Edited AC2104 Bible

AC2104 Assurance and Auditing AY17/18 Sem 2
Table of Contents
Seminar 1 – Introduction to Assurance & Regulations ............................................................................................................. 8
Principal-Agent Relationship ...................................................................................................................................................... 8
Information asymmetry........................................................................................................................................................... 8
Conflict of interest .................................................................................................................................................................. 8
Definitions of Auditing and Assurance ........................................................................................................................................ 9
Types of Auditors & Auditing Services ....................................................................................................................................... 9
Types of Assurance .................................................................................................................................................................. 10
Level of Assurance ................................................................................................................................................................... 10
IAASB Elements of an Assurance Engagement ....................................................................................................................... 10
Three Party-Relationship ..................................................................................................................................................... 10
Appropriate Subject Matter .................................................................................................................................................. 10
Suitable Criteria ................................................................................................................................................................... 11
Sufficient Appropriate Evidence ........................................................................................................................................... 11
Written Assurance Report .................................................................................................................................................... 11
Profession ................................................................................................................................................................................ 11
Characteristics of a profession (Sager 1995) ....................................................................................................................... 11
Regulation of public accountants in Singapore......................................................................................................................... 11
International Standards & Organisations .................................................................................................................................. 12
Seminar 2 – Corporate Governance, Misstatements, Type of Audit Opinions/EOM ............................................................. 13
Mandatory Requirements on Audit Committees ....................................................................................................................... 13
Mandatory Audit Requirement in Singapore ............................................................................................................................. 15
Audit Exemption ................................................................................................................................................................... 15
Internal Audit ............................................................................................................................................................................ 15
Objective & Scope of F/S Audit ................................................................................................................................................ 16
Overview of the Audit Process ................................................................................................................................................. 16
Major Phases of the Audit ........................................................................................................................................................ 17
New & Revised Auditor Reporting Standards ........................................................................................................................... 18
Key Audit Matters (KAM) .......................................................................................................................................................... 19
Types of Audit Opinion (SSA 700, 705, 506) ............................................................................................................................ 20
Unmodified (SSA700): ......................................................................................................................................................... 20
Qualified (“Except for”): ........................................................................................................................................................ 20
Disclaimer Opinion (“We do not express an opinion”): ......................................................................................................... 20
Adverse Opinion (“Do not present fairly”): ............................................................................................................................ 20
Material & Pervasive Misstatements ........................................................................................................................................ 21
Misstatement SSA 450......................................................................................................................................................... 21
Material Misstatements SSA 320(2) ..................................................................................................................................... 21
Pervasive Misstatements SSA 705 ...................................................................................................................................... 21
Emphasis of Matter & Other Matter Paragraph ........................................................................................................................ 21
Audit Expectation Gap .............................................................................................................................................................. 22
Seminar 3 – Assertions / Audit Evidence, Procedures & Documentation ............................................................................. 23
Management Assertions (SSA 315) ......................................................................................................................................... 23
Audit Evidence (SSA 500.5) ..................................................................................................................................................... 24
1
Sufficiency & Appropriateness of Audit Evidence ..................................................................................................................... 24
Evaluation of Audit Evidence .................................................................................................................................................... 25
Audit Procedures for Obtaining Audit Evidence........................................................................................................................ 25
1. Risk Assessment Procedures .......................................................................................................................................... 25
2. Tests of Controls .............................................................................................................................................................. 25
3. Substantive Procedures ................................................................................................................................................... 26
Analytical Procedures (SSA 520) ............................................................................................................................................. 27
Audit Documentation ................................................................................................................................................................ 28
Seminar 4 – Client Acceptance / Audit Planning / Relying on IA & Experts / Materiality ..................................................... 30
Client Acceptance & Continuance ............................................................................................................................................ 30
Prospective Client ................................................................................................................................................................ 30
Client Continuance ............................................................................................................................................................... 31
Preconditions for an Audit ........................................................................................................................................................ 31
Preliminary Engagement Activities ........................................................................................................................................... 32
Planning the Audit .................................................................................................................................................................... 32
Using the Work of Internal Auditor ............................................................................................................................................ 34
Using the Work of Auditor’s Expert ........................................................................................................................................... 36
Materiality ................................................................................................................................................................................. 37
Step 1: Determine Overall Materiality ....................................................................................................................................... 38
Step 2: Determine Performance Materiality (PM) ..................................................................................................................... 40
Step 3: Evaluate Audit Findings (Materiality of Misstatements) ................................................................................................ 40
Nature of Misstatements ...................................................................................................................................................... 40
Evaluation of uncorrected misstatements ............................................................................................................................ 41
Seminar 5 – Audit Risk Model / Risk Assessment / Fraud / Going Concern ......................................................................... 42
Audit Risk (SSA 200) ................................................................................................................................................................ 42
Audit Risk Model .................................................................................................................................................................. 43
Auditor’s Business Risk (SSA 200.A35) ................................................................................................................................... 44
Client’s Business Risk (SSA 215) ............................................................................................................................................. 44
Overview of Risk Assessment Process to determine CBR ....................................................................................................... 45
1. Understanding Entity’s Business and its Environment ..................................................................................................... 46
2. Evaluate Entity’s Reaction to the Risk .............................................................................................................................. 47
3. Responses to Assessed Risks ......................................................................................................................................... 47
Other Significant Risks ......................................................................................................................................................... 48
Misstatement due to Fraud (SSA 240) ..................................................................................................................................... 49
Auditor’s Responsibility for Fraud......................................................................................................................................... 50
Auditor’s Response to Overall Heightened Risk of Fraud (SSA 240) ................................................................................... 50
Fraud Risk Triangle – fraud risk factors ............................................................................................................................... 50
RMM due to Fraud: Risk Assessment & Reponses ............................................................................................................. 51
Auditor’s Responses to RMM due to Fraud ......................................................................................................................... 52
Auditor’s Responses to Identified/ Suspected Fraud............................................................................................................ 52
Considerations of Laws and Regulations (SSA 250) ........................................................................................................... 52
Auditor’s Responsibility to Report Fraud/non-compliance .................................................................................................... 53
Examples of Detecting Fraud, and Designing Controls to Prevent & Detect Fraud ............................................................. 53
Documentation of Auditor’s Risk Assessment & Response...................................................................................................... 54
Communication about Fraud to Mgmt & Those Charged w Governance ................................................................................. 54
2
Going Concern (SSA 570) ........................................................................................................................................................ 55
Management’s Responsibility .............................................................................................................................................. 55
Auditor’s Responsibility ........................................................................................................................................................ 55
Implications on Auditor’s Report .......................................................................................................................................... 56
Seminar 6 – Internal Control / Control Effectiveness .............................................................................................................. 57
What is Internal Control? .......................................................................................................................................................... 57
Management’s Responsibility over Entity’s Internal Control ..................................................................................................... 57
Reporting on Internal Control ................................................................................................................................................... 57
Auditors’ Responsibility over Entity’s Internal Control .............................................................................................................. 57
The COSO Framework – Components of Internal Control (p. 188) .......................................................................................... 58
Control Environment ............................................................................................................................................................ 58
Risk Assessment Process.................................................................................................................................................... 59
Control Activities .................................................................................................................................................................. 60
Information and Communication .......................................................................................................................................... 61
Monitoring of Controls .......................................................................................................................................................... 62
Control Risk Assessment and Audit Strategy ........................................................................................................................... 63
Control risk assessed at MAXIMUM (Substantive strategy) ................................................................................................. 63
Control risk assessed at BELOW maximum (Reliance strategy).......................................................................................... 63
Testing Operating Effectiveness of Internal Control ................................................................................................................. 64
Application of COSO Framework for Reliance Strategy ........................................................................................................... 65
Documenting the understanding of internal control .................................................................................................................. 65
Effect of Entity Size on Internal Control .................................................................................................................................... 66
Limitations of Internal Control ................................................................................................................................................... 66
Steps to set control risk below maximum for Reliance Strategy ............................................................................................... 67
Timing of Audit Procedures ...................................................................................................................................................... 67
Interim Test of Controls ........................................................................................................................................................ 67
Interim Substantive Procedures ........................................................................................................................................... 68
Considerations for entities using service organisations (outsourcing) ...................................................................................... 68
Communication of Deficiencies in Internal Control (SSA 265) (p201) ...................................................................................... 69
Example of Controls ................................................................................................................................................................. 69
Seminar 7a – Auditing in a Computerised Environment ......................................................................................................... 70
Forming an Assessment of Control Risk .................................................................................................................................. 70
Issues Introduced in a Computerized Environment .................................................................................................................. 70
Implications of IT for Auditor’s Risk Assessments .................................................................................................................... 70
Effect on IT on Internal Control ................................................................................................................................................. 71
Types of IT Controls in an IT Enviroment ................................................................................................................................. 71
General Controls .................................................................................................................................................................. 72
Application Control ............................................................................................................................................................... 73
Relationship btwn General & Application Controls ................................................................................................................... 75
Impact on Audit Strategy .......................................................................................................................................................... 75
Auditing “Around” the Computer: ......................................................................................................................................... 75
Auditing “Through” the Computer: ........................................................................................................................................ 75
Computer-Assisted Audit Techniques (CAAT) ......................................................................................................................... 76
Advantages & Disadvantages of CAATs .................................................................................................................................. 78
Example of IT Control Effectiveness ........................................................................................................................................ 80
3
Seminar 7b – Audit Sampling .................................................................................................................................................... 81
Audit Sampling and Sampling Risk .......................................................................................................................................... 81
Consequences of Sampling Risk .............................................................................................................................................. 81
Non-sampling Risk: .................................................................................................................................................................. 81
Statistical vs Non-statistical Sampling ...................................................................................................................................... 82
Statistical Sampling .............................................................................................................................................................. 82
Non-statistical Sampling....................................................................................................................................................... 82
Key Steps in Audit Sampling .................................................................................................................................................... 82
Sample Selection Methods ....................................................................................................................................................... 82
Stratification ......................................................................................................................................................................... 82
Acceptable Sample Selection Methods ................................................................................................................................ 83
Unacceptable Sample Selection Methods............................................................................................................................ 83
Attribute Sampling (For Test of Controls) ................................................................................................................................. 83
Monetary-unit Sampling Technique (Substantive Testing) ....................................................................................................... 84
Conclusions on Sampling Results ............................................................................................................................................ 85
Seminar 8 – Auditing the Revenue Process ............................................................................................................................. 86
Revenue Recognition Principles ............................................................................................................................................... 86
Revenue Process: Audit Significance ....................................................................................................................................... 86
Fraud Risks relating to Revenue .............................................................................................................................................. 86
3 Types of Transactions & F/S Accounts Affected ................................................................................................................... 87
Major Revenue Functions......................................................................................................................................................... 87
Documents and Records in Sales Process .............................................................................................................................. 88
Test of Controls – Introduction ................................................................................................................................................. 89
Inherent Risks ...................................................................................................................................................................... 89
Control Risk Assessment ..................................................................................................................................................... 89
Primary Control-related Features ......................................................................................................................................... 90
Planning & Performing Test of Controls ............................................................................................................................... 90
Test of Controls for Revenue Transactions .............................................................................................................................. 90
Test of Controls for Cash Receipts Transaction ....................................................................................................................... 94
Test of Controls – Sales Returns & Allowances / Sales Discount Transactions ....................................................................... 98
Substantive Analytical Procedures ........................................................................................................................................... 98
Test of Details – Classes of Transactions (P/L)........................................................................................................................ 99
Test of Details – Account Balances (B/S) ............................................................................................................................... 100
Test of Details – Presentation & Disclosure (Pg 338) ............................................................................................................. 101
Substantive Procedures – Sending Confirmations (SSA 505) ................................................................................................ 102
Types of confirmation (SSA 505) ....................................................................................................................................... 102
Assertion that can be tested for confirmation for AR .......................................................................................................... 102
Timing ................................................................................................................................................................................ 102
Confirmation Procedures ................................................................................................................................................... 102
Alternative Procedures ....................................................................................................................................................... 103
Auditing Other Receivables .................................................................................................................................................... 104
Auditing Estimates .................................................................................................................................................................. 104
Risk Assessment................................................................................................................................................................ 104
Responses ......................................................................................................................................................................... 104
Evaluating the Audit Findings ................................................................................................................................................. 104
4
Seminar 9 – Auditing the Purchasing Process ...................................................................................................................... 105
Audit Significance: Purchasing Process ................................................................................................................................. 105
3 Types of Transactions & F/S Accounts Affected ................................................................................................................. 105
Major Purchasing Functions ................................................................................................................................................... 105
Documents and Records in Purchasing Process ................................................................................................................... 106
Test of Controls – Introduction ............................................................................................................................................... 107
Segregation of Duties......................................................................................................................................................... 107
Inherent Risk Assessment ................................................................................................................................................. 108
Control Risk Assessment ................................................................................................................................................... 108
Test of Controls for Purchasing Transactions ......................................................................................................................... 108
Test of Controls for Cash Disbursement Transactions ........................................................................................................... 112
Test of Controls for Purchase Returns ................................................................................................................................... 115
Substantive Analytical Procedures ......................................................................................................................................... 116
Test of Details – Classes of Transactions (P/L)...................................................................................................................... 116
Test of Details – Account Balances (B/S) ............................................................................................................................... 116
Test of Details - Presentation/Disclosure................................................................................................................................ 117
Accounts Payable Confirmation ............................................................................................................................................. 118
Seminar 10 – Auditing the Inventory Management Process ................................................................................................. 119
Audit Significance: Inventory Process .................................................................................................................................... 119
Overview of the Inventory Management Process ................................................................................................................... 119
Major Functions of Inventory Department............................................................................................................................... 120
Types of Documents and Records ......................................................................................................................................... 120
Physical Inventory Count (ALWAYS REQUIRED) .................................................................................................................. 121
Observing Physical Inventory (SSA 501 & AGS 4) ............................................................................................................ 121
Misconceptions .................................................................................................................................................................. 122
Stock Count Purposes & Procedures ................................................................................................................................. 122
Inventory Fraud ...................................................................................................................................................................... 122
Inherent Risk Assessment ................................................................................................................................................. 123
Test of Controls for Inventory Transactions ............................................................................................................................ 123
Test of Details – Inventory Management Transactions (P/L) .................................................................................................. 127
Test of Details – Inventory Account (B/S) ............................................................................................................................... 127
Inventory Pricing Test / Unit Cost Test ............................................................................................................................... 128
Test of Details – Disclosure of Inventory Items (FS) .............................................................................................................. 129
Seminar 11a – Auditing the HR Management Process .......................................................................................................... 130
2 Main Types of Transaction .................................................................................................................................................. 130
Types of Documents and Records ......................................................................................................................................... 130
HR Management Process Functions ...................................................................................................................................... 131
Inherent Business Risks..................................................................................................................................................... 132
Test of Controls – Payroll Transactions .................................................................................................................................. 132
5
Test of Details – Payroll Expenses (P/L) ................................................................................................................................ 135
Test of Details – Payroll Liability Account (B/S)...................................................................................................................... 135
Test of Details – Presentation & Disclosure ........................................................................................................................... 136
Seminar 11b – Auditing the PPE Management Process ........................................................................................................ 137
Inherent BR for PPE Processes ......................................................................................................................................... 138
Test of Controls – PPE Transactions ..................................................................................................................................... 138
Test of Details – PPE Purchases/Depreciation (P/L) .............................................................................................................. 139
Test of Details – PPE Account (B/S) ...................................................................................................................................... 140
Disclosure of PPE .................................................................................................................................................................. 141
Seminar 11c – Auditing the Financing/Investing Process .................................................................................................... 142
Auditing Long Term Debts / Liabilities .................................................................................................................................... 142
Inherent Risks for LT liabilities ........................................................................................................................................... 142
Test of Controls – LT liabilities ........................................................................................................................................... 142
Substantive Analytical Procedures – For LT liabilities ........................................................................................................ 143
Auditing Stockholders’ Equity ................................................................................................................................................. 144
Control Risk Assessment ................................................................................................................................................... 144
Key Segregation of Duties ................................................................................................................................................. 144
Test of Controls – For SE................................................................................................................................................... 145
Test of Details – Equity Capital Accounts .......................................................................................................................... 145
Auditing Dividends .................................................................................................................................................................. 146
Auditing Retained Earnings .................................................................................................................................................... 146
Auditing Income Statement Accounts ..................................................................................................................................... 147
Auditing the Cash Account ..................................................................................................................................................... 147
Control Risk – Cash account.............................................................................................................................................. 148
Substantive Analytical Procedures – For Cash .................................................................................................................. 148
Test of Details – For Cash ................................................................................................................................................. 148
Test of Bank Reconciliation................................................................................................................................................ 149
Fraud-Related Audit Procedures ........................................................................................................................................ 149
Auditing on other Cash accounts ....................................................................................................................................... 150
Disclosure Issues for Cash ................................................................................................................................................ 150
Auditing Investment Accounts ................................................................................................................................................ 151
Inherent Risk ...................................................................................................................................................................... 151
Tests of Controls – For Investment .................................................................................................................................... 151
Substantive Analytical Procedures – For Investment ......................................................................................................... 152
Test of Details – For Investment ........................................................................................................................................ 152
Seminar 12 – Audit Completion ............................................................................................................................................... 154
Events after the balance sheet date (FRS 10)........................................................................................................................ 154
Subsequent Events (SSA 560) ............................................................................................................................................... 154
Contingent Liabilities (FRS 37) ............................................................................................................................................... 155
Audit Procedures for Identifying Contingencies (SSA 501) ................................................................................................ 156
Other Matters to be Addressed in Completing the Audit ........................................................................................................ 157
6
Comparative Information (SSA 710) ....................................................................................................................................... 157
Other Information (OI) in Documents Containing Audited F/S (SSA 720(revised)) ................................................................ 158
Written Representations (SSA 580) ....................................................................................................................................... 158
Communications with TCWG (SSA 260) ................................................................................................................................ 159
Seminar 13 – Other Types of Assurance / Professional Ethics & Judgement .................................................................... 160
Assurance Engagement & Related Services .......................................................................................................................... 160
Level of Assurance ................................................................................................................................................................. 160
Need for Professional Judgement & Skepticism ..................................................................................................................... 161
Conceptual Framework for Code of Ethics ............................................................................................................................. 162
Fundamental Principles S100.5 ......................................................................................................................................... 162
Threats ............................................................................................................................................................................... 162
Safeguards ............................................................................................................................................................................. 163
Independence (S290.6 ACRA Code) ..................................................................................................................................... 164
Ethical Conflict Resolution Process (ACRA Code 100.19-25) ................................................................................................ 164
Financial Ratios ........................................................................................................................................................................ 165
7
Seminar 1 – Introduction to Assurance & Regulations
Factors giving rise to demand for assurance
 Conflict of interest
 Information asymmetry arising from
- Remoteness of information eg manager generally has more information about the ‘true’ financial
position and results of the entity than the absentee owner  need to solve information
asymmetry
- Complexity: eg average users may not have the ability to verify financial statement information
 need for competent auditors
 Consequence  eg importance of the credibility of financial statements to users  need for
lower risks to make better decisions
Principal-Agent Relationship
Information asymmetry
 Manager generally has more information about the “true” financial position and results of
operations than the owner
 Adverse selection (one party has more information than the other)
 Moral hazard (the actions of one party is unobservable to the other – eg manager can shirk
responsibility as owner cannot see his actions/impact of his actions)
Natural Conflict of interest

 Manager may not always act in the best interest of the owner when both manager and owner
seek to maximise their self-interest
 Eg. Manipulate reported performance to inflate stock’s price to earn larger bonus
 Eg: Manager favour entity growth at the expense of stockholder’s value
Therefore, auditing helps to add reliability, relevance and credibility to the report, thus reducing
information risk – risk that information circulated by a company’s management will be false or
misleading. It helps to monitor the contractual relationship between the entity and its stakeholders.
8
Definitions of Auditing and Assurance
Auditing Assurance
American Accounting Association: SSA Framework on Assurance Engagements:
A systematic process of objectively obtaining and Engagement in which a practitioner expresses a
evaluating evidence regarding assertions about conclusion designed to enhance the degree of
economic actions and events to ascertain the confidence of the intended users (other than
degree of correspondence between those responsible party) about the outcome of the
assertions and established criteria, communicating evaluation/ measurement of a subject matter
the results to interested users againt criteria
Subset of assurance Broader than auditing
 Expresses a conclusion to enhance degree  Systematic process
of confidence of intended users abt outcome o Well-planned and thorough
of evaluation/measurement of subject matter  Compare evidence gathered to assertions
vs. criteria. about economic entity to assess ‘degree of
 Subject matter can take many forms, i.e. correspondence between those assertions &
financial & non-financial. established criteria’.
 Role to auditing similar - determine o Criteria used for F/S audit will be a
correspondence of subject matter info to financial reporting framework
criteria. o In F/S audits, very specific reports are
o Gathers sufficient appropriate info to prescribed by auditing standards to
provide reasonable basis for expressing communicate auditor’s findings.
a conclusion on subject matter info in an
assurance report.
Exhibits 5 elements:
 Three party-relationship (practitioner,
responsible party and intended user)
 Appropriate subject matter
 Suitable criteria (FRS)
 Sufficient appropriate evidence
 Written assurance report
Types of Auditors & Auditing Services

Type of Auditors Type of Auditing Services
External Auditor: Member of an audit firm and are Internal Control Audit: Determine the
not employed by the entity being audited effectiveness of internal control within an entity
Internal Auditor: Employees of individual Operational Audit: Systematic review of part or all
companies, government bodies and other entities; of an organization’s activities to evaluate whether
Governed by the Institute of Internal Auditors; resources are being used efficiently and
May conduct financial, internal control, effectively; Assess performance, identify areas for
compliance, operational and forensic audit within improvement and development recommendation
the organization
Government Auditor: Employed by state Compliance Audit: Determine the extent to which
government and public bodies (i.e. tax rules, policies, laws or government regulations
authorities); An example will be Auditor General are followed by the entity being audited
Office, that conducts audits of activities, financial
transactions and accounts of the government
9
Forensic Auditor: Trained in detecting, Forensic Audit: Detect and deter fraudulent
investigating and deterring fraud and white-collar activities
crime; Reconstruct incomplete accounting Financial Statement Audit: Determine the
records, identifying and investigating transactions accuracy and reliability of financial statement, and
and related assets in business, embezzlement the extent to which it is prepared in accordance
and probe money-laundering with FRS standards
Fundamental concepts in conducting Financial statements

TB pg 12
Types of Assurance
Vary in terms of who provides the subject matter information to intended user
Attestation (Assertion-based) Engagement Direct Engagement
 Subject matter (e.g. F/S) available to intended  Subject matter not available to intended
users users
o In the form of an assertion o Subject matter provided to users in
 Measurement of subject matter performed by the assurance report
responsible party  Measurement of subject matter by
o Mgmt asserts that internal control is practitioner:
effective in a report using COSO  No assertions made by management to
framework intended user.
 Practitioner is engaged to express opinion on
whether assertion is effective
 F/S audits, external assurance on sustainability  Compliance, operational audits
reporting  e.g. others say that it is no.1 chicken rice
 e.g. no.1 chicken rice (engage practitioner to
express opinion on this assertion)
Level of Assurance
Factors to consider: Cost, timing, needs
Reasonable Assurance Engagement
 Practitioner gathers sufficient appropriate evidence to enable him to express his conclusion in the
positive form
 e.g., “In our opinion, management’s assertions are fairly presented.”
Limited Assurance Engagement
negative form
 e.g., “in our opinion, nothing has come to our attention that causes us to believe that
management’s assertions are not fairly presented.”
IAASB Elements of an Assurance Engagement

Three Party-Relationship
 Practitioner – auditor, Responsible party and Intended user
Appropriate Subject Matter
 Subject Matter: information, condition or activity that is measured against criteria
10
o E.g.: effectiveness of internal control, performance around human rights (part of
sustainability performance), entity’s financial performance
 Subject Matter Information: Outcome of measurement using criteria
o E.g.: financial statements (result of applying IFRS), assertions in sustainability report
(result of applying Global Reporting Initiative)
 Appropriate:
o Identifiable and capable of consistent evaluation/measurement against identified criteria
o Can be subjected to procedures for gathering sufficient appropriate evidence to support a
reasonable assurance or limited assurance conclusion
Suitable Criteria
 Benchmarks used to evaluate or measure the subject matter. E.g. IFRS, GRI
 Suitable: relevant, complete, reliable, neutral, understandable (if on basis of practitioner’s own
expectations, judgments or individual experience à not suitable criteria)
Sufficient Appropriate Evidence
Written Assurance Report
Profession
A disciplined group of individuals who adhere to high ethical standards and uphold themselves to, and are
accepted by, the public as possessing special knowledge and skills in a widely recognised, organised body
of learning derived from education and training at a high level, and who are prepared to exercise this
knowledge and these skills in the interest of others.
Characteristics of a profession (Sager 1995)
 Skill based on theoretical knowledge (to apply skills in practice to further interests of clients)
 Extensive period of education (formal education)
 Testing competency (pass a prescribed examination based on theoretical knowledge) 
Institutionalized training or period of internship
 Licensed practitioners
 Work autonomy environment (independent decision-making)
 Professional associations
 Code of ethics
Regulation of public accountants in Singapore

Accounting and Corporate Regulatory Authority
National Regulator of business entities and public accountants in Singapore. It plays the role of facilitator
for the development of business entities and the public accountancy profession.
ACRA undertakes oversight of issuance of auditing standards. The Auditing and Assurance Standards
Committee (AASC) of ISCA manages the due process. SSAs are based on ISAs.
Institute of Singapore Chartered Accountants

National professional accounting body in Singapore. The committee of ISCA manages the due process
of localizing the standards issued by ACRA
11
International Standards & Organisations
International Federation of Accountants
IFAC is the global organization for the accountancy profession. It establishes international standards on
ethics, auditing and assurance, accounting education, and public sector accounting through its
independent standard-setting board
Independent Board Description
International Auditing  Issues international standards for quality control, auditing, review, other
and Assurance assurance and related services
Standards Board  Promotion of the International Standards on Auditing
(IAASB)  Offer guidance and support tools to facilitate the adoption and
implementation of its standards
International Ethics  Develops and issues ethical standards and guidance for use by
Standards Board for professional accountants (i.e. Code of Ethics for Professional
Accountants (IESBA) Accountants)
International Accounting  Develop and publicize International Financial Reporting Standards
Education Standards  Approve the interpretation of IFRS
Board (IAESB)
Public Interest Oversight Board

PIOB oversees the standard-setting process in the realm of the IFAC. It is responsible for approving that
the standard-setting has followed a due process, including that the standard-setting was sufficiently
responsive to the needs and perceptions of various stakeholders, before finalizing a standard.
IFAC/IESBA Code of Ethics

Part A: Fundamental principles and conceptual framework for all professional accountants
Part B: Application of conceptual framework in certain situations encountered by professional
accountants in public practice
Part C: Application of conceptual framework in certain situations encountered by professional
accountants in business
ISCA Code – Based on Part A, B, C of IFAC Code

ACRA Code – Based on Part A, B of IFAC Code
12
Seminar 2 – Corporate Governance, Misstatements, Type of Audit Opinions/EOM
Corporate Governance is the system by which companies are directed and controlled. Board of
directors are responsible for the governance of their companies.
Matters covered under Code of Corporate Governance 2012:

Board matters Conduct of affairs (meetings), Composition and guidance, Chairman and CEO
(segregated), Board membership, Board performance, Access to information
Remuneration Procedures for developing remuneration policies, Level and mix of
matters remuneration, Disclosure of remuneration
Accountability and Accountability, Risk management and internal controls, Audit committee,
audit remuneration, nomination committee, Internal audit
Shareholder rights Shareholder rights, Conduct of shareholder meetings
and responsibilities
Disclosure of corporate governance arrangements
Key players:
Internal External
Board of Directors (executive/non-executive) External auditors
 Sub committees: Audit, remuneration, Regulators
nominating Shareholders and advocates
Internal auditors Analysts, lenders, rating agencies
Mandatory Requirements on Audit Committees

Companies Act 201B:
(1) Every listed company shall have an AC
(2) An AC shall be appointed by the directors among their number (pursuant to resolution of BoD)
and shall be composed of 3 of more members of whom a majority shall NOT be
(a) Executive directors of the company or any related corporation,
(b) A spouse, parent, brother, sister, son or adopted of an executive director of the company
or any related corporation OR
(c) Any person having a relationship which, in the opinion of BoD would interfere with the
exercise of independent judgement in carrying out the functions of an AC
(3) Members of AC shall elect a chairman among their number who is not an executive director
or employee of the company or any related corporation
Companies Act 201B(5): Functions of AC shall be

(a) To review
(i) With the auditor, the audit plan
(ii) With the auditor, his evaluation of the system of internal accounting controls
(iii) With the auditor, his audit report
(iv) Assistance given by the company’s officers to the auditor
(v) Scope and results of the internal audit procedures and
(vi) The FS of the company and, if it is a parent company, the consolidated FS, submitted to it
by the company or the parent company, and thereafter to submit them to directors
(b) To nominate a person or persons as auditor
Together with such other functions as may be agreed to by the audit committee and BoD
13
Companies Act 201B: AC meetings
(6) Auditor has the right to appear and be heard at any AC meeting and shall appear before the
committee when required to do so by the committee
(7) Upon request of the auditor, the chairman of AC shall convene a meeting to consider any
matters the auditor believes should be brought to the attention of the directors or shareholders
AC Composition
12.1 The AC should comprise at least 3 directors
 Majority of whom, including the AC chairman should be independent
 All members should be non-executive directors
Board should disclose in Annual Report names of the members of AC and the key terms of
references
12.2 Board should ensure that members are appropriately qualified to discharge their responsibilities
 At least 2 members, including AC chairman should have recent and relevant accounting
or related financial management expertise or experience
 As the board interprets such qualification in its business judgement
2.3 An “independent” director is one who has no relationship with
 The company
 Its related corporations
 10% shareholders or its officers
That could interfere, or to be reasonably perceived to interfere, with the exercise of the director’s
independent business judgement with a view to the best interests of the company
AC Duties
12.4 (a) Reviewing the significant financial reporting issues and judgements so as to ensure
integrity of FS and any announcements relating to the company’s financial performance
(b) Reviewing and reporting to the board at least annually adequacy and effectiveness of the
company’s internal controls, including financial, operational, compliance and information
technology controls (such review can be carried out internally or with the assistance of any
competent third parties)
(c) Reviewing the effectiveness of the company’s internal audit function
(d) Reviewing scope & results of the external audits + independence & objectivity of ex.auditors
(e) Making recommendations to the Board on proposals to the shareholders on the appointment,
re-appointment and removal of external auditors, and approving the remuneration and terms
of engagement of the external auditors
12.5 AC should meet with external and internal auditors in each case without the presence of
Management, at least annually
12.6 AC should review the independence of the external auditors annually and should state
(a) Aggregate amount of fees paid to external auditors for that financial year
(b) Breakdown of the fees paid in total for audit and non-audit services respectively or an
appropriate negative statement in the company’s Annual Report
Where the external auditors also supply a substantial volume of non-audit services to the company
 AC should keep nature and extent of such services under review, seeking to maintain objectivity
14
Mandatory Audit Requirement in Singapore
Companies Act, S201:
 Directors of every company to present at AGM audited profit and loss account and balance sheet
that comply with the requirements of the Accounting Standards AND give a true and fair view
of the profit and loss and state of affairs of the company respectively
 Holding companies to present audited balance sheet of the holding company and consolidated
accounts (profit or loss account and balance sheet)
S201:14A – True and Fair override  “need not comply with that requirement (of Accounting Standards)
to the extent that this is necessary for them to give a true and fair view of the matter”
Audit Exemption
Companies Act, Section 205B&C, 13th Schedule:
Company is exempt from audit requirement if it is:
 Dormant at time of formation or since previous financial year OR
 Company that qualifies as a ‘small company’
o Private company in FY in question AND
o Meets at least 2 of the following criteria in the immediate past 2 FYs:
 Total annual revenue ≤ $10 million
 Total assets ≤ $10 million
 Number of employees ≤ 50
o For company which is part of a group:
 Company must qualify as a small company AND
 Entire group must be “small group” to qualify
Internal Audit
(Currently no requirements  recommends only)
Principle 13: Company should establish an effective internal audit function that is adequately resourced
and independent of the activities it audits
Guidelines:
13.1 The IA’s primary line of reporting should be to the AC chairman although the IA would also
report administratively to the CEO
The AC approves the hiring, removal, evaluation and compensation of the head of the IA
function or the accounting/auditing firm or corporation to which the IA function is outsourced
IA should unfettered access to all the company’s documents, records, properties and personnel,
including access to the AC
13.2 AC should ensure the IA function is adequately resourced and has appropriate standing within
the company.
For the avoidance of doubt, the IA function can be in-house, outsourced to a reputable
accounting/auditing firm or corporation, or performed by a major shareholder, holding company or
controlling enterprise with an internal audit staff
13.3 IA function should be staffed with persons with the relevant qualifications and experience
13.4 IA should carry out its function according to the standards set by nationally or internationally
recognised professional bodies
13.5 AC should, at least annually, review the adequacy and effectiveness of IA function
Overview of Key Audit-related Companies Act Provision  Refer to Sem 2 Slide 17

15
Objective & Scope of F/S Audit SSA 200
SSA 200.11 Objective of an audit of the financial report is to enable the auditor to express an opinion to
whether the financial report is prepared, in all material aspects, in accordance w an applicable financial
reporting framework
In SG, auditor has an obligation to form a conclusion (audit opinion) as to whether the financial report
has been prepared in accordance w the provisions of the Singapore Companies Act & SFRS.
SSA 700.35 Requires the auditor to express an opinion as to whether the financial report ‘gives a true
and fair view’ or ‘presents fairly, in all material respects’ in accordance w the applicable financial
reporting framework
 To enhance the degree of confidence of intended users in the F/S
 Through the expression of an opinion by the auditor on whether the financial statements are
o Presented fairly
o In all material respects, (or give a true and fair view)
o In accordance with an applicable financial reporting framework
 By obtaining reasonable assurance about whether the F/S as a whole are free from material
misstatement, whether due to fraud or error
Overview of the Audit Process
16
Major Phases of the Audit
Phases are quite iterative and interrelated in nature (They do not always happen in sequence)
Client Acceptance/ Continuance & Establishing an Understanding w Client (S3-5)
 Professional standards require audit firms to establish policies & procedures for choosing
whether to accept new clients/ keep current ones
 Purpose: Minimize chance that auditor will be linked to clients lacking integrity  If client lacks
integrity, higher RMM, that goes undetected
 New clients:
o Confer w predecessor auditor
o Do background checks on top management
o This would give auditor valuable understanding of entity & environment, helps in risk
assessment and audit planning
Preliminary Engagement Activities (S3-5)
1. Determine audit engagement team requirements
Auditors updating their understanding of entity & its environment
o Nature of entity, industry, performance measures, internal control
o Knowledge of entity & environment helps in assessing RMM & in setting scope of
audit
 Partner forms team w members having suitable audit & industry experience for
engagement, determines if experts are needed
2. Ensure audit firm & engagement team complies with ethical requirements, including being
independent of entity being audited
 Free from prohibited relationships that might threaten objectivity
3. Establish understanding with client regarding services to be performed and terms of engagement
 Timing of audit and expected audit fees
Plan the Audit (S3-5)
 Proper planning ensures audit is done effectively & efficiently
 Make a preliminary assessment of client’s biz risks & determine materiality
 Audit team relies on the above judgements to assess risk relating to likelihood of material
misstatements in F/S
 Should consider auditor’s knowledge of entity’s internal control system
 Planning results in written plan that sets forth overall audit strategy, & NET of audit work
Consider Internal Controls (S6-7)
 To achieve reliable financial reporting, effective & efficient operations, compliance with laws and
regulation
 Quality of internal controls over financial reporting is relevant to auditors
o Helps to assess risk & identify areas where high RMM
 Opinion on effectiveness of internal control over financial reporting is not needed
Audit Business Processes & Related Accounts (e.g. revenue generation) (S8-11)
 Organize audits by grouping F/S accounts according to biz processes that primarily affect those
accounts
Complete the Audit & Evaluate Results (S12)
 Obtain sufficient appropriate evidence to reach & justify a conclusion on fairness of F/S
 Assess sufficiency of evidence and seek additional evidence when needed
 Auditor also assess some issues, including possibility of undisclosed contingencies, and look for
any post balance sheet events that affect F/S
17
Issue Audit Report (S2&12)
 Evaluate results & choose suitable audit report (audit opinion) to issue
 Determines if preliminary assessments of risks are suitable in light of evidence collected &
whether sufficient evidence was obtained
 Auditor aggregates total uncorrected misstatements that are detected & determines if they cause
F/S to be materially misstated
o If material, auditor can get client to correct misstatements
o If client refuses, auditor issues opinion that indicates F/S are materially misstated, &
explain nature of misstatement
o If uncorrected misstatements are insignificant enough or if client corrects them, then
unmodified opinion
New & Revised Auditor Reporting Standards

Rationale for Revision
 Pass/fail model of auditor’s report insufficient
 Stakeholders want auditor’s report to be more informative & relevant
 Increase transparency on going concerns & key audit matters (KAM)
Major Changes to Structure & Content of Audit Report
 For all audits
o Opinion section to be presented first, followed by basis of opinion
o Enhanced auditor reporting on GC
o Affirmative statement abt auditor independence & ethical responsibilities of mgmt. &
auditor
 For audits of F/S listed entities
o Key audit matters
o Disclosure of name of the engagement partner
18
Key Audit Matters (KAM)
KAM are those that the auditor views as most significant, with an explanation of how they were
addressed in the audit
SSA 701.9 The auditor shall determine, from matters

communicated w TCWG, those matters that required sig.
auditor attention in performing the audit. In making this
determination, the auditor shall take into account the
following:
(a) Areas of higher assessed RMM, or sig. risks
identified in accordance w SSA 314
(b) Significant auditor judgements relating to areas in the
F/S that involve significant mgmt judgement,
including accounting estimates that have been
identified as having high estimation uncertainty
(c) The effect on the audit of significant events or
transactions that occurred during the period
Description of KAM
 Why the matter was considered to be a KAM
 How the matter was addressed in the audit
 Reference to the related disclosures (if any)
 Should be entity-specific, avoid standardized/ overly technical language
 Description may include SSA 791.A46
o Aspects of the auditor’s response/ approach
o Brief overview of audit procedures performed
o Indication of outcome of auditor’s procedures
o Key observations with respect to the matter
 Description should not
o Imply that the matter has not be appropriately resolved by auditor in forming the opinion
on the F/S
o Contain or imply discrete opinion or separate elements of the F/S
19
Types of Audit Opinion (SSA 700, 705, 506)
Unmodified (SSA700): F/S conform to the applicable FR framework

 Auditor expresses opinion on F/S prepared in accordance w a fair presentation framework
 F/S present fairly, in all material aspects, … in accordance with [applicable FR framework]
 F/S give a true and fair view of… in accordance with [applicable FR framework]
Qualified (“Except for”): Material but not pervasive

 Qualified for Scope Limitation: Auditor has not obtained sufficient appropriate audit
evidence. Can be due to the following 3 reasons (SSA 705.A8)
o Client-imposed: Client requests auditor not to confirm AR because of customer
relations concerns
o Condition imposed (Circumstances beyond the control of entity): fire destroyed some
accounting records
o Circumstances related to nature/ timing of auditors work
 A limitation on performance of particular procedure does not necessarily constitute a
limitation on scope of audit if auditor is able to obtain sufficient appropriate evidence by
performing alternative procedures
 Qualified for financial reporting framework departure: auditor concludes that there is a
misstatement that is material but not pervasive.
o Uses “except for”
Disclaimer Opinion (“We do not express an opinion”): Material & pervasive (Scope limitation)
 Scope limitation  unable to obtain sufficient audit evidence
 Withhold opinion or indicates that no opinion is expressed
 E.g.: insufficient audit evidence on investment in foreign affiliate
Adverse Opinion (“Do not present fairly”): Material & pervasive (Departure from FRS)
 Departure from financial reporting framework
 Auditor obtained sufficient appropriate audit evidence and concludes that the misstatements
are due to departure from applicable financial reporting framework
 States the opinion that F/S do not present fairly in accordance with applicable financial
reporting framework
20
Material & Pervasive Misstatements
Misstatement SSA 450
Difference between the
 Amount, classification, presentation, or disclosure of a reported F/S item and
 Amount, classification, presentation, or disclosure that is required for the item to be in
accordance with the applicable financial reporting framework.
Misstatements can arise from error or fraud.
Material Misstatements SSA 320(2)

 Misstatements, including omissions, are considered to be material if they, individually or in
the aggregate, could reasonably be expected to influence the economic decisions of users
taken on the basis of the financial statements
 Judgments about materiality are made in light of surrounding circumstances, and are
affected by the size or nature of a misstatement, or a combination of both
 Materiality can be quantitative or qualitative
 Concept of materiality will be discussed in Seminar 4
Pervasive Misstatements SSA 705

 Are not confined to specific elements, accounts or items of the financial statements; (e.g. 7
out of 10 lines wrong)
 If so confined, represent or could represent a substantial proportion of the financial
statements; or (e.g. inventory wrong & inventory 90% of assets)
 In relation to disclosures, are fundamental to users’ understanding of the financial
statements (e.g. fire after year end in FRS 10 is non-adjusting, so pervasive nondisclosure)
Emphasis of Matter & Other Matter Paragraph

Emphasis of Matter paragraph Other Matter paragraph
Purpose: To draw users’ attention to a matter Does not affect auditor’s opinion because it
which, although appropriately presented or relates to a matter other than those required to be
disclosed in the F/S, its importance that it is presented or disclosed in the FS
fundamental to users’ understanding of F/S
Does not affect auditor’s opinion because it can

only be included in audit report if the matter is
appropriately presented or disclosed in FS
Where: Included immediately after the opinion Where: An other matter paragraph is headed
paragraph in the audit report and the heading ‘Other Matter’ and the paragraph is included in
‘Emphasis of Matter’ is ordinarily used the audit report immediately after the opinion
 Includes clear reference to matter being paragraph and any emphasis of matter paragraph
emphasized & to where relevant
disclosures that fully describe matter can Examples:
be found in F/S  Last year not audited/audited by someone
 Should indicate that auditor’s opinion is not else
modified in respect of matter emphasized  Disclaimer
21
Examples of situations in which it is used:
 An uncertainty relating to future outcome of
exceptional litigation or regulatory action
 Early application (where permitted) of a
new accounting standard that has a
pervasive effect on the financial statements
in advance of its effective date
 A major catastrophe that has had, or
continues to have, a significant effect on
the entity’s financial position (e.g. fire)
 A material uncertainty that may cast
significant doubt about the company’s
ability to continue as a going concern which
has been adequately disclosed (SSA 570)
 Unusually important subsequent events
 Significant transactions with related parties
Audit Expectation Gap
 Difference between the actual and expected performance of an auditor from the society
 Both will never meet because of unreasonable expectations
 Solutions – from auditor: more training, revise standards; from society: educate public, outreach,
seminars
(Refer to Sem 2 last slide for more information)
22
Seminar 3 – Assertions / Audit Evidence, Procedures & Documentation
Management Assertions (SSA 315)

Management is responsible for fair presentation of F/S. Assertions are representations by management
embodied in F/S. Used by auditor to consider various potential misstatements that may occur.
IAASB is expected to revise ISA 315 to integrate relevant assertions relating to disclosure rather than
keeping them as separate assertions
Assertions about classes of transactions and events for the period under audit:
 Occurrence - transactions and events that have been recorded have occurred & pertain to entity.
 Completeness - all transactions and events that should have been recorded have been recorded.
 Accuracy - amounts and other data relating to recorded transactions and events have been
recorded appropriately.
 Cut-off - transactions and events have been recorded in the correct accounting period.
 Classification - transactions and events have been recorded in the proper accounts.
Assertions about account balances at the period end:
 Existence - assets, liabilities, and equity interests exist.
 Rights and obligations - the entity holds or controls the rights to assets, and liabilities are the
obligations of the entity.
 Completeness - all assets, liabilities and equity interests that should have been recorded have
been recorded.
 Valuation and allocation - assets, liabilities, and equity interests are included in the financial
statements at appropriate amounts and any resulting valuation or allocation adjustments are
appropriately recorded.
Assertions about presentation and disclosure:
 Occurrence and rights and obligations - disclosed events, transactions, and other matters have
occurred and pertain to the entity.
 Completeness - all disclosures that should have been included in the financial statements have
been included.
 Classification and understandability - financial information is appropriately presented and
described, and disclosures are clearly expressed.
 Accuracy & valuation - financial and other information are disclosed fairly & at appropriate amts
23
Audit Evidence (SSA 500.5)
 Info used by auditor in arriving at conclusions on which audit opinion is based
 Includes info contained in accounting records underlying the F/S and other info
 Nature/ sufficiency & appropriateness/ evaluation
Nature of Audit Evidence

 Definition: Form/type of info (Accounting records & other information)
 Accounting records: Records of initial entries/ invoices/ contracts/ journal entries etc)
 Other information: Minutes of meetings/ 3rd party confirmation/ analysts’ reports/ benchmarks
o Obtained via audit procedures like inquiry, observation and inspections, allowing auditor
to reach conclusion via valid reasoning.
Sufficiency & Appropriateness of Audit Evidence

SSA 500(6): The auditor should obtain sufficient appropriate evidence to be able to draw reasonable
conclusions on which to base the audit opinion
SSA 200(A48): The matter of difficulty, time or cost is not in itself a valid basis for the auditor to omit an
audit procedure for which there is no alternative or to be satisfied with audit evidence that is less than
persuasive
Sufficiency (Quantity) Appropriateness (Quality)

Influenced by Relevance Reliability
Greater risk of Higher quality audit The logical connection Source
misstatement à Higher evidence  Lower with the purpose of the (Internal > External)
quantity of evidence quantity of audit evidence audit procedure and the
required required assertion under
 Obtaining more evidence may not compensate consideration (e.g. Nature
for its poor quality vouching for (Documentary > Oral)
 Only a sample of transactions are examined, occurrence, tracing for Circumstance
conclusion on that account based on subset of completeness) (Strong > Weak IC)
evidence
24
Evaluation of Audit Evidence
Proper evaluation of evidence requires an understanding of the:
 Type of evidence available
 Relative reliability of available evidence
Evidence Triangulation SSA 500 (A8)  More assurance is ordinarily obtained from consistent audit
evidence from different sources or of a different nature than from items of audit evidence considered
individually
Auditor must be able to assess when a sufficient amount of appropriate evidence has been obtained in
order to determine fairness of management’s assertions.
 Must be thorough in searching for evidence and unbiased in evaluation
 E.g. If no response to confirmation, check through subsequent cash receipts, shipping
documents, etc.
 In evaluation of evidence, auditor must be objective and not allow evaluation to be biased by
other
Audit Procedures for Obtaining Audit Evidence

Specific acts performed by the auditor to gather audit evidence
1. Risk Assessment Procedures

 Understanding of entity & its environment including internal control
 To assess RMM at the F/S and relevant assertion levels
 Eg Inquiries of Management
o Get info from mgmgt & those responsible for financial reporting
o Inquiring from others within entity helps in giving auditor with a perspective that differs
from mgmt. & those responsible for financial reporting
 TCWG, I.e. BOD or AC, internal audit function (know about design & effectiveness
of controls)
 Workers who initiate process or record complex/unusual transactions ü In-house
legal counsel, production, marketing, sales and other personnel. (Litigation &
compliance with rules and regulations)
o Inquire of customers, suppliers or valuation experts. Can give info helpful in uncovering
fraud (E.g. customers get goods they didn’t order to overstate revenue)
 Eg. Preliminary analytical procedures
o Evaluations of financial info via analysis of plausible relationship among both financial &
non-financial data
o Helps identify if there are unusual transactions/events, amounts, etc. that may implicate
the audit planning (Auditor should develop expectations about plausible relationships that
are expected to exist)
 Eg. Observation & inspection
2. Tests of Controls
 Test operating effectiveness of controls in preventing/ detecting and correcting material
misstatements in relevant assertion level
 E.g. Inspection of documents, observation of application of specific controls/ walk-throughs/
reperformance of application of control by auditor
25
3. Substantive Procedures
 Detect material misstatements at relevant assertion level. (Monetary errors)
Test Of Details
 Of classes of transaction, account balances, disclosure
 Detailed transactions are verified
 E.g. Inspecting invoices, tracing them to various accounts, tracing cash received & paid form the
cash book to the proper account
Substantive Analytical Procedures
 Evaluation of financial info via analysis of plausible relationships among both financial & non-
financial data, i.e. compare previous year’s figures with current year, adjusted for economic
conditions
 Make comparisons to identify accounts that may have material misstatements and need more
investigation, or as a reasonableness test of account balance. Effective and efficient form of
evidence. Used to accomplish 3 purposes:
o Risk assessment procedures to help auditor better understand biz and plan nature,
extend, timing of audit procedures (NET).
o Substantive analytical procedures as substantive procedure to get evidence about
particular assertions related to account balances/classes of transactions.
o Final analytical procedures: overall review of financial info in the final review stage of
audit.
By Objective By Means (in order of reliability)

Risk Assessment procedures: Inspection of tangible assets
To gain an understanding of the entity and its External confirmation (e.g. bank, AR/AP)
environment, including the entity’s internal Inspection of external records/documents
control, to identify and assess the risk of Reperformance (recount client’s stock count)
material misstatement, whether due to fraud or
error, at the financial statement and assertion Recalculation (e.g. bank reconciliation)
levels Inspection of internal records/documents
(strong internal controls)
Tests of Control:
To evaluate the operating effectiveness of Analytical procedures (strong internal controls)
controls in preventing or detecting and
correcting, material misstatements at the Observation (e.g. stock take)
assertion level Client inquiry (rigorous)
Substantive Procedures: Inspection of internal records/documents (poor
To detect material misstatements at the internal controls)
assertion level and includes test of details and Analytical procedures (poor internal controls)
substantive analytical procedures
Client inquiry (informal)
More reliable: external, effective internal control, obtained directly by the auditor, original, in writing
Key points to take note:
 Procedure must match to what you want to do (objective)
 Inspection (of asset) can confirm existence, but not ownership. For R&O, inspect document.
 Observation typically for internal control
 Observation usually low but absolute assurance if only done once a year (e.g. stock take)
 External confirmation: don’t always assume collusion
26
 External confirmation cannot test completeness (e.g. owe $200 instead of the confirmed $100)
 Analytical procedures help to address completeness
 Inquiry good for understanding and fast but may not be reliable
 Scanning efficient for large data and can check for completeness (missing sequence) and
existence (e.g. double counting)
 Recalculation and reperformance depend on the accuracy of underlying data
Analytical Procedures (SSA 520)

Evaluations of financial information through analysis of plausible relationships among both financial and
non-financial data eg
 Compare financial information with prior periods, anticipated or industry results
 Consider relationships among elements of financial information or between financial and non-
financial information
Investigation of unexpected fluctuations and relationships
Purpose of analytical procedures

Preliminary Analytical Required to be performed as part of risk assessment procedures (SSA 315.6)
Procedures
Substantive Analytical Can be employed as part of substantive procedures to detect material
Procedures misstatement in particular FS assertions
Final Analytical Required near end of audit to form overall conclusion as to whether FS
Procedures consistent with auditor’s understanding of entity (SSA 520.6)
Major types of analytical procedures

Evaluative  Trend analysis – Analysis of changes in an account over time
procedures  Ratio analysis – Comparison of relationships between FS accounts or
between an account and non-financial data, across time or to a benchmark
Predictive  Development of a model to form an expectation using financial, non-financial
procedures – data or both, to test account balances or changes in account balances
Reasonableness between accounting periods
analysis
27
Usefulness of Analytical procedures as substantive procedures depends on
 Assessed risk of material misstatement
o Higher risk  greater reliance on tests of details
 Precision of expectation. Which is affected by
o Degree of disaggregation (eg by period, product line)
o Predictability of relationships (eg recurring vs non-recurring expenses)
 Availability of relevant & reliable data
o Eg. industry results, non-financial information
Investigation of unexpected results (SSA 520:7)

 Ordinarily begins with inquiries of management
 Corroboration of management’s responses
 Consider need for other audit procedures if explanation not adequate
At planning stage, the auditor usually starts with analysis of aggregated data. The results provide a
broad indication of possible MM and areas where further audit procedures are required
Audit Documentation
Record of the audit procedures performed, relevant audit evidence obtained and conclusions the auditor
reached
Purpose of documentation
 Provide evidence in relation to
o The auditor’s basis for a conclusion about the achievement of the overall objectives of the
auditor
o How the audit was planned and performed in accordance with SSA and applicable legal
and regulatory requirements
 Helps the engagement team plan and perform the audit
 Helps members of the engagement team responsible for supervision to direct and supervise the
audit work, and to discharge their review responsibilities
 Enable the engagement team to be accountable for its work
 Retain a record of matters of continuing significance to future audits
 Enable the conduct of external inspections in accordance with applicable legal, regulatory or
other requirements
 Enable the conduct of quality control reviews and inspections in accordance with Singapore
Standard on Quality Control (SSQC) or equally demanding national requirements
Key components of Audit Documentation

 The nature, timing and extent of audit procedures performed to comply with requirements
o The identifying characteristics of the specific item or matters tested
o Who performed the audit work and the date of such work completed
o Who reviewed the work performed and the date and extent of such review
 The results of the audit procedures performed, and the audit evidence obtained
 Significant matters, arising during the audit, the conclusions reached, and significant professional
judgments made in reaching those conclusion
 Discussions of significant matters with management, those charged with governance, and others
o Nature of the significant matters discussed & When and with who discussion takes place
28
 For information that is inconsistent with the auditor’s final conclusion regarding a significant
matter
o The auditor shall document how the auditor addressed the inconsistency
 Departure from a relevant requirement
o The auditor shall document how the alternative audit procedures performed achieve the
aim of that requirement, and the reasons for the departure.
 Matters arising after the date of auditor’s report
o If the auditor performs new or additional audit procedures or draws new conclusion after
the date of the auditor reports, the auditor shall document
 The circumstances encountered
 The new or additional audit procedures performed, audit evidence obtained,
conclusion reach and the effect on auditor’s report
 When and by whom the resulting changes to audit documentation were made and
reviewed
Content of Audit Documentation

Permanent Current
Copies of Corporate Charter Copy of Financial Statements and Auditor’s Report
Charts of Accounts Overall Audit Strategy / Audit Plan
Organisational Chart Minutes of Important Meetings
Copies of Important Contracts (Pension, Working Trial Balance
Union, Leases)
Documentation of Internal Control Adjusting and Reclassification of Journal Entries
(Flowcharts)
Terms of Stock/Bond Issues Working papers supporting financial statement
account
Prior Years’ Analytical Procedure results
Permanent: Contain historical data about the entity that are of continuing relevance to the Audit
Current: Includes information and data related specifically to the Current Year’s Engagement
Audit File
One or more folders or other storage media, in physical or electronic form, containing the records that
comprise the audit documentation for a specific documentation.
29
Seminar 4 – Client Acceptance / Audit Planning / Relying on IA & Experts / Materiality
Client acceptance & continuance Preliminary engagement activities Plan the audit
Client Acceptance & Continuance

SSA 220.A8 Info for the engagement partner to determine if the acceptance & continuance of client
relationships and audit engagement is appropriate:
 The integrity of the principal owners, key management & those charged with governance of entity;
 Whether the engagement team is competent to perform the audit engagement and has the
necessary capabilities, including time and resources;
 Whether the firm & the engagement team can comply with relevant ethical requirements; and
 Significant matters that have arisen during the current or previous audit engagement, and their
implications for continuing the relationship.
Prospective Client
Perform procedures to evaluate prospective client before accepting. Documented in memo or by
completion of an entity acceptance questionnaire/checklist.
Procedure Explanation
1. Obtain & review available financial info Financial info - Annual reports, interim F/S, income
tax returns
2. Inquire of 3rd parties abt integrity of entity & 3rd parties - Lawyers, credit agencies
mgmt
3. Communicate with predecessor auditor Info about integrity of management
(Prospective client must authorize Disagreements w mgmt abt accounting policies, audit
predecessor auditor to respond to successor’s procedures, or significant matters
requests for info – Auditors are not allowed to
disclose confidential client info) Understanding about reasons for change of auditors
Communications w those charged w governance

regarding fraud/non-compliance w laws or regulations
/ deficiencies in internal control
4. Consider if potential client has unusual biz Any circumstances requiring special attention – E.g.
or audit risks Litigation / going-concern issues
5. Determine if firm is independent of entity
6. Determine if firm has required technical Skills / knowledge of industry
skills/knowledge
7. Determine if accepting client will breach E.g. IESBA Code of Ethics of Professional
any regulatory or ethical requirements Accountants
30
If the prospective client has been audited before (above procedures + following)
Need to check with predecessor for information or to permit a review of working paper, it must be done
with the predecesor’s authorization
 Information that might bear on the integrity of management
 Disagreement with management about accounting policies, auditing procedures or other similarly
significant matters
 Communication to those charged with governance regrading fraud and non-compliance with law
and regulations and significant deficiencies in internal control
 Predcessor’s understanding about the reasons for the change in auditors
Client Continuance
 Evaluate periodically whether to continue the relationship with current clients
 May take place at or near the completion of an audit or when significant event occur
 Consider: Any conflicts over accounting/auditing issues? Or dispute over fees?
Preconditions for an Audit

SSA 310.6b Auditor shall obtain the agreement of management that it acknowledges and understands
its responsibility:
(i) For the preparation of FS in accordance with the applicable FRS, including where relevant their
fair presentation,
(ii) For such internal control as management determines is necessary to enable the preparation of
FS that are free from material misstatement, whether due to fraud or error; and
(iii) To provide the auditor with:
a. Access to all information of which management is aware that is relevant to the
preparation of FS such as records, documentation and other matters;
b. Additional information that the auditor may request from management for the purpose of
audit and
c. Unrestricted access to persons within the entity from whom the auditor determines it
necessary to obtain audit evidence
SSA 210.8 If the preconditions for audit are NOT present  auditor shall discuss the matter with
management
 Unless required by law or regulation to do so, the auditor shall not accept the proposed audit
engagement
SSA 210.7 If management or TCWG impose a limitation on the scope of the auditor’s work in terms of
a proposed audit engagement such that the auditor believes the limitation will result in the auditor
disclaiming an opinion on FS  auditor shall not accept such as limited engagement as an audit
engagement
 Unless required by law or regulation to do so, the auditor shall not accept the proposed audit
engagement
31
Preliminary Engagement Activities
1. Determine the Audit Engagement Team Requirements
 Ensure auditors’ have a proper degree of technical training & proficiency, given the situation
of entity
Factors to consider: Engagement size/ level of risk/ complexity/ special expertise/ personnel
availability/ timing of work to be performed.
2. Ensure that the Audit Team and Audit Firm are in Compliance with Ethical and Independence
Requirements
 Auditor must comply with profession’s ethical requirements, including independence.
 Quality control standards require firm to establish policies & procedures to ensure all meet
ethical requirements & maintain independence.
 Overdue client fee  affects independence
3. Establish an Understanding with the Entity
 Engagement letter: Establishes objectives/ management’s responsibilities/ auditor’s
responsibilities/ limitations of the engagement
 Using the work of internal auditors – Must determine reliability or IAF
o Objectivity, competence, systematic and disciplined approach
 Discuss the role of those charged with governance
o Board of directors and audit committee
Planning the Audit

SSA 300.2 Planning an audit involved establishing an overall strategy and audit plan
 Audit Strategy: Sets the scope, direction and timing of audit, and guides the more detailed audit
plan. Helps in determining resources needed
 Audit Plan: Sets out the nature, timing and extent of audit procedures (to conduct audit in
effective and efficient manner)  more detailed than strategy
When preparing the audit plan, the auditor should be guided by the results of the risk assessment
procedures performed to gain an understanding of entity.
Additional steps:
Steps Description
1. Assess Business  Identify the business risk that may result in material misstatements
Risk  Evaluate how the entity respond to the business risks and ensure that
control have been implemented  plan audit procedures
 Use risk audit model  restrict risk at account balance level and achieve
acceptable low level of risk
2. Establish Materiality  Overall materiality (evaluate FS as a whole)
o Based on user information needs, but not how risky a particular
account balance might be
 Performance materiality (evaluate as account, transaction level)
o Plan and perform audit procedures at the account or disclosure
level
3. Consider Multi-  Determine the locations or business units to be audited, and the extent
location or business of audit procedures
units  Assess the risk of material misstatement to the conslidated financial
statement assoicated with the location or business unit
32
 Correlates the amount of audit attention devoted to the location or
business unit with the level of risk involved
4. Assess the needs for  Auditor is still responsible for the work performance by key experts
experts  Need to evaluate on the competence and objectivity of the expert, audit
(elaborated below) the inputs used by the experts and reconcile the output, review the
export work for reasonableness
 Eg. Experts in finance, tax, valuation (environmental liabilities, jewelry,
oil) IT experts in presence of complex IT
5. Consider additional  Provide recommendations on improvement on business processes after
value-added services analyzing business risk
6. Identify related  Transactions may not be at arm’s length
parties  Need to understand the entity’s control for identifying related parties,
authorizing and approving related party transactions and accounting for
and disclosing related party transaction
 Need to inquire management the names of related parties, the nature of
the relationship, types of transactions and reasons for entering into the
transacations with related parties
7. Consider non-  Non-compliance as acts of omission or commission by the entity, either
compliance with law intentional or unintentional, which are contrary to the prevailing laws or
and regulations regulations
 Two forms of effect on material amount
o Direct (i.e. tax law, pension laws, government regulation):
Auditor’s responsibility is the same as fraud
o Indirect (i.e. environmental law, equal employment): Auditor’s
responsibility is limited to performing specified audit
procedures (i.e. inquiry of management whether entity is
following such law and regulations)
 Consider the implication for other aspects of the audit, especially the
reliability of management representation when there is non-compliance
issue
o Inform Those Charged with Governance
o Notify parties outside the entities (i.e. legal bodies)
8. Conduct preliminary  To understand client business and identify FS likely to obtain errors
analytical procedures
9. Document the overall  Document the decisions about the nature, timing and extent of audit
audit strategy and audit tests
plan  Establish linkage from the entity business objectives and strategy to
audit plans
33
Using the Work of Internal Auditor
Methods in which external auditors can use internal auditor’s work
Using the work of the internal audit function in obtaining audit evidence
 Obtain information (work done by IAF) that is relevant to external auditor in assessing the risk of
material misstatement
 May decide to use that information in partial substitution for audit evidence to be obtained directly
by external auditor
Using internal audit to provide direct assistance under the direction, supervision and review of the
external audit
Using the work of an internal audit function

Evaluate the internal audit function (in order of importance)
Objectivity The extent to which the IAF’s organizational status and relevant policies and
procedures support the objectivity of the internal auditors
 Is the function free from bias, conflict of interest or undue influence of others to
override professional judgement?
 Is the function free of any conflicting responsibilities?

Whether those charged with governance oversee employment decision of the
function
 Whether the internal auditors are members of relevant professional bodies and
their memberships obligate their compliance with relevant professional
standards relating to objectivity
Competence The level of competence of the internal audit function
 Are there established policies for hiring, training, and assigning internal auditors
to internal audit engagements?
 Whether the internal auditors have adequate technical training and proficiency
in auditing
 Whether the internal auditors possess the required knowledge relating to the
entity’s financial reporting and the applicable financial reporting framework and
whether internal auditors possess the necessary skills to perform work related
to the entity’s financial statement
 Whether the internal auditors are members of relevant professional bodies that
oblige them to comply with the relevant professional standards including
continuing professional development requirements
Work Done The approach IAF performs its work (i.e. whether is there a systematic and disciplined
approach)
 The existence, adequacy and use of documented internal audit procedures or
guidance covering areas such as risk assessments, work programmes,
documentation and reporting and it must commensurate with the size and
circumstances of an entity
 Whether the internal audit function has appropriate quality control policies and
procedures
34
Determine the nature and extent of work of the IA function that can be used
 Consider the nature and scope of the work that has been performed, or is planned to be
performed by the internal audit, and whether is it relevance to the external auditor’s overall audit
strategy and audit plan
 Extent of judgement involved to planning and perform audit procedueres and evaluating the audit
evidence gathered
o External auditor will need to perform more procedures and rely less on IAF’s work when
more judgment is needed
 Assessed risk of material misstatement at the assertion level
o Higher assessed risk of material misstatement means more judgment will be involved for
planning and performing audit procedures, and therefore external auditor will be more
directly invovled
 Whether the IAF organization status and relevant policies and procedures support the objectivity
of internal auditors
o The less objective the IAF, the more direct work the external auditor should engage in
during the work
 Level of competence of internal audit function
 Determine whether external auditor will be sufficiently involved in the audit after involving the IAF
Using IAF to provide direct assistance

Evaluate whether internal auditor can be used to provide direct assistance
 Whether are there any law or regulations that prohibit the external auditors from obtaining direct
assistance from internal auditors
 Whether are there any significant threats to the objectivity (no bias, conflict of interest or undue
influence of others to override professional judgement) of the internal auditor
o The extent to which IAF’s organizational status and relevant procedures and policies and
procedures support the objectivity of IAs
o Family and personal relationships
o Association with the division or department to which the work relates
o Existence of significant financial interests
 Whether the internal auditor lacks sufficient competence to perform the proposed work
o Refer to previous page on competence
Determine the nature and extent of work that can be assigned to internal auditors providing direct
assistance – (SSA610 A36 – A38 give examples of what can be assigned and not)
 Extent of judgement involved in planning and performing audit procedures and evaluating the
audit evidence gathered
 Assessed risk of material misstatement
 Objectivity and competence of IAF who will be providing direct assistance
35
Using the Work of Auditor’s Expert
Determine the need for an Auditor’s expert
Nature, timing and extent of audit procedures (SSA620 A10 for examples)
 Nature of the matter to which that expert’s work relates
o If the work relates to significant matter that involves subjective and complex judgment, the
auditor would need an extensive audit procedures before using te work of auditor’s expert
o Risk of material misstatement in the matter to which expert’s work relates
 Significance of that expert’s work in the context of audit
o If the expert’s work is integral to audit, the auditor would need an extensive audit
procedures before using the work of auditor’s expert
 Auditor’s knowledge of and experience with previous work performed by that expert
o If the auditor has not previously used the work of the auditor’s expert, and has no prior
knowledge of that’s expert capabilities and objectivity, the auditor would need an
extensive audit procedures before using the work of auditor’s expert
 Whether that expert is subject to the auditor’s firm quality control policies and procedures
o If the expert is an externa expert and therefore, is not subject to the firm’s quality control
policies and procedures, then the auditor would need an extensive audit procedures
before using the work of auditor’s expert
Competence  Personal experience with previous work

 Discussion with the expert, or with other stakeholders who are familiar with the
work of the expert
 Knowledge of that expert’s qualification, membership of a professional body or
industry association, license to practice
Capability Ability of expert to exercise that competence during the engagement
 Geographic location
 Availability of time and resources
Objectivity  The existence of threats (i.e. self-interest treats, advocacy threats, familiarity
threats)
 Known interest (i.e. finance interest) or relationship (i.e. business and personal
relationship) that may affect the expert’s objectivity
Obtain an understanding of the field of expertise of the auditor’s expert (a.k.a check the quality of the
work performed by the expert)
 The assumptions and methods used by the auditor’s expert, and whether they are generally
accepted within that expert’s field and appropriate for financial reporting purposes
 The nature of internal and external data or information the auditor’s expert uses
36
Materiality
SSA 320.2 Misstatements, including omissions, are considered to be material if they, individually or in
the aggregate, could reasonably be expected to influence the economic decisions of users taken on the
basis of FS
 Judgements about materiality are made in light of surrounding circumstances, and are affected
by the size or nature of a misstatement, or a combination of both
Use of Materiality in the Audit

SSA 320.A1 Materiality (and audit risk) are considered throughout the audit, in particular when:
 Identifying and assessing the risks of material misstatement (SSA 315)
 Determining the nature, timing and extent of further audit procedures (SSA 330)
 Evaluating the effect of uncorrected misstatements, if any, on the FS and in forming opinion in
the auditor’s report (SSA 700)
SSA 320.8 The objective of the auditor is to apply the concept of materiality appropriately in planning &
performing the audit (Risk assessment & Risk response)
SSA 450.11 The auditor shall determine whether uncorrected misstatements are material, individually or
in aggregate (Reporting)
37
Determining Materiality at the Planning Stage
SSA 320.10 When establishing the overall audit strategy, the auditor shall determine materiality:
(iv) For the financial statements as a whole
(v) Performance materiality for purposes of assessing RMM & determining NET of further audit
procedures
SSA 320.A10 Factors that may indicate the existence of particular classes of transactions/ account
balances/ disclosures where misstatements of lesser amounts than materiality for F/S as a whole could
reasonably be expected to influence economic decisions of users include:
 Law, regulation, applicable FRF affecting users’ expectations (e.g. Related party transaction,
director’s remuneration)
 Key disclosures in relation to industry in which entity operates (e.g. R&D costs for a
pharmaceutical co.)
 Attention focused on particular aspect of entity’s biz that is separately disclosed in the F/S (e.g.
newly-acquired business)
Step 2: Where applicable, determine

Step 1: Determine Materiality and
Materiality and PM for Classes of Step 3: Evaluate
Performance Materiality for FS as
Transcations, Account balances or audit findings
a WHOLE
Disclosure
Step 1: Determine Overall Materiality

Overall Materiality is the maximum amount by which the auditor believes the FS could be misstated and
still not affect the decisions of users
 Based on user information needs and therefore, should not be reduced based on riskiness of the
account
 Overall materiality will only change when auditor becomes aware of information that would have
cause the auditor to have determined a different amount
SSA 320 (A3-4, A13): Typically use a percentage applied to a chosen benchmark as a starting point in
determining materiality for the F/S as a whole (a matter of professional judgment)
Benchmark Relevant % SMEs Relative advantages

Profit/(loss) before tax 3 – 10, usually 5 3-7 Relevance
Total revenue 0.5 - 5 1-3 Stability
Total assets 0.25 - 2 Predictability and stability
Net assets 3-5 Predictability and stability
Total equity 1-5 3-5 Stability
Lower % for higher risk (Look at “Factors Affecting Choice of % Range”)
38
Factors affecting choice of benchmark
Focus of users  Financial performance/ profit
 Assets (creditors)
 Revenue (Growth, market share)
Nature of entity  Industry
 Source of finance
 Assets for manufacturing
Volatility or  Revenue & assets typically more stable
Stability of  Use averages of prior 3 years’ values if firm performance is volatile
benchmark
Examples:  Profit before tax from continuing operations is often used for profit-oriented
entities (e.g. public-listed)
 Net asset value or total equity (for asset-based entities like investment funds)
 Profit before owner’s remuneration and tax (for small owner-managed entities)
 Total revenue or total expenses (for not-for-profit entity)
Factors affecting choice of % (Use lower % when)

 Materiality misstatement in prior years
 High risk of fraud
 Entity close to violating a covenant in a loan agreement
 Small amount may cause the entity to miss forecasted revenues or earnings, or affect the trend in
earnings
 Entity operates in volatile business environment, has complex operations (multi-locations), or
operates in a highly regulated industry
 Management
o 1 major s/h controlling directors: internal control issues  risk of management override
control, risk of fraud  lower materiality to be more cautious
o Disputes with management over accounting issues  lower materiality
 Company type and industry
o Public interest  lower threshold & materiality because pubic has a narrower view, they
want no fraud, more cautious
o Long standing  Co. has experience & reputation in industry  higher materiality
o Sells mainly infrastructure/ construction/ defence industries  Takes long time to finish
project, long operating cycle  risk of project failure  lower materiality
o Fast growing  Pressure & opportunity for misstatement  lower materiality
o Fast-paced  Pressure on sales  lower materiality
 Falling consumer confidence
o Doesn’t really affect materiality because when economy is down, govt might inject in
defence
o Unless it is over a long period of time, then might have issues
o Generally, maybe lower materiality to manage expectations in accordance with public.
Materiality not affected by risk of misstatement  OM is always based on clients’ needs
39
Step 2: Determine Performance Materiality (PM)
SSA 320 (9 & A12): Amount(s) set by auditor at less than materiality for F/S as whole (& classes of
transactions/ account balances/ disclosures) to reduce to an appropriately low level the P (aggregate of
uncorrected & undetected misstatements exceeds materiality)
 Requires exercise of professional judgement
Purpose: to establish scope for the audit procedures for the individual account balance / disclosure
 Once exceeds materiality, auditor need to consider extending the scope of the work and revising
the audit plan
General Rule: 60% to 80% / 50% to 75% of Overall Materiality

 SMEs: 60% to 85%
 Lower = higher RMM = more extensive auditing procedures
Factors affecting choice of % range to be LOWER:

 High risk of misstatement within the account balance, class of transaction or disclosure
 Increased number of accounting issues that require significant judgment and/or more estimates
with high estimation uncertainty
 A history of significant deficiencies and/or a high number of deficiencies in internal control
 High turnover of senior management or key financial reporting personnel
 Include factors affecting the % of benchmark used for overall materiality
PM should be lowered if RMM is assessed as high  inverse relationship between risk and materiality
Step 3: Evaluate Audit Findings (Materiality of Misstatements)

SSA 450.5 The auditor shall accumulate misstatements identified during the audit, other than those that
are clearly trivial (Trivial matters are clearly inconsequential, whether taken individually or in aggregate
and whether judged by any criteria of size, nature, circumstances.)  Require JUDGEMENT!
 Evaluate the nature and cases of identified misstatements and consider the need to revise overall
audit strategy and audit plan
 Communicate identified misstatements with appropriate level of management on a timely basis
and request for correction of misstatements
Nature of Misstatements
SSA 450.A6 In evaluating the effect of misstatements & communicating misstatment w mgmt & TCWG,
it may be useful to distinguish between:
Factual  Correct first!
misstatements  About which there is no doubt (eg sales cut-off error)
Judgemental  Related to management’s selection / application of accounting policies or
misstatements judgements concerning accounting estimates that auditor considers
inappropriate / unreasonable e.g. bad debts, impairment
 Margin of error  Increase sample size
Projected  Related to auditor’s best estimate of misstatements based on projection of
misstatements identified misstatements from audit samples to entire populations
 Margin of error  Increase sample size
40
Examples that Render a Misstatement Material (SSA 450.A21)
Extent to which the misstatement:
 Affects compliance with regulatory requirements, debt covenants or other contractual
requirements
 Masks a change in earnings or other trends e.g. loss to profit
 Affects ratios used to evaluate the entity’s financial position, results of operations or cash flows
 Affects significant segment information presented in the financial statements
 Increases management compensation (e.g. by meeting bonus criteria)
Evaluation of uncorrected misstatements

SSA 450.11 The auditor shall determine whether uncorrected misstatements are material, individually or
in aggregate, considering
 Size and nature of misstatements
o Fraud (Even if below trivial, just state)
 Particular circumstances of their occurrence
o Genuine error/ recurring mistake
 Effect of uncorrected misstatements related to prior periods - Cut-off error
 Communicate uncorrected misstatements with TCWG and request for correction

 Request written representation from MGT and TCWG on whether they believe the effects of
uncorrected misstatements are immaterial, individually and in aggregate to the FS as a whole
 Modify the audit opinion if uncorrected misstatements are material, individually or in aggregate
Evaluating effect of uncorrected misstatements

In evaluating the effect of material misstatements, the auditor:
 Examines cause of misstatements and determines the impact of material misstatement on
assessment of fraud and control risk
 If misstatements for individual accounts are in excess of performance materiality, auditor would
require entity to adjust F/S
 Aggregates uncorrected misstatements from each account/ class of transactions
 Considers effect of uncorrected misstatements in prior period
 Compares aggregate uncorrected misstatement to overall materiality
o Aggregated misstatements > overall materiality  Require entity to adjust the F/S OR
issue a qualified / adverse opinion
41
Seminar 5 – Audit Risk Model / Risk Assessment / Fraud / Going Concern
Audit Risk (SSA 200)
 Is the risk that the auditor expresses an inappropriate audit opinion when the financial statements
are materially misstated
 As the basis of the auditor’s opinion, SSAs require the auditor to obtain reasonable assurance
about whether the FS as a whole are free from MM, whether due to fraud or error
 Reasonable assurance is a high level of assurance  obtained when auditor has sufficient
appropriate audit evidence to reduce audit risk to an acceptably low level
Relationship between AR and Materiality
(Effect of setting materiality at diff levels on AR and planned audit procedures)
SSA 320 (A1): Materiality and audit risk are related. They are considered throughout the audit, in
particular when:
 Identifying & assessing the RMM (SSA 315)
 Determining the NET of further audit procedures (SSA 330)
 Evaluating the effect of uncorrected misstatements, if any, on the F/S and in forming the opinion
in the auditor’s report (SSA 700)
Components of Audit Risk

Risk of Material  The risk that the F/S are materially misstated prior to the audit
Misstatements  May exist at overall financial report level and may affect many assertions (e.g.
(RMM) going concern risk) or at assertion level (SSA 200.A34)
 At assertion level , RMM consists of 2 components:
o Inherent Risk: The risk that F/S could be materially misstated, before
consideration of any related controls
o Control Risk: The risk that any material misstatement in the F/S will not
be prevented, or detected and corrected, on a timely basis by the entity’s
internal control
Detection Risk  Risk that the procedures performed by the auditor fail to detect a material
(SSA 200) misstatement that exists
 Function of effectiveness of audit procedure & its application by auditors,
which may be affected by factors such as
o Adequate planning
o Proper assignment of personnel to engagement team
o Application of professional skepticism
o Supervision & review of audit work performed
42
Reasons for detection risk
 Non-sampling Risk: Inappropriate audit procedure/ Fail to detect when
using appropriate audit procedure/ Misinterpreting audit results
 Sampling Risk: Not enough samples/ Wrong sample
Audit Risk Model
Misstatements likely to occur in client’s financial report  misstatements that bypass controls  not
detected by controls  caught by auditor  undetected by auditor
Planned DR = Planned AR / IR x CR  (RMM)

1. Set planned level of AR
Set planned level of AR such that an opinion can be issued on FS with acceptable low
level of AR at completion of engagement
2. Assess the RMM
 Assess the entity’s business risk (ie risk assessment process)
3. Solve AR equation for appropriate level of DR
*IR and CR are functions of entity and environment  auditors little or no control but DR is determined
by effectiveness of audit procedures  manipulate achieved AR by directly controlling DR
Achieved AR ≤ Planned level  Unmodified

Achieved AR > Planned level  Additional audit work or modify audit opinion
AR RMM DR Explanation
Very low High Low  Conduct more thorough investigation of accounts
Low Moderate Moderate
Low Low High  Low risk of MM hence gather less evidence
Limitations of the Audit Risk Model

 Audit risk is subjectively determined
 Model is based on each factor being independent when they are not
 Hard to accurately assess each component of audit risk
43
Auditor’s Business Risk (SSA 200.A35)
 Also called engagement risk
 Risk that the auditor is exposed to loss/injury to professional practice from litigation, adverse
publicity or other events arising in connection with F/S audited and reported on
 Examples
o Client’s reputation affects firm’s reputation (Association)
o Quote fees that are too low
Examples of relationships between AR, ABR and CBR:

AR & ABR  First year audit for a new client (high RMM, listed co.) litigation
AR & CBR  Receive kickbacks (E.g. IKEA manager took bribes. AR – lack of control; CBR –
fraud, obj. to abide by regulation; reputation not affected – fraud is hard to detect)
ABR & CBR  Corporate scandal (NKF, no audit failure, but PwC suffered)
AR, ABR &  Going concern
CBR  Fraud
 Operate in a politically unstable area
Client’s Business Risk (SSA 215)

 A risk resulting from significant conditions, events, circumstances, actions or inactions that could
adversely affect an entity’s ability to achieve its objectives and execute its strategies, or from the
setting of inappropriate objectives and strategies
 Look at performance measures etc.
 Eg. Failure to launch product fast enough for market (launch only 8 out of 10 products)
Why assess client’s business risk?

 CBR include any external or internal factors, pressures, and forces that bear on the entity’s ability
to survive and be profitable
 Implications for auditor:
o Risk of materiality misstatement (IR and CR) SSA 315
o ABR (engagement risk)
o FS expectations (SSA 520)
o Going-concern risks (SSA 570)
o Value-added advice and service (non-audit services)
44
Overview of Risk Assessment Process to determine CBR
45
1. Understanding Entity’s Business and its Environment
SSA 315(11) Auditor is required to obtain an understanding of the entity and its environment, including
the entity’s internal control:
 Relevant industry, regulatory and other external factors
 Nature of entity, ownership & governance, operating, investing & financing activities
 Selection and application of accounting policies
 Objectives & strategies, related business risks that may result in risks of misstatement
 Measurement and review of entity’s financial performance
Nature of entity  Entity’s organizational structure and management personnel

 Source of funding of the entity’s operations and investment activities
 Entity investment
 Entity’s operating characteristics, including its size and complexity
 Sources of the entity’s earnings, including the relative profitability of key
products and services
 Key supplier and customer relationships
 Financial reporting and accounting policies, including revenue recognition
principles and accounting for fair value
Industry  Market competition
condition  Product technology relating to entity’s products
 Cyclical or seasonal activity
 Energy availability and cost
Regulatory  Accounting principles and industry specific practices
environment  Regulatory framework for a regulated industry
 Legislation and regulation that may affect entity’s operation
 Taxation
 Government policies
 Environmental requirements
Other external  Level of economic activity such as recession or growth
factor  Interest rate and availability of financing
 Inflation and currency revaluation
Objectives,  Specific businesses risk embedded in the process of pursuing objective and
strategies & BR strategies
 Example: Risk arise from the development of a new product as new product
may fail, result in lawsuits or damages to company’s reputation when pursuing
its objectives
Entity  Performance measures may include (1) key performance indicators, which
performance could be both financial and non-financial; (2) budgets; (3) variance analysis; (4)
measures comparison of an entity’s performance with that of competitors
 Look at entity performance measures because a deviation or failure to meet the
performance measure may indicate a risk of misstatements in the related
financial statement
Internal control  Refer to next seminar
46
2. Evaluate Entity’s Reaction to the Risk
 Business risk itself does not necessarily = RMM  need to consider management response to
BR to decide RMM
 If the entity’s response to the identified risk is adequate, the risk of material misstatement may be
reduced (and vice versa)
 Need to look at internal controls with regards to test of controls to determine adequacy of controls
3. Responses to Assessed Risks

SSA 315(5) Risk assessment procedures by themselves do not provide sufficient appropriate audit
evidence on which to base the audit opinion
SSA 315(25) The auditor shall identify & assess the risk of material misstatement:
 At the F/S level
 At the assertion level for classes of transactions, account balances, and disclosures, taking into
account relevant controls the auditor intends to test
To provide a basis for designing and performing further audit procedures
Reponses to Assessed RMM at FS level Responses to Assessed RMM at Assertion level

SSA 330 (5,A1-3) The auditor shall design and SSA 330 (6, A4-16) The auditor shall design and
implement overall responses to address the perform further audit procedures whose nature,
assessed RMM at the F/S level, including: timing, and extent are based on and are
 Emphasizing to the audit team the need to responsive to the assessed risks of material
maintain professional skepticism misstatement at the assertion level:
 Assigning more experienced staff/ those with
special skills or using experts Nature  Purpose (Tests of control vs.
 Providing more supervision substantive procedures)
 Type (Confirmations vs.
substantive analytical
procedures)
47
 Incorporating additional elements of Timing  Low risk  interim date
unpredictability in the selection of further audit  High risk  period end
procedures to be performed
o Change sample size (5 warehouses Extent  Sample size
instead of top 3)  Frequency of observation
 Making general changes to the nature, timing,
or extent of audit procedures
o Eg Performing substantive procedures
at the period end instead of at an
interim date; modifying the nature of
audit procedures to obtain more
persuasive audit evidence
Example:
RMM at Overall F/S level RMM at Individual Assertion Level
 Management has close relationship with  Royalty fee complexity (both an expense and
partner  fraud risk an income  accuracy, cutoff, completeness
 New audit client/industry  might result in  Capitalization of cost of development 
wrong risk assessment since don’t know completeness of expense
account & industry well  Emergence of technology (obsolescence) 
 Major lawsuit  going concern risk valuation of PPE
 Managing director is majority S/H: pressure  Collect $$ in packages  affect revenue
to succeed  fraud risk/ override controls recognition
 Wants to get bank loan to finance  might o Overstatement: occurrence, cutoff
manipulate F/S to satisfy covenants o Unearned Revenue: completeness
 Lawsuit  completeness of provision
 Intangible assets (capitalize cost of
patent/copyright)  valuation
Other Significant Risks

SSA 315 (27-28) As part of risk assessment, auditor shall determine whether any risks identified are
significant risks, including:
 Fraud
 Significant economic, accounting or other developments
 Complex transactions
 Significant transactions with related parties
 Financial information involving high measurement subjectivity or uncertainty
 Significant transactions outside normal course of business or otherwise appear unusual
Such risks are associated with a HIGHER RMM because they often involve significant non-routine
transactions or judgmental matters, and are less subject to routine controls
Response to Significant Risks

 Perform TOC that mitigate the significant risk when intending to rely on those controls and
 ALWAYS perform SP that directly respond to the significant risk
 When approach to significant risk consists only of substantive procedures, those procedures shall
include TOD
48
Misstatement due to Fraud (SSA 240)
Misstatements in FS can arise from:
 Error (unintentional)
 Fraud (harder to detect): Intentional act by one or more individuals among management,
TCWG, employees or third parties, involving use of deception to obtain an unjust or illegal
advantage
o Fraudulent financial reporting (usually committed by management)
 Manipulation/falsification/alteration of records/documents
 Misrepresentation/omission of effects of transactions from records/documents
 Intentional misapplication of accounting policies
o Misappropriation of assets (“defalcation”) (usually committed by employee)
 Embezzling cash
 Stealing physical assets or IP
 Causing an entity to pay for goods not received
 Using entity’s assets for personal use
49
Auditor’s Responsibility for Fraud
 The primary responsibility for the prevention and detection of fraud rests with mgmt and TCWG
 Not the responsibility of the auditor
 An auditor conducting an audit in accordance with SSAs is responsible for obtaining reasonable
assurance that the F/S taken as a whole are free from material misstatement, whether caused by
fraud or error  Responsibility of the auditor
 In relation to RMM due to fraud, auditor should
o Identify & assess RMM due to fraud
o Design & implement appropriate responses
o Respond appropriately to identified or suspected fraud
Auditor’s Response to Overall Heightened Risk of Fraud (SSA 240)

 Maintain professional skepticism throughout the audit, recognizing the possibility of fraud
 Discuss susceptibility of F/S to fraud among engagement team
o Different people may realize different things, adding up those pieces may paint a picture
of fraud.
o Emphasize importance of maintaining professional scepticism
Perform relevant risk assessment procedures, including:
 Enquire mgmt and others within the entity (including internal auditors), and TCWG:
o Find out about co.’s fraud risk management process
o Find out co.’s view on risks of fraud (Knowledge of actual, suspected or alleged fraud)
 Apply analytical procedures to identify unusual/unexpected relationships that may be indicative
of fraud
 Consider other information (e.g. from client acceptance process or other engagements) that
may be indicative of fraud
o Understand the client’s period-end closing process & investigate unexpected period end
adjustments
 Evaluate fraud risk factors (see examples in Appendix 1 of SSA 240)
Fraud Risk Triangle – fraud risk factors

1. Management or other employees have an incentive / under pressure that provides a reson to
commit fraud
2. Circumstances exist that provide an opportunity for a fraud to occur
3. Those involved are able to rationalise committing a fraudulent act. Some individuals possess an
attitude, character or set of ethical values that allow them to knowingly and intentionally commit a
dishonest act
The greater the incentive or pressure, the more likely an individual will be able to rationalise the
acceptability of committing fraud.
Refer to page 121 – 123 for factors leading to fraudulent reporting and misappropriation of assets
50
RMM due to Fraud: Risk Assessment & Reponses
Identify & assess RMM due to fraud at FS and assertion level
Presumed risks of fraud in:
 Fraud in revenue recognition (assertion level)
 Management override of override of controls (FS level)
FS level SSA 240(A33-36)
(overall  Increased sensitivity in selection of nature & extent of documentation to be
response) examined in support of material transactions
 Increased recognition of need to corroborate (confirm) mgmt. explanations
concerning material matters
 Assigning additional individuals w specialized skill & knowledge (forensic & IT
experts)
 Assigning more experienced individuals to the engagement
 Extent of supervision reflects the auditor’s assessment of RMM due to fraud &
competencies of the engagement team members performing the work
 Incorporate unpredictability element in the selection of NET of audit procedures to
be performed, as individuals within the entity who are familiar w the audit
procedures normally perf. on engagements may be more able to conceal fraudulent
financial reporting
 Perform substantive procedures on a/c balances/assertions not otherwise tested due to

materiality or risk
 Adjust timing of audit procedures from that otherwise expected
 Use different sampling methods
 Perform audit procedures at different locations or at locations on an unannounced basis
Assertion SSA 240 (A34-40, Appendix 2)

level Nature: Should be changed to obtain audit evidence that is more reliable and relevant/
obtain more detailed corroborative information
 Physical observation may become more important
 Design procedures to obtain additional corroborative information
Timing: Perform substantive testing at or near the period end to better assess RMM due to
fraud
Extent: Increase sample size, more detailed analytical procedures. Computer assisted
audit techniques may enable more extensive testing of electronic transactions and account
files.
RMM due to fraud that affects inventory quantities

 Examining entity’s inventory records
o Helps identify locations or items that require specific attention during or after
the physical inventory count
o Such a review may lead to a decision to observe inventory counts at certain
locations on an unannounced basis/ conduct inventory counts at all locations
on same date.
51
RMM due to fraud affecting many accounts & assertions
 Asset valuation
 Estimates relating to specific transactions (such as acquisitions, restructurings, or
disposals of a segment of the business)
 Other significant accrued liabilities (such as pension and other postemployment
benefit obligations, or environmental remediation liabilities).
The RMM due to fraud may also relate to significant changes in assumptions relating to
recurring estimates
 Info gathered through obtaining an understanding of entity may assist auditor in

evaluating the reasonableness of mgmt estimates & underlying judgments &
assumptions
 A retrospective review of similar mgmt judgments and assumptions applied in prior
periods may provide insight abt reasonableness of judgments & assumptions
supporting mgmt estimates
Auditor’s Responses to RMM due to Fraud

Perform Audit Procedures to Address Risk of Management Override of Controls:
 Test appropriateness of journal entries and other adjustments (See if assumptions are valid)
 Review accounting estimates for bias (FV/ impairment/ warranties)
 Assess business rationale of significant transactions
Obtain Written Representations from Management & TWCG:
 Acknowledgement of responsibility for internal control to prevent and detect fraud
 Results of management’s assessment of RMM due to fraud
 Any known, alleged or suspected fraud
Auditor’s Responses to Identified/ Suspected Fraud

 Evaluate implications for other aspects of audit (e.g., risk assessments and audit plan, reliability
of evidence collected)
 Communicate with management and TCWG on timely basis (including control deficiencies)
 Consider the need to:
o Report to outside authorities
o Withdraw from engagement
o Seek legal advice
Considerations of Laws and Regulations (SSA 250)

Non-compliance with laws and regulations may have material effect on F/S because:
 Some laws and regulations have direct effect on the determination of material amounts and
disclosures in F/S (e.g., tax laws, disclosures required by SGX regulations)
o Auditor needs to obtain sufficient appropriate evidence regarding compliance with these
laws and regulations
 Non-compliance with certain laws and regulations may lead to material penalties, and restrictions
to, or inability to continue, operations
o Auditor needs to perform audit procedures to identify instances of noncompliance with
these laws & regulations
52
o (e.g., inquiry of mgmt and TCWG, inspection of correspondences with relevant
authorities)
Auditor’s Responsibility to Report Fraud/non-compliance

Report non-compliance with Companies Act S207(9)
If an auditor is satisfied that
(a) there has been a breach/non-observance of any provisions of this act and
(b) the circumstances are such that in his opinion the matter has not been/ will not be adequately
dealt w by comment in his report on accounts/ consolidated accounts, by bringing the matter to
the notice of the directors of the co./dir. of its holding co. ,
He shall immediately report the matter in writing to the Registrar.
Report fraud directly to Minister Companies Act S207(9A)

If auditor of a public co./ subsidiary of public co. has reasons to believe that a serious offence involving
fraud or dishonesty is being/has been committed against the co. by officers/ employees of co.
 Immediately report to Minister
Examples of Detecting Fraud, and Designing Controls to Prevent & Detect Fraud
Fraud How auditor detects fraud Control to prevent/detect fraud
Accountant manages co.’s invt Analytical Procedure Check Segregation of Duty: Person who
activities. Most of co.’s funds if amt of income recorded in does recording cannot have
invtd in bonds & FDs. I/S corresponds to expected authorization to use investment funds.
Accountant diverted substantial income as per investment
amts of investment earnings. policy. Bonds and FDs Analytical Procedure on your own:
To cover up, systematically usually should have a fixed Ask co.to do analytical procedure on
under-recorded income stream of income. its own, check and tally investment
earned. statement & policies on regular basis.
The purchasing clerk sets up Send Confirmation Segregation of Duty: Set up 2 clerks
a fictitious vendor & If fictitious, there won’t be a - 1 for approval of purchasing, 1 for
periodically prepared PO to the reply, address might be preparing & sending PO.
fictitious vendor. He then funny
created bogus receiving Separate list of vendors & list of
reports, vendor invoices, and Stock Take approved vendors (remove control frm
PO to the AP for processing. Perpetual, check if inventory single purchasing clerk)
tallies w inventory records
Periodic, missing items will be considered sold. Fraud Segregation of Duty: Add another
purchase  missing items à higher expenses. Do analytical clerk to perform receiving function
procedure for gross margin fluctuations
Purchasing clerk systematically Review Procurement Competitive Bidding:
paid higherthan-market prices Approval Process: Check implement this once in a while to
for goods received frm an impt that vendors are from check if vendor quotes are
vendor. Purchasing clerk approved list. competitive (ask for multiple
received perks from vendor & quotations)
kickbacks amounted to more Rotation: rotate the duties of the
than half of the purchasing purchasing clerk to break off the chain
clerk’s regular annual salary. of kickbacks.
53
Documentation of Auditor’s Risk Assessment & Response
Audit standards require extensive documentation of auditor’s risk assessment procedures (including
fraud risk assessment), & audit responses to identified risks.
Other areas that require documentation

 Discussion among engagement team, significant decisions reached, when/how discussion
occurred, and the audit team members involved
 Steps done to get knowledge about entity’s biz & its environment include documentation of:
o Risks identified
o Evaluation of management’s response to such risks
o Auditor’s assessment of the risk of error/fraud, factoring in entity’s risk response
 Fraud risks/other conditions that led auditor to believe that more audit procedures or other
responses and other responses were needed to address such risks/conditions
 Scope of procedures done in response to RMM due to fraud and results of that work
 Nature of communication about fraud made to management, TCWG, and others
Communication about Fraud to Mgmt & Those Charged w Governance

 Fraud involving senior mgmt. & fraud that causes a material misstatement of F/S  Report
directly to board of directors
 No need to disclose fraud
o Precluded by auditor’s ethical/ legal obligations of confidentiality
 IEBSA Code of Ethics for Professional Accountants provide guidance on circumstances where
auditors should disclose confidential info/ when disclosure may be appropriate
54
Going Concern (SSA 570)
Definition
 Going concern (GC) assumption: entity will continue in business for the foreseeable future
 Audit implications if GC assumption not appropriate:
o Assets may not be realized at book value
o Assets/liabilities to be reclassified as short-term
o Need to provide for costs of business closure
Management’s Responsibility  Assess the entity’s ability to continue as a going concern
Auditor’s Responsibility SSA 570.6
 Obtain sufficient appropriate evidence on appropriateness of management’s use of GC

assumption
 Conclude whether a material uncertainty (MU) exists that may cast significant doubt about
entity’s ability to continue as a going concern
 Determine implications on auditor’s report
 When performing risk assessment procedures and throughout the audit, auditor should consider
events or conditions that, individually or collectively, may cast doubt on entity’s ability to continue
as a going concern:
Financial indicators (e.g., net liability position, negative operating CF, inability to pay
interest)  Ratios: current ratio, D/A ratio, profit margin
Operating indicators (e.g., loss of key management or customers, dependence on
success of 1 project, work stoppages)
Other indicators (e.g., non-compliance with key regulations)
 If such events or conditions exist, auditor should evaluate mitigating factors (e.g., availability of
alternative funding), including feasibility and effectiveness of management’s action plans, to
determine whether a material uncertainty exists
o Obtain a confirmation of the existence, legality & enforceability of arrangements made w
3rd parties to provide additional financial support to the entity
o Auditor also needs to be satisfied w the capacity & intention of 3rd party to provide
necessary level of support
o Formal agreements may not exist/ may be legally unenforceable, and there may be
insufficient evidence available to the auditor to assess the financial standing of the
provider
GC Considerations
Financial Distress
Financial Conditions Ratios

• Recurring operating losses • Net worth/total liabilities
• Current-year deficit • Working capital from operations/total
• Accumulated deficits liabilities
• Negative net worth • Current assets/current liabilities
• Negative working capital • Total LT liabilities/ total assets
• Negative CF • Total liabilities/total assets
• Negative income from operations • Profit before tax/net sales
• Inability to meet interest payments
55
Other Conditions & Events
Other Financial Internal Matters External Matters
Difficulties
• Default on loans • Net worth/total liabilities • Work stoppages
• Dividends in arrears • Working capital from • Uneconomic LT commitments
• Restructuring of debt operations/total liabilities • Dependence on the success
• Denial of trade credit by • Current assets/current of 1 project
suppliers liabilities • Legal proceedings
• No additional sources • Total LT liabilities/ total • Loss a major customer/
of financing assets supplier
• Total liabilities/total assets • Loss of a key franchise/
• Profit before tax/net sales license/ patent
Implications on Auditor’s Report

If GC assumption is appropriate but material uncertainty exists:
 If Adequate disclosure made in F/S SSA 570.19

o Unmodified opinion & include an Emphasis of Matter paragraph (old)
o Separate GC section “Material Uncertainty Related to Going Concern” (revised)
o To highlight existence of MU relating to event that may cast significant doubt on the
entity’s ability to continue as GC
o To draw attention to the note in F/S for disclosure
 If Inadequate disclosure made in F/S SSA 570.20
o Qualified or adverse opinion
o State: MU that may cast significant doubt about entity’s ability to continue as GC
If GC assumption is inappropriate SSA 570.21
 If FS prepared using GC basis of accounting but auditor finds it inappropriate, then express
adverse opinion, and no GC section in report.
Effect of GC disclosure: self-fulfilling prophecy by interfering with company ability to get capital from bank
New Implications on Auditor’s Report (Revised SSA 570)
 Explicit description of respective responsibilities of mgmt. & auditor

 Separate GC section required when MU exists, with heading “Material Uncertainty Related to
Going Concern”
 New requirement to evaluate adequacy of disclosures in “Close Call” situations
o SSA 570.20(R) If conditions have been identified that may cast significant doubt on the
entity’s ability to continue as a GC, but based on audit evidence obtained, the auditor
concludes no MU exists, the auditor shall evaluate whether the F/S provides adequate
disclosures about these events
56
Seminar 6 – Internal Control / Control Effectiveness
What is Internal Control?
COSO Internal Control Integrated Framework (p.187)
 Internal control is a process designed and effected by an entity’s BOD, management, and other
personnel to provide reasonable assurance that the organization’s objectives are being met:
o Reliability, timeliness, transparency of internal & external, non-financial & financial
reporting
o Effectiveness & efficiency of operations (including safeguarding of assets)
o Compliance with applicable laws & regulations
o Help management better control the organization
 An effective system of IC allows mgmt. to focus on operations & financial performance goals
whilst maintaining compliance w relevant laws & minimizing surprises
 SSA 315(12): Most controls relevant to audit are likely to relate to financial reporting
Management’s Responsibility over Entity’s Internal Control

SSA 200(A2) An audit in accordance w SSAs is conducted on the premise that management and TCWG
have acknowledged their responsibility for:
 Preparation of F/S in accordance w applicable financial reporting framework
 Internal control necessary for preparations of F/S free from material misstatement
Companies Act (S199, 2A) Every public co. & every subsidiary of a public co. shall devise &
maintain a system of internal accounting controls sufficient to provide a reasonable assurance that
 Assets are safeguarded against loss from unauthorized use/ disposition; and
 Transactions are properly authorized & recorded to permit the preparation of true & fair p/l
accounts and B/S to maintain accountability of assets
Reporting on Internal Control

Code of Corporate Governance 2012 (Principle 11): The board should comment on the adequacy and
effectiveness of the internal controls including financial, operational, compliance and IT controls and risk
management systems, in the company’s Annual Report
SGX listing rules 1207(10) and 1204(10): Board to opine, with the concurrence of AC, on the adequacy
of ICs, addressing financial, operational, compliance in the annual report (MANDATORY)
Auditors’ Responsibility over Entity’s Internal Control

SSA 315(12) Obtain an understanding of IC relevant to audit when identifying & assessing RMM
Typical audit procedures used include (Test of Controls):
 Inquiry of entity’s personnel
 Observing application of specific controls
 Inspecting documents and reports
 Tracing transactions through the information system relevant to financial reporting
(“walk-through” – select one/a few samples to understand the design of control)
SSA 265: Communicate identified control deficiencies to TCWG & management that are of sufficient
importance to merit their respective attention
In some jurisdictions (USA), but not SG, auditors are required to express an opinion on effectiveness of
IC over financial reporting for public co.
57
The COSO Framework – Components of Internal Control (p. 188)
Control Environment
 Set of standards, processes and structures that provide the basis for carrying out internal control
across the organization
 Board of director and senior management establish the tone at the top regarding the importance
internal control and expected standard of conduct (i.e. their attitude, awareness and action
reflects the importance of control)
Principles Description
#1: The organization  Management attitude (i.e. integrity, ethical values, philosophy, operating
demonstrates a style) set the tone
commitment to integrity  Tone must be committed to employee, reinforced by day-to-day practice
and ethical values  Tone is best communicated within an entity through the use of policy
statement, code of conduct and training
 Deviation from standards of conduct must be promptly addressed
 Management’s approach to taking and monitoring business risks and
financial reporting may signal information regarding commitment to
these values
 Remove incentives and opportunity that might lead to personnel to
engage in dishonest, illegal or unethical acts
#2: TCWG demonstrate  Those charged with governance significantly influence the control
independence from consciousness of the entity
management and o Must take their fiduciary responsibilities seriously and actively
exercise oversight of oversee the entity
the development and  Factors that affect the effectiveness of TCWG
performance of internal o Experience of members and independence from management
control o Extent of involvement with and scrutiny of the entity’s activities
o Information availability and willingness/ ability to act on info
o Extent to which difficult questions are both raised and pursued
with management
o Nature and extent of interactions with internal & external auditors
58
#3: Management  Organizational structure defines how authority and responsibility are
establishes, with TCWG delegated and monitored
oversight, structures,  Focus on the assignment of authority and responsibility, establishment
reporting lines, and of reporting relationships and authorization hierarchies, setting of
appropriate authorities policies and providing resources for carrying out duties
and responsibilities in  Ensure that all personnel understand the objectives, know how
the pursuit of objectives individuals’ action contribute to the firm, their control-related
responsibilities, recognize how and for what they will be held
accountable
 Eg. Well specified organisational chart that indicates line of authority
and responsibility
#4: The organization  Quality of internal control relates to the quality of personnel operating
demonstrates a the system
commitment to attract,  Need to have sound personnel policies to hire and train competent and
develop and retain trustworthy people
competent individuals in o Competent  have the knowledge and skills necessary to
alignment with accomplish the task that define an individual’s job
objectives  Related controls could be
o Establish standards that emphasize seeking the most qualified
individual, with emphasis on educational background, prior
working experience
o Specify the competence level for a job and translate into detailed
job description
#5: The organization  Establish performance measures, incentives and rewards appropriate
holds individuals for responsibilities at all levels of the entity, reflecting reasonable
accountable for their expectations and standards of conduct for both short and long term
internal control objectives
responsibilities in the o Should be in-line with internal control consideration
pursuit of objectives  Evaluate performance of internal control responsibilities, including
adherence, and provide rewards or exercise disciplinary action when
necessary
Risk Assessment Process (Precondition: Establishment of objectives)

 Dynamic and iterative process for identifying and analysing risks to achieving the entity’s
objective, forming a basis for determining how risk should be managed (Esp relevant to FS)
 Consider possible external environment and within its own business that may impede its ability to
initiate, authorize, record, process and report financial data consistent with management’s
financial statement assertions  Significance & likelihood of occurrence? How to manage?
#6: The organization  Internal control objectives are organized into three categories,
specific objectives with mainly operations, compliance and reporting
sufficient clarity to enable  Objective of external financial reporting include preparation of
the identification and financial statement has to
assessment of risks relating o Be consistent with the applicable financial reporting
to objectives framework
o Consider materiality
o Faithful reflection of the underlying transactions and events
59
o Relevance, faithful representation, comparability, verifiability,
timeliness and understandability
#7: The organization  Management considers risk that threaten the achievement of
identifies risks to the objectives at all levels of the entity and takes the necessary actions
achievement of its to respond
objectives across the entity  Factors to consider
and analyses risks as a o Severity
basis for determining how o Velocity
the risks should be o Persistence of risk
managed o Likelihood of the loss of assets
o Related impact of operations
 Establish tolerance for accepting risk and its ability to work within
these risk level
#8: The organization  Consider the incentives and pressures, opportunities for
considers the potential for unauthorized acquisition, use or disposal of assets, altering of the
fraud in assessing risks to entity’s reporting records or other inappropriate acts and how they
the achievement of might rationalize inappropriate actions
objectives
#9: The organization  Consideration of possible changes and its impact in internal or
identifies and assess external environment (regulatory, economic, physical)
changes that could o External: Changing reliance on foreign geographic,
significantly impact the Business/regulatory landscape, new technologies,
system of internal control o Internal: Changes in attitudes and philosophies from the
change in management
Control Activities (Eg. approvals, authorisations, verifications, reconciliations, segregation of duties)

 Policies and procedures that ensure management’s directives are carried out and implemented to
address risks identified in the risk assessment process
#10: Organization  Ensure that risk responses that are intended to address and mitigate the risk
selects and are carried out
develops control Categorize into:
activities that  Performance review
contribute to the o Review actual performance vs budget, forecast, prior periods and
mitigation of risks competitors
to the achievement o Periodically check the quality of subordinate’s work
of objectives to o Review performance reports for units and personnel under supervision
acceptable levels o Periodically review or reperform subordinate’s account reconciliation
o Review and analyse relationship among both financial and non-
financial information
 Physical control
o Adequate safeguards and secure facilities to protect against theft of
assets or records
o Authorization for access to computer programs or files
o Periodic counting and comparison with amount shown on control
records
60
 Segregation of duties
o Segregation of CAR  reduce opportunity for one to perpetrate and
conceal errors or fraud, while benefit from the asset
 Information Processing Control
o General control and application control
#11: Organization  General controls relate to overall information processing environment and
selects and include controls over data centre and network operations
develops general o Requires adequate documentation and testing before implementation
control activities o Example: System software and application system acquisition, access
over technology to security, change and maintenance
support the  Application controls apply to the processing of individual applications and help
achievement of ensure the occurrence, completeness and accuracy of transaction processing
objectives o Example: checks or matching to approved control files
#12: Organization  Policy is a rule or guideline that calls for certain activities to take place in
deploys control certain circumstances
activities through o Example: Manager to review purchase over $1,500
policies that  Procedures is the review itself, performed in a timely manner and with
establish what is attention given to factors set forth in the policy, such as nature and volume,
expected and and their relation to furthering the entity’s objectives
procedures that put
policies into action
Information and Communication

 Information is necessary for the entity to carry out internal control responsibilities in support of
achievement of its objectives
 Communication enables personnel to understand internal control responsibilities and their
importance to the achievement of objectives
#13: The organization  Information system relevant to the financial reporting objective –
obtains or generates and initiate, authorize, record, process and report an entity’s transactions
uses relevant, quality and to maintain accountability for the related assets and liabilities
information to support the  Effective accounting system:
functioning of internal o Identify and record all valid transactions
control o Describe on a timely basis in sufficient detail for proper
classification
o Measure the value of transactions to reflect the proper
monetary value
o Determine the time period to record in the proper accounting
period
o Properly present and disclose in the FS
#14: The organization  Provides an understanding of individual roles and responsibilities
internally communicates pertaining to internal control over financial reporting, how their work
information, including affects the others and means of reporting unusual items to higher
objectives and level within the entity
responsibilities for internal  Communication can be made via
control, necessary to o Policy manuals
61
support the functioning of o Accounting and reporting manuals
internal control o Memoranda
o Actions of management
#15: The organization  Enable inbound receipt of relevant information
communicates with  Provides internal control-related information in response to outside
external parties regarding requirements and expectations
matters affecting the
functioning of internal
control
Monitoring of Controls
 Assess the quality of internal control performance over time and monitor to determine if they are
operating effective  To provide reasonable assurance
 Monitor to determine whether controls needs to be redesigned when risks change
#16: The organization selects,  Can be done via ongoing activities or separate evaluations
develops, and performs  Can use internal auditors or personnel performing similar
ongoing and/or separate functions in other areas to monitor the operating effectiveness of
evaluations to ascertain internal control
whether the compounds of o Example: Review whether bank reconciliations are being
internal control are present and prepared on a timely basis and are reviewed by internal
functioning auditors
#17: The organization  Check for errors and to communicate control deficiencies
evaluates and communicates  If management assumes data used for monitoring are accurate,
internal control deficiencies in errors may exist in the information
a timely manner to those o Potentially leading mgmt. to incorrect conclusions
parties responsible for taking  Monitoring ineffective if identified control deficiencies are not
corrective action (TCWG, communicated in a timely way to TCWG
senior management)
62
Control Risk Assessment and Audit Strategy
Control risk assessed at MAXIMUM (Substantive strategy)

 Auditor does not intend to rely on entity’s internal controls to reduce substantive testing because
he concludes that:
o Internal controls are not effectively designed or implemented (hence reliance strategy not
justified), OR
o A substantive strategy is more efficient
 Use substantive strategy when:
o The implemented controls do not pertain to the assertion the auditor is considering
o The implemented controls are assessed as ineffective
o Testing the operating effectiveness of the control would be inefficient
o Perform substantive procedures if it more effective and efficient in restricting detection risk
to an acceptable level, as compared to test of control (i.e. limited number of LT debt)
Control risk assessed at BELOW maximum (Reliance strategy)

 Auditor intends to rely on entity’s internal controls to reduce substantive testing
o Need to test operating effectiveness of controls to assess if the “achieved” level of control
risk is in line with the “planned” control risk (ie whether preliminary assessment of control
risk is supported)
o Identify specific internal controls that will be relied upon
(Will be discussed in further details below)
63
Testing Operating Effectiveness of Internal Control
SSA 330(8): Auditor shall test the operating effectiveness of relevant controls if:
 Auditor’s assessment of RMM at the assertion level includes an expectation that the controls are
operating effectively (i.e. auditor intends to rely on operating effectiveness of controls in
determining NET of substantive procedures); OR
 Substantive procedures alone cannot provide sufficient appropriate audit evidence at the
assertion level (e.g., for highly automated systems like bank cannot do substantive testing)
Understand and have knowledge of internal control to

 Identify the types of potential misstatement
 Pinpoint the factors that affect the risk of material misstatement
 Design the test of controls and substantive procedures
May consider the need of an IT expert when IT is involved

 The complexity of the entity’s IT system and controls, and the manner in which they are used in
conducting the entity’s business
 The significance of changes made to existing systems, or the implementation of new systems
 The extent to which data are shared among systems
 The extent of the entity’s participation in electronic commerce
 The entity’s use of emerging technologies
 The significance of audit evidence that is available only in electronic form
*Step 1: Establish whether control exists:

Audit Procedures to obtain an understanding of an entity’s internal control include
 Inquiry of appropriate management, supervisory and staff personnel
 Inspection of entity document and reports
 Observation of entity activities and operations
 Tracing transactions (walkthrough) through the information system, which allow the auditor to
better understand if the control is effective a not
*Step 2: Establish whether control is operating effectively:

Considerations to be taken when evaluating the test of controls
 Who performs the control (i.e. is there segregation of duties? the experience of the personnel
performing the control?)
 How well was the control performed
 How consistent was the control applied throughout the period of intended reliance (i.e. is there a
change in personnel during the period of intended reliance?)
 Other potential risk factors
o Changes in personnel (i.e. new personnel have not adapted to the environment, hence
higher risk of material misstatement)
o Seasonal fluctuations in volume of transactions (i.e. business cannot cope with huge
fluctuations. Hence, hire part-timers  may make mistakes; regular will make mistakes
due to long working hours; hence control risk high during high period of volume)
 Any supervisory measures over the control throughout the period of intended reliance (i.e. if there
is no supervisors overseeing it, employees might not follow)
64
Application of COSO Framework for Reliance Strategy
Components of Description
Internal Controls
Understanding the  Understand the TCWG and management’s attitude, awareness and
Control Environment actions concerning to the control environment
 Includes knowledge of the COSO Framework
 Use flowchart to document the auditor’s understanding of an entity’s
internal control over financial reporting
Understand the Entity’s  Understand how management considers risks relevant to financial
Risk Assessment reporting objectives and decides what to do to address those risks
Process  Eg. Oil industry: how entity manage environmental risk
Understanding Control  Understanding of control activities will affect the type of audit strategy
Activities adopted
 Substantive strategy  Little work is done on understanding control
activities
 Reliance strategy  Have to understand the control activities that relate
to assertions for which a lower level of control risk is expected
 Use walk-throughs to gain a better understanding
Understand the  Understand how each business process affects significant account
Information System and balances in the FS, including how transactions are initiated and
Communications (pg authorized, how documents and records are generated, and how the
203 for more) documents and records flow to the GL and FS
 Need to understand how IT is used for data processing
 To provide assurances that FS are properly prepared and presented
Understanding  Understand the major types of activities that the entity uses to monitor
Monitoring of Controls internal control + source of information relating to those activities + how
those activities are used to initiate corrective actions to its controls
Documenting the understanding of internal control (Can have combination of approaches)

Procedures manuals and organization charts
 Procedures Manual: Document entity’s policies and procedures, accounting system and related
control activities
 Organization Chart: Designated lines of authority and responsibility
Internal Control Questionnaires
 Generally used for entities with relatively complex internal control
 Provides a systematic means for auditor to investigate areas such as internal control
 Contain important questions about important factors or characteristics of the five internal
components
Flowcharts
 Provides a diagrammatic representation of the entity’s accounting system
 Can help auditor to analysis the system’s strengths and weakness
Narrative Description
 Most appropriate for entity with simple internal control system
 Understanding of the internal control may be documented in a memorandum
65
Effect of Entity Size on Internal Control
Large entity may adopt a written code of ethics, while small or mid-size entity may develop a culture that
emphasize integrity and ethical behavior
 Firms may adopt different methods to achieve effective internal control
Basic concepts of COSO (5 components) should be presented in entities
 May be less formal for small or mid-size entity
Limitations of Internal Control

SSA 330(18) Irrespective of the assessed RMM, the auditor shall design and perform substantive
procedures for each material class of transactions, account balance, and disclosure
 Auditor’s risk assessment judgmental (auditor can assess risks wrongly)
 Limitations of Internal Control:
Management  Example: Seniors threaten lower-level employee to record transactions that
Override of violates the entity’s control. Lower-level employee give in due to fear of losing job
Internal  Raises serious questions about management’s integrity
Control  Difficult to detect with normal audit procedures
Human Errors  Human failures such as simple errors or mistakes can cause breakdowns in
or Mistakes internal control  Errors may occur in designing, maintaining or monitoring
automated controls
Collusion  Effectiveness of segregation of duties is destroyed when individuals collude to
override the system
 Major reason for fraud within companies
Non-routine  Since internal controls are planned for routine transactions
transactions
Controls not  Not up to date with new activities
up to date  “Only when you have done something, you know what is wrong)
Costs outweigh benefits
66
Steps to set control risk below maximum for Reliance Strategy
Step 1: Identify specific controls that will be relied upon (likely to prevent, detect or correct MM)
Step 2: Perform test of controls
Step 3: Conclude on achieved level of control risk given result of testing
Achieved control risk HIGHER than planned:
 Revise the nature, timing and extent of planned substantive procedures and document the
revised control risk assessment
 If the risk of material misstatement is high, need to have low level of detection risk
o Nature: Obtain more reliable types of substantive evidence (i.e. confirmation,
reperformance)
o Timing: Conduct most of the substantive procedures at year-end
o Extent: Have a larger sample size (i.e. make test more intensive)
Achieved control risk LOWER or SUPPORT the planned level of control risk:
 No revision of the planned substantive procedures required, and document the level of CR
 If the risk of material misstatement is low, need to have high level of detection risk
o Nature: Obtain less reliable types of substantive evidence (i.e. analytical procedures)
o Timing: Can be conducted at an interim date
o Extent: Have a smaller sample size (i.e. make test less intensive)
Step 4: Document achieved level of control risk
 Can be documented using a structured working paper, an internal control questionnaire or a
memorandum
Timing of Audit Procedures
Interim Test of Controls

 Assertion being tested may not be significant
 Control has not been effective in prior audits
 More efficient to conduct interim tests of control as accountant is less busy
 Give auditor time to reassess the control risk and modify audit plan if controls are not operating
effectively
 Give auditor time to inform management to locate and correct misstatement before year-end
 What testing should the auditor conduct for the period after the interim date? ~ When determining
the nature and extent of audit work, the auditor should consider
o The significance of the assertion
o The evaluation of the design and operation of the relevant controls
o Results of tests of control
o Length of the remaining period
o Planned substantive procedures
o Minimally – inquire about the nature and extent of changes in policies, procedures or
personnel that occurred after the interim period
67
Interim Substantive Procedures
 Conducting substantive procedures at an interim date may increase the risk that material
misstatement are present in the financial statements
 Factors to consider when deciding if substantive procedures are to be performed at interim date
o Control environment and other relevant controls
o Availability of information at a later date that is necessary for the auditor’s procedures
o Purpose of the substantive procedures
o Assessed risk of material misstatement
o Nature of the class of transactions or account balance and relevant assertions
o Ability of the auditor to perform appropriate substantive procedures or substantive
procedures combined with tests of controls to cover the remaining period in order to
reduce the risk that misstatement that may exist at the period end will not be detected
 Example: High control deficiencies  unlikely to perform substantive procedures at interim date
as auditor have little assurance that accurate information will be generated in the remaining
period
 Even if substantive procedures are conducted at interim date, additional substantive procedures
are ordinarily conducted in the remaining period before year-end
o Includes comparing year-end balance with the interim account balance, conduct analytical
procedures or review for large/unusual transactions during the remaining period
 If misstatements are detected during interim testing  Have to revise planned substantive
procedures for the remaining period or perform additional substantive procedures at year-end
Considerations for entities using service organisations (outsourcing)

SSA 402: Auditors needs to:
(a) Obtain understanding of nature and significance of the services provided by service organization
and their effect on user entity’s internal control relevant to the audit, sufficient to identify and
assess the risks of material misstatement
o By inquiring user and service entities, inspecting service contracts and service auditors’
reports etc
(b) Design and perform audit procedures responsive to those risks (ie test of controls vs substantive
procedures)
Service auditor’s assurance reports on controls at service organization (SSAE 3402):

 Type 1 report: Describes the service entity’s controls and assesses whether they are suitably
designed to achieve specified internal control objectives
o Cannot be used to test effectiveness
 Type 2 report: Goes further by providing assurance on the operating effectiveness of the
service organisation’s controls based on the auditor’s tests of controls
 Auditor may reduce control risk below high only on the basis of Type 2 report
68
Communication of Deficiencies in Internal Control (SSA 265) (p201)
Deficiency (Orally)
 A control designed, implemented or operated in such a way that it is unable to prevent, or detect
and correct, misstatements in the financial statements on a timely basis; or
 A control necessary to prevent, or detect and correct, misstatements in the financial statements
on a timely basis is missing.
Significant Deficiency (In writing)

 A significant deficiency in internal control is a deficiency or combination of deficiencies in internal
control that, in the auditor’s professional judgement, is of sufficient importance to merit the
attention of those charged with governance
o Significance of IC depends on whether misstatement has occurred + likelihood & potential
magnitude
 Example of significant deficiencies in internal control:
o Absence of risk assessment process within the entity where such a process would
ordinarily be expected to have been established
o Evidence of an ineffective entity risk assessment process (i.e. management failure to
identify risk of material misstatement that the auditor would expect to have been
identified)
o Evidence of an ineffective response to identified significant risk
o Misstatement detected by auditor’s procedures that were not prevented, detected and
corrected by entity’s internal control
o Evidence of management ability to oversee the preparation of the financial statement
 SSA 265 Auditor shall communicate in writing significant control deficiencies to TCWG & mgmt.
The auditor shall also communicate to mgmt other control deficiencies judged to be of sufficient
importance to merit mgmt’s attention
 ALWAYS COMMUNICATE AFTER YOU CHANGE OR QUALIFY ACCOUNTS
Example of Controls
Control Financial Statement Assertion Audit Procedure to test
Prints daily cash receipts Ensures that cash receipts are: Inspect all cash receipt report.
report that details all daily Complete, accurate, have Match against deposit slip for that
inputs into system. occurred day.
Control Weakness Assessment of Control Risk Implications

The staff has custody of all High  Control risk high, cannot rely on
cheques, has power to grant controls. Lower DR by
credit, has power to write-off increasing TOD.
bad debts, and deposits cash  Communicate control weakness
to client
Staff allocates cheque High
receipts to the oldest balance
if inadequate details were
provided.
69
Seminar 7a – Auditing in a Computerised Environment
Forming an Assessment of Control Risk

1. Identify specific control objectives
2. Identify points where misstatements could occur (inherent risks)
3. Identify control procedures designed to prevent or detect misstatements
o Manual and automated controls
4. Evaluate design of control procedures
o Are tests of controls cost-effective? (If IR is low, no need TOC at all. E.g. cashless
company)
Issues Introduced in a Computerized Environment

 Input errors (move towards scanning of barcodes to minimize error)
 Systematic vs. random processing errors
o Systematic  recurring, risk lower
o Random  adhoc, risk increases (hard to detect and cure)
 Lack of an audit trail (no paper trail)
 Inappropriate access to computer files and programs (access rights, hacking)
 Reduced human involvement in processing transactions (computers cannot identify very obvious
errors)
Implications of IT for Auditor’s Risk Assessments

SSA 315 (11d) Auditor shall obtain an understanding of the entity’s objectives and strategies, and those
related business risks that my result in risks of material misstatement
SSA 315 (Appendix 2) Examples of events and conditions that may indicate RMM:
 Inconsistencies between the entity’s IT strategy and its business strategies (e.g. things are done
manually but accounting is in IT or vice versa)
 Changes in the IT environment (involves system development life cycle)
 Installation of significant new IT systems related to financial reporting
SSA 315(18) Requires the auditor to have an understanding of the information system, including the
related business processes
SSA 315 (A62-63) IT can improve an entity’s internal control (e.g., by enhancing consistency, timeliness
of information processing, segregation of duties via access rights)
 However, IT can also pose specific risks to internal control (e.g., reliance of system that is
inaccurately processing data, risks of unauthorized access or change to data and programs)
SSA 315(21) In understanding the entity‘s control activities, the auditor shall obtain an understanding of
how the entity has responded to risks arising from IT.
SSA 315(A103 - 105) Controls over IT systems include:

 General controls
 Application controls
70
Effect on IT on Internal Control
Combination of interdependent automated and manual controls (i.e. use manual control to use
information provided by IT, use to monitor the functioning of, and errors and exceptions identified by,
automated controls)
Benefits Risks
 Consistent application of predefined business  Reliance on systems or programs that,
rules, and performance of complex unknown to management, inaccurately
calculations in processing large volumes of process data, process inaccurate data, or both
transactions or data  Unauthorized access to data that may result in
 Greater timeliness, availability and accuracy destruction of data or improper changes to
of information data, including the recording of unauthorized
 Facilitation of additional analysis of or non-existent transactions or inaccurate
information for enhanced internal decision recording of transactions
making  Unauthorized changes to data in master files
 Greater ability to monitor the entity’s activities,  Unauthorized changes to systems or
policies and procedures on a timely basis programs
 Greater ability to prevent or detect  Failure to make necessary changes to
circumvention of controls systems or programs
 Enhanced segregation of duties through  Inappropriate manual intervention
security controls in applications, databases  Potential loss of data
and operation systems
Types of IT Controls in an IT Enviroment
General Controls Application Controls

 Relates to overall information processing  Apply to the processing of specific accounting
environment applications
 Have a pervasive effect on the entity’s  Part of the computer programs used in the
computer operations accounting systems
 Referred to as supervisory, management  Help ensure the completeness and accuracy of
or information technology controls transaction processing, authorization and validity
71
General Controls
 Deal with controls over computer and network operations, data preparation, work flow
control and library functions
 Implement controls to prevent unauthorized access to network programs, files and systems
Data centre and network operations
documentation by computer operators

o Example: Rotation of operator duties, mandatory vacations, regularly reviewed of
operating systems log to ensure that operators have not performed any
unauthorized activities
 Controls for data preparation
o Example: Proper entry of data into an application system. Proper oversight of error
correction
 Controls over work flow
o Example: Scheduling of application programs, proper setup for program and use of
correct files
 Need to ensure that (1) correct files are provided for specific applications; (2) files are
properly maintained; (3) backup and recovery procedure exist
 System software: Computer programs that control the computer functions and allow the
System software acquisition,
change and maintenance
application programs to run

o Eg. Operating systems, library and security packages, and database
management systems
o Operating systems control operations, allocate computer resources, detects and
corrects processing errors
 Implement controls that ensure proper approval for purchases of new system software
and adequate controls changes and maintenance of existing system software
 Concern with (1) physical protection of computer equipment, software and data and (2) loss
Access and Security Controls
of assets and information through theft or unauthorized use

o Have a separate location for computer facilities, use of key or authorization card,
adequate protection against fire or water damage, programmers must not be
allowed access to the computer room, use of librarian function or software
o Operational disaster recovery plan (i.e. off-site backup location for processing
critical applications)
o Physical security over remote terminals, authorization controls that limit access to
authorized information, firewalls, user identification controls such as passwords
72
Application system acquisition, development and  Ability to audit accounting systems improved if
o Entity follows common policies and procedures to acquire or develop systems
o Internal/external auditors are involved in the acquisition or development process
o Proper user, system operators and program documentation is provided for each
application
 Establish written policies and procedures for planning, acquiring or developing and
maintenance
implementing new systems, and document it down

o Eg. User department  IT department for request for new system
o Cost-benefit analysis, software, hardware need and impact on current operations
o Helps entity to better manage its systems and controls
o Auditors can gain better understanding of the system so that tests of controls and
substantive testing can be properly planned and conducted
 Have strong controls to ensure all authorized changes are properly made and unauthorized
changes are prevented once programs are put into operations
o Authorised? Tested? Implemented?
Application Control
 Concern with occurrence, completeness and accuracy assertion
 Ensure that (1) all transaction are recorded in the application system; (2) transactions are
recorded only once; (3) rejected transactions are identified, controlled, corrected and re-
entered into the system
 Three ways of capturing data
Data Capture Control
o Source documentation – via batching processing (i.e. process similar transaction for
data entry
 Each batch will have an unique number and recorded under batch register
 Batch register should capture the date, signature of various person who
processed the batch and information on error (i.e. accountability)
 Batch total will be used to ensure completeness
o Direct data entry – Online processing of data with no source documents
 Create transaction log, containing detailed record of each transaction (i.e.
date, time, operator identification and unique number)
o Combination of source document and direct data entry
 Create transaction log, containing detailed record of each transaction
73
 Mainly concerned with the accuracy assertion
 Following are examples of common data validation control
Description
Limit Test Ensure that a numerical value does not exceed some predetermined value
Range Test Ensure that the value in a field falls within an allowable range of values
Sequence Test Determine if input data are in proper numerical or alphabetical sequence
Existence Test Test of an ID number of code by comparison to a file or take containing
valid ID number of code
Data Validation Control
Field Test Ensure that the field contains either all numerical or alphabetic characters
Sign Test Ensure that data in a field have the proper arithmetic sign
Check-digit Numerical value computed to provide assurance that the original value
verification was not created
 Use turnaround document to improve data accuracy (i.e. output document from the
application that are used as source document in later processing)
o Example: Monthly statement to customer may consist of two parts; one part is kept
by the customer, while the other part is returned with the payment
o Pros: Just use input devices to retrieve the encoded information from turnaround
document; No need to re-enter data, thus avoiding data capture and data validation
error
 Special validation routines (request desired input data, prompt data entry personnel)
o Validation routine can include completeness test to ensure that all data items are
completed before processing
 Controls that ensure processing of transactions
o Include some data validation control
Processing Control
o Strong general controls (i.e. application system acquisition, development and

maintenance, library controls, personnel practice, segregation of duties) more
likely program will be properly written and tested, correct files will be used for
processing and unauthorized access to the system will be limited
o Checking numerical sequence of records
o Comparing related fields
o Control totals accumulated during processing are compared to input totals and
previous computer-run totals
 Main concern: Computer output may be distributed or displayed to unauthorized users
 Controls to minimize
o Prepare a distribution report log, containing the schedule of when reports are
prepared, name of individuals who are to receive and the date of distribution
Output Control
o Use of transmittal sheet, to indicate intended party, and release form, to be signed by
intended party upon receiving the report
o Review the output for reasonableness, reconcile control or batch totals to output
o Page-numbering of reports
o Automatic dating of reports
o End-of-report messages
 User department to review outputs for completeness and accuracy
74
 Identified mainly by data capture and data validation control, but may also be identified by
processing or output controls
 Helps to ensure that errors are handled appropriately
Error Control
o Example: If a transaction is entered with an incorrect customer number, it should be

rejected. Only once the customer number is correct, it will be resubmitted into the
system
 When dealing with error control, must have segregation of duties
o Example: Error from processing transaction should be corrected and resubmitted by
the data control group. Error that occur outside IT department (i.e. invalid data or
omitted data) should be corrected and resubmitted by the appropriate department
Relationship btwn General & Application Controls

 Auditor should start by examining general controls
 General controls unreliable  little confidence in programmed applications & reduced confidence
in manual application controls  more substantive approach
 General controls reliable  preliminary evaluation of application controls  if reliance on
application controls is then planned, more detailed evaluation of controls made  auditor
determines appropriate degree of testing of controls & substantive testing
Impact on Audit Strategy

Auditing “Around” the Computer:
 Auditor treats computer system as a “black box” (ignore the system) and performs tests on inputs
and outputs of the system
 May be appropriate for less complex IT systems with existence of hard copy audit trail
Auditing “Through” the Computer:
 Auditor directly tests IT controls, usually with the help of CAATs
 SSA 330(8) requires auditor to test the operating effectiveness of relevant controls if substantive
procedures alone cannot provide sufficient appropriate audit evidence at the assertion level (e.g.,
for highly automated systems like bank) (means cannot increase substantive procedure])
 What if IT control is not effective?  qualify opinion & communicate control weakness
75
“Around” the computer “Through” the computer
Complexity of Computer used for relatively Computer applications are more complex
processing simple calculations in nature
Implementation of Less extensive More extensive

computer controls
Existence of source Existence of “hard copy” Source documents exist in electronic
documents and (paper) source documents or format/ results of one stage of
audit trail audit trail computerized processing are used as
inputs in subsequent stages of processing
(turnaround docs)
Computer-Assisted Audit Techniques (CAAT)

 Includes programs that allow auditor to perform tests on computer files and databases
 Able to conduct CAATs in different IT environment
 Eg. Select and prepare AR confirmations from variety of computer systems
 Functions performed by GAS
Function Description
File or database Reads and extract data from entity’s computer files or databases for
access further audit testing
Selection operators Select from files or databases transactions that meet certain criteria
General Audit Software (GAS)
Arithmetic functions Perform variety of arithmetic calculations on transactions, files and

databases
Statistical analyses Functions supporting various types of audit sampling
Report generation Prepares various types of documents and reports
Advantages Disadvantages
 Easy to use  Involves auditing after entity processed
 Limited IT expertise or programming skills data rather than while data are being
required processed
 Time required to develop application usually  Limited ability to verify programming logic
short because application usually directed to
 Entire population can be examined, testing entity’s files or databases
eliminates need for sampling  Limited to audit procedures that can be
conducted on data available in electronic
form
Increases efficiency and effectiveness
a
76
 Generally written by auditors for specific audit tasks
 Necessary when computer system is not compatible with auditor’s GAS or when auditor wants
to conduct some testing that may not be possible with GAS
 More efficient to prepare if they will be used in future audits or similar engagements
Custom Audit Software
 Disadvantages of custom softwares:

o Expensive to develop
o May require long development time
o May require extensive modification if entity changes its accounting application programs
 Eg. Inventory observation and testing (Pg 218)
o Traces test counts into entity’s perpetual inventory file and prints out any exceptions
o Performs complete mathematical test, including extensions, footings, crossfootings and
use of approved prices
o Summarises inventory by type
o Prints out items in excess of a predetermined amount for review
 Objective: ensure accuracy of computer processing of transactions
 First create set of simulated data for processing including both valid and invalid data
 Calculate expected results of processing the test data
 Use entity’s computer and application programs to process the data
 Valid data should be properly processed while invalid should be identified as errors
 Results of processing compared to auditor’s predetermined results
 Can be used to check:
o Data validation controls and error detection routines
o Processing logic controls
o Arithmetic calculations
Test Data
o The inclusion of transactions in records, files and reports

 Advantage: provides direct evidence on effectiveness of controls included in entity’s application
programs
 Disadvantages:
o Time-consuming to create test data
o May not be certain that all relevant conditions or controls are tested
 Use of test data generators can help
o Must be certain test data are processed using regular production programs
 Alleviated if general controls for program changes, access and library functions
are reliable
o Must be sure to remove valid test data from entity’s files
 Test using simulated transactions & dummy master records within a client’s master file so that
Integrated Test Facility
test data are processed simultaneously w actual data

 Objective is to substantiate control reliability
 Requires auditor to be involved in the system design such that audit modules are created within
the system that allow “dummy” test data to be discriminated from actual “live” data in the system
 Once established, test data can be placed in the normal transaction stream and the results can
allow the auditor to evaluate application controls during normal operations.
77
Parallel Simulation  Auditor develops an application that is designed to replicate the results of the client’s application
using client-supplied data
 Comparison of the results of the two applications enables the auditor to make inferences about
the quality of the process performed by the client’s application
 Involves the auditor inserting an audit module in the client’s application that will identify
Embedded Audit Module
transactions that meet some pre-specified criteria as they are being processed
 Transactions that are identified in this way can be reviewed by an auditor in real-time or in batch
 Particularly effective in identifying large transactions for substantive testing or for testing
controls by identifying transactions processed in a manner inconsistent with policies and
procedures
 Designed in such a way that they can be turned on and off, reducing costs but also reducing
coverage
Test data, integrated test facility and parallel simulation directly examine the internal logic of the
application while embedded audit module and generalised audit software examine the application’s
logic indirectly.
Advantages & Disadvantages of CAATs

Type of CAAT Factor Affecting Use
Static vs Client disruption Information Reliance on client
dynamic & data corruption systems expertise
auditing risk required
Test data Static. Client Minimal due to the Minimal, although Client provides a copy
provides copy of fact that a copy of preparing test data of app. Difficult to
existing the application is & understanding determine if copy
application used internal logic of provided is exact,
software. Auditor application can be reducing reliability of
only gains info. as costly method
to how this
version of app.
works
Integrated Dynamic. ITF is High corruption Expertise is Information obtained
test facility designed into the risk. Controls must required to design does not rely on client
(ITF) application during be designed to audit modules into
systems identify & remove system & to ensure
development the effects of test that test
transactions transactions don’t
affect actual data
Parallel Dynamic/ static. Minimal. The Extent expertise is The auditor obtains
simulation Parallel simulation does not required depends output information
simulation can affect client upon complexity of directly without client
run alongside processing client's process intervention
client's being simulated.
78
application/ GAS can be used
executed at to simulate many
intervals using processes
accumulated
client data
Embedded Dynamic. High All transactions Some level of Revisions to app. in
audit module disruption factors subj. to module's programming which module is
(EAM) as auditor may screening expertise is needed resident can affect
turn module on/ algorithm. Sig. to design & processing.
off at intervals, affect speed of implement the Considerable client
reducing online processing. module interaction is necessary
effectiveness Therefore, module to maintain functionality
may be turned of module
on/off
Generalised Static. Typically, Minimal. All Relatively easy to Minimal reliance on the
audit the client's processing occurs use. Very little client
software period-end data within the auditor's technical
(GAS) are accessed system background is
required to
effectively use
many features of
GAS. Accessing
complex client data
structures often
requires assistance
of IT specialists
79
Example of IT Control Effectiveness
Patient Revenue System Type of Auditor Finding about Control Effectiveness
Control Control
Billing system General IT File backup occurs Backup must be timely.
Produces invoices to charge control automatically each Sunday Backup should be done daily.
patients for services at 10pm so as not to Because of volume of
provided. Software includes disrupt any billing activities. transactions.
a complex formula to If only 10 transactions per
compute government week, then weekly backup is
subsidies, MediShield and okay.
private medical insurance.
Patient database Manual Exception reports are Important to know changes.
A master file containing application produced to show changes Who made the changes?
personal details about each control to patient address details & Not effective because in
patient as well as the period insurance company. patient database, other
of stay, services provided information such as services,
and medical insurance period of stay etc should also
details. be included.
Billing system IT Admin officer who creates Effective because the person
application patient invoice complains who does billing should not be
control that she can't override the allowed to change database.
room charge rate when Prevents the person from
she thinks a mistake has doing unauthorised changes
been made by the system to billing function.
when it calculates the bill
All Systems General IT All software changes are System admin (end user)
control tested by programmer and should do testing w
test results are separately programmer
reviewed & approved by Reviewing & approval of test
the system administrator result should include end-
user. Programmer cannot
review himself self review
threat.
Rates database IT Data entry operator can Ineffective as data entry
A master file of all application change all data operator shouldn’t be allowed
accommodation billing rates, control fields provided they have a to change all data fields.
rebate discounts and data change Ineffective as authorisation is
government assistance request form signed by the useless (if it’s on paper).
benefits Greener Pasture Effective if
general manager
80
Seminar 7b – Audit Sampling
Audit Sampling and Sampling Risk

SSA 530.5(a) Audit Sampling: The application of audit procedures to less than 100% of items within a
population of audit relevance such that all sampling units have a chance of selection in order to provide
the auditor with a reasonable basis on which to draw conclusions about the entire population.
 How many to select?
 Which specific items to select?
 How to infer and make conclusion on population to reach an appropriate conclusion?
SSA 530.5(c) Sampling Risk: Risk that the auditor’s conclusion based on a sample may be different
from the conclusion if the entire population were subjected to the same audit procedure.
Consequences of Sampling Risk

Look at Type II Error to determine sample size (Aim to reduce this error) as it is more costly to auditor
 Results in auditor failing to detect material misstatement (litigation against auditor, severe
consequences)
Type I Error Type II Error

Type I Error (Risk of Incorrect Rejection) Type II Error (Risk of Incorrect Acceptance)
Affects efficiency of audit Affects effectiveness of audit
Test of Controls: Auditor wrongly concludes Test of Controls: Auditor wrongly concludes that
that a control is not effective when it is a control is effective when it is not
 Assess control risk to be too high  do  Assess control risk to be too low  do too
too much substantive testing  little substantive testing  increases audit
decreases audit efficiency risk (via increased detection risk)
Test of Details: Auditor wrongly concludes that Test of Details: Auditor wrongly concludes that an
an account balance or class of transaction is account balance or class of transactions is not
materially misstated when it is not materially misstated when it actually is
 Auditor will do further testing   Auditor wrongly issues an unmodified audit
decreases audit efficiency opinion when the F/S is materially
misstated  audit failure
Non-sampling Risk:
Detection Risk = Sampling risk & Non-sampling Risk
Risk that auditor reaches a wrong conclusion due to reasons other than sampling risk, such as
 Use of inappropriate audit procedures
 Misinterpretation of audit evidence
 Failure to recognize a misstatement or deviation
Non-sampling risk can be controlled by measures such as:
 Adequate training
 Proper planning
 Effective supervision
81
Statistical vs Non-statistical Sampling
SSA 530 permits both types of sampling. Both require professional judgement to plan, perform and
evaluate sample evidence
Statistical Sampling
 Involves random selection of sample items & use of probability theory to evaluate sample results,
including measurement of sampling risk
o Key advantage: Ability to measure of sampling risk
o Able to find most efficient sample size
 Specific applications include attributing sampling (used for test of controls) and monetary unit
sampling (used for substantive testing)
Non-statistical Sampling
 Any sampling approach that does not meet the definition of statistical sampling
Key Steps in Audit Sampling

1. Define test objective, population (type and period) and sampling unit, control deviation/ misstatement
2. Determine sample size
 Judgmentally or statistically (optimal)
 Considering:
(i) Desired level of assurance in the results
o Consider significance of account, importance of assertion, difficulty of applying the
control
o More significant, more complex  higher desired confidence
o High confidence  large sample size (Confidence level = 1 – risk of incorrect
acceptance)
(ii) Tolerable misstatement or deviation rate (low tolerance = large sample size)
o Definitely must have some allowance for sampling risk
o Controls do not need to operate 100% to be effective
(iii) Expected misstatement (high expected misstatement = large sample size)
o Some deviation will be expected because mostly depends on human involvement
o Based on prior years’ results or pilot sample
o If expected misstatements > tolerable deviation, no need to test anymore. Go
straight to substantive test
(iv) Population size (beyond 500) has a negligible effect on sample size
3. Select samples and perform test on samples
4. Evaluate results and draw conclusions
Sample Selection Methods

Stratification: Auditor divides population into series of sub-population, each with identifying
characteristics (e.g. dollar value differences). SSA 530 Appendix 1
 Increases audit efficiency, as it reduces sample size by reducing variability, yet without increasing
sampling risk
 Can direct attention to areas of audit interest, such as risky or material items
82
Acceptable Sample Selection Methods
Random Selection  Statistical
 Using random number table/ generator
Systematic Selection (with random start point)  statistical
 Sample interval = population / sample size = 50
 For 1st sampling interval, select a random start point (e.g. 21)
 From that random start point, add the sampling interval systematically (21, 71, 121…)
Haphazard (avoid conscious bias/ predictability)  non-statistical
 Inherent bias
 Can be used to sample items randomly stored in a warehouse
Unacceptable Sample Selection Methods

Block Selection
 Auditor selects all items of a specified type processed on a particular day, week, month
Judgmental Selection (based on sample characteristics)
 Auditor selects large or unusual items from the population or uses some other judgmental
criterion for selection
 This method has a conscious bias, cannot be considered representative
Attribute Sampling (For Test of Controls)

Used to estimate the proportion of a population that possess a specified characteristic (attribute).
Objective: To determine effectiveness of control (therefore degree of reliance that can be placed on
controls)
Key Steps:
1. Determine test objective
 E.g. Whether control over credit approval of sales are effective
2. Define population
 E.g. All recorded sales and supporting sales orders from January to September 2013
3. Define sampling unit
 E.g. Sales order supporting each recorded sale
4. Define control deviation conditions
 E.g. Sale is not properly approved by credit department
5. Determine sample size, which is a function of: *Refer to lecture notes*
 Planned risk of incorrect acceptance (Type II error)
o Higher planned risk = smaller sample
 Tolerable deviation rate (maximum deviation that auditor is willing to accept and still consider
control effective)
o Higher tolerable deviation rate = smaller sample
 Expected population deviation rate (should be less than tolerable deviation rate)
o Higher expected = larger sample size
6. Select sample from population
 Using random or systematic selection methods (Statistical)
7. Perform audit procedure on sample
 Examine sales order for evidence of credit approval
 Investigate nature, cause and consequence of deviations
83
o Anomalous, intentional, result in material misstatement, careless?
o How does it impact other phases of audit?
o E.g. Credit control deviation  increased risk for valuation of AR  increase substantive
test for allowance of bad debts
 If cannot examine or cannot use alternative procedure to test, then sample is a deviation
8. Evaluate & draw conclusion
 Compute sample deviation rate and computed upper deviation rate
 Sample deviation rate = number of deviations/number of items in sample
o Represents auditor’s best estimate of population deviation rate, but must consider
allowance for sampling risk  upper deviation
 CUDR (maximum rate of deviation auditor is willing to accept before deciding not to rely on
control)
o CUDR = sample deviation rate + allowance for sampling risk
 If CUDR < Tolerable Deviation Rate (TDR)
o Evidence supports planned level of control risk, conclude that control is effective and
reduce substantive testing
 If CUDR > TDR
o Evidence does not support planned level of control risk, conclude that control is not
effective and increase substantive testing (or increase sample size or test a compensating
control)
Monetary-unit Sampling Technique (Substantive Testing)

 Uses attribute-sampling theory to express a conclusion in monetary amounts rather than as rate
of occurrence
o Whether account balance/ class of transactions is materially misstated
 Every $ in population is a sampling unit  larger balances are more likely to be selected  more
effective in detecting overstatement
 Commonly used to test accounts such as AR, investment securities, inventory
 Advantages: smaller sample size where auditor expects few misstatements, auto stratification
according to dollar amounts, does not require user to make assumptions of distribution of
misstatements
 Disadvantages: Selection of 0 or negative balance requires special design considerations, when
more than a few misstatements are detected, sample results may overstate allowance for
sampling risk à over-audit
Key Steps
1. Determine test objectives
 To test existence, completeness and accuracy of AR through debtors’ confirmation
 To test the assertion that no material misstatements exist in an account balance/class of
transactions
2. Define population
 Monetary value of AR at YE
3. Define sampling unit
 Each dollar in AR (once a $ is selected, the entire customer account balance containing the $ is
selected)
4. Define misstatement
 Difference between recorded amount and confirmed amount other than timing differences
84
5. Determine sample size: a function of:
 Planned risk of incorrect acceptance (Type II error)
o Higher planned risk = smaller sample
 Tolerable deviation (maximum deviation that auditor is willing to accept and still consider
account not materially misstated)
o Higher tolerable deviation rate = smaller sample
o May be same amount or an amount lower than performance materiality
 Expected population deviation (should be less than tolerable deviation rate)
o Higher expected = larger sample size
 Population size
o Used in the conversion of tolerable and expected misstatements to % [(ate]
6. Select sample from population
 Using systematic selection method (sampling interval = population book value / sample size)
7. Perform audit procedure on sample:
 Confirm AR balances (misstatement if no supporting documents)
 Investigate nature and causes of differences
8. Evaluate results and draw conclusions
 Compute projected misstatement and upper misstatement limit (Refer to lecture slides)
 UML < TM: conclude that AR is not materially misstated
 UML > TM: conclude that AR is materially misstated
o Options: Increase sample size, other substantive procedures, request management to
adjust AR to tolerable misstatement. If refuse to adjust, then qualify or adverse opinion
Conclusions on Sampling Results

SSA 530.12 The auditor shall investigate the nature and cause of any deviations or misstatements
identified, and evaluate their possible effect on the purpose of the audit procedure and on other areas of
the audit
 Did the error result from the team?  Increase observation on team, increase work on team
SSA 530.13 In the extremely rare circumstances when the auditor considers a misstatement or deviation
discovered in a sample to be an anomaly, the auditor shall obtain a high degree of certainty that such
misstatement or deviation is not representative of the population. The auditor shall obtain this degree of
certainty by performing additional audit procedures to obtain sufficient appropriate audit evidence that
the misstatement or deviation does not affect the remainder of the population
 Error due to anomalies
o Carelessness NOT an anomaly
o Anomalies are: system problem, power shortages
530.15 The auditor shall evaluate:

(a) The results of the sample; and
(b) Whether the use of audit sampling has provided a reasonable basis for conclusions about the
sample
85
Seminar 8 – Auditing the Revenue Process
Revenue Recognition Principles

Refer to FRS 115!
Revenue Process: Audit Significance

 Major component of F/S  “always material” (except for dormant companies)
 High transaction volume (reliance on controls)
 Significant complexity and judgement involved
o Revenue recognition
o Allowance for doubtful debts
 Susceptibility to fraud
o SSA 240: presumed risk of fraud in revenue recognition
 Major source of cash inflow (business risk)  relates to going concern probem
Fraud Risks relating to Revenue

 Side agreements are agreements that are used to alter the terms and conditions of recorded
sales in order to entice customers to accept delivery of goods and services
 Channel stuffing, a market practice that suppliers sometimes use to boost sales by inducing
distributors to buy substantially more inventory than they can promptly resell
 Related-party transactions requrie special consideration because related parties may be difficult
to identify, and such transaction may pose significant ‘substance over form’ issues
 Bills and hold sales are sales whereby the customer agrees to purchase the goods, but the seller
retains physical possession until the customer requests shipment
 Early revenue recognition
 Holding the books past the accounting period
 Ficiticious sales
 Failure to record sales return
 Liability and expense omissions
 Overstating receivables and inventory
 Fraud in the percentage of completion method
86
3 Types of Transactions & F/S Accounts Affected
Type of Transaction Account Affected
Sale transaction  Trade accounts receivable
 Sale of goods/ rendering of a  Sales
service for cash/credit  Allowance for uncollectible accounts
 Bad-debt expense
DR Bad debt expense

CR Allowance for uncollectible accounts
(Anticipation of uncollectibility of AR)
DR Allowance for uncollectible accounts

CR AR
(Write-off of customer’s account balance)
DR AR
CR Allowance for uncollectible accounts
(Recovery of AR)
Cash receipts transaction  Cash
 Receipt of cash from customer in  Trade accounts receivable
payment for goods/ services  Cash discounts
DR Cash 4,312
DR Sales Discounts 88
CR AR 4,400
Sales return & allowance transactions  Trade accounts receivable
 Return of goods by customer for  Sales returns & allowances
credit/cash
DR Sales return & allowances
CR AR
DR Inventory
CR COGS
Major Revenue Functions

Order Entry  Acceptance of customer order into system
 Enter SO into system
 Receive & prepare customer order
Credit  Appropriate approval of customer orders for creditworthiness
Authorization  Credit limits: sale that exceeds authorized credit limit should not be processed
 Review of credit limits to ensure amt is consistent with customer ability to pay
 Monitor customer payments through preparing aged trial balance of AR and
reviewing it
 Initiate write-off of customer accounts (but final approval should be segregated to
prevent misappropriation of cash by writing off)
87
Shipping  Shipping goods & completing shipping doc
 Shipping of goods/provision of services should be authorized by credit dept
 Shipping must ensure correct quantities and product
 Once done, forward to billing
Billing  Issuance of sales invoices to cust. for goods shipped/services provided
 Processing of billing adjustments for allowances, discounts, returns
 Must ensure all goods shipped are billed at authorized price and terms
 Account for all pre-numbered shipping docs and match to sales invoice
 No issuing credit memo unless goods are returned (must take receiving doc from
receiving dept. to acknowledge receipt of returned goods)
Cash  Processing of receipt of cash from customers (Receive customer’s remittance)
Receipts  Ensure all cash collections are properly identified & promptly deposited
 Deposit cheques daily
AR  Recording of sales invoices, collections, credit memoranda in individual customer

accounts
General  Proper accumulation, classification, summarization of revenues, collections,
Ledger receivables in F/S
Accounting  All entries must be made from authorized source documents: sales invoice,
remittance advice, credit memo
 Update AR for sales & for remittance
 Prepare AR aged trial balance
Documents and Records in Sales Process

Customer sales  Details of the type of quantity of products and services ordered by customer
order (i.e. conversion from customer’s purchase order into internally generated
sales order)
 Usually prepared by a salesperson
Credit Approval  Details (i.e. credit limit, the personnel approving the credit limit) that show
Form the credit-worthiness of the customer
 Whenever the customer purchases on credit, the entity will check against
the credit limit from the credit approval form and its outstanding balance
before approving the sales
Open-Order Report  Report of all outstanding customer orders
Shipping Document  Prepared every time goods are shipped to a customer
(generally serves as  Contain information on the type of product shipped, the quantity shipped
billing of lading – and other relevant information
prove of delivery)  A copy of the shipping document is sent to customer, another copy used to
initiate the billing process
Sales invoice  Contain information on the type of product or service, the quantity, the price
and terms of trade
 Source document that signals the recognition of revenue
Sales Journal  Used to record the information for each sales transactions
 May contain information classified by type of sales, depending on the
complexity of the entity’s operation
88
Customer Statement  Details of all sales, cash receipts and credit memorandum transactions
processed through the customer’s account
Accounts receivable  Details of transactions (i.e. from sales, cash receipts) with each customer
subsidiary ledger
Remittance advice  Document forwarded with the customer’s bill and returned with the
customer’s payment for goods and service
 Contain information regarding invoices being paid by the customer
Aged trial balance of  Summarize all customer balances in the accounts receivable subsidiary
accounts receivable ledger, reported in different categories
(Pg 334 to assure  Monitor the collection of receivables
aged trial balance is  Ensure details of AR subsidiary ledger agree with GL control
correct)
Cash Receipts  Record the entity’s cash receipts received from customers
journal
Credit memorandum  Record credits for the return of goods in a customer’s account or record
allowances that will be issued to customer
Write-off  Authorizes the write-off of an uncollectible account
authorization  Initiated in the credit department, with final approval from the treasurer
Test of Controls – Introduction

Inherent Risks
Industry Related Factors (may affect assertion such as authorization and accuracy)
 Profitability and health of the industry (lack demand, fierce competition etc)
 Level of government regulation within the industry, rate of technological change
Complexity (may affect assertion on cut-off and accuracy)
 Complex calculation of recognizing revenue due to long-term construction contracts, long-term
service contracts
 Disputes between auditor and management over recognition  high RMM
Difficulty of Auditing Transactions and Account Balances
 Subjectivity and judgmental involved in estimating for the allowance + sales return
Misstatements detected in prior audits
 Presence of misstatement in previous audit is a good indicator that misstatements are likely to be
present during the current audit
Control Risk Assessment

1. Understand & document the revenue process based on a reliance approach
2. Plan & perform test of controls on revenue transactions
3. Set & document the control risk for the revenue process
 If the results of the tests of controls support the planned level of control risk, the auditor
conducts the planned level of substantive procedures
 Level of control risk can be set using either quantitative amounts or qualitative (High,
medium, low) terms
89
Primary Control-related Features
 Segregation of duties, control over sources documents and inputs, checks, approvals and
reconciliations
 Spilt into three categories: Custody, Authorization and Recording
 Individuals involved in the order entry, credit, shipping or billing functions should not have access
to the accounts receivable records, general ledger or cash receipts activities
Segregation of Duties Possible Errors or Frauds
Credit function / Billing Possible for sales to be made to customers who are not creditworthy,
function resulting in bad debts
Shipping function / Billing Possible for unauthorized shipments to be made and usual billing
function procedures to be circumvented, resulting in unrecorded transactions
and theft of goods
Account Receivable function / Possible for individual to conceal unauthorized shipments, resulting in
General Ledger function unrecorded sales transactions and theft of goods
Cash Receipts function / Possible for cash to be diverted and the shortage of cash in the
Accounts Receivable function accounting records to be covered, resulting in theft of cash (a.k.a
lapping: ability to steal cash and manipulate accounting records)
Credit function / Cash Possible for cash receipts to overstate the cash received from
Receipts function customer, resulting in unauthorized sales to customer
Billing function / Accounts Possible for cash to be diverted to customer by initiating fictitious
Receivable function credit memorandum
Planning & Performing Test of Controls

Auditor systematically examines the client’s revenue process to identify relevant controls that help to
prevent/ detect/ correct material misstatements
 In order to properly set control risk, the auditor must test controls over the revenue process. Such
tests may include:
o Inquiry of client personnel
o Inspection of docs & records
o Observations of the operation of control
o Walkthroughs (Ask staff, see documentation of procedure)
o Reperformance of the control activities
Test of Controls for Revenue Transactions

Occurrence of Revenue
 Occurred and pertain to the entity
 Auditor needs assurance that all recorded revenue transactions are valid
Possible Control Activity Test of Control
Misstatement
Fictitious revenue Segregation of Duties between Existence:
Sales to fictitious authorization (sales), custody Observe and evaluate that there is proper
customers (shipping) and recording (billing) segregation of duties
 Ship to fictitious customers
 Recognizing revenue for
unapproved sales/ shipment
90
Recording revenue Sales is recorded only with Existence:
when goods not approved customer order & Test a sample of sales invoices for presence of
shipped / services shipping document approved customer order & shipping document
not performed
If IT, examine application controls, make sure
control exists
Effectiveness:
Reperform by doing sales entry
Accounting for numerical Existence:
sequences of sales invoices to Inspect sales invoices for sequential
make sure numbers don’t numbering;
appear 2 times Observe checking process of numerical
sequences
Effectiveness:
Review and testing of entity procedures for
accounting for numerical sequence of sales
invoices;
If IT, examine application controls

Send monthly customer Existence:
statements (Customers who are Inspect mails
wrongly billed will complain. This Observe mailing process & complaints process
will highlight overstatement of Examine resolution of complaints
revenue)
Effectiveness:
Make sure complaints are not Review and testing of entity procedures for
handled by staff who sends mailing & handling complaints
customer statements
Completeness of Revenue
Possible Control Activity Test of Controls
Misstatements
Goods are Accounting for Existence:
shipped/ numerical sequences Inspect sales invoices for sequential numbering
services of shipping Observe checking process of numerical sequences
performed but documents and sales
no revenue is invoices to make sure Effectiveness:
recognized all shipping documents Review and testing of entity controls for accounting for
and sales invoices are numerical sequence of sales invoices
recorded
If IT, examine application controls
Match shipping Existence:
documents to sales Trace a sample of shipping document to their respective
invoices before sales invoices and sales journal to make sure that
recording
91
matching has been done. (usually if matched then put
together)
Reconcile sales Effectiveness:

invoice to daily sales Testing of a sample of daily reconciliations
report to make sure
that sales invoices
issued are properly
recorded daily
Maintain currently an Existence:
open-order file and Examine the open-order file for unfilled orders
review it periodically
If IT, generalized audit software, print unfilled orders that
are older than client’s predetermined time frame
for completing order and determine why
Accuracy of Revenue
 The presence of an authorised price list and terms of trade reduces risk of inaccuracies
 Sales invoice should also be verified for mathematical accuracy before sending to customer
Misstatements
Revenue Authorized price list & Existence:
transaction specified items of trade Comparison of prices/terms on sales invoice to
recorded at an authorized price list and terms of trade (FOB
incorrect etc.)
monetary
amount If IT, examine application controls
for authorized prices and terms
Effectiveness:
Reperform the recording function and test
whether control is effective
Make sure sales invoice are Existence:
agreed to shipping document Examination of sales invoice for evidence that
& customer order to client personnel verified mathematical accuracy
 Check product type and Recompute the info on a sample of sales
quantity invoices.
 Verify mathematical
accuracy of sales invoice If IT, examine application controls & consider
(customer billed for goods the use of CAAT
shipped)
Effectiveness:
Check samples of the agreed batch
92
Transactions not Reconcile sales invoice to Existence:
posted correctly daily sales report to make sure Examine a sample of sales invoices to see if
to the sales that the recording of sales is there is evidence to show that they have been
journal or accurate reconciled to the daily sales report
customer’s  Use of a data validation test
accounts in AR (control total)
subsidiary ledger
Reconcile daily postings to Examine reconciliation of entries to sales
sales journal with posting to journal with entries to subsidiary ledger
subsidiary ledger
Reconcile subsidiary ledger Review reconciliation of subsidiary ledger to

to general ledger control general ledger control account
account
Amounts from Send monthly customer Existence:

sales journal not statements (Customers who Inspect mails
posted correctly are wrongly billed will complain. Observe mailing process and complaints
to general journal This will highlight overstatement process
of revenue) Examine resolution of complaints
Independent review of Effectiveness:

complaints. complaints are not Review reconciliation of subsidiary ledger to
handled by staff who sends general
customer statements ledger control account

mailing and handling complaints
Poor credit Proper procedures for Existence:

approval. authorizing credit & Examination of SO for evidence of proper credit
(“Authorization”) shipment of goods approval
Goods shipped to
a cust. with a high If IT application, examination of application
credit risk controls for credit limits
Review client’s procedures for granting credit

Shipments made Authorised price list and Existence:
or service specified term of trades Comparison of price and terms on sales invoice
performed at to authorised price list and terms of trade
unauthorised
prices/terms Effectiveness:
Review and testing of procedures for
authorising prices and terms
93
Cut-off of Revenue
 Sales may be recorded in the wrong accounting period unless proper controls are in place
 All shipping documents should be forwarded to the billing department daily
 Record sales after goods have been shipped (customer order, shipping document, bill of lading)
Misstatements
Revenue Shipping documents Existence:
transactions recorded should be forwarded to Observe the process
in the wrong period recording functions on a
timely basis. Effectiveness:
Compare the date of shipping with the date of
sales invoice and date of recording
Daily billing of goods Effectiveness:
shipped Compare the date of sales invoice with the dates
they were recorded in the sales journal
Classification of Revenue
 Use of a chart of accounts & proper codes for recording transactions should provide adequate
assurance about the proper classification of revenue transactions
Misstatements
Revenue transaction Chart of accounts Existence:
not properly classified Review of sales journal and general ledger for
proper classification
Proper codes for Existence:
different types of Inspect sales invoices for existence of code and
products/ services proper classification
Effectiveness:
Test application controls for proper codes
Test of Controls for Cash Receipts Transaction

Occurrence of Cash
Misstatement
Cash receipts Segregation of Duties Existence:
recorded, but between custody (cash Observe and evaluate that there is proper
cash not receipts) and recording segregation of duties
received or
deposited (cash Use electronic cash receipts Effectiveness:
recorded but transfer to eliminate the need Examine application controls for electronic cash
stolen) to deposit cash. (Prevent receipts transfer
access to cash) Bank can
forward remittance advice
94
Prepare bank reconciliations Existence:
daily and review them Inspect bank reconciliations for indication of
independently independent review
Issue cash invoice on the Existence:
spot for payments by cash or Observe this process since it’s a daily control
credit cards. Prevents theft of
cash, ensures timely updating Effectiveness:
of system Reconcile daily invoice with cash and credit receipt
for the day
Completeness of Cash
 Strong controls include proper segregation of duties and lockbox system
 Bank-operated mailing address that company directs customer to send their payments
o Bank opens incoming mail, deposits received funds into co.’s account, scans payments
and remittance information
Misstatement
Cash receipts Segregation of Duties between Existence:
received or custody (cash receipts) and Observe and evaluate that there is proper
deposited, but recording segregation of duties
not recorded  Prevents lapping (theft of
(cash stolen cash, shift cash from 1
before it is customer to another forever)
recorded) Use electronic cash receipts Effectiveness:
transfer to eliminate the need to Examine application controls for electronic cash
deposit cash. (Prevent access receipts transfer
to cash) Bank can forward
remittance advice
Prepare bank reconciliations Existence:
daily and review them Inspect bank reconciliations for indication of
independently independent review
Daily cash receipts reconciled Test reconciliation of daily cash receipts with
with posting to posting to AR subsidiary ledger
AR subsidiary ledger
Prepare customer Existence:
statements on a regular basis Inquire client personnel about handling of
customer statements
Handle complaints Examine resolution of complaints
independently
Effectiveness:
Salesman passes cash collected Existence:
to Cashier, then both counter- Check daily receipt book and presence of
sign receipt book signatures
Effectiveness:
Observe daily process
95
Cash is kept in safety deposit Existence:
box, banked in at end of each Observe process
day
Effectiveness:
Daily bank deposit slip
For payments to be collected by Existence:
cheque  cheques need to be Examination of cheque listing for collection of
restrictively endorsed and cheque of payments
cheque listing needs to be Verify that there are 2 signatories
prepared by 2 persons
Effectiveness:
Observe the process
Accuracy of Cash
 The wrong amount of cash could be recorded from the remittance advice or receipt could be
incorrectly processed during data entry
 To minimize such errors
o Daily remittance reports reconciled
o All bank statements should be reconciled monthly
Possible Control Activity Test of
Misstatement Control
Cash receipts Reconcile daily remittance report Existence:
recorded at to a control listing of Observe the process
incorrect amt / remittance advices Review reconciliation
incorrectly
processed Effectiveness:
during data Examine and test the various reconciliations
entry Reconcile bank statements with Effectiveness:
cash journal Examination of bank reconciliation for
independent review
Prepare customer Existence:
statements on a regular basis Inquire client personnel about handling of
customer statements
Handle complaints independently Examine resolution of complaints
Effectiveness:
Cash receipts Daily remittance report reconciled Existence:
not properly daily with postings to cash receipts Review and testing of reconciliation.
posted journal and AR Subsidiary Ledger.
Monthly Cash Receipts journal Review of posting from Cash Receipts
agreed to General Ledger posting journal to the General Ledger
AR Subsidiary Ledger reconciled to Examination of reconciliation of Accounts
General Ledger control account. Receivable Subsidiary Ledger to General
Ledger control account.
96
Cash discounts Entity’s procedures specifying Existence:
not properly policies and controls for cash Inquire entity regarding procedures
taken discounts Review procedures to control proper
(“Authorisation”) discounts
Effectiveness:
Test entity’s procedures
Classification of Cash
Misstatement
Cash receipts Chart of accounts Existence:
recorded in Tracing of cash receipts from listing to
wrong FS journal for proper classification
account
Effectiveness:
Review of cash receipts journal for unusual
items
Cut-off of Cash
Misstatement
Cash receipts Reconcile cash receipts at, before Existence:
recorded in & after an accounting period to Review and testing of reconciliation
wrong period ensure recording in appropriate period
97
Test of Controls – Sales Returns & Allowances / Sales Discount Transactions
Occurrence
 Not usually a material amount in the F/S
 Credit memoranda that are used to process sales returns can be used to cover an unauthorized
shipment of goods/ conceal misappropriation of cash
o As a result, all credit memoranda should be properly authorized
Assertion & Control Activity Test of Control
Misstatement
Credit Segregation of Duties Existence:
memorandum between access to Observe and evaluate that there is proper
might not exist customers’ record segregation of duties
(due to factors (initiating) and authorization Examine a sample of credit memo for proper
mentioned above) for issuing credit memo. approval
*Critical control* Approval

for receipt of goods by
appropriate individuals
Check that credit for Existence:
returned goods are Examine a sample of credit memo for presences of
supported by a receiving respective receiving document
document to ensure that
they have really been
returned
Grant corporate discounts Existence:
based on a structured Look for evidence of approval
discount scheme
approved by senior Effectiveness:
management Trace from GL discount account to the structured
discount scheme to make sure granted discounts
are in accordance

 Used to examine plausible relationships among AR and related accounts
 Trend analysis, Ratio analysis & Reasonableness test
Example of Substantive Analytical Procedures Possible Misstatement
 Comparison of Gross Profit (%) by Product Line with  Unrecorded
previous years’ and industry data (Understated) Revenue
 Comparison of reported revenue to budgeted revenue  Fictitious (Overstated)

Revenue
Analysis of the ratio of Sales for the Month/Week to Total Revenue

Sales for the Quarter/Year  Changes in pricing
 Comparison of revenues recorded daily for periods shortly policies
before/after the end of the Audit period for unusual  Product-pricing
fluctuations such as an increase just before / decrease just problems
after the end of the Audit period
98
 Comparison of the number of weeks of inventory in
distribution channels with prior periods for unusual
increases that may indicate channel stuffing
 Comparison of percentages and trends of sales in the
distributor channel with industry and competitors’ sales
trends, if known.
 Comparison of Receivables Turnover and days outstanding  Understatement /
in Accounts Receivable to previous years’ and/or industry
Accounts Receivable, Allowance for
Overstatement of
uncollectible accounts, bad debt
data Allowance for

 Comparison of ageing categories on Aged Trial Balance of Impairment Loss of
Accounts Receivable to previous years Accounts Receivable
 Comparison of Impairment Loss on Accounts Receivable and Impairment Loss on
(Bad Debt Expense) as a % of Revenue to previous years’ Accounts Receivable
and/or industry data
 Comparison of the Allowance for Impairment Loss of
Accounts Receivable as a % of Accounts Receivable or
Credit Sales to previous years’ and/or industry data
 Examination of large Customer Accounts individually and in
comparison to previous year
 Comparison of Sales Returns as a % of Revenue to  Understatement /
Sales Returns, Allowances,
previous years’ and/or industry data Overstatement of sales

and Sales Commission
return
 Comparison of Sales Discounts as a % of Revenue to  Understatement /
previous years’ and /or industry data Overstatement of sales
discounts
 Estimation of Sales Commission expense by multiplying  Understatement /
Net Revenue by average commission rate and comparison Overstatement of sales
of recorded sales commission expense. commission expenses
and related accrual
Test of Details – Classes of Transactions (P/L)

Assertion Substantive Test of Detail
*Occurrence of sales Vouch a sample of sales transactions from sales journal to its relevant
sales invoice, customer order and shipping document (GL to source)
Alternative procedures for retail sales (no DO, no shipping doc)

 Test controls of Point Of Sales (POS) system to rely on sales
report generated from POS system
 Check subsequent cash receipts (bank statements, credit card
receipts, NETs receipts)
Completeness of sales Sample shipping documents, trace to sales invoices, sales journal and
customer’s account (Source to GL)
*Accuracy of sales Sample sales invoice, compare prices and terms with authorised price
list and terms of trade
*Cut-off of sales Sample sales invoice, compare dates on invoice with dates of shipment
and dates of recording
99
 Check the date of occurrence of source document
Test a few shopping documents just prior to YE and after YE  see if

shipping documents that were sent out after YE were recorded as sales
before YE
Alternative procedures:
 Understand & test key controls in inventory cycle
 If stock records are reliable, cut-off can be performed based on
checking the dates that goods are dispatched from warehouse
*Cut off procedures can also be used for sales return

Classification of sales Sample sales invoices: determine that each is properly classified in the
- ST vs LT receivables revenue accounts
- Different types of AR
- Identify & reclassify any
material credits in AR
Test of Details – Account Balances (B/S)

*Existence of AR Send confirmation of selected AR to customers à Positive
 Important assertion for AR confirmation
 Auditor wants assurance that AR is
not overstated through inclusion of Review subsequent receipt of cash
fictitious cust. accounts/ amts
 Confirmation is major audit Alternative procedures for AR confirmation exceptions & non-
procedure used responses:
 Auditor must determine that all AR Inspect related shipping records and sales invoice
are owned by entity -- ? documenting the sales (proves that goods were shipped at
xx date so receivables are owed prior to xx date), call
Rights and Obligations of AR Review of bank confirmations for any liens on receivables
 Liens are a legal doc that is filed by creditor to record
claim on debtors property
 Gives protection until debtor pays creditor amt owed
Inquire management, review of any loan agreements and

review of BOD minutes for any indication that the AR have
been sold
100
Completeness of AR Obtain aged trial balance of AR and agree total with GL
 Primary concern is whether all AR control accounts
has been included in AR subsidiary
ledger & GL AR account Manual: Vouch cust. balance to subsid. ledger
 Reconciliation of the aged trial IT: Use CAAT to determine accuracy of aged trial balance
balance to the GL should detect an
omission of a receivable from Review results of testing the completeness assertion for
subsidiary or GL assessing control risk; tracing of shipping documents into
sales journal and AR subsidiary ledger. If such testing was
not performed as a test of control
*Valuation and Allocation of AR Examine results of confirmation of selected AR

 AR should be shown at net
realizable value Examine adequacy of allowance for uncollectible accounts
 SSA 540 Auditor must verify  Look at profitability of collecting and examine
adequacy of allowance for entity’s past experience with bad debts 
uncollectible accounts (if it is determine % of each category to be uncollectible
reasonable or misstated)
o Assess policy first  Strict
standard, bad debt low.
o Prepare an aged trial balance &
discuss results w credit
manager.
o See probability of collecting a/c
that hasn’t been collected for a
long time.
o Compare w last year’s results
o Assess policy
Allowance affected by
 Internal factors
o Client’s credit granting & cash
collection procedures
 External factors
o Economy/ Client’s industry
o Client’s customer’s financial
strength
Test of Details – Presentation & Disclosure (Pg 338)

Occurrence, Rights  Determine whether receivables have been pledged, assigned or discounted
and Obligations  Determine if such accounts require disclosure
Completeness  Complete financial reporting checklist to ensure that all financial statement
discounts related to AR and related accounts have been disclosed
Classification,  Review of aged trial balance for material credits, LT receivables, non-trade
Understandability receivables
 Need to classify into different nature, whether require separate disclosure?
101
Accuracy and  Read notes and other information to ensure that information is accurate and
Valuation properly presented at the appropriate amounts
Substantive Procedures – Sending Confirmations (SSA 505)

Types of confirmation (SSA 505)
Positive Confirmation
 Request that customers indicate whether they agree w amt due to the client
 Response is expected whether the customer agrees/ disagrees w the balance indicated
 More reliable than negative confirmation
 Use when Control risk high, account balances large
Negative Confirmation
 Requests that the customer only respond when they disagree w amt due to client
 SSA 505(15): Only use if ALL of the following conditions are present:
o Auditor assessed RMM as low  sufficient appropriate audit evidence regarding
operating effectiveness of controls relevant
o Population contains large number of small, homogeneous account balances
o Very low exception rate is expected
o Unaware of circumstances or conditions that would cause recipients to disregard request
o Aka. CR is low
Assertion that can be tested for confirmation for AR

 Existence: Response from the customers indicate that the accounts receivable exists
 Occurrence: The customer can confirm that the sales order recorded as part of the company’s
account receivable did indeed occur. Furthermore, the customer can offer reference to an invoice
as evidence when responding back as evidence that funds are owed to the client
 Rights and Accuracy: When customers confirm that an invoice is owed to the company, it proves
the assertion that the client has a right to the amount it claims in account receivable. By verifying
the amount, the customer also proves the accuracy of the financial statement
 Cannot prove valuation: Confirmation does not look at the client’s ability to pay
Timing
 AR may be confirmed at an interim date/ YE
 Confirmation request should be sent soon after YE to maximize response rate (before YE,
company may be very busy)
Confirmation Procedures
 Can involve internal auditors, but their work should be supervised, reviewed, evaluated and
tested by external auditor
 Auditor must maintain control over the confirmation process so as to minimize the possibility that
direct communication between the customers and the entity (i.e. confirmation responses may be
altered)
o Mail the confirmation outside the entity’s facilities (i.e. direct mailing from the audit firm’s
office)
o Mail in envelopes with the audit firm’s address listed as the return address when
confirmations are undeliverable ( provide some assurance that fictitious customers are
identified)
102
o Maintain a record of confirmations received and returned
 Second request may be necessary in some cases (if done electronically)
o Verify the source and contents of communication sent by electronic media by telephone
call or written representation
 For each exception received, auditor should examine reasons between balance on client’s books
& balance indicated by customers (Could be due to timing differences) (SSA 505(14))
o SSA 505(A21-22) Must evaluate whether misstatement is indicative of fraud (SSA 240)
o SSA 530(14) For test of details, auditor shall project misstatements found in the sample to
the population
SSA 505(7) Auditor should maintain control over external confirmation requests; including
(a) Determining the info to be confirmed/ requested
(b) Selecting appropriate confirming party
(c) Designing confirmation requests, including determining that requests are properly addressed
& contain return info for responses to be sent directly to auditor
(d) Sending requests, including follow-up requests, when applicable, to confirming party
SSA 505(12) In the case of non-response, the auditor shall perform alternative audit procedures to
obtain relevant & reliable audit evidence
 For AR balances – examining specific subsequent cash receipts, shipping documentation, and
sales near the period-end.
 For AP balances – examining subsequent cash disbursements or correspondence from third
parties, and other records, such as goods received notes.
 Authenticate validity of confirmations over electronic
 Further audit evidence where doubts exist, phone call
SSA 505(A12) When a party responds electronically

 Risks to reliability as proof of origin & authority of the respondent may be difficult to establish,
and alterations may be difficult to detect
 Process used by auditor and respondent that creates a secure environment for responses
received electronically may mitigate risks. validating identity of a sender of info in electronic form
o Use of encryption, electronic signatures, procedures to verify web site authenticity,
phone call
Alternative Procedures (when auditor does not receive responses to positive confirmation)
Examination of subsequent cash receipts
 Check the accounts receivable subsidiary ledger for payments of the specific sales invoices
included in the customer’s account receivable balances that were outstanding at the date of the
confirmation
 If entity’s control for recording cash receipt is strong  auditor will stop
 Else the auditor may extent the testing by tracing the payment in the subsidiary ledger to cash
receipts journal and to the bank statement  auditor can stop if customer has paid for goods and
has strong evidence concerning the existence and valuation
Examination of shipping documents
 Look for original customer order and shipping document
Examination of other client documentation
 Whether customer exist
103
Auditing Other Receivables
Other receivables that are reported on the B/S may include
 Receivables from officer & employees
 Receivables from related parties
 Notes receivables
Similar to trade AR, each of these types of receivables is confirmed & evaluated for collectability. The
transactions arising from related parties receivables are examined fo repayment terms & whether
interest income has been properly recognized
Auditing Estimates
 F/S estimates that cannot be precisely measures
o E.g. allowance for uncollectible accounts, FV of goodwill, provision for warranty, inventory
obsolescence, revenue recognition of LT contracts
 Nature & reliability of info avail affects degree of estimation uncertainty à affects RMM of
accounting estimates, including susceptibility to unintentional & intentional management bias
Risk Assessment
 Obtain an understanding of data, assumptions, methods used by management and relevant
controls
 Review outcome of prior period accounting estimates
Responses
 Consideration of events up to date of auditors’ report
o If events happened, showed that estimates were either accurate/ inaccurate
 Testing estimation process, data, method & assumptions used by management
 Testing operating effectiveness of controls over estimation process
 Developing an independent point estimate or range to evaluate management’s point estimate
 Considering use of experts
 Evaluating adequacy of disclosure of estimation uncertainty (for significant risks)
Evaluating the Audit Findings

Comparing Aggregated Identified Misstatement to Materiality
 To determine if identified misstatement would affect audit
 Auditor requests the client to correct identified misstatements
 Compares the uncorrected misstatements w materiality to conclude whether F/S are fairly stated
Uncorrected Misstatements
 If uncorrected misstatements in AR, when considered tgthr w other uncorrected misstatements
are less than materiality, auditor may accept that the F/S are fairly presented
 If uncorrected misstatements exceeds materiality, auditor should conclude that F/S are not fairly
presented
104
Seminar 9 – Auditing the Purchasing Process
Audit Significance: Purchasing Process

 Affects various material accounts:
o Inventory (for trading & manufacturing firms)
o PPE, AP and Cash
 High volume of transactions (reliance on controls)
 RMM due to fraud and errors
o Understatement of liabilities (AP)
o Fraudulent cash disbursement
o Classification (PPE vs Inventory), Valuation, Impairment issues
 Business risks – major source of cash outflow, ability of acquired assets to generate future cash
inflows
3 Types of Transactions & F/S Accounts Affected

Purchase transaction  Accounts payable
 Inventory
 Purchases/ COGS
 Various asset & expense accounts
Cash disbursement transaction  Cash
 AP
 Cash discounts
DR AP
CR Cash
CR Purchase Discounts
Purchase return transaction  Purchase returns & allowances
DR AP
CR Purchases returns & allowances
 AP
Major Purchasing Functions

Functions Description
Requisitioning  Request for goods and services by an authorized individual from any
(User department) department or functional area within the entity  Create purchase requisition
 Organizational control: Establishment of authorization monetary limit for
different level of employees and executives
Purchasing  Approval of purchase orders and proper execution as to price, quality,
quantity and vendor
 Ensure that goods and services are acquired at appropriate quantities and at
the lowest price consistent with quality standards
 Responsible for sourcing for quotes from multiple vendors
 Create PO according to approved vendor file and send to vendor
105
Receiving  Responsible for receiving, counting and inspecting goods received from
vendors
 Received PO (without qty)  forces them to refer to check qty and increase
accuracy
 Compare description of goods received with PO to ensure type, qty and
condition (DO, PO and Shipping document)
Invoice Processing  Process invoices and ensure all goods and services received are recorded as
expenses/assets, and corresponding liability is recorded
 Involves matching purchase orders to receiving report to vendor invoices to
verify compare terms, quantities, prices and extension
 Responsible for purchased goods returned to vendors
 Processing of adjustments for allowances, discounts and returns
Disbursements  Responsible for authorizing EFTs and preparing, signing and mailing
cheques (i.e. the person who prepare the cheque, sign the cheque and mail
the cheque must be different)
 Verify that there is sufficient supporting documents that the disbursement is a
legitimate business purpose (i.e. authorized and account distribution is
appropriate)
 Mark the status of each documentation as “CANCELLED” or “PAID”
Accounts Payable  Responsible for ensuring that all vendor invoices, cash disbursements and
adjustments are recorded in the accounts payable
 Match documents and prepare voucher package
o PO, RR, Invoice
o Check mathematical accuracy of supplier invoice (freights, discounts)
 Enter vouchers into voucher register
General Ledger  Ensure that all purchases, cash disbursements and payables are properly
accumulated, classified and summarized in the accounts
Documents and Records in Purchasing Process

Documents Description
Purchase  Internally generated document that request goods or services for an
Requisition authorized individual
Purchase Order  Internally generated document that include the description, quality, quantity
and the vendor whom goods and services being purchased
 Indicate who approved the acquisition and represent the authorization to
purchase the goods or services
Receiving Report  Records the receipt of the goods
 Often it is a copy of the purchase order with the quantities omitted (a.k.a blind
copy)
o Encourages the receiving department to make independent, adequate
count of the goods
Vendor Invoice  Bill from the vendor that includes the description and quantity of the goods
shipped or services provided
Voucher  Control payment for acquired goods and services
 Basis for recording a vendor’s invoice in the voucher register or purchases
journal
106
Voucher Package  Combination of purchase requisition, purchase order, receiving report and
vendor invoice
 Contains all the relevant documentation supporting a purchase transaction
via 3-way matching
Voucher Register  Use vouchers to record for goods and services
 Details of accounts payable are normally represented by a list of unpaid
vouchers
Purchases Journal  Use vouchers or vendors’ invoice to record the liability
 Details of accounts payable are represented by vendor
Accounts Payable  If use Purchase Journal: It records the transactions with, and the balance
subsidiary ledger owed to, a vendor
 If use Voucher Register: It is a listing of the unpaid voucher
Vendor Statement  Periodically sent by the vendor to indicate the beginning balance, current
period purchases and payments, and ending balance
 Show the purchases activities from the vendor’s perspective
Electronic Fund  Disbursement, approved by an individual of authority that pays for
Transfer / Cheque goods/services
Cash  Records disbursement made electronically or by cheque
Disbursement  Payment recorded in the cash disbursement journal are also recorded in the
Journal voucher register or in the accounts payable subsidiary ledger

Segregation of Duties
Segregation of duties are an important test of control for the purchasing process. It is the major control
activity the prevent fictitious purchases
Purchasing function / Fictitious or unauthorized purchases can be made, resulting in
Requisitioning function and  Theft of goods
Receiving function  Payment for unauthorized payments
Invoice Processing function / Purchase transactions can be processed at the wrong price or
Accounts Payable function on incorrect terms (i.e. invoice processing function may record
wrongly or match wrong terms)
Cash disbursement can be processed for goods and services
not received (i.e. accounts payable can create fake records in the
journal, thus creating fake documents)
Resulting in overpayment for goods and services or the theft of cash
Disbursement function / Unauthorized payments supported by fictitious documents can
Accounts Payable function be issued
 Unauthorized transactions can be recorded
 Theft of cash
Accounts Payable function / Can conceal any defalcation that would normally be detected by
General Ledger function reconciling records with the general ledger control account
Invoice Processing function / Fictitious invoices can be processed and then render payment to
Disbursement function the vendor
Purchasing function / Fictitious purchase orders can be made, resulting in possibly
Disbursement function payment for fictitious purchase orders
107
Inherent Risk Assessment
Industry-related factors
 Stable supply of raw materials (huge number of vendors that supply raw materials)
o Lower risk that entity’s operations will be affected by RM shortages
 Low volatility of raw material prices
o Lower risk that entity will have difficulty in controlling production cost
 For technology sector  usually dependent on 1 vendor (eg specialised computer chip – if
supplier is late, will be affected)
 Affects valuation assertion
present during the current audit

SSA 315(R). 14-23 The 5 components of internal control (to assess control risk)
1. Obtain an understanding of the control environment
2. Obtain an understanding of the risk assessment process
3. Obtain an understanding of the information system
4. Obtain an understanding of the control activities
5. Obtain an understanding of the monitoring of internal control
6. Document understanding of internal control (document in audit file)
For each major class of transactions in the purchasing process, the auditor must obtain the following
information:
 How purchase, cash disbursements and purchase return transactions are initiated
 The accounting records, supporting documents and accounts involved in processing purchases,
cash disbursements and purchase returns
 The flow of each type of transaction from initiation to inclusion in the F/S, including computer
processing
 The process to estimate accrued liabilities
Test of Controls for Purchasing Transactions

Occurrence of Purchase
Misstatement
Purchases Segregation of Duties Existence:
recorded, between Authorization Observe and evaluate that there is proper segregation
goods/ (requisitioning, of duties
services not purchasing), Recording
ordered or (AP) and Payment
received (disbursement)
108
Purchase is recorded Existence:
Fictitious or only with approved PO & Test a sample of vouchers for the presence of an
non-existent receiving report authorized PO and receiving report
purchases
recorded  If IT application, examine application controls to make
overstate sure this control exists
assets and
expenses Effectiveness:
Reperform by doing sales entry
Accounting for numerical Existence:
sequences of receiving Inspect sales invoices for sequential numbering
reports and vouchers
Observe checking process of numerical sequences, see
Fictitious purchases: if there are any markings to indicate that client has
RR or vouchers will be checked the numerical sequence
numbered outside
sequence) Effectiveness:
Review and test entity controls for accounting for
numerical sequence of sales invoices
If IT application, examine application controls

Cancellation of Existence:
documents prevents the Examine paid vouchers and supporting documents for
double entry of purchases indication of cancellation
Completeness of Purchase
 A strong control can reduce the scope of search for unrecorded liabilities at YE
Misstatement
Purchases Accounting for numerical Existence:
made, but not sequences of PO, receiving Inspect sales invoices for sequential
recorded  report and vouchers numbering
understate (contains invoice)
assets & Observe checking process of numerical
expenses sequences, see if there are any markings to
indicate that client has checked the numerical
sequence
Effectiveness:
Review and test entity controls for accounting for
numerical sequence of documents
If IT application, examine application controls
109
Receiving reports matched Existence:
to vendor invoices and Observe process
entered in purchases journal
Effectiveness:
Trace a sample of receiving reports to respective
vendor invoices and vouchers (which will then be
traced to voucher register).
This can either be manual or automated
Trace sample of vouchers to purchase journal or

voucher register
Existence of Inventory (“Authorisation”)

 Transactions and events that have been recorded have occurred and pertain to the entity
Misstatement
Purchase of Approval of acquisitions Existence:
goods/services consistent with client’s Review client’s monetary limit authorization for
not authorized authorization monetary limits acquisitions
Authorization schedule that Existence:
stipulates the maximum amount Examine approval of purchase requisitions or
employees are allowed to POs for consistency with authorisation
authorized to purchase schedule
Approved purchase requisition Existence/Effectiveness:
and PO Examine purchase requisitions or PO for
proper approval;
If IT is used for automatic ordering, examine

application controls
Purchase at Competitive bidding to ensure Existence:
unauthorized purchases are made within Review competitive bidding procedures
prices/ authorized prices. To ensure that
unauthorized goods are purchased at
vendor competitive prices & competitive
terms
Accuracy of Purchase
Misstatement
Vendor invoice Verify mathematical accuracy of Existence:
improperly vendor invoice Observe process
priced or
calculated Effectiveness:
Recompute the mathematical accuracy of
vendor invoice
110
Agree PO to receiving report and Existence:
vendors’ invoice for product, qty, Observation
price (3-way match) Agree information on a sample of voucher
 PO should contain expected packets (3 docs) for product, qty and price.
price for goods purchased based
on price quotes Effectiveness: Reperform
 If purchased w contract,
stipulated prices should be in
contract
Purchase Voucher reconciled to daily AP Existence:
transactions listing (or daily postings to Examine reconciliation of vouchers to daily
not posted to purchases journals) AP report (or reconciliation of entries in
the purchase Then reconciled with postings to journal with entries to AP sub records)
journal or the AP sub records
AP subsidiary If IT application, examine application
records or GL controls
Reconcile voucher register or AP Existence:
sub records to GL control account Review reconciliation of sub records to GL
control account
If IT application, examine application

controls
Cut-off of Purchase
Misstatement
Purchase Forward all receiving reports to Existence:
transactions AP department daily Observe
recorded in
wrong period Effectiveness:
Compare the dates of receiving reports with the
dates on relevant vouchers (created by AP) to
know the lag time (there shouldn’t be a long period
between them)
 Should record purchase when you receive them
Existence of procedures that Existence/Effectiveness:
ensure prompt recording of Compare dates of vouchers to date of recording
purchases after goods/ purchase journals
services are received
111
Classification of Purchase
Misstatement
Purchase Chart of accounts Effectiveness:
transactions not Review purchases journal and general ledger for
properly reasonableness
classified
 misstatement
for asset and Independent approval and Existence:
expenses review of general ledger Examine a sample of vouchers for proper
accounts charged for classification
acquisition
 Dept that orders goods to Effectiveness:
indicate which general Review general ledger for reasonableness
ledger account to charge.
 AP personnel to then
review account distribution
for reasonableness
Test of Controls for Cash Disbursement Transactions

Occurrence of Cash Disbursement
 Primary control activities to prevent misstatements include:
o Proper segregation of duties
o Independent reconciliation
o Review of vendor statements
o Monthly bank reconciliations
 Electronic disbursement of cash reduces the risk of cheques getting lost/ stolen
Misstatement
Cash Segregation of duties Existence:
disbursement between disbursement and AP Observe and evaluate that there is proper
recorded but not segregation of duties
made Review vendor statements Effectiveness:
(eg. cheque lost independently and reconcile Review procedures for reconciling vendor
or stolen before to AP statements
mailed) Prepare and review bank Effectiveness:
reconciliations regularly Review bank reconciliation for indication of
independent review
112
Completeness of Cash Disbursement
Misstatement
Cash Segregation of duties between Existence:
disbursement disbursement and AP Observe and evaluate that there is proper
made but not segregation of duties
recorded Review vendor statements Effectiveness:
independently and reconcile to AP Review procedures for reconciling vendor
statements
Prepare and review bank Effectiveness:
reconciliations regularly Review bank reconciliation for indication of
independent review
Management reviews listing of cash Existence:

disbursement prior to release (review Examine and test indication of management
listing against records before sending reviews listing of cash disbursement
cash disbursement out)
Daily cash disbursement reconciled to Existence:
postings to AP subsidiary records Observe
Effectiveness:
Review client’s procedures for reconciling daily
cash disbursements with postings to AP
subsidiary records
If IT applications, test application controls
Existence of Inventory (“Authorisation”)

 Poor segregation of duties increases the likelihood unauthorized cash disbursements are made
 The individual who approves a purchase should not have direct access to the cash disbursement
Misstatement
Cash Segregation of duties between Existence:
disbursement purchase approval and cash Observe and evaluate segregation of duties
not authorized disbursement
Electronic cash disbursements Existence:
transfers and cheques Examine indication of approval on voucher packet
prepared only after all source
documents have been
independently approved
(Purchase requisition, PO, RR,
vendor invoice)
113
Accuracy of Cash Disbursement
 One of the major audit concerns is the payment amount is recorded incorrectly
 To detect such an error, client personnel should reconcile the total of electronic cash
disbursements transfer and the cheques issued each day with the daily cash disbursements
report
Possible Control Activity Test of
Misstatement Control
Cash disbursement Reconcile daily cash disbursement Effectiveness:
recorded at report to EFTs and cheques issued Review reconciliation
incorrect amount
Reconcile vendor statements to AP Effectiveness:
records and ensure they are Review reconciliation
independently reviewed
Regularly reconcile and Effectiveness:
independently review bank Review bank reconciliation
statements
Cash disbursement Vendor statements reconciled and Effectiveness:
posted to the wrong independently reviewed Review reconciliation
vendor account
Cash disbursements Cash disbursement report Effectiveness:
journal not properly reconciled with postings to cash Review and testing of reconciliation
posted to disbursement journals and AP sub
 Cash disbursement records
journal,
 AP subsidiary Monthly cash disbursements journal Effectiveness:
records, or agreed to general ledger postings Review postings from cash
 GL disbursements journal to general ledger
AP subsidiary records reconciled to Effectiveness:
general ledger control account Review reconciliation
Cut-off of Cash Disbursement

 Reviewing reconciliation of payment transfers with postings to cash disbursements journal and
AP subsidiary records
 Auditor also tests cash disbursements before and after YE to ensure that transactions are
recorded in the proper period
Misstatement
Cash Reconciliation of electronic funds Existence: Observe
disbursement transfer and cheques issued to cash Effectiveness:
recorded in disbursement journals and AP Compare the dates of receiving reports with
wrong period subsidiary records the dates on relevant vouchers (created by
 To ensure its recorded in the AP) to know the lag time
correct period Review reconciliation of payment transfer
and posting to cash journal
114
Reconcile cash disbursement at, Effectiveness:
before and after accounting period Review reconciliations
 Ensure recording in appropriate
period
Procedures that ensure prompt Effectiveness: Reperform
recording of cash disbursement.
E.g: simultaneous recording when
cash disbursement is prepared.
When cheques are prepared in an IT

system, payment is simultaneously
recorded in accounting records by
application programs that control
transaction process
Classification of Cash Disbursement

Misstatement
Cash disbursement Chart of Accounts Effectiveness:
posted to the wrong Review Cash disbursement journal for
account reasonableness of account distribution
Independent approval and Effectiveness:
review of GL account on Review GL account code on voucher packet
voucher packet for reasonableness
Test of Controls for Purchase Returns

 Generally, number and magnitude of purchase return transactions are not material
 Auditor normally does not test controls relating to purchase returns
o However, due to the high possibility of manipulation, auditor should enquire about how
client controls purchase returns transactions
o When goods are returned to vendor, client might prepare a debit memo that decreases
amount of AP. The debit memo is processed through the purchasing process, similar to
vendor invoices
 Substantive testing is used to test reasonableness of account
o Substantive analytical procedures (Comparison of purchase returns as % of revenue to
prior years and industry data)
115
 Compare Accounts Payable Turnover/ Days  Understatement /
AP and Accrued
outstanding to previous years’ / industry data Overstatement of Liabilities


Expenses
Compare current year balances in Accounts Payable and Expenses.

and Accruals with prior years’ balances
 Compare amounts owed to individual vendors in the
current year’s Accounts Payable listing to amounts
owed in prior years.
 Compare purchase returns and allowances as a  Understatement/
Purchase
Returns
percentage of revenue or cost of sales to prior years’ Overstatement of Purchase

and industry data. Returns
Test of Details – Classes of Transactions (P/L)

Assertion Substantive Test of Details
Occurrence of Purchase  Test sample of vouchers for presence of authorized PO and RR
*Completeness of Purchase  Trace a sample of vouchers/RR to purchase journals
Accuracy of Purchase  Recompute mathematical accuracy of a sample of invoice

*Cut-off of Purchase  Physical inventory count
Proper cut-off should be  Compare dates of sample vouchers to dates of transactions
determined for purchase return recorded in purchase journal
transactions  Test transactions around year end to determine if they are
recorded in proper period
 Vouch large monetary items from purchase journal and cash
disbursement journal to supporting documents
Classification of Purchase  Verify classification of charges for a sample of purchase
transactions
Test of Details – Account Balances (B/S)

Assertion Substantive Test of Details
*Completeness of AP  Obtain listing of AP and agree total to GL
 Inquire management abt control activities used to identify
unrecorded liabilities at the end of the period
 Examine the files of unmatched purchase orders, receiving reports,
and vendor invoices for any unrecorded liabilities
 Obtain copies of vendor’s monthly statements and reconcile the
amounts to the client’s AP records (vendors accounts)
 Confirm vendor accounts, including accounts w small or zero
balances
 Vouch large monetary items from the purchases journal and cash
disbursements journal for a limited time after YE
o Determine date of each receiving report and vendor invoice
to see if liability relates to current period
116
Existence of AP  Vouch a sample of items on listing of AP and schedules for accruals
Auditor’s major concern is to voucher packets / other supporting documents (G/L to source)
whether the liabilities are  Obtain selected vendors’ statements and reconcile to vendor
valid obligations of the entity accounts
 Send confirmation to vendors on AP balance
Rights & Obligations of AP  Review voucher packets for adequate supporting documents
There is little risk related to (presence of purchase requisition, PO, receiving report and invoice)
this assertion as clients
seldom have the incentive to
report liabilities that aren’t
obligation of the entity
Valuatn & Allocation of AP  Obtain listing of AP and account analysis schedules for accruals;
AP is recorded at gross amt foot listing and schedules  agree totals to GL
of invoice OR net of cash  Trace selected items from AP listing to subsidiary records and
discounts amt voucher packets
 Review results of confirmations of selected AP
Valuation of accruals  Obtain selected vendors’ statements and reconcile to vendor
depends upon type & nature accounts
of accrued expense  Examine adequacy of allowance for bad debts
 Examine underlying source document
Most accruals are easy to  SSA 540 Is guide to audit client estimates (warranties, accrual for
value (E.g. Taxes, interest) bonus expense)
Test of Details - Presentation/Disclosure

*Must disclose related party tx & purchase commitment
Assertion Substantive Tests
Occurrence, Rights Inquire about Accounts Payable and accrued expenses to ensure that they are
& Obligations properly disclosed
Completeness Complete financial reporting checklist to ensure that all financial statement
disclosures related to accounts payable and accrued expenses have been
disclosed
Classification, and Review listing of Accounts Payable for material debits, long-term payables and
Understandability non-trade payables (i.e. to ensure that they are properly classified)
Determine whether such items require separate disclosure on the balance sheet
Accuracy and Read notes and other information to ensure that the information is accurate and
Valuation properly presented at the appropriate amounts
117
Accounts Payable Confirmation
Used less frequently than AR because the auditor can test accounts payable by examining vendor
invoices and monthly vendor statements
 Vendor invoices and statement are more reliable, as it originates from sources external to the
entity
Accounts Payable confirmation

 Primarily test the completeness assertion
 If the entity has strong control activities that accounts payable are recorded, the auditor must not
focuses only on confirmation on large-monetary accounts, but also on regular vendors that have
small or zero balances
 Generally use a form of positive confirmation, also known as blank or zero-balance confirmation
 Mailed at year-end
Alternative procedures if the vendors do not respond to accounts payable confirmation

 Examine subsequent cash disbursement
 Examine correspondence from third parties and other records
 Examine the statement that the entity receives from vendors
118
Seminar 10 – Auditing the Inventory Management Process
Inventory are valued at the lower of cost and NRV
Audit Significance: Inventory Process

 Critical for trading and manufacturing companies
 High volume of transactions (reliance on controls)
 Valuation issues
o Different costing methods
o Provision for inventory obsolescence
o Lower of cost and NRV (reviewed at YE?)
 High RMM due to fraud and errors
o Fictitious or overvalued inventory
o Inventory pilferage and loss (reduction in inventory due to theft or shoplifting)
 Intense competition: problems with proper valuation
 Perishable products (yoghurt, fresh fruits) and fast changing (high tech) industry: obsolescence of
inventory
 Small and high value inventory (jewelry): susceptible to theft
 Related party transactions: inventory will be overstated
Overview of the Inventory Management Process
119
Major Functions of Inventory Department
Inventory  Authorization of production activity and maintenance of inventory at
Management appropriate levels, issuance of purchase requisition to the purchasing
(a.k.a production departments
management)  Manage inventory through planning and scheduling manufacturing activities
Raw materials  Responsible for the receipt, custody and issuance of raw materials
stores  Only issue raw materials upon the receipt of material requisition from the
respective department
Manufacturing  Responsible for producing the product
 Adequate control over physical flow of goods
Finished Goods  Responsible for storage and control over finished goods
Stores  Issue finished goods upon receipt of shipping order and sent to shipping
department
Cost Accounting  Responsible for ensuring cost are properly attached to inventory as goods are
processed through the manufacturing
 Review the cost accumulation and variance reports
General Ledger  Ensure that all inventory, cost of production are properly accumulated,
classified and summarized
Types of Documents and Records

Production  Prepare periodically based on the expected demand (i.e. current backlog or
Schedule sales forecast) for the entity’s product
 Determine the quantity of goods needed and the time they must be ready
Receiving  Record the receipt of goods from vendor
Report  Used to update the entity’s perpetual inventory records
Materials  Used by manufacturing companies to track materials during production process
Requisition  Authorize the release of raw materials from the raw materials department
Inventory  Contain all the important information (i.e. standards cost for inventory valuation)
Master File related to the entity’s inventory, including perpetual inventory records
Production Data  Information about the transfer of goods and related cost accumulation at each
Information stage of production
 Helps to update the entity’s perpetual inventory system
 Generate the cost accumulation and variance reports
Cost  Summarize the costs charged to departments and products
Accumulation  Material, labour, OH costs are charged to inventory as part of manufacturing
and Variance process
Report  Present the results of inventory processing in terms of actual cost versus
standard or budget cost
Inventory Status  Show the type of amount of products on hand (a.k.a summary of the perpetual
Report inventory records)
 Determine the status of goods in process
Shipping Order  Record the issuance of goods to customer
 Used to remove goods from perpetual inventory records
120
Physical Inventory Count (ALWAYS REQUIRED)
Auditor NOT required to attend ALL inventory counts but only when inventory is MATERIAL.
Assertion: Existence*, Accuracy, Rights and Obligations, Valuation
Observing Physical Inventory (SSA 501 & AGS 4)

During the observation of the physical inventory count, the auditor should do the following:
 Ensure that no production is scheduled. If production is schedule, proper controls must be
established for movement btwn dept. to prevent double counting
 Ensure that there is no movement of goods during the inventory count
 Make sure that the client’s count teams are following the inventory count instructions
 Ensure that inventory tags are issued sequentially to individual departments
 Perform test counts and record a sample of counts in the working papers
 Obtain tag control info for testing the client’s inventory compilation
 Obtain cut-off info, including the number of the last shipping and receiving docs issued
 Observe condition of inventory for items that may be obsolete, slow-moving or carried in excess
 Inquire about goods held on consignment for others, or held on a ‘bill-and-hold’ basis
SSA 501(4) If inventory is material, auditor shall obtain sufficient appropriate audit evidence regarding
the existence & condition of inventory by:
 Attending the physical inventory counting unless impracticable to
o Evaluate mgmts. instructions and procedures for recording & controlling the result of the
entity’s physical inventory counting
o Observe perf. of mgmt’s count procedures
o Inspect inventory
o Perform test counts (from count record to physical inventory and vice versa
o Perform audit procedures over the entity’s inventory records to determine whether they
accurately reflect actual inventory count results
SSA 501(5) If physical inventory counting is conducted at a date other than date of F/S, auditor shall, in
addition to procedures required by paragraph 4, perform audit procedures to obtain audit evidence about
whether changes in inventory between the count date & date of F/S are properly recorded
 I.e If count dates is before YE, test transactions between count date and YE
SSA 501(6) If auditor is unable to attend physical inventory counting due to unforeseen circumstances,
auditor shall make/ observe some physical counts on alternative date, & perform audit procedures on
intervening transactions
SSA 501(7) If attendance at physical inventory counting is impracticable, auditor shall perform
alternative audit procedures to obtain sufficient appropriate audit evidence regarding existence &
condition of inventory. If not possible, the auditor shall modify the opinion in the auditor’s report.
SSA 501(8) When inventory under the custody and control of a third party is material to the financial
statements, the auditor shall obtain sufficient appropriate audit evidence regarding the existence and
condition of that inventory by performing one or both of the following:
(a) Request confirmation from the third party (qty & condition of inventory held on behalf of entity)
(b) Perform inspection or other audit procedures appropriate in the circumstances
121
AGS 4 Existence & Valuation of Inventories
 Consider the adequacy and effectiveness of client’s physical count procedures
 Slow-moving, obsolete and damaged inventory
 Goods held for and by 3rd parties
Misconceptions (People usually think they’re wrong, but they are CORRECT)
 The client’s taking of the physical inventory is a control activity
 The auditor uses a combination of observation, inquiry and physical examination
 The auditor’s goal is to obtain reasonable assurance that the client’s method of counting
inventory results in an accurate count, which is therefore a test of controls
 There are no satisfactory alternative procedures to making or observing some counts of items in
inventory for verifying the ending inventory
Stock Count Purposes & Procedures

 To check if instructions are properly followed, to make test counts to ensure procedures and
internal controls are satisfactory
o Possible that there are no instructions, but you cannot accept it.
o Ask client about process, jot it down
o Use that documentation to brief staff
 Auditors select items from count records and physical count and compare to gain assurance as
to completeness and accuracy of count records, giving particular consideration to high value
stocks
Inventory Fraud
 Obtaining advance notice of the timing and location of the count, which can permit the entity to
conceal fictitious inventory at location not visited
 Stack empty containers in warehouse where its contents are not checked during the count
 Falsifying shipping documents to show that inventory is in transit from one location to another
 Falsifying document to show that inventory is located at a public warehouse or other location not
controlled by the entity
If the auditor does not maintain control of the copy of the entity’s final count sheets, the entity can:
 Follow the auditor during the count and adding fictitious inventory to items not tested by auditor
 Entering additional quantities on manual and/or electronic inventory sheets that do not exist or
adding a digit in front of the actual count

Segregation of duties are an important test of control as there is a high potential for theft and fraud
Segregation of Duties Possible Errors/ Fraud
Inventory management function // Manipulation of production and inventory costs
Cost-accounting function  Over/understatement of inventory and net income
Understate inventory used in the
production of the good
122
Inventory stores function (eg. FG) // Unauthorized shipments / theft of goods can be covered
Cost-accounting function up
 Can pretend that it requires $10 of RM to produce goods,
when actual cost of RM is $5. Then you steal the $5 worth of
inventory
Cost-accounting function // General Conceal unauthorized shipments of goods
ledger function  Theft of goods
 Overstatement of inventory
Supervising physical inventory // Inventory shortages (due to thefts) can be covered up
Inventory management and Inventory through adjustment of inventory records to physical inventory
stores functions (RM or FG)  Overstatement of inventory
Inherent Risk Assessment

Auditor should consider industry-related factors, operating and engagement characteristics when
assessing the possibility of a material misstatement
Industry-related factors
 Intensity of industry competition:
o If competition is intense  problems with proper valuation of inventory  Obsolescence
of inventory
 Technology changes in certain industries may also promote MM due to obsolescence (eg
polaroid)
Engagement and Operating characteristics
 Types of products sold by the entity can increase defalcation potential
o Small and high value products like jewellery are more susceptible to theft
 Difficulty in auditing the inventory (ie disagreement with the entity in terms of valuation)
 Related party transactions for acquiring RM and selling FG
o Eg Entity purchase RM from company controlled by CEO at prices in excess of market
value  overstate inventory, cash misappropriated from entity
 Prior year misstatements are good indicators of potential misstatements in current year
Test of Controls for Inventory Transactions

Occurrence of Inventory
 The auditor’s main concern is that all recorded inventory exists
 The auditor should be concerned that goods may be stolen
 Review and observation are the main tests of controls used by the auditor to test the control
activities
Misstatement
Fictitious Segregation of Duties between Existence:
inventory Inventory Management and Store from Observe and evaluate that there is
departments responsible for Inventory proper segregation of duties
and Cost Accounting records
 Prevents operational personnel
from having access to inventory
records and perpetual records
123
 Prevents fictitious recording of
inventory, manipulation of
inventory cost, theft of inventory
Use an approved pre-numbered Existence:
Receiving Report to receive and transfer Observe process
Inventory to Inventory department
Effectiveness:
Review and test procedures for the
transfer of inventory
Use pre-numbered, numerical Materials Existence:
Requisitions to receive and transfer Observe process
Inventory to Manufacturing department
Effectiveness:
Review and test procedures for issuing
materials to manufacturing departments.
Review and test procedures for

accounting for numerical sequence of
material requisitions
Inventory Physical safeguards over inventory Existence:
recorded but  Especially over small items that are Observe the physical safeguards over
not on hand more susceptible to theft inventory
due to theft
Effectiveness:
Review past cases
Completeness of Inventory
 Primary control activity relates to recording inventory that has been received
 Controls are closely related to the purchasing process (Refer to Seminar 9)
Misstatement
Inventory Accounting for numerical sequence Existence:
received but not of POs, RRs and Vouchers Observe process
recorded
Effectiveness:
Review entity’s procedures for accounting
for numerical sequence
RRs matched to vendor invoices and Effectiveness:
entered in the purchases journals Trace a sample of RR to their respective
vendor invoices and vendors
Trace a sample of vouchers to the

purchases journal
Consigned goods Procedures to include goods out on Existence/Effectiveness:
not properly consignment and exclude goods held Review and test entity’s procedures for
accounted for on consignment consignment goods. Contractual documents
124
*Accuracy of Inventory
 Inventory transactions that are not properly recorded results in misstatements that directly affect
the amounts reported in the F/S
 Inventory purchases must be recorded at the correct price & quantity received
 Inventory shipped must be properly recorded in COGS and the related revenue recognized
Misstatement
Inventory quantities Periodic or annual comparison of Effectiveness:
recorded incorrectly goods on hand with amounts Review and test procedures for taking
shown in perpetual inventory physical inventory
Review the reconciliation of perpetual

inventory to general ledger control a/c
Inventory & COGS Standard costing procedures Effectiveness:
not properly costed (that are reviewed by managem) Review and test procedures used to
 Should approximate to actual develop standard costs
cost
 Presence of large variances is
a signal that inventory may not
be valued correctly
Management periodically reviews Effectiveness:
cost accumulation and variance Review and test costs accumulation and
reports variance report
Inventory Inventory management personnel Effectiveness:

obsolescence review inventory for obsolete, Review and test procedures for identifying
slow-moving or excess quantities obsolete, slow-moving or excess quantities
 Procedures for valuation
Unauthorised Inventory planning systems Existence: Observe
purchase/ (Material requisition planning
production activity systems / JIT) Effectiveness:
 Excess of FG  Limits unauthorized production Review and test procedures for developing
inventory levels and procedures used to
control them
125
Cut-off of Inventory
 Could affect number of accounts – COGS, Inventory, Purchases
Misstatement
Inventory Process all receiving reports daily to Existence:
transactions record receipt of inventory Observe
recorded in  Compare date receiving report with
wrong period payment voucher Effectiveness:
Review and test procedures for processing
inventory included on receiving report into
the perpetual records
Process all shipping documents daily Effectiveness:
to record shipment of finished Review and test procedures for removing
goods inventory from perpetual records based on
 Compare date of shipping doc with shipments of goods
sales journal
Classification of Inventory
 Must have proper procedures to classify inventory  RM, WIP, FG
By knowing which manufacturing department holds inventory, auditor will be able to classify it by
type
Misstatement
Inventory transactions Materials requisitions and Review the procedures and forms used to
not properly classified production data forms are used classify inventory.
among raw materials, to process goods through
work-in-process and manufacturing.
finished goods

 Compare raw material, finished goods and total inventory  Obsolete, slow-moving or
turnover to previous years’ and industry averages. excess inventory.
 Compare days outstanding in inventory to previous years’
and industry average.
 Compare ageing of inventory data to previous years
 Compare Gross Profit % by product line with previous years’  Unrecorded or fictitious cost
and industry data (i.e. a small or negative may indicate issues of goods
related to measurement of inventory at lower of cost or NRV)  Valuation of inventory
 Compare actual cost of goods sold to budgeted amounts.  Overstated / Understated
 Compare current-year standard costs with prior years’ after inventory
considering current Inventory conditions.
 Compare actual manufacturing overhead costs with  Inclusion or exclusion of
budgeted/standard costs (materials, labour, overheads) overhead costs.
126
Test of Details – Inventory Management Transactions (P/L)
Occurrence  Vouch a sample of inventory addition transaction (purchases) to receiving report
and purchasing requisition
Completeness  Trace a sample of receiving reports to inventory records (ie master file, status
report)
*Accuracy  Recompute the mathematical accuracy of a sample of inventory transactions
(PxQ)
 Audit standard costs/ other methods to price inventory
 Trace costs used to price goods in inventor compilation to standard costs or
vendors’ invoices
 Test a sample of physical inventory and trace to management inventory records
Cut-off  Trace a sample of time cards before and after period end to the appropriate
weekly inventory report
 Trace weekly inventory report to GL to verify inventory transactions are recorded
in the proper period
Classification  Examine a sample of inventory checks for proper classification into expense
accounts
Test of Details – Inventory Account (B/S)

Existence  Observe count of physical inventory
 Trace items selected from management’s count records to physical inventory
 Request confirmation from third party that holds your goods on consignment
Rights &  Verify that inventory held on consignment for others is not included
Obligations  Verify that consigned inventory are included
 Verify that ‘bill-and-hold’ goods are not included
Completeness  Trace test counts and tag control information to the inventory compilation
 Observe count of physical inventory and ensure that count team have placed
count tags on all inventory item
 Send confirmation to consignee for goods on consignment
 Physically observe inventory at other warehouse
Valuation and  Undertake test of inventory pricing (unit cost test) – refer below
Allocation  Check subsequent sales prices and compare with cost
 Obtain a copy of the inventory compilation and agree totals to general ledger
 Trace test counts and tag control info to inventory compilation (Eg total = PxQ)
 Test mathematical accuracy of extensions and foot the inventory compilation
o To check the extensions on a purchase invoice: to verify that the no. of
units of item multiplied by unit cost agrees with total dollar amt for each
item. (E.g.if 15 units of Item Q, unit cost of $5, total cost for Item Q =
$75.)
o To foot the invoice: Add up the extended costs and verify the total with
the amt appearing as the total on the invoice. (E.g. if the invoice has
extended costs of $75 for Item Q & $210 for Item Z, invoice total = $285.)
 Inquire management concerning obsolete, slow-moving or excess inventory
127
 Review entity’s procedures for identifying obsolete, slow-moving or excess
inventory, and if there is such inventory, determine whether inventory has been
properly written down
 Review book-to-physical adjustment for possible misstatements (perpetual)
o Book value – inventory on transit – inventory on consignment – estimated
sales return  should tally if not:
o Perpetual records not updated accurately, stolen, lost or theft
Inventory Pricing Test / Unit Cost Test

FIFO
 Costs for purchased inventory should be traced to appropriate vendor’s invoices consistent w
accounting method used
 (For selected sample of inventory item in inventory list, verify unit cost stated in the inventory list to
respective suppliers’ invoice. Ensure no discrepancy in unit cost, and movement follows FIFO)
 Inventory on hand should be priced using the most recent vendor’s invoices
 Auditor must be careful to examine enough invoices to cover all units on hand
 If turnover is fast, audit can obtain most recent suppler invoice prior to yr end and compare with unit
cost per the invoice (last bought should appear in B/S)
 Check subsequent sales prices and compare with cost (lower of costs and NRV test)
Check for capitalization of inward freight cost if purchased from overseas suppliers (e.g. inventory
turnover = 2 months, so if inventory is bought in Nov and not sold by year end, need to capitalize)
Weighted average
 Request for detailed movement of inventories, verify to supporting docs, and test the accuracy of
weighted average costing
 Request client to do print-out check computation of WA (see if calculation is correct)  WA cannot
be done manually
 But if cannot generate detailed movement of inventories, auditor can assess inventory turnover
o If fast, can vouch to most recent supplier invoice to test weighted average costing, assuming
sales and purchases have been verified
o If slow, test individual inventory movements, which is okay since slow à minimal movement
Specific Identification Method

 Used by company selling unique, expensive product
 Inventory on hand should be priced based on the invoice representing the purchase of the item
Review selling price of inventory to ascertain lower of cost and NRV
128
Test of Details – Disclosure of Inventory Items (FS)
Assertions Substantive Tests
Occurrence, Rights  Inquire of management and review any loan agreements and Board
& Obligations  Minutes for any indication that inventory has been pledged or assigned
 Inquire of management about issues related to warranty obligations.
Completeness  Complete financial reporting checklist to ensure that all financial
statement disclosures related to inventory are made^
Classification, and  Review inventory compilation for proper classification among raw
Understandability materials
Accuracy and  Read notes and other information to ensure that the information is
Valuation accurate and properly presented at the appropriate amounts.
^Examples of Disclosure items for Inventory & Related Accounts:

 Cost method (FIFO/ WA) à LIFO is not permitted by FRS
 Components of inventory (RM, WIP, FG)
 LT purchase contracts
 Consigned inventory
 Purchases from related parties
 Pledged/ assigned inventory
 Expenses from write-downs of inventory or losses on long term purchase commitments
 Warranty obligations
(Refer to Revenue for Auditing Estimates)
129
Seminar 11a – Auditing the HR Management Process
Overview
 HR process starts with the establishment of sound policies for hiring, training, evaluation
counselling, promoting, compensation, and taking remedial actions for employees
 Main concern involves payroll transactions once an employee has been hired
2 Main Types of Transaction

Payroll Transaction  Cash
(payments for services  Inventory
rendered)  Direct & indirect about expenses
 Various payroll-related liabilities and expense accounts
Accrued Payroll Liability  Cash
Transactions  Various accruals (e.g. payroll taxes & pension costs)
Types of Documents and Records

Personnel  Information on each employee’s work history (i.e. hiring date, wage rate or
records salary, payroll deduction authorization forms, performance evaluation)
Deduction  Authorization form that authorize the organization to make deduction from the
Authorization employee’s pay
Form
Time card/Time  Record the hours worked by the employee, including the time the employee has
sheet started and stopped work
 Could be done by employee filling in the time worked, or swiping an employee
identification card
Direct deposit  Record that indicate the amount paid to the employee for the service rendered
record / Payroll  Entity will produce a listing of employee’s payments that were transferred to
cheque their bank accounts if pay is deposited straight into an employee’s bank account
Payroll register /  Document that summarizes all payroll payments issued to employees
Payroll journal  Indicate employee’s gross pay, deduction and net pay
Payroll master  Maintain all the entity’s record related to payroll (i.e. information on each
file employee, pay rate, tax rate etc)
Payroll master  Record of the changes made to the payroll master file
file changes  Review this report to ensure that all authorized changes have been properly
report made
Periodic Payroll  Summary of payroll reports
reports  Might show the allocation of direct labour to various products and monitor
payroll expense variances
Various tax  Tax payments to government
report
130
HR Management Process Functions
Human  Authorisation of hiring, firing, wage-rate, salary adjustments, salaries and
Resources payroll deductions
 Responsible for managing personnel needs of the organization
o Hiring and terminating employees
o Setting wage rates and salaries
o Establish and monitoring employee benefits programmes
 Maintain employees’ personnel records
 Responsible for defining job requirements and descriptions, administering
union contacts, development performance criteria and employee evaluation
procedures
Supervision  Responsible for reviewing and approving employees’ attendance and time
information
 Approve timesheet/documents that record an employee’s time worked
 Responsible to submit a periodic attendance and job classification on the
employees to the payroll function
 Monitor labour cost and labour productivity variances
Timekeeping  Prepare and review employee’s time information for payroll processing
Payroll  Responsible for computing gross pay, deduction and net pay
processing  Responsible for recording and summarizing payments, and verify account
distribution
Disbursement  Responsible for paying employees for services and benefits
 Oversee the preparation (IT department) and distribution of the cheque
General Ledger  Responsible for properly accumulating, classifying and summarizing payroll
and benefit transactions in the general ledger

Supervision function / Fictitious employees can appear on the payroll records or
Personnel records and payroll unauthorized payments can be made
processing function  Unauthorised payments to existing employees
 Payments to fictitious employees
Disbursement function / Unauthorized disbursements can be made
personnel records, supervision  Ability to hire and fire employees, approve time report, prepare
and payroll processing direct deposit to employees accounts or prepare payroll
cheques
Payroll processing / General Individual can conceal any misappropriation (defalcation) that would
ledger function normally be detected by independent review of accounting entries.
Supervision function / Fictitious timing can be clocked by the employee, resulting in
timekeeping overpayment of salaries
Human Resources function / Unauthorized changes may be made to the wage rate, leading to
Payroll processing and overpayment of salaries
disbursement
131
Inherent Business Risks
High turnover rate of employees (may affect assertion such as valuation)
 Risk that pay will be inappropriately dispersed to terminated or fictitious employees due to the
volatility of movement of employees
Executive Compensation
 Inherent risk is not set as low due to (1) motives and opportunity from the officers; (2) degree of
judgment and estimation for share based compensation
Other factors
 Presence of labour contracts and labour legislation
 Economic conditions on payroll
 Supply of skilled workers
Test of Controls – Payroll Transactions

Occurrence of Payroll Transaction
Misstatement
Payments made to Segregation of duties operating Existence:
fictitious and supporting department (HR & Observation and evaluation of proper
employees payroll) segregation of duties
Payments made to Adequate personnel file that has Existence:

terminated a listing of terminated employees Check that there is a complete personnel
employees (ensure that they are removed file, and that it is regularly updated (Use
from the firm’s master payroll), listing of terminated employees and check
number of employees in active against active payroll master file)
master payroll file
 Promptly updates changes in Effectiveness:
employment status & salaries Test timeliness of update of changes to
personnel and payroll records
Initiation of changes in Existence:
employment status, wages or Review and test entity’s procedures for
salaries, and benefits made by changing employee’s records
operating departments reported to
office of HR
Payments made to Approval of time-clocks and Existence:
employees who pre-numbered time cards Observe use of time clock and inspect time
have not worked approved by supervisors cards for proper approval
Payments made only to Existence:

employees with a valid employee Test a sample of payments made to
number employees and see if they have a valid
employee number
132
Completeness of Payroll Transaction
Misstatement
Employee Pre-numbered time sheet accounted for Existence:
services by client personnel Check numerical sequence of time sheets
provided but not Verification that all employees in the Existence:
recorded master payroll file submitted a time sheet Review and test entity’s verification
for pay period procedures
Accuracy of Payroll Transaction

Misstatement
Gross pay and Authorization procedures for hiring, Existence:
payroll terminating employees, setting pay rates, Observe and test if the supervisor
deductions are making withholdings, awarding benefits, approved an employee’s time sheet
incorrectly making direct deposits to employee’s
computed accounts and issuing payroll cheques If IT, use computer assisted auditing
 Hiring terms/ changes in pay rates techniques (CAATs) to test program
to be authorized by HR, consistent logic for computation
w union contracts & corp. policies
 Payment made only when time card Effectiveness:
is approved and valid employee Recompute payroll
number on master file
Verification of payroll amounts and Existence:
benefits calculations Review and test verification procedures
Review of payroll register for unusual If IT, use computer assisted auditing
amounts techniques (CAATs) to test program
logic for computation
Use of payroll budgets with review by

Effectiveness:
department supervisors
Recompute payroll
Payroll Changes to master payroll file verified Existence:
transactions not through ‘before and after’ reports Test reconciliation of ‘before and after’
posted correctly reports to payroll master file
to the payroll
journal
Cut-off of Payroll Transactions

Misstatement
Payroll Notices of additions, terminations and Existence:
transactions are changes reported promptly to payroll Review and test entity’s procedures for
recorded in the processing function  changes updated changes to master payroll file
wrong period promptly on master payroll file
133
All time sheets forwarded to payroll Existence:
department weekly Review and test procedures for
processing time sheets
Procedures that require recording payroll Existence:
liabilities as soon as possible after they Review and test procedures for recording
are incurred payroll liabilities
Classification of Payroll Transactions

Misstatement
Payroll Chart of accounts Existence:
transactions not Review chart of accounts
properly Independent approval and review of Existence:
classified accounts charged for payroll Review and test procedures for
classifying payroll costs
Use of payroll budgets with review by Existence:
department supervisors to compare Review entity’s budgeting procedures
actual and allocated labour  compare
to prior years

 Compare current-year balances in the various payroll  Overstatement /
expense accounts with prior years’ balances after Understatement of payroll
adjustment for pay changes and number of employees Expense
 Compare payroll costs as a percentage of sales with
prior years’ and industry data.
Payroll Expense Account
 Compare labor utilization rates and statistics with

industry data
 Compare budgeted payroll expenses with actual payroll
expenses
o Variances due to quantity and wages should
show in client’s costing
o If immaterial  reasonable
o If material  investigate causes
 Estimate sales commissions by applying formulas to  Overstatement /
recorded sales totals Understatement of sales
commission
 Compare current-year balances in payroll-related  Overstatement /
Payroll-Related
accrual accounts with prior years’ balances after Understatement of Accrued

Accruals
adjusting for changes in conditions Liabilities

 Test reasonableness of accrual balances
134
Test of Details – Payroll Expenses (P/L)
Payroll Expense Account
 Affects many expense accounts
o Direct/ indirect manufacturing expense, general & administrative salaries, sales salaries,
commissions and payroll tax expenses
 If entity’s internal control is reliable, auditor does not need to conduct detailed test of all these
payroll expense accounts
o Just need to understand controls
o Additional testing is necessary only when control deficiencies exist
o However, for certain accounts, still need to examine even if control risk is low
 Compensation paid to officers (They are in a position to override controls)
 Compare payroll records & amt authorized in BOD minutes & employment
contracts
Occurrence  Vouch sample of payroll direct deposits to master employee list to verify validity
Completeness  Trace a sample of time cards to payroll register

Accuracy  Recompute the mathematical accuracy of a sample of direct deposits: CAATs
may be used to test the logic of the computer programs for proper calculation
of gross pay, deductions and net pay
 Audit standard costs/ other methods to price inventory
 Test a sample of payroll direct deposits for the presence of an authorized time
card
Cut-off  Trace a sample of time cards before and after period end to the appropriate
weekly payroll report, and trace the weekly payroll report to the general ledger
to verify payroll transactions are recorded in the proper period
Classification  Examine a sample of payroll direct deposits for proper classification into
expense accounts
Test of Details – Payroll Liability Account (B/S)

Accrued Payroll Liability Account
 Entity incurs a number of liabilities
 Payroll taxes withheld, medical & life insurance premiums, pension, accrued bonuses, accrued
commissions
Existence  Vouch selected amounts from account schedules for accruals to supporting
documents
o Payroll tax returns, corporate benefit policies etc.
 Trace amounts included on account analysis schedule for accrued payroll
liabilities to supporting documentation (payroll tax reports)
Rights and  Review supporting documentation to determine that the entity is legally obliged
Obligations to pay the liability
 Test a sample of bank reconciliations for the payroll bank account
Completeness  Search for unrecorded liabilities
 Use CAATs to foot weekly payroll reports and reconcile the total to that GL
(payroll expense and related accruals)
135
Valuation and  Obtain an account analysis schedule for accrued payroll liabilities
Allocation  Foot schedules for accrued payroll liabilities
 Compare amounts accrued to supporting documentation (e.g. payroll tax
returns)
 Recalculate figures to determine accuracy
Cut-off  Examine supporting documentation
 Provides evidence on proper period for recording
Test of Details – Presentation & Disclosure

Occurrence,  Inquire about accruals to ensure that they are properly disclosed
Rights and
Obligations
Completeness  Complete financial reporting checklist to ensure that all FS disclosures
related to payroll expenses and related accruals have been made
o Pensions
o Post-retirement benefits
o Share-based payments
o Profit-sharing plans
o Deferred compensation arrangements
Classification,  Review accrued payroll liabilities for proper classification between short-term
Understandability and long-term liabilities
 Read notes to ensure that the required disclosures are understandable
Accuracy and  Review benefit contracts for proper disclosure of pension and post-retirement
Valuation benefits
 Read notes and other information to ensure that the information is accurate
and properly presented at the appropriate amounts
136
Seminar 11b – Auditing the PPE Management Process
Audit Significance
 Usually represents a material amount in the F/S
 Recurring Engagement
o Focus on additions & retirements, beginning balances have been audited in prior years
 New Engagement
o Must verify assets that make up beginning balance Small number of PPE
transactions
o Take a substantive strategy as co. probably doesn’t have a formal control management
strategy
 Large number of PPE transactions
o Take a reliance strategy as co. probably has a formal control management strategy
 Auditors usually focus on tests of transactions
o Additions/ disposals/ write-offs/ impairment/ depreciation (Analytical procedures)
4 Main Types of Transactions

 Acquisition of capital assets for cash/ non-monetary considerations
 Disposition of capital assets through sale, exchange, retirement or abandonment
 Depreciation of capital assets over their useful economic life
 Leasing of capital assets
Types of Document and Records

 Record of all the capital assets owned by the entity
 Contains information on the cost of the asset, the date acquired, the method
PPE subsidiary
of depreciation and accumulated depreciation
ledger
 Include the calculation of depreciation expenses for both financial statement
and income tax purposes

Important as there is high potential for theft and fraud
Function initiating capital Fictitious or unauthorized purchases of assets can occur.
asset acquisition / Final  Result in purchases of unnecessary assets
approval function  Assets that do not meet quality control standards
 Illegal payments to suppliers or contractors
PPE Records Function / Ability to conceal any misappropriation (defalcation) that would normally
General Ledger be detected by reconciling subsidiary records with the General Ledger
PPE Records / Custodial PPE can be stolen and theft can be concealed by adjustment of the
accounting records
Person doing the periodic PPE can be stolen and theft can be concealed by adjustment of
check / Custodial and accounting records
record keeping
137
Inherent BR for PPE Processes
Complex Accounting Issues (may affect assertion such as valuation)
 Example: Lease accounting (i.e. can be classification, rights and obligations, valuation),
construction contracts, capitalized interest
 Complexity in the decision and subjectivity involved in the accounting issue, making it not
uncommon for such transaction to be accounted for incorrectly
 Judgement and complexity associated with valuation of long-lived assets (set higher IR)
Easy and Difficult transactions to audit
 Majority of additions to PPE are relatively easy to audit because purchase directly to audit  just
look at source document
 PPE (i.e. donated assets, non-monetary exchanges, self-constructed assets) are difficult to audit
as it is difficult to verify the value
o Non-monetary exchanges (hard to determine trade-in-value)
o Self-constructed assets (hard to determine cost-accumulation)
present during the current audit, unless the entity has established new control activities
 If misstatements in prior periods are detected  set IR higher
Test of Controls – PPE Transactions

Occurrence of PPE Transactions
 Normally part of purchasing process (controls)
 Large capital asset transaction may be subject to additional controls
Misstatement
Fictitious PPE Examine capital budget documents Existence:
transactions  Highly specialized equipment (that Review presence of capital budget
do not normally have a formalized documents, see equipment purchased
procedure) usually pass through a follows criteria
specific capital budgeting process
 Might have to meet predetermined
internal rate of criteria before
authorized to purchase
Examine engineering specifications Existence:
 Highly specialized engineers to prove Review the document
technical specifications
Completeness of PPE Transactions

Misstatement
PPE received Use of a PPE subsidiary ledger Existence:
but not recorded  Subsidiary ledger usualy includes Observe process
info for each capital asset
 Description, location, ID number Effectiveness:
 Date of acquisition, installed cost Review and test client’s procedures for
consignment goods
138
 Depreciation methods for book &
tax purposes, salvage value,
estimated useful life
Periodic reconciliation of PPE sub ledger Review reconciliation
to GL control account
Periodic comparison of detailed records Observe periodic comparison if possible
in sub ledger with existing capital assets Review documentations that such
 make complete physical examination comparison actually happen
on PPE & compare to PPE sub ledger

 Compare prior-period balances in PPE and Depreciation  Depreciation has not been
Expense with current-period balances, taking into account taken on some assets included
any changes in conditions or asset composition. in the account if the ratio to
 Compute the ratio of Depreciation Expense to the related depreciation expense to the
PPE accounts and compare to prior years’ ratios related property is less than
prior years
 Compute the ratio of Repairs and Maintenance Expense /
Insurance Expense to the related PPE and compare to prior
years’ ratios.
 Review Capital Budgets and compare the amounts spent
with amounts budgeted.
Test of Details – PPE Purchases/Depreciation (P/L)

Occurrence  Vouch significant additions/disposals to vendor invoices or other supporting
documents
 Review lease agreements to ensure that lease transactions are accounted for
properly
*Completeness  Trace a sample of purchase requisitions to loading dock reports and to PPE
records in transaction/master file
*Accuracy  For assets written off, test the amounts charged against income and
accumulated depreciation
Cut-off  Examine purchases and sale of capital assets for a few days before / after year
end
Classification  Auditor’s TOC and substantive tests of transactions provide evidence as to the
effectiveness of control activities for this assertion
 Vouch transactions included in repairs and maintenance for items that should
be capitalised
 Review lease transactions for proper classification between operating and
capital leases
139
Test of Details – PPE Account (B/S)
Existence  Verify the existence of major additions by physically inspecting the capital
asset
 Obtain a listing of major additions and vouches them to supporting documents
such as vendor invoices (i.e. if its sales, obtain a listing of major disposal and
vouches them to sales receipt)
*Completeness  Obtain a lead schedule of PPE; foot schedule and agree totals to the General
Ledger
 Obtain detailed schedules for additions and disposals of PPE; foot schedule
and agree totals to the General Ledger
 Physically examine a sample of capital assets and trace them to the PPE
Subsidiary Ledger.
*Valuation and  Examine vendor’s invoices and other supporting documents to established the
Allocation recorded value of the assets
 Obtain an understanding of the entity’s process for fair value measurement
and test the fair value measurement of PPE
 Evaluate fixed assets for significant write-offs or impairments by performing
procedures
o Identify the events/ change in circumstances indicating that the carrying
value of the asset may not be recoverable
o Verify impairment loss by determining recoverable amount and
comparing it to the carrying value
o Examine client documentation supporting impairment of write-off.
 Test the recorded cost of major new additions
o Valued at acquisition cost + costs to make asset operational  Look at
vendor invoices
o For material self-constructed assets, must conduct detailed audit work
on construction-in-progress accounts to ensure that i/r is properly
capitalized
 Test for permanent impairment of long-lived asset
o FRS 36: Long-lived assets be reviewed for impairment when changes
in events indicate CA may not be recoverable
o RA = higher of (FV – cost to sell) and value in use
 FV determined by looking at price in binding sales agreement
(arms’ length)
 Value in use determined by discounting estimated future CF and
dispositions
 Test depreciation calculations for a sample of capital assets  Using CAAT or
manually
o Consider the reasonableness of useful life, SV etc
Rights and  Examine or confirm deeds or title documents for proof of ownership
Obligations  Examine vendor’s invoices and other supporting documents
140
Disclosure of PPE
 Classes of capital assets and valuation bases
 Depreciation methods & useful lives for financial reporting & tax purposes
 Non-operating assets
 Construction/ purchase commitments
 Liens & mortgages
 Acquisition or disposal of major operating facilities
 Capitalised and other lease arrangements
141
Seminar 11c – Auditing the Financing/Investing Process
Auditing Long Term Debts / Liabilities

Inherent Risks for LT liabilities
 Inherent risk for notes and bonds would normally be assessed as low to moderate
o Volume of transactions is low
o Accounting is usually not complex
o Entity often receives third party statements or amortization schedule
 Inherent risk for sophisticated instruments is normally high
Note: For entities that engage in frequent financing activities, the auditor follows a reliance strategy. But
for vast majority, it is more efficient that the auditor follows a substantive strategy and perform a detailed
audit of long-term debt and related interest accounts.
Test of Controls – LT liabilities

Occurrence & Authorisation
Misstatement
Note or bond Adequate documentation must be Existence:
not authorized / developed and kept ( verify that a note Review documentation (i.e. a signed
did not occur or bond was properly authorized) lending agreement)
Significant debt commitment should only Existence:
be approved by the board of directors or Review meeting minutes with regards to
executives who possess the relevant the agenda raised; Inquiry of
authority management
Completeness
Misstatement
Long-term debts Maintain a subsidiary ledger that contains Existence:
incurred but not all the long-term debt owed by the entity, Review reconciliation
recorded
Debt amount recorded in the subsidiary
ledger should be reconciled to the general
ledger control account regularly
Valuation
Misstatement
Note and bond Amortization table to reflect the Existence:
are not properly outstanding value of the note and bond Review the existence of amortization
valued table, Re-compute amortization table
142
Disclosure / Classification
Misstatement
Note / Bond not Proper procedures for classifying as a Existence:
properly short-term debt the portion of long-term Review the entity’s procedures for
classified debt that is due within next year reclassifying
Substantive Analytical Procedures – For LT liabilities

Estimate interest expense by using multiplying the average  Estimation > Actual:
monthly interest rate with the long-term debt, then by 12. Apply Understated (failed to record a
reasonableness of interest by comparing the estimate to the portion of interest)
interest recorded  Estimation < Actual:
Overstated (failed to record
debt)
Test of Details – For LT liabilities

Classes of Transactions
Occurrence  Examine copies of new note or bond agreements
 Examine Board of Directors Minutes for approval of new lending agreements
Completeness  Trace large cash receipts and payments to source documents and General
Ledger
 Review interest expense for payments to debt holders not listed on the debt
analysis schedule
 Review notes paid or renewed after the balance sheet date to determine if
there are unrecorded liabilities at year-end.
 Evaluate lease contracts to determine if leases are properly accounted for as
an operating/capital lease (i.e. if a lease should be a capital lease, it would
likely require recognition of long-term debt)
Accuracy  Examine BoD Minutes for evidence of proper authorization of notes or bonds
 Test a sample of receipts and payments
Cut-off  Review debt activity for a few days before/after year-end to determine if the
transactions are included in the proper period.
Classification  Examine the due dates on notes or bonds for proper classification between
current and long-term debt
Account Balances
Existence  Confirm notes or bonds directly with Creditors (i.e. banks, insurance
companies, trustees representing Creditors)
Rights and  Examine copies of note and bond agreements
Obligations
Completeness^  Obtain an analysis of notes payable, bonds payable and accrued interest
payable; foot schedule and agree totals to the General Ledger
143
 Obtain a bank confirmation that requests specific information on notes from
banks
 Confirm notes or bonds with Creditors
 Inquire of management regarding the existence of off-balance-sheet activities
 Review Board of Directors Minutes for debt-related activity.
Valuation and  Examine new debt agreements (e.g. bond indentures) to ensure they were
Allocation recorded at the proper value
 Confirm the outstanding balance for notes/bonds and the last date on which
interest has been paid
 Re-compute accrued interest payable
 Verify computation of the amortization of premium or discount.
^For completeness of disclosure, the auditor may want to examine the debt agreement for restrictive
covenants that requires disclosure in the notes
Auditing Stockholders’ Equity

Transactions that occur in SE
 Issuance of stock: Include transactions such as sale of stock for cash; the exchange of stock for
assets, services or convertible debt; and issuance of stock for stock splits
 Repurchase of stock: Re-acquisition of stock and the retirement of stock
 Payment of dividends

 Substantive Strategy is most often used to audit stockholders’ equity because the number of
transactions is usually small
 May use independent outside agent to process and record equity transaction ( better for
auditing as auditor can send confirmation to obtain sufficient evidence regarding equity
transaction, otherwise need to perform more testing)
o Registrar: Responsible for ensuring that all stock issued complies with the corporate
charter and maintaining the control totals for total shares outstanding
o Transfer agent: Responsible for preparing stock certificates and maintaining adequate
stockholder’s records
o Dividend disbursing agent: Transfer dividend to the stockholders of record
Key Segregation of Duties

Issuing, Transferring and Cancelling stock
certificates / Accounting function
Maintenance the detailed stockholder’s
records / General Ledger
Maintaining the detailed stockholder’s record
/ Process cash receipts or disbursement
Dividend Disbursement / Recording of
dividend payment
144
Test of Controls – For SE
Occurrence
Misstatement
Stock and dividend Maintain stockholders’ ledger, which Existence:
transaction does not contains the name of each Review the stockholder’s ledger
comply with stockholders and the number of
corporate charter shares held by that shareholder
Stock and dividend Board of directors or stockholders Existence:
transaction are not can approve stock and dividend Review minutes of the board of
authorized transactions directors or shareholder’s meeting
minutes for proper authorization
Accuracy
Misstatement
Stock and dividend Reconciliation of the stockholders’ records Existence:
transactions are not with the number of shares outstanding Review reconciliation
properly posted to Reconciliation of dividends paid with the total
the right accounts shares outstanding on dividend record date
Valuation
Misstatement
Stock issuance, Amount must be in accordance Existence:
repurchases and dividends with the applicable financial Re-compute the recording of the stock
not properly valued reporting framework and dividend transactions
Test of Details – Equity Capital Accounts

Classes of transactions (P/L)
Occurrence  Tracing transaction recorded in current year to Board of Director Minutes
 Examine any cancelled stock certificate
 Send confirmation to external agent (i.e. agent is used by the entity to maintain
equity transaction) *Reason refer to confirmation for AR*
Completeness  Tracing the transfer of shares (i.e. shares certificate is the source document)
between stockholders to the stock register (i.e. ledger) and/or stock certificate
 Foot the shares outstanding in the stock register and/or stock certificate book
and agree to them to total shares outstanding in the general ledger equity
capital accounts
 Account for and inspect any unissued stock certificates in stock certificate book
Accuracy  Trace the transfers of shares between stockholders to the stock register and/or
stock certificate book
Cut-off  Review equity activity for a few days before/after year-end to determine if the
transactions are included in the proper period
145
Account balances (B/S)
Existence  Send confirmation to external agent (i.e. agent is used by the entity to maintain
equity transaction) *Reason refer to confirmation for AR*
Valuation and  Re-compute values assigned to each transaction
Allocation  Trace proceeds from the sale of stock to cash receipt records
Completeness of Disclosure Items for SE

 Number of shares authorised, issued and outstanding for each class of stock
 Call privileges
 Prices and dates for preferred stock
 Stock option or purchase plans
 Restrictions on RE and dividends
 Any completed or pending transactions (eg stock dividends or splits) that may affect SE
Auditing Dividends
 When the entity uses an outside agent for dividend-disbursing, the auditor can confirm the
amount disbursed to the agent by the entity
 Amount is agreed with the amount authorized by board of directors or approved by shareholders
o Concern about accuracy: Re-compute the dividend amount by multiplying the number of
share outstanding on the record date by the amount of the per share dividend approved
by board of director
 Ensure that control over dividend disbursement is strong
o Compare the payee names and amounts paid with the stock register or stock certificate
book
o Review compliance with any agreements that restrict the payment of dividends
Auditing Retained Earnings

 Obtain a schedule of the account activity for the period
o Beginning Balance is agreed to the prior year’s working papers and financial statements
o Profit or loss traced to income statement
o Cash or stock dividend trace to audit evidence (i.e. confirmation, test of control or
substantive test of transactions)
 Adjustment to the retained earning
o Review compliance with the relevant accounting standards with regards to prior-year
adjustments
o Trace new appropriations or changes in existing appropriation to the relevant contractual
agreements
 Ensure that all necessary disclosures related to retained earnings are made in the notes
146
Auditing Income Statement Accounts
Direct Tests of Balance Sheet Accounts
Examples of Income Statement Accounts audited in conjunction with B/S Account
B/S Account audited Related Income Statement Account audited
AR / Allowance for uncollectible accounts Bad-debt expense
Notes receivables / investment / accrued interest Interest income
receivable
PPE / Accumulated depreciation Depreciation expense, gain/loss on sales or
retirement of assets
Prepaid insurance Insurance expense
Long-term debt / accrued interest payable Interest expense
Substantive Analytical Procedures for Income Statement Accounts

 Comparison of current year amount for each revenue and expense account with prior year
balances
 Calculate the ratio of individual expenses account to net sales and compare these percentage
across years
 Reasonableness test by using the schedule (i.e. commission schedule, interest schedule,
depreciation) multiply by the balances at relevant account
Test of specific account balances in income statement

 Verifies transactions by examining (vouching) the supporting documentation
 Accounts tested in this manner are generally accounts that are not directly affected by business
process, or accounts that may contain sensitive information or unusual transactions, or account
which detail information is needed for tax return
Auditing the Cash Account

If the control risk assessment is below maximum for both cash receipts and disbursements, the auditor
can reduce the extent of substantive evidence gathered for the cash balances.
Types of Bank Accounts (Extent of testing differs for each account, despite it will be the same)
 General Cash Account
o Main cash account for most entities
o Source of cash receipts is revenue process, and major sources of cash disbursement is
the purchasing and human resource management
 Imprest Cash Account
o To be used for a specific purpose (i.e. disbursing payroll, payroll taxes and dividends)
o Funds are usually transferred from the general cash account, then used the imprest cash
account to make payment for its respective purpose
 Branch Account
o Companies that operate branches in multiple locations may maintain separate branch
accounts
o Similar to imprest accounts, but specifically for branch. Act as a general cash account for
their respective branches
147
To audit a cash account, the auditor needs to have the following documents
 A copy of the bank reconciliation
 Confirmation of account balance information
 A cut-off bank statement
Control Risk – Cash account

 Reliability of the entity’s control over cash receipts and cash disbursements affect the nature and
extent of the auditor’s test of details
o Effective operations of those controls provide strong evidence that completeness
assertion is being met
 A major control that directly affects the audit of cash is the completion of a bank reconciliation by
client’s personnel who are independent of handling and recording cash receipts and cash
disbursement
o The auditor may choose to test entity’s reconciliation process as part of testing controls
and this reduce the audit work on the ending cash balance
Substantive Analytical Procedures – For Cash

Cash does not have a predictable relationship with other financial statement
 Limited to comparison with prior years’ cash balances and to budgeted amounts
 Limitation to use substantive analytical procedures is offset by test of controls and/or substantive
test of details; or extensive tests of the entity’s bank reconciliation
Test of Details – For Cash

Classes of transaction
Assertions Cash Receipts Cash Disbursement
Occurrence Vouch a sample of entries in the cash Vouch a sample of entries from the cash
receipts journal to remittance disbursements journal to voucher packet
advices, daily deposits and bank and bank statement.
statement
Completeness Trace a sample of electronic cash Trace a sample of electronic cash
receipts transfers to the cash receipts disbursements transfers to the cash
journal. disbursements journal.
Authorization For a sample of days, examine the Reconcile a sample of electronic cash
signature on the deposit slip for disbursements transfers with list of
proper authorization. payments authorized by management
Accuracy For sample of daily deposits, foot the For a sample of voucher packets, agree
remittance advices and agree to the amounts in PO, RR, Invoice, electronic cash
cash receipts journal and bank disbursements transfer and disbursements
statement. journal.
For a sample of weeks, foot the cash For a sample of weeks, foot the cash
receipts journal and agree posting to disbursements journal and agree posting to
the General Ledger the General Ledger
Cut-off Test a sample of cash receipts at, Test a sample of cash disbursements at,
before and after an accounting period before and after an accounting period for
for recording in appropriate period recording in appropriate period
148
Classification Examine a sample of remittance Examine a sample of electronic cash
advices for proper account disbursements transfers for proper account
classification classification
Account Balances
***Existence  Confirm bank account balance with financial institution
Completeness  Test bank reconciliation for each account
Valuation and  Foot the reconciliation
Allocation  Trace balances per book to the General Ledger
 Obtain bank confirmation and trace balance per bank to the bank reconciliation
 Obtain cut-off bank statement
 Trace deposits in transit and other reconciling items to cut-off bank statement
If control risk is high or if fraud is suspected:

 Perform extended bank reconciliation procedures
 Perform a proof of cash
 Test for kiting
Test of Bank Reconciliation

1. Verify the mathematical accuracy of the bank reconciliation working paper and agree the balance per
the books to the general ledger
2. Agree the bank balance on the bank reconciliation with the balance shown on the bank confirmation
3. Trace the deposits in transit on the bank reconciliation to the cut-off bank statement
4. Compare the outstanding cheques on the bank reconciliation working paper with the cancelled
cheques contained in the cut-off bank statement for proper payee, amount and endorsement
5. Agree any charges included on the bank statement to the bank reconciliation
6. Agree the adjusted book balance to the cash account lead schedule
Fraud-Related Audit Procedures

Extended Bank Reconciliation Procedures
 Examine the disposition of the reconciling items included on the prior months’ reconciliation and
the reconciling items included in the current bank reconciliation
 The auditor would examine two months of bank reconciliation (i.e. the current and the past
month)
 For the past month, the auditor would trace the deposits in transit shown on the previous month
bank reconciliation to the previous month cash receipt (completeness) and traced to the current
month to verify that they were deposited (existence)
 Cheques listed as outstanding in the previous month bank reconciliation would be traced to the
previous month cash disbursement (completeness) and traced to the cancelled cheques with the
December bank statement
 The auditor will continue to examine reconciling items included on the December bank
reconciliation in similar way
149
Proof of Cash
 Reconcile the cash receipts and disbursement recorded on the entity’s books with the cash
deposited into and disbursed from the entity’s bank account for a specific time period
 Purpose is to
o Ensure that all cash receipts recorded in the entity’s cash receipts journal were deposited
in the entity’s bank account
o Ensure that all cash disbursement recorded in the entity’s cash disbursement journal have
cleared the entity’s bank account
o Ensure that no bank transactions have been omitted from the entity’s accounting records
 Will not detect theft of cash when the cash is stolen before it was recorded in the entity’s book
Tests for kiting (Page 510 for further elaboration)

 Kiting: Cheque was written on the disbursing bank account before year end, but the
disbursement was not recorded in the journal until after year-end. The cheque was deposited in
the receiving bank account and recorded as a cash receipt before year end
 Preparation of an interbank transfer schedule  provide auditor with evidence on cut-off
assertion
Auditing on other Cash accounts

Auditing a payroll or Branch Imprest Account
 Similar to general cash account (i.e. obtain bank reconciliation, along with a bank confirmation
and a cut-off bank statement), BUT less intense
Auditing a Petty Cash Fund

 The use of pre-numbering petty cash vouchers for withdrawing cash from the fund
 Placing a limit on the size of reimbursement made from petty cash
 Review the petty cash for propriety before replenishing the petty cash fund
 Independent personnel of cash function should conduct surprise counts of petty cash fund
Disclosure Issues for Cash

 Accounting policy for defining cash and cash equivalents
 Restriction on cash such as sinking fund requirement
 Contractual obligations to maintain compensating balances
 Cash balances restricted by foreign exchange control
 Letters of credit
Source documents to review information disclosure

 Minutes of board of directors
 Line of credit arrangements
 Loan agreements
150
Auditing Investment Accounts
Inherent Risk
Vary with the amount of activity, complexity and valuation considerations
 An investment in stock in a listed company is relatively easy to account for and audit
 Derivatives is harder, as it requires substantial judgements by management
For an entity that has a large investment portfolio, the auditor is likely to follow a reliance strategy.
However for majority, it is more efficient for the auditor to follow a substantive strategy.
Initiation / Final Approval Fictitious transactions can be made or securities can be stolen
Valuation-Monitoring / Acquisition Securities values can be improperly recorded or not reported to
management
Maintaining Securities Ledger / Ability to conceal any defalcation that would normally be
General Ledger detected by reconciliation of Subsidiary Records with General
Ledger control accounts.
Custody of Securities / Accounting Theft of securities can be concealed
Tests of Controls – For Investment

Occurrence / Authorisation
Misstatement
Purchase or Adequate documentation ( to verify that a Review the documentation to
sales of particular purchase or sales of a security was determine the validity of the
investment not properly initiated and approved) transaction
properly Significant commitment of resources should Review meeting minutes with
authorized only be approved by the board of directors or regards to the agenda raised;
executives who possess the relevant authority Inquiry of management
General policies and specific procedures to Review and test procedures for
guide the purchase and sales of securities purchasing and sales of securities,
Observation of employees if they
follow policies
Completeness
Misstatement
Securities transactions (i.e. Amount must be in accordance with the Review reconciliation
dividend, interest, sales, applicable financial reporting framework
purchase) are not Maintenance of securities file (i.e. Review and test securities file
recorded Periodically review the securities owned
the entity to check if any transactions
left out)
151
Accuracy and Classification
Misstatement
Securities may not be Chart of Accounts Review of Accounts
properly classified Independent review and impose Review and test procedures for
procedures to classify securities classifying securities
Securities may not be Establish procedures and guidelines for Review and test procedures
priced properly pricing securities; used to price securities pricing
Securities pricing are reviewed by
management
Substantive Analytical Procedures – For Investment

 Comparison of the balances in the current year’s investment accounts with prior years’ balances
after the consideration of the effects of current-year operating/financing activities on cash and
investments
 Comparison of current-year interest and dividend income with the reported income for prior years
and with the expected return on investments.
 Re-computation of current-year interest income using the face amount of securities held, interest
rate and time period held.
Test of Details – For Investment

Account Balances
Existence  Inspect securities if maintained by client or obtain confirmation from
independent custodian, physical examination, confirmation of unsettled
transactions with the broker-dealer, confirmation with counter-party
Rights and  Examine brokers’ advice for a sample of securities purchased during the year.
Obligations
Completeness  Search for purchases of securities by examining transactions for a few days
after year-end.
 Confirm securities held by independent custodian.
 Review and test securities information to determine if all interest and dividend
income has been recorded.
Valuation and  Review brokers’ invoices for cost basis of securities purchased
Allocation  Determine basis for valuing investments by tracing values to published
quotations for marketable securities
 Determine whether there has been any permanent impairment in the value of
the cost basis of an individual security
 Examine sales of securities to ensure proper recognition of realized G/L
 Obtain a listing of investments by category; foot listing and agree totals to
securities register and general ledger
 Inquire how management considers the nature of the asset/liability being
valued and why/how they selected a particular valuation method/model.
 Inquire the extent to which the entity’s process relies on a Third-Party Expert to
provide fair value measurements and inspect the associated documents
152
Presentation and Disclosure
Occurrence, Determine whether any securities have been pledged as collateral by
Rights &  Inquiring with management
Obligations  Reviewing BoD Minutes, loan agreements and other documents.
Completeness  Determine that all disclosures required by IFRS7 has been made for
Investments (both debt and equity securities)
 Complete financial reporting checklist to ensure all financial statement
disclosures related to investments are made
Classification,  Review and inquire of management regarding its intent to an investment, and
Understandability whether it conflict with management’s stated intent (i.e. look at written and
(Page 518 for approved records of investment strategies, records of investment activities,
further factors to instruction to portfolio managers, meeting minutes etc)
inquire)  Read notes to ensure that required disclosures are understandable
Accuracy &  Read notes and other information to ensure that the information is accurate
Valuation and properly presented at the appropriate amounts
153
Seminar 12 – Audit Completion
F/S Auditors’ Report Dispatch F/S AGM
Events after the balance sheet date (FRS 10)

Events that occur between the balance sheet date and date when FS are authorised for issue, including:
Adjusting Events
Provide evidence of condition that existed at B/S date  ADJUST amt recognized in F/S
 Subsequent collection of a material AR that has been treated as uncollectible at B/S date
 Legal determination, subsequent to B/S that establishes that a claim was in existence, but of an
uncertain amount at B/S date
 Legislation after B/S date that retrospectively changes income tax rate applying to fiscal period
ended prior to B/S date
 Ascertainment subsequent to B/S date of selling prices for inventory items, where those prices
were previously uncertain
 Bankrupt conditions à financial non-prudence, likely to exist for LT
 Sale of inventory after YE that indicates NRV < cost
 Settlement of lawsuit/ estimated liability at amount different from recorded
 Corporate scandal after YE, resulting in share price of investment drop (Unless FV)
Non-adjusting Events
Indicative of conditions that arose after B/S date  DISCLOSE nature and estimated financial effect (or
that estimate cannot be made), if material
 Fire/ flood after B/S not fully covered by insurance
 Major currency realignment subsequent to B/S
 Raising of additional shares/ loan capital after B/S date
 Mergers & acquisitions after B/S date
 Expropriation after B/S date, of a significant overseas investment/ asset
o Government now uses a privately owned thing for the benefit of the public
 Purchase or disposal of business
 Litigation arising from events that occurred after B/S date
Subsequent Events (SSA 560)

Events occurring between date of FS and date of auditor’s report AND
Facts that become known to the auditor after date of auditor report
 Include MM and adjusting/non-adjusting events not detected by auditors before audit report date
After B/S Date, Before Date of Auditor’s Report

Auditor responsible to perform procedures (the closer to date of auditor’s report, the better) to identify
subsequent events that may require F/S adjustment/ disclosure up to date of auditor’s report, such as:
 Obtaining understanding of any procedures mgmt has established to identify subsequent events
 Inquiring mgmt & TCWG on whether any subsequent events have occurred that might affect F/S
and obtaining written representations
 Enquiring entity’s legal counsel on litigation and claim
154
 Reviewing minutes of meetings held after YE
 Reviewing latest interim F/S, budgets, forecasts, mgmt reports (e.g. write-down suddenly at
interim  maybe should have written down at YE)
 News reporting about changes in business nature
 Public Announcement to Exchange (If listed)
 Significant changes in shareholdings  red flag
 If mgmt doesn’t adjust or disclose, qualify
After Date of Auditor’s Report

Auditor has NO obligation to perform audit procedures on FS after date of auditor’s report
However, if aware of a fact that would have cause auditor to amend auditor’s report had it been known at
date of auditor’s report:
1. After audit report date but before FS issued
 Require management to amend FS, extend audit work and issue new audit report
 If management does not amend FS  modify audit opinion
2. After FS issued
 Require management to amend FS, extend audit work and issue new audit report with
Emphasis of Matter paragraph
o With respect to state that the new F/S supersedes the old one & reasons for revision
of F/S
o Auditor should perform procedures necessary to form an opinion on revised financial
report
 If management does not amend FS, notify TCWG and take action to prevent future reliance
on auditor’s report
o Make announcement, press statement/release
o Going through regulators – ACRA
 May not need to act if issue of next period’s FS is imminent (ie close to next FS period) 
correction of previous year FS
Contingent Liabilities (FRS 37)

Provision: Liability of uncertain timing or amount
 Present obligation
 Probable outflow, and
 Reliable estimate
Contingent liability
 A possible obligation – yet to be confirmed OR
 A present obligation but outflow of resources not probable OR amount cannot be reliably
measured
155
Disclosure of Contingent Liabilities: Disclosure required unless outflow is remote.
 Probable = future event more likely to occur
 Remote = Chance of future event occurring is slight
 Examples:
o Pending/ threatened litigation
o Actual/ possible claims & assessments
o Income tax disputes
o Product warranties/ defect
o Guarantees of obligations to others
o Agreements to repurchase AR that have been sold
Audit Procedures for Identifying Contingencies (SSA 501)

 Review contracts, loan agreements, leases and correspondence from government bodies
 Review tax returns, tax liability and tax authorities’ reports
 Confirm/ document guarantees and letters of credit
 Review prior AWPs and follow up on CL resolutions
 Review minutes of BOD meetings & TCWG
 Review legal invoices & expenses (before & after YE to know which lawyers to send
confirmations)
 Obtain confirmation from company’s lawyer
o Nature of claims, probability and amount of potential losses
 Discuss with company’s lawyer and mgmt. about policies for identifying, evaluating and
accounting for contingencies
 Obtain written representations from management and TCWG
Specific audit procedures conducted near completion of audit

 Inquire & discuss with management about polices & procedures for identifying, evaluation,
accounting for contingencies
 Examine documents in entity’s records (correspondence & invoices frm lawyers for pending/
threatened lawsuits)
 Obtain a legal letter that describes & evaluates any litigation, claims or assessments
o Obtain letter from solicitors during year to obtain evidence on existence, completeness,
valuation and presentation & disclosure of legal contingencies identified during audit
o Most direct search for legal contingencies: Inquires of mgmt. & entity’s solicitor that are
documented in the letter & in related written representations by mgmt.
156
Other Matters to be Addressed in Completing the Audit
 Review audit working papers and evaluate audit results (including identified misstatements) to
ensure sufficient appropriate evidence is obtained to support audit opinion (S2,3,4)
o Auditor should continuously review audit working papers and evaluate result of audit tests
as the audit progresses
o Planning & supervision continue throughout the engagement
o Final review (by a senior) undertaken at the end of the engagement as a final check to
ensure that all significant matter & problems have been identified, considered and
satisfactorily resolved
 Perform final analytical procedures (S3)
o SSA 520.6 Auditor to perform analytical procedures at or near completion of audit to
 Form overall conclusion as to whether FS are consistent with auditor’s
understanding of entity
 Corroborate conclusions formed during audit of individual components or elements
of the FS
 Help identify any previously unrecognised risk of material misstatement
 Evaluate entity’s ability to continue as a going concern (S5)
 Evaluate overall FS presentation and disclosure (S3, SSA 710, 720)
o Review F/S to ensure compliance w applicable financial reporting framework, proper
presentation of accounts, and inclusion of necessary disclosures (usually will have a
checklist)
 Obtain management representation letter (SSA 580)
 Communicate with TCWG (S4,6, SSA 260-265)
 Obtain engagement quality control review (not in syllabus)
 Issue auditor’s report (S2)
Comparative Information (SSA 710)

Corresponding Figures
Corresponding figures are comparative information where amounts and other disclosures for the prior
periods are an integral part of the current-period F/S, and are intended to be read only in relation to
current-period figures.
Comparative F/S
Comparative financial statements are considered separate financial statements and are included for
comparison with the financial statements of the current period
Auditor needs to ensure:

 Comparative info agrees w amts & disclosures presented in prior period (or is appropriately
restated where necessary)
 Accounting policies used for the comparative information is consistent with those of the current
period (or if any changes are properly accounted for and disclosed)
157
Other Information (OI) in Documents Containing Audited F/S (SSA 720(revised))
In line with the new and revised Auditor Reporting standards, the reporting on OI has been revised
Other Information (OI) is defined as financial or non-financial information (other than FS and the auditor’s
report) included in an entity’s annual report
Auditors needs to consider material inconsistency between OI and

 FS
 Auditor’s knowledge obtained in the audit
Explicit reporting, including:

 Description of auditor’s responsibilities for OI
 Stating that no assurance provided on OI
 Findings (if any) (eg. material misstatement of OI)
Written Representations (SSA 580)

SSA 580.7 A written statement by management provided to the auditor to confirm certain matters or to
support other audit evidence
SSA 580.9 Auditor to request written representations from management with appropriate responsibilities
for the FS and knowledge of the matters concerned
 Eg. from AC chairman, CFO, CEO (people with knowledge)
SSA 580.14 Date of written representations should be as near as practicable to, but not after the date of
auditor’s report on FS  date that auditor is responsible up till
SSA 580.4 Although written representations provide necessary audit evidence, they do not provide
sufficient appropriate audit evidence on their own about any of the matters which they deal
 Evidence will be bias  exercise professional scepticism
 Due diligent of auditors to obtain corroborating evidence  critically evaluating its reliability
(management’s integrity and competence) and consistency with other evidence
SSA 580.20 Disclaim opinion if

 Sufficient doubt about integrity of management such that written representation is not reliable OR
 If written representation is not provided by management
158
Communications with TCWG (SSA 260)
During Audit Planning
 Auditor’s responsibilities and compliance with independence requirements
 Planned scope and timing of audit
At Audit Completion or Earlier where appropriate:

Audit findings that are most significant  fall under KAM (SSA 701)
 Auditor’s views about significant qualitative aspects of entity’s accounting practices (accounting
policies, estimates and disclosures)
 Significant difficulties encountered during the audit, including any disagreements with mgmt
 Significant deficiencies in internal control (SSA 265)
 Any identified/suspected fraud (SSA 240) or non-compliance with laws & regulations (SSA 250)
 Uncorrected misstatements and their effects (SSA 450)
o Uncorrected means immaterial.
o But still need to inform TCWG.
o It may not be a problem now, but may become a problem later.
o Things that may on the material may still have an impact on internal control.
o TCWG can take action and improve internal control
 Going concern issues (SSA 570)
 Expected modifications to the auditor’s report (SSA 705)
159
Seminar 13 – Other Types of Assurance / Professional Ethics & Judgement
Assurance Engagement & Related Services

Singapore Framework for Assurance Engagements:
 Engagement in which a practitioner expresses a conclusion designed to enhance the degree of
confidence of the intended users other than the responsible party about the outcome of the
evaluation or measurement of a subject matter against criteria
 Exhibits 5 elements:
o Three-party relationship (practitioner, responsible party and intended user)
o Appropriate subject matter
o Suitable criteria
o Sufficient appropriate evidence
o Written assurance report
Level of Assurance
Reasonable assurance engagement
POSITIVE form
 “In our opinion, management’s assertions are fairly presented”
Limited assurance engagement

NEGATIVE form
 “In our opinion, nothing has come to our attention that causes us to believe that management’s
assertions are not fairly presented
160
Need for Professional Judgement & Skepticism
Auditor needs to exercise judgement through the audit, such as:
 Client acceptance and continuance
 Determining materiality level
 Assessing AR
 Designing audit strategy and plan
 Evaluating audit evidence
 Determining audit opinion
Professional Judgement
SSA 200.16 Auditor shall exercise professional judgement in planning & performing an audit
 A24: Relevant training, knowledge, experience
 A25: Consultation on difficult/ contentious matters
 A27: Appropriately documented… SSA 230.8 sufficient to enable an experienced auditor having
no previous connection w audit, to understand the sig. professional judgements made in reaching
conclusions
o Not justification for decisions that aren’t supported by facts & circumstances of
engagement/ sufficient appropriate audit evidence
Professional Skepticism
SSA 200.15 Auditor shall plan & Perform an audit w professional skepticism
 A18: Being alert to
o Audit evidence that contradicts other audit evidence obtained
o Reliability of documents & responses to inquiries
o The need for additional audit procedures
 A21: May accept records & documents as genuine… the auditor is required to consider reliability
of info (SSA 500:7-9)
 A22: Belief that mgmt. & those charged w governance are honest & have integrity does not
relieve that auditor of the need to maintain professional skepticism
161
Conceptual Framework for Code of Ethics
(a) Identify threats (circumstances or relationships) that may compromise one’s ability to comply with
fundamental principles
(b) Evaluate the significance of the threats identified
(c) Apply safeguards (actions or measures), where necessary, to eliminate/ reduce threats to an
acceptable level (based on what a reasonable and informed third party would likely conclude)
(d) If no appropriate safeguards are available, eliminate the circumstance or relationship creating the
threats, or decline or terminate the audit engagement
Fundamental Principles S100.5

Integrity To be straightforward and honest in all professional and business relationships
Objectivity To not allow bias, conflict of interest or undue influence of others to override
professional or business judgments. Also independence
Professional To maintain professional knowledge & skill at the level required to ensure that a
Competence client or employer receives competent professional services based on current
and Due Care developments in practice, legislation and techniques and act diligently and in
accordance with applicable technical and professional standards
Confidentiality To respect the confidentiality of information acquired as a result of professional and
business relationships and, therefore, not disclose any such information to third
parties without proper and specific authority, unless there is a legal or professional
right or duty to disclose, nor use the information for the personal advantage of the
professional accountant or third parties.
Professional To comply with relevant laws and regulations and avoid any action that discredits
Behaviour the profession.
Threats (Identify, Evaluate, Address)

Things that can compromise accountant’s ability to comply with fundamental principles
Self-interest Threat that a financial or other interest will inappropriately influence the professional
threat accountant’s judgement or behaviour
 Financial interest
 Loans & guarantees
 Business relationships
 Family and personal relationships
 Employment with audit clien
Self-review Threat that a professional accountant will not appropriately evaluate the results of a
threat previous judgment made or service performed by the professional accountant, or by
another individual within the professional accountant’s firm or employing organization,
on which the accountant will rely when forming a judgment as part of providing a current
service
 Temporary staff assignment
Advocacy Threat that a professional accountant will promote a client’s or employer’s position to
threat the point that the professional accountant’s objectivity is compromised
Familiarity Threat that due to a long or close relationship with a client or employer, a professional
threat accountant will be too sympathetic to their interests or too accepting of their work
 Employment with audit client
162
Intimidation Threat that a professional accountant will be deterred from acting objectively because of
actual or perceived pressures, including attempts to exercise undue influence over the
professional accountant
 Business relationships
 Employment with audit client
Safeguards
Safeguards are actions or other measures that may eliminate threats or reduce them to an acceptable
level. They fall into two broad categories:
1. By Profession, legislation or regulation:

 Entry requirements to profession
 Continuing professional development requirements
 Corporate governance regulations
 Standards
 Monitoring and disciplinary procedures (enforcement)
2. Work environment
Firm-wide safeguards
 Leadership (tone at the top)
 Quality control policies and procedures, such as
o Independence policies
o Segregation between assurance & non-assurance teams
Engagement-specific safeguards such as
 Reviews
 Consultation
 Rotation of senior team members
 Disclosure to TCWG of client the nature of services provided and extent of fees charged
Client-based (corporate governance, controls)
Typical Safeguards
 Having a professional accountant review the work of the member of the audit team
 Removing the individual from the audit team
 Excluding the member of the audit team from any significant decision-making concerning the
audit engagement
 Structuring the responsibilities of the audit team so that the professional does not deal with
matters that are within the responsibility of the immediate/close family member
 Rotating the senior personnel off the audit team
 Regular independent internal or external quality reviews of the engagement
 Arranging for such services to be performed by an individual who is not a member of the audit
team
 Having a professional who was not involved in providing the service review the audit or service
work performed
 Obtaining advice on the service from an external professional
163
Independence (S290.6 ACRA Code)
Independence of Mind
The state of mind that permits the expression of a conclusion without being affected by influences that
compromise professional judgment, thereby allowing an individual to act with integrity and exercise
objectivity and professional skepticism.
Independence in Appearance
The avoidance of facts and circumstances that are so significant that a reasonable and informed third
party would be likely to conclude, weighing all the specific facts and circumstances, that a firm’s, or a
member of the audit team’s, integrity, objectivity or professional skepticism has been compromised. E.g.
Cannot own shares of client
Ethical Conflict Resolution Process (ACRA Code 100.19-25)

1. Consider:
 Relevant facts
 Ethical issues involved
 Fundamental principles involved
 Established internal procedures
 Alternative courses of action (eg leaving the firm)
2. Weigh consequences of each course of action
3. Determine appropriate course of action that is consistent with fundamental principles involved
4. Seek consultation and advice (if matter unresolved)
164
Financial Ratios
When using industry average as benchmark, there are various limitations

 May not capture operating or geographical factors that maybe specific to the entity
 Use of different accounting policies
 Industry data may not be available in sufficient detail for a particular entity
Note: Cannot evaluate financial ratios in isolation
Short-term liquidity ratio look at the entity’s ability to meet its current obligation
𝐶𝑢𝑟𝑟𝑒𝑛𝑡 𝐴𝑠𝑠𝑒𝑡𝑠
 Current Ratio = 𝐶𝑢𝑟𝑟𝑒𝑛𝑡 𝐿𝑖𝑎𝑏𝑖𝑙𝑖𝑡𝑖𝑒𝑠
o Considered acceptable if the ratio is between 1 to 2
o High current ratio indicates an entity’s ability to pay current obligations
Short-term liquidity ratios
o Include old accounts receivable or obsolete inventory, hence distorting ratio

𝐿𝑖𝑞𝑢𝑖𝑑 𝐴𝑠𝑠𝑒𝑡𝑠
 Quick Ratio = 𝐶𝑢𝑟𝑟𝑒𝑛𝑡 𝐿𝑖𝑎𝑏𝑖𝑙𝑖𝑡𝑖𝑒𝑠
o Inventories and Prepaid items not included in the liquid assets
o Portrays a better picture of the entity’s liquidity if inventory contain obsolete or slow-
moving
o Considered acceptable if ratio is higher than 1
𝐶𝑎𝑠ℎ 𝑓𝑙𝑜𝑤 𝑓𝑟𝑜𝑚 𝑂𝑝𝑒𝑟𝑎𝑡𝑖𝑜𝑛𝑠
 Operating Cash Flow Ratio = 𝐶𝑢𝑟𝑟𝑒𝑛𝑡 𝐿𝑖𝑎𝑏𝑖𝑙𝑖𝑡𝑖𝑒𝑠
o Provides a longer-term measure of the entity’s ability to measure its current liabilities
o If ratio is negative, the entity might have going-concern issues and may need
alternative sources of funding to meet obligation
𝐶𝑟𝑒𝑑𝑖𝑡 𝑆𝑎𝑙𝑒𝑠
 Receivables Turnover Ratio = 𝑅𝑒𝑐𝑒𝑖𝑣𝑎𝑏𝑙𝑒𝑠
365
 Days outstanding in Receivables = 𝑅𝑒𝑐𝑒𝑖𝑣𝑎𝑏𝑙𝑒𝑠 𝑇𝑢𝑟𝑜𝑣𝑒𝑟 𝑅𝑎𝑡𝑖𝑜
o Receivables turnover ratio indicates how many times accounts receivables are
turned over during a year (i.e. higher the better)
o When comparison to credit terms, it will be better to compare against days
outstanding in receivables
𝐶𝑜𝑠𝑡 𝑜𝑓 𝐺𝑜𝑜𝑑𝑠 𝑆𝑜𝑙𝑑
 Inventory Turnover Ratio = Days Inventory on hand =
𝐼𝑛𝑣𝑒𝑛𝑡𝑜𝑟𝑦
365
Activity Ratio
𝐼𝑛𝑣𝑒𝑛𝑡𝑜𝑟𝑦 𝑇𝑢𝑟𝑜𝑣𝑒𝑟 𝑅𝑎𝑡𝑖𝑜

o Inventory turnover indicates the frequency which inventory is consumed in a year
(i.e. the higher, the better)
𝑃𝑢𝑟𝑐ℎ𝑎𝑠𝑒𝑠
 Payable Turnover Ratio = Days Accounts Payable =
𝐴𝑐𝑐𝑜𝑢𝑛𝑡𝑠 𝑃𝑎𝑦𝑎𝑏𝑙𝑒
365
𝑃𝑎𝑦𝑎𝑏𝑙𝑒 𝑇𝑢𝑟𝑜𝑣𝑒𝑟 𝑅𝑎𝑡𝑖𝑜
o High payable turnover indicates that companies are paying supplier faster
o Declining payable turnover is a sign that the company is taking longer to pay off (i.e.
a sign of financial deterioration
o Need to link to liquidity ratio to determine the reason for the changes in days account
payable (i.e. if liquidity ratio is high, days account payable can be short cause entity
may use idling cash to repay debt)
165
𝐺𝑟𝑜𝑠𝑠 𝑃𝑟𝑜𝑓𝑖𝑡
 Gross Profit Percentage = 𝑁𝑒𝑡 𝑆𝑎𝑙𝑒𝑠
o
Profitability Ratio
Ratio should be fairly consistent. If it varies significantly from previous years or
industry data, the entity’s financial data may contain errors
𝑃𝑟𝑜𝑓𝑖𝑡 𝑓𝑜𝑟 𝑡ℎ𝑒 𝑦𝑒𝑎𝑟
 Profit Margin Percentage =
𝑁𝑒𝑡 𝑆𝑎𝑙𝑒𝑠
o Significant fluctuations may indicate that misstatement exist in the selling, general
and administrative expenses
𝑃𝑟𝑜𝑓𝑖𝑡 𝑓𝑜𝑟 𝑡ℎ𝑒 𝑦𝑒𝑎𝑟 𝑃𝑟𝑜𝑓𝑖𝑡 𝑓𝑜𝑟 𝑡ℎ𝑒 𝑦𝑒𝑎𝑟
 Return on Asset = Return on Equity =
𝑇𝑜𝑡𝑎𝑙 𝐴𝑠𝑠𝑒𝑡𝑠 𝑇𝑜𝑡𝑎𝑙 𝐸𝑞𝑢𝑖𝑡𝑦
Provides information on the long-term solvency of the entity, giving important information about
an entity’s going concern issue
𝑆𝑇 𝐷𝑒𝑏𝑡+𝐿𝑇 𝐷𝑒𝑏𝑡
 Debt to equity =
Coverage Ratio
𝑇𝑜𝑡𝑎𝑙 𝐸𝑞𝑢𝑖𝑡𝑦
o Indicate the portion of the equity’s capital that comes from debt
o Lower the ratio, the less debt pressure on the entity. If it is too high, it may indicate
that the entity is too highly leveraged and may not be able to meet its debt obligation
𝑃𝑟𝑜𝑓𝑖𝑡 𝑓𝑜𝑟 𝑡ℎ𝑒 𝑦𝑒𝑎𝑟+𝐼𝑛𝑡𝑒𝑟𝑒𝑠𝑡 𝐸𝑥𝑝𝑒𝑛𝑠𝑒𝑠
 Times interest earned = 𝐼𝑛𝑡𝑒𝑟𝑒𝑠𝑡 𝐸𝑥𝑝𝑒𝑛𝑠𝑒𝑠
o Indicates the ability of current operations to pay the interest that is due on the
entity’s debt obligation
166

Edited AC2104 Bible

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Edited AC2104 Bible

Caricato da

Copyright:

Formati disponibili

AC2104 Assurance and Auditing AY17/18 Sem 2

Natural Conflict of interest

Types of Auditors & Auditing Services

Fundamental concepts in conducting Financial statements

IAASB Elements of an Assurance Engagement

Regulation of public accountants in Singapore

Institute of Singapore Chartered Accountants

Public Interest Oversight Board

IFAC/IESBA Code of Ethics

ISCA Code – Based on Part A, B, C of IFAC Code

Matters covered under Code of Corporate Governance 2012:

Mandatory Requirements on Audit Committees

Companies Act 201B(5): Functions of AC shall be

Overview of Key Audit-related Companies Act Provision  Refer to Sem 2 Slide 17

Overview of the Audit Process

New & Revised Auditor Reporting Standards

SSA 701.9 The auditor shall determine, from matters

Unmodified (SSA700): F/S conform to the applicable FR framework

Qualified (“Except for”): Material but not pervasive

Material Misstatements SSA 320(2)

Pervasive Misstatements SSA 705

Emphasis of Matter & Other Matter Paragraph

Does not affect auditor’s opinion because it can

Audit Expectation Gap

Management Assertions (SSA 315)

Nature of Audit Evidence

Sufficiency & Appropriateness of Audit Evidence

Sufficiency (Quantity) Appropriateness (Quality)

Audit Procedures for Obtaining Audit Evidence

1. Risk Assessment Procedures

By Objective By Means (in order of reliability)

Analytical Procedures (SSA 520)

Purpose of analytical procedures

Major types of analytical procedures

Investigation of unexpected results (SSA 520:7)

Key components of Audit Documentation

Content of Audit Documentation

Client Acceptance & Continuance

Communications w those charged w governance

Preconditions for an Audit

Planning the Audit

Using the work of an internal audit function

Using IAF to provide direct assistance

Competence  Personal experience with previous work

Use of Materiality in the Audit

Step 2: Where applicable, determine

Step 1: Determine Overall Materiality

Benchmark Relevant % SMEs Relative advantages

Factors affecting choice of % (Use lower % when)

Materiality not affected by risk of misstatement  OM is always based on clients’ needs

General Rule: 60% to 80% / 50% to 75% of Overall Materiality

Factors affecting choice of % range to be LOWER:

Step 3: Evaluate Audit Findings (Materiality of Misstatements)

Evaluation of uncorrected misstatements

 Communicate uncorrected misstatements with TCWG and request for correction

Evaluating effect of uncorrected misstatements

Relationship between AR and Materiality

(Effect of setting materiality at diff levels on AR and planned audit procedures)

Components of Audit Risk

Audit Risk Model

Planned DR = Planned AR / IR x CR  (RMM)

Achieved AR ≤ Planned level  Unmodified

Limitations of the Audit Risk Model