Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Auditors
If the external auditor decides to use some of the
work of the internal auditor,
The external auditor will supervise, manage and review
Internal
all of the work done by the internal auditors.
The internal auditors will not assess risk.
Auditors- The internal auditors will not draw any conclusions.
Support to The internal auditor will be more likely to be used in areas
that are objective (existence of fixed assets) than
External subjective (valuation of future cash flows).
Auditors
+91 800 8000
311
+91 800 8000
311
Internal Auditing
Session 2
Internal auditors perform two basic types of services:
1. Assurance services: performing an objective examination of
evidence for the purpose of providing an independent assessment
Internal on governance, risk management, and control process for the
organization.
Auditors-
Services 2. Consulting services: advisory and other related client service
activities. They are usually performed at the request of the client,
and their nature ands scope are agreed upon with the client. They
are intended to add value and improve an organization's
governance, risk management and control processes.
Assurance services include:
1. Financial audit: analyze the economic activity as measured and
reported by accounting methods. The goal is to determine
whether financial assertions can be proven:
Existence or occurrence
Internal Completeness
Auditors- Rights and obligations
Services Valuation or allocation
Presentation and disclosure
2. Performance (or operational) audit: it focuses on the efficiency,
effectiveness, and economy of the company´s internal control
system based upon the company standards.
Assurance services include (cont´d):
3. Audit of financial controls: involves examining two aspects of
financial internal controls:
Controls over financial resources
Internal 4.
Controls over the accounting for financial resources
Compliance audit: performed in order to determine whether an
Auditors- organization is operating in an orderly way, effectively and
visibly confirming to certain specific requirements of its polices,
Services procedures, or standards
5. System security audit: auditing the controls in place for
information systems.
6. Due Diligence engagement: to confirm company records, both
financial and those of property ownership
• Examples of consulting services include:
1. Quality audit: evaluating the quality of the product or service
being provided
Services
The most competent, or best source of evidence is something
obtained by the auditor directly. Evidence from the client is
the worst, and evidence from a third party is in the middle.
Audit evidence is classified according to legal rules of evidence.
These include:
Direct – acquired directly by the party offering it
Hearsay – secondhand account where the witness does not have
personal direct knowledge
Internal Documentary – any original record, dead, or document
Auditors-
Opinion – not generally considered useful evidence.
Circumstantial – evidence that is consistent with a particular
Services
inference
Secondary – not the original documentation
Corroborative – supports other evidence
Conclusive – it is indisputable
is the worst, and evidence from a third party is in the middle.
The Sarbanes-Oxley Act requires management to assess the
adequacy of the company’s internal controls over financial
reporting. Internal auditors can assist in this through an audit of
financial controls
Internal A financial audit focuses on accounting controls. An operational
audit focuses on administrative controls.
Auditors- Accounting controls are concerned with the integrity and accuracy
Services of the accounting system and the financial reports being
generated
Administrative controls are more focused on managements'
operating objectives.
Accounting controls are intended to achieve the
following characteristics for the financial records:
Internal Completeness: Are all of the transactions reflected in or
captured by the accounting system?
Auditors- Validity: Are only valid transactions recorded?
Services Authorization: Are all transactions properly authorized?
Accuracy: Are reported numbers accurate representations
of the economic transactions that have occurred?
An audit of controls has the following objectives:
1. determine if controls are in place
2. determine if the existing controls are structurally sound
3. determine if the controls are designed to achieve a specific
management objective, to achieve compliance with predetermined
requirements, or to ensure accuracy and propriety of transactions
Internal 4. determine whether the controls are being used properly
5. determine if the controls are efficiently serving their purpose
Auditors- 6. determine whether the controls are effective
Services 7.
8.
determine if management is using the output of the control system
Does the control system have the following required characteristics?
Flexibility.
Timeliness.
Accountability.
Cause identification.
Appropriateness.
Placement.
Procedures the auditor performs to test operating effectiveness
of controls include a mix of tests. Some types of tests produce
greater evidence of the effectiveness of the controls than other
tests.
Internal Here are the tests that an auditor might perform in order of the
evidence they would usually produce, from the lowest quality
Auditors- evidence to the highest quality evidence:
Services 1.
2.
Inquiry of appropriate personnel;
Observation;
3. Inspection of relevant documentation; and
4. Re-performance of a control
If an auditor identifies a deficiency in a control over financial
reporting, the auditor should evaluate the severity of the
deficiency to determine whether the deficiency, either
Internal individually or in combination with other deficiencies,
Auditors- represents a material weakness. The severity depends upon:
Whether there is a reasonable possibility that the company’s
Services controls will fail to prevent or detect a misstatement of an account
balance or disclosure; and
The magnitude of the potential misstatement resulting from the
deficiency or deficiencies.
Risk factors affect whether there is a reasonable possibility that
a deficiency or combination of deficiencies will result in a
misstatement of an account balance or disclosure. These risk
Internal factors include:
Auditors- The nature of the financial statement accounts, disclosures, and
assertions involved;
Services The susceptibility of the related asset or liability to loss or fraud, or
how likely it is that something could go wrong;
The subjectivity, complexity, or extent of judgment required to
determine the amount involved;
Risk factors affect whether there is a reasonable possibility that
a deficiency or combination of deficiencies will result in a
Internal misstatement of an account balance or disclosure. These risk
factors include (cont´d):
Auditors- The interaction or relationship of the control with other controls,
including if they are interdependent or redundant
Services The interaction of the deficiencies, i.e., if there is more than one,
could they in combination cause a material misstatement
The possible future consequences of the deficiency
If multiple control deficiencies affect the same financial
statement balance or disclosure, that increases the likelihood of
misstatement and may, in combination, constitute a material
weakness(though each deficiency individually may not be
severe)
Internal Factors that affect the size of a misstatement that might result
from a deficiency in controls include:
Auditors- The financial statement amounts or total of transactions exposed
to the deficiency; and
Services The volume of activity in the account balance or class of
transactions exposed to the deficiency that has occurred in the
current period or that is expected in future periods.
In a financial statement audit, the audit should be prepared so
that any material misstatement is detected, no matter what the
cause of the misstatement.