The document discusses evidential matter in auditing, which refers to the evidence that auditors obtain to determine whether financial statement assertions are fairly presented. It covers the concepts of existence, completeness, valuation, rights and obligations, and presentation and disclosure. Evidential matter comes from books and records, confirmations with third parties, analytical procedures, physical inspections, and other sources. The auditor's objective is to obtain sufficient, competent evidential matter to form an opinion on whether the financial statements are presented fairly.

2. } SAS 31 ‘Evidential Matter’
} Existence
} Completeness
} Valuation
} Rights and Obligations
} Presentation and Disclosure

3. Assets or liabilities exist at a given date and
whether recorded transactions have occurred
during a given period.
Begin: Books and Ledger
Other sources:
Evidence of tangible or intangible asset or liability
Confirmation with outside third party
Examples:
Confirmation of receivables
Confirmation of cash account balances

4. Whether all transactions and accounts that should
be presented in the financial statements are so
included.
Materiality considerations.
Origination: Externally generated documentation.
Ex. Tangible assets (internal) with vendor invoice (external)
and warehouse receiving report (internal). Document à JE à
Ledger à Balance
Use of analytical procedures (industry benchmarks)
Ex. Cost of goods sold to sales
Ex. Existence and Completeness: Inventory -
Inspect subsidiary ledger entries. Vouch to tangible inventory
Physical inventory count. Trace back to inventory ledger
support.

5. Whether asset, liability, revenue, and expense
components have been included in the
financial statements at appropriate amounts.
GAAP guidance
Ex. Accounts Receivables
Confirmation is Existence
Is payment assured?
Age current accounts receivable

6. Whether assets are the rights of the entity and
liabilities are the obligations of the entity at a
given date.
Off statement financing – Asset use. No risk.
Special purpose entities
Ex. Build-to-order lease transaction. Lessor has title.
Lessee has risk.

7. Whether particular components of financial
statements are properly classified, described,
and disclosed.
e.g. account balance – measurement, description,
and disclosure.
Ex. Trade receivable; Employee receivable; Employee
loan; Related party loan
Ex. Bond and Equity Securities
Investment – Amortized cost
Held for Sale – Lower of cost or market
Trading – Market value

8. Audit Objectives
Specific entity circumstances – e.g. economic activity
or accounting practices unique to industry
Many-to-many relationship between objectives and
procedures.
Substantive Tests
Risk of material misstatement
Effectiveness and efficiency of test
Ex. Existence vs. Completeness
Objective and test relevant

9. } SAS No. 56 AU Section 329
} Evaluation of financial information
◦ Financial and nonfinancial data
} Uses:
◦ Facilitate audit planning
◦ Substantive testing
◦ Overall review
} Four phases
◦ Expectation formation
◦ Identification
◦ Investigation
◦ Evaluation

10. } Account balance or financial relationship
} Most important
} 3 primary factors:
◦ Nature of account or assertion
◦ Reliability and other data characteristics
◦ Inherent precision of expectation method used

11. } Determine if unusual fluctuation exists
between expected and recorded amounts.
} Expected value vs. recorded amount
◦ Unexpected difference vs. threshold

12. } Cause of unexpected differences
◦ Consider cause. Most probable cause.
} Large difference: Misstatement
} Small different: nonmisstatement
} Factors:
◦ Understanding of matters
◦ Management and board reports
◦ Board minutes
◦ Prior year unusual event details

13. } Likelihood of material misstatement
} Additional audit procedures
} Aggregate to determine if material

14. } Underpins reports, evaluations and financial
audits
} Sufficiency, competence, and relevance of
evidence
} Competence
◦ Validity and reliability
– Reliability: Completeness and accuracy
} Goal: Can data be used for its intended
purpose

16. } Accuracy
◦ Consistency
} Completeness
} Validity
} Input and Output (results)
} Requires technical specialists:
◦ Data analysts, Statisticians, IT

18. } When needed and when not needed?
} Data to support engagement findings,
conclusions, or recommendations
} Data used as background information
} Data used in documents w/out findings,
conclusions, or recommendations

21. } Expected significance of data in final report
} Corroborating evidence
} Level of risk
} Results of initial assessment work

23. } Significance of data
◦ Data alone to answer question
◦ Aggregation
◦ Disaggregation
◦ Precise nature of data
} Corroborating evidence
◦ Exists and independently supports
◦ Sufficient, competent, and relevant
◦ Provides crucial support

24. } Level of Risk
◦ Influence on decision making
◦ Significant decision making
◦ Public consumption
◦ Controversial subject
◦ Overall audit risk
◦ Unique risk factors
} Initial Assessment
◦ Strong corroborating evidence, low risk: reliable
◦ Weak corroborating evidence, high risk: not reliable

25. } Reliable
◦ Review of related information and initial testing
– Significant errors or incompleteness is minimal
– Data will not result in unintentional message
– There might be questions remaining
} Not Reliable
◦ Review of related information and initial testing
– Significant errors or incompleteness exists in data
elements
– Use of data may lead to incorrect message

26. } Tracing source documents
} Advanced electronic testing
} Review of selected system controls

28. } Completeness of data
◦ Trace from source
} Accuracy and completeness
◦ Trace to source
} Sampling
} Example1: According to a random sample,
10% of the data records have incorrect dates.
However, the dates may be off by an average
of only 3 days. This may not be significant

29. } Example 2: The value of a data element was
incorrectly entered as $100,000 rather than
$1,000,000. The documentation of the database
shows that the acceptable range for this data
element is between $100 and $5,000,000.
Electronic testing done in the initial testing phase
would have confirmed that the value of $100,000
fell within that range. The error could be caught
in this case, but only be tracing the data to
source documents. Electronic testing would not
have caught this.

30. } Test for specific conditions
◦ Ex. Extremely high values associated with a certain
geographic location – found in initial testing or
while analyzing the data
} Testing relationships – cross-tabulation –
between data elements, such as skip patterns
or questionnaires
} Testing formulas

31. } Access Controls
} Edit checks
} Program Change
} Steps:
◦ Gain understanding
◦ Identify and assess application and general controls
that are critical
} Results:
◦ Manage risk to acceptable level
◦ Risk: Mistake undetected and uncorrected

34. } AS2
◦ PCAOB’s Auditing Standard No. 2 (AS2) on Internal
Control over Financial Reporting (ICFR)
◦ Approved in 2004
◦ Widely criticized as being a one-size-fits-all approach,
neither being flexible nor risk based
} AS5
◦ PCAOB’s AS5 replaced AS2 in May 2007
◦ Effective for audits of financial statements ending on or
after November 15, 2007.
◦ Provides incredible benefits to both the external auditors
and management of public companies by clarifying and
refocusing Sarbanes-Oxley Act (SOX) compliance efforts.

35. } Only Key Financial Reporting Controls Should
Be Included.
◦ AS2: All controls tested. Result: operational
controls tested.
– Example: Controls around collecting old outstanding
balances such as collections calls
– Example: Controls around calculating the reserve for
bad debts
– AS5 clearly states that ICFR relates to the process of
“providing reasonable assurance regarding the
reliability of financial reporting and the preparation of
financial statements for external purposes.

36. } Opinion on Management’s Assessment Not
Required
◦ External auditors are no longer required to issue an
opinion on management’s assessment process
◦ Gives management more latitude to determine the
approach to SOX compliance that fits their company
} Audit Approach Scalable Based on Company
Size/Complexity
◦ The audit testing approach should be tailored to the
unique characteristics of each company (i.e. the less
complex the company, the less risk, which should
result in a modified audit approach

37. } Risk-Based Approach Used for Scoping/
Testing
◦ Scope, Nature, Timing, and Extent
◦ The requirement to “test a large percentage of a
companies operations” using mostly monetary
factors has been removed and qualitative factors
are now emphasized
◦ Factors: Materiality, fraud, industry, etc.

38. } Greater Reliance on Management’s Work
Allowed
◦ The “principal evidence” provision has been
removed allowing for greater opportunities for
external auditors to rely on management’s work
◦ PCAOB Auditing Standard AU sec. 322, “The
Auditor’s Consideration of the Internal Audit
Function in an Audit of Financial Statements
◦ For management: Objectivity, Competence, and Re-
Performance

39. } Entity Level Testing Can Reduce Transaction
Level Testing
◦ Greater emphasis on entity level controls (e.g.
controls over management override and controls to
monitor results of operations)
◦ Can reduce transaction level testing
– Link to risks mitigated by transaction level controls
– Tone at top good = reduce risk

40. } Prior Year Testing Can be Relied Upon
◦ Removal of wording “each year must stand on its
own.”
◦ Factors
– Nature and results of prior year testing
– Changes in controls in the current year
} Walkthroughs Not Required To Determine
Testing
◦ Substance over form
◦ Process level versus transaction level
◦ External auditors are not required to perform their
own walkthroughs

41. } Integrated External Audit Approach Should be
Utilized
◦ Combine financial statement audit with ICFR audit
◦ Same materiality
} Redefined Material Weakness & Significant
Deficiency Definitions
◦ “More than remote” changed to “reasonable possibility”
◦ Significant deficiency: “A deficiency or combination of
deficiencies, in internal control over financial reporting
that is less severe than a material weakness yet merits
the attention of those responsible for the oversight of
the company’s financial reporting.”

42. } Computer-assisted audit techniques
◦ Rely on computer programs or applications to
manipulate application data to execute audit
procedures
◦ Usually associated with audit procedures that are
performed on application data after all the data
◦ Can be used for continuous auditing
◦ Ex. Looking for patterns in data

43. } Parameter Queries
◦ Prompts for criteria
– Prompts versus hard coding
◦ Operational characteristics:
– Field name check
– Calculated field check
– Field reference
– User interaction
◦ Rules
– Brackets used
– Can’t use field name
– Special characters (e.g. !, ., &, or []

44. getcompagetcompa

45. } Parameter Queries, Cont’d
◦ Multiple Parameter Conditions

46. } Parameter Queries & Wildcards
◦ Example:
– Like [Enter Lastname] & "*"
– Like "*" & [Enter Lastname] & "*“

47. } Parameter Queries & Calculation Variables

48. } Parameter Queries & Function Arguments

49. } Multiple Parameter Entries

50. } Unlimited Parameter Entries

51. } Conditional Functions
◦ Built-in functions: Value comparison, data
validation, and conditional evaluation
◦ IIF function
– Evaluation with true or false
– If Then......Else
– IIf(Expression, TrueAnswer, FalseAnswer)

52. } IIF Cont’d

53. } IIF Cont’d

54. } IIF Cont’d

55. } IIF Cont’d

56. } IIF Cont’d (record updating)

57. } IIF Cont’d

58. } IIF w/ Conditional Operators
◦ AND, OR, BETWEEN
– Ex. IIf([Home_Branch] = '920681' And [Hire_Date] >
#1/1/1985#,"True","False")
} Nested IIF: Multiple Conditions
◦ Complexity
– Ex. IIf([VALUE]>100,"A",IIf([VALUE]<100,"C","B"))

59. } IIF Function… Crosstab Analysis
◦ Categorize and group unrelated data items
– Ex. Returning the sum of sales amount for two groups
of employees: those with a hire date before <some
date> and those with a hire date after <some date>

64. } Switch Function
◦ Evaluate a list of expressions and return the value
associated with the expression determined to be
True
– Switch(Expression1, Value1, Expression2, Value2,
Expression3, Value3)
– Switch([Count] > 10, "Low", [Count] > 15, "High") may
return null
– Switch([Count] < 10, "Low", [Count] > 15, "High, True,
"Middle")
– “Middle” if nothing true

65. } IIF versus Switch
◦ Grouping customers based on annual revenue
Annual Revenue Customer Classification
>= $10,000 A
>=5,000 but < $10,000 B
>=$1,000 but < $5,000 C
<$1,000 D

66. } IIF versus Switch Cont’d
◦ Option 1: using Nested IIFs
– IIf([REV]>=10000,"A",IIf([REV]>=5000 And
[REV]<10000,"B", IIf([REV]>1000 And
[REV]<5000,"C","D")))
◦ Option 2: using Switch Function
– Switch([REV]>1000,"D",[REV]<5000,"C",
[REV]<10000,"B",True,"A")

67. } Option 2: Using Switch Cont’d

68. } Option 2: Using Switch Cont’d

69. } Parameter Queries
} Switch Function
} IIF Function

70. } ???