Audit Strategy
1. Why does the auditor assess control risk?
2. What procedures does the auditor use to obtain an understanding of the flow of transactions and the related controls?
3. What is the purpose of test of control?
2007-09-09 04:56:34 · 2 answers · asked by Anonymous in Business & Finance ➔ Corporations
1. Control risk - Control risk is the risk that a misstatement, that could occur in an assertion and that could be material individually or when aggregated with other misstatements, will not be prevented or detected and corrected on a timely basis by the entity’s internal control. An auditor needs to assess control risk in order to develop his responses to these assessed risks and to incorporate these response procedures into his audit plan.
2. The auditor should perform the following risk assessment procedures to obtain an understanding of the entity and its environment, including its internal control:
(a) Inquiries of management and others within the entity. Although much of the information the auditor obtains by inquiries can be obtained from management and those responsible for financial reporting, inquiries of others within the entity, such as production and internal audit personnel, and other employees with different levels of authority, may be
useful in providing the auditor with a different perspective in identifying risks of material misstatement;
(b) Analytical procedures. Analytical procedures may be helpful in identifying the existence of unusual transactions or events, and amounts, ratios, and trends that might indicate
matters that have financial statement and audit implications. In performing analytical procedures as risk assessment procedures, the auditor develops expectations about plausible relationships that are reasonably expected to exist.; and
(c) Observation and inspection. Observation and inspection may support inquiries of management and others, and also provide information about the entity and its environment.
In addition, the auditor performs other audit procedures where the information obtained may be helpful in identifying risks of material misstatement. For example, the auditor may consider making inquiries of the entity’s external legal counsel or of valuation experts that the entity has used. Reviewing information obtained from external sources such as reports by analysts, banks, or rating agencies; trade and economic journals; or regulatory or financial publications may also be useful in obtaining information about the entity.
3. When, in accordance with paragraph 115 of ISA 315, the auditor has determined that it is not possible or practicable to reduce the risks of material misstatement at the assertion level to an acceptably low level with audit evidence obtained only from substantive procedures, the auditor should perform tests of relevant controls to obtain audit evidence that the key controls identified do operate EFFECTIVELY. This includes obtaining audit evidence about how controls were applied at relevant times during the period under audit, the consistency with which they were applied, and by whom or by what means they were applied.
2007-09-10 03:01:32 · answer #1 · answered by Sandy 7 · 0⤊ 0⤋
This is excerpt taken from US SAS: Chapter7 7.5 Why does ASA 240 specifically require the auditor to consider manipulation of revenue and override of controls in relation to fraud? The auditor must obtain a sufficient understanding of the entity and its environment, including its internal control to assess the risk of material misstatement of the financial statements whether due to error or fraud and to design the nature, timing, and extent of further audit procedures. Certain accounts, classes of transactions, and assertions that have high inherent risk because they involve a high degree of management judgment and subjectivity also may present risks of material misstatement due to fraud because they are susceptible to manipulation by management. For example, revenues for software developers may be deemed to have high inherent risk because of the complex accounting principles applicable to the recognition and measurement of software revenue transactions. Material misstatements due to fraudulent financial reporting often result from an overstatement of revenues (for example, through premature revenue recognition or recording fictitious revenues) or an understatement of revenues (for example, through improperly shifting revenues to a later period). Therefore, the auditor should ordinarily presume that there is a risk of material misstatement due to fraud relating to revenue recognition. Even if specific risks of material misstatement due to fraud are not identified by the auditor, there is a possibility that management override of controls could occur, and accordingly, the auditor should address that risk apart from any conclusions regarding the existence of more specifically identifiable risks. 7.7 Why are risks concerning irregularities and the going concern basis important to the audit planning process? The auditor has a responsibility to evaluate whether there is substantial doubt about the entity's ability to continue as a going concern for a reasonable period of time, not to exceed one year beyond the date of the financial statements being audited (hereinafter referred to as a reasonable period of time). The auditor's evaluation is based on his or her knowledge of relevant conditions and events that exist at or have occurred prior to the date of the auditor’s report. Information about such conditions or events is obtained from the application of auditing procedures planned and performed to achieve audit objectives that are related to management's assertions embodied in the financial statements being audited. Irregularities and the going concerns issue may significantly impact the presentation of financial statments hence it is to be considered significant risk that requires special audit consideration. 7.8 Identify the matters an auditor is particularly concerned about when evaluating materiality as part of planning. The concept of materiality recognizes that some matters, either individually or in the aggregate, are important for fair presentation of financial statements in conformity with generally accepted accounting principles, while other matters are not important. In performing the audit, the auditor is concerned with matters that, either individually or in the aggregate, could be material to the financial statements. The auditor’s responsibility is to plan and perform the audit to obtain reasonable assurance that material misstatements, whether caused by errors or fraud, are detected. The auditor's consideration of materiality is a matter of professional judgment and is influenced by the auditor’s perception of the needs of users of financial statements. The perceived needs of users are recognized in the discussion of materiality in Financial Accounting Standards Board , Qualitative Characteristics of Accounting Information, which defines materiality as "the magnitude of an omission or misstatement of accounting information that, in the light of surrounding circumstances, makes it probable that the judgment of a reasonable person relying on the information would have been changed or influenced by the omission or misstatement." That discussion recognizes that materiality judgments are made in light of surrounding circumstances and necessarily involve both quantitative and qualitative considerations. In an audit of financial statements, the auditor’s judgment as to matters that are material to users of financial statements is based on consideration of the needs of users as a group; the auditor does not consider the possible effect of misstatements on specific individual users, whose needs may vary widely. Misstatements can result from errors or fraud and may consist of any of the following: a. An inaccuracy in gathering or processing data from which financial statements are prepared b. A difference between the amount, classification, or presentation of a reported financial statement element, account, or item and the amount, classification, or presentation that would have been reported under generally accepted accounting principles c. The omission of a financial statement element, account, or item d. A financial statement disclosure that is not presented in conformity with generally accepted accounting principles e. The omission of information required to be disclosed in conformity with generally accepted accounting principles f. An incorrect accounting estimate arising, for example, from an oversight or misinterpretation of facts; and g. Management’s judgments concerning an accounting estimate or the selection or application of accounting policies that the auditor may consider unreasonable or inappropriate. Misstatements may be of two types: known and likely, defined as follows: a. Known misstatements. These are specific misstatements identified during the audit arising from the incorrect selection or misapplication of accounting principles or misstatements of facts identified, including, for example, those arising from mistakes in gathering or processing data and the overlooking or misinterpretation of facts. b. Likely misstatements. These are misstatements that: i. Arise from differences between management’s and the auditor’s judgments concerning accounting estimates that the auditor considers unreasonable or inappropriate (for example, because an estimate included in the financial statements by management is outside of the range of reasonable outcomes the auditor has determined). ii. The auditor considers likely to exist based on an extrapolation from audit evidence obtained (for example, the amount obtained by projecting known misstatements identified in an audit sample to the entire population from which the sample was drawn).
2016-04-03 22:42:37 · answer #2 · answered by Anonymous · 0⤊ 0⤋