl Consulting.org
All Audits Require Auditor to:
• Understand the nature of the “business”
• Assess risks of misstatement &
noncompliance
• Understand controls to address risks
• Test controls
• Analyze results of test
• Determine significance of problems
www.Kay Sohl Consulting.org
Yellow Book Audits
• Government Auditing Standards
http://www.gao.gov/govaud/ybk01.htm
• Guides audits of individual federal
awards when A-133 not required
• Contains core requirements used for A-
6. 133 audits
http://www.gao.gov/govaud/ybk01.htm
www.Kay Sohl Consulting.org
A-133 Audits
• Required when combined federal expenditures of
$500,000 or more within the organization’s fiscal
year
• Described in Office of Management & Budget
Circular A-133
• Include all standard independent audit procedures
and reports
• Require additional testing and reporting on
compliance with federal funds requirements
www.Kay Sohl Consulting.org
A-133 Audits- continued
7. • Include auditor’s opinion on compliance
with requirements of major federal
programs
• Include findings on compliance and
questioned costs
www.Kay Sohl Consulting.org
Key A-133 Resources
• A-133 Compliance Supplement
• A-133 Compliance Supplement
Addendum June 30,2009 - ARRA
• A-133 2010 Compliance Supplement
August, 2010 including new guidance on job creation
www.Kay Sohl Consulting.org
Why Do Auditors Consider
Internal Controls?
8. www.Kay Sohl Consulting.org
SAS 112 Requires Auditor to
• Assess organization’s risks
• Understand controls
• Determine whether controls would be
adequate if fully utilized
• Test whether the controls are
working
www.Kay Sohl Consulting.org
Internal Controls
• Systems, policies & policies designed
to prevent and detect errors and
irregularities
• Control environment: organization
- wide expectations around integrity &
9. compliance
www.Kay Sohl Consulting.org
Internal Controls designed to:
• Reduce the risk of improper actions
• Increase the likelihood that errors or
wrong acts will be detected
• Reduce the risk that error will go
uncorrected
www.Kay Sohl Consulting.org
Controls Designed to Prevent
• Misstatement:
– Financial statements do not fairly present
financial condition
10. • Misappropriation:
– Theft or misuse of the organization’s assets
• Non-Compliance:
www.Kay Sohl Consulting.org
Reality
• No perfect controls
• Controls provide reasonable assurance,
not absolute assurance
• Cost/benefit analysis essential in
designing, implementing, & monitoring
controls
www.Kay Sohl Consulting.org
Additional Requirements for
A-133 Audits
11. Auditor must:
• Identify major federal programs
• Understand compliance requirements
for major federal programs
• Identify risks of non-compliance
• Test controls to determine compliance
www.Kay Sohl Consulting.org
A-133 Requires Auditor to:
• Determine whether organization is a high
risk auditee
• Determine whether the organization has
received awards through federal programs
that are deemed high risk
• Tailor audit procedures & tests to address
the level of risk
www.Kay Sohl Consulting.org
12. A-133 Requires Auditor to
obtain “low” control risk
• “Low” control risk requires:
– Reliable controls
– Controls operate effectively
• Auditor gets to “low” control risk by:
– Documenting understanding of controls
– Testing control design and implementation
– Testing control effectiveness
www.Kay Sohl Consulting.org
A-133 Auditors Under
Pressure
2007 GAO study of A-133 audits found:
• 48.6% of audits, which covered 92% of $$
audited, were deemed “acceptable”
• 16% deemed of “limited reliability”
• 35.5% of audits (covering only 4.8% of
dollars) were deemed “unacceptable”
13. www.Kay Sohl Consulting.org
Internal Control Standards
• A-133 and standard audits rely on COSO
• COSO – Committee of Sponsoring
Organizations created framework for
establishing and evaluating internal controls
• www.coso.org/IC
http://www.coso.org/IC
www.Kay Sohl Consulting.org
COSO Framework
1. Control environment
2. Risk assessment
3. Control activities
4. Information & effective communication
5. Monitoring
14. www.Kay Sohl Consulting.org
Apply COSO Framework to:
• Operations
• Financial Reporting
• Compliance
www.Kay Sohl Consulting.org
Core Control Concepts
• Internal control is not one event, but a series of
actions and activities that occur throughout an
entity’s operation an on an ongoing basis
• Integral part of each system used to regulate &
guide operations
www.Kay Sohl Consulting.org
15. Comprehensive Controls
• Highest levels of management &
governance
• Compliance with law/regulation
• Program activities
• Operational policies & procedures
• Internal & external reporting
www.Kay Sohl Consulting.org
COSO Framework
1. Control environment
2. Risk assessment
3. Control activities
4. Information & effective communication
5. Monitoring
16. www.Kay Sohl Consulting.org
COSO: Control Environment
Board oversight of controls
• Annual audit
• Audit committee/auditor communication
• CEO annual review
• Follow-up on audit/monitoring findings
• Review of monthly financial statements
• Awareness of most significant risks
www.Kay Sohl Consulting.org
COSO: Control Environment:
CEO & Management
• CEO/Management awareness of high risk areas
17. • Adequacy of resources for fiscal and program
management
• Monthly analysis of financial statements
• Authority/responsibility for compliance clearly
assigned
.
www.Kay Sohl Consulting.org
COSO: Risk Assessment
Risk Factors:
• Materiality of exposure – $$$ at risk
• Complexity of compliance requirements
• Experience/lack of experience with
program
• Weak control environment/lack of
management expertise
18. www.Kay Sohl Consulting.org
COSO: Risk Assessment
More Risk Factors
• Financial pressure
• Failure to address previous findings
• Change in CFO
www.Kay Sohl Consulting.org
COSO: Control Activities
Control Activity Basics:
• Top level review of accomplishments
• Comparison of actual to planned, both
$$$ & activities
• HR management to employ competent,
high integrity staff
19. • Info processing controls
www.Kay Sohl Consulting.org
COSO: Control Activities
More Control Basics
• Physical control of assets
• Segregation of duties
• Proper execution of transactions
• Accurate/timely recording
• Access restrictions & accountability
• Documentation of transactions & controls
www.Kay Sohl Consulting.org
COSO Framework
20. 1. Control environment
2. Risk assessment
3. Control activities
4. Information & effective communication
5. Monitoring
www.Kay Sohl Consulting.org
COSO: Info & Communications
Key Elements
• Relevant, reliable, & timely access to
programmatic & financial info for managers???
• Clarity regarding responsibility for monitoring
info & authority to require change ???
www.Kay Sohl Consulting.org
21. COSO: Monitoring
Monitoring ???
• Is responsibility for periodic testing of
compliance clearly assigned & adequate time
available for timely testing?
• Responsibility for follow-up on prior findings
clearly assigned with realistic timeline for
resolution?
.
www.Kay Sohl Consulting.org
Auditor Analysis of
Internal Controls
• Adequacy of design of control systems:
– Control environment
– Policies and procedures
22. – Control activities
– Info and communication
– Internal monitoring
www.Kay Sohl Consulting.org
More Auditor Analysis
• Are controls working as designed?
• How likely is it that the controls have failed
– To deter and or detect error or improper
action
– To result in correction of error
• How significant would the consequences be
if the controls failed?
www.Kay Sohl Consulting.org
Key Changes Since 2006
• Auditors required to do more rigorous
23. analysis of risks of misstatement and design
audit procedures to test for significant risks
• Must test of controls even when controls
are deemed inadequate
www.Kay Sohl Consulting.org
Test Controls through
Sampling
• Auditors use sampling to test internal
controls & compliance
• Do not test every transaction
• Design sample to test significant
transactions & test a statistically large
enough # of total transactions to predict
the reliability of the controls
42
www.Kay Sohl Consulting.org
Sampling - continued
24. • Expand sample when initial tests reveal
unacceptable rate of error
• Auditor evaluates potential significance of
errors or noncompliance with
controls to determine whether controls
are effective
www.Kay Sohl Consulting.org
Auditor Conclusions
• Consider adequacy of control design
• Analyze results of testing to determine
effectiveness of controls
• Determine the significance of control
problems
• Communicate control conclusions
25. www.Kay Sohl Consulting.org
SAS No. 115
Communicating Internal Control-Related
Matters
Identified in an Audit
• Requires written communication of
material weaknesses and significant
deficiencies in controls
• Must continue to report
weaknesses/deficiencies until they are
corrected
www.Kay Sohl Consulting.org
Which sounds worse to you?
• Material Weakness
or
26. • Significant Deficiency
www.Kay Sohl Consulting.org
Significant Deficiencies
• Replaces term “reportable condition”
• Exists when design or operation of a
control does not allow management/staff
to prevent or detect misstatements on a
timely basis
www.Kay Sohl Consulting.org
Significant Control Deficiencies
• Inability to prepare F/S
• Inadequate segregation
of duties
• No Safeguarding of
27. assets
• Receives significant
accounting services
• Lack of timely
reconciliations
• Lack of expertise in
accounting principles
• Employee fraud
• Qualification &
training of staff
• No monitoring of
controls
www.Kay Sohl Consulting.org
Material Weaknesses
• A material weakness is a significant
deficiency, or combination of significant
28. deficiencies, that results in more than a
remote likelihood that a material
misstatement of the financial statements
will not be prevented or detected
www.Kay Sohl Consulting.org
Material Weaknesses
• Significant audit
adjustments
• Not correcting internal
control deficiencies
• Fraud by management
• Regulatory non-
compliance
• Bias in accounting
estimates
• Restatement of financial
statements
29. • Deficiencies in IT
controls
• Ineffective oversight of
financial reporting
www.Kay Sohl Consulting.org
• Increased reporting of significant
deficiencies or material weaknesses in
internal control
• Increased auditor concern about
independence – reluctance to perform
audits for clients lacking sufficient
expertise to form independent
judgments about proposed adjustments
Recent Trends
www.Kay Sohl Consulting.org
A-133 Compliance Report
30. A-133 Auditor must issue:
Report on Compliance with Requirements that
Could Have a Direct and Material on each
Major Program and on Internal Control Over
Compliance in Accord with OMB Circular A-
133
www.Kay Sohl Consulting.org
A -133 Compliance Testing
• If internal controls are found to be
effective, auditor uses similar sized
samples sizes to test compliance
• If controls are found to be not effective,
sample sizes need to be significantly
increased to determine compliance
53
www.Kay Sohl Consulting.org
31. Key Federal Funds
Compliance Issues
• Identification of compliance requirements
• Personal activity reporting to substantiate
personnel related charges
• Sub-recipient monitoring
• Procurement
• Cash Management
www.Kay Sohl Consulting.org
Key Federal Compliance
Controls - continued
• Allowable costs – including allocated costs
• Facilities & equipment controls
32. www.Kay Sohl Consulting.org
Common A-133 Compliance
Issues
• Time and Effort / Personal Activity Reporting
• Davis-Bacon Act Compliance
• Inadequate sub-recipient monitoring
• Lack of compliance policies & procedures
• Financial statement audit adjustments
www.Kay Sohl Consulting.org
A-133 Compliance Findings
– CFDA number and title
– Federal award number and year
– Federal agency
– Name of pass-through entity
– Criteria – statutory / regulatory
– Condition found
– Questioned cost – how computed
33. – Information to provide prospective
– Cause / effect
– Recommendation
www.Kay Sohl Consulting.org
Your Use of Auditor Reports?
• Focus monitoring efforts
• Identify common issues/challenges among
CAAs in your state
• Support training & technical assistance to
address common issues
• Track CAA follow-through on addressing
findings
www.Kay Sohl Consulting.org
Quiz Answers
1. Boards hire independent auditors to obtain their
professional opinion about whether the financial
34. statements fairly present the financial condition of the
organization.
2. The A-133 audit results in a professional opinion about
the organization’s compliance with Federal funding
requirements in addition to an opinion about whether
the financial statements fairly present the financial
condition.
3. States control licensure of CPAs, including establishing
specific requirements for governmental auditing.
Chapter 7
Audit Planning and Analytical Procedures
Presentation Outline
Defining Audit Evidence
Types of Audit Evidence
35. Audit Documentation
I. Defining Audit Evidence
Audit Evidence Decisions
Persuasiveness of Audit Evidence
Competence Considerations
A. Audit Evidence Decisions
Audit procedures to use – specific procedures should be spelled
out for instruction during the audit.
Sample size – how many items should be tested for each audit
procedure.
Items to select – determine which items in the population
should be selected.
Timing – timing can vary from early in the accounting period to
long after it has ended.
B. Persuasiveness of Audit Evidence
Audit evidence is any information used by the auditor to
determine whether the information being audited is stated in
accordance with established criteria. Two determinants of
persuasiveness of evidence are:
Competence – the degree to which evidence can be considered
trustworthy.
Sufficiency – amount of evidence is enough to form a
reasonable opinion.
C. Competence Considerations
36. Relevance – must pertain to the audit objective being tested.
Independence – evidence from outside the client is a stronger
form of evidence
Effectiveness of client internal controls – good internal controls
can mean better information.
Auditor direct knowledge – auditor determinations are stronger
that client comments.
Qualifications – individual is a qualified source.
Degree of objectivity – objective evidence is stronger than
subjective evidence.
Timeliness – balance sheet account evidence is better when it is
collected around the date of the financial statement. Income
statement evidence should sample entire period.
II. Types of Audit Evidence
Physical examination
Confirmations
Documentation
Analytical Procedures
Inquiries of the Client
Reperformance
Observation
A. Physical Examination
Inspection or count by the auditor of a tangible asset.Different
from examining documentation is that the asset has inherent
value.
B. Confirmations
Positive Confirmations
37. Negative Confirmations
Asks for response even if balance is correct.
Asks for a response only if balance is incorrect.
More reliable than negative confirmations.
Uncertainty associated with no response.
The receipt of a written or oral response from an independent
third party. Auditor has client request that the third party
respond directly to the auditor.
Confirmation of accounts receivable is normally required when
practical
reasonable (SAS 67)
B. Confirmations (Continued)
1. Customers – Confirm A/R balances
2. Vendors – Confirm A/P balancesBanks – Confirm checking
account and loan balances
4. Attorneys – Confirm contingent liabilities
5. Inventory Agents – Confirm consignments
C. Documentation
Types of Documents
Document Vouching
Document Tracing
1. Types of Documents
Internal Documents
External Documents
Examine supporting evidence in client files.
Prepared and used within client company. Does not go outside
the client.
38. Document has been in hands of an outside party to the
transaction.
More reliable than internal documents.
*
Documentation is never as reliable as confirmations.
2. Document VouchingExamination of documents that support a
recorded transaction or amount.The direction of testing must be
from the recorded item to the supporting document.Tests
existence or occurrence
Recorded Item
Supporting
Document
3. Document TracingThe primary test for unrecorded items and
therefore tests the completeness assertion.The direction of
testing must be from the supporting document to the recorded
item.
Supporting
Document
Recorded
Item
39. D. Analytical Procedures
Audits studies relationships among data. Unusual fluctuations
occur when significant difference are not expected but do exist
or when significant differences are expected but do not exist.
Required during the planning and completion phases on all
audits.
E. Inquiries of the ClientAuditor obtains information from the
client in response to questions.Although much evidence is
obtained through inquiry, it can not be regarded as conclusive
and may be biased in the client’s favor.
F. Reperformance
Reperformance involves rechecking a sample of the
computations and transfers of information. Rechecking of
computations consists of testing mathematical accuracy.
Rechecking of transfers of information involves seeing if
information is recorded consistently in the accounting records.
I don’t think this is what they meant by reperformance!
H. ObservationAuditor witnesses the physical activities of the
client.Differs from physical examination because physical
examination counts assets, while observation focuses on client
activities.
40. III. Audit Documentation
Working Papers Files
Typical Working Paper Format
Storage of Working Papers
Ownership of Working Papers
The Sarbanes-Oxley Act requires auditors of public companies
to prepare
and maintain audit working papers for a period of no less than 7
years.
Audit documentation is the principal record of auditing
procedures applied, evidence obtained, and conclusions reached
by the auditor.
A. Working Papers Files
Permanent File
Current File
Working papers provide the principal record that the audit has
conformed to GAAS. Also provide information for deciding on
the proper report.
Information that is relevant for multiple years on recurring
engagements.
(See examples on page 178)
Information relevant for a given audit client for a particular
audit year.
(See examples on pages 178-182)
*
Temporary file may include audit program, working trial
balance, lead and detailed schedules.
B. Typical Working Paper FormatHeadings – audit client name,
41. year under audit, etc.Indexing – arrange papers in some
common order.Tick marks – symbols to key a footnote to an
item.Sign-off – indicates auditors that prepare and review.
Ricky Corporation Cash
Prepared by: KM Reviewed by: J.S.
A1
1st Savings
234.00
Traced to bank reconciliation.
C. Storage of Working PapersWorking papers of continuing
clients are maintained indefinitely.Check with legal counsel
before discarding any working papers.
D. Ownership of Working PapersThe working papers are the
auditor’s property, not the clients.In most cases, an auditor can
not reveal information in the working papers without the
client’s permission.
Summary
Audit Evidence and Persuasiveness
Types of Audit Evidence
Working Paper Format, Storage,
and Ownership
*Physical, Representations by 3rd Parties, Mathematical,
42. Documentation, Representations by Client Personnel, Data
Interrelationships. Analytical, Observation and Inquiry, Tests
of Transactions, Tests of Balances Tests of Controls,
Substantive Testing Physical examination, Confirmation,
Vouching, Tracing, Reperformance, Observation,
Reconciliation, Inquiry, Inspection, Analytical procedures
Permanent and current files
Welcome to ACCT325: Auditing
Instructor: Dr. Carla Hodge
Unit 4: The Audit Report
*
A Framework for Audit EvidenceOverview of Audit
EvidenceAssertion Model for Financial Statement AuditsThe
Economics of Gathering Appropriate, Sufficient EvidenceNature
of Audit Testing
*
43. *
*
What is Audit Evidence?
*
Audit evidence is all the information used by auditors in
arriving at the conclusions on which the audit opinion is based.
Auditors spend most of their time obtaining and evaluation
evidence concerning the assertions contained financial
statements and reports on internal control.
The evidence gathering and evidence-evaluation process is the
core of an audit.
PCAOB’s AS No. 15 (para. 3) states
The objective of the auditor is to plan and perform the audit to
obtain appropriate audit evidence that is sufficient to support
the opinion expressed in the auditor’s report.
44. International Auditing and Assurance Standards Board
Sufficiency and Appropriateness of Audit Evidence (Ref: Para.
13(c))
A20. Audit evidence is necessary to support the auditor’s
opinion and report. It is cumulative in nature and is primarily
obtained from audit procedures performed during the course of
the audit. It may, however, also include information obtained
from other sources such as previous audits and a firm’s quality
control procedures for client acceptance and continuance. Audit
evidence comprises both information that supports and
corroborates management’s assertions, and any information that
contradicts such assertions. Most of the auditor’s work in
forming the audit opinion consists of obtaining and evaluating
audit evidence.
AICPA:
Concept of Audit Evidence
.02 Audit evidence is all the information used by the auditor in
arriving at
the conclusions on which the audit opinion is based and
includes the information
contained in the accounting records underlying the financial
statements
and other information. Auditors are not expected to examine all
information
that may exist.2 Audit evidence, which is cumulative in nature,
includes audit
evidence obtained from audit procedures performed during the
course of the
audit and may include audit evidence obtained from other
sources, such as previous
audits and a firm's quality control procedures for client
acceptance and
continuance.
*
45. Appropriateness
The measure of the quality of audit evidence; that is, its
relevance and its reliability in providing support for the
conclusions on which the auditor’s opinion is based (ISA 500.5)
Sufficiency
The measure of the quantity of audit evidence. The quantity of
the audit evidence needed is affected by the auditors assessment
of the risks of material misstatements and also by the quality of
such audit evidence.
Relevance – Evidence that provides insight on the validity of
the assertion being tested, i.e., the evidence bears directly on
the assertion being tested
Reliability – A measure of the quality of the underlying
evidence. It is influenced by risk, potential management bias
associated with the evidence, and the quality of the internal
control system underlying the preparation of the evidence.
*
Legal cases are provided through inferences. These inferences,
built in chains, must lead logically from point A to point B.
Evidence - the available body of facts or information indicating
whether a belief or proposition is true or valid
46. Inference – relies on a chain of logic. It determines the
strengths and weaknesses of the case.
Proof/Conclusion –
Evidence and Relevance
Evidence is relevant if it tends to either provide or dis-prove an
issues in contention. A fact may not immediately appear to be
relevant to the ultimate question at issue; however, when the
ultimate question is broken down into its component sub-
questions the relevance of the act become clearer.
Eight Types of Legal Evidence:
Best Evidence – Often referred to as primary evidence and is
the evidence that is the most natural and reliable
Secondary Evidence – Is inferior to primary evidence and
cannot be given the same reliance as Best or primary evidence.
Direct Evidence – Proves a fact without having to use
presumptions or inference to establish that proof. The
testimony of a witness to fact is direct evidence.
Circumstantial Evidence – Proves an intermediate fact(s) from
which one can infer the existence of some primary fact that is
significant to the issue under consideration. It proves a logical
inference that it exists.
Conclusive Evidence – Incontrovertible evidence, irrespective
its nature. It is strong so that it overbears all other evidence. It
cannot be contradicted and needs no corroboration.
Corroborative Evidence- Additional evidence of a different
47. character concerning the same point. It is evidence
supplementary to that already given and tends to strengthen or
confirm it.
Opinion Evidence – The opinion rule olds that a witness must
ordinarily testify to fact only – to what they actually saw or
heard. Opinions maybe biased, self-serving, or uninformed.
However, experts are permitted to offer an opinion based on the
facts.
Hearsay Evidence – The hearsay rule renders objectionable any
statements made by someone, other than a witness, to prove the
truth of the matter stated. It only refers to any oral or written
evidence brought into court and offered as proof of things said
out of court.
Further commentary regarding audit evidence:
Includes both internally generated and external information
Include information that both may support, or contradict,
management’s assertions
Is influenced by management actions, e.g., not producing
requested documentation, or not producing such documentation
in a timely manner
Can be developed using outside experts, and
Can be obtained through other procedures that auditor normally
presumes (analysis) of risk deciding whether to accept or
continue a client, previous year’s audit data, and quality of a
company's control system reflecting accuracy of internal
processing)
*
48. Physical examination
Confirmations
Documentation
Analytical Procedures
Inquiries of the Client
Reperformance
Observation
AICPA:
.03 Accounting records generally include the records of initial
entries and
supporting records, such as checks and records of electronic
fund transfers;
invoices; contracts; the general and subsidiary ledgers, journal
entries, and
other adjustments to the financial statements that are not
reflected in formal
journal entries; and records such as worksheets and
spreadsheets supporting
cost allocations, computations, reconciliations, and disclosures.
The entries in
the accounting records are often initiated, authorized, recorded,
processed, and reported in electronic form. In addition, the
accounting records may be part
of integrated systems that share data and support all aspects of
the entity's
financial reporting, operations, and compliance objectives.
*
49. What is an assertion?
*
A positive statement about an action, event, condition, or the
performance of an entity or product over a specified period of
time; the subject of attestation services.
The following primary assertions are embodied in the financial
statements.
Existence and occurrence
Assets, liabilities, and equity interest exist
Completeness
All assets, liabilities, and equity interest that should have been
recorded have been recorded
Rights and Obligations
The entity hold or controls the rights to assets, and liabilities
are the obligations of the entity
Valuation and allocation
Assets, liabilities, and equity interests are included in the
financial statements at appropriate amounts and any resulting
valuation nor allocation adjustments are appropriately recorded
Presentation and disclosures
Assets, liabilities, and equity interests are appropriate classified
on the financial statements, and area adequately described in the
footnotes of the financial statements.
*
50. How much time resources will we need?
*
*
Directs tests of account balances and transactions are designed
by determining the most efficient manner to substantiate the
assertions embodied in the account of transactions.
Tests of Effectiveness of Internal Control
Dual-Purpose tests of Controls and Account Balances
Substantive Analytical Tests
Direct Tests of Account Balances
Direct Tests of Transitions
*
51. *
*
*
Hello Class,
In Unit 4 you will submit a draft of the final project due in Unit
5.
Below you will find some additional information on your
project. This is just some tips that I will share in the last few
chat sessions but I think it will help you organize your thoughts.
For those of you who have not been listening to the chats here is
an opportunity to have the tips for the final assignment all in
one place. The assignment should not be more than 2000 words
– if you have written more than 2000 words then you may have
included too much information that may not be relevant to the
assignment. Further you should not have more than 1000 words
or you may not have enough information. Finally, please note
that this is an outline to help you with your assignment and not
meant to be inclusive.
Intro (You are providing details about your company to your
52. audit team)
1. Discuss your company in one or two paragraphs.
2. Provide any detail you feel pertinent.
Framework (You are telling your audit team what framework
you will use to guide the audit)
1. Discuss briefly the framework that you will use.
2. You can either use the Integrated Framework, General Audit
Framework that we discussed in class, or make up your own.
Risk Mitigation (You are informing the audit team of the
potential risks to the audit)
1. Risk ie financial reporting
a. Mitigation
2. Risk ie business risk
a. Mitigation
3. Risk ie audit risk
a. Mitigation
*Please note that some people will take a different approach but
as long as you address the risk it should be fine.
Accounts or Areas of Focus
1. Accounts i.e. Accounts Receivable (provide information on
why you choose this account)
2. Area of focus i.e. Inventory (provide information on why you
choose this area)
3. Area of focus i.e. Capital assets (provide information on why
you choose this area)
Test and Procedures (List for the audit team the test and
procedures – this is the only area that can be outlined with on
other explanation)
1. Accounts receivable – Completeness Test/Rights and
Obligations – Confirmations
2. Inventory – Completeness Test – Inventory Count
3. Capital Assets – Completeness Test – Reviewing assets to
ensure ownership
Sampling (Explain to the audit team the sampling approach that
will be used.)
1. Accounts receivable – Statistically sample 20% of the
53. accounts listed in the accounts receivables. Satisfactory
response rate would be at least 80% returns
2. Inventory – Review the last independent inventory count and
determine if a reconciliation
3. Capital Assets – Judgmentally select one item per quarter for
the last year and tie back to purchase records or proof of
purchase
Documentation Required (Tell your audit team what type of
documentation that the team will be reviewing)
1. Accounts receivable – Accounts receivable register or a list
of sales receipts that can then be tied back to receivables and
then sampled
2. Inventory – Inventory count performed by a third party,
reconciliation of inventory account evidence of adjustments to
inventory for any variances
3. Capital Assets – Capital assets register, purchase orders
and/or proof of purchase documents
Levels of Assurance (Explain levels of assurance that you can
provide to your audit team)
1. Briefly discuss overall assurance
2. In chapters 1 and 2 it details levels of assurance that any
auditor can provide – here you are saying the level of assurance
that any auditor can provide for any external audit
Internal Controls (Explain Internal Controls to your audit team)
1. Explain how internal controls can impact the overall
business
2. List two internal controls such as: 1. Manager Review and
approval 2. Reconciliation
Please note that you will submit your draft in Unit 4 and the
final in Unit 5.