An internal audit is designed to review what a company is doing in order to identify potential threats to the organization's financial health and profitability and to make suggestions for mitigating the risk associated with those threats.
An exercise whose objective is to enable auditors to express an opinion on whether the financial statements give a true and fair view (or equivalent) of the entity’s affairs at the period end and of its profit or loss (or income and expenditure) for the period then ended and have been properly prepared in
accordance with the applicable reporting framework (e.g. relevant legislation and applicable accounting standards) or where statutory or other specific requirements prescribe the term, whether the financial statements “present fairly”.
Chapter 9Audit Risk AssessmentPrepared by Dr Phil Saj1.docxmccormicknadine86
Chapter 9
Audit Risk Assessment
Prepared by Dr Phil Saj
1
Learning objectives
Appreciate the importance of audit risk assessment and why it is linked to financial statement assertions.
Explain the importance of business risks in audit planning.
Describe the procedures performed by an auditor to assess risk.
Appreciate the importance of internal control to an entity and to its independent auditors.
2
Learning objectives
Indicate the procedures for obtaining and documenting an understanding of the entity’s internal control.
Explain why and how a preliminary assessment of control risk is made.
Explain the importance of the concept of audit risk and its three components.
3
Management’s financial statement assertions
Existence or occurrence
Assets or liabilities of the entity exist at a given date and whether recorded transactions or events have occurred during the period.
Completeness
Transactions, events and accounts that should be presented in the financial statement are included.
Cut-off
All transactions, events and accounts have been recorded in the correct period.
4
Management’s financial statement assertions
Rights and obligations
Assets represent rights of the entity and liabilities
are the obligations of the entity at a given date.
Valuation and allocation
Asset, liability, components have been included in the
financial statements at the appropriate amounts.
Accuracy
Transactions have been appropriately recorded
in the proper accounts.
5
Management’s financial statement assertions
Presentation and disclosure
Particular components of the financial statements are
properly classified, described and disclosed.
Refer to the textbook Table 9.1, page 363, for illustrations of each of these assertions.
6
Business risk assessment
A business risk approach allows the auditor to:
Identify threats faced by the organisation.
Recognises that most business risks will eventually
have an effect on the financial statements.
Increase the chances of identifying risks of material
misstatements in the financial reports
Categories of business risk:
Financial risk
Operational risk
Compliance risk
7
Risk assessment procedures
Enquiries
Management, staff, internal auditors, company bankers,
legal advisors.
Analytical procedures
Provide a broad indication of the likelihood of possible
errors.
Observations and inspections
Inspection of manuals, visiting business premises,
observing procedures taking place.
8
Importance of internal control
The Committee of Sponsoring Organisations (COSO) of
the Treadway Commission defines internal control as:
a process, effected by an entity’s board of directors,
management and other personnel, designed to
provide reasonable assurance regarding the
achievement of objectives in the following categories:
Effectiveness and efficiency of ...
An internal audit is designed to review what a company is doing in order to identify potential threats to the organization's financial health and profitability and to make suggestions for mitigating the risk associated with those threats.
An exercise whose objective is to enable auditors to express an opinion on whether the financial statements give a true and fair view (or equivalent) of the entity’s affairs at the period end and of its profit or loss (or income and expenditure) for the period then ended and have been properly prepared in
accordance with the applicable reporting framework (e.g. relevant legislation and applicable accounting standards) or where statutory or other specific requirements prescribe the term, whether the financial statements “present fairly”.
Chapter 9Audit Risk AssessmentPrepared by Dr Phil Saj1.docxmccormicknadine86
Chapter 9
Audit Risk Assessment
Prepared by Dr Phil Saj
1
Learning objectives
Appreciate the importance of audit risk assessment and why it is linked to financial statement assertions.
Explain the importance of business risks in audit planning.
Describe the procedures performed by an auditor to assess risk.
Appreciate the importance of internal control to an entity and to its independent auditors.
2
Learning objectives
Indicate the procedures for obtaining and documenting an understanding of the entity’s internal control.
Explain why and how a preliminary assessment of control risk is made.
Explain the importance of the concept of audit risk and its three components.
3
Management’s financial statement assertions
Existence or occurrence
Assets or liabilities of the entity exist at a given date and whether recorded transactions or events have occurred during the period.
Completeness
Transactions, events and accounts that should be presented in the financial statement are included.
Cut-off
All transactions, events and accounts have been recorded in the correct period.
4
Management’s financial statement assertions
Rights and obligations
Assets represent rights of the entity and liabilities
are the obligations of the entity at a given date.
Valuation and allocation
Asset, liability, components have been included in the
financial statements at the appropriate amounts.
Accuracy
Transactions have been appropriately recorded
in the proper accounts.
5
Management’s financial statement assertions
Presentation and disclosure
Particular components of the financial statements are
properly classified, described and disclosed.
Refer to the textbook Table 9.1, page 363, for illustrations of each of these assertions.
6
Business risk assessment
A business risk approach allows the auditor to:
Identify threats faced by the organisation.
Recognises that most business risks will eventually
have an effect on the financial statements.
Increase the chances of identifying risks of material
misstatements in the financial reports
Categories of business risk:
Financial risk
Operational risk
Compliance risk
7
Risk assessment procedures
Enquiries
Management, staff, internal auditors, company bankers,
legal advisors.
Analytical procedures
Provide a broad indication of the likelihood of possible
errors.
Observations and inspections
Inspection of manuals, visiting business premises,
observing procedures taking place.
8
Importance of internal control
The Committee of Sponsoring Organisations (COSO) of
the Treadway Commission defines internal control as:
a process, effected by an entity’s board of directors,
management and other personnel, designed to
provide reasonable assurance regarding the
achievement of objectives in the following categories:
Effectiveness and efficiency of ...
I composed this presentation as to prepare candidates for the Certified Internal Auditor's Part I examination. During the training we use other study aids as well.
The most comprehensive definition of internal audit is given by the IIA, USA. It is,
"Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes."
The purpose of the presentation is to provide clarification for a better understanding of what internal audit definition, objectives, functions, stages and reporting are all about? What difference does it make in the presence of an external audit? How different is its scope from that of the external audit? How internal audit standards contribute to better performance of internal audit work and its reporting to the Board or Audit Committee?
The United States and the European Union (EU) have engaged in a long-standing and acrimonious trade dispute over the EU’s decision to ban hormone-treated meat. Despite an ongoing series of dispute settlement proceedings and decisions by the World Trade Organization (WTO), there is continued disagreement between the United States and the EU on a range of legal and procedural issues, as well as the scientific evidence and consensus concerning the safety of hormone-treated beef.
Audit Committees have highly influential roles to support entity achieve its defined goals and objectives.
Through its powers, the audit committee has ability to meet both the internal and external auditor in course of its work and become only " intelligent" team to have insights of control issues affecting an entity.
Unfortunately, the audit committees in number of organization's are not competent enough to execute their roles effectively. EMAC has capacity building programs for audit committee members geared towards capacitating the committees for effective performance
Financial information quality, transparency, and integrity within businesses are crucially dependent on auditors. Their unbiased evaluation and analysis assist stakeholders in making knowledgeable judgments, upholding financial accountability, and locating potential development areas. Accountants in Cambridge deal with a variety of issues, each of which contributes to the certainty and dependability of financial reporting as a whole. Here are five significant issues that auditors deal with.
Similar to Lecture slide ,chapter 2, Governance and the Auditor (20)
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
The Art Pastor's Guide to Sabbath | Steve ThomasonSteve Thomason
What is the purpose of the Sabbath Law in the Torah. It is interesting to compare how the context of the law shifts from Exodus to Deuteronomy. Who gets to rest, and why?
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxEduSkills OECD
Andreas Schleicher presents at the OECD webinar ‘Digital devices in schools: detrimental distraction or secret to success?’ on 27 May 2024. The presentation was based on findings from PISA 2022 results and the webinar helped launch the PISA in Focus ‘Managing screen time: How to protect and equip students against distraction’ https://www.oecd-ilibrary.org/education/managing-screen-time_7c225af4-en and the OECD Education Policy Perspective ‘Students, digital devices and success’ can be found here - https://oe.cd/il/5yV
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
How to Create Map Views in the Odoo 17 ERPCeline George
The map views are useful for providing a geographical representation of data. They allow users to visualize and analyze the data in a more intuitive manner.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
We all have good and bad thoughts from time to time and situation to situation. We are bombarded daily with spiraling thoughts(both negative and positive) creating all-consuming feel , making us difficult to manage with associated suffering. Good thoughts are like our Mob Signal (Positive thought) amidst noise(negative thought) in the atmosphere. Negative thoughts like noise outweigh positive thoughts. These thoughts often create unwanted confusion, trouble, stress and frustration in our mind as well as chaos in our physical world. Negative thoughts are also known as “distorted thinking”.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
2. Learning objectives
1. Describe the nature of governance
2. Appreciate the role of the auditor in governance
3. Discuss the issues of internal control, risks and
earnings management in governance that concern the
auditor
4. Appreciate the roles of internal and operational audits
in the governance processes
5. Consider the significance of the role of the audit
committee in governance
6. Describe the nature of governance and the type of
audits in the public sector.
2
4. What is governance?
The exercise of economic and administrative
authority to manage an entity’s affairs.
Concerned with processes by which
decisions are made and implemented.
Applicable to all entities.
4
5. What is governance?
“…characterised by participation, transparency,
accountability, rule of law effectiveness, equity… Good
governance refers to the management of [the]
governing body in a manner that is essentially free of
abuse and corruption, and with due regard for the rule
of law.” (OECD, 2010)
5
6. Governance
Agency structure:
Separation of ownership and management.
Members reply on management (agents).
Agents conduct the business on behalf of
members.
Authority of governing body underpinned by
transparency and accountability.
Independent auditor adds to the credibility of the
the agent’s conduct.
6
7. Enterprise governance
“The set of responsibilities and practices exercised by
the board and executive management with goal of
providing strategic direction, ensuring the objectives
are achieved, ascertaining that risks are managed
appropriately, and verifying that the organisation’s
resources are used responsibly.”
(CIMA & IFAC 2002)
7
8. Enterprise governance
Value Creation
Resource Use
Business Governance:
Performance
Accountability
Assurance
Corporate Governance:
Conformance
Enterprise Governance
Source: Adapted from CIMA/IFAC, Enterprise Governance: Getting the Balance
Right, February 2004, p.10, www.ifac.org.
8
9. Enterprise governance
Based on organisation's entire accountability framework.
It includes:
Roles of chair of the board and top management.
Composition, skill, remuneration and training of the board
and its committees.
Adequacy and reasonableness of executive
compensation schemes.
Internal control structure, risk management and role of
internal audit.
Financial reporting and disclosure regime.
Independence of the audit function.
9
10. The auditor and governance
Overall objective of the auditor:
“ ...to obtain reasonable assurance about whether
the financial report as a whole is free from
material misstatement, whether due to fraud or
error…” (ASA200.11)
The effectiveness of the assurance engagement
is a function of the auditor’s relationship with the
entity’s management and governing body.
10
11. The auditor’s role in enterprise
governance
Provides assurance of verifiability, compliance
and accountability of the organisation.
May also be required to ensure the organisation
and board of directors have complied with
relevant legislation and regulations.
Performance dimension includes setting strategic
directions, managing risk and key performance
drivers and decision making processes.
11
12. Corporate governance
and auditing
Corporate governance
Framework of rules, relationships, systems and
processes by which authority is controlled.
Includes structure, systems and relationships
between board of directors, management,
auditors regulators shareholders and the public.
Encourage companies to create value and
provide accountability and control systems
commensurate with risks involved.
12
13. Corporate governance
and auditing
OECD corporate governance principles:
Ensure basis for an effective corporate
governance framework though transparency
and efficient markets, legal and regulatory
requirements.
Ensure equitable treatment of shareholders.
Deal with conflicts of interest.
13
14. Corporate governance and
auditing
Baker and Owsen (2002): Concept that audited financial
reports should provide assurance that:
The financial statements are right;
The company will not fail;
There has been no fraud;
The company has acted within the law;
The company has been competently managed; and
The company has adopted a responsible attitude to
environmental and societal matters.
Highlights expectations of stakeholders’ view of auditors role
14
16. Business governance
Role of accountants and auditors:
Provide assurance of integrity and reliability of
internal control and risk management systems.
Ensure awareness of possible financial
misstatements.
Ensure audit independence.
Enhance audit quality control processes.
Actively practise the code of conduct.
Monitor development of and adherence to
auditing standards.
16
17. Audit trinity concept
External audit, internal audit and audit
committee as a tripartite.
Audit function is to perform specific duties that
complement and interlock with the other
members.
Internal audit includes corporate governance
and accountability matters.
Audit committees oversee internal audit and
external audit functions.
17
18. Issues in governance:
Internal control and risk management
Effective governance and accountability based on
effective functioning of internal control and risk
management.
Risk management is the culture, process and
system established to manage opportunities
and minimise/ control adverse risks.
18
19. Issues in governance:
Internal control and risk management
Risk management system
Define objectives, principles and priorities.
Formulate overall risk classifications
Understand business activities and processes
Identify and classify risks
Assess probability & possible consequences of risk
Compare and analyse risk tolerance
Evaluation of controls, costs and monitoring process
Assess exposure and report position
19
21. Issues in governance:
Financial misstatements
Financial statements should be prepared
without material misstatements.
Earnings management is when financial
statements or transactions are managed to
achieve a particular outcome.
21
22. Internal Auditing
“An independent, objective assurance and
consulting activity designed to add value and
improve an organisations operations. It helps an
organisation accomplish its objectives by bringing a
systematic, disciplined approach and evaluate and
improve the effectiveness of risk management,
control and governance processes.” (IPPF, 2012)
22
23. Internal Auditing
Internal audit encompasses examination and
evaluation of:
Adequacy and effectiveness of governance
and internal control structure.
The quality of performance.
The procedures of risk identification and
management
Mechanisms to ensure regulatory compliance.
Supplements the work of independent auditors.
23
24. Internal Auditing:
Organisational and functional differences between
internal and independent auditors
Internal Auditor External Auditor
Employer Companies and Government
Units
Public Practice Entities
National
Organisations
Institute of Internal Auditors
Australia
Institute of Chartered
Accountants in Australia, or
CPA Australia
Certifying
Authority
Certified Internal Auditor Institute of Chartered
Accountants in Australia, or
CPA Australia
License to
Practice
No Certified Practicing Accountant.
Registered Company Auditor.
Public Practice Certificate.
Primary
Responsibility
To the board of directors To members
Scope of audits All activities of the organisation Mainly financial statements
24
25. Operational auditing
Examines use of resources to evaluate
whether they are being used in the most
efficient and effective manner.
Three approaches:
Risk-based audit approach
Value-for-money approach
Process audit approach
25
26. Operational auditing
Objectives
Assist directs to discharge their responsibilities
Improve credibility and objectivity of accounting
process
Improve effectiveness of internal and external
audit function
Facilitate independence of internal and external
auditors
Strengthen role of non-executive directors
Fosters an ethical culture
26
27. Operational auditing
Five Phases:
1. Preliminary preparation
2. Field survey
3. Program development
4. Audit application
5. Reporting and follow-up
27
29. The role and objectives of the
audit committee
Assist directors in discharging their duties.
Improve the credibility and objectivity of the accounting
process.
Improve the effectiveness of the internal and external audit
functions and facilitate communications between the
board and the internal and external auditors.
Facilitate the independence of the internal and external
auditors.
Strengthen the role and influence of the non-executive
directors.
Foster an ethical culture throughout the organisation.
29
30. Requirements of public
accountability
Head of State
Parliament
• Upper House
• Lower House
Parliamentary
Committees
Ministry
Executive
Council
Auditor-
General
Government
Cabinet
Public Sector Bodies
• Government Companies and Authorities
• Government Agencies
30
31. Performance audits
Defined as: “an independent, objective and
systematic assessment of public sector entities’
programs, resources, information systems,
performance measures, monitoring systems and
legal and policy compliance.” (ANAO, 2013)
Includes consideration of:
Economy
Efficiency
Legislative and policy compliance
31
32. Performance audits
Types of performance audits
Audits of a program or activity in an entity
Protective security audits
Cross-entity audits
Follow-up audits
32
33. Performance engagements
Two types of performance engagements:
Performance audits, which provide reasonable
assurance, and
Performance reviews, which provide limited
assurance.
Ethical requirements: compliance required.
Quality control: proper system required.
33
34. Performance engagements
Objectives:
Expression of a conclusion
Examination of:
Economy, efficiency or effectiveness
Validity and reliability of performance
Compliance with legislation
Intended and unintended impact
Probity processes and identification of
weaknesses
34