Audit Midterm
Final evaluation of audit tests
- review the audit documentation - Evaluate financial statement disclosures - Evaluate the summary of misstatement discovered during the audit to ensure that the combined amount is not material - Lastly, evaluate any proposed adjustments that have not been recorded
5 methods for developing an expectation
1) Compare to prior year data - prior year balances, Details of prior year balances, Ratios and percent relationships 2) Compare to client budgets 3) compare to industry or other external data 4) compare to expected results using nonfinancial data 5) Compare to auditor-determined expected results
Test of controls, Test of transactions
2 different ways that the external auditors get sufficient evidence that the financial statements are free from material misstatement.
Compliance Objective
A primary objective of IC: adherence to laws and regulations to which entity is subject
Operations Objective
A primary objective of IC: controls encourage effective and efficient use of its resources to achieve company's goals (including accurate information for decision making)
Reporting Objective
A primary objective of IC: internal and external financial reporting that may encompass reliability, timeliness, transparency, or other terms set forth by regulators, standard setters, or the entity's own policies
Internal Controls
A process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting, and compliance.
2200
AS ____: An Audit of Internal Control Over Financial Reporting That Is Integrated with An Audit of Financial Statements
2110
AS ____: Identifying and Assessing Risks of Material Misstatement
control, efficient, sample
Advantages to statistical sampling: - Allows auditors to measure and _______ sampling risk which helps: - design _______ samples - measure sufficiency of evidence - objectively evaluate ______ results
preliminary
After obtaining an understanding, auditors make a _______ assessment of control risk (risk that internal controls will not prevent or detect material misstatements)
top-down approach, significant
An approach for estimating control risk that first assesses entity-level controls (many of the elements in control environment, risk assessment, and monitoring components)then asses key controls for each ______ account and their relevant assertions
Completion
Analytical procedures are used in this to take one last look at the big picture - typically done by audit manager/partner
Understanding, Audit
Analytical procedures used in the planning phase of an audit should focus on: Enhancing the auditor's _____ of the transactions and events that have occurred since the last ____
brainstorming, fraud, revenue, communications
As 2401.83 requires auditors to document the following: 1. _______ session 2. procedures performed to identify and assess ____ risks 3. Specific fraud risks that were identified and description of auditor's response 4. Reasons supporting a conclusion that _____ recognition is not a fraud risk 5. Procedures performed to address the risk of management override (e.g., JE testing, reviewing estimates for bias, rationale for unusual transactions) 6. The nature of _____ about fraud made ot management, the audit committee, and others
Disclosure
Assertion concerned with concerned with whether an item ius disclosed, classified and dsescribed in accordance with the applicable financial reporting framework
Completeness
Assertion concerned with ensuring that there are no unrecorded assets, liabilities, transactions or other events, or undisclosed items
Valuation
Assertion concerned with whether an asset or liability is recorded at an appropriate carrying amount
Rights and Obligations
Assertion concerned with whether an asset or liability pertains to the entity at a given date and whether the entity was a party to reported transactions
Measurement
Assertion concerned with whether appropriate amounts have been used to re
Existence
Assertion concerned with whether assets or liabilities exist at a given date
occurrence
Assertion concerned with whether transactions that generated financial report accounts actually occurred
management, BOD, confirmations
Audit procedures for contingent liabiltiies: - Make inquires of _______ - Review IRS reports for tax settlements - Review minutes of ____ meetings - Review documents (contracts, leases) - Read ________ from banks - Analyze legal expenses and correspond with attorneys
management, subsequent
Audit procedures for subsequent events: - Make inquires of _____ - Review minutes of board meetings - Review client-prepared financial statements for periods _______ to the balance sheet date - Review records prepared subsequent to the balance sheet date
objective, characteristic, size, measure, evaluate
Audit sampling steps 1. Determine the _______ of sampling. 2. Define the _______ of interest 3. Define the population (and consider completeness of it). 4.Determine the sample _____ 5. Select the sample items 6. ______ the sample items. 7. ______ the sample size
every
Auditing Standards require the auditor to obtain an understanding of internal control relevant to the audit on _____ engagement
consideration
Auditing standards (e.g., AS 2401.83) require that auditors document the following matters related to their ____________ of material misstatements due to fraud:
Going Concern Assumption
Auditing standards require the auditor to evaluate whether there is a substantial doubt about a client's ability to continue as a going concern for at least one year beyond the balance sheet date.
Breach, Tort
Auditors can be sued for ____ of contract ____ action of negligence
Liability to third parties under common law
Bank sues auditor for issuing an unqualified opinion on the borrower's financial statements when they were materially misstated
request, conversion
Business functions cycle begins with _____ by customer, ends with _____ into cash
Civil Liability under Statutory Law
Class action lawsuit filed by a group of shareholders (third parties) claiming that the auditor did not discover a material misstatement due to fraud
liability to clients
Client sues auditor for breach of contract or not discovering a material misstatement during the audit
GAAS, scope
Communication with those Charged with Governance - "Person(s) responsible for overseeing the financial reporting process" - Required communication for all audit clients - Matters to be communicated: - Auditor responsibility under ______ audits (early in the audit) - Planned _____ and timing of the audit (early in the audit) - Significant audit findings
Management representation letter
Confirm and document oral representations made by the client and attests to the accuracy of the financial statements that the company has submitted to the auditors for their analysis - written by the client to the auditor (dated the same as the audit report date, cannot be earlier)
control, substantive
Control tests involve checking that a client's _____ is working, whereas a _______ test involves ignoring client systems and just checking the numbers
quantifying, difficult
Disadvantages to nonstatistical sampling - Provides no means of ______ sampling risk and the representativeness of the sample is ______ to determine - Sample may be _____ than necessary or auditors may unknowingly accept a higher than acceptable degree of sampling risk
Yes (attitudes)
Does this information indicate an increased risk for fraud: There are recurring attempts by management to justify marginal or inappropriate accounting on the basis of materiality.
Yes (opportunity)
Does this information indicate an increased risk for fraud: Assets and revenues are based on significant estimates that involve subjective judgments and uncertainties that are hard to corroborate
No (high turnover = cant maintain)
Does this information indicate an increased risk for fraud: The company has experienced low turnover in management and its internal audit function.
yes (incentives/pressures)
Does this information indicate an increased risk for fraud: The company is marginally able to meet exchange listing and debt covenant requirements.
Test of controls
Each key control, that the auditor intends to rely on to support a control risk of medium or low, must be supported by sufficient ______ __ _______
environment, centralized, results, period end
Entity level controls - Controls related to the control _________ - Controls over management override - The company's risk assessment process - _____ processing and controls, including shared service environments - Controls to monitor ______ of operations - Controls to monitor other controls - Controls over the ____-____ financial reporting process - Policies that address significant business control and risk management practices
Analytical Procedures
Evaluations of financial information made by a study of plausible relationships among financial and nonfinancial data.. involving comparisons of recorded amounts... to expectations developed by the auditor
subsequent events
Events that provide additional evidence about conditions that existed at the balance sheet date and affect estimates inherent in the process of preparing financial statements (F/S)
Trends, difficulties
Ex. of events that may cause concern for going concern assumption: - negative financial ____, other indicators of potential financial _______, internal matters, external matters
Substantive
Exception identified in a _______ test is a F/S misstatement
Greater, More
Existence of control test deviations or unusual fluctuations in AP = ______ risk and ______ substantive testing to identify the dollar amount of misstatements is necessary (and vice versa)
Material Weakness
Exists if a significant deficiency or a combination of significant deficiencies results in a reasonable possibility that internal control will not prevent or detect material financial misstatements on a timely basis
Control Deficiency
Exists if design or operation of controls does not permit company personnel to prevent or detect misstatements on a timely basis in the normal course of performing their assigned functions
significant deficiency
Exists if one or more control deficiencies exist that is less severe than a material weakness but important enough to merit attention by those responsible for oversight of the company's financial reporting
Breach of contract
Failure of one or both parties to fulfill the contract Only between parties who have "privity of contract". A contract cannot confer rights or impose obligations upon any person who is not a party to the contract. The premise is that only parties to contracts should be able to sue to enforce their rights or claim damages as such.
Criminal Liability - government
Federal government prosecutes auditor for knowingly issuing an incorrect audit report
assertions, transactions
For the sake of efficiency, auditors often perform tests of controls and substantive tests of transactions simultaneously: using _____ purpose tests Tests all applicable assertions related to _______
Responsibility, measurement
Four categories of specific matters to include in a management representation letter 1. _______ for the financial statements 2. Completeness of information 3. Recognition, ______ and disclosure 4. Subsequent events
Benchmarks, Controls,
Fraud triangle - in terms of fraudulent financial reporting - Pressure to meet ______ - poor internal _____ (opportunities) - Lack of support for entity's values and financial reporting process (attitudes)
assets, inadequate
Fraud triangle - in terms of misappropriation - Financial obligations, adverse relationship b/w management and employees with access to assets (incentive) - disregard for monitoring of _____ and internal controls (attitudes) - large amounts of cash and/or high value assets on hand ______ internal controls (lack of segregation of dutie) (opportunities)
Dual purpose test
Gain efficiencies by performing tests of controls and substantive tests of transactions on the same sample of transactions
bias, convenient
Haphazard sampling is a sampling method in which the auditor does not intend to employ a systematic approach to selecting a sample - it can be difficult for ____ not to enter into this type of selection, since the auditor may be tempted to select items that are more _____ to access
Test of controls
How information is managed under a system that promotes correctness
audit, plans
How to evaluate going concern assumption: - Analytical procedures - Knowledge gained about the client's business throughout the _____ - Discussions with management about potential financial difficulties - Review and testing of management's ____
low, assurance
If auditor wants to use a ____ assessed control risk, to ensure reasonable ________, more extensive tests of controls are applied (i.e., increase both number of controls tested and size of sample).
Effective, Lower
If understanding of internal controls suggests that controls are likely to be ________, the auditor may decide to perform tests of effectiveness of controls to support ______ level of control risk
Sales Collection Cycle
Includes decisions and processes necessary for the transfer of ownership of good and services to customers after they are made available for sale.
Fraud
Intentional misstatements - financial reporting - misappropriation of assets
Common Law
Laws that have been developed through prior court decisions (unwritten laws) (i.e. precedent)
Statutory law
Laws that have been passed by the legislature and other governmental units Examples: Securities Acts of 1933 and 1934 Sarbanes-Oxley Act of 2002
Audit process
Phase 1: Plan and design an audit approach Phase 2: Perform tests of Controls Substantive test of transactions Phase 3: Perform analytical procedures and tests of details of balances Phase 4: Complete the audit and issue an audit report
Variable
Risk associated with this type of sampling: - Risk of incorrect acceptance ( accept account balance as fairly stated when in fact it is not) - Risk of incorrect rejection (reject account balance when in fact it is fairly stated)
attribute
Risk associated with this type of sampling: - Risk of overreliance (assessing control risk too low) - Risk of underreliance (assessing control risk too high)
Nonsampling Risk
Risk taht the audit tests do not uncover existing exceptions in the sample (e.g., failing to apply the appropriate audit procedures or recognize errors in the items selected)
Sampling Risk
Risk that the auditors' conclusions based on a sample may be different from the conclusion they would reach if they examined every item in the population
reduced, selecting
Sampling risk can be ______ by increasing the sample size and/or by using an appropriate method of ______ sample items from the population
clients, third parties, criminal
Sources of Auditors' legal liability - Liability to _____ - Liability to ______ ____ under common law - Civil liability under statutory law - _____ liability - government
240, 2110, Management, Fraud
Sources of information to assess fraud risks AU ___-C (nonpublic) and AS ____ (public): 1. communications among the audit team ("brainstorming" session) 2. Inquiries of _________ and others w/in the organization, including AC 3. Evaluate _____ risk factors (related to fraud triangle) 4. Analytical procedures (especially for revenue accounts) 5. other information (e.g., risk assessment procedures that indicate a heightened risk of fraud)
method, sample
Statistical and nonstatistical sampling methos are defined in terms of the _____ by which a _____ is selected
read, evaluation
Step 1: Obtain and _____ understanding of internal control design and operation For public companies, SOX 404 requires management to document the design of controls and also the results of its testing and ______.
Process for Understanding Internal Control and Assessing Control Risk
Step 1: Obtain and document understanding of internal control design and operation Step 2: Assess Control Risk Step 3: Design, perform, and evaluate tests of controls Step 4: Decide planned detection risk and substantive tests
implementation, Observation, Reperformance
Step 2: Gather evidence to assess design and _________ of internal controls - Inquiry of entity personnel - inspection of supporting documents - ______ of employees performing control processes - ______ by tracing one or a few transactions throught the accounting system from start to finish ("walkthrough")
Low
Substantive analytical procedures are usually performed when the risk of material misstatement is ___ and there are adequate control procedures in place.
Receipts, allowances, uncollectible, expense
The 5 classes of transactions in the Sales and Collections cycle include: - Sales - Cash _______ - Sales Returns and ______ - Write off ______ accounts - Estimate of bad debt ______
high, fraud, receivables
The audit risk is generally _____ for the sales collection cycle because - many incidences of ____ can occur - ______ and revenues often involve significant accounting estimates
nonstatistical sampling
The auditor estimates sampling risk by using professional judgment rather than statistical techniques
Test of Transactions (Substantive Tests)
The auditor looks for physical evidence supporting the figures and disclosures in the financial statements. Verify whether information is correct
contingent, impairment, asset
The following conditions must be meet for a _______ liability to exist: 1. there is a potential future payment to an outside party or a potential future asset _______ 2. there is an uncertainty about the amount of payment or ____ impairement 3. the outcome will be resolved by some future event
monetary unit sampling
These 3 key steps are for ______-_____ _____: 1. determining the proper sample size; 2. selecting the sample and performing the audit procedures; and 3. evaluating the results and arriving at a conclusion about the recorded population value
nonstatistical
These are examples of ___________/judgemental sampling methods - Directed sample selection - Block selection - haphazard selection
Control
This is different types of ____ deficiencies Control deficiency Significant deficiency Material Weakness
internal, control, controls
This is the Phase 1 of designing TOC and TOT - Understand _____ controls - Asses planned ______ risk - Determine extent of testing _______
Bowlin, low
This research by _____ (2011) showed that auditors use risk-based auditing: allocating more (fewer) resources to accounts that are more (less) likely to be misstated. Managers exploit this by commiting fraud in seemingly ____-risk accounts
Account Balance assertions
This type of assertions include: Existence Completeness Rights and Obligations Valuation
Transaction level assertions
This type of assertions include: occurrence completeness Accuracy Cutoff Classification
Partner, Business
To be effective, analytical procedures in the overall review stage of an audit engagement should be performed by: A manager or _______ who has a comprehensive knowledge of the client's _____ and industry
Substantive analytical procedures
To obtain evidential matter about particular assertions related to account balances or classes of transactions - ex. Analytical procedures range from simple comparisons to the use of complex models involving many relationships and elements of data.
Tests of controls
Transactions selected to test whether related controls are working. To test the effectiveness of the controls. - ex. Observe the client's year-end inventory counting procedures
True
True or False: External auditors focus on internal controls over financial reporting
formal
True or False: For private companies, management may not have as much _____ documentation of internal controls
False
True or false: Exceptions identified in a tests of controls do not indicate the likelihood of F/S misstatements
True
True or false: Unusual fluctuations identified by substantive analytical procedures only indicate the likelihood of F/s Misstatements
variables
Type of loss for this type of sampling Effectiveness - auditors could face litigation if misstatements are not detected Efficiency - auditors perform unnecessary procedures
attribute
Type of loss for this type of sampling effectiveness - auditors could face litigation if misstatements are not detected Efficency - auditors perform unnecessary procedures
Management representation letter
We acknowledge that the fair presentation of the financial statements is our responsibility. We believe that the financial statements are fairly presented in accordance with GAAP. Inventory is fairly stated at the lower of cost or market and includes no obsolete items. All actual and contingent liabilities are properly included in the financial statements. All subsequent events of relevance to the financial statements have been disclosed.
Operations
What are the 3 primary objectives when designing Internal Control: _________ objective Reporting objective Compliance objective
testing
When do auditors use analytical procedures? 1) planning 2) substantive _____ 3) Completion
Tort action of negligence
When the auditor fails to conduct an adequate audit Liability depends on the level of negligence (ordinary negligence, gross negligence, constructive fraud, fraud)
Tests of transactions/balances
When to use sampling
Audit, Testing
Why is it important for auditor to understand the business functions of a business? A: To identify the ____ risk within the cycle, identify I/C that support the process, determine the audit evidence to collect during _____
account, small
Why would an auditor use nonstatistical sampling? - directed sample selection might help the auditor to focus on greater risks in certain _____ balances - to reduce cost - when the population is ____, it is not efficient to spend extra time to set up statistical sample
Attribute sampling, characteristics
a statistical process used in audit procedures that aims to analyze the characteristics of a given population. - the auditor is looking at certain __________ to determine if the internal controls are functioning effectively to prevent or detect material misstatements
Samplign with probability proportional to size
a statistical sampling method Probability of selecting an item in the population is proportional to its recorded amount e.g., Monetary-unit sampling
systematic sample selection
a statistical sampling method that selects items based on an interval (every nth item)
Simple random sample
a statistical sampling method: Every possible combination of items in the population has an equal chance of being included in the sample (e.g., using random number generators)
ordinary negligence
absence of reasonable care (what other competent auditors would have done in a similar situation)
tolerable
an auditor uses attribute sample to asses control risk ("attribute" = exception vs. no exception) - Does the rate of deviation exceed the ______ rate of deviation
block selection
an example of a nonstatistical sampling method: Block sample consists of all items in a selected time period, numerical sequence, or alphabetical sequence
Directed sample selection
an example of a nonstatistical sampling method: Deliberately select each item in the population meeting certain criteria (e.g., items most likely to contain misstatements, items with largest dollar amounts, purposefully selecting items from each month, etc.)
Haphazard selection
an example of a nonstatistical sampling method: Select items on an arbitrary basis, but without any conscious bias
Planning
analytical procedures are used to identify potential risks or other significant matters that require changes to the nature, timing, and extent of procedures performed during the audit.
audit sampling
applying a procedure to less than 100% of a population and then utilizing the results to draw a conclusion about the entire population. - "reasonable assurance"
efficiency
audit sampling trades effectiveness for __________
Fraud
both the knowledge of misstatement and intent to deceive
Constructive
common law with client party involved: Type of offense: - Breach of contract - Ordinary negligence - Gross negligence - ______ fraud - Fraud
loss, professional,
common law with client party involved: plaintiff proof: - Economic ___ - Auditor's breach of contract or failure to exercise the appropriate level of ____ care - Loss caused by breach of contract or failure to exercise appropriate level of professional care
misstatements, reliance
common law with third party involved: Plaintiff proof: - Economic loss - Auditor's failure to exercise the appropriate level of professional care - Material _______ in the financial statements - Loss caused by ______ on materially misstated financial statements
Rusch Factors vs Levin
court case that expanded the definition of foreseen users - Reasonably limited and identifiable group of users who have relied on the auditor's work - Broader interpretation = foreseeable user (only a couple jurisdictions)
Other indicators of potential financial difficulties
default on loans, noncompliance with statutory capital requirements, need for disposal of substantial assets, etc
statistical
examples of ______ sampling methods - simple random sample selection - systematic sample selection - Sampling with probability proportional to size
Constructive fraud
existence of extreme or unusual negligence even though no intent to deceive or harm (also termed recklessness) E.g., auditor knew that adequate audit was not done but still issued an opinion, even though no intention of deceiving F/S users
Substantive test of transactions
focus on the individual transactions that make up the balance. Verification of transactions recorded ex. An auditor can verify the sale invoice of a sale transaction to ensure the document matches the details of the transactions.
withdraw
if a client refuses to send the management representation letter, then the auditor can either issue a disclaimer of opinion or ____ from an engagement
adjusted, disclosure
if a contingent liabilities likelihood of occurence of event is probable •If the amount can be reasonably estimated, financial statement accounts are ______ •If the amount cannot be reasonably estimated, footnote _______ is necessary.
reasonably possible
if a contingent liabilities likelihood of occurrence of event is ____ then a footnote disclosure is necessary on the financial statement
remote
if a contingent liabilities likelihood of occurrence of event is ____ then there is no disclosure is necessary on the financial statement
decreases
if allowable sampling risk increases and tolerable deviation rate increases then the expected rate of deviation _________
transactions, procedures, balances
in developing the overal audit strategy, auditors use 5 type of tests to determine whether financial statements are fairly stated: 1) Risk assessment procedures 2) tests of controls 3) Substantive tests of _______ 4) Substantive analytical ______ 5) substantive tests of details of _________
Gross negligence
lack of even slight care, tantamount to recklessness
External matters
legal proceedings or legislation that may jeopardize the business, loss of key patent, loss of primary customer or supplier, uninsured catastrophe
effective
non sampling risk can be reduced to low levels through _______ planning and supervision of audit engagements
Substantive Analytical Procedures
process of analyzing plausible relationships among data including both financial and non-financial data. Also the audit procedures that auditors perform to obtain evidence about the reasonableness of amounts show in the financial statements.
Negative financial trends
recurring operating losses, working capital deficiencies, negative cash flows from operations, etc.
Substantive analytical procedures
refers to analytical procedures that are performed as a substantive test. Substantive procedures are those activities performed by the auditor to detect material misstatement or fraud at the assertion level
year end
subsequent events: - Events that provide evidence about conditions that did not exist at the balance sheet date, but arose subsequent to ___-___
Substantive test details of balances
substantiate the ending balance of an account. ex. The auditor may want to test accounts payable by examining a sample of individual invoices that make up the ending balance of accounts payable.
Final evidence Accumulation
these are responsibilities that an auditor must complete: - evaluate going concern assumption - management representation letter
2008 treasury report
this report disclosed that The six largest auditing firms disclosed that they are currently defendants in 90 private actions related to audits of both public and private companies (either shareholder class actions or actions brought by companies / bankruptcy trustees) with damage claims against the auditors in each case in excess of $100 million.
Fraud triangle
this represents the incentives/pressure, the opportunities and attitudes/rationalization that auditors make when they commit fraud
Representative
type of sample that the characteristics in the sample are approximately the same as those of the population.
Error
unintentional misstatement
statistical sampling
uses the laws of probability to measure sampling risk. Confidence interval for the range of values for the estimated amount of misstatement in a population
Internal matters
work stoppages or other labor difficulties, substantial dependence on success of a particular project, etc.