avoiding common pitfalls in auditing internal controls 1
TRANSCRIPT
Avoi
ding
com
mon
pitf
alls
in
audi
ting
inte
rnal
con
trol
s
July
201
2
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e 2
Web
cast
obj
ectiv
e
Iden
tify
key
area
s fo
r im
prov
emen
t in
eval
uatin
g th
e de
sign
and
oper
atin
g ef
fect
iven
ess
of in
tern
al
cont
rols
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e 3
Ove
rvie
w
Impo
rtant
qua
lity
mat
ter
Rel
evan
t to
all c
ontro
ls-b
ased
aud
itsM
ore
than
incr
emen
tal i
mpr
ovem
ent n
eede
dR
equi
res
pers
onal
and
team
com
mitm
ent
Impr
ovem
ent o
nly
com
es w
ith a
ppro
pria
te fo
cus
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e 4
Agen
da
Lead
ersh
ip p
ersp
ectiv
esC
omm
on p
itfal
ls a
nd le
adin
g pr
actic
esEv
alua
ting
the
effe
ctiv
e de
sign
of c
ontro
lsEv
alua
ting
the
oper
atin
g ef
fect
iven
ess
of c
ontro
lsEv
alua
ting
cont
rold
efic
ienc
ies
Taki
ng a
ctio
nQ
uest
ions
Lead
ersh
ip p
ersp
ectiv
es
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e 6
Lead
ersh
ip p
ersp
ectiv
es
Jose
Mar
tinez
SESA
CAM
L
Anne
Moo
tz, C
PC
arib
ouC
offe
e C
ompa
ny
Nor
m P
rest
age,
C
PW
al-M
artS
tore
s
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e 7
Lead
ersh
ip p
ersp
ectiv
es
Con
trol a
sses
smen
t wor
k—Fo
unda
tion
for o
ur a
udits
of f
inan
cial
sta
tem
ents
Prim
ary
evid
ence
for o
ur a
udits
of I
CFR
Aco
reco
mpe
tenc
yof
ever
yau
dito
r
Indi
vidu
alan
dte
am re
spon
sibi
litie
s—U
p to
dat
e un
ders
tand
ing
of o
ur m
etho
dolo
gy
Subj
ect m
atte
r spe
cial
ists
for a
ssig
ned
area
sC
onsi
sten
t exe
cutio
n of
eva
luat
ion
of d
esig
n an
d op
erat
ing
effe
ctiv
enes
s of
con
trols
Com
mon
pitf
alls
and
lead
ing
prac
tices
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e 9
Pres
ente
rs
Mik
e N
euba
uer
Exec
utiv
eD
irect
orIT
RA—
Atla
nta
Jenn
ifer M
cGow
anSe
nior
Man
ager
APPA
u—N
ewYo
rk
Jevo
n K
now
les
Seni
orM
anag
erAP
PAu—
New
York
Eval
uatin
g th
e de
sign
of c
ontr
ols
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e11
Und
erst
andi
ng S
CO
Ts —
flow
of
tran
sact
ions
, WC
GW
s an
d co
ntro
ls
We
need
to d
ocum
ent e
lem
ents
of t
he c
ritic
al p
ath
Maj
or in
put a
nd o
utpu
t sou
rces
Rel
evan
t dat
a fil
es,d
ocum
enta
tion
and
reco
rds
Pol
icie
s an
d pr
oced
ures
for a
utho
rizat
ion,
seg
rega
tion
of
inco
mpa
tible
dut
ies,
saf
egua
rdin
g of
ass
ets,
info
rmat
ion
proc
essi
ngW
CG
Ws
Con
trols
rele
vant
to W
CG
Ws
and
thei
r des
crip
tion
Add
ition
al c
onsi
dera
tions
for e
stim
atio
n S
CO
TsR
efer
to S
03_D
ocum
enta
tion
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e12
Und
erst
andi
ng S
CO
Ts, f
low
of
tran
sact
ions
, WC
GW
s an
d co
ntro
ls
Com
mon
pitf
alls
—C
ompa
ny’s
doc
umen
tatio
n is
def
icie
ntR
equi
red
docu
men
tatio
n el
emen
ts n
ot re
tain
ed in
wor
kpap
ers
Impo
rtant
sou
rces
of i
nfor
mat
ion
not i
dent
ified
and
eva
luat
edIm
plic
atio
ns o
f thi
rd p
arty
ser
vice
(and
sub
-ser
vice
) org
aniz
atio
ns
note
valu
ated
Uni
que
clas
ses
of tr
ansa
ctio
ns/v
aria
tions
in p
roce
ssin
g no
t id
entif
ied
and
eval
uate
dW
CG
Ws
and
iden
tifie
d co
ntro
ls n
ot re
cons
ider
edR
ollin
g G
AM
xfil
e w
ithou
t upd
atin
g W
CG
Ws
and
cont
rols
Sta
rting
the
annu
al re
asse
ssm
ent w
ith w
alkt
hrou
ghs
rath
er th
an
star
ting
with
SC
OTs
, FO
Ts a
nd re
leva
nt W
CG
Ws
Use
of w
ork
of o
ther
s in
hibi
ts o
ur u
nder
stan
ding
of S
CO
Ts –
Flow
of
tran
sact
ions
, WC
GW
s an
d co
ntro
ls
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e13
Und
erst
andi
ng S
CO
Ts, f
low
of
tran
sact
ions
, WC
GW
s an
d co
ntro
ls
Lead
ing
prac
tices
Est
ablis
h pr
oced
ures
to g
uide
the
annu
al re
asse
ssm
ent p
roce
ss
Invo
lve
inte
rnal
aud
it or
oth
ers
in th
e an
nual
reas
sess
men
t pr
oces
sLe
vera
ge th
eir i
nsig
hts
Dev
elop
thei
r und
erst
andi
ng a
nd s
kill
sets
S
et p
aram
eter
s an
d pr
otoc
ols
for u
sing
the
wor
k of
oth
ers
Rea
sses
s W
CG
Ws
and
cont
rols
as
a te
amIn
corp
orat
e up
to d
ate
unde
rsta
ndin
g of
SC
OTs
and
flow
of
trans
actio
ns
Use
Con
trols
Rev
iew
Too
l (C
RT)
and
Aud
it S
trate
gy R
evie
w T
ool
(AS
RT)
to fa
cilit
ate
the
reas
sess
men
t
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e14
Iden
tify
rele
vant
con
trol
s an
d th
eir
attr
ibut
esAs
par
t of e
valu
atin
g de
sign
effe
ctiv
enes
s of
eac
h co
ntro
l, w
e ne
ed to
con
side
r and
doc
umen
t—O
ur u
nder
stan
ding
of h
ow th
e co
ntro
l act
ually
oper
ates
Con
trol a
ppro
pria
tely
add
ress
es th
e W
CG
WC
on
tro
l is
ca
pa
ble
of e
ffe
ctiv
ely
pre
ve
ntin
g o
r d
ete
ctin
g a
nd
co
rre
ctin
g e
rro
rs
th
at c
ou
ld r
es
ult
in
ma
te
ria
l
mis
sta
te
me
nts
Con
trol o
pera
tes
effe
ctiv
ely
thro
ugho
ut th
e pe
riod
of re
lianc
eD
ata
subj
ecte
d to
the
cont
rol i
s co
mpl
ete
and
relia
ble
Con
trol i
s ap
plie
d on
a ti
mel
y ba
sis
Per
son
perfo
rmin
g th
e co
ntro
l pos
sess
es th
e ne
cess
ary
auth
ority
an
d co
mpe
tenc
e
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e15
Iden
tify
rele
vant
con
trol
s an
d th
eir
attr
ibut
esAd
ditio
nal c
onsi
dera
tions
Our
abi
lity
to o
btai
n su
ffici
ent e
vide
nce
of o
pera
ting
effe
ctiv
enes
sR
isk
of m
anag
emen
t ove
rrid
eId
entif
yth
erig
ht c
ombi
natio
n of
con
trols
As w
e ga
ther
and
doc
umen
t our
und
erst
andi
ng o
f the
con
trol
cons
ider
—W
ho p
erfo
rms,
com
pete
nce
and
auth
ority
?W
hen
and
how
ofte
nis
con
trol p
erfo
rmed
?W
hat I
T ap
plic
atio
ns, d
ata,
repo
rts o
r oth
er fi
les
are
used
?W
hat p
hysi
cal e
vide
nce,
if a
ny, i
s pr
oduc
ed?
How
are
mis
stat
emen
ts p
reve
nted
or d
etec
ted
and
corr
ecte
d?
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e16
Iden
tify
rele
vant
con
trol
s an
d th
eir
attr
ibut
esC
omm
on p
itfal
ls—
Dis
tingu
ishi
ng a
con
trol f
rom
the
trans
actio
n pr
oces
sC
halle
ngin
g th
e co
mpl
eten
ess
and
accu
racy
of u
nder
lyin
g da
ta u
sed
to
perfo
rm th
e co
ntro
lD
ocum
entin
g re
leva
nt a
ttrib
utes
of t
he c
ontro
ls to
sup
port
thei
r effe
ctiv
e de
sign W
ho, w
hen,
wha
t and
how
of th
e co
ntro
lsM
anag
emen
t rev
iew
/reco
ncili
atio
n co
ntro
lsE
valu
atin
g th
e “p
reci
sion
” of t
he c
ontro
l
“W
heth
er t
he c
on
tro
ls, if
th
ey o
perated
as p
rescrib
ed
by p
erso
ns p
ossessin
g t
he
necessary
au
th
orit
y a
nd
co
mp
eten
ce t
o p
erfo
rm
th
e c
on
tro
l effectiv
ely
, satis
fy t
he
co
mp
an
y’s
co
ntro
l o
bje
ctiv
es a
nd
can
effectiv
ely
p
reven
t o
r d
etect e
rro
rs o
r f
rau
d
th
at c
ou
ld r
esu
lt i
n m
ateria
l m
isstatem
en
ts in
th
e f
inan
cia
l statem
en
ts”
AS5,
par
42
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e17
Iden
tify
rele
vant
con
trol
s an
d th
eir
attr
ibut
esC
ontro
ls v
s. tr
ansa
ctio
n pr
oces
s:
Tran
sact
ion
Proc
ess
Con
trol
The
AR
sub-
ledg
er is
upl
oade
d to
the
gene
ral l
edge
r on
a ni
ghtly
bas
is.
Inte
rface
val
idat
ion
chec
ks, i
nclu
ding
ba
tch
tota
ls a
ndda
teva
lidat
ion,
ens
ure
that
AR
sub
-ledg
er d
ata
is u
ploa
ded
to
the
gene
ral l
edge
r in
a co
mpl
ete
and
timel
y m
anne
r. In
terfa
ce fa
ilure
s ar
e re
solv
ed b
y th
e pr
oduc
tion
supp
ort t
eam
.E
mpl
oyee
sen
ter t
heir
time
in th
e K
rono
s ap
plic
atio
n.D
epar
tmen
t man
ager
s ar
e re
spon
sibl
e fo
r rev
iew
ing
and
appr
ovin
g tim
e su
bmitt
ed b
y th
eir e
mpl
oyee
s on
a
wee
kly
basi
s. V
aria
nces
grea
ter t
han
10%
of t
he e
xpec
ted
hour
s (b
ased
on
a 40
hou
r wor
k w
eek)
are
ass
esse
d fo
r ap
prop
riate
ness
.
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e18
Iden
tify
rele
vant
con
trol
s an
d th
eir
attr
ibut
esW
hat d
o pr
oper
ly w
orde
d co
ntro
ls lo
ok li
ke?
Poor
Bet
ter
An
acco
unt
reco
ncili
atio
n is
pe
rform
ed.
On
a m
onth
ly b
asis
,the
Acc
ount
ing
Man
ager
per
form
s an
acc
ount
reco
ncili
atio
n us
ing
an A
ccou
nt D
etai
l rep
ort
from
the
Law
son
appl
icat
ion.
Rec
onci
ling
item
s gr
eate
r th
an $
1,00
0 ar
e re
solv
ed w
ithin
3 b
usin
ess
days
.
The
appl
icat
ion
is
conf
igur
ed to
per
form
a
3-w
ay m
atch
.
All
dire
ct p
urch
ases
are
pro
cess
ed v
ia a
3-w
ay m
atch
in
the
JD E
dwar
ds a
pplic
atio
n. A
ll va
rianc
es w
ith a
n ov
erag
e le
ss th
an $
25 a
re p
oste
d to
the
Cos
t of G
oods
S
old
acco
unt (
#123
.45)
. A
ll va
rianc
es w
ith a
n ov
erag
e eq
ual t
o $2
5 or
gre
ater
resu
lt in
a v
endo
r inv
oice
re
ques
ting
a cr
edit
from
the
vend
or.
Acc
ess
to m
odify
th
e 3-
Way
mat
ch to
lera
nces
is li
mite
d to
the
syst
em
supp
ort g
roup
.
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e19
Wal
kthr
ough
s
We
perfo
rm w
alkt
hrou
ghs
to c
onfir
m:
Our
und
erst
andi
ng o
f the
SC
OTs
are
as
we
have
doc
umen
ted
them
Poin
ts w
here
data
isca
ptur
ed, t
rans
ferr
ed o
r mod
ified
Th
e ac
cura
cy o
f the
info
rmat
ion
we
have
obt
aine
d ab
out t
he re
leva
nt
prev
ent a
nd/o
rdet
ect a
nd c
orre
ct c
ontro
lsov
er th
e SC
OTs
Whe
ther
the
cont
rols
hav
e be
en d
esig
ned
effe
ctiv
ely
to p
reve
nt o
r de
tect
and
corr
ect m
ater
ial m
isst
atem
ents
on
a tim
ely
basi
s W
heth
er th
e co
ntro
ls h
ave
been
impl
emen
ted
Wal
kthr
ough
s al
so in
form
the
desi
gn o
f our
pla
nned
test
s of
co
ntro
ls
Test
s of
con
trols
sho
uld
addr
ess
rele
vant
attr
ibut
es o
f eac
h co
ntro
l to
dete
rmin
e w
heth
er th
e co
ntro
ls a
re o
pera
ting
as d
esig
ned
Con
trol a
ttrib
utes
are
the
char
acte
ristic
s of
the
desi
gn o
f the
con
trols
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e20
Wal
kthr
ough
s
Com
mon
pitf
alls
—W
alkt
hrou
gh d
ocum
enta
tion
ofte
n ne
eds
impr
ovem
ent
Out
of d
ate,
nota
lway
s cl
ear
Nea
rly n
on-e
xist
ent f
or m
any
nonr
outin
ean
d es
timat
ion
proc
esse
sA
dditi
onal
con
side
ratio
ns fo
r est
imat
ion
SC
OTs
Exc
essi
ve c
arry
ing
forw
ard
of d
ocum
enta
tion
Not
thor
ough
ly e
valu
atin
g de
sign
effe
ctiv
enes
sC
ontro
ls a
dequ
atel
y ad
dres
s th
e W
CG
Ws
Wal
kthr
ough
eac
h at
tribu
te o
f the
con
trol
Con
trol p
erfo
rmed
by
pers
ons
poss
essi
ng th
e ne
cess
ary
auth
ority
and
com
pete
nce
Con
trol i
s ca
pabl
e of
effe
ctiv
ely
prev
entin
g or
det
ectin
g an
d co
rrec
ting
erro
rs th
at c
ould
resu
lt in
mat
eria
l mis
stat
emen
ts
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e21
Use
of w
ork
of in
tern
al a
udito
rs o
r ot
hers
Com
mon
pitf
alls
—Lo
se o
ur in
stitu
tiona
l kno
wle
dge
abou
t SC
OTs
–flo
w o
f tra
nsac
tions
, WC
GW
s an
d co
ntro
lsN
ot id
entif
ying
and
eva
luat
ing—
Uni
que
clas
ses
of tr
ansa
ctio
ns/v
aria
tions
in p
roce
ssin
gC
hang
es in
sou
rces
of i
nput
, pro
cess
ing
proc
edur
es, p
erso
nnel
Cha
nges
in c
ontro
ls o
ver t
ime
Inac
cura
te u
nder
stan
ding
and
eva
luat
ion
of c
ontro
ls
pote
ntia
lly a
ffect
s:C
ontro
l ris
k as
sess
men
tsD
esig
n of
test
s of
con
trols
Nat
ure,
tim
ing
and
exte
nt (N
TE) o
f sub
stan
tive
proc
edur
es
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e22
Use
of w
ork
of in
tern
al a
udito
rs o
r ot
hers
Con
side
r—P
erfo
rmin
g m
ore
of o
ur o
wn
wor
k in
are
as w
ith h
ighe
r ris
k of
m
ater
ial m
isst
atem
ent a
nd h
ighe
r sub
ject
ivity
Req
uirin
g th
at o
ur s
enio
rs o
r exp
erie
nced
sta
ff pa
rtici
pate
with
the
inte
rnal
aud
itors
or o
ther
s as
they
mee
t with
ent
ity p
erso
nnel
Rot
ate
the
wal
kthr
ough
s fo
r whi
ch w
e us
e th
e w
ork
of in
tern
al
audi
tors
or o
ther
s fro
m y
ear t
o ye
arTh
orou
ghly
revi
ew th
e w
ork
of o
ther
s th
at is
crit
ical
to o
ur
unde
rsta
ndin
g D
on’t
acce
pt d
ocum
enta
tion
that
is n
ot c
ompl
ete
and
suffi
cien
t for
ou
r und
erst
andi
ngR
efer
to 2
1 Ju
ne 2
012
Audi
t Mat
ters
Improvin
g how
w
e use the
work of in
ternal auditors or others
Eval
uatin
g th
e op
erat
ing
effe
ctiv
enes
s of
co
ntro
ls
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e24
Des
igni
ng a
ppro
pria
te te
sts
of c
ontr
ols
Com
mon
pitf
all—
Faili
ng to
use
an
appr
opria
te c
ombi
natio
n of
test
ing
met
hods
whe
n as
sess
ing
the
desi
gn a
nd o
pera
ting
effe
ctiv
enes
s of
con
trols
Con
side
r the
evi
denc
e ea
ch p
roce
dure
pro
vide
s:
Inqu
iry (d
id y
ou d
o th
is c
ontro
l?)
Obs
erva
tion
(I se
e yo
ur s
ign-
off,
so th
e co
ntro
l wor
ked)
Rep
erfo
rman
ce(I
tied
out t
he s
ame
docu
men
ts w
ith n
o ex
cept
ion,
so
the
cont
rol m
ust h
ave
wor
ked)
The
com
bina
tion
of in
quiry
, obs
erva
tion,
insp
ectio
n an
d re
perfo
rman
cepr
ovid
es b
ette
r evi
denc
e of
the
desi
gn a
nd
oper
atin
g ef
fect
iven
ess
of c
ontro
ls
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e25
Des
igni
ng a
ppro
pria
te te
sts
of c
ontr
ols
Con
side
r ris
k as
soci
ated
with
the
cont
rol—
Ris
k th
at th
eco
ntro
l mig
ht n
ot b
e ef
fect
ive
and,
if n
ot
effe
ctiv
e, th
eris
k th
at a
mat
eria
l mis
stat
emen
t or,
for a
n in
tegr
ated
aud
it, a
mat
eria
l wea
knes
s w
ould
resu
lt C
onsi
der—
Inhe
rent
relia
bilit
y of
the
cont
rol -
-the
risk
that
the
cont
rol m
ight
no
t be
effe
ctiv
e Im
porta
nce
of th
e co
ntro
l --i
f not
effe
ctiv
e, th
e ris
k th
at a
mat
eria
l m
isst
atem
ent o
r mat
eria
l wea
knes
s w
ould
resu
ltA
s ris
k as
soci
ated
with
a c
ontro
l inc
reas
es, t
he e
vide
nce
that
w
e ne
edto
obta
in a
bout
the
oper
atin
g ef
fect
iven
ess
of th
e co
ntro
l als
o in
crea
ses
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e26
Des
igni
ng a
ppro
pria
te te
sts
of c
ontr
ols
Com
mon
pitf
all—
Test
ing
cont
rols
thro
ugh
infe
renc
e
Obs
ervi
ng n
o m
isst
atem
ents
whe
n pe
rform
ing
subs
tant
ive
proc
edur
es d
oes
not p
rovi
de—
Dire
ctev
iden
ceth
atco
ntro
lsop
erat
eef
fect
ivel
yE
vide
nce
that
the
pers
on p
erfo
rmin
g th
e co
ntro
l pos
sess
es th
e ne
cess
ary
auth
ority
and
com
pete
nce
to p
erfo
rm th
e co
ntro
l ef
fect
ivel
y
Nee
d to
obt
ain
suffi
cien
t, ap
prop
riate
evi
denc
e th
at c
ontro
ls
are
oper
atin
g as
des
igne
d
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e27
Des
igni
ng a
ppro
pria
te te
sts
of c
ontr
ols
Exam
ple—
acqu
isiti
on p
roce
ss (e
ffect
ive
and
test
ed)
Con
trols
: A
:The
BO
Dap
prov
esal
lacq
uisi
tions
B: A
ll ac
quis
ition
s ar
e su
bjec
t to
due
dilig
ence
pro
cedu
res
C: M
anag
emen
t’s a
cqui
sitio
n te
am c
alcu
late
s pu
rcha
se p
rice
allo
catio
n an
d de
term
ines
all
inta
ngib
les
are
iden
tifie
d an
d pr
oper
ly v
alue
d
Aud
it pr
oced
ures
:O
btai
ned
copi
esof
all p
urch
ase
agre
emen
ts a
nd s
tate
men
tsA
udite
d pu
rcha
se p
rice
allo
catio
n &
ver
ified
ent
ry w
as p
rope
rly
reco
rded
Util
ized
Val
uatio
nte
amto
test
com
plet
enes
san
dva
luat
ion
of
inta
ngib
leas
sets
Hav
ew
ead
equa
tely
test
edth
eco
ntro
ls?
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e28
Des
igni
ng a
ppro
pria
te te
sts
of c
ontr
ols
Exam
ple:
ITG
C e
nviro
nmen
t: In
effe
ctiv
eC
ontro
l: Th
e sy
stem
per
form
s a
3-w
ay m
atch
bef
ore
an in
voic
e is
pa
id
Audi
t tes
ting
proc
edur
e:S
elec
t 25
trans
actio
ns a
nd v
erify
invo
ice,
shi
ppin
g do
cum
ents
an
d pu
rcha
se o
rder
mat
ch
Hav
e w
e ad
equa
tely
test
ed th
e co
ntro
ls?
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e29
Test
ing
attr
ibut
es o
f con
trol
s
Com
mon
pitf
all—
Faili
ng to
test
eac
h co
ntro
l attr
ibut
e id
entif
ied
in o
ur w
alkt
hrou
gh
proc
edur
es
Con
trol a
ttrib
utes
are
the
char
acte
ristic
s th
at d
efin
e th
e de
sign
of
the
cont
rol
Freq
uenc
yof
perfo
rman
ceP
erso
n re
spon
sibl
e fo
r per
form
ing
the
cont
rol
Inpu
tsan
dun
derly
ing
data
Pre
cisi
on o
r sen
sitiv
ity o
f the
con
trol
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e30
Test
ing
attr
ibut
es o
f con
trol
s
Con
trol—
Man
agem
ent p
erfo
rms
a qu
arte
rly re
view
of e
ach
alte
rnat
ive
inve
stm
ent a
nd c
ompl
etes
a c
heck
list t
o ev
iden
ce th
eir r
evie
w
Con
trol t
est—
Obt
aine
d ch
eckl
ist a
nd v
erifi
ed it
was
pro
perly
com
plet
ed a
nd
sign
ed o
ff by
the
prep
arer
and
revi
ewer
Hav
e w
e te
sted
eac
h re
leva
nt a
ttrib
utes
of t
he c
ontro
l?
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e31
Test
ing
attr
ibut
es o
f con
trol
s
Con
trol—
The
inve
stm
ent o
ffice
r rev
iew
s th
e qu
arte
rly s
tate
men
ts fr
om
inve
stm
ent m
anag
ers
and
reco
ncile
s th
e in
vest
men
t ass
ets
by ty
pe
to th
e ba
lanc
es in
the
inve
stm
ents
ledg
er. I
nves
tmen
t offi
cer
inve
stig
ates
all
diffe
renc
es (r
evie
ws
ledg
er h
isto
ry a
nd /o
r con
tact
s in
vest
men
t man
ager
s). A
djus
tmen
ts to
reso
lve
diffe
renc
es a
re
revi
ewed
and
app
rove
d by
the
cont
rolle
r. At
tribu
tes
of th
e co
ntro
l—R
econ
cilia
tion
accu
rate
ly p
erfo
rmed
by
the
inve
stm
ent m
anag
er a
s un
ders
tood
Iden
tific
atio
n of
alld
iffer
ence
s pe
rform
ed a
s un
ders
tood
Adj
ustm
ents
tore
solv
e di
ffere
nces
pre
pare
d an
d re
view
ed a
s un
ders
tood
Inqu
iries
of i
nves
tmen
t offi
cer a
nd c
ontro
ls c
orro
bora
te o
bser
vatio
ns a
nd
insp
ectio
nS
ampl
e of
ass
ets
supp
ort r
ecor
ding
in th
e co
rrect
cat
egor
y
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e32
Man
agem
ent r
evie
w/re
conc
iliat
ion
cont
rols
Com
mon
pitf
all—
Insu
ffici
ent t
estin
g of
man
agem
ent r
evie
w a
nd
reco
ncilia
tion
cont
rols
, inc
ludi
ng:
Rel
evan
t attr
ibut
es o
f the
con
trol
Pre
cisi
on, s
ensi
tivity
Com
plet
enes
s an
d ac
cura
cy o
f und
erly
ing
data
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e33
Man
agem
ent r
evie
w/re
conc
iliat
ion
cont
rols
Con
side
r the
follo
win
g w
hen
test
ing
attri
bute
s of
an
acco
unt
reco
ncilia
tion
cont
rol:
Poor
Bet
ter
•Th
eac
coun
tre
conc
iliat
ion
was
com
plet
ed
•Th
eac
coun
trec
onci
liatio
nw
asco
mpl
eted
tim
ely,
inac
cord
ance
with
polic
y•
Ther
ew
ere
nom
ater
ialu
nrec
onci
led
item
s•
All
mat
eria
l rec
onci
ling
item
s w
ere
supp
orte
d•
The
prep
arer
pos
sess
ed a
ppro
pria
te le
vel
of c
ompe
tenc
e an
d au
thor
ity•
The
reco
ncili
atio
n w
as ti
mel
y re
view
ed
and
appr
oved
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e34
Man
agem
ent r
evie
w/re
conc
iliat
ion
cont
rols
Com
mon
pitf
all—
Faili
ng to
per
form
aud
it pr
oced
ures
to a
dequ
atel
y te
st th
e pr
ecis
ion
of a
con
trol
How
can
we
gath
er e
vide
nce
of p
reci
sion
of a
revi
ew c
ontro
l?D
oes
cont
rol e
ver i
dent
ify e
rror
s? T
heir
natu
re?
Exa
mpl
es?
Doe
s th
eco
ntro
l trig
ger a
ppro
pria
te fo
llow
-up?
In w
hat
circ
umst
ance
s? E
xam
ples
?W
hat i
s na
ture
of q
uest
ions
, fol
low
-up
and
outc
ome?
C
an w
e ob
serv
e th
e re
view
pro
cess
? Is
ther
e co
ntra
dict
ory
evid
ence
indi
catin
g co
ntro
l is
not s
uffic
ient
ly
prec
ise
or s
ensi
tive
to d
etec
t err
ors?
R
evie
w d
idno
tide
ntify
mis
stat
emen
ts
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e35
Man
agem
ent r
evie
w/re
conc
iliat
ion
cont
rols
Prec
isio
n of
are
view
/reco
ncilia
tion
cont
rol
Ask— H
ave
I per
form
ed p
roce
dure
s, b
eyon
d in
quiry
, to
eval
uate
the
prec
isio
n of
the
cont
rol?
Procedures the auditor perform
s to test operatin
g effectiv
eness inclu
de
a m
ix of in
quiry of appropria
te personnel, observatio
n of the com
pany’s
operatio
ns, inspectio
n of rele
vant docum
entatio
n, and re-perform
ance
of the
control. A
S5, par. 45
Doe
s do
cum
enta
tion
refle
ct th
e m
ix o
f pro
cedu
res
perfo
rmed
?
Doe
s do
cum
enta
tion
supp
ort t
he c
oncl
usio
n th
at th
e re
view
con
trol
is s
ensi
tive
enou
gh to
pre
vent
or d
etec
t mat
eria
l mis
stat
emen
ts?
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e36
Man
agem
ent r
evie
w/re
conc
iliat
ion
cont
rols
Com
mon
pitf
all—
Not
cha
lleng
ing
the
com
plet
enes
s an
d ac
cura
cy o
f the
und
erly
ing
data
use
d in
the
cont
rols
The
effe
ctiv
enes
s of
the
revi
ew c
ontro
l is
depe
nden
t on
the
com
plet
enes
s an
d ac
cura
cy o
f the
dat
a su
ppor
ting
the
cont
rol
Con
side
r—D
oes
the
cont
rol r
ely
on E
AE
?W
hat w
as o
ur e
valu
atio
n of
ITG
Cs?
Hav
e w
e tie
d th
e da
ta to
und
erly
ing
repo
rts (e
.g.,
subl
edge
rs,
gene
ral l
edge
rs, a
ppro
ved
fore
cast
s)?
Hav
e w
e te
sted
the
unde
rlyin
g da
ta (e
.g.,
the
AR
agi
ng in
a c
ontro
l ov
er th
e al
low
ance
for d
oubt
ful a
ccou
nts)
?
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e37
Dua
l pur
pose
test
s
Com
mon
pitf
all—
Failin
g to
des
ign
dual
-pur
pose
test
s to
dem
onst
rate
that
re
leva
nt a
ttrib
utes
of t
he c
ontro
l wer
e ev
alua
ted
and
test
ed
Exa
mpl
es—
Acco
unt r
econ
cilia
tions
War
rant
y re
serv
es
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e38
Dua
l pur
pose
test
sEx
ampl
e: A
ccou
nt r
econ
cilia
tions
Ris
k: W
ork
prog
ram
doe
s no
t ide
ntify
pro
cedu
res
to te
st a
ll re
leva
nt
attri
bute
s of
con
trols
Wor
kpap
ers
shou
ld e
vide
nce
our t
estin
g of
the
rele
vant
attr
ibut
es o
f th
e co
ntro
ls in
add
ition
to th
e su
bsta
ntiv
e pr
oced
ures
Stan
dard
sub
stan
tive
proc
edur
esAd
ditio
nal c
ontr
ol
proc
edur
es•
Cle
rical
ly te
st th
e re
conc
iliat
ion
•Ti
eth
ere
conc
iliat
ion
to th
e su
bled
ger
and
gene
ral l
edge
r•
Obt
ain
supp
ort f
or s
igni
fican
t re
conc
iling
item
s•
Ens
ure
ther
ear
e no
t sig
nific
ant
unre
conc
iled
diffe
renc
es
•D
eter
min
e w
heth
er th
e re
conc
iliat
ion
was
: •
Com
plet
ed ti
mel
y•
Pre
pare
d by
per
son
with
ap
prop
riate
com
pete
nce
and
auth
ority
•R
evie
wed
and
app
rove
d
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e39
Dua
l pur
pose
test
sEx
ampl
e: W
arra
nty
rese
rves
Ris
k: W
ein
fer t
hat c
ontro
ls a
re e
ffect
ive
from
resu
lts o
f su
bsta
ntiv
e pr
oced
ures
Sam
ple
subs
tant
ive
proc
edur
esC
onsi
dera
tions
•O
btai
n, c
leric
ally
test
, and
tie
the
com
pany
’s q
uarte
rly w
arra
nty
rese
rve
calc
ulat
ion
toth
ege
nera
l led
ger
•Te
stth
eun
derly
ing
data
sup
porti
ng
the
calc
ulat
ion
•E
valu
ate
whe
ther
ass
umpt
ions
are
re
ason
able
•In
quire
of l
egal
coun
sel a
nd
oper
atio
nal p
erso
nnel
for u
nres
erve
d cl
aim
s
•W
hat c
ontro
lsha
ve w
e te
sted
that
as
sure
the
com
plet
enes
s of
the
rese
rve?
•W
hat c
ontro
ls h
ave
we
test
ed th
at
assu
re th
e re
ason
able
ness
of t
he
assu
mpt
ions
?
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e40
Dua
l pur
pose
test
sEx
ampl
e: W
arra
nty
rese
rves
(con
t.)C
onsi
der—
Did
we
obta
in a
n un
ders
tand
ing
of th
e S
CO
T —
flow
of
trans
actio
ns, W
CG
Ws
and
cont
rols
?D
o th
e id
entif
ied
cont
rols
add
ress
the
WC
GW
s?H
ave
we
iden
tifie
d th
e co
ntro
ls in
GA
Mx?
Hav
e w
e w
alke
d th
roug
h th
e flo
w o
f tra
nsac
tions
and
co
ntro
ls, e
valu
ated
des
ign
and
dete
rmin
ed th
e co
ntro
ls h
ave
been
impl
emen
ted?
Doe
s ou
r doc
umen
tatio
n re
flect
that
we
have
test
ed th
e co
ntro
ls in
add
ition
to a
uditi
ng th
e ac
coun
t bal
ance
?
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e41
Con
trol
upd
ate
proc
edur
es
Com
mon
pitf
all—
Insu
ffici
ently
upd
atin
g in
terim
test
s of
con
trols
to a
sses
smen
t dat
e
The
natu
re a
nd e
xten
t of o
ur u
pdat
e pr
oced
ures
are
a m
atte
r of
pro
fess
iona
l jud
gmen
t
Obs
erva
tions
—P
roce
dure
s do
not
refle
ct c
hara
cter
istic
s of
, and
risk
s as
soci
ated
w
ith, t
heco
ntro
lsS
igni
fican
t rel
ianc
eon
inqu
iry v
s. a
mix
of p
roce
dure
sFo
cusi
ng o
nly
on le
ngth
of t
ime
sinc
e in
terim
test
ing
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e42
Con
trol
upd
ate
proc
edur
es
Nat
ure
and
exte
nt o
f upd
ate
proc
edur
es s
houl
d be
re
spon
sive
to:
Leng
thof
time
sinc
e in
terim
test
ing
Whe
ther
we
are
repo
rting
on
the
effe
ctiv
enes
s of
ICFR
Whe
ther
the
cont
rol a
ddre
sses
a h
ighe
r inh
eren
t ris
k or
si
gnifi
cant
risk
Cha
nges
in th
e co
ntro
l env
ironm
ent
Eva
luat
ion
of IT
GC
sD
egre
e of
relia
nce
on th
e co
ntro
lId
entif
icat
ion
ofco
ntro
l exc
eptio
nsC
hang
esto
cont
rols
sin
ce th
e in
terim
per
iod
Ref
er to
24
May
201
1 Au
dit M
atte
rs C
ontrol testin
g
rem
inders
Eval
uatin
g co
ntro
l def
icie
ncie
s
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e44
Eval
uatin
g co
ntro
l def
icie
ncie
s
Com
mon
pitf
all—
Not
suf
ficie
ntly
doc
umen
ting
our e
valu
atio
n of
con
trol d
efic
ienc
ies
both
indi
vidu
ally
and
in th
e ag
greg
ate
for t
heir
pote
ntia
l to
be
sign
ifica
nt d
efic
ienc
ies
or m
ater
ial w
eakn
esse
s
Doc
umen
tatio
n sh
ould
con
side
r—S
ever
ity o
f eac
h co
ntro
l def
icie
ncy
Rel
evan
tcom
pens
atin
g co
ntro
lsIn
dire
ct a
nd m
onito
ring
ELC
s ge
nera
lly n
ot s
uffic
ient
ly s
ensi
tive
Bot
h qu
antit
ativ
e an
d qu
alita
tive
fact
ors
Pos
sibi
lity
of u
ndet
ecte
d co
ntro
l def
icie
ncie
s in
unt
este
d po
pula
tion
(com
pone
nts)
Oth
er n
egat
ive
evid
ence
(rec
orde
d an
d un
reco
rded
adj
ustm
ents
)C
ontro
l def
icie
ncie
s af
fect
ing
sam
e ac
coun
ts, d
iscl
osur
es a
nd a
sser
tions
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e45
Eval
uatin
g co
ntro
l def
icie
ncie
s
Com
mon
pitf
all—
Not
eva
luat
ing
the
effe
ct o
f con
trol d
efic
ienc
ies
on th
e co
ntro
l ris
k as
sess
men
t and
nat
ure,
tim
ing
and
exte
nt o
f sub
stan
tive
audi
t pr
oced
ures
Poss
ible
cau
ses—
Not
aski
ngth
ese
cond
ques
tions
Effe
cton
cont
rolr
isk
asse
ssm
ent?
Nee
dto
adju
stna
ture
, tim
ing
and
exte
nt(e
.g.,
scop
e)of
plan
ned
proc
edur
es?
Rev
iew
ing
item
son
SO
CD
late
inth
eau
dit
Par
ticul
arly
,exc
eptio
nsid
entif
ied
by IA
orot
hers
N
otta
king
time
todo
cum
entl
inka
geof
cont
rolw
ork
tona
ture
, tim
ing
and
exte
nt o
f sub
stan
tive
proc
edur
es a
nd o
ur ra
tiona
le
Taki
ng a
ctio
n
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e47
Taki
ng a
ctio
n
Man
y po
ssib
le u
nder
lyin
g ca
uses
for e
ach
of th
e co
mm
on
pitfa
lls Wha
t are
pos
sibl
e un
derly
ing
caus
es in
you
r par
ticul
ar
circ
umst
ance
?W
hat p
ract
ices
mig
ht y
our t
eam
ado
pt to
add
ress
thos
e un
derly
ing
caus
es?
We
each
need
to ta
ke p
erso
nal r
espo
nsib
ility
and
actio
ns to
im
prov
e th
e qu
ality
of o
ur a
udit
proc
edur
es o
ver i
nter
nal
cont
rols
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e48
Taki
ng a
ctio
n
GAM
reso
urce
s—U
nder
stan
ding
sig
nific
ant c
lass
es o
f tra
nsac
tions
(S03
)P
erfo
rm w
alkt
hrou
ghs
(S04
)S
elec
t con
trols
to te
st (S
06)
Des
ign
test
s of
con
trols
(S09
)E
xecu
te te
sts
of c
ontro
ls (E
02)
Upd
ate
test
sof
cont
rols
(E04
)P
repa
re s
umm
ary
of c
ontro
l def
icie
ncie
s (I0
3)
It is
a p
erso
nal r
espo
nsib
ility
of e
ach
mem
ber o
f the
team
to
be s
ubje
ct m
atte
r spe
cial
ist o
n th
e flo
w o
f tra
nsac
tions
, ris
ks a
nd d
esig
n of
con
trols
for h
is o
r her
ass
igne
d ar
eas
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e49
Taki
ng a
ctio
n
Shar
e yo
ur o
bser
vatio
ns a
nd p
ersp
ectiv
es a
nd d
eter
min
e ac
tion
step
s
Begi
n no
w to
take
the
incr
emen
tal s
teps
that
will
lead
to
high
er q
ualit
y au
dits
Sub-
area
reso
urce
sC
AM
L ne
twor
kIn
tern
al c
ontro
ls s
peci
alis
t pilo
t pro
ject
Pre
-rep
ort i
ssua
nce
guid
ance
effe
ctiv
enes
s an
d im
plem
enta
tion
revi
ews
Coa
chin
g pr
ogra
m
Avo
idin
gC
omm
onP
itfal
lsin
Aud
iting
Inte
rnal
Con
trols
Slid
e50
Than
k yo
u fo
r atte
ndin
g!
Gro
up p
artic
ipan
ts o
nly:
Em
ail y
our t
yped
gro
up s
ign-
in s
heet
with
pr
ogra
m ti
tle a
nd d
ate,
and
eac
h pa
rtici
pant
’s n
ame,
UP
N/G
PN
, and
st
art/e
nd ti
me
by c
lose
of b
usin
ess
tom
orro
w to
TC
W_e
Fax_
Doc
s/EY
-A
PP/U
S (L
otus
Not
es) o
rfax
to (8
66)2
84-7
074
(Nor
th A
mer
ica
only
)C
lick
the
feed
back
butto
nan
d gi
veus
your
com
men
tson
this
virt
ual
pres
enta
tion.