Materiality - Amount of misstatement that would likely affect a user’s decision

Key Management Assertions

Existence/Occurrence – the accounts exists
Cuttoff – subset of existence and completeness
Completeness – accounts have been recorded
Rights and Obligations – company owns the assets and is obligated to pay the liability
(Valuation) Measure and allocation - the accounts are valued correctly
Presentation and disclosure classification – to confirm that financial statement information is
reported appropriately
Accuracy – accounts are accurate. Total invoices are accurate.

Recap chapter 6 Extension of Audit Planning

Definitions of deficiency and significant deficiency Terminology
(a) Deficiency in internal control – This exists when:
(i) A control is designed, implemented or operated in such a way that it is unable to
prevent, or detect and correct, misstatements in the financial statements on a timely basis;
or
(ii) A control necessary to prevent, or detect and correct, misstatements in the financial
statements on a timely basis is missing.
(b) Significant deficiency in internal control – A deficiency or combination of deficiencies in
internal control that, in the auditor's professional judgment, is of sufficient importance to merit
the attention of those charged with governance.

Understanding internal control – identify and briefly discuss the components of internal
control including providing an example of each component)
1. The control environment- tone at the top
2. The entity’s risk assessment process – how management identify business risk
3. The information system and business processes relevant to financial reporting and
communication – how they measure and value transactions
4. Control activities – performance review, comparing actual to budgets, physical controls
and segregation of duties
5. The monitoring of controls – monitoring internal controls, management review of
reconciliation

Identify and briefly discuss and the elements of the control environment.
1. Management philosophy and operating cycle – attitude towards financial reporting
2. Organizational structure – key areas of responsibility
3. Operation of the board of directors, particularly the audit committee – BOD independent
4. Methods of assigning authority and responsibility – key resources in proper roles and key
accountabilities
5. Management monitoring methods of internal audit and personnel policies and practices –
key staff doing their jobs, succession planning
6. External influences – human resources and hiring practices
7. Computerized systems – commitment to competence
Why do we need to understand internal controls?
1. Plan audit strategy
2. A combined audit strategy is efficient
3. Assess areas where misstatements could occur
4. Internal controls that prevent and detect misstatements
5. Areas of significant risk – internal controls are required to be tested. ( fraud, related party
transaction, complex transactions)

Chapter 9 Internal Controls

Internal Controls – is defined as the process designed, implemented and maintained by

management to provide reasonable assurance about:
The reliability of financial reporting
Effectiveness and efficiency of operations
Compliance with applicable laws and regulations

How an auditor documents internal control?

Phases of control evaluation
1. Understanding control – General control
Documentation of control
2. Assessing control risk – Identify specific control objectives
Identifying points in the flow of transactions where
misstatements could occur
Identify specific control procedures that must function to prevent
or detect the misstatements
Evaluating the design of control procedures to determine if it will
be effective to test these controls
3. Testing controls – to reduce final assessment of control risk to a low level and rely on
controls, the auditor will:
Determine the required degree of compliance
Determine how well the control actually functioned during the period under audit

How do you test controls?

Testing may involve reperformance. Some test will rely on documentary evidence, and control
tests should be applied to samples that cover the entire period under audit.

Stopping risk assessment work – auditors may decide to stop evaluation work in phase 1 for
two reasons: control is too poor to justify reliance – control risk is set at maximum and goal is
audit effectiveness
Cost/benefit of reliance is not justified, although control is good, goal is audit efficiency.

Control Objective Example

1. Validity 1. Sales recorded without supporting shipping orders
2. Authorization 2. Lack of credit manager approval for a credit sale
3. Accuracy 3. Mathematical errors in sales invoice calculations
4. Classification 4. Sales classified in wrong product line revenue account
5. Proper period 5. Sales recorded in month (quarter, year) before the actual shipment
6. Accounting 6. Sales charges fail to be posted to a customer’s account
7. Completeness 7. Sales charges fail to be billed to customers and recorded as sales and
receivables

Control Objectives
1. Validity – recorded transactions are valid and documented
2. Completeness – all valid transactions are recorded and none are omitted
3. Authorization – transactions are authorized according to company policy
4. Accuracy – transaction dollar amounts are properly calculated
5. Classification – transactions are properly classified in the accounts
6. Accounting – transaction accounting is complete
7. Proper period – transactions are recorded in the proper period

 Validity – Existence, Ownership

 Completeness – Completeness, Ownership
 Authorization – Existence, Valuation, Ownership
 Accuracy – Valuation
 Classification – Valuation, Presentation and Disclosure
 Accounting – Presentation and Disclosure
 Proper period – Existence, Completeness

Risk assessment procedures

1. Observation
2. Inquiry
3. Analysis
4. Inspection

Limitations of internal control – Costs vs benefits, internal controls are geared towards
recurring transactions, management override and collusion

Discuss managements and the auditor’s responsibilities – evaluating existing internal controls
and assessing risk of material misstatement related to them. Find out what an organization does
to avoid potential errors and irregularities in seven categories.

Provide reasons how control risk affects an audit plan

1. The nature of tests will have to provide more reliable evidence, this can be costly
2. More testing will take place at year end than at an interim date, this can delay the audit
report or can prove more costly
3. More evidence will have to be gathered, which is much more costly

Apply concepts in discussing the strengths and weaknesses in internal controls and Discuss
how an auditor documents internal controls
Documentation of the control structure shows the audit team’s understanding on internal controls
and the basis of decisions reached
A number of tools are available to the auditor for documentation:
 1. Internal control questionnaires, formal interview using a checklist – easy to use
STRENGTH, questions may not capture full understanding WEAKNESS
2. Narratives – is a written description (describe you A/R process) STRENGTH, difficult to
update only as good as the information provided WEAKNESS
3. Flowcharts – takes a very complex organization and simplifies STRENGTH, time
consuming and requires specialized skills WEAKNESS
4. Company’s manual – the company knows their control best STRENGTH, they have to be
up to date WEAKNESS

Understand direction of control testing – in order to test for completeness or for existence, the
right population must be selected.
Population of relevant source documents -----completeness ------financial statements or other

-----------validity---------------- summarizing report

Understand dual purpose procedure an audit procedure which is used simultaneously for
testing controls over s transaction and to provide substantive audit evidence about its amount.

Understand the auditor’s responsibility for communicating control deficiencies and

significant deficiencies in internal control – audit standard require the auditor to report
weakness in controls to an appropriate level of management.
-Nontrivial misstatements, fraud and consequential illegal or possibly illegal acts must
also be reported
-These matters are usually communicated to the client in a management letter

Chapter 8 Audit Evidence

Identify types of procedures
Recalculation auditor’s calculation
Observation physical observation
Confirmation statements by independent parties
Enquiry statements by client personnel
Inspection documents prepared by independent parties, documents prepared by the
client and physical inspection of tangible assets
Analysis data interrelationships

Explain the strengths and weaknesses of the audit procedures.

Hierarchy of audit evidence
MOST RELIABLE
Physical inspection
Confirmation
External documentation
Recalculation, reperformance

LESS RELIABLE
External – internal documentation
Internal documentation with good internal controls)
Observation
Analytical procedures with specific data

LEAST RELIABLE
Internal documentation (if poor internal controls)
Inquiry
Broad analytical procedures

Discuss the sufficiency and appropriateness

Sufficiency of evidence is a question of how much appropriate evidence is enough. No official
standard, the auditor must use professional judgement and test of sufficiency is whether you can
persuade someone else that you have collected enough evidence to support your conclusion.
Appropriateness of evidence – to be considered appropriate, evidence must be relevant and
reliable:
Relevant audit evidence must relate to one of the management assertions
Reliability of audit evidence depends on nature and sources. Reliability combined with relevance
determine the persuasiveness of evidence and the following hierarchy of evidence can be used to
judge reliability

Discuss an audit plan and audit programs

Audit planning is an ongoing process. Planning is done at the start of the audit. Planning
continues as new information results in revisions to the plan.
Audit programs set out the nature, timing and extent of the planned audit procedure. Nature is the
types of evidence that will be used. Timing is when procedures will be performed and extent is
the size of samples to be used.

What constitutes good working papers, documentation standards, purpose of audit

working papers)
Audit documentation’s key role is to help in revising the audit plan as the work proceeds, to
allow for quality control reviews to be done effectively, and to help with planning the subsequent
year’s audit work.

Key working papers and an example of each

Permanent Files includes items that are relevant for current and future audits:
Examples: Corporate by laws
Contracts
Lending agreements
System documentation

Current Files consist of both:

Audit Administrative Papers
Audit Evidence Papers

Types of working papers found in current files are:

 Detailed listing of what makes up the balances
Examples: Inventory listing
Cash Receivables
  Reconciliations
Example: Bank Reconciliation

 Continuity schedules
Examples: Detailed fixed asset schedule
Interest expense can often be recalculated using the average loan balance and the interest rate
and compared to the reported interest expense.

 Procedure summaries would document any testing performed

Example: test of controls

Discuss positive and negative confirmations definition, when they are used, when
confirmations are not required under CAS, process to prepare an accounts receivable
confirmation.
Positive confirmation requests a reply in all cases, whether the account balance is considered
correct or incorrect.
Negative confirmations request replies only if the account balance is considered incorrect.
Negative confirmations are typically sent out for a large balance of a similar population – small
dollar receivables where the A/R balance is large.

There are 3 types of inspection:

1. Tracing – start of process to end of the process / Cradle to grave
2. Vouching – grave to cradle
3. Scanning – eye balling accounts, eg for misclassification of accounts such as repairs and
maintenance that should be classified as a capital asset.

Using the work of an expert – understand the conditions the auditor will consider in using
the work of
1) an expert and impact on the auditor’s report
2) internal audit,
3) role of group auditor / component auditor

Chapter 10 Sampling
Understand why auditors sample?
1. Test controls (compliance tests) for assessing control risk
2. Test balances (substantive tests) to determine whether balances are materially misstated

Alpha (Type I) vs Beta Risk (type II)

Risk that the auditor conclusion does not support the work done when in fact it actually does. Net
step is to do more work; inefficient audit because more work was done that was not required.

Beta Risk (Type II) vs Alpha (type I)

Risk that the conclusion on the population is in the auditor opinion correct when in fact it is
correct. Ineffective audit because less work was done than required ARIA/ARO

Statistical vs Non Statistical Sampling

Stat sampling allows you to quantify sampling risk ARIA/ARO=BETA RISK=SAMPLING
RISK

Terms for stat sampling are:

1. Each and every item in the population has an equal chance of selection
2. Random

Non Stat Sampling

1. Block sampling
2. Haphazard sampling
3. Cluster
4. Specific item

Discovery Sampling
Terms used in sampling to uncover fraud
Set the EPDR=0 expected population deviation rate

Non Sampling Risk

1. Performing inappropriate procedures
2. Failure to consider test results appropriately
3. Neglecting the importance of analytical review
4. Failure to maintain control over audit procedure
5. Lack of professional skepticism
6. Accounting risk

Attribute Sampling in control testing this is the type of audit sampling in which auditors look
for the presence or absence of a control condition.

Dollar Unit Sampling Dollar-unit sampling (or sampling with probability proportionate to size)
is an attribute sampling method that can be used for sampling for tests of controls and for
sampling for tests of details of balances.

Chapter 11 &12

Discuss authorization, custody, recording and periodic reconciliation and why it is

important to separate these duties
Chapter 11 –
Authorization when a customer order is received, a number of authorizations are required
Custody a physical custody of inventory starts with the sockroom or warehouse where inventory
is kept
Custody of A/R implies the power to alter those records
Custody at some point, someone has the cash and cheques in hand, and has physical custody at
that point
Recording the accountants who record cash, should not also handle cash
Recording when the shipment is complete, several documents are created: bill of lading, sals
invoice, and opens sales order
Periodic Reconciliation a bank rec needs to be prepared carefully
Periodic Reconciliation a comparison of the total unpaid balances to the A/R control account is a
common reconciliation

Chapter 12 –
Authorization purchases are made by purchasing departments or authorized purchasers.
Disbursements are authorized by an A/P department
Custody A receiving department receives the goods purchased and forwards them to the proper
departments. Custody of cash is the responsibility of personnel assigned to authorize and sign
cheques. Assess to blank documents should also be considered as an aspect of custody
Recording purchases should be recorded once the purchase order, receiving report, and vendor
invoice are matched. Disbursements are recorded when the cheques are prepared
Periodic Reconciliation periodic comparison of existing assets to recorded amounts in various
accounts occur in several ways

Discuss the existence assertion related to the revenues, receivables and receipts process
Critical management assertions existence and valuation, secondary assertions are ownership,
completeness and disclosure.

Discuss the completeness assertion related to the purchases, payables and payments process
When considering assertions and obtaining evidence about A/P and other liabilities, auditors
must put emphasis on the completeness and obligations assertions. Emphasis because companies
tend to be less concerned about recording expenses and liabilities. Auditors cannot rely entirely
on the management assertion of completeness.

Identify the terms lapping – this is to test for a manipulation of A/R entries to hide a theft or
fraud. kiting – this is building up of apparent balances in one or more bank accounts based on
uncollected cheques drawn against similar accounts in other banks. Kiting involves depositing
money from one bank account into another, using a hot cheque from another bank account before
the first cheque clears.

Discuss how an auditor may conduct a search for unrecorded liabilities.

1. Scan the open PO file year end for purchase commitments at fixed prices. From current
prices, determine if any adjustments for loss and liability are needed.
2. List the unmatched supplier invoices and from the unmatched receiving report file and
receiving reports prepare after year end, determine when the goods were received.
Determine which invoices, if any should be recorded.
3. Trace the unmatched receiving reports to A/P entries, and determine if any recorded in
the next accounting period need to be reported in the current accounting period under
audit.
4. Vouch a sample of cash disbursements from the accounting period following the balance
sheet date against supporting documents (invoice, receiving report) to determine of the
related liabilities were recorded in the proper accounting period. Select the sample from
the post year end cutoff bank statement to audit the cash balance
 5. Trace liabilities reported by financial institutions to the accounts. Since a bank may not
report all auditee liabilities to auditors, other corroborating evidence for possible
unrecorded debts should also be obtained.

Discuss how to an auditor may conduct an inventory count.

1. Name of auditee personnel responsible for the count
2. Dates, times, and locations of inventory taking
3. Names of auditee personnel who will participate in the inventory taking
4. Instructions for recording accurate descriptions of inventory items, for
count and double count, and for measuring or translating physical
quantities
5. Instructions for making notes of obsolete or worn items
6. Instructions for the use of tags, cards, count sheets, or other media devices,
and for their collection and control
7. Plans for shutting down plant operations or taking inventory after store
closing hours, and plans for having goods in proper places
8. Plans for counting or controlling movement of goods in receiving and
shipping areas if those operations are not shut down during the count
9. Instructions for compilation of the count information into final inventory
listings or summaries
10. Instructions for pricing the inventory items
11. Instructions for review and approval of the inventory count and notations
of obsolescence or other matters by supervisory personnel

Chapter 15 & Chapter 16

Describe the general approach to audit revenue and expense accounts.
1. understand the revenue recognition process
2. analytical review do year over year comparison and follow up on variances greater than a
certain % or $ amount, get relevant evidence.
3. Tax accounts require a more in depth verification of accounts
4. Auditing suspense accounts

Discuss the importance of using analytical procedures at the end of the audit.
All miscellaneous, other or clearing accounts with credit balances should be analyzed.
1. Identify each important transaction and determine whether amounts are properly
classified
2. Miscellaneous accounts may contain accounting errors or incorrect classification

Type I requires adjustment. Did the condition exist at the B/S date? Condition YES
Type I – customer declares bankruptcy
Settlement of litigation
Type II requires disclosure. Did the condition exist at the B/S date? condition NO
Type II – stock issue
Sale of business segment
Loss of A/R transaction because auditee customer suffer a casualty – flood, fire
Auditing Procedures for the period subsequent to the balance sheet date
Auditing procedures of subsequent event:
1. Read the latest available interim financial statements, compare them with the financial
statements being reported on, and make any other comparisons considered appropriate in
the circumstances
2. Enquire of officers and other executives having responsibility for financial and
accounting matters about whether the interim statements have been prepared on the same
basis as that used for the statements under examination
3. Read the available minutes of meetings of shareholders, directors, and appropriate
committees; enquire about matters dealt with at meetings for which minutes are not
available
4. Request that the client send a letter to legal counsel enquiring about outstanding claims,
possible claims, and management’s evaluation, with the reply to be sent directly to the
auditor
5. Obtain written representations, dated as of the date of the auditor’s report, from
appropriate officials, generally the CEO and CFO about whether any events occurred
subsequent to the date of the financial statements that, in the officer’s opinion, would
require adjustment or disclosure in these statements

Discuss the general purpose, content and requirements for letter of enquiry and response
letters.
Purpose:
(a) To obtain written representations from management and, where appropriate, those charged
with governance that they believe that they have fulfilled their responsibility for the preparation
of the financial statements and for the completeness of the information provided to the auditor;
(b) To support other audit evidence relevant to the financial statements or specific assertions in
the financial statements by means of written representations if determined necessary by the
auditor or required by other CASs; and
(c) To respond appropriately to written representations provided by management and, where
appropriate, those charged with governance, or if management or, where appropriate, those
charged with governance do not provide the written representations requested by the auditor.

Management from whom Written Representations Requested

The auditor shall request written representations from management with appropriate
responsibilities for the financial statements and knowledge of the matters concerned.
Written Representations about Management's Responsibilities
Preparation of the Financial Statements
The auditor shall request management to provide a written representation that it has fulfilled its
responsibility for the preparation of the financial statements in accordance with the applicable
financial reporting framework, including, where relevant, their fair presentation, as set out in the
terms of the audit engagement.
Information Provided and Completeness of Transactions
The auditor shall request management to provide a written representation that:
(a) It has provided the auditor with all relevant information and access as agreed in the terms
of the audit engagement; and
(b) All transactions have been recorded and are reflected in the financial statements.
Description of Management's Responsibilities in the Written Representations
Management's responsibilities shall be described in the written representations required by
paragraphs 10 and 11 in the manner in which these responsibilities are described in the terms of
the audit engagement.

Define a management representation letter and discuss when and why one is required.
Written representation – A written statement by management provided to the auditor to confirm
certain matters or to support other audit evidence. Written representations in this context do not
include financial statements, the assertions therein, or supporting books and records.
Management’s written representation – the auditor should also direct questions to management
regarding contingencies, litigation, claims and assessments. Other examinations and procedures
may also lead the auditor to the discovery of contingencies

Written Representations as Audit Evidence

Audit evidence is the information used by the auditor in arriving at the conclusions on which the
auditor's opinion is based. 1 Written representations are necessary information that the auditor
requires in connection with the audit of the entity's financial statements. Accordingly, similar to
responses to inquiries, written representations are audit evidence.

Although written representations provide necessary audit evidence, they do not provide
sufficient appropriate audit evidence on their own about any of the matters with which they
deal. Furthermore, the fact that management has provided reliable written representations does
not affect the nature or extent of other audit evidence that the auditor obtains about the
fulfillment of management's responsibilities, or about specific assertions.

Discuss subsequent events – an event that occurs after the year end. Auditor is required to
gather evidence up to and including date and audit report.

Types: type 1 adjustment of dollar amounts required and type 2 no adjustments but disclosure
required
Discuss subsequent discovery of fact
When an auditor learns of facts that are important after the audit report has been issued the
auditor must determine:
a. If the information is reliable
b. If these facts existed at the date of the report

Discuss procedures for

Contingent liabilities –
1. Search for Unrecorded Contingent Liabilities
The occurrence of a contingent liability is not common. During the planning stage, auditors
review your company’s prior year files and current year’s facts, which they obtain through
management interviews. They search for events or items that support the possibility of
contingent liabilities. For example, if they find that your company faced litigation threats, they
will use their judgment to explore a reasonable outcome of the litigation in light of case facts.
They’ll analyze the valuation and treatment of the event and examine internal documents,
contracts, agreements, invoices, bank confirmation letters and press releases.
2. Letter of Audit Inquiry
Auditors use letters of audit inquiry to obtain claims and litigation evidence from the company’s
lawyers. In addition to identifying the company and noting the audit date, the inquiry contains
information from the company’s management, listing descriptions and evaluations of
contingencies. They send these letters to each lawyer that handled a potential contingent liability
case for the company. Your company’s lawyers are duty bound to provide auditors with all
relevant information needed to audit your company’s records. If they refuse to provide
information, they limit the scope of the audit. If this is the case, the auditor will decide the
appropriate way to present the facts based on materiality and risk. The presentation might
include an emphasis on the matter in the audit report.
3. Review of Subsequent Events
Contingent liabilities also may arise from subsequent events, which are events that occur after
the balance sheet date and before auditors complete the audit report. They pertain to financial
information reported at the balance sheet date and have a material effect on financial statements.
Auditors may interview managers who were directly involved in subsequent events. They also
read post balance sheet interim statements and compare this information with the financial
statement to see if they vary significantly. Auditors also may review board meeting minutes to
see what significant events the board members discussed. They’ll then verify this information
with other evidence.
4. Final Evaluation
During the final audit steps, auditors form opinions based on all the information they’ve gathered
and analyzed. They present a management letter containing recommendations for improvement,
along with an audit report. It’s important for auditors to inform you about the results of audit
engagements. They also must communicate concerns related to the audit process, such as
significant audit adjustments, disagreements with management, consultations with other
accountants and any difficulties experienced during the audit.

o Related party transactions – auditors have a responsibility to obtain reasonable

assurance that related parties have been identified and disclosed in the financial
statement
a. Related parties exist when one party has the ability to exercise
directly or indirectly. Control, joint control, or significant influence
over the other
b. Make enquiries of management, review minutes, and watch for
unusual transactions

Discuss the purpose of conducting a working paper review

Working papers prepared by the audit staff will be reviewed by the audit supervisor in detail
a. This is done to ensure that procedures are adequately documented
b. The audit manager and audit partner will focus their review on the overall scope of the
audit. Analytical procedures will be used as part of the overall review
 c. A second partner review is conducted as a quality assurance standard

Discuss and identify situations that need to be communicated to the Audit Committee
Auditor should review with management in advance information to be covered with the audit
committee
a. Communication with the audit committee can be either written or oral
b. The auditor will communicate all matters affecting approval of annual financial
statements with the board of directors

Identify and apply matters to be communicated to those having oversight responsibility –

i.e. an audit committee

Discuss the independent auditor’s report, going concern, contingencies, EOM & OM par
(CAS 706), comparatives vs. corresponding figures
Audit Reports (also see chapter 16)

Factors to consider when relying on an internal auditor or the use of an expert.

Chapter 12 - Discuss each of the processes including typical risks, transactions and source
documents, controls and account balances

Discuss audit evidence in management reports and data files

Write clear and concise audit procedures for tests of controls as they relate to control
objectives and substantive test as they relate to assertions.
Discuss the impact and effect of information technology on the audit / auditor (separate
slides, specific points regarding these slides were discussed in the class).

Discuss the general and application controls in a manual and computer environment

Chapter 3
Apply the Rules of Professional Conduct
Understand who the auditors owe a duty of care to
Apply the conditions to prove negligence to a question
Understand how auditors can limit legal liability