Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Auditing Internal Control over Financial Reporting in Conjunction with an Audit of Financial Statements
McGraw-Hill/Irwin
LO# 1
7-2
LO# 1
LO# 2
7-4
LO# 3
LO# 4
LO# 4
LO# 4
LIKELIHOOD
7-8
LO# 5
7-9
LO# 6
Managements Documentation
Management must develop sufficient documentation to support its assessment of the effectiveness of internal control. This documentation may take many forms, such as paper, electronic files, or other media. It also includes policy manuals, job descriptions, flowcharts, and process models.
7-10
LO# 7
7-11
LO# 8
The auditor typically obtains his or her understanding of managements assessment process through inquiry of management and others.
7-12
LO# 8
LO# 8
Controls are effectively designed when they prevent or detect errors or fraud that could result in material misstatements in the financial statements.
7-14
LO# 8
In testing the effectiveness of controls, the auditor needs to consider the nature, timing, and extent of testing.
7-15
7-16
LO# 9
7-17
LO# 8
7-18
LO# 10
Written Representations
In addition to the management representations obtained as part of a financial statement audit, the auditor also obtains written representations from management related to the audit of internal control over financial reporting.
Failure to obtain written representations from management, including managements refusal to furnish them, constitutes a limitation on the scope of the audit sufficient to preclude an unqualified opinion.
7-19
LO# 11
The auditor must properly document the processes, procedures, judgments, and results relating to the audit of internal control. When an entity has effective internal control over financial reporting, the auditor should be able to perform sufficient testing of controls to assess control risk for all relevant assertions at a low level.
7-20
LO# 12
LO# 13
7-22
LO#
13 & 14
7-23
LO#
13 & 14
Opinion
A qualified opinion is issued when there is a limitation on the scope of the auditors work. An adverse opinion is required if a material weakness is identified.
7-24
7-27
7-28
Because of its inherent limitations, internal control over financial reporting may not prevent or detect misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate.
7-29
7-31
LO# 15
1. A title that includes the word independent. 2. An identification of managements conclusion about the effectiveness of the companys internal control over financial reporting. 3. A definition of internal control over financial reporting. 4. A statement that the auditor planned and performed the audit to obtain reasonable assurance about whether effective internal control is maintained. 5. A statement that an audit includes obtaining an understanding of internal control, valuating managements assessment of testing the design and effectiveness of internal control and any other procedures.
7-33
3. 4.
5.
LO# 15
Unqualified opinion
Adverse opinion
7-36
LO# 15
LO# 16
LO# 17
LO# 18
LO# 18
LO# 18
Advanced Module 1: Special Considerations for an Audit of Internal Control Using the work Service
of others. organizations.
7-43
LO# 9
LO# 19
Yes
Are there specific significant risks? 5 Yes No 130 Are there units that are not important even when aggregated? 60 Yes No 70 Are there documented company-level controls over this group? Yes
Evaluate documents and test controls over significant accounts at each location.
Evaluate documents and test company-level controls over group. Some testing of controls at individual locations.
7-45
No
LO# 20
7-46
LO# 20
LO# 21
Safeguarding of Assets
Safeguarding of assets is defined as policies and procedures that provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of the companys assets that could have a material effect on the financial statements.
7-48
LO# 22
ri tio n
S e le tio n o e ra to r
A rit
e ti
fu n tio n
e a d a n d e xtra t d a ta fro a lie n t' o u te r file o r d a ta a e fo r fu rt e r a u d it te tin S e le t fro file o r d a ta a e tra n a tio n t a t e e t e rta in rite ria e rfo r a a rie t o f a rit e ti a l u la tio n (a d d itio n , u tra tio n , a n d o o n ) o n tra n a tio n , file , a n d d a ta a e ro id e fu n tio n t e o f a u d it a re a re a rio u a n d re o rt t u o rtin lin e a rio u
S ta ti ti a l a n a l
e o rt
e n e ra tio n
of do u
e nt
7-50
LO# 22
LO# 22
Test Data
This is data developed by the auditor to test the application controls in the clients computer programs. The technique can be used to check 1. data validation controls and error detection routines 2. processing logic controls 3. arithmetic calculations and 4. the inclusion of transactions in records files and reports.
7-52
Test Data
The objective of this method is to insure the accuracy of the computer processing of transactions. This technique can be used to check: 1. Data validation controls and error detection routines. 2. Processing logic controls. 3. Arithmetic calculations. 4. Inclusion of transactions in records, files, and reports.
7-53
Test Data
The main advantage of this method is that it provides direct evidence of the effectiveness of controls in the clients application programs. However it has a number of potential disadvantages: 1. It can be very time consuming to create the data. 2. The auditor may not be certain that all relevant conditions or controls are tested. 3. The auditor must be certain that the test data are processed using the clients regular production programs. 4. The auditor must be sure to remove the valid test data from the clients files.
7-54
Generalized audit software GAS 1. Can be used on a number of different computers and can access files with may differing file/record formats. 2. Auditor does not have to have a complete understanding of the client s hardware and software features. 3. Each different generalized software system has its own characteristics which the auditor must carefully consider before using in a given audit situation.
7-56
Advantages of using computer audit software: 1. Can be used to access client data that is maintained on client files especially since some client data that is of interest to the auditor may e ist only temporarily and only in machine-readable form. Utilize the speed and accuracy of the computer. Can deal effectively with large quantities of data. Can reduce the auditor s reliance on client IT personnel. Can produce not always efficiencies in the audit. This is especially true where applications can be used in ensuing years with little or no modifications.
7-57
2. 3. 4. 5.
4.
5. 6.
7-62
8. 9.
10. Allow easier creation of customized working papers. 11. Computer-generated working papers are generally more legible and consistent. 12. Supervisory-review time may be reduced. 13. Client s personnel may not need to manually prepare as many working paper schedules.
7-63
End of Chapter 7
7-65