Upload File

audit process and risk

50
Copyright 2003 McGraw-Hill Australia Pty Ltd PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett Slides prepared by Roger Simnett 1 Audit Process & Strategic Risk Evaluation

Upload: alexandru-vasile

Post on 19-Oct-2015

64 views

Category:

Documents


0 download

Report

DESCRIPTION

Audit process and risk

TRANSCRIPT

  • Audit Process & Strategic Risk Evaluation

  • ACCOUNTING AND AUDITING CONTRASTEDFig. 5.1 Relationship between accounting and auditing (p.177)

  • FINANCIAL REPORT ASSERTIONSExistenceOccurrenceCompletenessRights and obligationsValuationMeasurementPresentation and disclosure

  • ASSERTIONS AND OBJECTIVES FOR INVENTORYExample 5.1Assertions and objectives for the account balance of inventory of a manufacturing company (p. 183)Financial report Illustrative audit objectivesassertionExistencen Inventories included in statement of financial position physically exist.n Inventories represent items held for sale in normal course of business.Completeness n Inventory includes all products, materials and supplies owned by the company that are on hand, in transit or stored at outside locations.Rights and n The company has legal title of ownership to the inventories.obligationsValuationn Inventories are properly stated at cost (except when net realisable value is lower).n Slow-moving, defective and obsolete items included in inventories are properly identified and valued.Measurement n Inventory is recorded at the correct amount in the correct period.Presentation andn Inventories are properly classified as current assets with major disclosure categories and their bases of valuation adequately disclosed.Note: Assertion of Occurrence relates to transactions related to inventory, not the balance

  • AUDIT EVIDENCEFig. 5.2 The audit equation (p. 184)

  • AUDIT PROCEDURESInspectionObservationInquiryConfirmationComputationAnalytical procedures

  • SELECTING AUDIT PROCEDURESInfluenced by the following factors:Auditors assessment of inherent riskNature of the internal control structure and assessment of control riskMateriality of particular component of financial report Experience gained from previous auditsResults of other audit proceduresSource and reliability of information available

  • SUFFICIENT APPROPRIATE AUDIT EVIDENCESufficiency quantity of audit evidencenecessary to provide the auditor with areasonable basis for an opinion on the financialreport.Appropriateness quality of audit evidence. Two dimensions:Relevance relates to the financial report assertion of interest.Reliability influenced by its source and nature.

  • AUDIT RISK AT THE FINANCIAL REPORT LEVELAudit risk is the risk that the auditor will give an inappropriate audit opinion when the financial report is materially misstated.

    Before issuing an opinion on the financial report, the auditor needs to reduce audit risk sufficiently to make the opinion reliable.

  • REDUCING AUDIT RISKThe auditor reduces audit risk by performing audit procedures until there is sufficient appropriate evidence for each assertion of each significant transaction class or account balance to provide reasonable assurance that the financial reports are not materially misstated.The audit risk model focuses audit effort on those classes of transactions or balances that are likely to contain material misstatements.

  • COMPONENTS OF AUDIT RISK (AR)Three components:Inherent risk: (IR) susceptibility of an assertion to material misstatement given inherent and environmental characteristics, but without regard to prescribed control procedures.Control risk: (CR) risk that material misstatement might not be prevented or detected by internal control procedures.Detection risk: (DR) risk that auditors substantive procedures lead auditor to conclude no material misstatement when there is one.

  • THE AUDIT RISK MODELAR = f (IR, CR, DR)

  • GRAPHICAL DEPICTION OF AUDIT RISKFig. 5.4 Audit risk,graphically depicted (p. 192)

  • REDUCING AUDIT RISK IAuditor cannot change inherent risk.Auditor cannot directly change control risk. Auditor can obtain evidence to support an assessed level of control risk less than high (expect to rely on internal control) by examining control environment, information system and control procedures and testing their effectiveness.

  • REDUCING AUDIT RISK IIThe level of detection risk is the lever the auditor can pull to reduce audit risk by:Appropriate planning, direction, supervision and reviewDecisions on the nature, timing and extent of audit proceduresEffective performance of procedures and evaluation of results

  • INTERRELATIONSHIP OF COMPONENTS OF AUDIT RISKExhibit 5.1 The interrelationships of the components of audit risk (p. 193)

  • STRATEGIC BUSINESS RISKDefined:Risk that entitys business objectives will not be obtained as a result of external and internal factors, pressures and forces brought to bear on entity and, ultimately, the risk associated with the entitys survival and profitability.Requires extensive knowledge of clients business and industry.Recent audit methodologies emphasise assessment of strategic business risk.

  • THE RELATIONSHIP OF STRATEGIC BUSINESS RISK TO THE DETERMINATIONOF AUDIT RISK

  • TYPES OF AUDIT TESTSTests of controlSubstantive tests

  • TYPES OF SUBSTANTIVE TESTSAnalytical procedures study and comparison of relationships between accounting data and related informationTests of details obtaining evidence on the items (or details) included in an account balance or class of transactions:Tests of transactionsTests of balances

  • ASSESSING THE WORK OF ANOTHER AUDITORAUS 602 indicates that where an auditoruses the work of another auditor, theprincipal auditor should:Assess professional competence of other auditorAdvise other auditor of requirements applicable to engagementAdvise other auditor of use to be made of work, areas requiring special attention, and timetable.

  • WORKING PAPERSThese are the specific means used to record auditevidence.Working papers aid in:Planning and performing the auditSupervising and reviewing the audit workGathering evidence and providing essential support for the auditors opinionTwo main divisions:Permanent file - store of documents relevant to this audit and future years (e.g. copies of articles of association, continuing contracts)Current working paper file - documentary record of evidence gathered and conclusions reached on this audit.

  • CURRENT WORKING PAPER FILEIncludes:1.Overall audit plan2.Review of accounting system and related internal controls3.Audit program, listing the audit procedures undertaken4.Details of audit testing undertaken5.Working trial balance - schedule of general ledger accounts6.Trial balance working paper schedules, including external documents7.Draft of financial report and audit report

  • STEPS IN ACCEPTING AN AUDIT

  • QUALITY CONTROL POLICIES AND CLIENT EVALUATION PROCEDURESProcedures carried out before accepting anew client or continuing with an existingclient include:Reviewing financial information regarding the clientMaking inquiries of third parties such as solicitors and bankersCommunicating with previous auditorEnsuring firm has technical expertise to carry out auditEnsuring accepting engagement will not conflict with the professions code of professional conduct

  • COMMUNICATION WITH PREVIOUS AUDITOREnsures interests of shareholders, incoming auditor and existing auditor are protected. Allows existing auditor to advise prospective auditor of any professional matters they should be aware of before accepting the engagement.Nominated auditor should request clients permission to communicate with previous auditor.If client refuses permission, normally decline nomination.If permission granted, ask previous auditor for all information necessary to decide whether nomination should be accepted.

  • ENGAGEMENT LETTERA letter from auditor to client that documents and confirms auditors acceptance of the appointment. Should include:Objective and scope of auditResponsibility of management for financial reportForm of any reportsAn explanation of extent to which an audit can be relied upon to detect material misstatementAuditors right to unrestricted access to records, documents and other information necessary to complete audit

  • AUDIT PLANNINGPlanning stage a very important stage of the auditTwo aspects:Audit plan - outlines the expected scope and conduct of auditAudit program - directs the nature, timing and extent of audit procedures

  • MAJOR STEPS IN THE AUDITPROCESSIn every audit of a financial report there arefive identifiable stages. These stages are:Obtaining knowledge of the clients businessUnderstanding the internal control structurePerforming tests of transactionsPerforming tests of balancesCompletion and review

  • DEVELOPING AN OVERALL AUDIT STRATEGYOverall audit strategy details the general evidence requirements for forming an opinion and initial choice as to nature, timing and extent of audit procedures.Interrelationship between materiality, audit risk and what constitutes sufficient appropriate audit evidence impacts on auditors strategy.Audit strategies can range from a lower assessed level of control risk approach to a predominantly substantive approach.

  • RANGE OF AUDIT STRATEGIES

  • LOWER ASSESSED LEVEL OFCONTROL RISK APPROACHIf the internal control structure is welldesigned and expected to be highly effective,audit strategy will be:Assessed level of control risk of low or mediumExtensive understanding of relevant parts of the internal control structure Plan extensive tests of controlPlan reduced level of substantive audit procedures

  • PREDOMINANTLY SUBSTANTIVEAPPROACHIf auditor believes adequate controls do not exist or might be ineffective or testing controls are not cost effective, audit strategy will be:Use a planned assessed level of control risk of highPlan to obtain a minimum understanding of internal control structurePlan no tests of controlPlan extensive substantive audit procedures

  • IMPACT OF STRATEGIC BUSINESS RISK ASSESSMENT ON AUDIT STRATEGYMore time is spent on planning stage and ondeveloping an expectation of what the entitysfinancial report should look like. Audit strategymight include:Increased use of sophisticated analytical proceduresUndertaking tests of controls for routine transactionsIncreased substantive testing for non-routine transactionsReduced detailed substantive testing if financial report in accordance with auditors expectations

  • CONTENTS OF AUDIT PROGRAMNature - particular audit procedures to use and particular items to which a procedure will be appliedExtent - number of items to which procedures will be applied, and number of different tests to be performedTiming - appropriate time to perform the procedureAudit program will outline following characteristics of audit procedures:

  • ASSIGNING AND SCHEDULING AUDIT STAFFActivities entailed include:Coordinating assistance of client entity personnelDetermining extent of involvement of consultants, specialists and internal auditorsEstablishing and coordinating staffing requirements

  • KNOWLEDGE OBTAINED BY THE AUDITOR OF CLIENTS BUSINESS

    Auditor should obtain an understanding of:Clients organisational structureOperations and legal structureRelevant industry and economic conditions

  • PROCEDURES FOR OBTAINING ANUNDERSTANDING OF THE CLIENTS BUSINESSThese include:Reviewing auditors previous experience with client and industryDiscussion with client personnel, other advisers or previous auditors of entityReviewing industry or government publications and legislationVisiting clients premisesReviewing documentation produced by client

  • STRATEGIC BUSINESS RISKDefined: Risk that an entitys business objectives will not be attained as a result of external and internal forces brought to bear on an entity and, ultimately, the risk associated with the entitys profitability and survival.

  • THE RELATIONSHIP BETWEEN STRATEGIC BUSINESS RISK AND THE GLOBAL, LOCAL AND INTERNAL ENVIRONMENTSFig. 6.3 The relationship between client business risk and the global, local and internal environments (p. 248)

  • ASSESSING CLIENT STRATEGIC BUSINESS RISK IProfitability and structure of the industryRelationship between the industry and the broad economic and business environmentCritical issues facing the industrySignificant industry business risks

    The auditor must obtain a thorough understanding of the industry, including:

  • ASSESSING CLIENT STRATEGIC BUSINESS RISK IIThe auditor must understand how entityfits within industry, including:Entitys position within industry in terms of profitability and market shareOpportunities and plans entity has for increasing or maintaining profitability and market shareThreats to entitys position in the industryWays entity deals with customers and competitorsMethods entity uses to measure and monitor its performance

  • TECHNIQUES FOR ASSESSING CLIENT STRATEGIC BUSINESS RISK - SWOT ANALYSIS

    S trengths-internal aspects that can improve competitive situation

    Weaknesses-internal aspects, vulnerability to competitors strategic moves

    O pportunities-environmental aspects that can improve entitys situation relative to competitors

    T hreats-environmental aspects that can undermine entitys competitive situation

  • TECHNIQUES FOR ASSESSING CLIENT STRATEGIC BUSINESS RISK II - PEST ANALYSIS

    Identifies:

    P olitical E conomic S ocial T echnological

    influences on entity.

  • TECHNIQUES FOR ASSESSING CLIENT STRATEGIC BUSINESS RISK IIIValue-chain approach:Disaggregates entity into strategically important activities in order to:Understand clients strategic advantagesUnderstand risks that threaten attainment of business objectivesUnderstand key processes and related competencies needed to realise strategic advantagesMeasure and benchmark process performanceDocument understanding of the clients ability to create value and generate future cash flows by using a client business model, process analyses, key performance indicators and a business risk profile

  • ANALYTICAL PROCEDURES USED IN PLANNING THE AUDITSimple procedures:Simple comparisonsRatio analysisCommon-size statementsTrend statementsTime series analysis

    More complex procedures:Time series modellingRegression analysisFinancial modelling

  • RATIOS COMMONLY USED AT THE PLANNING STAGE1.Short-term liquidityCurrent ratio (current assets to current liabilities)Quick asset ratio (liquid assets to current liabilities)Operating cash flow ratio (cash from operations to current liabilities)2.ActivityInventory turnover (cost of goods sold to average inventory)Receivables turnover (net sales to average accounts receivable)3.ProfitabilityGross profit and net profit ratio (gross profit or net profit to sales)Return on total assets (net profit/total assets)Return on shareholders equity (operating profit to ordinary shareholders equity)4.SolvencyDebt equity ratio (long-term liabilities to equity)Number of times interest earned (operating profit to annual interest expense)

  • EXAMINATION OF SIGNIFICANT FLUCTUATIONS OF APsEach significant fluctuation (deviation from expected amount) must be investigated.Auditor must also be alert to possibility that absence of expected fluctuation might require investigation.Deviations from expected amount should be discussed with management.Reasonableness of explanations provided by management should be considered.Auditor might have to consider impact of fluctuations on audit program and other audit tests.

  • INHERENT RISK & MATERIALITYInherent riskSusceptibility of account balance or class of transactions to material misstatement, given inherent and environmental characteristics,without regard to internal control structure (AUS 402.09/IAS 400.04)MaterialityInformation which misstated, ormitted or not disclosed separately in a financial report may adversely affect either user decisions or the discharge of accountability by management. (AUS 306.03/IAS 320.03)


CHAPTER 5 OVERVIEW OF THE AUDIT PROCESS Fall 2007 u Overview of the Audit Process u Assessing Audit Risk u Audit Objectives u Materiality u Audit Procedures

Pricing Audit Risk - Gies College of Business · PDF fileunderstand the pricing of business risk by auditors. ... model describing the audit pricing process ... losses conditional

How to Conduct a Human Resource Risk Audit · Wrap Up – HR Risk Audit • HR Risk Audit is a process of examining Policies, Procedures, Practices, documentation and systems •

Audit risk alert - 2004/05; Audit risk alerts

INTRODUCTION TO RISK ADJUSTMENT - MaineHFMA · •Predictive Modeling & Quality of Care •Risk Adjustment Data Validation (RADV) Audit Process •The Future of Risk Adjustment 2

ONLINE TRAINING INTERNAL AUDIT · Siklus Audit - Perencanaan Audit (Audit Planning): Risk Based Internal Audit Kebijakan dan Prosedur Perencanaan Audit Risk Assessment Audit Prosedur

ARM Audit Management - Active Risk Active Risk Manager Audit Management module was ... Risk driven Audit Universe Document your targeted audit entities, and determine audit

RISK MANAGEMENT THROUGH RISK AUDIT

BUSINESS RISK AND THE AUDIT PROCESS. ble with ......BUSINESS RISK AND THE AUDIT PROCESS. Should the risk of litigation, sanctions or an impaired reputation affect the conduct of an

Internal Audit, Risk & Compliance Services...Internal Audit, Risk & Compliance Services Risk & Compliance compliance? compliance

Risk Based Internal Audit in Banks - Bulentsenver.com 20150309_AD477.pdfPage 4 1. Principles of Risk Based Internal Audit Risk Assessment Process! A “risk assessment” is an effort

Audit Process

Risk Based Internal Auditing, Performance Manual - The Audit Process by David Griffiths

Audit Audit Commite And Risk Management

Cybersecurity & Risk Services Capability Notethompsonaerospace.com/files/latest_news/WiproCRS Capabilities... · Discovery & Classification Security ... Process Automation, audit

Audit Process, Audit Procedures, Audit Planning, Auditing

Risk Based Internal Audit in Banks - Bulentsenver.com 20150309_ad477.pdf · Page 4 1. Principles of Risk Based Internal Audit Risk Assessment Process! A “risk assessment” is an

Audit Risk and Business Risk

Developing a Risk-based Audit Plan Kathy Underhill Vice-President, Risk and Internal Audit December 2005 Information System (IS) Audit- Concept Process

THE AUDIT RISK MODEL UNDER THE RISK OF FRAUDeycarat.faculty.ku.edu/myssi/_pdf/_belief/21. Audit Risk with Fraud... · Audit Risk Model Under Fraud 2 The Audit Risk Model Under the

Risk-Limiting Audit Report - Final 20140331 Audit Report - Final... · Risk-Limiting Audit Process ... The goal of the SOS is to find a feasible statewide risk-limiting audit solution

APPLICATION OF OCCUPATIONAL RISK … OF OCCUPATIONAL RISK ASSESSMENT METHODS IN ORGANIZATIONS Nowadays, the interest for human resource increased, ... Process Risk Management Audit-

Audit Risk Assessments - Amazon S3Audit+Risk...Source of Requirements • Audit Risk Suite (SAS 104-111) – SAS 107, Audit Risk and Materiality in Conducting an Audit – SAS 109,

Delivering Audit Assignments: A Risk-based Approach THE AUDIT PROCESS 10 Delivering Audit Assignments: A Risk-based Approach 3.14 A scoping document should be agreed with client management

INTERNAL AUDIT UPDATE · 2020. 12. 3. · Internal Audit Risk Based Planning Process. Internal Inputs – Prior Audits, Resource Availability . Enterprise Risk Management & Key Stakeholders

Audit Data Analytics - PCAOB · PDF fileAuditors’ judgment-based ... Visualization in the audit process Risk assess-ment Develop audit ... Audit data analytics free on YouTube from

IT Audit Process - Temple Fox MIScommunity.mis.temple.edu/.../W2_Intro_IT-Audit-Function.pdfIT Audit Process Prof. Liang Yao Week Two –IT Audit Function IT Audit Process Prof. Liang

ACTIVE RISK MANAGER Audit Management Solution · ACTIVE RISK MANAGER Audit Management Solution AMS FUNCTIONALITY INCLUDES: ... internal audit process across business …

Developing a Risk Based Audit Plan a practical approach · CA Preeti Sadarangani. 2 C2 General Need and benefits of a risk based audit plan Components of the audit planning process

Assessing Audit Risk in Audit Planning.ppt

Internal Audit Risk Assessment and Audit Planning ... Risk Assessment... · Internal Audit Risk Assessment and Audit Planning Supplemental Handouts CCIA Spring 2011 May 6, 2011

IMPLEMENTASI RISK BASED AUDIT BAGI BPRS · 2019-12-07 · FINANCIAL AUDIT VS RISK BASED AUDIT No Aspek Financial Audit Risk-Based Audit 4 Audit Type Financial Audit, Operational Audit,

Process Mining for Risk Management and Internal Audit

Audit Risk

Risk Assessment Standards and the PPC Audit Process