AUDITING
What is an Audit?_________________________________
An audit is an evaluation of the financial statements of an organization, done either internally or externally. Internally refers to audits completed by employees within the organization. Externally refers to audits done by outside, hired firms. An audit may also particularly refer to the Government Auditors (Internal Revenue Service (IRS) examination of the return or other transactions of a tax payer, in which case the Government auditors check in an attempt to find the accuracy of the filed information.
The most general definition of an audit is an evaluation of a person, organization, system, process, project or product.
An auditor or accountant will perform the examination, attempting to check the fairness of the financial statements as provided by the company. Upon completion, an auditor's report displays the results of the investigation.
In financial accounting, an audit is an independent assessment of the fairness by which a company's financial statements are presented by its management. It is performed by competent, independent and objective person or persons, known as auditors or accountants, who then issue an auditor's report on the results of the audit.
Audit is an independent examination of financial statements of an entity that enables an auditor to express an opinion whether the financial statements are prepared (in all material respects) in accordance with an identified and acceptable financial reporting framework (e.g. international or local accounting standards and national legislations)
This view of audit is presented by ISA 200 Objective and General Principles Governing an Audit of Financial Statements. The phrases used; “to express the auditor’s opinion” means that the financial statements give a true and fair view or have been presented fairly in all material respects.
True and fair presentation means that the financial statement are prepared and presented in accordance with the requirements of the applicable International Financial Reporting Standards (IFRS) and local pronouncements/legislations.
What we can understand as the essential features of an audit from the above definition and explanation are as under:
• An auditor involves in examination of financial statements, the auditor is not responsible for the preparation of the financial statements.
• The end result of an audit is an opinion to assist the user of the financial statements. Auditing therefore relies heavily on professional judgment, not merely on the facts.
• The auditor’s opinion makes reference to “true and fair” or “fair presentations” but “true and fair” is again a matter of judgment. It is not precisely defined for the auditor.
In order to make the user of the auditor’s report able to feel confident in relying on such report, the auditor should be independent of the entity. Independent essentially means that the auditor has no significant personal interest in the entity. This allows an objective, professional view to be taken. You will note that this is a wide concept of an audit which can be applied to any entity, not just to limited companies. However, in this course, we are concerned primarily with audits of limited companies (often known as statutory or external audits). Any other audit applications will be clearly indicated for you in the text.
What is the distinction between auditing and accounting?
____________________________________________________________
Relationship between auditing and accounting:
Auditing and accounting are closely connected but both are separate activities. The directors of a company are responsible for establishing books of accounts that will accurately record financial information and that are used for preparing the annual financial statements. It is similarly the responsibility of the directors to adopt consistent and appropriate accounting policies in order to prepare and present the financial statements. The financial statements have to comply with national legislative requirements and International Financial Reporting Standards (IFRSs).
Accounting is the process of recording, classifying, summarizing and reporting financial information in a logical/systematic manner for the purpose of decision making. To provide relevant & reliable information, accountants must have a thorough understanding of the principles and rules that provide the basis for preparing the financial statements.
In auditing the financial statements, the concern is with determining whether the presented financial statements properly (true and fair) reflect the financial information that occurred during the accounting period. Since auditors are primarily concerned with the end result of this work i.e. do the financial statements show a true and fair view? In order to arrive at their conclusion the auditors must have a deep knowledge and understanding of accounting (including applicable accounting standards) and in practice, the directors will consult with the auditors as to appropriate accounting policies to follow.
Many financial statement users and members of the general public confuse auditing with accounting. The confusion results because most auditing is concerned with accounting information, and many auditors have considerable expertise in accounting matters. The
confusion is increased by giving the title “Chartered Accountant” to individuals performing a major portion of the audit function.
Purpose / Goal of Audit:
__________________________________________
Why is there a need for an audit?
The problem that has always existed at the time when the manager reports to the owners is that: whether the owners will believe the report or not? This is because the reports may:
• Contain errors
• Not disclose fraud
• Be inadvertently misleading
• Be deliberately misleading
• Fail to disclose relevant information
• Fail to conform to regulations
The solution to this problem of credibility in reports and accounts lies in appointing an independent person called an auditor to examine the financial statements and report on his findings.
A further point is that modern companies can be very large with multi-national activities. The preparation of the accounts of such groups is a very complex operation involving the bringing together and summarizing of accounts of subsidiaries with differing conventions, legal systems and accounting and control systems. The examination of such accounts by independent experts who are trained in the assessment of financial information is of benefit to those who control and operate such organizations as well as to owners and outsiders.
Many financial statements must conform to statutory or other requirements. The most notable is that all company accounts have to conform to the requirements of the Companies Ordinance 1984 but many other bodies (like: Charities, Building Societies, Financial Services business etc) have detailed accounting requirements as required by the relevant legislations. In addition all accounts should conform to the requirements of International Financial Reporting Standards (IFRSs).
It is essential that an audit of financial statements should be carried out to ensure that they conform to these requirements.
Audits are performed to ascertain the validity and reliability of information, and also provide an assessment of a system's internal control. The goal of an audit is to express an opinion on the person/organization/system etc. under evaluation based on work done on a test basis. Due to practical constraints, an audit seeks to provide only reasonable assurance that the statements are free from material error. Hence, statistical sampling is often adopted in audits.
In the case of financial audits, a set of financial statements are said to be true and fair when they are free of material misstatements - a concept influenced by both quantitative and qualitative factors.
Traditionally audits were mainly associated with gaining information about financial systems and the financial records of a company or a business. However recently auditing has begun to include other information about the system, such as information about environmental performance. As a result there are now professions that conduct environmental audits.
Such systems must adhere to generally accepted standards set by governing bodies that regulate businesses. It simply provides assurance for third parties or external users that such statements present 'fairly' a company's financial condition and results of operations.
Types of Auditors:
___________________________
There are two types of auditors:
• Internal auditors generally directly report to the top management of the company. As employees of the organization, they may have an inside track on noticing fraud or certain other occurrences. Internal auditors are employees of a company hired to assess and evaluate its system of internal control. To maintain independence, they present their reports directly to the board of directors or to top management. They provide functional operation to the concern. Internal auditors are employees of the company so that they can easily find out the frauds and any mishappening.
• External auditors come from an outside accounting firm in order to evaluate the company's financial statements. Many external audits done fall into the category of the "big four," the mid-tier range, or affiliates of the big four. External auditors are independent staff assigned by an auditing firm to assess and evaluate financial statements of their clients or to perform other agreed upon evaluations. Most external auditors are employed by accounting firms for annual engagements. They are called upon from the out side of the company.
An External auditor is an audit professional who performs an audit on the financial statements of a company, government, individual, or any other legal entity or organization, and who is independent of the entity being audited. Users of these entities' financial information, such as investors, government agencies, and the general public, rely on the external auditor to present an unbiased and independent evaluation on such entities. They are distinguished from internal auditors for two main reasons:
(1) The internal auditor's primary responsibility is appraising an entity's risk management strategy and practices, management (including IT) control frameworks and governance processes, and
(2) They do not express an opinion on the entity's financial statements.
Besides providing audit services, external auditors also provide different other kind of services. Most common of them are reviews of financial statements and compilation. In review auditors are generally required to tick and tie numbers to general ledger and make inquiries of management. In compilation auditors are required to take a look at financial statement to make sure they are free of obvious misstatements and errors.
The primary role of external auditors is to express an opinion on whether an entity's financial statements are free of material misstatements.
Some people confuse auditors with people who detect fraud but auditors have nothing to do with fraud detection exclusively. Auditors just want to make sure that company's financial statements are true and fair representation of its actual position. If they come across any fraud related information, it is their responsibility to bring it to the management's attention and consider withdrawing from the engagement if management does not take appropriate actions. Normally, external auditors review the entity's information technology control procedures when assessing its overall internal controls. They must also investigate any material issues raised by inquiries from professional or regulatory authorities, such as the local taxing authority. For public companies listed on stock exchanges in the United States, the Sarbanes-Oxley Act (SOX) has imposed stringent requirements on external auditors in their evaluation of internal controls and financial reporting.
The independence of external auditors is crucial to a correct and thorough appraisal of an entity's financial controls and statements. Any relationship between the external auditors and the entity, other than retention for the audit itself, must be disclosed in the external auditor's reports. These rules also prohibit the auditor from owning a stake in public clients and severely limits the types of non-audit services they can provide.
In the United States, certified public accountants are the only authorized non-governmental type of external auditors who may perform audits and attestations on an entity's financial statements and provide reports on such audits for public review. In the UK, Canada and other Commonwealth nations Chartered Accountants have served this role.
Who can be an auditor?
For appointment as auditor of:
• a Public Company or
• a Private Company which is a subsidiary of a Public Company.
• a Private Company having paid up capital of three million rupees or more.
Major auditing firms:
________________________________________-
The four largest accounting firms in the world are collectively referred to as the Big Four. They are as follows:
• PricewaterhouseCoopers, also known as PwC
• Ernst & Young, also known as EY
• KPMG
• Deloitte Touche Tohmatsu, also known as Deloitte
There are many other audit firms competing with the big four for major audit engagements. Competition has intensified in response to independence issues and other legislative requirements introduced as a consequence of the Arthur Andersen Scandal. In the US and Australia, these firms are referred to as "mid-tier". Some of these include: BDO International, Moore Stephens LLP, Grant Thornton International, McGladrey & Pullen, Hall Chadwick, Dauby O'Connor & Zaleski, LLC, PKF, Pitcher Partners, Johnson Lambert & Co. LLP, Beard Miller Company, DFK International, Horwath International, and UHY firm.
In the UK the medium sized firms are also referred to as mid-tier. Many of these firms are international and increasingly are competing for work against the Big Four, especially following the recent large auditing scandals.
Auditing firms around the world:
_______________________________________________
While the four major audit firms listed above provide audit services to the largest corporations in the United States of America, audit firms around the world are also in partnership with the Big Four. Since corporations held offices in other parts of the world, they tend to be audited by affiliates of the Big Four to maintain consistency and uniformity in their application of auditing standards.
Types of Audits:
_________________________
Types of Audits can be discussed in many dimension.
Quality audits
_____________________
Quality audits are performed to verify the effectiveness of a quality management system. This is part of certifications such as ISO 9001. They are essential to verify existence of objective evidence of processes, to assess how successfully processes have been implemented, for judging the effectiveness of achieving any defined target levels, provide evidence concerning reduction and elimination of problem areas, and are a hands-on management tool for achieving continual improvement in an organization.
For the benefit of the organization, quality auditing should not only report non-conformances and corrective actions, but also highlight areas of good practice. In this way other departments may share information and amend their working practices as a result, also enhancing continual improvement.
Integrated audits:
______________________
In the US, audits of publicly-listed companies are governed by rules laid down by the Public Company Accounting Oversight Board (PCAOB). Such an audit is called an Integrated Audit, and auditors have the additional responsibilities of expressing opinions on management's assessment of the firm's internal control, and on the effectiveness of internal control over financial reporting based on their (the auditors') own assessment.
Three types of audits are discussed in general, i.e.,
1. Financial statement audits
2. Operational audits
3. Compliance audits
Financial Statement Audits
__________________________________________________
An audit of financial statements is conducted to determine whether the overall financial statements (the quantifiable information being verified) are stated in accordance with specified criteria. Normally, the criteria are the requirements of the applicable International Financial Reporting Standards (IFRSs). The financial statements most commonly comprises of the Balance Sheet, Income Statement, Statement of Changes in Equity, Cash Flow Statement, and Notes to the accounts.
The assumption underlying an audit of financial statements is that these will be used by different groups for different purposes. Therefore, it is more efficient to have one auditor who will perform an audit and draw conclusions that can be relied upon by all users than to have each user perform his or her own audit. If a user believes that the general audit does not provide sufficient information for his or her purposes, the user has the option of obtaining more data. For example, a general audit of a business may provide sufficient financial information for a banker considering a loan to the company, but a corporation considering a merger with that business may also wish to know the replacement cost of fixed assets and other information relevant to the decision. The corporation may use its own auditors to get the additional information.
Operational Audits:
___________________________________
An operational audit is a review of any part of an entity’s operating procedures and methods for the purpose of evaluating efficiency and effectiveness. At the completion of an operational audit, recommendations to management for improving operation are normally expected. An example of an operational audit is evaluating the efficiency and accuracy of processing payroll transactions in a newly installed computer system. Another example, where most accountants would feel less qualified is evaluating the efficiency, accuracy, and customer satisfaction in processing the distribution of letters and parcels by a courier company such as TCS.
Because of the many different areas in which operational effectiveness can be evaluated, it is impossible to characterize the conduct of a typical operational audit. In one organization, the auditor might evaluate the relevancy and sufficiency of the information used by management in making decisions to acquire new fixed assets, while in a different organization the auditor might evaluate the efficiency of the paper flow in processing sales.
In operational auditing, the reviews are not limited to accounting. They can include the evaluation of organization structure, computer operations, production methods, marketing, and any other area in which the auditor is qualified.
The conduct of an operational audit and the reported results are less easily defined than for either of the other two types of audits. Efficiency and effectiveness of operations are far more difficult to evaluate objectively than compliance or the presentation of financial statements in accordance with accounting conventions and principles; and establishing criteria for evaluating the quantifiable information in an operational audit is an extremely subjective matter.
In this sense, operational auditing is more like “management consulting” than what is generally regarded as “auditing”. Operational auditing has increased in importance in the past decade.
Compliance Audits:
____________________________________
The purpose of a compliance audit is to determine whether the entity is following specific procedures, rules, or regulations set down by some higher authority. A compliance audit for a private business could include determining whether accounting personnel are following the procedures prescribed by the company controller, reviewing wage rates for compliance with minimum wage laws, or examining contractual agreements with bankers and other lenders to be sure the company is complying with legal requirements. In the audit of governmental units such as districts school, there is extensive compliance auditing due to extensive regulation by higher government authorities. In virtually every private and non profit organization,
there are prescribed policies, contractual agreements, and legal requirements that may call for compliance auditing. Results of compliance audits are typically reported to someone within the entity being audited rather than to a broad spectrum of users. Management, as opposed to outside users, is the primary group concerned with the extent of compliance with certain prescribed procedures and regulations. Hence, a significant portion of work of this type is done by auditors employed by the entity itself. There are exceptions; when an organization wants to determine whether individuals or entities that are obligated to follow its requirements are actually complying, the auditor is employed by the entity issuing the requirements. An example is the auditing of taxpayers for compliance with the federal tax laws, where the auditor is employed by the government to audit the taxpayers’ tax returns.
Internal audit:
_____________________________
Internal auditing is a profession and activity involved in helping organizations achieve their stated objectives. It does this by utilizing a systematic methodology for analyzing business processes, procedures and activities with the goal of highlighting organizational problems and recommending solutions. Professionals called internal auditors are employed by organizations to perform the internal auditing activity.
The scope of internal auditing within an organization is broad and may involve topics such as the efficacy of operations, the reliability of financial reporting, deterring and investigating fraud, safeguarding assets, and compliance with laws and regulations.
Internal auditing frequently involves measuring compliance with the entity's policies and procedures. However, internal auditors are not responsible for the execution of company activities; they advise management and the Board of Directors (or similar oversight body) regarding how to better execute their responsibilities. As a result of their broad scope of involvement, internal auditors may have a variety of higher educational and professional backgrounds.
Publicly-traded corporations typically have an internal auditing department, led by a Chief Audit Executive ("CAE") who generally reports to the Audit Committee of the Board of Directors, with administrative reporting to the Chief Executive Officer.
The profession is unregulated, though there are a number of international standard setting bodies, an example of which is the Institute of Internal Auditors ("IIA"). The IIA has established Standards for the Professional Practice of Internal Auditing and has over 150,000 members representing 165 countries, including approximately 65,000 Certified Internal Auditors.
History of internal auditing:
_____________________________________
The Internal Auditing profession evolved steadily with the progress of management science after World War II. It is conceptually similar in many ways to financial auditing by public accounting firms, quality assurance and banking compliance activities. Much of the theory underlying internal auditing is derived from management consulting and public accounting professions. With the implementation in the United States of the Sarbanes-Oxley Act of 2002, the profession's growth accelerated, as many internal auditors possess the skills required to help companies meet the requirements of the law.
Organizational independence:
_______________________________________
To perform their role effectively, internal auditors require organizational independence from management, to enable unrestricted evaluation of management activities and personnel. Although internal auditors are part of company management and paid by the company, the primary customer of internal audit activity is the entity charged with oversight of management's activities. This is typically the Audit Committee, a sub-committee of the Board of Directors. To provide independence, most Chief Audit Executives report to the Chairperson of the Audit Committee and can only be replaced with the concurrence of that individual.
Role in internal control:
___________________________________
Internal auditing activity is primarily directed at improving internal control. Under the COSO Framework, internal control is broadly defined as a process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following internal control categories:
• Effectiveness and efficiency of operations.
• Reliability of financial reporting.
• Compliance with laws and regulations.
Management is responsible for internal control. Managers establish policies and processes to help the organization achieve specific objectives in each of these categories. Internal auditors perform audits to evaluate whether the policies and processes are designed and operating effectively and provide recommendations for improvement.
Internal auditors may assist management with compliance with the Sarbanes-Oxley Act (SOX). One 2007 industry survey indicated that internal audit functions complete all SOX testing at 36% of SEC-listed companies.
Role in risk management:
_______________________________________
Internal auditing professional standards require the function to monitor and evaluate the effectiveness of the organization's Risk management processes. Risk management relates to how an organization sets objectives, then identifies, analyzes, and responds to those risks that could potentially impact its ability to realize its objectives.
Under the COSO (Committee of Sponsoring Organizations of the Treadway Commission is a U.S. private-sector initiative to identify the factors that cause fraudulent financial reporting and to make recommendations to reduce its incidence) enterprise risk management (ERM) Framework, risks fall under strategic, operational, financial reporting, and legal/regulatory categories. Management performs risk assessment activities as part of the ordinary course of business in each of these categories. Examples include:
• Strategic planning,
• Marketing planning,
• Capital planning,
• Budgeting,
• Hedging,
• Incentive payout structure, and
• Credit/lending practices.
Sarbanes-Oxley regulations also require extensive risk assessment of financial reporting processes. Corporate legal counsel often prepares comprehensive assessments of the current and potential litigation a company faces. Internal auditors may evaluate each of these activities, or focus on the processes used by management to report and monitor the risks identified. For example, internal auditors can advise management regarding the reporting of forward-looking operating measures to the Board, to help identify emerging risks.
In larger organizations, major strategic initiatives are implemented to achieve objectives and drive changes. As a member of senior management, the Chief Audit Executive (CAE) may participate in status updates on these major initiatives. This places the CAE in the position to report on many of the major risks the organization faces to the Audit Committee, or ensure management's reporting is effective for that purpose.
Internal auditors may help companies establish and maintain Enterprise Risk Management processes. Internal auditors also play an important role in helping companies execute a SOX 404 top-down risk assessment. In these latter two areas, internal auditors typically are part of the project team in an advisory role.
Enterprise risk management (ERM) in business includes the methods and processes used by organizations to manage risks and seize opportunities related to the achievement of their objectives. ERM provides a framework for risk management, which typically involves identifying particular events or circumstances relevant to the organization's objectives (risks and opportunities), assessing them in terms of likelihood and magnitude of impact, determining a response strategy, and monitoring progress. By identifying and proactively addressing risks and opportunities, business enterprises protect and create value for their stakeholders, including owners, employees, customers, regulators, and society overall.
ERM can also be described as a risk-based approach to managing an enterprise, integrating concepts of strategic planning, operations management, and internal control. ERM is evolving to address the needs of various stakeholders, who want to understand the broad spectrum of risks facing complex organizations to ensure they are appropriately managed. Regulators and debt rating agencies have increased their scrutiny on the risk management processes of companies.
The risk management process involves:
1. Establishing Context: This includes an understanding of the current conditions in which the organization operates on an internal, external and risk management context.
2. Identifying Risks: This includes the documentation of the material threats to the organization’s achievement of its objectives and the representation of areas to the organization may exploit for competitive advantage.
3. Analyzing/Quantifying Risks: This includes the calibration and, if possible, creation of probability distributions of outcomes for each material risk.
4. Integrating Risks: This includes the aggregation of all risk distributions, reflecting correlations and portfolio effects, and the formulation of the results in terms of impact on the organization’s key performance metrics.
5. Assessing/Prioritizing Risks: This includes the determination of the contribution of each risk to the aggregate risk profile, and appropriate prioritization.
6. Treating/Exploiting Risks: This includes the development of strategies for controlling and exploiting the various risks.
7. Monitoring and Reviewing: This includes the continual measurement and monitoring of the risk environment and the performance of the risk management strategies.
In financial auditing of public companies in the United States, SOX 404 top-down risk assessment (TDRA) is a financial risk assessment performed to comply with Section 404 of the Sarbanes-Oxley Act of 2002 (SOX 404). The term is used by the U.S. Public Company Accounting Oversight Board (PCAOB) and the Securities and Exchange Commission (SEC). The TDRA is used to determine the scope and required evidence to support management's testing of its internal controls under SOX404. It is also used by the external auditor to issue a formal opinion on the company's internal controls. However, as a result of the passage of Auditing Standard No. 5, which the SEC has since approved, external auditors are no longer required to provide an opinion on management's assessment of its own internal controls.
Role in corporate governance:
__________________________________________________
Internal auditing activity as it relates to corporate governance is generally informal, accomplished primarily through participation in meetings and discussions with members of the Board of Directors. Corporate governance is a combination of processes and organizational structures implemented by the Board of Directors to inform, direct, manage, and monitor the organization's resources, strategies and policies towards the achievement of the organizations objectives.
"The internal auditor is often considered one of the "four pillars" of corporate governance, the other pillars being the Board of Directors, management, and the external auditor".
A primary focus area of internal auditing as it relates to corporate governance is helping the Audit Committee of the Board of Directors (or equivalent) perform its responsibilities effectively. This may include reporting critical internal control problems, informing the Committee privately on the capabilities of key managers, suggesting questions or topics for the Audit Committee's meeting agendas, and coordinating carefully with the external auditor and management to ensure the Committee receives effective information.
Nature of the internal audit activity:
__________________________________________________
Based on a risk assessment of the organization, internal auditors, management and oversight Boards determine where to focus internal auditing efforts. Internal auditing activity is generally conducted as one or more discrete projects. A typical internal audit project involves the following steps:
1. Establish and communicate the scope and objectives for the audit to appropriate management.
2. Develop an understanding of the business area under review. This includes objectives, measurements, and key transaction types. This involves review of documents and interviews. Flowcharts and narratives may be created if necessary.
3. Describe the key risks facing the business activities within the scope of the audit.
4. Identify control procedures used to ensure each key risk and transaction type is properly controlled and monitored.
5. Develop and execute a risk-based sampling and testing approach to determine whether the most important controls are operating as intended.
6. Report problems identified and negotiate action plans with management to address the problems.
7. Follow-up on reported findings at appropriate intervals. Internal audit departments maintain a follow-up database for this purpose.
Project length varies based on the complexity of the activity being audited and Internal Audit resources available. Many of the above steps are iterative and may not all occur in the sequence indicated.
By analyzing and recommending business improvements in critical areas, auditors help the organization meet its objectives. In addition to assessing business processes, specialists called Information Technology (IT) Auditors review information technology controls.
Developing the plan of engagements:
________________________________________________________
Internal auditing standards require the development of a plan of audit engagements (projects) based on a risk assessment, updated at least annually. The input of senior management and the Board is typically included in this process. Many departments update their plan of engagements throughout the year as risks or organizational priorities change.
This effort helps ensure the audit activity is aligned with the organization’s objectives, by answering two key questions:
• First, what goals are the organizations trying to accomplish in the upcoming period?
• Second, how can the Internal Audit Department assist the organization in achieving these goals?
Internal auditors often conduct a series of interviews of senior management to identify potential engagements. Changes in people, processes, or systems often generate audit project ideas. Various documents are reviewed, such as strategic plans, financial reports, consulting studies, etc. Further, the results of prior audits and resolution of open issues are considered. For example, even if a business area is important, prior audit work and the nature and status of open issues may render further audit effort unnecessary. If the organization has a formal enterprise risk management (ERM) program, the risks identified therein help limit the amount of separate risk assessment performed by Internal Audit.
The preliminary plan of engagements is documented and prioritized. Audit resources and expertise are then considered and a final plan is presented to senior management and the Audit Committee. The presentations vary based on the needs of the stakeholders and may include the following:
• Summary of key goals, risks and corresponding major audits, to illustrate alignment;
• Analyses of audit effort along a variety of dimensions (e.g., by business segment, COSO objective category, IT, Sarbanes-Oxley, vs. prior year, etc.) along with commentary regarding changes;
• Brief description of critical projects identified;
• Projects requested but not planned for execution due to prioritization and resources;
• Required co-sourcing effort, typically where outside expertise is required or during peak periods;
• Coordination with other risk functions, such as legal, compliance or insurance, to ensure coverage of key organizational risks;
• Update on audit staffing levels, experience and certification; and
• Appendix materials, such as planning approach, assumptions (e.g., days per auditor and staffing level) and brief descriptions of all planned audits and related prioritization.
Best Practices in Internal Auditing:
Measuring the internal audit function
_____________________________________________-____________
The measurement of the internal audit function can involve a balanced scorecard approach. The Balanced Scorecard (BSC) is a performance management tool which began as a concept for measuring whether the smaller-scale operational activities of a company are aligned with its larger-scale objectives in terms of vision and strategy. By focusing not only on financial outcomes but also on the operational, marketing and developmental inputs to these, the Balanced Scorecard helps provide a more comprehensive view of a business, which in turn helps organizations act in their best long-term interests.
Internal audit functions are primarily evaluated based on the quality of counsel and information provided to the Audit Committee and top management. However, this is primarily qualitative and therefore difficult to measure. “Customer surveys” sent to key managers after each audit project or report can be used to measure performance, with an annual survey to the Audit Committee. Scoring on dimensions such as professionalism, quality of counsel, timeliness of work product, utility of meetings, and quality of status updates are typical with such surveys.
Quantitative measures can also be used to measure the function’s level of execution and qualifications of its personnel. Key measures include:
• Plan completion: This is a measure of the degree to which the annual plan of engagements is completed, measured at a point in time. This may be measured using the number of projects completed, weighted by the planned size of each project, with estimates for projects in-progress. Measured throughout the year, it is compared against the percentage of the year elapsed.
• Report issuance: This is a measure of the time elapsed from completion of testing to issuance of the final audit report, including management’s action plans. This can be measured in average days or percentage of reports issued within a certain standard, such as 30 days. Establishing expectations for the timing of management’s response to report recommendations is critical. In addition, the scope and degree of change involved in the report’s action plans are key variables. For example, a report for a single retail store requiring only the store manager’s action might take 3-5 days to issue. However, a report consolidating findings from 20 retail stores, with action plans with national implications determined by top management, may take 30-60 days in complex organizations.
• Issue closure: Reported audit findings are often called “issues” or “deficiencies.” Professional standards require audit functions to track reported findings to resolution, which effectively requires the maintenance of an issues follow-up database. The number of days that reported issues remain open, or open after their agreed-upon closure date, are key measures. In addition, reporting database statistics such as the number of issues open (unresolved), closed (resolved), and issues opened/closed during a given period are useful statistics.
• Staff qualifications: This can be measured through the percentage of staff with professional certifications, graduate degrees, and overall years of experience.
• Staff utilization rate: This is measured as the percentage of time spent on projects, as opposed to administrative time such as training or vacation. Many internal audit departments track time by audit project. This is typically captured in a database or spreadsheet.
• Staffing level: The number of positions filled relative to the authorized staffing level. Due to the challenge of finding qualified staff, departments may have rotational programs to bring in management to complete tours in the function or be "guest" auditors. Audit departments also "co-source," meaning they obtain contract auditors from service providers.
Developing and retaining staff:
____________________________________________
Developing and retaining quality professionals is a key concern in the profession.[11] Key methods for developing and retaining internal audit staff personnel include:
• Providing challenging, varied assignments
• Ensuring quality supervision
• Ensuring staff participates in projects from start to finish, to learn all phases of the audit process
• Providing opportunities to lead (in-charge) projects, starting with more structured projects such as Sarbanes-Oxley work
• Participating on departmental improvement task forces, such as preparation for quality assurance review
• Participating in the recruiting and interviewing process for new hires
• Rotating through various audit teams (in larger departments) or audits of various businesses
• Providing both outside training (e.g., seminars) and in-house training (e.g., company systems) for two weeks/year
• Participation in annual risk assessment activities, whether asking key questions or just taking notes
Reporting of critical findings:
_________________________________________
The Chief Audit Executive (CAE) typically reports the most critical issues to the Audit Committee quarterly, along with management's progress towards resolving them. Critical issues typically have a reasonable likelihood of causing substantial financial or reputation damage to the company. For particularly complex issues, the responsible manager may participate in the discussion. Such reporting is critical to ensure the function is respected, that the proper "tone at the top" exists in the organization, and to expedite resolution of such issues. It is a matter of considerable judgment to select appropriate issues for the Audit Committee's attention and to describe them in the proper context.
Financial audit:
_____________________________
A financial audit, or more accurately, an audit of financial statements, is the review of the financial statements of a company or any other legal entity (including governments), resulting in the publication of an independent opinion on whether or not those financial statements are relevant, accurate, complete, and fairly presented.
Financial audits are typically performed by firms of practicing accountants due to the specialist financial reporting knowledge they require. The financial audit is one of many assurance or attestation functions provided by accounting and auditing firms, whereby the firm provides an independent opinion on published information.
Many organizations separately employ or hire internal auditors, who do not attest to financial reports but focus mainly on the internal controls of the organization. External auditors may choose to place limited reliance on the work of internal auditors.
Purpose:
_________________
Financial audits exist to add credibility to the implied assertion by an organization's management that its financial statements fairly represent the organization's position and performance to the firm's stakeholders (interested parties). The principal stakeholders of a company are typically its shareholders, but other parties such as tax authorities, banks, regulators, suppliers, customers and employees may also have an interest in ensuring that the financial statements are accurate.
The audit is designed to reduce the possibility of a material misstatement. A misstatement is defined as false or missing information, whether caused by fraud (including deliberate misstatement) or error. Material is very broadly defined as being large enough or important enough to cause stakeholders to alter their decisions.
The exact 'audit opinion' will vary between countries, firms and audited organizations.
In the US, the CPA firm provides written assurance that financial reports are 'fairly presented in conformity with generally accepted accounting principles (GAAP).' The measure for 'fairly presented' is that there is less than 5% chance (5% audit risk) that the financial statements are 'materially misstated'.
History:
__________________
Audit of government expenditure:
____________________________________
The earliest surviving mention of a public official charged with auditing government expenditure is a reference to the Auditor of the Exchequer in England in 1314. The Auditors of the Imprest were established under Queen Elizabeth I in 1559 with formal responsibility for auditing Exchequer payments. This system gradually lapsed and in 1780, Commissioners for Auditing the Public Accounts were appointed by statute. From 1834, the Commissioners worked in tandem with the Comptroller of the Exchequer, who was charged with controlling the issue of funds to the government.
As Chancellor of the Exchequer, William Ewart Gladstone initiated major reforms of public finance and Parliamentary accountability. His 1866 Exchequer and Audit Departments Act required all departments, for the first time, to produce annual accounts, known as appropriation accounts. The Act also established the position of Comptroller and Auditor General (C&AG) and an Exchequer and Audit Department (E&AD) to provide supporting staff from within the civil service. The C&AG was given two main functions – to authorize the issue of public money to government from the Bank of England, having satisfied himself that this was within the limits Parliament had voted – and to audit the accounts of all Government departments and report to Parliament accordingly.
Auditing of UK government expenditure is now carried out by the National Audit Office. Sing industry (acting through various organizations throughout the years) as to the accounting standards for financial reporting, and the U.S. Congress has deferred to the SEC.
This is also typically the case in other developed economies. In the UK, auditing guidelines are set by the institutes (including ACCA, ICAEW, ICAS and ICAI) of which auditing firms and individual auditors are members.
Accordingly, financial auditing standards and methods have tended to change significantly only after auditing failures. The most recent and familiar case is that of Enron. The company succeeded in hiding some important facts, such as off-book liabilities, from banks and shareholders. Eventually, Enron filed for bankruptcy, and (as of 2006) is in the process of being dissolved. One result of this scandal was that Arthur Andersen, then one of the five largest accountancy firms worldwide, lost their ability to audit public companies, essentially killing off the firm.
A recent trend in audits (spurred on by such accounting scandals as Enron and Worldcom) has been an increased focus on internal control procedures, which aim to ensure the completeness, accuracy and validity of items in the accounts, and restricted access to financial systems. This emphasis on the internal control environment is now a mandatory part of the audit of SEC-listed companies, under the auditing standards of the Public Company Accounting Oversight Board (PCAOB) set up by the Sarbanes-Oxley Act.
Stages of an audit:
___________________________
A financial audit is performed before the release of the financial statements (typically on an annual basis), and will overlap the 'year-end' (the date which the financial statements relate to).
The following are the stages of a typical audit:
Planning and risk assessment:
_______________________________________
Timing: before year-end
Purpose:
______________________
• To understand the business of the company and the environment in which it operates
o What should auditors understand?
? The relevant industry, regulatory, and other external factors including the applicable financial reporting framework
? The nature of the entity
? The entity’s selection and application of accounting policies
? The entity’s objectives and strategies, and the related business risks that may result in material misstatement of the financial statements
? The measurement and review of the entity’s financial performance
? Internal control relevant to the audit
• To determine the major audit risks (i.e. the chance that the auditor will issue the wrong opinion). For example, if sales representatives stand to gain bonuses based on their sales, and they account for the sales they generate, they have both the incentive and the ability to overstate their sales figures, thus leading to overstated revenue. In response, the auditor would typically plan to increase the rigour of their procedures for checking the sales figures.
Internal controls testing:
___________________________
Timing: before and/or after year-end
Purpose:
• To assess the operating effectiveness of internal controls (e.g. authorization of transactions, account reconciliations, segregation of duties). If internal controls are assessed as effective, this will reduce (but not entirely eliminate) the amount of 'substantive' work the auditor needs to do (see below).
Notes:
• In some cases an auditor may not perform any internal controls testing, because he/she does not expect internal controls to be reliable. When no internal control testing is performed, the audit is said to follow a substantive approach.
• This test determines the amount of work to be performed i.e. substantive testing or test of details.
Substantive procedures:
_____________________________
Financial audits exist to add credibility to the implied assertion by an organization's management that its financial statements fairly represent the organization's position and performance to the firm's stakeholders (interested parties). The principal stakeholders of a company are typically its shareholders, but other parties such as tax authorities, banks, regulators, suppliers, customers and employees may also have an interest in ensuring that the financial statements are accurate.
The audit is designed to reduce the possibility of a material misstatement. A misstatement is defined as false or missing information, whether caused by fraud (including deliberate misstatement) or error. Material is very broadly defined as being large enough or important enough to cause stakeholders to alter their decisions.
The exact 'audit opinion' will vary between countries, firms and audited organisations.
In the US, the CPA firm provides written assurance that financial reports are 'fairly presented in conformity with generally accepted accounting principles (GAAP).' The measure for 'fairly presented' is that there is less than 5% chance (5% audit risk) that the financial statements are 'materially misstated'.
Finalization:
__________________
Timing: at the end of the audit
Purpose:
• To compile a report to management regarding any important matters that came to the auditor's attention during performance of the audit,
• To evaluate and review the audit evidence obtained, ensuring sufficient appropriate evidence was obtained for every material assertion and
• To consider the type of audit opinion that should be reported based on the audit evidence obtained.
Significant audit firms:
_____________________________________________
These firms are the 'Big 4' multinational accountancy firms which audit the majority of large quoted/listed companies. In addition to providing audits, they also provide other services including tax advice and IT consultancy.
Firm 2007 global revenue (US dollars)
PricewaterhouseCoopers
25.2bn
Deloitte
23.1bn
Ernst & Young
21.1bn
KPMG
19.8bn[5]
Commercial relationships versus objectivity
______________________________________________________
One of the major issues faced by private auditing firms is the need to provide independent auditing services while maintaining a business relationship with the audited company. The auditing firm's responsibility to check and confirm the reliability of financial statements may be limited by pressure from the audited company, who pays the auditing firm for the service. The auditing firm's need to maintain a viable business through auditing revenue may be weighed against its duty to examine and verify the accuracy, relevancy, and completeness of the company's financial statements. Numerous proposals are made to revise the current system to provide better economic incentives to auditors to perform the auditing function without having their commercial interests compromised by client relationships. Examples are more direct incentive compensation awards and financial statement insurance approaches. See at the end of this document, respectively, Incentive Systems to Promote Capital Market Gatekeeper Effectiveness and Financial Statement Insurance.
Related qualifications:
____________________________
• There are several related professional qualifications in the field of financial audit including Certified General Accountant (CGA), Chartered Certified Accountant, Chartered Accountant and Certified Public Accountant.
"Audit risk"
_________________
Audit risk is a term that is commonly used in relation to the audit of the financial statements of an entity. (See financial audit). The primary objective of such an audit is to provide an opinion as to whether or not the financial statements under audit present fairly the financial position, profit/loss and cash flows of the entity. Audit risk is the risk of the auditor providing an inappropriate opinion on the financial statements, particularly when those financial statements contain a material misstatement. Of less concern is the situation where the auditor states that the financial statements do not meet the standard of fair presentation, when in fact they do.
Where audit risk fits into the audit process:
_________________________________________________________
Audit risk is assessed during the planning phase of the audit, and is a very important activity, as the testing to be performed during the next phase of the audit (now referred to as the "putting the plan into action phase", but essentially the testing phase) is determined in response to the risk assessment. Note that, at this stage, the auditor has not yet done any testing, so his assessment of risk is essentially a provisional one. During the testing phase, after testing the entity's control system, the auditor has to consider if the control system is better or worse than expected during the planning phase, and adjust his testing accordingly.
Having said the above, there are indications that the large auditing firms are shifting elements of the risk assessment into the preliminary engagement phase of the audit (formerly referred to as the pre-engagement phase), which refers to the phase where work is done prior to entering into a contract with the then still prospective audit client. Firms are doing this to avoid involvement with clients that may cause them reputation damage.
Risk is supposed to be assessed at two levels, being the financial statement level and the assertion level. Risk at financial statement level refers to a risk factor that can produce a misstatement in any one of a number of assertions, like the management of the entity being dishonest or incompetent. Risk at assertion level refers to a risk factor that makes a misstatement of a specific assertion more likely.
A contentious matter in this regard is the interplay between the determination of materiality and risk assessment during the planning phase. Some sources state that risk should be assessed before the determination of materiality, but the argument that materiality should be determined before the risk assessment makes more sense, for the simple reason that the definition of audit risk includes a reference to material misstatement. Hence, if the auditor has not yet determined materiality, he will not be able to do a meaningful risk assessment.
The audit risk formula:
__________________________________
Audit Risk = Inherent Risk x Control Risk x Detection Risk
The purpose of this equation is to calculate detection risk, which then indicates to the auditor how much substantive testing he has to do to arrive at the acceptable audit risk. This is explained below in more detail.
Components of the audit risk formula:
___________________________________________
Audit risk:
_____________
In this context, audit risk (also referred to as residual risk) refers to acceptable audit risk, i.e. it indicates the auditor's willingness to accept that the financial statements may be materially misstated after the audit is completed and an unqualified (clean) opinion was issued. If the auditor decides to lower audit risk, it means that he wants to be more certain that the financial statements are not materially misstated.
Inherent risk:
_______________________
Inherent risk represents the auditor's assessment that there may be a material misstatement relating to an assertion in the financial statements under audit, without taking the effectiveness of the related internal controls into account . If the auditor concludes that there is a high likelihood of such a misstatement, ignoring internal controls, he would assess the inherent risk as being high. An example of inherent risk: the valuation of inventory is inherently more risky when the type of inventory is difficult to value due to its nature, so the valuation of diamonds are inherently much more risky than, say, tennis balls. Internal controls are ignored during the assessment of inherent risk because they are considered when assessing another component of audit risk, namely control risk. The assessment of inherent risk (and also control risk) is an exercise that requires professional judgment on the part of the auditor. Hence, two auditors assessing the same company may assess the inherent and control risks differently, but it is to be expected that their assessments should be in the same vicinity. Auditors express their risk assessment in one of two ways (and this goes for all the components of the risk formula): as a percentage, or described as low, medium or high.
Control risk:
____________________
Control risk represents the auditor's assessment of the likelihood that a material misstatement relating to an assertion in the financial statements will not be detected and corrected, on a timely basis, by the client's internal control system. To return to the example of an entity having an inventory of diamonds, which is inherently risky in terms of valuation: if the entity has competent, experienced valuers valuing its inventory, the control risk will be lower as compared to a situation where incompetent people are tasked with performing that function. The product of inherent risk and control risk is referred to as the Risk of Material Misstatement, and represents the risk that the auditor adequately has to respond to when doing substantive testing. It is permissible to do a combined assessment of inherent and control risk, instead of formally separating the two components as done above.
Detection risk:
_________________
Detection risk is defined as the likelihood that a material misstatement relating to an assertion will not be detected by the auditor's substantive testing. It is important to note that the detection risk indicates the detection risk that the auditor is willing to "live with", given the acceptable audit risk and his assessment of inherent and control risk. This means that if the detection risk is high, the auditor is willing to accept a high detection risk, and will do less substantive testing as compared to a situation where the detection risk is lower.
An example:
_____________________
Suppose an auditor is doing the risk assessment relating to the completeness of trade payables assertion. He regards 5% as an acceptable audit risk, and has assessed the inherent risk at 70%, which is high. But he has also assessed the control risk relating to this assertion at 10%, which means that the client has strong controls in place "governing" this assertion. The auditor expects these controls to eliminate 90% of the misstatements that were likely due to the inherently risky nature of the assertion, leaving a low combined risk of slightly above 6% for him to respond to by means of his substantive testing. Calculating the detection risk then produces an answer of almost 80%, which implies that the auditor can, with detection risk at a high 80%, still have the acceptable audit risk of 5%. Hence the auditor does not have to do very exhaustive substantive testing relating to the completeness of trade payables. Note that the auditor can peg control risk at above the assessed level, thereby effectively treating the entity as having worse controls than is really the case. By doing so, the auditor effectively opts to do less controls testing, but must then compensate by doing more substantive testing.
Performance audit:
___________________________
Performance audit refers to an examination of a program, function, operation or the management systems and procedures of a governmental or non-profit entity to assess whether the entity is achieving economy, efficiency and effectiveness in the employment of available resources. The examination is objective and systematic, generally using structured and professionally adopted methodologies.
In most countries, performance audits of governmental activities are carried out by the external audit bodies at federal or state level. Many of these audit bodies have established guides for conducting performance audits which explain how performance audits are planned, conducted and its results reported.
INTOSAI, the international association of Supreme Audit Institutions, has published generally accepted principles of performance auditing in its implementation guidelines. In the United States, the standard for government performance audits is the Generally Accepted Government Auditing Standards (GAGAS), often referred to as the "yellow book", maintained by the federal Government Accountability Office (GAO). Similarly, the European Court of Auditors (ECA) has developed a "performance audit manual" for its audits of the sound financial management of the European Commission and the programmes funded through the EU budget.
Performance audits may also be conducted by Internal Auditors who are employees of the entity being audited. However, some national governments require agencies, departments and branches to periodically retain outside auditors to conduct them.
In the USA, all auditors who follow GAGAS standards are required to maintain independence, supervision, continuing professional education, and conduct the audit using a specific process designed to increase the quality of the audit and reduce the politicization of audit work.
Although there are separate professional credentials and certifications for Financial Auditors, the persons that conduct Performance Audits in the USA are often Certified Public Accountants, Certified Internal Auditors, or have a broad background in public policy, business or public administration.
The scope of performance audits may include the detection of fraud, waste and abuse, although often these are not included in the scope. Prior to engaging in a performance audit, the auditor must have a scope and plan defined which will be used to guide the audit process.
Performance auditing differs from performance measurement, the latter being the responsibility of management of the entity. In addition, performance measurement may include a broad variety of activities that do not meet the rigour of an independent external assessment.
What is an auditor’s report?
__________________________________________
The primary aim of an audit is to enable the auditor to say “these accounts show a true and fair view” or, of course, to say that “they do not show a true and fair view”. At the end of his audit, when he has examined the entity, its record, and its financial statements, the auditor produces a report addressed to the owners/stake holders in which he expresses his opinion of the truth and
fairness, and sometimes other aspects, of the financial statements.
Standard format of Auditor’s Report as per the Companies Ordinance 1984:
____________________________________________________________
AUDITORS’ REPORT
We have audited the annexed balance sheet of COMPANY NAME as at THE DATE and the related profit and loss account, cash flow statement and statement of changed in equity together with the notes forming part thereof, for the year then ended and we state that we have obtained all the information and explanations which to the best of our knowledge and belief were necessary for the purposes of our audit.
It is the responsibility of the company’s management to establish and maintain a system of internal control and prepare and present the above said statements in conformity with the approved accounting standards. Our responsibility is to express an opinion on
these statements based on our audit.
We conducted our audit in accordance with the auditing standards. These standards require that we plan and perform the audit to obtain reasonable assurance about whether the above said statements are free of any material misstatement. An audit includes examining, on a test basis,
evidence supporting the amounts and disclosures in the above said statements. An audit also includes assessing the accounting policies and significant estimates made by management, as well as evaluating the overall presentation of the above said statements. We believe that our audit provides a reasonable basis for our opinion and, after due verification, we report that:
a) In our opinion, proper books of accounts have been kept
b) In our opinion:
o The balance sheet and profit and loss account together with the notes thereon have been drawn-up in conformity with the Companies Ordinance, 1984, and are in agreement with the books of account and are further in accordance with accounting policies consistently applied
o The expenditure incurred during the year was for the purpose of the company’s business; and
o The business conducted investments made and the expenditure incurred during the year were in accordance with the objects of the company.
c) In our opinion and to the best of our information and according to the explanations given to us, the balance sheet, profit and loss account, cash flow statement and statement of changes in equity together with the notes forming part thereof, give the information required, in the manner so required and respectively give a true and fair view of the state of the company’s affairs as at DATE and of the profit/loss its cash flows and changes in equity for the year then ended; and
Date Signature
Place (Name(s) of Auditors)
Standard format of Auditor’s Report as per the International Auditing Standards:
______________________________________________________
INDEPENDENT AUDITOR’S REPORT
[Appropriate Addressee]
Introductory Paragraph
________________________________
We have audited the accompanying financial statements of ABC Company, which comprise the balance sheet as at December 31, 20X1, and the income statement, statement of changes in equity and cash flow statement for the year then ended, and a summary of significant accounting policies and other explanatory notes.
Management’s Responsibility for the Financial Statements:
__________________________________________________-______
Management is responsible for the preparation and fair presentation of these financial statements in accordance with International Financial Reporting Standards. This responsibility includes: designing, implementing and maintaining internal control relevant to the preparation and fair presentation of financial statements that are free from material misstatement, whether due to fraud or error; selecting and applying appropriate accounting policies; and making accounting estimates that are reasonable in the circumstances.
Auditor’s Responsibility
___________________________________________
Our responsibility is to express an opinion on these financial statements based on our audit. We conducted our audit in accordance with International Standards on Auditing. Those standards require that we comply with ethical requirements and plan and perform the audit to obtain reasonable assurance whether the financial statements are free from material misstatement.
An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the financial statements. The procedures selected depend on the auditor’s judgment, including the assessment of the risks of material misstatement of the financial statements, whether due to fraud or error. In making those risk assessments, the auditor considers internal control relevant to the entity’s preparation and fair presentation of the financial statements in order to design audit procedures that are appropriate in the
circumstances, but not for the purpose of expressing an opinion on the effectiveness of the entity’s internal control. An audit also includes evaluating the appropriateness of accounting policies used and the reasonableness of accounting estimates made by management, as well as evaluating the overall presentation of the financial statements.
We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinion.
Opinion
_______________
In our opinion, the financial statements give a true and fair view of (or” present fairly, in all material respects,”) the financial position of ABC Company as of December 31, 20X1, and of its financial performance and its cash flows for the year then ended in accordance with International Financial Reporting Standards.
Report on Other Legal and Regulatory Requirements
___________________________________________________________
[Form and content of this section of the auditor’s report will vary depending on the nature of the auditor’s other reporting responsibilities.]
[Auditor’s signature]
[Date of the auditor’s report]
[Auditor’s address]
What stands for auditor’s opinion?
______________________________________________________
The auditor, in his report, does not say that the financial statements do show a true and fair view. He can only say that in his opinion the financial statements show a true and fair view. The reader or user of financial statements will know from his knowledge of the auditor whether or not to rely on the auditor’s opinion. If the auditor is known to be independent, honest, and competent, then his opinion will be relied upon.
What are the advantages and disadvantages of auditing?
_______________________________________________
Advantages of an audit
____________________________
We have seen that the need for an external audit in the case of companies arises primarily from the existence of split-up of ownership from control. There are however, certain advantages in having financial statements audited even where no statutory requirement exists for such an audit in the case of a sole-tradership, partnership, or non-profit organizations for example.
These advantages can be summarized as follows:
a) Disputes between management may be more easily settled. For instance, a partnership which has complicated profit sharing arrangements may require an independent examination of those accounts to ensure, as far as possible, an accurate assessment and distribution of the profits.
b) Major changes in ownership may be facilitated if past accounts contain an independent audit report, for instance, where two sole traders merge their business to form a new partnership.
c) Application to lenders/financial institutions for finance may be strengthened by the submission of audited accounts. However do remember that a bank, for instance, is likely to be far more concerned about the future of the business and available security, than by the past historical accounts, audited or otherwise.
d) The audit is likely to involve an in depth examination of the business and so may enable the auditor
e) To give more constrictive advice to management on improving the efficiency of the business.
Disadvantages of an audit:
_____________________________________
Like most thing in life, audits are not entirely without their disadvantages. There are two main points to make here:
a) The audit fee! Clearly the services of an auditor must be paid for. It is for this reason that few partnerships and even fewer sole traders are likely to have their accounts audited.
b) The audit involves the client’s staff and management in giving time to providing information to the auditor. Professional auditors should therefore plan their audit carefully to minimize the disruption which their work will cause.
What are the different stages of audit?
____________________________________________________
Auditing is essentially a practical task. The auditor always needs to reflect the nature of the circumstances of the entity under audit. It is unlikely that any two audit assignments will ever identical. It is however possible to identify a number of standard stages in a typical external audit. These are as follows:
• Audit appointment
• Engagement letter
• Initial planning
o Knowledge of the business
o Risk Assessment
o Internal control review (procedures)
o Control procedures (authorities/approvals/segregation of duties)
• Preparation of the audit plan
• Accounting system review
• Analytical review techniques (Compliance procedures-Application of control test procedures) like purchasing are according to the controls established.
• Considering the ways in which audit evidence can be sought
• Substantive testing (transaction level procedures)
• Reasonable assurance
• Review of the financial statements (compliance with the standards/material misstatement etc.)
• Preparation and signing of report
At the stage of considering the ways of seeking audit evidence the auditor will make a preliminary evaluation of the entity’s control system:
1. If the controls are likely to lead to a true and fair set of financial statements the auditor will test those controls.
2. If they appear weak he will not rely on the controls but carry out extensive testing of the
transactions and balances which appear in the financial statements by means of substantive procedures.
3. If the controls are operating effectively, the auditor can reduce the amount of substantive testing described above and adopt a reliance approach.
4. If not then the auditor will be forced into a extensive substantive approach
Knowing the audit profession and other services?
____________________________________________________________
Auditing firms do not describe themselves as auditors. They describe themselves as Chartered Accountants. Auditing firms are composed of accountants who perform audits for their clients. They also perform other services. The small chartered accountant firms especially may spend more time on other services than on auditing.
The other services may include:
• Writing up books of accounts (Book keeping)
• Balancing books of accounts (Extracting trial balance)
• Preparing final accounts
• Tax management
• Statutory form filling
• Financial consultancy
• Management and system consultancy
• Liquidation and receivership work
• Investigations (Fraud audit)
LEGAL CONSIDERATION REGARDING AUDITING
The Audit Requirement
_____________________________________________________
• Not all limited companies are required to have their financial statements audited. Nor are all companies required to produce financial statements in the same formats as many exemptions may apply to small and medium sized companies.
• Broadly speaking, small companies are exempt from the audit requirement, small and medium sized companies may file abbreviated accounts with the registrar of companies and small companies may prepare accounts with reduced disclosures for their members.
Appointment, Duties, Rights and Liabilities of Auditor
____________________________________________________________
Appointment:
___________________
First Auditors:
___________________
• The first auditors of a company shall be appointed by the directors within 60 days of
incorporation of the company
• The first auditors will hold office till the first annual general meeting.
• If the directors fail to appoint the first auditors, the members shall appoint the first
auditors, provided further that the auditors such appointed shall not be removed during
the tenure expect through a special resolution.
• Where the first auditors are not appointed either by the directors or by the members within 120 days of incorporation of the company, the Securities & Exchange Commission will appoint the auditor.
Subsequent Auditors:
____________________________________
• At each annual general meeting the company (members) shall appoint the auditors.
• The auditors shall hold office from the conclusion of that meeting till the conclusion of
next annual general meeting.
• If no auditors are appointed at annual general meeting Commission shall appoint an auditor.
To exercise this power the company must give notice to Commission within one week of
these powers having become exercisable.
Note:
____________
Provided that an auditor or auditors appointed in a general meeting may be removed before
conclusion of the next annual general meeting through a special resolution.
Casual Vacancy:
________________________
• Any casual vacancy shall be filled by directors.
• Auditors so appointed shall hold office till next annual general meeting
• If directors do not appoint auditors to fill casual vacancy within 30 days, Commission may appoint an auditor
Commission’s powers to appoint auditors:
_____________________________________________________
The Securities & Exchange Commission may appoint an auditor if the following situations arise:
a) First auditors are not appointed within 120 days from incorporation;
b) Subsequent auditors are not appointed in annual general meeting;
c) Casual vacancy is not filled within 30 days; and
d) Auditors appointed are unwilling to act as auditors.
To exercise this power, the company must give notice to Commission within one week of its powers becoming exercisable.
SUMMARY
Auditors Time of appointment
Appointing Authority
Term of Office Appointing
Authority in default
Remarks
First 1st Auditors
Within 60 days of Incorporation
Directors Till first
AGM
Members Members shall appoint 1st auditors at a general meeting
within 120 days. After 120 days SECP may make the appointment.
Subsequent Auditors
AGM Members Till next
AGM
SEC If auditors are not appointed in Auditors AGM. AGM,
SEC may appoint auditors.
Casual
Vacancy
Within 30 days of the vacancy
Directors Till next
AGM
SEC After 30 days of vacancy.
Vacancy of the vacancy
AGM SEC may appoint auditors.
Remuneration of Auditors:
_____________________________________________________
Fixation of remuneration of auditors depends upon the authority appointing the auditors, i.e.
• If auditors are appointed by directors, directors shall fix the remuneration.
• If auditors are appointed by COMMISSION, COMMISSION shall fix remuneration.
• In all other cases, the members (Company) shall fix the remuneration.
Note:
________
Minimum hourly rates are also recommended by The Institute of Chartered Accountants
SUMMARY:
___________________________________________________________
Appointing Authority Remuneration Fixed by
a) Directors Directors
b) Commission Commission
c) In all other case Members (Company)
Procedure for Change of Subsequent Auditors/ Removal of Auditors / Appointment of New Auditors:
__________________________________________________________
New auditors can be appointed in place of retiring auditors if the following requirements are fulfilled.
• Notice from a member is required for a resolution at the AGM.
• The member shall give notice to the company at least 14 days before the AGM that he
intends to propose the appointment of another person as auditor.
• On receipt of the notice the company shall send a copy of such notice to the:
o retiring auditor, forthwith
o Members, at least seven days before the AGM.
• In case of a listed company, notice shall be published at least in one issue of an daily newspaper having circulation in the province where the stock
exchange(s) is situate on which the shares of the company are listed.
• The retiring auditor can make representations and the company shall send a copy of
representation to a member or it may be read at AGM. Provided that the representation cannot be sent OR read at the AGM if the Registrar does not permit so on the application of the company or any other person.
• A company within 14 days after the AGM shall notify to the Registrar of the
• Appointment of new auditors with their consent letter.
• Retirement or removal of auditors. Section.
Note:
___________
New auditor accepting the appointment without communicating with the previous auditor shall be deemed to be guilty of professional misconduct. It is necessary for the new auditors to communicate with the previous auditors before accepting the appointment to ascertain that he has no objection on professional grounds, regarding the appointment
Change of Auditors - Checklist
_____________________________________________________
Actions Required Timing
Notice from a member from the date of AGM At least 14 days Send Copy of the notice to:
a) The retiring auditor forthwith
b) Members At least 7 days before
The date of AGM Publication of the fact in newspapers anytime before the AGM. That notice has been received. Representation by auditors Sent to members before AGM or read at AGM. Notification of the change to the Registrar within 14 days after the date of AGM.
Removal of Auditors
_____________________________________________________
• First auditor appointed by the directors may be removed by the members in a general
meeting.
• Another person nominated by a member shall be appointed in place of the outgoing
auditor.
• The notice of nomination of the proposed auditor should be given to the member’s at least 14 days before the general meeting and all the procedure stated above would be required to be followed in this case also.
• An auditor or auditors appointed in an annual general meeting may be removed before
conclusion of the next annual general meeting through a special resolution.
• In the above case, SECP may appoint the auditor(s) of the company.
Qualification & Disqualification of Auditors:
____________________________________________
For appointment as auditor of:
a) a Public Company or
b) a Private Company which is a subsidiary of a Public Company.
c) a Private Company having paid up capital of Certain amount.
Note:
__________
For listed companies an auditor must have a satisfactory QCR (quality control review) rating issued by ICA.
Disqualifications:
_____________________________________________________
Following persons are not qualified to become auditors of a company:
• Present directors, other officer or employees of the company or who held these offices
during the last three years.
• A partner or employee of a director, other officer or employee of the company.
• A spouse of a director.
• A person who is indebted to the company.
• A body corporate.
• A person or his spouse or minor children or in case of firm all partners of such firm who
holds any shares of an audit client or any of its associated companies. Provided that if such a person holds shares prior to his appointment as auditors, whether as an individual or a partner in a firm the fact shall be disclosed on his appointment as auditor and such person shall disinvest such shares within ninety days of such appointment.
• vii) A person disqualified for appointment as an auditor due to above reasons is disqualified from holding the office of auditor of another company which is a subsidiary or holding company of that company.
RIGHTS, DUTIES AND LIABILITIES OF AUDITOR
__________________________________________________________
Powers/Rights of an Auditor:
_______________________________________
• Right of access to books of account and vouchers
• Right to receive information and explanations.
• Right of access to books and papers of branch
• Right to receive notices of general meetings and to attend those meetings.
• Right to make representation where another person is being appointed as auditor.
Duties of an Auditor:
__________________________
• Duties of auditor are:
o To give a report to the members on the accounts, books of account, balance sheet and profit and loss account examined by him. (255(3)).
o Where any matter reported upon is answered in the negative or with a qualification the report shall include reasons for such qualification with factual position.
o To include in the report of the company such matters as directed by the Federal
Government.
o To attend those general meetings of a listed company, either himself or through authorized person, in which the balance sheet, profit and loss account and the auditors' report are to be considered.
• To make report for inclusion in prospectus. (Section 53 read with Part I of Schedule II).
• To certify receipts and payments account in the statutory report (Section 157).
• To make report on declaration of solvency in case of voluntary winding up.
• To exercise reasonable care and skill in carrying out his duties and make such inquiries as considered necessary.
Note:
_______________________
Students should know the contents of report from examination point of view.
Reading and Inspection of Auditors' Report:
_____________________________________________________
Auditor’s report shall be read in general meeting and shall be open to inspection by the members.
Signature & Date On Auditors' Report:
_______________________________________________
• The person appointed as auditor shall sign the auditors' report or other documents required under the law.
• The report should indicate the date and place.
Audit of Cost Accounts:
____________________________________
Where a company is required to maintain any records relating to its costs of production etc., it will also get these accounts audited. The auditor, in this case, shall be a Chartered Accountant or a Cost and Management Accountant.
Auditors’ Liabilities:
_____________________________________________________
The liabilities of auditors of a company can be studied under following heads:
• Civil Liabilities (arising from law suits/Liability for negligence)
• Under law of contract (initiated by the audit client)
• Under law of tort (initiated by other users of FS)
• Criminal Liabilities
o Against charges of forgery (evidence created / documents forged etc.)
o Against false statement (regarding opinion in report)
a) Civil Liabilities.
___________________________
Civil liabilities arise in the situation when there is absence of reasonable care and skill that can be expected of a person in a set of circumstances. When negligence of an auditor is being evaluated, it is in terms of what other competent auditors would have done in the same situation
Civil liabilities mean the disputes over losses caused to one party by acts of another. The civil liabilities of an auditor can be for:-
• Negligence
• Misfeasance
Duty of care under contract Law
_______________________________________
The company has a contract with the auditor and hence can sue the auditor for breach of contract if the auditor is negligent in carrying out the terms of the contract. Note that only the company can sue the auditor in contract as other people, such as banks, creditors and shareholders are not in a contractual relationship with the company.
• When carrying out their duties the auditors must exercise reasonable care and skill. This is required by the accountant’s rule of professional conduct.
• Members should carry out their professional work with due skill, care diligence and expedition and with proper regard for the technical and professional standards expected of them as members.
• The degree of skill and care expected of an auditor in a particular situation depends on the circumstances. There is no general standard of skill and care; the auditor is respected to react to the situation and circumstances he is facing
Breach of contract
___________________________
A contract breaches when failure of one or both parties in a contract to fulfill the requirements of the contract arises. An example is the failure of a CA firm to deliver a tax return on the agreed upon date. Parties who have a relationship that is established by a contract are said to have privity of contract.
Typically, CA firms and clients sign an engagement letter to formalize their agreement about the services to be provided, fee, and timing. There can be privity of contract without a written agreement, but an engagement letter defines the contract more clearly
Tort action of negligence
________________________________
Failure of auditors to meet their obligations, thereby causing injury to another party (other than audit client) A typical tort action against a CA firm is a bank’s claim that an auditor had a duty to uncover material misstatements in financial statements that had been relied on in making a loan.
Jeb Fasteners v Marks Bloom (1980)
___________________________________________________
The plaintiff acquired the share capital of the company. The audited accounts, due to the negligence of the auditors, did not show a true and fair view of the state of affairs of the company. It was accepted that at the time of the audit the defendant auditors did know of the plaintiffs but did not know that they were contemplating a take over bid.
HELD: whilst recognizing that the auditors owed a duty of care in this situation. It was decided that the auditors were not liable because the plaintiff had not suffered any loss. It was proved that the plaintiffs would have bought the share capital of the company at the agreed price whatever the accounts had said. Therefore, whether or not a duty of care existed was not directly relevant to the decision.
How to minimize the liabilities
_________________________________________
• Not being negligent
• Following the ISAs
• Agreeing the engagement letter
• Defining in report the work undertaken
• Defining the purpose for the report
• By limiting liabilities to third parties
• By defining the scope of professional competence
Liability for Negligence (under law of agency)
_____________________________________________________
Auditor being agent of the Shareholders is required to carry out his duties with reasonable care and skill. If he fails to do so, he is liable to make good any loss caused to the third party.
Major legal decision:
_____________________________________________________
1) Arthur E. Green & Company Vs Central Advance & Discount Corporation Ltd. (1920).
It was held that auditor is guilty of negligence. Auditor accepted the schedule of bad debts furnished by the client, though it was apparent that debts were not recoverable.
2) The London Oil Storage Co. Ltd. Vs Sear Hasluck & Co.
In this case, auditors were held liable for negligence. Auditors failed to verify the physical existence of cash in hand. Cash balance as per books did not agree with the physical balance, the difference was misappropriated by the cashier.
3) Irish Woolen Co. Ltd. Vs Tyson and Others.
In this case auditors were held liable for negligence. Profits were overstated by not recording purchase invoices. He was held liable for having failed to exercise reasonable care and skill.
4) Kingston Cotton Mills Co. Ltd.
In this case auditors were not held liable for negligence. It was held that it is not the duty of auditors to take stock, if they accept certificate in the absence of any suspicion, he has carried out reasonable care and skill.
5) In Mckesson V Robbins (American case).
It was held that it was duty of auditors to test check the physical stock.
Conclusion:
_____________________
Auditors should inspect securities, test check stock wherever it is practicable and where it is not he should state in his report that he has accepted a certificate. In the light of Part-A of Addendum to ISA-8, “Attendance at Physical Inventory Counting” and SAP - 3 “Verification of Inventories”, the position of auditors as held in Kingston Cotton Mills Co. Ltd. is no longer valid.
Liability for Misfeasance
____________________________________________
The term misfeasance means breach of duty. If auditor does something wrong in the performance of his duties resulting in a financial loss to the company, he is guilty of misfeasance. For example auditor’s duties are laid down in section 255 of the Companies Ordinance, 1984. If auditor does not perform his duties properly and the company suffers loss he is liable for misfeasance.
Major Case Laws
__________________
1) London and General Bank Ltd.
In this case auditors were held liable for misfeasance. The auditors failed to report that Balance Sheet was not properly drawn:-
Large sums were advanced to the customers and interest thereon was accrued, in fact neither advance nor accrued interest was receivable. No provision for bad debts was made and the company paid dividend.
2) Under section 260 of the Companies Ordinance, 1984 if the auditors fail to report to the members material misstatement of facts or give untrue picture to the members, and the default is willful, auditors shall be punishable with fine which may extend to two thousand rupees.
b) Criminal Liabilities.
_____________________________________________________
If auditor fails to comply with the requirements of Sections 157, 255 or 257, he shall be punishable with fine up to certain amount. If he knowingly makes a false report for profit to himself or to put another person to a disadvantage or loss for a material consideration, he shall also be punishable with imprisonment for a period of one year.
If charges of forgery are brought against an auditor, he may be liable to imprisonment for a term which may be extended to 2 years or fine up to Certain a
Chapter
Audit of Books of Accounts
¦Financial Statements
Books of Account to be Kept By Company:
_________________________________________________________
A company should keep proper books of account in respect of:
• Cash received and expended by the company;
• Sales and purchases of goods by the company
• All Assets and liabilities of the company; and
• In case of a company engaged in production, processing, manufacturing, or mining
activities, a production record as may be required by the SEC through a general or special order;
Other provisions
______________________
• Books of account should be preserved for ten years;
• Books of account are to be kept at the registered office of the company. If kept at any other place, the registrar should be informed;
• Books of account should give a true and fair view of the state of affairs of the company and should contain explanation of transactions.
• Directors can inspect the books of account during the business hours.
• If company fails to comply with the above provisions a director, including chief executive and chief accountant is liable to imprisonment and a fine; or
Accounting Cycle:
________________________
• Transaction
• Document
• Voucher
• Books of original entry/journal/day book
• Books of secondary entry/ledger
• Financial statement
Transaction Source Document:
______________________________________________
• Sale Invoice Issue
• Purchase Invoice Receive
• Sales return Credit Note Issued
• Purchases return Credit Note Received
• Cash received Receipt/Cash Memo Issue
• Cash paid Receipt/Cash Memo Received
• Lease/Hire Purchase Agreement
Voucher:
____________
• Receipt voucher
• Payment voucher
• Journal voucher
• Petty cash voucher
Books of Original Entry:
___________________________________
• Purchase journal
• Sale journal
• Purchase return journal
• Sales return journal
• Cash book (two/three column)
• Petty cash book
• General journal/ transfer journal
Books of Secondary Entry:
___________________________________
• Main ledger
• Subsidiary ledger
Financial Statement:
__________________________________
• Balance sheet
• Income statement
• Statement of changes in equity
• Cash flow statement
• Notes to the accounts
Recording of Transactions from Source Documents:
_________________________________________________________
To enter into a transaction we need approval from our responsible managers. When, after having approval of a manager, transaction takes place, such transaction should be evidenced by a document. Because, to record a transaction into the books of account, a bookkeeper needs an evidence of proper approval of transaction and authorization of documents, therefore, a voucher is prepared on which all of the descriptions of the transaction are written up and with which all of the evidences of approvals and authorized document are attached. Such voucher is finally authorized by accounts manager which is then recorded in the books of accounts by a bookkeeper.
To have a more clear understanding of the above paragraph, lets have a step by step example of purchasing an air conditioning plant for workshop.
1. Production manager will send a requisition to the general manager for air conditioning the workshop to improve the working environment.
2. The general manager will approve the requisition (if he gets convinced that workshop is in real need of air conditioning plant) and will send this approval to the purchase department.
3. The purchase department will call a tender and after having received several quotations the purchase department will place a purchase order to the vendor quoting lowest rate. (All of the above procedure is properly documented).
4. The vendor company (supplier) will send an invoice (purchase invoice) to the business along with the air conditioning plant. Such air conditioning plant will be inspected by the expert and finally the invoice will be approved for payment.
5. Now all of the documents along with the purchase invoice shall be send to the bookkeeping office where a voucher will be prepared and will also be approved by the concerned manager for recording this transaction in the books of accounts.
Source Documents:
________________________
Following are the few examples of source documents which are required to support different types of transactions.
Sr. No. Transaction Source Documents:
_________________________________________________________
1 Sales Invoice issued
2 Purchase Invoice received
3 Sales Return - Credit Note issued
4 Purchase Return- Credit Note received
5 Cash received - Cash Memo/receipt issued
6 Cash paid -Cash Memo/receipt received
7 Leases/Hire purchase Agreements
8 Staff Salaries - Approved Payrolls
9 Electricity, Gas, Water, Tele. Phone Metered Bills/Invoices.
Recording in the Books:
_________________________________________
Approved voucher are recorded in the books of accounts, many businesses now a days use computers for recording of transactions. However, an understanding of book of accounts is necessary whether transactions are recorded manually or electronically.
Basically, there are two types of books of accounts which are used to record the business transactions
Purchases Journal
Sales Journal Returns
Inward Journal
Returns Outward Journal
General Journal
For credit purchases
For credit sales
For sales return
For purchases return
For all other transactions
Source Documents
Invoices Issued
Credit Note Issued
Credit Note Received
Depends upon the nature of Transaction
Invoices Received
To record credit transaction
BOOKS OF ACCOUNT
____________________________________________
Books of Original Entries (Journal)
__________________________________________
Cash Book
For cash receipts & payments
Main Ledger Subsidiary Ledger
Other Ledger
Debtors Ledger
Creditors Ledger
Materials Ledger
To extract trial balance and to prepare financial statements
To keep memorandum
Books of Secondary Entries (Ledger)
_____________________________________________________-_
To record cash transaction
Cash Memos
____________________
1. Books of original entries.
2. Books of secondary entries.
These are further subdivided according to the needs of the business and/or complexity of the transaction. Just after analyzing a transaction or event for its debit and credit effects it is required to record them in a systematic way. So the books of accounts in which Debit and Credit are initially recorded in a systematic way are known as books of original entry (BOE). In accounting system of business concern books of original entries possess a very important position.
JOURNAL:
__________________________________________
It depends upon the complexity of transactions and size of the business that what books of original entries are required to record the transactions. For a very little business, having very few cash and credit transactions, a general purpose journal is sufficient to record each type of transactions. Journal is the very first book of account in which all of the business transactions and events are recorded. In this book transactions and events are recorded in a chronological (date) sequence. Both of the accounting effects (Debit & Credit) are recorded in it in a systematic way. Information recorded in the journal for a transaction or an event is known as journal entry.
Sketch of a Journal & Journal Entry
_______________________________________________
Date: 10 Ian, 2003
Particulars Post
Ref.
Debit 50,000
Credit 50,000
Salaries Account (Debit)
Cash Account (Credit)
(Staff salaries paid in cash).
From the above illustration we can understand that on 10th January 2003, business paid cash Rs.50,000 as staff salaries. It is customary that the accounting head analyzed as debit is written firstly in the particulars’ column and its amount is written in the debit column whereas the accounting head analyzed as credit is written under the debit accounting head but after indenting a little space from the left side, its amount is written in the credit column. The column of post reference cannot be very well understood without having knowledge of Ledger, any how, the column post reference shows page numbers of the Ledger in which salaries and cash accounts are posted. Words written within the parenthesis in the particulars column are known as “Narration of a transaction or event”; it is an integral part of a journal entry. Narration explains the accounting treatments to a layman.
Subdivision of Journal:
_______________________________
As discussed earlier that the journal is sub-divided based on complexity of the transactions or size of business. This happens only when there are a number of cash transactions in a day and also there are so many transactions for credit purchases and credit sales. This large numbers of transactions create a mess in bookkeeping office; therefore, separate bookkeeping clerks are given responsibilities for separate types of transactions along with separate journals. For example,
For cash transactions there is a separate cash office in which only cash transactions are analyzed and recorded in a book named as cash book.
For purchases there is a purchase journal in which only and only credit transactions for purchases are recorded. In the same way sales journal for credit transaction of sales is maintained. And if there are a large number of returns then separate journals for sales return and purchase return are also maintained.
Now that, after having separate journals for credit sales, credit purchases, sales & purchases return and cash transactions, all of the remaining transactions and events like sale and purchase of assets on credit, loss by fire etc. shall be recorded in general journal.
SALES JOURNAL:
Need for Sales Journal
_________________________________________
In case of a small business, there is very little number of transactions of credit sales. As we can have an example of a barber’s shop, a tailor, a retailer etc. they mostly sell their services or goods on cash terms. But as business expands, the sales of it also grow in terms of cash as well as in terms of credit. The cash sales are now recorded in the cash book as a receipt, and the credit sales are recorded in a separate journal named as sales journal (sales day book). In sales journal, no other transactions are recorded except the transaction for sales on credit terms.
Supporting Document:
_________________________________________
The source document supporting credit sales is sale invoice. It is made up in duplicate or triplicate (depending upon the accounting systems developed for the recording of credit sales)
Cash Memos
______________________
one of these copies is sent to the debtor (credit customer) along with the goods/services sold. A standard format of sales invoice looks like below;
Name of Vendor Co.
Address of Vendor Co.
Sale Invoice No. Date:
Name & Address of Customer
Purchase Order Ref. No.
Sr. No. Particulars/Description Quantity Rate Amount
Trade discount
Total
***
(***)
***
Settlement terms.
2/10, n/30
Purchase Order Reference No:
When a customer asks a vendor for supply of some goods, such order is evidenced through a purchase order form. Purchase order form discloses the quantity and quality of goods ordered along with its rates and discounts both trade and settlement. Each purchase order has its unique number which is put on the sales invoice for reference.
Trade Discount:
___________________________
Amount of trade discount is not required to be recorded in the books of accounts. Actually it is the discount which is agreed before entering into the transaction of sales or purchase, therefore, it is just formally show on the face of the invoice, otherwise it has no other financial effects.
Settlement Terms:
_________________________
It is also known as prompt payment terms. These terms are in fact offered to lure the customer for having more discounts by making payment for the invoice earlier. In this term, for example 2/10, n/30, the first part 2/10 contemplates that if customer pays cash within 10 days of the invoice, he will be offered a discount of 2%, the second part of it n/30 contemplates that after 10 days there will be no discount offer but the customer has to pay the amount of invoice net of trade discount within the thirty days of the date of invoice. This term sounds as two ten net thirty (2/10, n/30).
How this will sound 5/20, n/60 and what do you understand by this term?
Entering the Transaction of Credit Sales in Sale Journal:
_____________________________________________________________
In case of credit sales the business is very much interested in the name and addresses of the credit customer (Debtor), therefore, sales journal is so designed to cover following information;
Date--------------------- Date of invoice
Name of Debtor -------Mentioned in the invoice
Invoice number ------- It helps to trace the other details of invoice.
Post reference ---------
page number of subsidiary ledger (will be discussed later on)
Amount of invoice ---- Net of Trade Discount
Brain Storming
Sketch of Sales Journal:
__________________________________
Date Name of Debtor Invoice
No.
Post.
Ref.
Amount
$.
You would have noticed in the sales journal, there is only one column for amount. It might have created confusion in your mind that why we are not having two columns for amount, one for debit and other for credit, like in journal. Remember, here in sales journal all of the transactions are of same nature (credit sales) and the purpose of sales journal is just to avoid over working for recording the debits and credits of each transaction again & again. So, the role of sales journal in an accounting system is to precise all of the credit transactions of sales for a month or so and give effect of debit to debtors and credit to sales with total amount of such period.
Purchase Journal:
Need for a Purchase Journal
__________________________________________________
After knowing the need of sales journal (as discussed in previous section) it will be very easy to understand that for a large business having frequent transactions of credit purchases it is necessary to maintain a separate book for recording the transactions of purchases on credit terms. This book is named as purchase day book. Obviously like a sales journal no cash transactions relating to purchase shall be recorded in this book.
Supporting Document:
_________________________________________
The supporting document for transactions of credit purchases is purchase invoice. Purchase invoice is in fact the copy of sales invoice in the hands of customer. It is issued to the purchaser by the seller/vendor/supplier. So from the stand point of a purchasing business, the business after having received the invoice will put an internal number on it and will file it as evidence of the transaction and also for the purpose to remember that amount of this invoice is still outstanding for payment according to the settlement terms as discussed in section.
Entering the Transaction of Credit Purchases in Purchase Journal:
_________________________________________
The basic contents of a purchase journal are exactly the same as discussed in the case of a sales journal with the exception of one thing that now in the second column there is the name of Creditors instead of Debtors. Obviously, we remember the person from whom goods are purchased on credit is creditor of the business.
Sketch of Purchase Journal:
_________________________________________
Date Name of creditor Inv.
No.
Post.
Ref.
Amount
$
A purchase journal is a list of all credit purchases in a stipulated time period. All of the credit purchases recorded in a purchased journal during a period is totaled and then for such total amount debit effect is given to the purchases account and credit effect is given to the creditors account. You noticed here that the rules of debit and credit remain same all the time.
The Rules of Debit-Credit:
______________________________________________________
There are three Golden Rules for Debit & Credit, whole accounting is depend on these three rules :-
1. Debit what comes in & Credit what goes out.
2. Debit the receiver & Credit the giver.
3. Debit all loss/expenses & Credit all gains/profits.
See the following example:
Source Documents
( Invoices, Checks, etc.)
Journals -Transactions first recorded using Debits and Credits
General Ledger -Summarized transactions posted to the General Ledger Accounts using Debits and Credits
Abbreviated Accounting Equation Property = Property Rights
Expanded Accounting Equation Assets = Liabilities + Owner's Equity
Balance Sheet Accounts
Permanent Accounts
Types Of Accounts Asset Accounts = Liability Accounts + Capital Accounts (Mom)
Increase/Decrease Columns Increase Decrease Decrease Increase Decrease Increase
Account -Left / Right Side Columns Left Side Right Side Left Side Right Side Left Side Right Side
Debit / Credit Columns Debit Credit Debit Credit Debit Credit
Owner's Equity Equation that illustrates the effect of closing the temporary accounts -revenue-expenses-draws to the permanent Equity Accounts. Owner's Equity = Beginning Capital + Profit or - Loss - Owners Draws + Owner's Investments
Income Statement Accounts
Accounts Closed To Capital Account at End Of Period Temporary (Nominal) Accounts
"Mom" Equity's "Kids" - Revenue - Expense - Draws Expenses
Draws Revenue
Effect On "Mom" Equity (Capital) Decreases Increases
Revenue , Expense, and Draw Account "Rules"
These accounts are often referred to as temporary or nominal accounts because at the end of a year (period) they are closed and their balances are transferred to a permanent Equity (Capital) Account (Balance Sheet Account).
Debit / Credit Columns Increase Decrease Decrease Increase
Left Side Right Side Left Side Right Side
Debit Credit Debit Credit
Profit / Loss Equation Profit / Loss = Revenue - Costs and Expenses
Note: Yellow highlighted items in my cheat sheet represent the Normal Type Of Balance For an Account - Debit or Credit
The purpose of the table above is to serve as an aid for those needing help in determining how to record the debits and credits for a transaction.
The table begins by illustrating that source documents such as sales invoices and checks are analyzed and then recorded in Journals using debits and credits. These Journals are then summarized and the debit and credit balances are posted (transferred) to the General Ledger Accounts and the amounts are posted to the left side of the general ledger accounts for debit balances and to the right side of the general ledger accounts for credit balances. The General Ledger Accounts are made up of Balance Sheet and Income Statement Accounts.
At the end of a year (period), the revenue and expenses accounts (Ma's Kids) are set to zero and their balances are transferred to a permanent equity account in the Balance Sheet such as Owner's Capital (Mom) or Retained Earnings. This process is what is known as Closing The Books. Since the balances of these accounts are set to zero (closed out) at the end of a period, these accounts are sometimes referred to as temporary or nominal accounts. After closing the books for a year, the only accounts that have a balance are the Balance Sheet Accounts. That's why the Balance Sheet Accounts are also referred to as Permanent Accounts.
Of course the table is based on the Accounting Equation ( Assets = Liabilities + Owner's Equity ) which must be kept in balance and double-entry accounting, where for every debit to an account there must be an equal credit to another account.
Account Definition:
____________________________
An Account is a separate record for each type of asset, liability, equity, revenue, and expense used to show the beginning balance and to record the increases and decreases for a period and the resulting ending balance at the end of a period.
You should be aware that all Accounts:
• Can Be Debited and Credited
• Have an Increase Side and a Decrease Side
• Have a Debit Side and a Credit Side
Debit Side is the Left Side (Left Column)
Credit Side is the Right Side (Right Column)
• Have a Normal Balance Amount that is normally a Debit Balance or a Credit Balance
• Have a Type and are classified as an Asset, Liability, Equity, Revenue, Expense, or Draw
• Are Either a Balance Sheet or Income Statement Account
Major Types of Accounts:
____________________________________
Assets:
__________
• Formal Definition: The properties used in the operation or investment activities of a business.
• Informal Definition: All the good stuff a business has (anything with value) - The goodies.
• Additional Explanation: The good stuff includes tangible and intangible stuff. Tangible stuff you can physical see and touch such as vehicles, equipment and buildings. Intangible stuff is like pieces of paper (sales invoices) representing loans to your customers where they promise to pay you later for your services or product. Examples of assets that many individuals have are cars, houses, boats, furniture, TV's, and appliances. Some examples of business type assets are cash, accounts receivable, notes receivable, inventory, land, and equipment.
Liabilities:
_____________
Formal Definition: Claims by creditors to the property (assets) of a business until they are paid.
Informal Definition: Other's claims to the business's good stuff. Amounts the business owes to others.
Additional Explanation: Usually one of a business's biggest liabilities (hopefully they are not past due) is to suppliers where a business has bought goods and services and charged them. This is similar to us going out and buying a TV and charging it on our credit card. Our credit card bill is a liability. Another good personal example is a home mortgage. Very few people actually own their own home. The bank has a claim against the home which is called a mortgage. This mortgage is another example of a personal liability. Some examples of business liabilities are accounts payable, notes payable, and mortgages payable.
Owner's Equity also called Owner's Capital:
___________________________________________________________
Comment: Both terms may be used interchangeably. In my tutorial lessons, I may refer to both terms or just use one or the other.
Formal Definition: The owner's rights to the property (assets) of the business; also called proprietorship and net worth.
Informal Definition: What the business owes the owner. The good stuff left for the owner assuming all liabilities (amounts owed) have been paid.
Additional Explanation: Owner's Equity (Capital) represents the owner's claim to the good stuff (assets). Most people are familiar with the term equity because it is so often used with lenders wanting to loan individuals money based on their home equity. Home equity can be thought of as the amount of money an owner would receive if he/she sold their house and paid off any mortgage (loan) on the property.
Revenue (Income), Expenses, Investment, and Draws
_____________________________________________________________
Revenues, expenses, investment, and draws are sub categories of owner's equity (capital). Think of owner's equity as a mom named Capital with four children to keep up with (I know she's only got one clinging to her leg but she left Expense, Investment, and Draws at home). The kids are named Revenue, Expense, Investment, and Draws and each kid has one job that they are responsible for in order to earn their allowance. Kid Revenue is responsible for keeping track of increases in owner's equity (Ma Capital) and Kid Expense is responsible for keeping track of decreases in owner's equity (Ma Capital) resulting from business operations. Kid Draws has the job of keeping up with decreases in owner's equity (Ma Capital) resulting from owner withdrawals for living expenses and other personal expenses. Kid Investment has the job of keeping up with increases in owner's equity (Ma Capital) resulting from additional amounts invested in the business.
Revenue also called Income:
____________________________________
Formal Definition: The gross increase in owner's equity (capital) resulting from the operations and other activities of the business.
Informal Definition: Amounts a business earns by selling services and products. Amounts billed to customers for services and/or products.
Additional Explanation: Individuals can best relate by thinking of revenue as their earnings/wages they receive from their job. Most business revenue results from selling their products and/or services.
Expense also called Cost:
____________________________________
• Formal Definition: Decrease in owner's equity (capital) resulting from the cost of goods, fixed assets, and services and supplies consumed in the operations of a business.
• Informal Definition: The costs of doing business. The stuff we used and had to pay for or charge to run our business.
• Additional Explanation: Some examples of personal expenses that most individuals are familiar with are utilities, phone, clothing, food, gasoline, and repairs. Some examples of business expenses are office supplies, salaries & wages, advertising, building rental, and utilities.
Owner's Investments:
____________________________________
Formal Definition: Increase in owner's equity (capital) resulting from additional investments of cash and/or other property made by the owner.
Informal definition: Additional amounts, either cash or other property, that the owner puts in his business.
Additional Explanation:Although these amounts can be kept up with as a separate item, they are usually recorded directly in the Owner's Capital Account. In other words, immediately put into Ma Equity's purse.
Owner's Drawing:
_________________________
Formal Definition: Decrease in owner's equity (capital) resulting from withdrawals made by the owner. Informal definition: Amounts the owner withdraws from his business for living and personal expenses.
Additional Explanation:The owner of a sole proprietorship does not normally receive a "formal" pay check from the business, but just like most of the rest of us needs money to pay for his house, car, utilities, and groceries. An owner's draw is used in order for the owner to receive money or other "goodies" from his business to take care of his personal bills.
Definitions of Debits and Credits:
____________________________________________________
Debit :
________
• An entry in the financial books of a firm that increases an asset or an expense or an entry that decreases a liability, owner's equity (capital) or income.
• Also, an entry entered on the left side (column) of a journal or general ledger account.
• Let's combine the two above definitions into one complete definition.
An entry (amount) entered on the left side (column) of a journal or general ledger account that increases an asset, draw or an expense or an entry that decreases a liability, owner's equity (capital) or revenue.
Credit:
__________
• An entry in the financial books of a firm that increases a liability, owner's equity (capital) or revenue, or an entry that decreases an asset or an expense.
• Also, an entry entered on the right side (column) of a journal or general ledger account.
• Let's combine the two above definitions into one complete definition.
An entry (amount) entered on the right side (column) of a journal or general ledger account that increases a liability, owner's equity (capital) or revenue, or an entry that decreases an asset, draw, or an expense.
The term debit refers to the left side of an account and credit refers to the right side of an account. A debit is always entered in the left hand column of a Journal or Ledger Account and a credit is always entered in the right hand column. Debit is abbreviated Dr. and Credit is abbreviated Cr.
When you post (record) an entry in the left hand column of an account you are debiting that account. Whether the debit is an increase or decrease depends on the type of account. Likewise, when you post (record) an entry in the right hand column of an account you are crediting that account. Whether the credit is an increase or decrease depends on the type of account.
How To Use and Apply The Debit and Credit Rules:
_____________________________________________________________
(1) Determine the types of accounts the transactions affect-asset, liability, revenue, expense or draw account.
(2) Determine if the transaction increases or decreases the account's balance.
(3) Apply the debit and credit rules based on the type of account and whether the balance of the account will increase or decrease.
Simple Debit / Credit Rule:
____________________________________
• All Accounts that Normally Have a Debit Balance are Increased with a Debit by placing the amount in the Left Column of the account and Decreased with a Credit by placing the amount in the Right Column of the account.
o Assets
o Draws
o Expenses
• All Accounts that Normally have a Credit Balance are Increased with a Credit by placing the amount in the Right Column of the account and Decreased with a Debit by placing the amount in the Left Column of the account.
o Liabilities
o Owner's Equity ( Capital )
o Revenue
All You Need To Know About Debits and Credits
Summarized In One Sentence:
Enter an amount in the Normal Balance Side of an Account to Increase the Balance of an Account and in the Opposite Side of an Account to Decrease the Balance of an Account.
Additional Clarification:
____________________________________
Since Assets, Draw, and Expense Accounts normally have a Debit Balance, in order to Increase the Balance of an Asset, Draw, or Expense Account enter the amount in the Debit or Left Side Column and in order to Decrease the Balance enter the amount in the Credit or Right Side Column.
Likewise, since Liabilities, Owner's Equity (Capital), and Revenue Accounts normally have a Credit Balance in order to Increase the Balance of a Liability, Owner's Equity, or Revenue Account the amount would be entered in the Credit or Right Side Column and the amount would be entered in the Debit or Left Side column to Decrease the Account's Balance.
The Debit and Credit Rules Presented as A Table
_____________________________________________________________
Account Type Normal Balance Increase To Account Balance Decrease To Account Balance Account Example
Property Accounts
Asset Debit Debit - Left Column Of Account Credit - Right Column Of Account Cash, Accounts Receivable
Property Rights Accounts
Liability Credit Credit - Right Column Of Account Debit - Left Column Of Account Accounts Payable
Owner's Equity Credit Credit - Right Column Of Account Debit - Left Column Of Account Owner's Capital
Revenue Credit Credit - Right Column Of Account Debit - Left Column Of Account Sales
Costs and Expenses Debit Debit - Left Column Of Account Credit - Right Column Of Account Rent, Utilities, Advertising
Owner Draws Debit Debit - Left Column Of Account Credit - Right Column Of Account Owner Draws
Typical Types Of Business Transactions and the Debits and Credits and Accounts Used To Record Them:
____________________________________________________________
In a typical business transaction we get something and we give up something.
Sale-Sell goods and/or services:
______________________________________________
• Cash Sale-customer pays at the time of sale
The business gets cash or a check from their customer and gives up a product or service to their customer.
Accounts Used:
Debit: Cash
Credit: Sales
• On Account Sale-business allows the customer time to pay
The business gets a promise to pay from their customer and gives up a product or service to their customer.
Accounts Used:
Debit: Accounts Receivable
Credit: Sales
Purchase goods and/or services:
_____________________________________________________
• Cash Purchase-business pays the supplier at the time of purchase
The business gets a product or service from their supplier and gives up cash or a check to their supplier.
Accounts Used:
Debit: Expense or Inventory Account
Credit: Cash
• On Account Purchase-supplier allows the business time to pay
The business gets a product or service from a supplier and gives up a promise to pay to their supplier.
Accounts Used:
Debit: Expense or Inventory Account
Credit: Accounts Payable
• Pay Supplier Charge Purchases -pay suppliers for products and/or services that we promised to pay for later (charge).
The business gets the amount of their promise to pay the supplier reduced and gives up cash or a check.
Accounts Used:
Debit: Accounts Payable
Credit: Cash
• Receive Customer Charge Payments -receive payments from a customer that promised to pay us later (charge sale).
The business gets cash or a check from their customer and gives up (reduces the amount of) their customer's promise to pay.
Accounts Used:
Debit: Cash
Credit: Accounts Receivable
• Borrow Money (Loans) The business gets cash or equipment and gives up a promise to pay.
Accounts Used:
Debit: Cash or Equipment
Credit: Note Payable
• Repay a Loan
The business gets the amount of their promise to pay reduced and gives up cash or a check.
Accounts Used:
Debit: Note Payable
Credit: Cash
• Draw
The business gets the owner's claim to the business assets reduced and gives up cash or a check.
Accounts Used:
Debit: Owner's Draw
Credit: Cash
• Payroll (not covered in this tutorial)
The business gets services from their employees and gives up a check.
Accounts Used:
Debit: Salary & Wages Expense
Credit: Cash
Sales Return Journal: (Returns Inward Journal)
___________________________________________________________
Need for Sales Return Journal:
As the business expands the number of complaints and returns inwards also increases. Such return inwards can be recorded in the sales journal as a negative entry if these are very little in number. But because of its reverse nature it is recommended to maintain a separate journal to record sales return. Here one very important concept should be remembered that in sales return journal only the returns against credit sales (from Debtors) are recorded. Normally, it doesn’t happen that return of goods sold against cash are accepted by a business because certainly against such return the business would have to make refund of money already received. That’s why in coming practice you will not find any such transaction. But obviously if you have any example of such transaction in your business, it will be recorded in cash book as a payment.
Supporting document:
____________________________________
When a business receives back its sold goods it issues a “credit note” to the debtor returning goods, which evidences that we have received the returned goods and accept that money for such sales will not be received in future. A “credit note” issued is an evidence of reduction in sales income and also in the amount of debtors. It is also said that a “credit note” is a reversal document of an “invoice” which cancels the effect of it. Like an “invoice”, a credit note is also given a number and also possesses a reference of sales invoice against which such return were made. Rest of the contents of credit note are commonly understood, such as:
• Name & Address of the business (Seller)
• Name & Address of the customer
• Date
• Particulars
• Quantity
• Rate
• Amount
Sketch of Credit Note:
____________________________________
Name of Vendor Co.
Address of Vendor Co.
Credit Note No: Date:
Customer’s Name
Customer’s Address
Ref. Invoice No Account No:
Item No. Description Quantity Rate Trade
Discount
Net Amount
Total
Purchase return journal: (Returns outward journal)
Need for a Purchase Return Journal?
_____________________________________________________________
Purchase return journal has the same story as we just have discussed in previous unit. The only thing to remember is that it is also known as return outward journal/daybook. Obviously these transactions (for purchase returns) could also be recorded in the purchase journal as negative entry but same as for sales return journal it is required to have a separate journal for purchase returns because of its reverse nature to the purchases. The total of purchase return journal will cause a reduction in the purchases expenses and also a reduction in the amount of creditors.
Supporting document:
____________________________________
Although purchase returns are evidenced by a copy of credit note received from the seller, which is treated as a reversal document against purchase invoice. But here we shall also discuss the need of a “Debit Note”. A “debit note” is in fact a request, put to the seller by the purchaser business, for issuance of a credit note. A copy of debit note is sent to the seller along with the rejected goods, in which all of the particulars of goods rejected and returned along with the reference of relevant invoice number are entered. Remember, a business cannot record purchases returns considering a debit note as a supporting document because the effects of purchase invoice are not considered cancelled unless acceptance of rejected goods is received from the seller in shape of a copy of credit note.
Entering Transactions in Purchases Return Journal:
___________________________________________________
you will find nothing new in this section except the treatment of total of purchase return journal which is debited to the creditors account and credited to the purchases return account.
Sketch of a Purchase Return Journal:
________________________________________________
Date Creditor Name Credit
Note No.
Post.
Ref.
Amount
Cash Book:
Cash book is a book of original entries in which all of the cash transactions are recorded very firstly. If we refer to the figure 3.1, we can notice that the (books of original entry) journal is subdivided for two types of transactions i.e. credit transactions and cash transactions. As discussed in previous units, all credit transactions are recorded in different journals. The cash transaction of a concern needs a separate book named as cash book.
A cash book is divided into two sections, one for cash receipts and the other for cash payments. Each of the section is formatted for date, particulars, post reference and amount. See below for its proper sketch;
Cash book
____________________
Date Particulars Post
Ref.
Amount Date Particulars Post
Ref.
Amount
Left hand side of a cash book is known as receipt side and right hand side is known as payment side. In a way, we can say that within a cash book, we prepare two cash journals, one, cash receipt journal and second, cash payment journal.
Supporting Documents: For Cash Receipts
_____________________________________________________________
All cash receipts are evidenced by a copy of cash memo/receipts retained by the business. These cash memos/receipt are already serially pre-numbered and for each receipt of cash, the cash office issues an original copy of the cash memo/receipt to the person making payment and retains a carbon copy or counterfoil of it within the office which are used to record receipts of cash in the cash book.
For Cash Payments
____________________________________
All cash payments are evidenced by an original copy of cash memo/receipts issued by the recipient business. These are attached with a cash voucher as evidence that cash was paid to recipient who issued this cash memo/receipt.
1. Books of Account to be kept by Company:
__________________________________________________________
1.1 A company should keep proper books of account in respect of:
__________________________________________________________
a) Cash received and expended by the company;
b) Sales and purchases of goods by the company;
c) All Assets and liabilities of the company; and
d) In case of a company engaged in production, processing, manufacturing, or mining activities, a
production record as may be required by the Commission through a general or special order;
1.2 Books of account should be preserved for ten years;
1.3 Books of account are to be kept at the registered office of the company. If kept at any other place,
the registrar should be informed;
1.4 Books of account should give a true and fair view of the state of affairs of the company and should contain explanation of transactions.
1.5 Directors can inspect the books of account during the business hours.
1.6 If company fails to comply with the above provisions a director, including chief executive and chief
accountant:
(a) of listed company is liable to imprisonment for one year and a fine of not less than Rs. 20,000
not more than Rs. 50,000, and a further fine of Rs. 5000 per day during which the default
continues; or
(b) of other companies is liable to imprisonment for six months and with a fine, which may extend
to Rs. 10,000
2. Annual Accounts and Balance Sheet:
________________________________________________
2.1 First annual accounts of a company must be presented before the AGM within eighteen months from the date of incorporation.
2.2 A subsequent annual accounts should be presented once at least in every calendar year before an AGM. In other words, the accounts should be presented in the AGM within three months of the date of balance sheet. However, in the case of a listed company the Commission and in other cases the registrar can extend this period for a term not exceeding two months.
2.3 The accounts should be made up, in the case of first accounts, from the date of incorporation, and
in the case of subsequent accounts, from the date of the preceding accounts to a date not earlier than the date of the meeting by more than four months.
2.4 The accounts shall be prepared for a period not exceeding 12 months, except in case where permission is granted by the registrar for preparation of accounts for a longer period.
2.5 Profit and Loss account and Balance Sheet shall be audited by the auditor and auditor’s report should be attached thereto.
2.6 Copy of accounts, auditor’s report and directors’ report should be sent to every member at least twenty-one days before the Annual General Meeting (AGM).
2.7 Listed companies are required to send five copies of their audited accounts to the registrar, the Commission and the stock exchange within 30 days.
3. Contents of Balance Sheet:
_______________________________________________
3.1 General:
______________________
a) Balance Sheet and Profit & Loss Account should give a true and fair view of the state of the
company’s affairs and of the profit or loss of the company.
b) An item of expenditure fairly chargeable to income shall be brought into account.
c) Any expenditure which in fairness can be distributed over several years but is incurred in one year should be so distributed and reasons for doing so should be given.
3.2 For Listed Companies and Private or Non Listed Public Companies Which is a Subsidiary of a Listed Company:
___________________________________________________________
a) Balance Sheet and profit and loss account should be prepared in accordance with Fourth
Schedule;
b) A statement of changes in equity and cash flow statement.
c) Accounting policies should be stated and, where there is any change in accounting polices
the auditor shall report whether he agrees with the change.
d) International Financial Reporting Standards as adopted by SECP should be followed in
preparation of accounts.
3.3 For Other Companies:
____________________________________
a) Balance Sheet and profit and loss account shall be prepared in accordance with the Fifth Schedule;
b) A statement of changes in equity and cash flow statement.
c) Accounting policies should be stated and, where there is any change in accounting polices the auditor shall report whether he agrees with the change.
d) International Financial Reporting Standards as adopted by SECP should be followed in preparation of accounts.
Limited Liability Company
Balance Sheet
As on December 31, 2006
_________________________________________
Assets
________________
Non Current Assets
Fixed Assets
Tangible Assets ***
Intangible Assets *** ***
Long Term Investments ***
Long Term Advances, Deposits & Prepayments ***
Deferred Cost ***
Current Assets ***
Current Liabilities (***) ***
Capital Employed
***
Financed By
______________________
Owners’ Equity
Ordinary Share Capital ***
Reserves
Capital Reserves ***
Revenue Reserves *** *** ***
Non Current Liabilities
Loan Stocks/Term Finance Certificates ***
Loan from financial institutions ***
Finance lease liability *** ***
***
Chief Executive Director
Limited Liability Company
Income Statement
For the Year ended December 31, 2006
__________________________________________________________
Sales ***
Cost of goods sold (***)
Gross profit ***
Operating expenses
Administrative expense ***
Selling & Marketing expenses *** ***
Profit from operations ***
Other income ***
Financial expenses ***
Profit before tax ***
Income tax expense ***
Profit after tax ***
Limited Liability Company
Statement of changes in equity
For the year ended December 31, 2006
__________________________________________________________
Retained profits b/f ***
Profit after tax ***
Dividend paid ***
Transfer to reserves *** (***)
Retained profits c/f
***
Chief Executive Director
4. Treatment of Surplus Arising on Revaluation of Fixed Assets:
_____________________________________________________________
4.1
Any surplus on revaluation of fixed assets should be transferred to an account named “Surplus on revaluation of fixed assets account”.
4.2
This account should be shown in the balance sheet after capital and reserves;
4.3
Surplus on revaluation shall not be set off or reduced except:
a) For setting of any decrease in revaluation of asset; or
b) When revalued asset is disposed of, surplus relating to it can be adjusted or set off.
4.4
Depreciation on assets which are revalued shall be determined with reference to the value assigned to such assets on revaluation and depreciation charge for the period shall be taken to the Profit and Loss Account;
4.5
An amount equal to incremental depreciation for the period shall be transferred from “Surplus on Revaluation of Fixed Assets Account” to un-appropriated profit / accumulated loss through
Statement of Changes in Equity to record realization of surplus to the extent of the incremental depreciation charge for the period;
4.6
An amount equal to incremental depreciation charged in previous years may be transferred from
“Surplus on Revaluation of Fixed Assets Account” to un-appropriated profit / accumulated loss
through Statement of Changes Equity.
5. Director’s Report:
____________________________________
5.1
Director’s report shall be attached to the Balance Sheet.
5.2
It shall state business affairs, proposed dividend, if any, amounts set aside to reserve, if any.
5.3
In the case of a public company or a private company which is a subsidiary of a public company
director’s report shall also include:-
a) Disclosure of any material changes and commitments affecting the financial position which
have occurred between the year end and the date of report;
b) Disclosure of any material changes in the nature of business etc., which have occurred during the year, if the disclosure is necessary for understanding the state of the company’s
affairs.
c) Explanation to any qualification in auditor’s report.
d) Pattern of holding of shares (percentage of shares held by the parties).
e) Name and country of incorporation of holding company if any, where such holding company is established outside Pakistan.
f) The earning per share.
g) Reasons for incurring loss and reasonable indication of future prospects of profit, if any.
h) Information about defaults in payment of debts, if any, and reasons thereof.
5.4
The directors of a holding company required to prepare consolidated financial statements under section 237 shall make out and attach to consolidated financial statements, a report with respect to the state of group’s affairs and all provisions of subsection (2), (3) and (4) shall apply to such report.
5.5
Director’s Report shall be signed by the chairman or the chief executive, if so authorized by the
directors; otherwise by the chief executive and a director.
6. Balance Sheet of Holding Companies:
_______________________________________________________
6.1 Consolidated Financial Statements
______________________________________________
(1) There shall be attached to the financial statements of a holding company having a
subsidiary or subsidiaries, at the end of the financial year at which the holding company's
financial statements are made out, consolidated financial statements of the group presented
as those of a single enterprise and such consolidated financial statements shall comply with
the disclosure requirement of the Fourth Schedule and International Accounting Standards
notified under sub-section (3) of section 234.
(2) Where the financial year of a subsidiary precedes the day on which the holding company's
financial year ends by more than three months, such subsidiary shall make an interim
closing on the day on which the holding company's financial year ends, and prepare
financial statements for consolidation purposes.
(3) Every auditor of a holding company appointed under section 252 shall also report on
consolidated financial statements and exercise all such powers and duties as are vested in
him under section 255.
(4) All interim financial statements of a subsidiary as required under sub-section (3) shall be
reviewed by the auditors of that subsidiary appointed under section 252 who shall report
on such financial statements in the prescribed form.
(5) There shall be disclosed in the consolidated financial statements,
(a) any qualifications contained in the auditors' reports on the accounts of subsidiary or
subsidiaries for the financial year ending with or during the financial year of the
holding company; and
(b) any material note or explanation on a qualification, regarding to but not covered in the
financials statements of a parent company.
(6) Every consolidated financial statement shall be signed by the same persons by whom the
individual balance sheet and the profit and loss account or income and expenditure
account of the holding company are required to be signed.
(7) All provisions of sections 233, 242, 243, 244 and 245 shall apply to a holding company
required to prepare consolidated financial statements under this section as if for the word
"company" appearing in these section, the words "holding company" were substituted.
(8) The Commission may, on an application or with the consent of the directors of a holding
company, direct that in relation to any subsidiary, the provisions of this section shall not
apply to such extent only as may be specified in the direction.
(9) If a holding company fails to comply with any requirement of this section, every officer of
the holding company shall be punishable with fine which may extend to fifty thousand
rupees in respect of each offense unless he shows that he took all reasonable steps for
securing compliance by the holding company of such requirements and that the noncompliance or default on his part was not willful and intentional".
6.2
The directors shall ensure that year-end of the holding and its subsidiary companies shall coincide except where there are good reasons against it. The SECP shall facilitate the companies in this regard by allowing them to prepare accounts of extended period, hold AGM accordingly and file annual return after the holding of extended AGM. [Section 238]
7. Balance Sheet of Modaraba Company:
__________________________________________________
Modaraba companies are required to attach financial statements and other reports circulated to
Modaraba certificate holders with their financial statements.
8. Authentication of Balance Sheet:
____________________________________________
8.1 Accounts should be approved by the Board of Directors.
8.2 Balance Sheet shall be signed by the chief executive and one director. If chief executive is out of Pakistan for the time being then it shall be signed by two directors and a statement shall be given by the directors explaining reasons thereof.
9. Copy of Balance Sheet to be forwarded to the Registrar:
___________________________________________________
9.1 Three copies of listed company’s audited accounts and the auditor’s report duly signed by the
management and auditors should be filed with the registrar within thirty days from the AGM.
9.2 In other cases two copies are required.
9.3 Private Companies are not required to file their accounts with the registrar.
10. Right of Members/Debenture-Holders of Company to Copy of the Accounts and the Auditor’s Report:
_____________________________________________________________
Members have the right to get copy of annual accounts etc. of company on payment. The same
rights are available to debenture-holders or trustees for debenture-holders.
11. Quarterly Accounts of Listed Companies:
____________________________________________________________
All listed companies shall within one month of the close of every quarter of their year of account, prepare and transmit to the members and the stock exchange(s) on which their shares are listed, a profit and loss account for, and balance sheet as at the end of that quarter, whether audited or otherwise. They shall file with the registrar and the Commission three copies thereof. Quarterly accounts shall be circulated for the 1st, 2nd and 3rd quarter within one month of the close of that quarter.
Approval of the board of directors will be mandatory for circulation of the quarterly accounts.
If a company fails to comply with any of the requirements of this section, every director including chief executive and chief accountant of the company who has knowingly by his act or omission been the cause of such default shall be liable to a fine of not exceeding AN AMOUNT and to a further fine of not exceeding one thousand rupees per day during which default continues.
12. Additional Statement of Accounts and Reports:
_____________________________________________________________
12.1
The SECP may by general or special order, require companies, or a class of companies or any
particular company, to prepare and send to the members, the registrar, the SECP, a stock exchange and any other person such periodical statements of accounts, information or other reports in such form and manner and within such time, as may be specified in the order.
12.2
The Securities and Exchange Commission of Pakistan vide circular No. 23/2005, has directed to all listed companies and their subsidiaries to provide: -
a) Other Information contained in their annual report, as such term is defined in International Standard on Auditing 720 (Other Information in the Documents Containing Audited Financial Statements), to their external auditor (s); and
b) b) Sufficient time to their external auditor (s) to review and comment upon any “material
inconsistencies” found in such Other Information where the other information may contradict the information contained in the audited financial statements. Listed companies and their subsidiaries are required to comply with this directive from the period commencing 1st January 2006.
Auditor’s interest in the statutory books:
____________________________________________________________
The auditor is interested in the statutory books because:
– They are directly concerned with the Accounts
– They are audit evidence to be used in verifying detailed items in the accounts; for example the total share capital shown by the sum of the individual share holdings in the register of members must agree with the share capital recorded in the books of accounts
– Failure to maintain proper records of any sort casts doubt upon the accuracy and reliability of the records generally.
OBJECTIVE AND GENERAL PRINCIPLES GOVERNING
AN AUDIT OF FINANCIAL STATEMENTS
__________________________________________________________
Financial auditing is an accounting process used in business. It uses an independent body to examine a business' financial transactions and statements. The ultimate purpose of financial auditing is to present an accurate account of a company's financial business transactions. The practice is used to make sure that the company is trading financially fairly, and also that the accounts they are presenting to the public or shareholders are accurate and justified.
The results of the financial auditing procedure can be presented to shareholders, banks and anyone else with an interest in the company. One of the main reasons for a financial audit is to ensure that the trading company is not practicing any deception. This is the reason that the financial auditing body is an independent third party.
Public records show that financial auditing has been in existence since 1314. However, before the 1930s, no corporations or businesses were legally required to hold audits. In 1934, the United States Securities Exchange Act made it a legal requirement for all public trading companies to be financially audited. The Securities and Exchange Commission (SEC) set up a department to deal specifically with this requirement. The SEC usually complies with the accounting industry as to its standards.
The financial auditing process usually takes places once a year, most commonly at the end of the financial year. All financial aspects of the company are inspected, and a follow-up audit may also be undertaken after the year end in order to compare results. The financial auditing company has the difficult task of maintaining objectivity while being paid by the company they are auditing.
Financial auditing is usually a thorough process, but in some cases, failures occur. The recent Enron scandal was a case in point, in which a company hid important facts and figures from both stakeholders and the banks. Enron filed for bankruptcy, and one of the largest accounting firms in the world, Arthur Andersen, lost the right to audit.
Major incidents such as the Enron scandal have forced tighter and stricter regulations in the financial auditing process. Many innocent people lost thousands of dollars and life savings because unscrupulous companies such as Enron and WorldCom hid their financial details. Sadly, many of these stricter auditing regulations have come too late for the people who lost large amounts of money due to these companies.
Cooking the books is the act of falsifying financial information about a company. This can be done to avoid paying taxes or to keep investors happy and stock prices rising, or alternately companies may cook the books in order to draw new investors or to obtain loans. The term arises from an alternate meaning of the verb to cook which is no longer in much use in the English language. It could be roughly translated as to deceive or to mislead, or to serve false information. The term creative accounting may be used as a synonym for cooking the books.
There are two directions under which a company might practice this illegal activity. One is to show losses that don’t really exist in order to take advantage of tax breaks. The practice deliberately shows less profit or direct losses that are not an accurate representation of the true state of the company’s financial affairs. This is done to either qualify for tax breaks or to evade a larger share of taxes.
More commonly, though, companies don’t want to post losses. They want to show high revenues and profits so that investors remain committed to their company. When such is the case, they may practice cooking the books by purposefully altering financial accounts to show the company is performing much better than it really is. There are a number of ways in which companies can practice cooking the books to keep investor confidence high.
Up until 2002, there were certain methods allowed that would help companies practice cooking the books without doing anything illegal. One method was the use of off-balance sheet accounting. Companies could use money in certain ways that would not have to be noted on financial statements. In some cases debts could be off-balance or not listed on financial statements by creating what are called special purpose entities (SPEs), actually new companies formed by the parent company.
SPEs allowed parent companies to not record some of the debt they owed as a company, since that debt belonged to the “new company.” In this way, debt contracted for the SPE could be off-balance, and not noted on the parent company’s financial records. Alternately, the parent company could funnel a part of its debt to the SPE to make its profits to debt ratio appear larger than it actually was. This was previously legal, but is now prohibited with the 2002 passage of the US Sarbanes-Oxley Act, which calls for greater transparency in financial reporting.
Other methods of cooking the books involve the simple but illegal act of changing profits/losses statements by bold-faced lying about true figures, claiming they are better or worse than they are. Other incidences include counting money intended for retirement pay as part of assets to offset large debts, counting inventory that has already been sold but not sent as part of assets, or recording extra expenses (and actually making them) to raise customer confidence, even when the company can ill afford these extra expenses.
Many of these “creative accounting” methods are now illegal since 2002, and some have been illegal for much longer. They are all practiced methods of deceit, intended to create a financial portrait of a company that is false. Yet, there are many large companies that have made cooking the books part of their financial practice. They do get caught in many cases, and if the practice is longstanding, they can’t simply claim clerical errors. Though it might be tempting to try creative accounting, in the end it is usually illegal, punishable by law, and unfair to those who might invest in a company or to the government because it expects and depends upon companies to pay their fair share in taxes based on a company’s profits.
Objective of an Audit:
__________________________________________________________
Objective of an audit of financial statements is to enable an auditor to express an opinion whether the financial statements are prepared, in all material respects, in accordance with an identified financial reporting framework (e.g. International or Local Accounting Standards). The terms used to express the opinion are “give a true and fair view” or “present fairly in all material respects”.
Benefit of opinion
_________________________________
It improves credibility of financial statements.
What an opinion does not achieve?
______________________________________________________
It does not provide any assurance about:
i) Future viability of the entity; and
ii) Efficiency or effectiveness of management.
General Principles of an Audit:
Professional Ethics
__________________________________________________________
There are a number of ethical matters that are extremely important for auditors to consider when performing their work. It is vital to the public image and credibility of the profession that the auditor is seen to be behaving in an acceptable manner in addition to actually complying with the ethical requirements.
It is important to recognize that many groups in society rely on accountant’s work, not just the shareholders on whose behalf the accountant is working. The accountant therefore has a public
accountability.
In the light of this, ICA’s ethical guidelines emphasis the following key points about the characteristics of accountants:
a) Independence:
Auditor is independent of management i.e. he is not under the control or influence of management.
b) Integrity:
Auditor is honest and is not corrupt. He is straight forward in performing his professional work
c) Objectivity:
He obtains the evidence needed to form an opinion and his opinion is based on that
evidence alone. He is not subjective in forming his opinion.
d) Professional Competence and Due Care:
Auditor has attained certain professional qualification, has acquired the requisite skill and has attained the experience necessary for the audit and performs his work with planning and due diligence.
e) Confidentiality:
Auditor neither discloses the information obtained during the course of his audit without permission of his client (except when required in a court of law) nor uses that information himself.
f) Professional Behavior:
He should not only act in a professional manner but should also appear to be a professional. He should maintain his professional knowledge and skill at a level required to ensure that a client or employer receives the benefit of competent professional service
based on up-to-date developments in auditing practice and relevant legislation.
g) Technical Standards:
Audit should be performed by following certain standards, international or national.
___________________________________________________________
International Standards on Auditing (ISAs)
The auditor should follow basic principles and essential procedures together with related guidance as contained in ISAs.
International Standards on Auditing (ISAs) are issued by the International Auditing Practices Committee (IAPC). The IAPC is a standing committee of the Council of the International
Federation of Accountants (IFAC), which was formed in 1977 and is based in New York. IFAC has more than 150 member bodies, representing over 2 million accountants in more than 100 countries, and membership of IFAC automatically confers The IAPC issued standards and statements on auditing and related services in order to improve the degree of uniformity of auditing practice and related services throughout the world.
The IAPC works closely with its members and national standard setters in order to gain acceptance of international Standards of Auditing (ISAs). Member bodies have increasingly sought to align the national position with the international positions IFAC and the IASC have gained influence and recognition. Standard setters increasingly refer to the international position in their consultative documents as authoritative support for a particular view.
International auditing and accounting standards do not at present override local regulations. Neither IFAC nor the IASC can currently compel any organization to comply with international standards; nor are there specific sanctions where organizations claim to have complied with international standards, but have not done so.
The preface to International Standards on Auditing and Related Services (ISA 100) states that IAPC guidance falls into two categories:
?? International Standards on Auditing (ISAs).
_________________________________________________________
ISAs contain basic principles and essential procedures (identified in bold type black lettering), together with related guidance in the form of explanatory and other material (in plain type) including appendices.
The basic principles and essential procedures are to be understood and applied in the context of explanatory and other material that provides guidance for their application. The text of a whole standard is considered in order to understand and apply the basic principles and essential procedures.
?? International Auditing Practice Statements (IAPSs).
__________________________________________________________
In conducting an audit in accordance with ISAs, the auditor is also aware of and considers International Auditing Practice Statements (IAPSs) applicable to the audit engagement. IAPSs provide practical assistance to auditors in implementing standards and promote good
practice. They are not intended to have the authority of standards.
The auditor may also conduct the audit in accordance with both ISAs and auditing standards of a specific jurisdiction or country.
Professional Skepticism
__________________________________________________________
The audit should be planned and performed with an attitude of professional skepticism i.e. forming an opinion only after obtaining sufficient and appropriate audit evidence instead of blindly accepting any information or explanation given by the management.
An attitude of professional skepticism means the auditor makes a critical assessment, with a
questioning mind, of the validity of audit evidence obtained and is alert to audit evidence that
contradicts or brings into question the reliability of documents and responses to inquiries and other information obtained from management and those charged with governance.
SCOPE OF AN AUDIT - What does it mean?
__________________________________________________________
The term “scope of an audit” refers to the audit procedures that, in the auditor’s judgment and based on the ISAs, are deemed appropriate in the circumstances to achieve the objective of the
audit.
• Audit opinion
• Reasonable assurance
• Sufficient appropriate audit evidence
• Audit procedures (based on ISAs)
Audit-Evidence:
_______________________
It is obtained by applying necessary audit procedures. Audit procedures should be based on requirements of ISAs, relevant professional bodies, legislation, regulations, and the terms of the audit engagement and reporting requirements.
Auditing is concerned with the verification of accounting date and with determining the accuracy and reliability of accounting statements and reports. Verification does not mean seeking proof or absolute certainty in connection with the data and reports being audited. It means looking for sufficient evidence depends on what experience and knowledge of contemporary auditing standards tells one is satisfactory.
An auditor obtains audit evidence regarding management’s assertions for the following areas:
a. Existence:
An asset or liability exists at the Balance Sheet date. This is an obvious assertion with such items as land and buildings, stocks and others
b. Rights and obligations:
An asset or liability pertains to the entity at the Balance Sheet date. This means that the enterprise has for example ownership of an asset. Ownership as an idea is not simple and there may be all sorts of rights and obligations connected with a given asset or liability.
c. Occurrence:
A transaction or event took place which pertains to the enterprise during the relevant period. It may be possible for false transactions (e.g. sales or purchases) to be recorded. The assertion is that all recorded transactions actually took place.
d. Completeness:
There are not unrecorded assets, liabilities, transactions or events or undisclosed items. This is important for all accounts items but is especially important for liabilities.
e. Valuation:
An asset or liability is recorded at an appropriate carrying value Appropriate may mean in accordance with generally accepted accounting principles, the companies Act rules, Accounting
Standards requirements and consistent with statements of accounting policies consistently applied.
f. Measurement:
A transaction or event is recorded at the proper amount and revenue or expense allocated to the proper period.
g. Presentation and disclosure:
An item is disclosed, classified and described in accordance with
applicable reporting framework. For example fixed assets are subject to the Companies Ordinance rules and to IAS 16.
An example:
_________________
We will look at an item in a balance sheet, bank overdraft Rs. 10,250. In reporting this item in the balance sheet, the directors are making these assertions:
• That there is a liability to the company’s bankers.
• That at the balance sheet date this liability was Rs. 10,250.
• That this amount is agreed by the bank
• That the overdraft was repayable on demand. If this were not so, it would not appear amongst the current liabilities and terms would be stated.
• That the overdraft was not secured. If it were secured this fact would need to be stated.
• That the company has the Authority to borrow from its Memorandum and Articles.
• That a bank reconciliation statement can be prepared.
• That the bank is willing to let the overdraft continue.
If no item ‘bank overdraft’ appeared in the balance sheet, it would represent an assertion by the directors that no overdraft liability existed at the balance sheet date.
REASONABLE ASSURANCE What is reasonable assurance?
__________________________________________________________
A conclusion that the financial statements are not materially misstated. An auditor cannot obtain absolute assurance because of limitations described in Para below.
How reasonable assurance is achieved?
__________________________________________________________
It is achieved by obtaining audit evidence.
Factors affecting reasonable assurance:
__________________________________________________________
• Inherent limitation of an audit, i.e. failure of audit procedures to detect material
misstatements in financial statements because of:
o The use of testing (application of procedures on samples).
o The inherent limitations of accounting and internal control system.
o Persuasive nature of audit evidence rather than conclusive (Persuasive: one leading to an opinion; one which causes to believe; Conclusive: final, convincing).
• Exercise of judgment by the auditor in gathering of evidence and drawing of conclusion.
• Existence of other limitations like related parties etc.
Audit Risk and Materiality
_______________________________
Guidance provided by ISA 200 in this matter is discussed in later chapters which specifically and exclusively discuss it.
Responsibility for the Financial Statements:
__________________________________________________________
Responsibilities for preparing and presenting the financial statements are that of management. Auditor’s responsibility is to express an opinion thereon.
REASONABLE ASSURANCE What is reasonable assurance?
__________________________________________________________
It means a conclusion that the financial statements are not materially misstated. An auditor cannot obtain absolute assurance because of limitations described in paragraph below.
Reasonable assurance through audit evidence Audit evidence:
__________________________________________________________
• For internal control
• For transactions & accounts balances
• For financial statements
Inherent Limitations of Accounting and Internal Control
__________________________________________________________
• Management over rides
• Collusion with employees
• Collusion with third party
• Unaffordable cost of internal control
• Human error
Accordingly, because of the factors described above an audit is not a guarantee that the financial statements are free from material misstatement, because absolute assurance is not attainable. Further, an audit opinion does not assure the future viability of the entity nor the efficiency or effectiveness with which management has conducted the affairs of the entity
AUDIT RISK AND MATERIALITY
__________________________________________________________
Entities pursue strategies to achieve their objectives, and depending on the nature of their operations and industry, the regulatory environment in which they operate, and their size and complexity, they face a variety of business risk. Management is responsible for identifying such risks and responding to them.
However, not all risks relate to the preparation of the financial statements. The auditor is ultimately concerned only with risks that may affect the financial statements. The auditor obtains and evaluates audit evidence to obtain reasonable assurance about whether the financial statements give a true and fair view or are presented fairly, in all material respects, in accordance with the applicable financial reporting framework. The concept to reasonable assurance acknowledges that there is a risk the audit opinion is inappropriate. The risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated is known as “audit risk”.
Audit Risk:
______________________
The risk that the auditor expresses inappropriate audit opinion when the financial statements are materially misstated. The concept of reasonable assurance acknowledges that there is a risk the audit opinion is in appropriate.
Materiality:
_______________________
Risk of material misstatement levels:
• Overall Financial Statement level
• Often relates to entity’s control environment
• Also relates to declining economic conditions
• Transactions, account balances, & disclosures level
Auditor is not responsible for detection of misstatements that are not material.
The auditor should plan and perform the audit to reduce audit risk to an acceptably low level that is consistent with the objective of an audit
Responsibility for the Financial Statements:
__________________________________________________________
Responsibilities for preparing and presenting the financial statements are that of management. Auditor’s responsibility is to express an opinion thereon. This responsibility includes:
• Designing, implementing and maintaining internal control relevant to the preparation and presentation of financial statements that are free from material misstatement, whether due to fraud or error;
• Selecting and applying appropriate accounting policies; and
• Making accounting estimates.
Chapter
UNDERSTANDING
ENTITY ¦ ENVIRONMENT ¦ AUDIT RISKS
UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT
_____________________________________________________________
AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT
Introduction:
____________________________________
The standard requires that auditor should obtain an understanding of the entity and its environment, including its internal control, sufficient to identify and assess the risks of material misstatement of the financial statements whether due to fraud or error, and sufficient to design and perform other audit procedures.
The standard provides guidance on the following:
• Risk assessment procedures and sources of information about the entity and its
environment including its internal control.
• Understanding the entity and its environment, including its internal control.
• Assessing the risk of material misstatement.
• Communicating with those charged with governance and management.
• Documentation.
1. Risk Assessment Procedures and Sources of Information about the Entity and Its Environment Including Its Internal Control Risk Assessment Procedures & Sources of Information:
_________________________________________________________
The auditor should perform the following risk assessment procedures to obtain an understanding of the entity and its environment, including its internal controls.
a) Inquiries of management and others within the entity;
b) Analytical procedures; and
c) Observation and inspection.
The auditor is not required to apply all the risk assessment procedures for each aspect of the understanding required. However, all the above risk assessment procedures are applied in the course of obtaining the required understanding.
In addition to the above procedures, the auditor may obtain information by making inquiries of the entity’s legal counsel or of valuation experts that the entity has used. Reviewing information obtained from external sources such as reports by analysts, banks, or rating agencies, trade and economic journals or regulatory or financial publications may also be useful in obtaining information about the entity.
a) Inquiries:
____________________________________
The auditor obtains information from management and those responsible for financial reporting. However, useful information can be obtained from others within the entity like production staff, internal audit personnel and other employees. Inquiries from others may provide an auditor with the following information:
• Inquiries directed towards those charged with governance may help the auditor understand the environment in which the financial statements are prepared. (such persons include the representatives of board of directors, Chief finance officers who are responsible of designing internal control)
• Inquiries directed towards internal audit personnel may relate to their activities concerning the monitoring and effectiveness of the entity’s internal control and whether management has satisfactorily responded to any findings from these activities.
• Inquiries of employees involved in initiating, processing or recording complex or unusual transactions (like; accounts managers etc.) may help the auditor in evaluating the appropriateness of the selection and application of certain accounting policies.
• Inquiries directed towards in-house legal counsel (like; company secretary, legal advisor
etc.) may relate to such matters as litigation, compliance with laws and regulations, knowledge of fraud or suspected fraud affecting the entity, warranties, post-sales obligations, arrangements (such as joint ventures) with business partners and the meaning of contract terms.
• Inquiries directed towards marketing or sales personnel may relate to changes in the
entity’s marketing strategies, sales trends, or contractual arrangements with its customers.
b) Analytical procedures:
____________________________________
These include ratio analysis, trend analysis, and common size analysis of financial as well as non
financial information pertaining to the entity. These procedures enable auditor to identify situation where significant fluctuations exist, relationships are not present as per expectations or unexpected relationships exist.
c) Observation and Inspection:
__________________________________________________
(walk through procedures)
It may support inquiries of management and others and also provide information about the entity and its environment. Such audit procedures ordinarily include the following:
• Observation of entity activities and operations
• Inspection of documents (such as business plans and strategies), records and internal control manuals.
• Reading reports prepared by management (such as quarterly management reports and interim financial statements) and those charged with governance (such as minutes of board of directors’ meetings).
• Visits to the entity’s premises and plant facilities.
• Tracing transactions through the information system relevant to financial reporting (walkthrough).
Discussion among the Audit Team:
_______________________________________________
The members of the engagement team should discuss the susceptibility of the entity’s financial
statements to materials misstatements. Such discussion would foster sharing of knowledge and
exchange of information
Understanding the Entity and Its Environment, including Its Internal Control
_____________________________________________________________
The auditor’s understanding of the entity and its environment consists of an understanding of the following aspects:
(a) Industry, regulatory, and other external factors, including the applicable financial reporting framework (like; insurance companies, leasing companies, banking companies, textile industry etc.).
(b) Nature of the entity, including the entity’s selection and application of accounting policies (like; sugar, textile, hotel, tourism, services, etc.).
(c) Objectives and strategies and the related business risks that may result in a material
misstatement of the financial statements (like; growth maximization, cost effectiveness,
quality leadership, downsizing, etc.).
(d) Measurement and review of the entity’s financial performance.
(e) Internal control.
a) Industry, regulatory and other External Factors, including the Applicable Financial Reporting Framework:
____________________________________________________________
The auditor should obtain information about these. Such knowledge includes information about
competitors, suppliers, customers, technological developments, the regulatory environment, legal and political environment and the environmental requirements affecting the industry and the entity. The auditor should also consider general economic conditions. Examples of matters an auditor may consider include the following:
• Industry conditions:
____________________________________
• The market and competition, including demand, capacity, and price competition.
• Cyclical or seasonal activity
• Product technology relating to the entity’s products
• Energy supply and cost
• Regulatory environment:
____________________________________
• Accounting principles and industry specific practices
• Regulatory framework, for a regulated industry (like; baking sector)
• Legislation and regulation that significantly affect the entity’s operations
• Regulatory requirements (like; labor laws, minimum wage rate)
• Direct supervisory activities (like; NAB, Excise & taxation Dept)
• Taxation (corporate and other)
• Government policies currently affecting the conduct of the entity’s business.
• Monetary, including foreign exchange controls
• Fiscal
• Financial incentives (for example, government aid programs)
• Tariffs, trade restrictions
• Environmental requirements affecting the industry and the entity’s business.
• Other external factors currently affecting the entity’s business.
_____________________________________________________________
• General level of economic activity (for example, recession, growth)
• Interest rates and availability of financing
• Inflation currency revaluation.
b) Nature of the Entity:
__________________________________
The nature of an entity refers to the entity’s operations, its ownership and governance, the types of investments that it is making and plans to make, the way that the entity is structured and how it is financed. An understanding of the nature of an entity enables the auditor to understand the classes of transactions, account balances, and disclosures to be expected in the financial statements. The auditor should obtain an understanding of the accounting policies selected and their application. It includes understanding the methods to account for significant and unusual transactions, the effect of significant accounting policies in controversial areas and changes in accounting policies. The auditor should assess appropriateness, of accounting policies selected and their consistency with financial reporting framework and industry practice. Examples of matters an auditor may consider include the following:
Business Operations:
_________________________________
• Nature of Business (for example, manufacturer, wholesaler, banking, insurance or other financial services, import/export trading, utility, transportation and technology products and services.
• Products or services and markets (for example, major customers and contracts, terms of payment, profit margins, market share, competitors, exports, pricing policies, reputation of products, warranties, order book, trends, marketing strategy and objectives, manufacturing processes).
• Conduct of operations (for example, stages and methods of production, business
segments, delivery of products and services, details of declining or expanding operations).
• Alliances, joint ventures and outsourcing activities
• Involvement in electronic commerce, including internet sales and marketing activities.
• Geographic dispersion and industry segmentation.
• Location of production facilities, warehouses, and offices.
• Key customers.
• Important supplies of goods and services (for example, long-term contracts, stability of supply, terms of payment, imports, methods of delivery such as “just-in-time”).
• Employment (for example, by location, supply, wage levels, union contracts, pension and other post employment benefits, stock option or incentive bonus arrangements, and government regulation related to employment matters).
• Research and development activities and expenditures.
• Transactions with related parties.
Investments:
____________________________
• Acquisitions, mergers or disposals of business activities (planned or recently executed).
• Investments and dispositions of securities and loans.
• Capital investment activities, including investments in plant and equipment and
technology, and any recent or planned changes.
• Investments in non-consolidated entities, including partnerships, joint ventures and
special-purpose entities.
Financing:
______________________
• Group structure – major subsidiaries and associated entities, including consolidated and
non-consolidated structures.
• Debt structure, including covenants, restrictions, guarantees, and off-balance-sheet
financing arrangements.
• Leasing of property, plant or equipment for use in the business.
• Beneficial owners (local, foreign, business reputation and experience)
• Related parties
• Use of derivative financial instruments.
Financial Reporting:
____________________________________
• Accounting principles and industry specific practices.
• Revenue recognition practices.
• Accounting for fair values.
• Inventories (for example, locations, quantities).
• Foreign currency assets, liabilities and transactions.
• Industry-specific significant categories (for example, loans and investments for banks,
accounts receivable and inventory for manufacturers, research and development for
pharmaceuticals).
• Accounting for unusual or complex transactions including those in controversial or
emerging areas (for example, accounting for stock-based compensation).
• Financial statement presentation and disclosure.
Sources of Obtaining Understanding
_________________________________________________
Auditor obtains an understanding of the entity and environment, including its internal control through:
1. Risk assessment procedures and sources of information about the entity and its environment including its internal control.
2. Understanding the entity and its environment, including its internal control.
3. Assessing the risk of material misstatement.
4. Communicating with those charged with governance and management.
5. Documentation
1. Risk Assessment Procedures & Sources of Information
_____________________________________________________________
Risk assessment procedures to obtain an understanding:
___________________________________________________
a) Inquiries directed towards:
____________________________
• Those charged with governance
• Internal audit personnel
• Middle management (employees)
• Legal counsel
• Marketing or sales personnel
b) Analytical procedures:
________________________
• Financial
• Non financial
c) Observation and inspection of:
____________________________________
• Observations of Activities and operations
• Inspection of Documents and records
• Reading Management reports
• Visit to premises and plant facilities
2. Understanding the Entity and Its Environment, Including Its Internal Control
_____________________________________________________________
The auditor’s understanding of the entity and its environment consists of an understanding of the following aspects:
a) External Factors:
• Industry conditions
• Regulatory environment
• Macro economic level factors
b) Nature of the entity:
• Business operations
• Investments
• Financing
• Financial reporting
c) Objectives and strategies and the related business risks:
• Potential related business risk at existence of objective:
o Industry developments
o New products and services
o Expansion of the business
o New accounting requirements
o Regulatory requirements
o Current and prospective financing requirements
o Use of IT
• Potential related business risk at implementing a strategies:
o Effects leading to new accounting requirements
o Measurement and review of the entity’s financial performance.
o Internal control.
2. Understanding the Entity and Its Environment, including Its Internal Control
___________________________________________________________
The auditor’s understanding of the entity and its environment consists of an understanding of the
following aspects:
(a) Industry, regulatory, and other external factors, including the applicable financial reporting framework (like; insurance companies, leasing companies, banking companies, textile industry etc.).
(b) Nature of the entity, including the entity’s selection and application of accounting policies (like; sugar, textile, hotel, tourism, services, etc.).
(c) Objectives and strategies and the related business risks that may result in a material
misstatement of the financial statements (like; growth maximization, cost effectiveness, quality leadership, downsizing, etc.).
(d) Measurement and review of the entity’s financial performance.
(e) Internal control.
c) Objectives and Strategies and Related Business Risks
_____________________________________________________________
The auditor should obtain an understanding of the entity’s objectives and strategies and the related business risks that may result in material misstatement of the financial statements.
Business Risk is the risk that objectives and strategies would not be met:
_____________________________________________________________
Examples of matters an auditor may consider include the following:
• Existence of objectives with reference to:
o Industry developments (a potential related business risk might be, for example,
that the entity does not have the personnel or expertise to deal with the changes like technological changes in the industry).
o New products and services (a potential related business risk might be, for example,
that there is increased product liability).
o Expansion of the business (a potential related business risk might be, for example,
that the demand has not been accurately estimated).
o New accounting requirements (a potential related business risk might be, for
example, incomplete or improper implementation, or increased costs).
o Regulatory requirements (a potential related business risk might be, for example
that there is increased legal exposure).
o Current and prospective financing requirements (a potential related business risk
might be, for example, the loss of financing due to the entity’s inability to meet
requirements).
o Use of IT (a potential related business risk might be, for example, that systems and
processes are incompatible).
• Effects of implementing a strategy, particularly any effects that will lead to new accounting requirements (a potential related business risk might be, for example, incomplete or improper implementation) The auditor should keep in mind that business risk is broader than the risk of material misstatement. Business risks, at times, do not cause any misstatement in the financial statements but affect the going concern.
Conditions and events that may indicate risks of material misstatements are as follows:
The following are examples of conditions and events that may indicate the existence of risks of material misstatement. The examples provided cover a broad range of conditions and events; however, not all conditions and events are relevant to every audit engagement and the list of examples is not necessarily complete.
• Operations in regions that are economically unstable, for example, countries with significant currency devaluation or highly inflationary economies.
• Operations exposed to volatile markets, for example, futures trading.
• High degree of complex regulation.
• Going concern and liquidity issues including loss of significant customers.
• Constraints on the availability of capital and credit.
• Changes in the industry in which the entity operates.
• Changes in the supply chain.
• Developing or offering new products or services, or moving into new lines of business.
• Expanding into new locations.
• Changes in the entity such as large acquisitions or reorganizations or other unusual events.
• Entities or business segments likely to be sold.
• Complex alliances and joint ventures.
• Use of off-balance-sheet finance, special-purpose entities, and other complex financing arrangements.
• Significant transactions with related parties.
• Lack of personnel with appropriate accounting and financial reporting skills.
• Changes in key personnel including departure of key executive.
• Weaknesses in internal control, especially those not addressed by management.
• Inconsistencies between the entity’s IT strategy and its business strategies.
• Changes in the IT environment.
• Installation of significant new IT systems related to financial reporting.
• Inquiries into the entity’s operations or financial results by regulatory or government bodies.
• Past misstatements, history of errors or a significant amount of adjustments at period end.
• Significant amount of non-routine or non-systematic transactions including inter-company transactions and large revenue transactions at period end.
• Transactions that are recorded based on management’s intent, for example, debt refinancing, assets to be sold and classification of marketable securities.
• Application of new accounting pronouncements.
• Accounting measurements that involve complex processes.
• Events or transactions that involve significant measurement uncertainty, including accounting estimates.
• Pending litigation and contingent liabilities for example, sales warranties, financial guarantees and environmental remediation.
d) Measurement and Review of the Entity’s Financial Performance
_____________________________________________________________
The auditor should obtain an understanding of the measurement and review of the entity’s financial performance. Performance measures, internal and external, some times create pressures on the entity and motivate management to misstate the financial statements. Internally generated information may highlight entity’s position vis-Ã -vis, its competitors and reports from credit rating agencies and analysts may provide information useful to the auditors understanding of the entity and its environments.
Examples of matters an auditor may consider include the following:
• Key ratios and operating statistics
• Key performance indicators
• Employee performance measures and incentive compensation
policies.
• Trends
• Use of forecasts, budgets and variance analysis
• Analyst reports and credit rating reports
• Competitor analysis
• Period –on-period financial performance (revenue growth,
profitability leverage)
e) Internal Control
___________________________
Understanding of Internal Control is used by the auditor to identify types of potential misstatements and to consider factors that affect the risks of material misstatements and design the nature, timing and extent of further audit procedures.
Definition of internal control
________________________________________________________
Internal controls is the process designed and effected by those charged with governance, management, and other personnel to provide reasonable assurance about the achievement of the entity’s objectives with regard to reliability of financial reporting, effectiveness and efficiency of operations and compliance with applicable laws and regulations. It follows that internal control is
designed and implemented to address identified business risks that threaten the achievement of any of these objectives.
Components of internal control
_______________________________________________
(a) The control environment
(b) The entity’s risk assessment process
(c) The information system, including the related business processes relevant to financial
reporting and communication.
(d) Control activities
(e) Monitoring of controls
e) Internal Control.
____________________________________
Understanding of Internal Control is used by the auditor
1. to identify types of potential misstatements;
2. to consider factors that affect the risks of material
misstatements; and
3. to design the nature, timing and extent of further audit
procedures.
Definition of Internal Control
_________________________________________________
Internal control is the process designed and affected by those charged with governance, management, and other personnel ………..
to provide reasonable assurance about the achievement of the entity’s objectives with regard to:
1. Reliability of financial reporting,
2. Effectiveness and efficiency of operations and
3. Compliance with applicable laws and regulations.
It follows that internal control is designed and implemented to address identified business risks that threaten the achievement of any of these objectives.
Components of Internal Control
__________________________________________________
• The control environment
• The entity’s risk assessment process
• The information system, including the related business processes relevant to financial
reporting and communication.
• Control activities
• Monitoring of controls
The Control Environment
____________________________________
It encompasses the following elements:
(a) Communication and enforcement of integrity and ethical
values.
(b) Commitment to competence
(c) Participation by those charged with governance
(d) Management’s philosophy and operating style
(e) Organizational structure
(f) Human resource policies and practices
Auditor should evaluate how these components have been incorporated into the entity’s processes.
The Entity’s Risk Assessment Process
_________________________________________________
It is the process of identifying and responding to business risks that affect entity’s financial reporting.
Such process includes how management:
1. Identifies risks that affect entity’s ability to produce financial statement that give true and fair view,
2. estimates their significance,
3. estimates likelihood of their occurrence and
4. Decides upon actions to manage them.
Risks relevant to financial reporting include:
– internal events, and
– external events and circumstance
That may occur and adversely affect an entity’s ability to:
• initiate,
• record,
• process, and
• report the financial information.
Risks can arise due to circumstances such as the following: (internal/external)
• Changes in operating environment
• New personnel
• New or revamped information systems
• Rapid growth
• New technology
• New business models, product or activities
• Corporate restructurings
• Expanded foreign operations
• New accounting pronouncements
Information system, including the related business processes, relevant to financial reporting and communication
_________________________________________________________
The information system consists of:
1. infrastructure (physical and hardware components),
2. software
3. people
4. procedures and
5. data
Infrastructure and software will be absent, or have less significance, in systems that are exclusively or primarily manual. Many information systems make extensive use of IT.
Importance of Information System
____________________________________________________
Accordingly, an information system encompasses methods and records that:
• Identify and record all valid transaction.
• Describe on a timely basis the transaction in sufficient detail to permit proper classification of transactions for financial reporting.
• Measure the value of transactions in a manner that permits recording their proper monetary value in the financial statements.
• Determine the time period in which transactions occurred to permit recording of transactions in the proper accounting period.
• Present properly the transactions and related disclosures in the financial statements.
Communication
____________________________________
• Communication involves:
– providing an understanding of individual roles and responsibilities pertaining to internal
control,
– understanding roles of others and
– doing exception reporting to higher level management.
• Communication takes such forms as:
– policy manuals,
– accounting and financial reporting manuals and memorandum.
• It may also be made
– electronically,
– orally and
– through the actions of management
Control Activities:
____________________________________
Control activities include:
a) Performance reviews
b) Information processing
c) Physical controls
d) Segregations of duties
a) Performance reviews
These control activities include:
____________________________________
• reviews and analyses of actual performance versus budgets, forecasts, and prior period performance;
• relating different sets of data - operating or financial - to one another, together with analyses of the relationships and investigative and corrective actions;
• comparing internal data with external sources of information; and
• review of functional or activity performance, such as a bank's Consumer loan manager's review of reports by branch, region, and loan type for loan approvals and collections
Information processing
____________________________________
A variety of controls are performed to check accuracy, completeness, and authorization of transactions.
The two broad groupings of information systems control activities are:
• application controls and
• general IT controls.
Application controls apply to the processing of individual applications. These controls help ensure that transactions occurred, are authorized, and are completely and accurately recorded and processed.
General IT-controls commonly include controls over data center and network operations; system software acquisition, change and maintenance; access security; and application system acquisition, development, and maintenance. These controls apply to main-frame, mini-frame and end-user environments.
Physical controls
____________________________________
These activities encompass the:
• physical security of assets, including adequate safeguards such as secured facilities access to assets and records;
• authorization for access to computer programs and data files; and
• periodic counting and comparison with amounts shown on control records (for example comparing the results of cash, security and inventory counts with accounting records).
Segregation of duties
____________________________________
Assigning different people the responsibilities of authorizing transactions, recording transactions, and maintaining custody of assets is intended to reduce the opportunities to allow any person to be in a position to both commit and conceal errors or fraud in the normal course of the person's duties. Examples of segregation of duties include reporting, reviewing and approving reconciliations, and approval and control of documents.
Monitoring of Control
____________________________________
The auditor should obtain an understanding of the major types of activities that
• the entity uses to monitor internal control over financial reporting, and
• how the entity initiates corrective actions to its controls.
Monitoring means and includes:
Ensuring that internal controls are operating as intended.
• If monitoring is not done, people may stop performing the functions they are required to perform.
• It also involves assessing the quality of internal control performance over times.
• Monitoring may be ongoing activities, separate evaluations or a combination of the two.
Monitoring includes:
a) Supervisions, functions of managers
b) Internal audit
c) Communication from external parties indicating areas requiring
3. Assessing the Risk of Material Misstatement
_____________________________________________________
The auditor should identify and assess the risks of material misstatement at the financial statement level, and at the assertion level for classes of transactions, account balances, and disclosures. For this purpose, the auditor:
• Identifies risks throughout the process of obtaining an understanding of the entity and its environment, including relevant controls that relate to the risks, and by considering the classes of transactions, account balances, and disclosures in the financial statements.
• Relates the identified risks to what can go wrong at the assertion level;
• Considers whether the risks are of a magnitude that could result in a material misstatement of the financial statements; and
• Considers the likelihood that the risks could result in a material misstatement of the financial statements.
Significant Risks that require Special Audit Considerations Significant risks
__________________________________________________________
These relate to:
• non-routine transactions (unusual)
• judgmental matters (e.g. accounting estimates)
• non-routine transactions arising from matters such as:
o greater management intervention to specify the accounting treatment
o greater manual intervention for data collection and processing
o complex calculations or accounting principles.
For significant risks, to the extent the auditor has not already done so, the auditor should evaluate the design of the entity’s related controls, including relevant control activities, and determine whether they have been implemented.
If management has not appropriately responded by implementing controls over significant risks and if, as a result, the auditor judges that there is a material weakness in the entity’s internal control, the auditor communicates this matter to those charged with governance. In these circumstances, the auditor also considers the implications for the auditor’s risk assessment.
Risks for which substantive procedures alone do not provide sufficient appropriate audit evidence
_________________________________________________________
As part of the risk assessment as described in the above paragraph, the auditor should evaluate the design and determine the implementation of the entity’s controls, including relevant control activities, over those risks for which, in the auditor’s judgment, it is not possible or practicable to reduce the risks of material misstatement at the assertion level to an acceptably low level with audit evidence obtained only from substantive procedures.
Examples of situations where the auditor may find it impossible to design effective substantive procedures that by themselves provide sufficient appropriate audit evidence that certain assertions are not materially misstated include the following:
• An entity that conducts its business using IT to initiate orders for the purchase and delivery of goods based on predetermined rules of what to order and in what quantities and to pay the related
accounts payable based on system-generated decisions initiated upon the confirmed receipt of goods and terms of payment. No other documentation of orders placed or goods received is produced or maintained, other than through the IT system.
• An entity that provides services to customers via electronic media (for example, an Internet service provider or a telecommunications company) and uses IT to create log of the services provided to its customers, initiate and process its billings for the services and automatically record such amounts in electronic accounting records that are part of the system used to produce the entity’s financial statements.
Revision of Risk Assessment
____________________________________________
While performing tests of controls or substantive procedures auditor finds that controls are not performing effectively and misstatements found are not in accordance with expectations of misstatements, the auditor should revise his assessment of risk and modify the further planned audit procedures.
4. Communicating with those Charged with Governance and Management
___________________________________________________________
The auditor should make those charged with governance or management aware, as soon as practicable, and at an appropriate level of responsibility, of material weaknesses in the design or implementation of internal control which have come to the auditor’s attention.
5. Documentation
____________________________________
The auditor should document:
• The discussion among the engagement team regarding the susceptibility of the entity’s financial statements to material misstatement due to error or fraud, and the significant decisions reached;
• Key elements of the understanding obtained regarding each of the aspects of the entity and its environment, including each of the internal control components, to assess the risks of material misstatement of the financial statements; the sources of information from which the understanding was obtained; and the risk assessment procedures;
• The identified and assessed risks of material misstatement at the financial statement level and at the assertion level; and
• The risks identified and related controls evaluated.
Chapter
Documenting ¦ Evaluating
Internal Control System
Benefits of Internal Control to the entity
____________________________________________________________
Based on our previous studies we can now identify the following principal benefits that may arise for an entity from a sound system of internal control:
1) Assurance that all transactions are completely and accurately processed.
2) Confidence that only authorized transactions takes place.
3) Assurance that adequate documentation supporting transactions is created and retained.
4) Assurance that the company’s assets and liabilities are correctly stated, in order for them to
make informed decisions on the operations of the business.
5) Minimization of the risk of fraud and misappropriation of assets.
Benefits of Internal Control to the auditor
_____________________________________________
Of course, if the audit client benefits from a sound system of internal control, it is likely that the auditor will also be benefited. All of the above stated benefits help to promote a situation where the financial statements present a true and fair view. In simple terms, a good system of internal control will make life easier for the auditor.
Auditor’s work on the Internal Control
_______________________________________________
International standards on auditing emphasize the importance of internal control to the auditor by stating that auditor should:
1) Obtain an understanding of the accounting and internal control system sufficient to plan the audit and develop an effective audit approach, and
2) Use professional judgment to assess the components of audit risk and to design audit procedures to ensure it is reduced to an acceptably low level.
At an early stage in their work auditors will have to decide the extent to which they wish to place reliance on the internal controls of the enterprise. As the audit proceeds, that decision will be kept under review and, depending on the results of their examination, they may decide to place more or less reliance on these controls.
Categories of Internal Control
__________________________________
These are often summarized by using the mnemonic SOAP MAPS as follows:
1) Supervision
2) Organization
3) Arithmetic and Accounting
4) Physical
5) Management and Monitoring
6) Authorization
7) Personnel
8) Segregation of duties
a) Supervision
___________________
There should be adequate supervision of work to ensure that controls are being complied with. Possible application: a supervisor or manager reviews and checks the work of a subordinate.
b) Organization
_______________________
Enterprises should have a formal, documented organization structure with clear lines of responsibility.
Possible application: lines of authority within an organization make it clear which individuals are responsible for decisions and transactions
c) Arithmetic and Accounting
_________________________________________
The company should ensure that there are adequate controls to ensure the completeness and accuracy of its financial records.
Possible application: standard accounting procedures such as the use of control accounts, reconciliation procedures and the performance of arithmetic checks on accounting records.
d) Physical
__________________
There should be adequate physical control to ensure the security and safekeeping of its assets such as plant and machinery, valuable inventory items and cash. Possible application: banking cash immediately, controlling access to inventory areas; electronic tagging of inventory and portable non-current assets.
e) Management and Monitoring
___________________________________________
There should be sufficient controls in existence to ensure management can effectively control the business operations. Possible application: the use of budgeting and standard costing systems; the establishment of an internal audit department
f) Authorization
________________________________
All transactions should be authorized.
Possible application: authorization of purchases, cash and bank payments, sale of non-current assets, sales to customers on credit, bad debt write offs.
g) Personnel
______________________________
Employees should be appropriately qualified and of suitable caliber to perform the required tasks. Possible application: recruiting the right people for the job; training them effectively, motivating and rewarding employees in an appropriate way.
h) Segregation of duties
__________________________________
There should be an appropriate division of responsibilities to reduce the opportunity for fraud and manipulation.
This is a fundamental control procedure designed to ensure that one person does not have sole charge of a transaction from beginning till end. Perfect segregation of duties exists where each of the main stages in a transaction are under the control of a different person.
Possible application: Consider an inventory purchasing system in a manufacturing company:
Stage Documentation Responsibility
____________________________________________________________
Initiation Stores requisition Stores keeper Authorization Purchase order Purchasing officer Custody Goods received note Receiving officer Recording Invoice Account department
Documenting the system
____________________________
Documenting the system is an extremely important stage in the audit; Auditing standards state that in planning the audit, auditors should obtain and document an understanding
of the accounting system and control environment sufficient to determine their audit approach.
The various methods of ascertaining and recording the system may be summarized as follows:
1. Organization chart
2. Narrative notes
3. Flowcharts
4. Internal control questionnaires (ICQs)
5. Internal control evaluation checklists (ICEC)
Organization Chart
_____________________________
Managing Director
Production Director
Sales Director
Finance Director
Production Planning
Factory Manager
Purchases Controller
Distribution Manager
Advertising Manger
Manager Accounts
Chief Accountant
Narrative Notes
____________________
This is a simple and apparently convenient way of describing systems. Having ascertained the system, the auditor draws up a narrative description of it for the audit files. An example might be:
Sales invoices are prepared by Mr._____ They are checked by Mr. _____ and then passed to Mr. _____ for recording in the customer’s account in the sales ledger etc. Shortcomings of the method:
1. Notes can take up a disproportionate amount of space
2. Notes may be difficult to interpret
3. What happens it personnel change?
Flowcharts
________________________
This is becoming an increasingly widely used technique for recording accounting systems in audit files. A flowchart is a diagrammatical representation of an accounting system.
A good flowchart will be supplemented with narrative.
Flowcharts have the following advantages:
• They portray the flow of documents through the system and enable the auditor to relate those movements with procedures and checks carried out as part of that system.
• They show the movement of documents in such a way that, when properly prepared, the sources and destinations of all documents will be clear.
• They help to highlight weaknesses in the control of the business.
• They enable audit tests to be clearly related to weaknesses in the accounting system.
Standard symbols are used to represent documents, operations and checks carried out. Flow lines are used to join up the symbols and represent the movement of documents.
Dotted lines are used to represent the flow of information between documents. Essentials of flowchart
Internal control evaluation flowcharts must highlight the following:
a) the sequence of operations happening to each document (e.g. authorization, checking, matching, filing)
b) the segregation of staff duties and who is responsible for each operation.
Symbols used in manual systems flowcharts
____________________________________________________________
• A document
• A multi-part set of documents
• Pre-numbered document
• A book of account
• An operation performed on a document
• A check performed on a document
• Filing a book or document
• Document flow
• Information flow
• Connector with another
Flowchart of purchases Narratives:
____________________________________________________________
1. Requisition note raised when goods are at a pre-set re-order level. Order quantity is pre-determined by use of a copy of the previous purchase order.
2. Signed by store manager.
3. Buyer checks authorization.
4. Purchase order set prepared.
5. P02 filed temporarily to act as a check on overdue deliveries.
6. P04 and P05 are filed until goods are received.
7. Weekly check on overdue deliveries.
8. Goods checked to PO to ensure they are in agreement.
9. If not damaged, goods are accepted and a goods received note set is raised. Where quantity received is below order a
shortage memo set is also raised and a note made on the purchase order.
10. P05 is sent back to the warehouse to act as the next requisition note.
Commentary on the above flowchart:
_____________________________________
• All operations and checks are positioned on vertical lines within a particular department.
• Horizontal lines show the movement of a document between departments.
• In practice the flowchart would continue, dealing with the processing of the purchase invoice/credit note/day books/payables ledger/cash book etc. The flow-lines at the bottom of the page would continue to
• Note that the narrative to the flowchart does not deal with all of the operation numbers since some should be self-explanatory e.g. operation 9 represents the numerical filing of P03 in the buying department.
EVALUATING THE INTERNAL CONTROL SYSTEM
____________________________________________________________
Flow Charts and Internal Control Questionnaires:
Use of the major symbols in flow charts
___________________________________
The Document symbol
________________________
Each document in the flowchart should have a vertical flow-line. Such vertical flow-lines represent a movement in time within a particular department. When the document is moved to another
department, this movement in position will be represented by a horizontal line; departments are therefore listed across the page.
Here the document is originated in Dept A. It is moved to Dept B, then Dept D and then Dept C.
Note that only vertical and horizontal lines are used, never diagonal lines.
The Operation symbol
___________________________
Various operations will be performed on a document. It will, for instance: be prepared, added up, used to prepare other documents, etc. Any operation, other than a check function, is represented by the cross symbol. Each operation symbol should be supported by a brief narrative explaining the nature of the operation. Invoice etc.
Kamran totals the invoice Note that the operation symbol is positioned on a vertical flow-line. It should never appear on a
horizontal flow-line since that would suggest in this case that Kamran totals the invoice while it is moving from one department to another.
The Information flow symbol
Here one document is prepared from another.
The movement of information to the sales invoice is shown
by a dotted line. Such information flow-lines are always horizontal, never vertical. Note that flow-lines then continue for both the order and the invoice. Sales order Fauzia prepares an invoice from the sales order
This example is wrong because:
(a) no narrative exists to explain the nature of the operation;
(b) the sales invoice has no flow-line, it disappears into thin air.
Sales order
Sales Invoice
The Check symbol
_________________________
Sales Invoice
Sattar totals the invoice
Wajid checks the totals
This example shows a simple check on a single document.
Delivery Note
Sales Invoice
Pasha checks that all goods dispatched have been invoiced.
This shows a check between two documents.
Note the use of the information flow-line again and that both the delivery note and the sales invoice continue with vertical flow-lines
of their own.
The filing symbol
_______________________
Once documents have been processed they will often be filed away.
Such files are either permanent or temporary.
The two sorts of file are denoted by the same symbol but the
temporary files are marked with a letter ‘T’.
It will often be useful to indicate the order of filing either numerically, alphabetically or in chronological order. This can be done by marking the symbol with the letter N, A, or D.
Purchase Order
Filed awaiting delivery of goods.
Checked by Zahoor (weekly) got late delivery
When goods are received purchase order initialed by Safdar
TN
N
Note that with the temporary filing symbol the flow-line of the
document must continue.
With the permanent filing symbol the flow-line stops since the
document has reached its ultimate destination
The book of account symbol
________________________________________
The flowchart should use the book symbol to show the book which is
already in existence. It should also show the book being re-filed once the posting is completed.
Sales Invoice
Sales Daybook
D
Sohail posts invoices to the SDB
Note that the same flow-line principles apply to books as to documents. A vertical flowline is needed which ends with the re-filing of the sales day book which will be kept chronologically.
Depicting multi-part sets of documents
____________________________________________________________
Requisition Note
Purchase order
N
To supplier
Rauf prepares purchase order sets
Note that each part of the set must have a flow-line emanating from it. In this example; PO1 is sent to the supplier, PO2 goes off to another department and PO3 is filed numerically
Preliminary Evaluation of the System
____________________________________________________________
Having ascertained, confirmed and recorded the system, the auditor now needs to carry out a preliminary evaluation of the system in order to make a decision as to whether he will:
• Rely on internal controls and adopt a systems audit approach, or,
• Perform extensive substantive testing. Using a verification approach to the audit.
Internal Control Questionnaire
______________________________________________
Features:
____________
• Used in large company audit
• Used to place reliance on internal controls
• Used to design audit approach
Definition:
_______________
An ICQ is a formal and usually standardized document which comprises:
1. A list of internal controls in existence and
2. Highlights any weaknesses.
Objectives:
________________
• To ascertain a clients systems of accounting and internal control
• To evaluate the control system thus recorded, and hence
• To identify those controls which indicate strengths in the system upon which the auditor will seek to place reliance, and
• To identify those areas over which there are weak or no controls and which therefore must be subjected to more extensive substantive testing and reported by inclusion in the Management Letter.
Construction of an ICQ
_______________________________________
I) It is good practice when designing ICQs to state, as a brief introduction:
• A list of control objectives which each sub-system under consideration should
seek to achieve
• Any business considerations specific to the enterprise under review which should be taken into account. The reason for this is essentially to highlight for the audit staff key areas for their consideration to the audit staff.
II) The questions in an ICQ should be designed to ascertain whether the control objectives are being achieved and should therefore cover such aspects as:
• Instructions given to staff in the performance of their duties
• Authorization procedures
• Documents and procedures used to originate transactions
• Recording procedures
• Sequence of procedures
• Custody procedures
• Relative independence of the persons involved at each stage
of a transaction (i.e. segregation of duties).
III) The questions should be framed such that a Yes/No answer is given, with a No answer usually indicating a control weakness.
IV) An ICQ should carry such basic information as:
• The name of the document (ICQ)
• the system to which it relates (e.g. purchasing cycle)
• the client to whom it relates
• the accounting period under review
• evidence of who has prepared and reviewed the document
• the provision of columns for:
o Yes and No answers
o comments where neither Yes or No are applicable
o indicating the significance or otherwise of apparent weaknesses
o references to audit programs
o references to Management Letters.
INTERNAL CONTROL QUESTIONNAIRE
____________________________________________________________
Having ascertained, confirmed and recorded the system, the auditor now needs to carry out a preliminary evaluation of the system in order to make a decision as to whether he will:
1. Rely on internal controls and adopt a systems audit approach, or,
2. Perform extensive substantive testing. Using a verification approach to the audit.
An ICQ is a formal and usually standardized document which comprises:
3. A list of internal controls in existence and
4. Highlights any weaknesses.
Features:
____________________
• Used in large company audit
• Used to place reliance on internal controls
• Used to design audit approach
Objectives:
______________
• To ascertain a clients systems of accounting and internal control
• To evaluate the control system thus recorded, and hence
• To identify those controls which indicate strengths in the system upon which the auditor will seek to place reliance, and
• To identify those areas over which there are weak or no controls and which therefore must be subjected to more extensive substantive testing and reported by inclusion in the
Management Letter.
_____________________________________________________
Construction of an ICQ
(I) It is good practice when designing ICQs to state, as a brief introduction:
• a list of control objectives which each sub-system under consideration should seek to achieve
• any business considerations specific to the enterprise under review which should be taken into account. The reason for this is essentially to highlight for the audit staff key areas for their consideration to the audit staff.
II) The questions in an ICQ should be designed to ascertain whether the control objectives are being achieved and should therefore cover such aspects as:
• instructions given to staff in the performance of their duties
• authorization procedures
• documents and procedures used to originate transactions
• recording procedures
• sequence of procedures
• custody procedures
• relative independence of the persons involved at each stage of a transaction (i.e. segregation of
duties).
(III) The questions should be framed such that a Yes/No answer is given, with a No answer usually indicating a control weakness.
(IV) An ICQ should carry such basic information as:
• the name of the document (ICQ)
• the system to which it relates (e.g. purchasing cycle)
• the client to whom it relates
• the accounting period under review
• evidence of who has prepared and reviewed the document
• the provision of columns for:
o Yes and No answers
o comments where neither Yes or No are applicable
o indicating the significance or otherwise of apparent weaknesses
o references to audit programs
o references to Management Letters.
Example of part of an ICQ
INTERNAL CONTROL QUESTIONNAIRE
____________________________________________________________
Prepared by: ________ Date: ________
CLIENT: ___________ PERIOD: _____
Reviewed by:________ Date: ________
THE PURCHASING CYCLE
________________________________________
(a) Control objectives.
(b) Business considerations.
(c) The questionnaire
a) Control objectives
________________________________
To ensure that:
1) Purchased goods/services are ordered under proper authorities and procedures
2) Purchased goods/services are only ordered as necessary for the proper conduct of the business
operations and are ordered to suitable suppliers
3) Goods/services received are effectively inspected for quality, quantity and condition
4) Invoices and related documentation are properly checked and approved as being valid before
being entered as trade payables
5) All transactions relating to trade payables are valid (suppliers invoices, credit notes and adjustments), and only those valid transactions should be accurately recorded in the accounting records.
b) Business considerations
________________________________________
Points Effect on audit procedures and on financial statements
1. Nature of the company’s - Auditor must be aware of the
purchases. Varying nature of goods purchased.
2. The existence of a - As far as possible ordering should
purchasing department. be centralized.
3. The company’s - The fixing of minimum/maximum
purchasing policy. Inventory and re-order levels should ensure efficient control. However, buying in bulk, with resulting higher inventory levels may be part of a company policy to reduce unit costs, in which case inventory obsolescence and storage cost problems may arise.
4. The selection of suppliers. - The purchasing department should maintain a supplier’s register to record past purchases, prices, and satisfaction received etc. The constant seeking of alternative sources of supply at keener prices is an indication of efficient management
(C) Questionnaire
________________________________________
Yes/
Initiation and authorization
No Comments References
• Are standard (Purchase) order forms (SOFs) issued showing
names of suppliers, quantities ordered and prices?
• Are copies of SOFs retained on file?
• Who authorizes orders and what are their authority limits?
• Are the persons in 3 above independent of those who issue requisitions?
• Is a record kept, of orders placed but not executed? (If yes, specify type of record kept and filing sequence).
Custody
• Are goods from suppliers inspected on arrival as to quantity
and quality?
• How is the receipt of supplies recorded (e.g. by Goods Received Notes)?
• Are these records prepared by a person independent of those responsible for:
- ordering functions?
- processing and
- recording?
Criticism on ICQs
________________________________________
• ICQs represent an attempt at a formalized, systematic, approach to the audit of large complex organizations.
• It is however increasingly apparent that such questionnaires can become too complex, lengthy and detailed for meaningful evaluation of accounting systems.
• There is a danger that ICQs can provoke too formalized an approach to an assignment; that will be concentrating as they do on the controls themselves rather than upon the fraud or irregularity that the controls are designed to prevent.
Internal Control Evaluation Checklists
_____________________________________________________________
To overcome the above discussed possible shortcomings, many auditing practices have amended their approach to internal control evaluation by the adoption of a different type of document, Internal Control
Evaluation Checklists (ICEC).
________________________________
The ICEC is designed to determine; whether desirable internal controls are present?, using key control questions to ascertain where specific frauds or errors are possible.
It is normally employed where system’s information has already been recorded (usually in the form of flowcharts). Key questions are asked in an ICEC, the answers to which prompt further supplementary questions. Reference is made to a supporting flowchart which is the means of ascertaining the existing systems. This makes the ICEC document shorter and less complex, but it may require more skill and judgment on the part of the auditor to interpret the completed form. Note that virtually all the rules applicable to the construction of an ICQ apply to the construction of an ICEC.
Example of ICEC
INTERNAL CONTROL EVALUATION CHECKLIST
________________________________________
Prepared by: ________ Date: ________
CLIENT: ___________ PERIOD: _____
Reviewed by:________ Date: ________
PURCHASES – PAYABLES – PAYMENTS
(a) Control objectives.
(b) Business considerations.
(c) The checklist
a) Control Objectives
As per ICQ
b) Business Consideration
As per ICQ
c) The Checklist
1 Purchases Comments Reference
_________________________________________________________
1.1 Can goods be purchased without authority?
______________________________________________________
• purchase requisitions and order approvals?
• limit of buyers authority to order?
• purchasing segregated from receiving, accounts payable and inventory records?
• un issued orders safeguarded against loss?
1.2 Can liabilities be incurred although goods not received?
__________________________________________________________
• receiving segregated from purchasing, accounts payable and inventory records?
• are all goods passed directly to stores?
• GRNs or equivalent prepared independently?
• adequate comparison with order, claims for short shipment etc?
• invoices, GRNs, direct to accounts payable not purchasing?
• invoices checked to order and GRNs, prices checked?
• check of extensions, additions, discounts?
• documents cancelled to prevent re-use?
• unmatched documents investigated regularly?
• freight checked, bills matched to consignments?
• purchase returns and allowances controlled - follow-up?
• forward purchases controlled?
1.3 Can cut-off errors occur?
________________________________________
• time lapse from receipt of goods to invoice processing?
• valuation of unmatched GRNs?
• adequate control and recording of receipts?
1.4 Can invoices be wrongly allocated?
_______________________________________________________
• nominal ledger analysis?
• analysis independently checked?
• staff purchases controlled?
• independent and regular review?
1.5 Can liabilities be recorded for goods or services not ordered?
____________________________________________________________
(a) goods received without authority?
2 Payables
_________________________
2.1 Can liabilities be incurred but not recorded?
_____________________________________________________________
• payables balances agreed periodically?
• suppliers statements independently reconciled?
• invoice register?
• forward contracts?
• order backlog follow up?
• debit balances controlled?
3 Payments
_________________________
3.1 Can payments be made if not properly supported?
_____________________________________________________________
• discounts taken?
• control over invoices before validating complete?
• cheque signatories independent of purchasing, receiving,accounts payable and cheque preparation?
• signatories examine support for payment, check completeness, cancel support?
• control over signature plates or pre-signed cheques?
• control where one signature?
• frequency with which cheques mailed?
• independent regular bank reconciliation, with cheques directly from bank and review reconciliation?
• cheques crossed account payee only, continuity accounted for, control over unused cheques?
• bank transfers controlled - standing orders?
• issue of bearer or cash’ cheques?
• advances and loans controlled?
• bank transfer payments, traders credits, direct debits?
3.2 Can payments for non-routine purchases be made if not authorized or properly supported?
___________________________________________________________
(a) services, expense accounts, taxation payments in advance, staff purchases and goods on consignment?
3.3 Can non-current assets be acquired or removed without proper authorization and recording?
_____________________________________________________________
• approved work orders for non-current assets and major repairs?
• approval of cost over-runs?
reporting of scrapping or disposals?
• detailed non-current asset register, regular physical inspection and review of values?
• periodic insurance appraisals, adequate coverage?
• control over loose tools?
Limitations of the effectiveness of Internal Control
_____________________________________________________________
It is possible to reduce the volume of transaction testing required in conducting an audit if the internal controls are sound and are operating effectively, but it is not likely that an auditor will be able to rely on internal controls entirely. This is because all control systems have inherent limitations such as:
a) The need to balance the cost of the control with its benefits
b) The fact that internal controls are applied to regular, recurring transactions, not one off year end adjustments or unusual transactions, which are often large and subject to error.
c) The potential for human error
d) The possibility of fraudulent collusion (two or more persons operating together) to ‘get round’ controls that segregate duties. For example; the supervisor responsible for checking and authorizing overtime claims could collude with employees, to enable excess overtime payments to be claimed.
e) The abuse of authority and override of controls by senior managers or the owners of the business. Abuse of authority might involve ordering personal goods through the firm. It is very easy for directors and managers of organizations of any size to instruct staff to bypass normal procedures such as the requirement for authorization for payments.
f) The obsolescence of controls which have not changed to reflect changes in the business activities or organization. In practice, the training of auditors always involves a warning never to rely on internal controls entirely, no matter how effective they may appear to be. Hence some verification of transactions is always carried out as
part of the audit
Chapter
Audit Tests
& Audit Evidence
AUDIT TESTS
Audit evidence through Audit Procedures
_____________________________________________________________
The auditor needs to generate sufficient appropriate audit evidence that will allow a conclusion to be reached based on this. Audit evidence, is obtained from audit procedures performed during the course of
audit, such as:
• Test of control (compliance test)
• Test of details (substantive test)
• Analytical procedures (substantive test)
Audit Procedures based on the understanding of Internal Control
____________________________________________________________
Auditor’s understanding of the control environment, determines the audit procedures. A strong control environment would provide more confidence about the effectiveness of internal control and the reliability of audit evidence generated internally within the entity and thus, for example, allows the auditor to conduct some audit procedures at an interim date rather than at period end.
If there are weaknesses in the control environment, the auditor ordinarily conducts more audit procedures at period end rather than at an interim date, seeks more extensive audit evidence from substantive
procedures, modifies the nature of audit procedures to obtain more persuasive audit evidence, or increases the number of locations to be included in the audit scope.
Appropriate Audit Approach
_________________________________
The auditor’s understanding of the internal control would enable him to select an appropriate audit approach. These audit approaches may be as follows:
• Apply tests of control only for a particular assertion.
• Apply substantive procedures only for a particular assertion may be because auditor failed to identify any effective controls relevant to assertion.
• Combined approach i.e. applying both tests of operating effectiveness of control’s and substantive procedures for the same assertion. However, irrespective of the approach selected, the auditor designs and performs substantive procedures for each material class of transactions, account balance and disclosures. In the case of very small entities, there may not be control activities and auditor may have to apply only substantive procedures.
Considering the Nature, Timing and Extent of Audit Procedures Nature
_____________________________________________________________
The nature refers to:
• the purpose i.e. (tests of controls or substantive procedures) and
• their type, i.e. inspections, observation, inquiry confirmation, recalculation, re-performances or analytical procedures.
Timing
__________
Timing refers to when audit procedures are performed or the period or date to which the audit evidence applies.
Extent
___________
Extent refers to sample size or number of observations of a control activity (quantity of audit evidence). It depends on auditor’s judgment after considering materiality, the assessed risk and the degree of assurance the auditor plans to obtain.
Nature
_______________
The nature refers to the purpose i.e. (tests of controls or substantive procedures) and their type, that is, inspections, observation, inquiry confirmation, recalculation, re-performances or analytical procedures.
Certain audit procedures may be more appropriate for some assertions than others.
The types of procedures to be performed and their combination would be affected by the auditor’s assessment of the risk. The higher the risk, the more reliable audit procedure would be required. In determining the audit procedures to be performed, auditor considers inherent and control risks associated with the particular account balance or class of transactions.
Auditor is required to obtain audit evidence about the accuracy and completeness of information produced by the entity’s information system when that information is used for performing audit procedures.
Timing
________________
Timing refers to when audit procedures are performed or the period or date to which the audit evidence applies.
Tests of control and substantive procedures may be performed either at an interim date or at period end. The higher the risk of material misstatement, the more likely it is that the auditor may consider it more
effective to perform substantive procedures near to or at the period end rather than at an earlier date or to apply audit procedures unannounced or at unpredictable times. On the other hand performing audit procedures before the period end may assist the auditor in identifying significant matters at early stage of the audit, which in turn would help in resolving them or developing an effective audit strategy.
In considering when to perform audit procedures, the auditor also considers such matters as the following:
• The control environment
• When relevant information is available (for example, electronic files may subsequently be overwritten or procedures to be observed may occur only at certain times).
• The nature of the risk (for example, if there is a risk of inflated revenues to meet earnings expectations by subsequent creation of false sales agreements, the auditor may wish to examine contracts available on the date of the period end).
• The period or date to which the audit evidence relates. Certain audit procedures can be performed only at the period end.
Examples are:
_______________
• Agreeing the financial statements to the accounting records.
• Examining adjustments made during the course of preparing the financial statements.
• To cover the risk of overstatement the auditor ordinarily inspects transaction near the period end.
Extent
__________
Extent refers to sample size or number of observations of a control activity (quantity of audit evidence). It depends on auditor’s judgement after considering materiality, the assessed risk and the degree of assurance the auditor plans to obtain. Extent of audit procedures is increased when the risk of material misstatement increases.
The use of computer-assisted audit techniques (CAATs) may enable more extensive testing of electronic transaction and account files. Such techniques can be used to select sample transaction from key electronic
files, to sort transactions with specific characteristics or to test an entire population instead of a sample. Valid conclusions may be drawn using sampling approaches. However, in certain circumstances examination of entire population may be more appropriate to reach a valid conclusion about that population.
Test of Control
___________________________
The auditor is required to perform tests of controls when the internal controls are operating effectively or when substantive procedures alone do not provide sufficient appropriate audit evidence at the assertion level.
Tests of controls comprise of testing three things:
1. Design – that the internal controls are properly designed to cover the risk it is meant for. (examined through ICQs and ICECs)
2. Implementation – that the internal controls have been put into operation.(examined through a walk through test with a little sample)
3. Operating effectiveness – that the systems of internal control were operating effectively at relevant times during the period. ( examined through compliance tests based on a judgmental
sample)
Nature of Tests of Controls
______________________________________________
These are as follows:
• Inquiry and observation (e.g. inquiry about and observation of controls over opening of mail to verify controls over cash receipts).
• Re-performance (e.g. preparation of bank reconciliation statement);
• Inspection of documentation relevant to performance of controls;
• Applying CAATs.
• Tests of controls and tests of details may be applied simultaneously on the same transaction; tests of control see whether e.g. invoice is approved and tests of details to detect material misstatement in that invoice.
Timing of Tests of Controls
______________________________________________
These may be performed at
1. a particular time or
2. on the information relating to the entire audit period.
A. If performed at a particular time, it would provide evidence of operating effectiveness of controls at that particular time. Such evidence may be sufficient for the auditor e.g. observation of counting of inventories.
B. However, if auditor wants to obtain evidence about the effective operation of controls throughout the period under audit, then tests of control’s should be applied on transactions of the entire period. If auditor wants to rely on controls tested in prior periods, he should make inquiry that there is no change in such controls. If these controls have changed, these should be tested for operating effectiveness first before relying on these. The auditor may not test all the controls every audit if there is no change in them. However, such controls must be tested at least every third audit.
Extent of tests of controls
______________________________________________
The auditor designs tests of controls to obtain sufficient appropriate audit evidence that the controls operated effectively throughout the period of reliance. Matters the auditor may consider in determining the extent of the tests of controls include the following:
1. The frequency of the performance of the control by the entity during the period.
2. The length of time during the audit period that the auditor is relying on the operating effectiveness of the control.
3. The relevance and reliability of the audit evidence to be obtained in supporting that the control prevents, or detects and corrects, material misstatements.
4. The extent to which the auditor plans to rely on the effectiveness of the control (and thereby reduce substantive procedures based on the reliance on such control).
5. The expected deviation from the control.
Substantive Procedures
______________________________________________
Substantive procedures are performed in order to detect material misstatements at the assertion level, and include tests of details of classes of transactions, account balances and disclosures and substantive analytical procedures.
The auditor plans and performs substantive procedures to be responsive to the related assessment of the risk of material misstatement.
Irrespective of the assessment of risk of material misstatement, the auditor should design and perform substantive procedures for each material class of transactions, account balance, and disclosure.
The auditor’s substantive procedures should include the following audit procedures related to the financial statement closing process:
• Agreeing the financial statements to the underlying accounting records; and
• Examining material journal entries and other adjustments made during the course of preparing the financial statements. When the auditor has determined that an assessed risk of material misstatement at the assertion level is a significant risk, the auditor should perform substantive procedures that are specifically responsive to that
risk.
Nature of Substantive Procedures
______________________________________________
Substantive analytical procedures are applied on large volume of transactions, which are predictable over time. Tests of details are ordinarily more appropriate to obtain audit evidence regarding certain assertions about account balances, including existence and valuation.
In designing substantive analytical procedures, the auditor considers such matters as the following:
• The suitability of using substantive analytical procedures given the assertions.
• The reliability of the data, whether internal or external from which the expectation of recorded
amounts or ratios is developed.
• Whether the expectation is sufficiently precise to identify a material misstatement at the desired
level of assurance.
• The amount of any difference in recorded amounts from expected values that is acceptable.
Timing of Substantive Procedures
______________________________________________
When substantive procedures are performed at an interim date, the auditor should perform further substantive procedures or substantive procedures combined with tests of controls to cover the remaining
period that provide a reasonable basis for extending the audit conclusions from the interim date to the period end.
In considering whether to perform substantive procedures at an interim date the auditor considers such factors as the following:
• The control environment and other relevant controls.
• The availability of information at a later date that is necessary for the auditor’s procedures.
• The objective of the substantive procedure.
• The assessed risk of material misstatement.
• The nature of the class of transactions or account balance and related assertions.
• The ability of the auditor to perform appropriate substantive procedures or substantive procedures
combined with tests of controls to cover the remaining period in order to reduce the risk that misstatements that exist at period end are not detected.
If substantive procedures are performed at an interim date, the auditor may sometimes consider applying tests of controls also on the transactions of remaining period while extending his substantive procedures from interim date to the period end.
In situations of actual or expected fraud, auditor may prefer applying substantive procedures at period end. If misstatements are detected in classes of transactions or account balances at an interim date, the auditor
ordinarily modifies the related assessment of risk and the planned nature, timing or extent of the substantive procedures covering the remaining period. Substantive procedures applied in a prior period are not sufficient to address a risk of material misstatement in the current year except in certain circumstances.
Extent of performance of substantive procedures
____________________________________________________________
Greater the risk of material misstatement due to weaknesses in the system of internal control, the greater would be the risk of material misstatement in the financial statements. In designing tests of details, the auditor may use either audit sampling or may choose to select items to be tested by some other selective means of testing.
Adequacy of Presentation and Disclosure
__________________________________________________________
The auditor should perform audit procedures to evaluate whether the overall presentation of the financial statements, including the related disclosures, are in accordance with the applicable financial reporting
framework.
SUBSTANTIVE PROCEDURES
__________________________________________________________
Auditing
Auditor’s Opinion
(depends upon)
Reasonable Assurance
(depends upon)
Sufficient Appropriate Audit evidence
(depends upon)
Audit procedures
»
Test of Control
»
Substantive Procedures
• Test of details
• Analytical procedures
Test of Control
____________________________
The auditor is required to perform tests of controls:
• When the internal controls are operating effectively or
• When substantive procedures alone do not provide sufficient appropriate audit evidence at the assertion level.
Tests of controls comprise of testing three things:
• Design – that the internal controls are properly designed to cover the risk it is meant for.
• Implementation – that the internal controls have been put into operation.
• Operating effectiveness – that the systems of internal control were operating effectively at relevant times during the period.
How to perform test of control
__________________________________________________________
• Testing the Design:
– Proper design of internal control is tested through ICQs and ICEC.
• Testing the Implementation:
– Implementation of internal control is tested through walk through test with a little sample size.
• Testing the Operating effectiveness:
– Here the test is performed through a compliance test based on a judgmental sample.
Substantive Procedures
__________________________________________________________
Substantive procedures are performed in order to detect material misstatements at the assertion level (like; occurrence, completeness, accuracy, valuation, existence, rights and control), and include tests of details of classes of transactions, account balances and disclosures and substantive analytical procedures.
The auditor plans and performs substantive procedures to be responsive to the related assessment of the risk of material misstatement.
Irrespective of the assessment of risk of material misstatement, the auditor should design and perform substantive procedures for each material class of transactions, account balance, and disclosure.
The auditor’s substantive procedures should include the following audit procedures related to the financial statement closing process:
• Agreeing the financial statements to the underlying accounting records; and
• Examining material journal entries and other adjustments made during the course of preparing the financial statements.
When the auditor has determined that an assessed risk of material misstatement at the assertion level is a significant risk, the auditor should perform substantive procedures that are specifically responsive to that risk.
Types of Substantive Procedures
__________________________________________________________
• Land Registry
o Debtors Circular
o Building rent Deed/Agreement
• Analytical procedures
o Payroll Turnover ratio Comparing with previous month’s salary
o Production Cost Comparing with the number of units produced Comparing with the previous month’s cost of production
Nature of Substantive Procedures
__________________________________________________________
Substantive analytical procedures are applied on large volume of transactions, which are predictable over time.
• Tests of details are ordinarily more appropriate to obtain audit evidence regarding certain assertions about account balances, including existence and valuation.
• Analytical procedures are applied on large volume of transactions, which are predictable over time. (cost of goods sold, payroll, sale) In designing substantive analytical procedures, the auditor considers such matters as the following:
• The suitability of using analytical procedures given the assertions. If controls, over sales order processing, are weak; the auditor may place more reliance on tests of details rather than substantive analytical procedures for assertions related to debtors. When auditing the collectibility of accounts receivable, the auditor may apply substantive analytical procedures to an aging of customers’ accounts in addition to tests of details on subsequent cash receipts.
• The reliability of the data; In determining whether data is reliable for purposes of designing substantive analytical procedures, the auditor considers the following:
o Information is ordinarily more reliable when it is obtained from independent sources outside the entity
o Comparability of the information available
o Nature and relevance of the information available (whether budgets have been established as results to be expected rather than as goals to be achieved.
o Controls over the preparation of the information (controls over the preparation, review and maintenance of budgets)
• Whether the expectation is sufficiently precise to identify a material misstatement at the desired level of assurance. For this the auditor considers the following facts:
o The accuracy with which the expected results of substantive analytical procedures can be predicted (comparison of GP ratio should be consistent rather than the ratio of discretionary expenses like entertainment)
o The degree to which information can be disaggregated (effective analysis will be of a component not of the entity as a whole)
o The availability of the information, both financial and non financial (budgets are financial, whereas units of production are non financial)
• The amount of any difference in recorded amounts from expected values that is acceptable. Depends upon the:
o materiality
o Possibility of misstatement in the specific account balance, class of transactions, or disclosure
Timing of Substantive Procedures
__________________________________________________________
YEAR END SUBSTANTIVE PROCEDURES ARE ALWAYS MORE RELIABLE
When substantive procedures are performed at an interim date, the auditor should perform further substantive procedures or substantive procedures combined with tests of controls to cover the remaining
period that provide a reasonable basis for extending the audit conclusions from the interim date to the period end.
In considering whether to perform substantive procedures at an interim date the auditor considers such factors as the following:
• The control environment and other relevant controls. (Like payroll disbursement)
• The availability of information at a later date that is necessary for the auditor’s procedures (prov for doubtful debts can be investigated interim but debtor and inventory can be verified at the year end).
• The objective of the substantive procedure.
• The assessed risk of material misstatement (prefer always at year end).
• The nature of the class of transactions or account balance and related assertions (like frequency of occurrence of the transactions e.g. salaries are paid monthly whereas bonuses are paid annually).
• The ability of the auditor to perform appropriate substantive procedures or substantive procedures combined with tests of controls to cover the remaining period in order to reduce the risk that misstatements that exist at period end are not detected (staffing problem that cannot make the auditor able to extend till the year end) If substantive procedures are performed at an interim date, the auditor may sometimes consider applying tests of controls also on the transactions of remaining period while extending his substantive procedures from interim date to the period end. In situations of actual or expected fraud, auditor may prefer applying substantive procedures at period end. If misstatements are detected in classes of transactions or account balances at an interim date, the auditor ordinarily modifies the related assessment of risk and the planned nature, timing or extent of the substantive procedures covering the remaining period. Substantive procedures applied in a prior period are not sufficient to address a risk of material misstatement in the current year except in certain circumstances.
Extent of performance of substantive procedures
_____________________________________________________________
Greater the risk of material misstatement due to weaknesses in the system of internal control, the greater would be the risk of material misstatement in the financial statements. In designing tests of details, the auditor may use either audit sampling or may choose to select items to be tested by some other selective means of testing.
Adequacy of Presentation and Disclosure
__________________________________________________________
The auditor should perform audit procedures to evaluate whether the overall presentation of the financial statements, including the related disclosures, are in accordance with the applicable financial reporting
framework.
Assertions in obtaining Audit Evidence
__________________________________________________________
• Assertions about classes of transactions and events for the period under audit;
o Occurrence – transactions and events that have been recorded have occurred and pertain
to the entity;
o Completeness – all transactions and events that should have been recorded have been recorded;
o Accuracy – amounts and other data relating to recorded transactions and events have been recorded appropriately.
o Cutoff – transactions and events have been recorded in the proper period.
o Classification – transactions and events have been recorded in the proper accounts.
• Assertions about account balances at the period end.
o Existence – assets, liabilities, and equity interests exist;
o Rights and obligations – the entity holds or controls the rights to assets, and liabilities are the obligations of the entity;
o Completeness – all assets, liabilities and equity interests that should have been recorded have been recorded;
o Valuation and allocation – assets, liabilities, and equity interests are included in the financial statements at appropriate amounts and any resulting valuation or allocation adjustments are appropriately recorded.
• Assertions about presentation and disclosure:
• Occurrence and rights and obligations – disclosed events, transactions and other matters have occurred and pertain to the entity;
• Completeness – all disclosures that should have been included in the financial statements have been included;
• Classification and understandability – financial information is appropriately presented and described, and disclosures are clearly expressed;
• Accuracy and valuation – financial and other information are disclosed fairly and at appropriate amounts.
Audit Procedures for obtaining Audit Evidence
_____________________________________________________________
The auditor uses one or more types of audit procedures described below:
• Inspection of Records or Documents: It consists of examining records or documents whether internal or external, in paper form, electronic form, or other media. Inspection provides evidence of varying degrees of reliability depending on their nature and source and in the case of internal records, on effectiveness of controls over their production.
• Inspection of Tangible Assets: It consists of physical examination of the assets. It may provide reliable audit evidence of their existence cannot necessarily about other assertions.
• Inquiry: It means seeking information of knowledgeable persons throughout the entity or outside the entity. Those may be formal written or informal oral. It provides an auditor with new information or corroborative evidences. It may also bring to high information different from the one possessed by the auditor. Certain oral inquiries might be got confirmed through written representations.
• Confirmations: It is a specific type of inquiry. It is the process of obtaining a representation of information or an existing condition directly from a third party. Confirmations are sought from debtors, creditors, bankers, legal advisors etc.
AUDIT EVIDENCE
__________________________________________________________
Auditor should obtain sufficient appropriate audit evidence to be able to draw reasonable conclusions on which to base the audit opinion.
Concept of Audit Evidence:
__________________________________________________________
Audit evidence is all the information used by the auditor in arriving at the conclusions on which his opinion is based and includes the information contained in the accounting records underlying the financial statements and other information. It is obtained from audit procedures performed during the course of audit and may include audit evidence obtained from other sources such as pervious audits and a firm’s quality control procedures for client acceptance and continuance. Accounting records generally include the records of initial entries and supporting records, such as checks and records of electronic fund transfers; invoices; contracts; the general and subsidiary ledgers, journal entries and other adjustments to the financial statements that are not reflected in formal cost allocations, computations, reconciliations and disclosures. The entries in the accounting records are often initiated, recorded, processed and reported in the electronic form. In addition, the accounting records may be part of integrated systems that share data and support all aspects of the entity’s financial reporting, operations and compliance objectives.
Auditor obtains most of the audit evidence from accounting records of the entity. If accounting records do not provide sufficient audit evidence, the auditor obtains other audit evidence.
Other information that the auditor may use as audit evidence includes:
• minutes of meetings;
• confirmations from third parties,
• analysis’ reports;
• comparable data about competitors (benchmarking);
• controls manuals;
• information obtained by the auditor from such audit procedures as inquiry, observation; and inspection;
• and other information developed by, or available to, the auditor that permits the auditor to reach conclusions through valid reasoning.
Sufficient appropriate Audit Evidence
__________________________________________________________
• Sufficiency: The measure of quantity of audit evidence.
• Appropriateness: The measure of quality i.e. relevance and reliability in providing support of detecting misstatements in account balance classes of transactions and disclosures and relevant assertions.
o The quantity of audit evidence needed is affected by:
o the risk of misstatement (the greater the risk, the more audit evidence is likely to be required); and
o the quality of such audit evidence (the higher the quality, the less may be required).
Accordingly sufficiency and appropriateness are interrelated. However, merely obtaining more audit evidence may not compensate for its poor quality.
Audit evidence obtained through same audit procedures may be relevant to certain assertions but not relevant to other assertions.
The auditor often obtains evidence about an assertion from different sources or of different nature. Evidence about an assertion is not a substitute for evidence regarding another assertion.
Sources of obtaining Audit Evidence
__________________________________________________________
• Internal source
o through accounting system, management, employees, underlying documentation etc.
• External source
o third parties, i.e. suppliers, customers bankers legal advisers and other parties who have knowledge of the enterprise.
Nature of Audit Evidence
____________________________________
i) Visual
ii) Oral
iii) Documentary
Reliability of Audit Evidence - Generalizations
_________________________________________________________
Following generalizations are considered useful in assessing the reliability of audit evidence (subject to certain important exceptions):
• Audit evidence obtained from independent sources outside the entity is more reliable.
• Evidence generated internally is more reliable when related controls are effective.
• Evidence obtained by an auditor directly is more reliable than that obtained indirectly or by interference e.g. Bank balance confirmation certificate received by an auditor is more reliable than the bank statement obtained from the management or observation of a control rather than making inquiry about the application of a control.
• Written evidence is more reliable than oral representation.
• Audit evidence provided by original documents is more reliable than that provided by photocopies and facsimiles.
Other factors relating to Audit Evidence
__________________________________________________________
• Information on which audit procedures are based should be sufficiently accurate and complete. Therefore, auditor should also test the system for generating such information while using it for his procedures.
• Auditor’s reliance increases when audit evidence obtained from one source is consistent with another source; if it is inconsistent further procedures may be performed.
• Cost of obtaining the audit evidence is also considered when obtaining it.
• While forming an audit opinion, the auditor does not have to examine all the items or obtain all the evidences which might be available. He can reach a conclusion by examining a sample of such transactions. He also relies on persuasive evidences. However, if evidence is less than persuasive, he does not consider it reliable.
Assertions in obtaining Audit Evidence
__________________________________________________________
• Assertions about classes of transactions and events for the period under audit;
o Occurrence – transactions and events that have been recorded have occurred and pertain to the entity;
o Completeness – all transactions and events that should have been recorded have been recorded;
o Accuracy – amounts and other data relating to recorded transactions and events have been recorded appropriately.
o Cutoff – transactions and events have been recorded in the proper period.
o Classification – transactions and events have been recorded in the proper
accounts.
• Assertions about account balances at the period end.
o Existence – assets, liabilities, and equity interests exist;
o Rights and obligations – the entity holds or controls the rights to assets, and liabilities are the obligations of the entity;
o Completeness – all assets, liabilities and equity interests that should have been recorded have been recorded;
o Valuation and allocation – assets, liabilities, and equity interests are included in the
financial statements at appropriate amounts and any resulting valuation or allocation adjustments are appropriately recorded.
• Assertions about presentation and disclosure:
o Occurrence and rights and obligations – disclosed events, transactions and other matters have occurred and pertain to the entity;
o Completeness – all disclosures that should have been included in the financial statements have been included;
o Classification and understandability – financial information is appropriately presented and described, and disclosures are clearly expressed;
o Accuracy and valuation – financial and other information are disclosed fairly and at appropriate amounts.
Audit procedures for obtaining audit evidence
____________________________________________________________
Auditor performs audit procedures to obtain an understanding of the entity, its environment and to assess risks of material misstatement. Procedures are also applied to test operating effectiveness of internal
controls and for detection of material misstatements at assertion level.
The auditor always performs risk assessment procedures to provide a satisfactory basis for assessment of risks at financial statement level. In addition to these risk assessment procedures, which alone are not sufficient, the auditor performs audit procedures in the form of tests of control and substantive procedures.
Tests of controls are applied when auditor expects to rely on operating controls. Through tests of controls, he tests the controls to support the risk assessment. These are also applied when substantive procedures alone do not provide sufficient appropriate audit evidence. Nature and timing of audit procedures may be affected by the entity’s data retention policies or their practice to convert source documents into computer images through scanning, means of communication being used by the entity e.g. electronic messaging rather than written purchase orders.
The auditor uses one or more types of audit procedures described below:
• Inspection of Records or Documents: It consists of examining records or documents whether internal or external, in paper form, electronic form, or other media. Inspection provides evidence of varying degrees of reliability depending on their nature and source and in the case of internal records, on effectiveness of controls over their production.
• Inspection of Tangible Assets: It consists of physical examination of the assets. It may provide reliable audit evidence of their existence cannot necessarily about other assertions.
• Inquiry: It means seeking information of knowledgeable persons throughout the entity or outside the entity. Those may be formal written or informal oral. It provides an auditor with new information or corroborative evidences. It may also bring to high information different from the one possessed by the auditor. Certain oral inquiries might be got confirmed through written representations.
• Confirmations: It is a specific type of inquiry. It is the process of obtaining a representation of information or an existing condition directly from a third party. Confirmations are sought from debtors, creditors, bankers, legal advisors etc.
• Recalculation: It consists of checking the mathematical accuracy of documents or records. It can be performed through use of information technology.
• Re-performance: It is the auditor’s independent execution of procedures or controls that were originally performed as part of the entity’s internal control, either manually or through the use of CAATs, for example, re-performing the aging of accounts receivable.
• Analytical procedures: It consists of evaluations of financial information made by a study of plausible relationship among
both financial and non-financial data. It includes investigation of significant fluctuations found and the relationship that are inconsistent.
SUFFICIENT APPROPRIATE AUDIT EVIDENCE AND TESTING THE SALES SYSTEM
__________________________________________________________
Recap:
________________
Audit evidence includes: the information contained in the accounting records underlying the financial statements. Audit evidence might include:
• Documents (invoices, credit notes, cash receipts)
• Accounting entries (write down to NRV, depreciation)
• Answers from the management (Provisions)
• Information from third parties (banks, debtors)
• Computations (depreciation, accruals, provisions)
• Observations (inventory count)
Sufficiency: The measure of quantity of audit evidence.
Appropriateness: The measure of quality i.e. relevance and reliability of audit evidence. Key questions for the auditor to consider therefore will be:
1. Do I have enough evidence to reach a conclusion on this audit area?
2. Is the evidence that I have, reliable enough to, allow me to reach a conclusion on this area of the audit?
Assertions in obtaining Audit Evidence
__________________________________________________________
• Assertions about classes of transactions and events for the period under audit;
o Occurrence – transactions and events that have been recorded have occurred and pertain to the entity;
o Completeness – all transactions and events that should have been recorded have been recorded (accruals & depreciation);
o Accuracy – amounts and other data relating to recorded transactions and events have been recorded appropriately. (valuation and estimations)
o Cutoff – transactions and events have been recorded in the proper period.
o Classification – transactions and events have been recorded in the proper accounts.
(b) Assertions about account balances at the period end.
o Existence – assets, liabilities, and equity interests exist;
o Rights and obligations – the entity holds or controls the rights to assets, and liabilities are the obligations of the entity;
o Completeness – all assets, liabilities and equity interests that should have been recorded have been recorded;
o Valuation and allocation – assets, liabilities, and equity interests are included in the financial statements at appropriate amounts and any resulting valuation or allocation adjustments are appropriately recorded.
• Assertions about presentation and disclosure:
o Occurrence and rights and obligations – disclosed events, transactions and other matters have occurred and pertain to the entity;
o Completeness – all disclosures that should have been included in the financial statements have been included;
o Classification and understandability – financial information is appropriately presented and described, and disclosures are clearly expressed;
o Accuracy and valuation – financial and other information are disclosed fairly and at appropriate amounts.
Audit procedures for obtaining Audit Evidence
__________________________________________________________
The auditor uses one or more types of audit procedures described below:
• Inspection of Records or Documents: It consists of examining records or documents whether internal or external, in paper form, electronic form, or other media. Inspection provides evidence of varying degrees of reliability depending on their nature and source and in the case of internal records, on effectiveness of controls over their production.
• Inspection of Tangible Assets: It consists of physical examination of the assets. It may provide reliable audit evidence of their
existence cannot necessarily about other assertions.
• Inquiry:It means seeking information of knowledgeable persons throughout the entity or outside the entity. Those may be formal written or informal oral. It provides an auditor with new information or corroborative evidences. It may also bring to high information different from the one possessed by the auditor. Certain oral inquiries might be got confirmed through written representations.
• Confirmations: It is a specific type of inquiry. It is the process of obtaining a representation of information or an existing condition directly from a third party. Confirmations are sought from debtors, creditors, bankers, legal advisors etc.
• Recalculation: It consists of checking the mathematical accuracy of documents or records. It can be performed through use of information technology.
(vi) Re-performance: It is the auditor’s independent execution of procedures or controls that were originally performed as part of the entity’s internal control, either manually or through the use of CAATs, for example, reperforming the aging of accounts receivable.
• Analytical procedures: It consists of evaluations of financial information made by a study of plausible relationship among
both financial and non-financial data. It includes investigation of significant fluctuations found and the relationship that are inconsistent.
TESTING THE SALES SYSTEM
Control Objectives
__________________________________________________________
For many businesses, sales are made on credit and so objectives for the sales cycle includes control debtors as well.
These control objectives include:
• Customers' orders should be authorized, controlled and recorded in order to execute them promptly
• Goods shipped and work completed should be controlled to ensure that invoices are issued and revenue recorded for all sales.
• Goods returned and claims by customers (for example, in respect of damaged goods) should be controlled in order to determine the liability for goods returned and claims received. .
• Invoices and credits should be appropriately checked for accuracy and should be authorized before being entered in the receivables' records.
• Authorized customer transactions, and only those transactions, should be accurately entered in the accounting records.
• There should be procedures to ensure that sales invoices are subsequently paid by customers and that doubtful amounts are identified in order to determine any provisions or write offs required
Control procedures over sales and debtors
__________________________________________________________
There are a large number of controls that may be required in the sales cycle due to the importance of this area in any business and the possible opportunities that exist for diverting sales and cash receipts away from
the business.
Typical control procedures at key stages of the sales cycle are:
a) Orders
b) Dispatch
c) Invoicing and credit notes
d) Returns inwards
e) Receivables
f) Bad Debts
(a) Orders
______________________
• Existing customers should be allocated a credit limit and it should be ascertained whether this limit is to be exceeded if the new order is accepted. If so the matter should be referred to credit control.
• Any new customer should be referred to the credit control department before the order is accepted.
• All orders received should be recorded on pre-numbered sales order documents so that a check can be made that all orders have been dealt with -a completeness check.
• All orders should be authorized before any goods are dispatched.
• The sales order document should be used to produce a dispatch note for the goods outwards department. No goods may be dispatched without a dispatch note.
(b) Dispatch
___________________
• Dispatch notes should be pre-numbered and a register kept of them to enable them to be matched with relate to sales invoices and customer orders.
• Dispatch notes should be authorized before goods leave the company.
• Regular checks should be made to ensure that all dispatches have been invoiced.
(c) Invoicing and Credit Notes
__________________________________________________________
• Sales invoices should be authorized by a responsible official and matched with the authorized order and dispatch note.
• All invoices and credit notes should be entered In daybook records, the sales ledger, and sales ledger control account. Batch totals should be maintained for this purpose.
• Sales invoices and credit notes should be checked for prices. casts and calculations by a person other than the one preparing the invoice.
• All invoices and credit notes should be serially pre-numbered and regular sequence checks should be carried out.
• Credit notes should be authorized by someone unconnected with dispatch or sales ledger functions.
• Copies of cancelled invoices should be retained.
• Any cancellation of an invoice should lead to a cancellation of the related dispatch note.
• Cancelled (and free of charge) invoices should be signed by a responsible official.
• Each invoice should distinguish between different types of sales and, if relevant, different rates of VAT or sales tax. Any coding of invoices should be periodically checked independently
(d) Returns
_________________
• Any goods returned by the customer should be checked for obvious damage and, when accepted. a document should be raised.
• All goods returned should be used to prepare appropriate credit notes
(e) Receivables/Debtors
__________________________________
• A receivables ledger control account should be prepared regularly and checked to individual sales
ledger balances by an Independent official.
• Receivables ledger personnel should be independent of dispatch and cash receipt functions.
• Statements should be sent regularly to customers.
• Formal procedures should exist for following up overdue debts which should be highlighted either by the preparation of an aged list of balances or by the preparation of regular customer statements.
• Letters should be sent to customers for collection of overdue debts. A policy should be in place for
the Institution of legal proceeds where appropriate.
f) Bad debts
_________________________
• The authority to write off a bad debt should be in writing. Appropriate adjustments should be made to the sales ledger and the control account
• The use of court action or the writing-off of a bad debt should be authorised by an official independent of the cash receipt function.
Tests of Control
__________________________________
Tests of control should be designed to check that the control procedures are being applied and that objectives are being achieved. Tests may be appropriate under the following broad headings.
• Carry out sequence test checks on invoices, credit notes, dispatch notes and orders. Ensure that all items are included and that there are no omissions or duplications.
• Check the existence of evidence for authorization in respect of:
o acceptance of the order (the creditworthiness check)
o dispatch of goods
o raising of the invoice or credit note
o pricing and discounts
o write-off of bad debts. Check both that the relevant signature exists and that the control has been applied.
• Seek evidence of checking of the arithmetical accuracy of:
o invoices, including pricing, and VAT and sales tax calculations
o credit notes, This is often done by means of a 'grid stamp' containing several signatures on the face of the document. Ensure that the control has been applied by checking the accuracy of such invoices and credit notes.
• Check dispatch notes and goods returned notes to ensure that they are matched with invoices and credit notes.
• Check that control account reconciliations have been performed and reviewed. In all cases, tests should be performed on a sample basis.
TESTING THE SALES SYSTEM
Control Objectives
__________________________________________________________
For many businesses, sales are made on credit and so objectives for the sales cycle includes control debtors as well. These control objectives include:
• Customers' orders should be authorized, controlled and recorded in order to execute them promptly
• Goods shipped and work completed should be controlled to ensure that invoices are issued and revenue recorded for all sales.
• Goods returned and claims by customers (for example, in respect of damaged goods) should be controlled in order to determine the liability for goods returned and claims received. .
• Invoices and credits should be appropriately checked for accuracy and should be authorized before being entered in the receivables' records.
• Authorized customer transactions, and only those transactions, should be accurately entered in the accounting records.
• There should be procedures to ensure that sales invoices are subsequently paid by customers and that doubtful amounts are identified in order to determine any provisions or write offs required
Control Procedures over Sales and Debtors
____________________________________________________________
There are a large number of controls that may be required in the sales cycle due to the importance of this area in any business and the possible opportunities that exist for diverting sales and cash receipts away from
the business.
Typical control procedures at key stages of the sales cycle are:
1. Orders
2. Dispatch
3. Invoicing and credit notes
4. Returns inwards
5. Receivables
6. Bad Debts
(a) Orders
________________
• Existing customers should be allocated a credit limit and it should be ascertained whether this limit is to be exceeded if the new order is accepted. If so the matter should be referred to credit control.
• Any new customer should be referred to the credit control department before the order is accepted.
• All orders received should be recorded on pre-numbered sales order documents so that a check can be made that all orders have been dealt with -a completeness check.
• All orders should be authorized before any goods are dispatched.
• The sales order document should be used to produce a dispatch note for the goods outwards department. No goods may be dispatched without a dispatch note.
b) Dispatch
______________________
• Dispatch notes should be pre-numbered and a register kept of them to enable them to be matched with relate to sales invoices and customer orders.
• Dispatch notes should be authorized before goods leave the company.
• Regular checks should be made to ensure that all dispatches have been invoiced.
(c) Invoicing and credit notes
_________________________________
• Sales invoices should be authorized by a responsible official and matched with the authorized order and dispatch note.
• All invoices and credit notes should be entered In daybook records, the sales ledger, and sales ledger control account. Batch totals should be maintained for this purpose.
• Sales invoices and credit notes should be checked for prices. casts and calculations by a person other than the one preparing the invoice.
• All invoices and credit notes should be serially pre-numbered and regular sequence checks should be carried out.
• Credit notes should be authorized by someone unconnected with dispatch or sales ledger functions.
• Copies of cancelled invoices should be retained.
• Any cancellation of an invoice should lead to a cancellation of the related dispatch note.
• Cancelled (and free of charge) invoices should be signed by a responsible official.
• Each invoice should distinguish between different types of sales and, if relevant, different rates of VAT or sales tax. Any coding of invoices should be periodically checked independently
(d) Returns
______________________
• Any goods returned by the customer should be checked for obvious damage and, when accepted. a document should be raised.
• All goods returned should be used to prepare appropriate credit notes
(f) Receivables/Debtors
_________________________
• A receivables ledger control account should be prepared regularly and checked to individual sales ledger balances by an Independent official.
• Receivables ledger personnel should be independent of dispatch and cash receipt functions.
• Statements should be sent regularly to customers.
• Formal procedures should exist for following up overdue debts which should be highlighted either by the preparation of an aged list of balances or by the preparation of regular customer statements.
• Letters should be sent to customers for collection of overdue debts. A policy should be in place for
the Institution of legal proceeds where appropriate.
h) Bad debts
______________________
• The authority to write off a bad debt should be in writing. Appropriate adjustments should be made to the sales ledger and the control account
• The use of court action or the writing-off of a bad debt should be authorized by an official independent of the cash receipt function.
Tests of Control
___________________________________________
Tests of control should be designed to check that the control procedures are being applied and that objectives are being achieved. Tests may be appropriate under the following broad headings.
• Carry out sequence test checks on invoices, credit notes, dispatch notes and orders. Ensure that all items are included and that there are no omissions or duplications.
• Check the existence of evidence for authorization in respect of:
o acceptance of the order (the creditworthiness check)
o dispatch of goods
o raising of the invoice or credit note
o pricing and discounts
o Write off debtors as bad debts. Check both that the relevant signature exists and that the control has been applied.
• Seek evidence of checking of the arithmetical accuracy of:
o invoices, including pricing, and VAT and sales tax calculations
o credit notes, This is often done by means of a 'grid stamp' containing several signatures on the face of the document. Ensure that the control has been applied by checking the accuracy of such invoices and credit notes.
• Check dispatch notes and goods returned notes to ensure that they are matched with invoices and credit notes.
• Check that control account reconciliations have been performed and reviewed. In all cases, tests should be performed on a sample basis.
TESTING THE PURCHASES SYSTEM
Control Objectives
_____________________________________________________________
Purchases are often made on credit and so the purchases cycle includes payables. You also need to bear in mind that 'purchases' has a wide meaning in terms of the purchases cycle as purchases will include not only inventory items but also all types of expense and the purchase of non current assets.
The control objectives are as follows. To ensure that:
• Purchased goods/services are ordered under proper authority and using proper procedures
• Purchased goods/services are only ordered as necessary for the proper conduct of the business operations and are ordered from suitable, approved suppliers
• Goods/services received are inspected for quality, quantity and description
• Invoices and related documentation are properly checked and approved as being valid before being entered as trade creditors
• All valid transactions relating to payables (suppliers' invoices, credit notes and adjustments), and only those transactions, should be accurately recorded in the accounting records.
Control Procedures over Purchases and Payables
_____________________________________________________________
As with the sales system, there are a large number of controls that may be required in the purchases cycle due to the importance of this area in any business and once again, the following list is classified by type of
control.
(a) Orders
_________________________
• Requisition notes for purchases should be authorized.
• All orders should be authorized by a responsible official whose authority limits should be pre-defined.
• Major items e.g. capital expenditure, should be authorized at an appropriate level, possibly by the Board of Directors
• All orders should be recorded on official documents showing suppliers' names, quantities ordered and price.
• Copies of orders should be retained as a method of following up late deliveries by suppliers.
• Re-order levels and quantities should be pre-set and preferably recorded in advance on the requisition note.
(b) Receipt of goods
_____________________________________
• Goods inwards areas should be identified to deal with the receipt of all goods.
• All goods should be checked for quantity, quality and description. Goods received notes should be raised for all goods accepted. The GRN should be signed by a responsible official
• (iii) GRNs should be checked against purchase orders and procedures should exist to notify the supplier of under or over-deliveries. GRNs should be sequentially numbered and checked periodically for completeness.
(c) Invoicing and returns
_________________________________
• Purchase invoices received should be stamped with an approval grid and given a unique serial number to ensure purchase invoices do not go astray.
• Purchase invoices should be matched with goods received notes and company orders and should not be processed until this is done.
• The invoice should be checked against the order and the GRN, and casts and extensions should also be checked.
• The invoices should be signed as approved for payment by a responsible official independent of the ordering and receipt of goods functions.
• Invoice sequential numbers should be checked against purchase day book details.
• Input VAT should be recorded separately from the expense element of the invoice total.
• Invoices should be properly allocated to the nominal ledger accounts, perhaps by allocating expenditure codes. A portion of such coding should be checked independently.
• Batch controls should be maintained over the posting of invoices to the purchases day book, nominal ledger and purchase ledger.
• A record of goods returned should be kept and checked to the credit notes received
from suppliers.
(d) Purchase ledger and suppliers
____________________________________________________________
• A payables ledger control account should be maintained and regularly checked against balances in the purchase ledger by an independent official.
• Payables ledger records should be kept by persons independent of the receiving of
goods, invoice authorization and payment routines.
• Statements from suppliers should be checked against the ledger account.
TESTS OF CONTROL
_____________________________________________________________
As already noted, tests of control should be drawn up so as to check that control procedures are being applied and to achieve control objectives. One suggested way to design tests of control for a particular situation is to list the documents in a transaction cycle and generate appropriate tests of control for each document. We shall illustrate this approach here in connection with the purchases cycle (Note that a similar technique could be applied to other transaction cycles!)
TESTING THE PURCHASES SYSTEM
_____________________________________________________________
Purchase br>Order
Purchase Invoice
Credit Note Payables
ledger Payables
Ledger control
Goods Received
Note
Goods
Returned
Note
Test for:
1. Serial numbering
2. Evidence of sequence check
3. Evidence of matching purchase invoices with goods received notes and purchase orders.
4. Evidence of checking casts, extensions and tax treatment
5. Evidence of account coding.
6. Initialing of invoice grid for work done.
7. Approval of purchase invoice for further processing.
Test for evidence of matching credit notes to goods returned notes
Test for evidence of authorization of adjustments to payables ledge
Text for:
(i) Evidence of review of reconciliation of purchase ledger listing.
(ii) Evidence of authorization of adjustments to purchase ledger control account.
Test for evidence of a sequence check
Test for evidence of a sequence check.
Test for:
(i) Evidence of a sequence check.
(ii) Evidence of approval.
(iii) Adherence to authority limits
CONTROL OBJECTIVES
_____________________________________________________________
The control objectives in respect of a wages and salaries system are as follows:
• Payment of wages and salaries should be made only in respect of the client's authorized employees.
• Payment should be made at authorized rates of pay.
• Wages and salaries payments should be in accordance with records of work performed, e.g. time, output, commissions on sales.
• Payroll and payroll deductions (tax and social security) should be calculated accurately.
• Payment should be made to the co
TESTING THE PAYROLL SYSTEM
Control Objectives
_____________________________________________________________
The control objectives in respect of a wages and salaries system are as follows:
• Payment of wages and salaries should be made only in respect of the client's authorized employees.
• Payment should be made at authorized rates of pay.
• Wages and salaries payments should be in accordance with records of work performed, e.g. time, output, commissions on sales.
• Payroll and payroll deductions (tax and social security) should be calculated accurately.
• Payment should be made to the correct employees.
• Liabilities to the tax authorities for tax and social security should be properly recorded.
CONTROL PROCEDURES - WAGES AND SALARIES
a) Approval and control of documents
_____________________________________________________________
• There should be written authorization to employ or dismiss any employee.
• Changes in rates of pay should be authorized in writing by an official outside the wages department.
• Overtime worked should be authorized in advance by a manager/supervisor,
• An independent official should review the payroll and sign it.
• The wages cheque should be signed by two signatories and agreed with the signed payroll.
• Where weekly pay relates to hours at work, clock cards should be used. There should be supervision of the cards and the timing devices, particularly when employees are clocking-on or
off.
• Where a piece work system operates, payment should only be made for work of an appropriate quality which has been inspected and approved.
• Personnel records should be kept independently of the payroll department for each employee giving details of engagement, retirement, dismissal or resignation, rates of pay, holidays etc, with a specimen signature of the employee.
• A wages supervisor should be appointed who could perform some of the authorization duties
listed above.
b) Arithmetical accuracy
_____________________________________
• Where appropriate, payroll should be prepared from clock cards, job cards etc, and a sample checked for accuracy against current 'rates of pay.
• Payroll details should be checked for '.he accurate calculation of deductions e.g. tax, social
security, pensions, trade union subscriptions etc
(c) Control accounts
_____________________________
• Control accounts should be maintained in respect of each of the deductions showing amounts paid periodically to the inland Revenue, trade unions etc.
• Overall analytical checks should be carried out to highlight major discrepancies e.g. check
against budgets, changes in amounts paid over a period of time, check against personnel records.
• Management should exercise overall review and control.
d) Access to assets and records
_________________________________________________
Ideally, payment should be made by cheque or by direct transfer into the employees’ bank account. If payment is made in cash, the following procedures should be in place:
• Employees should sign for their wages.
• No employee should be allowed to take the wages of another employee.
• When wages are claimed late, the employee should sign for the wage packet and the release of the packet should be authorized.
• The system should preferably allow the wages to be checked by the employee before the packet is opened, by using specially designed wage packets.
• The wages department should preferably be a separate department with their personnel not involved with receipts or payments functions.
• The duties of the wages staff should preferably be rotated during the year, and ensure that no employee is responsible for all the functions in respect of any particular department.
• The employee making up the pay packets should not be the employee who prepares the
payroll.
• A surprise attendance at the pay-out should be made periodically by an independent official.
• Unclaimed wages should be recorded in a register and held by someone outside the wages department until claimed or until a predefined period after which the money should be rebanked.
An official should investigate the reason for unclaimed wages as soon as possible.
Tests of Controls - Wages and Salaries
_____________________________________________________________
A suggested program of tests of control is set out below. This can, of course, be modified to suit the particular circumstances of the client.
• Test sample of time sheets, clock cards or other records, for approval by responsible official. Pay particular attention to the approval of overtime where relevant.
• Test authority for payment of casual labor, particularly if in cash.
• Observe wages distribution for adherence to procedures ensuring employees sign for wages, that unclaimed wages are re-banked etc.
• Test authorization for payroll amendments by reference to personnel records.
• Test control over payroll amendments.
• Examine evidence of checking of payroll calculations (e.g. a signature of the financial controller).
• Examine evidence of approval of payrolls by a responsible official.
• Examine evidence of independent checks of payrolls (e.g. by internal audit).
• Inspect payroll reconciliations.
• Examine explanations for payroll expense variances.
• Test authorities for payroll deductions.
• Test controls over unclaimed wages. rrect employees.
• Liabilities to the tax authorities for tax and social security should be properly recorded.
TESTING THE CASH SYSTEM
Control Objectives
_____________________________________________________________
The control of cash is clearly of prime importance in any business. Cash is the asset which is most likely to disappear.
The central objectives are that:
• all sums due to the company are received and subsequently accounted for
• no payments are made which should not be made
• all receipts and payments are promptly and accurately recorded.
Beyond this, it is better to consider detailed controls for each area of the business dealing with cash. In reality there is not one 'cash system' in the same way as there is a sales cycle for example; there are a number of systems which have their own considerations as to control due to the specific circumstances of that part of the business.
You should appreciate that the cash system also refers to cheque receipts and payments. Businesses should try as much as possible to conduct all their cash transactions by means of cheques or other forms of bank
transfers as controls over cheque transactions are easier to establish and maintain than controls over cash, in the form of notes and coins.
Controls are set out below for various aspects of the cash receipts and payments system.
CONTROL PROCEDURES
_____________________________________________________________
(a) Controls over cash receipts by post
(b) Controls over cash collected by salesmen and representatives
(c) Controls over cash sales
(d) Controls over banking of receipts
(e) Controls over cheque payments
(f) Bank reconciliations
(g) Controls over petty cash
Controls over Cash Receipts by post:
____________________________________
• The company should safeguard against possible interceptions between the receipt and opening of the post e.g. by using a locked mail box and restricting access to the keys.
• The opening of the post should be supervised by a responsible official and where the volume of mail is significant; at least two persons should be present when the mail is opened.
• All cheques and postal orders should be restrictively crossed 'Account payee only, not negotiable' as soon as the mail is opened. This may already appear on the documents when they are received; if not, it should be added.
• A record should be made immediately of:
o Cheques and postal orders received
o Cash received. This record may be in the form of a rough cash book, adding machine list or copies of remittance advices. It provides control over the eventual sums banked and entered into the cash book.
• The cashier and sales ledger personnel should not have access to the receipts before this record is made.
• Receipts should be kept in a locked safe or other security area and banked immediately.
• Post should be date stamped. It provides evidence of when remittances are received and can periodically be checked against the date of banking. This helps to prevent cash received one day being banked as representing different receipts on a later day (a process known as 'teeming and lading').
Controls over cash collected by salesmen and representatives:
_____________________________________________________________
• Authority to collect cash should be clearly defined.
• Salesmen and others should be required to remit cash and report sales at regular intervals.
• A responsible official should quickly follow up salesmen who do not submit returns as required.
• Collections should be recorded when received e.g. in a rough cash book or copies of receipts which should be given to the salesmen or travelers.
• The collector's cash receipts should be reconciled to the eventual banking which should be made as promptly as possible.
• Periodically a responsible official should check the salesmen's own receipt books with cash book entries.
• If salesmen hold inventories of goods, an independent reconciliation of inventory with sales and cash received should be made.
Controls over Cash Sales:
_____________________________________________________________
• Cash sales should be recorded at the point the sale is made. Usually this is by means of a Cash Till or the use of cash sale invoices or receipts.
• If cash sale invoices or receipts are used they should be pre-numbered, a register should be maintained of cash sale books and copies should be retained.
• Cash received should be reconciled daily with either the till roll or the invoice totals. Cash should be banked promptly
• This reconciliation should be carried out by someone independent of those receiving the cash and recording the sale.
• Daily banking should be checked against the till roll or invoice total and differences investigated.
• A responsible official should sign cancelled cash sale invoices at the time of cancellation. All such invoices should be checked periodically for sequential numbering.
TESTING THE CASH SYSTEM
Controls over Banking of Receipts:
_____________________________________________________________
• Receipts should be banked daily. The receipts should be banked intact
o - for example no cash payments
should be made out of cash receipts. Banking intact allows control below to operate.
• Each day's receipts should be recorded promptly in the cash book.
• Sales ledger personnel should have no access to the cash or the preparation of the paying-in slip.
• Periodically a comparison should be made between the split of cash and cheques:
o Received (and recorded in rough cash book)
o Banked (and recorded on paying-in slip).
Controls over Cheque Payments:
_____________________________________________________________
• Unused cheques should be held in a secure place.
• The person who prepares cheques should have no responsibility over purchase ledger or sales ledger.
• Cheques should be signed only when evidence of a properly approved transaction is available. Such evidence may take the form of invoices, payroll, petty cash book etc.
• This control should be evidenced by signing the supporting documentation.
• In a large concern those approving the original document should be independent of those signing cheques.
• Cheque signatories should be restricted to the minimum practical number in order to make the operation of controls as practical as possible.
• Two signatories at least should be required except perhaps for cheques of small amounts.
• The signing of blank cheques and cheques in favour of the signatory should be prohibited.
• Cheques should be crossed 'A/c Payee only', if this is not pre-printed on the cheque before being signed.
• Supporting documents should be cancelled as paid to prevent their use to support further cheque payments. This cancellation could be done by the cashier before the cheque is signed (provided the cancellation identifies the cheque number) or by the cheque signatory at the time of signing the cheque.
• Cheques should preferably be dispatched immediately. If not, they should be held in a safe place.
• Returned cheques may be obtained from the bank and a sample checked against cash book entries and supporting documentation.
Bank reconciliations
_________________________________
• Bank reconciliations should be prepared on a regular basis, at least monthly.
• The person responsible for preparation should be independent of the receipts and payments function or, alternatively, an independent person should check there conciliation.
• If the reconciliation is prepared by an independent person he/she should obtain bank statements directly from the bank and hold them until the reconciliation is completed.
• The preparation should preferably include a check of at least a sample of receipts and payments against
items on the bank statement.
Controls over Petty Cash
____________________________________________________
• The level of and location of cash floats should be laid down formally.
• There should be restricted access to the floats.
• Cash should be securely held e.g. in a locked drawer or a safe, with restricted access to keys.
• All expenditure should require a voucher signed by a responsible official, not the petty cashier.
• The imprest system should be used to reimburse the float i.e. at any time the total cash and value of authorized vouchers not reimbursed equals a set amount, for example Rs.1,000.
• Vouchers should be produced before the cheque to top up the cash float is signed.
• Vouchers should be cancelled once reimbursement has taken place.
• A minimum amount should be placed on a petty cash payment to discourage normal purchase procedures being by-passed.
• A petty cash book should be maintained by the petty cashier. Entries should be made promptly.
• Periodically the petty cash float should be reconciled to the balance in the petty cash book by an independent person.
• Rules should exist preferably preventing the issue of IOU’s or the cashing of cheques for employees
TESTS OF CONTROL
________________________________________________________
Cash Receipts
• Attend mail opening and ensure procedures are adhered to.
• Test independent check of cash receipts to bank lodgments.
• Test for evidence of a sequence check on any pre-numbered receipts for cash.
• Test authorization of cash receipts.
• Test for evidence of arithmetical check on cash received records.
Cash Payments
____________________________
• Inspect current cheque books for:
o Sequential use of cheques
o Controlled custody of unused cheques
o Any signatures or blank cheques.
• Test (to avoid double payment) to ensure that paid invoices are marked 'paid'.
• Test for evidence of arithmetical check on cash payments records, including cashbook.
• Examine evidence of authority for current standing orders and direct debits.
Bank Reconciliations
________________________
• Examine evidence of regular bank reconciliations (usually one per month).
• Examine evidence of independent check of bank reconciliations (e.g. a signature).
• Examine evidence of follow-up of outstanding items on bank reconciliations. Pay particular attention to old outstanding reconciling items that should be written back such as old, un-presented cheques.
Petty Cash
________________________
• Test petty cash vouchers for approval.
• Test cancellation of paid petty cash vouchers.
• Test for evidence of arithmetical check on petty cash records.
• Examine evidence of independent check of petty cash balance.
TESTING OTHER SYSTEMS
_____________________________________________________________
The type and range of other systems that the auditor may encounter will depend upon the nature of the business but, as a general rule, most other systems you may encounter will be concerned with the safe custody
of an asset of the business.
Thus there will be a system for inventory in a manufacturing company and a system for non current assets in
many businesses. Some businesses may have significant investments and thus will have a system to maintain control of this type of asset.
In this section, we will consider control systems: for inventory and non current assets.
Inventory
_____________________
You will be aware that there is a close link between inventory on the one hand and sales and purchases on the other hand. In the light of this, you will not be surprised that many of the points in this section have already
been dealt with in covering sales and purchases above - they are repeated here briefly to give you the overall picture.
CONTROL OBJECTIVES
____________________________
Although inventory records may vary considerably from client to client, the controls are the same in all cases, namely:
• Authorization and purchase procedures
• Control over goods inwards
• inventory records supported by physical inventory counts
• Control over dispatches and goods outwards
• Adequate steps should be taken to identify all inventory for which provisions may be required on the grounds that their net realizable value is below cost
• Inventory levels should be controlled so that materials are available when required but that inventory is not unnecessarily large
Control Procedures over Inventory
_____________________________________________________________
• Approval and Control of Documents
o Issues from inventories should be made only on properly authorized requisitions.
o Reviews of damaged, obsolete and slow moving inventor/ should be carried out. Any write-offs
should be authorized.
• Arithmetical Accuracy
o All receipts and issues should be recorded on inventory cards, cross-referenced to the appropriate
GRN or requisition document.
o The costing department should allocate direct and overhead costs to the value of work-inprogress
according to the stage of completion reached.
o To do this standard costs are normally used. Such standards must be regularly reviewed to ensure
that they relate to actual costs being incurred.
d) If the value of work-in-progress is directly comparable with the number of units produced,
checks should periodically be made of actual units against work-in-progress records.
• Control Accounts
o Total inventory records may be maintained and integrated with the main accounting system; if so
they should be reconciled to detailed inventory records and discrepancies investigated.
• Comparison of Assets to Records
o Inventory levels should be periodically checked against the records by a person independent of the stores personnel, and material differences investigated.
o Where perpetual inventory records are not kept adequately a full inventory count should be held at least once a year.
o Maximum and minimum inventory levels should be pre-determined and regularly reviewed for adequacy.
o Re-order quantities should be pre-determined and regularly reviewed for adequacy.
• Access to Assets and Records
o Separate centers should be identified at which goods are held.
o Deliveries of goods from suppliers should pass through a goods inwards section to the stores. All goods should pass through stores and hence be recorded and checked as received.
o Inventories should be held in their locations so that they are safe from damage or theft.
o All inventory lines should be identified and held together e.g. in bins which are marked with all
relevant information as to size, grade, origin, title for identification.
o Access to the stores should be restricted.
Tests of Controls
______________________________
• Observe physical security of inventories and environment in which they are held.
• Test procedures for recording of inventory movements in and out of inventory.
• Test authorization for adjustments to inventory records.
• Test authorization for write-off or scrapping of inventories.
• Test controls over recording of inventory movements belonging to third parties.
• Test procedures for authorization for inventory movements i.e. the use made of authorized goods received and dispatch notes.
• Inspect reconciliations of inventory counts to inventory records (this gives overall comfort on the adequacy of controls over the recording of inventory).
• Check sequences of dispatch and goods received notes for completeness.
• Assess adequacy of inventory counting procedures and attend count to ensure they are carried out.
TESTING THE NON-CURRENT ASSETS
Control objectives
_____________________________________________________________
The control objectives are to ensure that:
• Non current assets are correctly recorded, adequately secured and properly maintained
• Acquisitions and disposals of non current assets are properly authorized
• Acquisitions and disposals of non current assets are for the most favorable price possible
• Non current assets are properly recorded, appropriately depreciated, and written down where necessary.
Control Procedures over Non Current Assets:
_____________________________________________________________
• Annual capital expenditure budgets should be prepared by someone directly responsible to the board of
directors.
• Such budgets should, if acceptable, be agreed by the board and put in the minutes.
• Applications for authority to incur capital expenditure should be submitted to the board for approval and should contain reasons for the expenditure, estimated cost, and any non current assets replaced.
• A document should show what is to be acquired and be signed as authorized by the board or an authorized official.
• Non current assets manufactured or constructed by the company itself should be separately identifiable in the company's costing records and should reflect direct costs plus relevant overhead but not include any profit. This might apply where, for example, a building company constructs its own office block.
• Disposal of non current assets should be authorized and any proceeds from sale should be related to the authority.
• A register of non current assets should be maintained for each major group of assets. The register should identify each item within that group and contain details of cost and depreciation.
• A physical inspection of non current assets should be carried out periodically and checked to the non current asset register. Any discrepancies should be noted and investigated.
• Assets should be properly maintained and adequately insured.
• Depreciation rates should be authorized and a written statement of policy produced.
• Depreciation should be reviewed annually to assess the need for changes in the light of profits or losses on disposal, new technology etc.
• The calculation of depreciation should be checked for accuracy.
• Non current assets should be reviewed for the need for any write-down.
TESTS OF CONTROLS
_____________________________________________________________
• Check authorization of purchase to board minutes, capital expenditure budgets and capital expenditure form.
• Check authorization for disposals of significant assets.
• Confirm existence of non current asset register which adequately identifies assets and comments on their current condition. Ensure register reconciles to nominal ledger.
• Test evidence of reconciliation of register to physical checks of existence and condition of assets.
• Check authorization of depreciation rates, and particularly changes in rates.
• Examine evidence of checking of correct calculations of depreciation.
CONCLUSION
____________________________
The testing of controls is established whether they are working effectively. So, by this stage, the auditor will know whether a systems approach is to be used - focusing on the accounting systems supplemented by a reduced amount of substantive testing, or a verification approach with full subs
Chapter
Verification Approach of Audit
& Audit Sampling
VERIFICATION APPROACH OF AUDIT
_____________________________________________________________
We are now moving on to deal with the substantive testing, or verification aspect of the audit. In the past lectures we have been learning the early steps in the time structure of an audit:
• Accepting the appointment
• Planning, recording, controlling the audit
• Evaluation internal controls
• Testing the controls
By this stage, the auditor will have made a decision on the general approach to be taken to the audit work. If the controls systems are effective and operating as laid down, the amount of verification work will be reduced.
If the controls are weak or are not operating effectively, a high level of verification work will be performed. It
is this verification work that we are dealing with in this and the next few lectures. To verify means to establish the truth of something. This audit work involves the audit in gathering evidence this will lead to a conclusion as to whether classes of transactions, balances and disclosures reflected in the client’s financial statements are properly stated (true and fair).
We have already discussed in detail the general audit verification principles; here we will have a brief over view of those.
Audit Verification Techniques:
________________________________________________
As we have already discussed in the previous lectures that at the verification stage of the audit, the auditor is typically presented with a set of draft financial statements prepared by the client.
The role of the auditor is to generate evidence to allow a conclusion to be reached as to whether the information contained in these financial statements, and the way the information is presented and disclosed, give a true and fair view.
We already know that audit evidences are generated by the auditor performing audit tests. Here, in verification work, the auditor will use substantive testing procedures, designed to give evidence relating to the figures in the financial statements, rather than control test, dealing with the systems that produced those figures.
However, the testing procedures available to the auditor here are the same as those we saw earlier. As a reminder, audit-testing procedures available to the auditor are:
1. Inspection
_______________________
This covers the physical review or examination of records, documents and tangible assets. An example in substantive testing is examining purchase invoices to ensure that they have been properly recorded and
analyzed in the financial statements.
2. Observation
____________________
This procedure is mainly applicable to tests of control, but may also be used in substantive testing, such as the auditor observing the client's inventory count to gain evidence that the inventory figure in the financial statements had been arrived at accurately.
3. Enquiry
_________________________
An example in substantive testing is asking management for an explanation as to why a receivable has, or has not, been treated as bad.
4. Computation
_______________________
Checking the arithmetical accuracy of records or performing independent calculations, for example computing or re-computing the depreciation expense for the year.
5. Analytical procedures
______________________________________
You should note that these procedures are mainly used in substantive testing rather than as a test of controls. They may help the auditor to understand relationships between figures in the financial statements. This is sometimes referred to as the business approach to auditing.
Choice of Verification Techniques
____________________________________________________________
There are no specific rules that exist as to the type(s) of techniques that the auditor should use in a given set of
circumstances. This is principally a matter of audit judgment and the nature of the audit objective(s). The auditor has to look at each individual item in its own right, identify the audit objective(s) for that particular item and then decide the most reliable audit evidence available. The circumstances and evidence available will affect the type of technique(s) he uses.
Audit Objectives and Financial Statement Assertions
____________________________________________________________
As just stated the type(s) of technique(s) used depend on the audit objectives that the auditor is seeking to achieve. The general objective to be achieved by audit verification work is to establish whether the financial statements present a true and fair view.
We can identify a number of more detailed objectives which underlie this overall objective. These more detailed objectives allow the auditor to design a series of substantive test on each audit area (inventory,
receivables, etc) which will build up the overall bank of evidence necessary to support the overall audit opinion.
In carrying out substantive audit tests (verification work) the auditor will be looking for evidence on different assertions at the financial statements level.
Assertions in obtaining Audit Evidence:
____________________________________________________________
• Assertions about classes of transactions and events for the period under audit;
o Occurrence – transactions and events that have been recorded have occurred and pertain to the entity;
o Completeness – all transactions and events that should have been recorded have been
recorded;
o Accuracy – amounts and other data relating to recorded transactions and events have been recorded appropriately.
o Cutoff – transactions and events have been recorded in the proper period.
o Classification – transactions and events have been recorded in the proper accounts.
• Assertions about account balances at the period end.
o Existence – assets, liabilities, and equity interests exist;
o Rights and obligations – the entity holds or controls the rights to assets, and liabilities are
the obligations of the entity;
o Completeness – all assets, liabilities and equity interests that should have been recorded
have been recorded;
o Valuation and allocation – assets, liabilities, and equity interests are included in the financial
statements at appropriate amounts and any resulting valuation or allocation adjustments are
appropriately recorded.
• Assertions about Presentation and Disclosure:
o Occurrence and rights and obligations – disclosed events, transactions and other matters
have occurred and pertain to the entity.
o Completeness – all disclosures that should have been included in the financial statements
have been included;
o Classification and understandability – financial information is appropriately presented
and described, and disclosures are clearly expressed;
o Accuracy and valuation – financial and other information are disclosed fairly and at
appropriate amounts.
This concept takes the view that draft accounts presented by the client to the auditor are making a number of promises, or assertions. The role of substantive testing is to verify these assertions. The assertions made by the financial statements and the related objectives of the substantive testing objectives set out above can be shown as follows:
ASSERTION TESTING OBJECTIVE
____________________________________
Assets shown include all rights under the control of the enterprise
Completeness Transactions arising during the period are reflected in the period's financial statements Occurrence The amounts at which assets and liabilities are stated is correct Valuation
Assets and liabilities included on the balance sheet actually exist Existence Assets and liabilities are shown in the financial statements such that the user would have a clear understanding of the client's
financial situation Presentation and disclosure
Review of Financial Statements
Content of Financial Statements
_____________________________________________
It is important that you are clear as to exactly what the financial statements consist of under modern accounting practice.
They comprise the following:
a) The primary statements
i) Balance sheet
ii) Income statement
iii) Statement of changes in equity
iv) Cash flow statement
v) The notes to the accounts
b) The directors' report
c) The auditor's report.
The main principles underlying the preparation and presentation of company financial statements are now set out by the International Accounting Standards Board's document Framework for the Preparation and Presentation of Financial Statements.
The major points from this document are summarized below:
1 The elements of Financial Statements
________________________________________________
The starting point here is definitions of assets and liabilities. The other elements are then defined in terms of these.
• Assets are rights or other access to future economic benefits controlled by an entity as a result of past transactions or events.
• Liabilities are obligations of an entity to transfer economic benefits as a result of past transactions or
events.
• Owners' equity is arrived at by deducting liabilities from assets (capital = assets - liabilities).
• Gains and losses are determined in terms of increases and decreases in owners' equity.
2 Recognition in financial statements
______________________________________________________
Recognition essentially means the recording process. The principles here address such questions as when is it acceptable to recognize (record) an asset or liability and when should assets and liabilities be de-recognized (no longer recorded in financial statements). The main points to note are:
• Assets and liabilities should be recognized when there is evidence of their existence and they can be reliably measured.
• They should be derecognized when the right (assets) or obligations (liabilities) no longer exist.
The Timing of Audit Procedures:
_______________________________________
Whereas tests of control can be (and usually are) performed by the auditor before the client's year end - at the so called interim audit stage -
Substantive Audit Procedures and verification work will be performed primarily at or very soon after the client's year end, as these procedures normally rely on the availability of draft financial statements.
Verification of the individual assets and liabilities by the auditor extends into the post balance sheet period (i.e. the period between the year end date and the date of approval of the financial statements). The auditors will use this to their advantage when seeking to verify amounts stated for contingent liabilities, and for post balance sheet events (These are explained in a later chapter).
SUBSTANTIVE PROCEDURES
______________________________________________________
Substantive procedures are performed in order to detect material misstatements at the assertion level (Like; occurrence, completeness, accuracy, valuation, existence, rights and control), and include tests of details of classes of transactions, account balances and disclosures and substantive analytical procedures.
Nature of Substantive Procedures
______________________________________________________
• Tests of details are ordinarily more appropriate to obtain audit evidence regarding certain assertions about account balances, including existence and valuation.
• Analytical procedures are applied on large volume of transactions, which are predictable over time. (Cost of goods sold, payroll, sale)
Timing of Substantive Procedures
Year end substantive procedures are always more reliable
______________________________________________________
In considering whether to perform substantive procedures at an interim date the auditor considers such factors as the following:
• The control environment and other relevant controls. (Like payroll disbursement)
• The availability of information at a later date that is necessary for the auditor’s procedures (Provision for doubtful debts can be investigated interim but debtor and inventory can be verified at the year end).
• The objective of the substantive procedure.
• The assessed risk of material misstatement (Prefer always at year end).
• The nature of the class of transactions or account balance and related assertions (Like frequency of occurrence of the transactions e.g. salaries are paid monthly whereas bonuses are paid annually).
• The ability of the auditor to perform appropriate substantive procedures or substantive procedures combined with tests of controls to cover the remaining period in order to reduce the risk that misstatements that exist at period end are not detected (Staffing problem that cannot make the auditor able to extend till the year end) If substantive procedures are performed at an interim date, the auditor may sometimes consider applying tests
of controls also on the transactions of remaining period while extending his substantive procedures from
interim date to the period end.
Extent of performance of substantive procedures
______________________________________________________
Greater the risk of material misstatement due to weaknesses in the system of internal control, the greater would be the risk of material misstatement in the financial statements.
In designing tests of details, the auditor may use either audit sampling or may choose to select items to be tested by some other selective means of testing.
VERIFICATION OF ASSETS
______________________________________________________
VOUCHING = Inspection of supporting documents and records.
VERIFICATION = Inspection, Observation, Enquiry, Computation, Analysis A large part of the final audit stage will be taken up with the verification of the assets and liabilities appearing in the balance sheet. There are well established techniques for verifying specific assets and liabilities.
Following few lectures will cover verification of assets, liabilities and equity.
Verification of Assets
_____________________________
Auditor has a duty to verify all the assets appearing on the balance sheet and also a duty to verify that there are no other assets which ought to appear on the balance sheet. Following aspects of assets must be verified:
1. Cost
2. Authorization
3. Value
4. Existence
5. Beneficial Ownership
6. Presentation in the accounts
These aspects can be remembered by the mnemonic CAVE BOP. While verifying assets at a balance sheet date, it is possible to divide the assets into two classes:
1. Those acquired during the year under review.
2. Those held at the date of the previous balance sheet.
For the assets acquired during the year it will be necessary to vouch their acquisition. For this purpose cost and authorization aspects are verified.
For the assets held at the beginning of the year, the acquisition would have been dealt within a previous year.
The other aspects like value, existence, beneficial ownership, and presentation in financial statements are verified in this regard. Of course, these need to be consistent with the previous years.
Verification Methods:
_____________________________
A. Make or request from client's staff a schedule of each asset. This schedule will show the following and suggest the associated verification procedures:
• Opening balance - Verify by reference to previous year's balance sheet and audit files,
• Acquisitions:
o Vouch the cost with documentary evidence e.g invoices.
o Vouch the authority for the acquisition with minutes or with authorized delegated
authority.
• Disposals -. Vouch the authority - minutes or company procedures.
o Examine documentation.
o Verify reasonableness of the proceeds.
o Pay special attention to scrapings.
o Note accounting treatment.
o Depreciation amortization and other write downs
o Vouch authorization of policy with minutes.
o Examine adequacy and appropriateness of policy.
o Investigate revaluations.
o Check calculations.
o The above should reconcile both as to physical quantity and value of the closing balance.
o The use of plant or other asset registers can be of great use to the auditor.
o Internal control procedures for the purchase, disposal, and maintenance of assets are very relevant.
B. Existence and Ownership:
______________________________________________________
These are treated together but note that existence does not imply ownership. For example, my television set exists and is in my house, but is in fact owned by the person from whom I rent it. Verification procedures include:
• Physical inspection. Auditors should not sit in offices but should get about seeing things. Of course, sitting in a client's office goes to confirm the existence of that office!
• Inspection of title deeds and certificates of ownership e.g., share certificates. This is a technique that confirms together existence and ownership. Problems arise if the deeds are held by third
parties (a certificate from the third party is needed) possibly as security for a loan.
• External verification. This applies primarily to 'chases in action' e.g., bank accounts, debtors, loans etc. A letter of acknowledgement is sought from the bank, debtor etc.
• Ancillary evidence. Examples are:
• Confirmation of the existence of property by examination of rate (local taxes) demands, repair bills and other outgoings.
• Ownership is not necessarily implied. Investment ownership and existence tend to be confirmed
by the receipt of dividends and interest.
C. Presentation and Value
______________________________________________________
• Appropriate accounting policies must be adopted, consistently applied, and adequately
disclosed.
• Accounting Standards must be followed.
• Materiality must be considered. For example, in a balance sheet of a large company it would be misleading to show an asset such as patents in a class by itself it its total value was negligible in
relation to other assets.
• The classification of assets can be difficult. Certain industrial structures can be considered as buildings or as plant with consequent major differences in depreciation, profit, and asset and equity values. A number of interesting examples have cropped up in tax cases. A dry dock including the cost of excavation has been held to be plant (Barclay Curie 1969), as has a swimming pool for use on a caravan site (Beach Station Caravans 1974). The auditor may take a contrary view to the tax courts and of course to the Board of the Company he is auditing.
• The choice of disclosure of an asset as a separate item or as part of a single figure representing a class of asset is important for a true and fair view. Also important is the choice of words used in the description. In some cases, assets could be classed as fixed or as current e.g. investments.
• The distinction between revenue and capital is important. Sometimes this is a matter of accounting policy e.g. research and development. Sometimes it is a matter of opinion; for example
repair expenditure is revenue but may include an element of improvement which is capital.
D. Other matters relevant to verification
______________________________________________________
• The letter of representationThis will be discussed in detail in the next lecture.
• Reasonableness and being 'put upon enquiry'. In all audit assignments, the auditor investigates thoroughly and seeks adequate assurances on the truth and fairness of all the items in the Accounts. However, he does not do so with a suspicious mind. He should not assume that there is something wrong, but if he comes across something which seems to him unlikely, unreasonable, suspicious he is said to be 'put upon enquiry'. In such circumstances he is required to probe the matter to the bottom to adequately assure him-self that there exists nothing untoward or to unearth the whole matter.
• Some assets are pledged or mortgaged as securities for loans. This may involve deposit of title deeds etc., with a lender, or in some cases the asset itself. This creates problems for the auditor
who must also see that the liability is properly described as secured.
• Taxation. Tax and capital allowance computations should be in accordance with asset accounts. Clearly the auditor will be put upon enquiry if claims for capital allowances are made for items of plant which do not appear in the plant register.
• Insurance. The auditor would be put upon enquiry if there were no correspondence between the assets in the balance sheet and the assets insured, and if there were differences between the
balance sheet figures and the insured values.
• Other than balance sheet date verification. Some assets can be verified at dates other than the balance sheet date. The techniques are discussed later but in sum (money value) they are:
o Verify at an earlier date and reconcile with acquisitions and disposals to balance sheet date.
o Verify at an earlier date and then parcel them up and seal the parcels. At balance sheet date examine acquisitions, vouch proceeds of disposals, and see all other items are still sealed.
o Third parties. Auditors must take special care to satisfy them-selves that all assets held by third
parties are included in the balance sheet and verified. Likewise, no assets owned by third parties
may be included in the balance sheet.
LETTER OF REPRESENTATION VERIFICATION OF LIABILITIES
_____________________________________________________________
Letter of Representation
It is now normal audit practice for the auditor to obtain a letter from the management addressed to the auditor confirming any representations given by the management to the auditor. This letter is known as the
management letter or the letter of representation. Representations in this context can be defined as a statement made to convey an opinion.
Reasons why the letter of representation is obtained
______________________________________________________
Auditors are required to carry out procedures designed to obtain sufficient appropriate audit evidence to determine with reasonable confidence whether the financial statements are free of material misstatement. Representations from management are a source of evidence.
Management representations as Audit Evidence
______________________________________________________
In the course of an audit, numerous questions are asked of the client's management and staff. Replies are usually verbal. Most of the queries are:
• Not material to the financial statements. Examples are queries re missing documents or errors in bookkeeping, or
• Capable of being corroborated by other evidence. For example, provisions in respect of litigation can be confirmed by the client's solicitors or the life of plant can be confirmed by examining technical literature.
However, in some cases:
______________________________________________________
• Where knowledge of the facts is confined to management, for example, the management's intentions to close or keep open a material loss-making branch. This would have an affect on the value of the assets at the branch.
• Where the matter is principally one of judgment and opinion, for example, the readability of old stock. Then:
o The auditor should ensure that there is no conflicting evidence;
o The auditor may be unable to obtain corroborating evidence;
o The auditor should obtain written confirmation of anyrepresentations made; The auditor must decide for himself whether the total of other evidence and management's written representations are sufficient for him to form an unqualified opinion.
Procedures
________________________
The following procedures should be adopted:
• The auditor should summarize in his working papers all matters that are material and also subject to
uncorroborated oral representations by management,
• In addition these matters should be either.
o Formally minuted as approved by the Board of Directors at a meeting ideally attended by the
auditor;
o Included in the signed letter of representation.
• Standard letters should not be used as:
o Each audit is different;
o The letter is important and should receive very careful attention;
o The management should participate in its production. There should be much drafting, review
and discussion.
• The letter should be:
o Signed at a high level – e.g. chief executive, financial director;
o Approved and minuted at a board meeting at which, ideally, the auditor would be present.
• The preparation of the letter should begin at an early stage, e.g. at the beginning of the final audit in order to avoid the possibility of the auditor being faced with a refusal to sign by the management. If there is a refusal by management to cooperate then the, auditor should:
o do all he can to persuade management to cooperate;
o prepare a statement setting out his understanding of the principal representations made, with a request that management confirm it;
o if management disagree with this statement, discuss and negotiate until a correct understanding has been reached;
o if management refuse altogether to cooperate, either on principle or because the are themselves uncertain about a particular matter, consider if he has obtained al the
information and explanations he requires and consequently may need to qualify his report on grounds of limitation of scope.
• The representation letter or board resolution making representations should be approved as late as possible in the audit, after the analytical review, but, as it is audit evidence, before the audit report is prepared. If there is a long delay between the approval of the representation and the audit report, the auditor may need to do the: audit work/or obtain a supplementary letter of representation. It is suggested to dating the letter on the day the financial statements are approved.
Contents
_______________
The contents of the letter of representation should not include routine matters, for example, that all fixed assets exist and are the property of the company or that stock is valued at the lower of cost and net realizable
value. The letter should include only matters which:
a. are material to the financial statements, and
b. the auditors cannot obtain independent corroborative evidence.
Example of a Letter of Representation
______________________________________________________
To ABC & Co.
Chartered Accountants
Gentlemen,
We confirm that to the best of our knowledge and belief, and, having made appropriate enquiries of other directors and officials of the company, the following representations given to you in connection with your audit of the company's financial statements for the year ending 31st December 20x7:
• We acknowledge as directors our responsibility for the financial statements, which you have prepared for the company. All the accounting records have been made available to you for the purpose of your audit and all the transactions undertaken by the company have been properly reflected and recorded in the accounting records. All other records and related information, including minutes of all management and shareholders' meetings, have been made available to you.
• The provision for warranty claims has been estimated at 2% of annual turnover as in previous years. This amount is in accordance with our opinion of the probable extent of warranty claims. We know of no events which would materially affect the amount of these claims
• As stated in Note 12 to the Accounts, there exists a contingent liability in respect of the company's guarantee of the bank overdraft of NBG Ltd, an associated company now in receivership. In our opinion the assets of NBG Ltd will realize sufficient to satisfy the bank and no actual liability will arise.
• It is the intention of the Board of Directors to continue production for at least the next three years so that valuation of the assets and liabilities of that plant should appropriately be on the going concern basis
Yours Sincerely,
Company Secretary
Signed on behalf of the Board of XYZ Co Ltd
14 March 20x8
Verification of Liabilities
_____________________________
A balance sheet will contain many liabilities grouped under various headings. The headings may include:
Non Current Liabilities
• Debenture
• Bank loans
Current Liabilities
• Trade creditors
• Accrued expenses
• Unearned incomes
• Taxation payable
• Provision for losses
The auditors’ duty is four-fold:
• To verify the existence of liabilities shown in the balance sheet
• To verify the correctness of the money amount of such liabilities
• To verify the appropriateness of the description given in the accounts and the adequacy of disclosure
• To verify that all existing liabilities are actually included in the accounts
Verification methods:
________________________
It is not possible to detail the procedures for verifying all possible liabilities. However, some general principles can be discerned, and these should be applied according to the particular set of circumstances met with in practice or in an examination. These are:
• Schedule. Request or make a schedule for each liability or class of liabilities. This should show the make up of the liability with the opening balance, if any, all changes, and the closing balance.
• Cut-off. Verify cut-off. For example a trade creditor should hot be included unless the goods were
acquired before the year end.
• Reasonableness. Consider the reasonableness of the liability. Are there circumstances which ought to
excite suspicion?
• Internal control. Determine, evaluate and test internal control procedures. This is particularly important
for trade creditors.
• Previous date clearance. Consider the liabilities at the previous accounting date. Have they all been cleared?
• Terms and conditions, this applies principally to loans. The auditor should determine that all terms and conditions agreed when accepting a loan have been complied with. In recent years many loan deeds have contained undertakings by the company borrowing the money that it will keep a minimum proportion of equity (ordinary share capital and reserves) in its total capital (equity and loans). Breach of this agreement which has occurred frequently in property companies can lead to the appointment
of a receiver.
• Authority. The authority for all liabilities should be sought. This will be found in the company minutes or directors' minutes and for some items the authority of the Memorandum and Articles may be needed.
• Description. The auditor must see that the description in the accounts of each liability is adequate.
• Documents. The auditor must examine all relevant documents. These will include invoices, correspondence, debenture deeds etc., according to the type of liability.
• Security. Some liabilities are secured in various ways, usually by fixed or floating charges. The auditor must enquire into these and ensure that they have been registered. The Companies Act requires, for secured liabilities, that an indication of the general nature of the security be given and also the aggregate amount of debts included under the item covered by the security.
• Vouching. The creation of each liability should be vouched, for example the receipt of a loan.
• Accounting policies. The auditor must satisfy himself that appropriated accounting policies have been adopted and applied consistently.
• Letter of representation. This has been discussed in detail.
• Interest and other ancillary evidence. The evidence of loans tends to be evidenced by interest payments and other activities which stem from the existence of the loan.
• Disclosure. All matters which need to be known to receive a true and fair view from the accounts must be disclosed. The Companies Acts provisions must be complied with
• External verification. With many liabilities it is possible to verify the liability directly with the creditor. This action will be taken with short term loan creditors, bank over drafts and, by a similar technique to that used with debtors, the trade creditors,
• Materiality. Materiality comes into all accounting and auditing decisions.
• Post-Balance sheet events. These are probably more important in this area than in any other. It is an independent topic with its details. To understand it the accounting knowledge of “Events occurring after the Balance Sheet Date - IAS 10” is must.
• Accounting Standards. Liabilities must be accounted for in accordance with the accounting standards.
• Risk. Assess the risk of misstatement. Students may well remember these mnemonically. For any given liability all of them will not be required, but mentally going through them should be an excellent guide to what needs to be done.
Inclusion of all liabilities
______________________________________________________
(There is no liability remained unrecorded)
It is not enough for the auditor to be satisfied that all the liabilities recorded in the books are correct and are incorporated in the Final Accounts. He must also be satisfied that no other liabilities exist which are not, for various reasons, in the books and the accounts. Examples of such unrecorded liabilities are:
• Claims by employees for injury. Note that these should be covered by insurance under the Employers Liability (Compulsory Insurance).
• Claims by ex employees for unfair dismissal.
• Contributions to superannuation schemes.
• Unfunded pension liabilities. A company may have a liability to pay past or present employees a pension in respect of past service and have no funds separated out for this purpose.
• Liability to 'top-up' pension schemes. When money has been put into separate trusts to pay pensions, inflation has often meant that the amount is insufficient and the company may have to implement Clauses in the scheme whereby they have to put in extra money which could run into millions of
pounds.
• Bonuses under profit sharing arrangements.
• Returnable packages and containers.
• Value added and other tax liabilities. The auditor's special knowledge of tax may lead him to suspect a liability of which the directors are blissfully ignorant.
• Claims under warranties and guarantees.
• Liabilities on debts which have been factored with recourse. To explain: A owes B Rs. 50. B sells (factors) the debt to C for Rs. 45. Thus B has no debt any more but Rs. 45 in the bank. A fails to pay
• C can claim Rs. 50 from B (he has recourse).
• Bills receivable discounted (a special case of j above).
• Pending law suits. It is important that the auditor appreciates that such liabilities can exist. He also has a positive obligation to
take reasonable steps to unearth them.
The actions
__________________
He would take would include:
• Enquiry of the directors and other officers.
• Obtain a letter of representation - see later in the chapter.
• Examination of post balance sheet events. This will include an inspection of the purchase invoices and the cash book after date.
• Examination of minutes where the existence of unrecorded liabilities may be mentioned.
• A review of the working papers and previous years' working papers
• An awareness of the possibilities at all times when conducting the audit
VERIFICATION OF EQUITY
______________________________________________________
Equity consists of share capital and reserves. This part of the balance sheet represents interest of the owners in net assets of the entity.
To verify the owners’ equity the auditor verifies following aspects:
• Share capital is properly classified and described in the accounts
• Movement in share capital is properly authorized and correctly presented
• Reserves are properly classified and presented
• Movements in reserves are properly authorized
Verification Methods
______________________________________________________
Share capital is properly classified and described in the accounts in accordance with the Companies Ordinance
1. Check disclosure using Company Accounts Checklist.
2. Agree authorized capital with memorandum of association.
3. Agree issued capital with form A, or obtain certificate from
registrar.
4. Obtain list of shareholders.
Movement in share capital is properly authorized and correctly shown and described in accordance with the Companies Ordinance.
1. Ensure shareholders’ pre-emption rights have been respected.
2. Check that directors were authorized to allot shares.
3. Ensure proper authorization for share redemption.
4. Check authority for share capital reductions.
5. Agree all movements to statement in lieu of prospectus,
board minutes, memorandum and articles of association.
6. Consider special rules for allotments of public company
shares.
7. Test allotments with supporting evidence and trace entries in
register.
8. Test payments with supporting evidence and trace entries in
register.
9. Check additions to allotment lists and cash records and agree
totals to recorded movements.
10. Ensure correct treatment of share premiums.
11. Vouch issue expenses.
Reserves are properly classified and described in the accounts in accordance with the Companies Ordinance.
1. Ensure disclosure complies with Companies Ordinance, 1984.
2. Ensure whether it is clear, which reserves are distributable.
Movements in reserves are properly authorized and currently shown and described in accordance with the Companies Ordinance.
1. Check movements to minutes of Board’s meeting.
2. Check movements do not contravene statutory restrictions and
articles of association.
3. Ensure disclosure of movements and related tax treatment.
VERIFICATION OF BANK BALANCES
______________________________________________________
Following points should be considered during verification of Bank Balances:
• Agree the balances with the bankbook, and/or general ledger and bank statement.
• In case of difference between bank book and bank statement obtain reconciliation for the bank accounts.
• Check that outstanding cheques have been cleared with the bank statement subsequent to the year-end. If cheques have not been cleared subsequently ask for any special reason why they have
not been cleared.
• Check that uncollected cheques have been realized, with the statement for subsequent period.
• Scrutinize the subsequent bank statement for dishonored cheques in order to detect worthless cheques deposited to conceal shortages.
• Investigate any significant reconciling items of an unusual nature.
• Investigate about outstanding stale cheques.
• Obtain direct bank confirmation.
Letter of confirmation from bank.
______________________________________________________
The purpose of this letter is to confirm the bank balances and other matters by the bank to the auditor directly.
The letter is written by the Auditors to bank requesting them to confirm the bank balances and allied matters directly to them. It contains the following information:-
Requesting bank to send following information directly to them:-
(a) Full title of account and balances thereon.
(b) Accounts closed during the period.
(c) Interest charged during the period.
(d) Details of security and charges.
(e) Details of investments or document held.
Standard Letter of Request for Bank Report
______________________________________________________
The Manager
(Bank Branch)
Date:
Dear Sir,
(CLIENT’S NAME)
STANDARD REQUEST FOR BANK REPORT FOR AUDIT PURPOSES
In accordance with your above named customer’s instructions given hereon, please send DIRECT to us at the above address, as auditors of your customer, the following information relating to their affairs at your branch as at the close of business on ………….. (Balance sheet date) and, in the case of items 2, 4 and 9, during the period since………….. (Opening date of the period) Please state against each items any factors which may limit the completeness of your reply; if there is nothing
to report, state ‘NONE’. It is understood that any replies given are in strict confidence, for the purposes of audit.
BANK ACCOUNTS
1. Full titles of all accounts together with the account numbers and
balances thereon, including NIL balances:
a) Where your customer’s name is the sole name in the title;
b) Where your customer’s name is joined with that of other
parties;
c) Where the account is in a trade name.
NOTES
_________________
Where the amount is subject to any restriction (e.g. a garnishee order or arrestment) or exchange control considerations (e.g. ‘blocked account’) this information should be stated.
2. Full titles and dates of closure of all accounts closed during the period.
3. The separate amounts accrued but not charged or credited as at the above date, of
a) Interest and
b) Provisional charges (including commitment fees)
4. The amount of interest charged during the period if not specified separately in the customer’s statement of account.
5. Particulars (i.e. date, type of document and accounts covered) of any written acknowledgment of setoff, either by specific letter of set-off, or incorporated in some other document or security.
6. Details of loans, overdrafts, cash credits and facilities, specifying agreed limits and in the case of term
loans, date for repayment or review.
7.
a) SECURITY: Please given:
• Details of any security formally charged to the bank, including the date and type of charge, (e.g. pledge, hypothecation etc.)
• Particulars of any undertaking to assign to the bank any assets. If a security is limited to any borrowing, or if there is a prior, equal or subordinate charge, please indicate.
b) Investments, bills of exchange, documents of title or other assets held but not charged.
CONTINGENT LIABILITIES
_________________________________________
8. All contingent liabilities, viz.:
• Total of bills discounted for your customer, with recourse;
• Details of any guarantees, bonds or indemnities given to you by the customer in favor of third parties;
• Details of any guarantees, bonds or indemnities given by you, on your customer’s behalf, stating where there is recourse to your customer and/or to its holding, parent or any other company within the group.
• Total of acceptances;
• Total of forward exchange contracts;
• Total of outstanding liabilities under documentary credits;
• Other - please give details.
9. A list of other banks, or branches of your bank, where you are aware that a relationship has been established during the period. Yours faithfully,
DISCLOSURE AUTHORISED
For and on behalf of (CUSTOMER’S NAME)
Signed in accordance with the terms and conditions for the conduct of the customer’s bank account.
Verification of Debtors Balances
______________________________________________________
Following points should be considered during verification of Debtors Balance:
• Obtain confirmation from debtors.
• Verify debts with reference to cash received since year-end.
• Check accuracy and completeness of debtors' listing.
• Check book-keeping in small sample of ledger accounts.
• Check postings and enquire into unusual entries in the control account.
• Verify nature, amount and classification of credit balance.
• Check transaction of foreign currency balances.
• Review post year-end credit notes.
• Enquire into debtor balances cleared by journal entries after the year-end
• Consider un-provided claims, enquire and review correspondence.
• Check credit note cut-off, if material.
• Consider adequacy and check bases and calculations of provisions for rebates
• Verify existence and title to bills receivable, trace proceeds.
• Consider whether results of work on cutoff affect debtors.
• Review audit work on income.
Confirmation from Debtors:
______________________________________________________
Through verification of debtor’s balances by direct communication the auditor obtains information regarding:
• Adequacy of the system of internal control over sales, debtors, and collections;
• Accuracy of accounting records in general and of cut-off procedures for balance sheet purposes in particular; and
• Irregularities such as teeming and lading, overdue balances & incorrect balances. The above information helps an auditor to form an opinion regarding:
o Reliability of debtors balances; and
o Quantum and nature of disputes existing between the company and its customer.
Methods of obtaining Debtors Confirmation
__________________________________________________
• Positive Method. Under positive method the company requests the debtor to confirm his
indebtedness to the company direct to the auditor and in case of disagreement he is also required to
state the balance as per his records and provide the auditor with full particulars of the difference.
• Negative Method. Under negative method the company requests the debtor to communicate with
the auditor only if he disagrees with the balance. If no communication is received within specified
time the auditor may assume that the balance is agreed.
Distinguish between Positive and Negative Confirmation
Positive Confirmation Negative Confirmation
______________________________________________________
• In positive confirmation company request, the debtor to confirm the balance direct to the auditor whether he agrees while or not. In negative confirmation company request, the debtor to confirm the balance to auditor only if he disagree with balance.
• In positive confirmation if no reply is received the auditors have to adopt other procedures to verify those balances. In negative confirmation if no reply is received the auditor may assume that the balance is agreed.
• Positive confirmation is preferred when the internal control system is not satisfactory. Negative confirmation is preferred when the internal control system is satisfactory or when confirming a large number of small balances.
• Confirming significant balances due from debtors under positive confirmation. Confirming a large number of small balances
under negative confirmation.
Other procedures if reply is not received to Positive Confirmation
____________________________________________________________
When no reply is received to a positive confirmation the auditor should carry out the following procedures:
• Check the outstanding balances as of balance sheet date have been subsequently received.
• If subsequently not received then examine sale order, dispatch note, invoices and relevant documents and correspondence with concerned debtors.
VERIFICATION OF STOCK-IN-TRADE AND STORE & SPARES
______________________________________________________
Stock-In-Trade
Following are the substantive procedures to be carried out in the verification of Stock in trade:
• Examine stock taking instructions issued by the client and assess their adequacy for a proper stock count.
• Observe counting of inventory at the selected location.
• Check that slow moving, damaged and obsolete inventories are segregated.
• Check final summary of stocks prepared from the stock count sheets.
• Check cut-off.
• Check calculation of rates to be applied for inventory valuation.
• Check valuation.
• Ensure that inventories are presented in accordance with the requirements of the law and IAS-2.
Stores and Spares
_________________________
Following are the substantive procedures to be carried out in the verification of Stores and Spares:
• Verification of Opening Balance from previous year's balance sheet and audit working papers file.
• Review and checking of Stores Record Keeping.
• Reconciliation of closing balance i.e. Opening balance + Purchases -Purchases Return - Cost of Sales (Consumption).
• Observation of physical counting done by the client.
• Checking the source documents for purchases, purchase return and consumption.
Verification of certain expenses items:
______________________________________________________
a. Director’s Fee
• Examine the Articles of Association of the company to ascertain mode of determining rates of fee.
• Examine the minutes of meeting to ensure that only the fee rates agreed are paid to the directors.
• Where fee is payable according to attendance at meetings, examine attendance to ensure that only attendance is paid.
• Ensure that proper receipt is obtained from the payees.
• Check that proper disclosure is made in the accounts as required by the Companies Ordinance 1984.
b. Interest on Long Term Loan (Foreign Currency)
______________________________________________________
• Obtain loan agreement and read its terms and conditions.
• Check interest rate mentioned in the agreement.
• Check calculation of interest according to specified rate.
• Check accrual of interest in case of non-payment.
• Check payment voucher with bank advice.
• Ensure that any gain or loss resulting from the translation has been properly accounted for.
• Ensure the following are properly disclosed:
o Amount of interest;
o Interest rate;
o Penal interest, if any; and
o Interest capitalized.
• See that whether any interest has been capitalized. If so examine that requirements of IAS-23 have been fully met and disclosure has been made accordingly.
c. Depreciation on Fixed Assets
______________________________________________________
• Check opening balances of the cost of assets and accumulated depreciation with the last year's audited accounts.
• Ensure that depreciation policy is appropriate and applied consistently i.e. there is no change in policy as compared to last year.
• Verify that the depreciation calculations for additions and disposals during the year are in accordance with the accounting policy.
• Analytical Review: Check that depreciation for the year is reasonable in relation to book value, stated policies
and previous years.
d. Staff Loans
______________________________________________________
• Examine the services rules and regulation of the company, note major particulars regarding staff loan.
• Examine and evaluate internal control. Authority in particular important.
• See application form for loan.
• Ensure loan is properly authorized, see Board resolution.
• Examine agreement with the staff and ensure terms are being adhered to.
• Obtain certificate direct from staff.
• If loan is secured, examine the security.
• See that adequate provision for amount of doubtful recovery is made in the accounts.
AUDIT SAMPLING
Meaning and objective:
_________________________________
Audit sampling means application of audit procedures to less than 100 % of items appearing in an account balance or class of transactions to enable the auditor to form conclusion concerning that population.
Why Sampling?
_________________________
Audit sampling enables an auditor to gather audit evidence through the use of tests of control or substantive procedures, on selected number of items and forming conclusion about the whole population. The reasons for this are:
• Economic: Audit becomes cost effective.
• Time: Complete check would take so long time.
• Practical: Users do not expect 100% accuracy. Materially is important in accounting as well as in auditing.
• Psychological: A complete check would be boring for the audit staff.
• Fruitfulness: A complete check would not add much to the worth of figures if few errors were discovered. The emphasis in auditing should be on the completeness of record and the true and fair view.
Exceptions to Sampling
_________________________________
In some cases a 100% check is still necessary. Some of these are:
• Categories which are few in number but of great importance e.g., land and buildings.
• Categories with special importance where materiality does not apply e.g., directors' emoluments and loans.
• Unusual, one-off, or exceptional items e.g., accidental loss.
• Any area where the auditor is put upon enquiry e.g., legal matters, law suits.
• High risk areas.
Approaches to Audit Sampling:
______________________________________________________
There are two approaches to sampling in auditing:
a. Judgmental sampling
b. Statistical sampling
We will deal with each in turn. Note that the objective in all sampling is to draw conclusions about a large group of data, e.g., all the credit sales made in a period, or all the withholding tax calculations or all the debtors, from an examination of a sample taken from the group.
Objectives of Audit Sampling:
______________________________________________________
Auditor is supposed to carry out procedures designed to obtain sufficient appropriate audit evidence in order to determine with reasonable assurance whether the financial statements are free of material misstatements.
Here the words “reasonable and material” make it clear that it is not necessary that auditors should state that the financial statements are absolutely 100% accurate. Sampling does not provide absolute proof
of 100% accuracy but it can provide reasonable assurance that some elements of the financial statement are free from material misstatement.
Audit sampling means; drawing conclusions about an entire set of data by testing a representative sample of items.
Population means; the set of data, which may be a set of account balances (e.g. debtors, creditors, fixed assets) or transactions (e.g. all wage payments, all advice notes). Sampling units means; the individual items making up the population.
Audit Materiality and Risk
______________________________________________________
Audit materiality (Tolerable error) An auditor is not required to have evidence that all items in a set of Accounts are 100% correct. His
duty is to give an opinion on the truth and fairness of the Financial Statements. Errors can exist in the. Accounts and yet the Accounts can still give a true and fair view.
The maximum error that any particular magnitude can contain without marring (damaging) the true and fair view is the tolerable error. Tolerable error is auditing materiality. In his audit planning, the auditor needs to determine the amount of tolerable error in any given
population and to carry out tests to provide evidence that the actual errors in the population are less than the tolerable error. For example, stock can be a large amount in a set of accounts. Stock is computed by counting and weighing, by multiplying quantity by price and by summing individual values. Errors can occur at any of these stages. Applied prices may be incorrect. The effect of incorrect prices may be to compute a stock figure that is above or below the correct stock figure by
an amount that is above the tolerable error.
Audit Risk
____________________
This term applies to the risk that the auditor will draw an invalid conclusion from his audit procedures. Audit risk has several components:
• Inherent risk: This is the risk attached to any particular population because of factors like:
o The type of industry - a new manufacturing hi-tech industry is more prone to errors of all sorts than a stable business like beverage.
o Previous experience indicates that significant errors have occurred.
o Some populations are always prone to error, e.g. stock calculations, work in progress.
• Control risk: This is the risk that internal controls will not detect and prevent material errors. If this risk is large the auditor may avoid compliance tests altogether and apply only substantive tests.
• Detection risk: This is the risk that the auditor's substantive procedures and analytical review will not detect material errors. The assurance that an auditor seeks from sampling procedures is related to the audit risk that he
perceives.
The sample sizes required will be related to materiality and to audit risk.
To sample or not?
______________________________________________________
The auditor, in considering a particular population, has to consider how to obtain assurance about it. Sampling may be the solution. Factors which may be taken into account in considering whether or not to sample include:
• Materiality: Petty cash expenditure may be so small that no conceivable error may affect the true and fair view of the accounts as a whole?
• The number of items in the population: If these are few (e.g. land and buildings), a 100% check may be economic.
• Reliability of other forms of evidence: Analytical review (e.g. wages relate closely to number of employees, budgets, previous years, etc.) Proof in total (GST calculations). If other evidence is very strong, then a detailed check of a population (100% or a sample) may be unnecessary.
• Cost and time considerations can be relevant in choosing between evidence seeking methods.
• A combination of evidence seeking methods is often the optimal solution.
Stages of Audit Sampling
______________________________________________________
• Planning the sample.
o Audit objectives. Why is this test being carried out? What contribution does it make to the overall assessment of true and fair view?
o The population. The population has to be defined precisely. This may be all sales rather than all sales invoices. (Can you see the difference?)
o The sampling unit. Note that in compliance testing it is the operation of the control on a transaction not the transaction which is the sampling unit.
o The definition of error in substantive tests. In stock calculations, an error of greater than Rs.100 only may constitute an error for this purpose.
o The definition of deviation in compliance tests. The deviation may be any failure to carry out a control procedure or it may be a partial failure.
o The assurance required. This is a function of the other sources of evidence available,
o The tolerable error or deviation rate. This is related to materiality.
o The expected error/deviation rate. This is a factor which is not intuitively expected by students. In fact, errors increase the impreciseness of conclusions drawn from sampling and larger sample sizes are required if there are many errors.
o Stratification. It may be desirable to stratify the population into sub-populations and sample them separately or in some cases, such as high value items, do a 100% check.
• b. Selection of the items to be tested.
• Testing the items.
• Evaluating the results. This should also be done in stages:
o Analyze the errors/deviations detected in relation to the planning definitions.
o Use the errors/deviations detected to estimate the total error in the population. This is called projection of the errors from the sample to the population.
o Assess the risk of an incorrect solution. This will be related to the amount of projection of error compared with the tolerable error and the availability of alternative evidence
Judgmental Sampling
______________________________________________________
This means selecting a sample of appropriate size on the basis of the auditor's judgment of what is desirable.
This approach has some advantages:
_________________________________________________
• The approach has been used for many years. It is well understood and refined by experience,
• The auditor can bring his judgment and expertise into play. Some auditors seem to have a sixth
sense.
• No special knowledge of statistics is required.
• No time is spent on playing with mathematics. All the audit time is spent on auditing.
There are some disadvantages:
____________________________________
• It is unscientific.
• It is wasteful - usually sample sizes are too large.
• No quantitative results are obtained.
• Personal bias in the selection of samples is unavoidable.
• There is no real logic to the selection of the sample or its size.
• The sample selection can be imbalanced to the auditors needs e.g. selection of items near the year end to help with cut-off evaluation.
• The conclusion reached on the evidence from samples is usually vague - a feeling of it seems OK or of vague worry.
Overall, judgmental sampling is still the preferred method by a majority of auditors. Partly this can be defended on the grounds that the auditor is weighing several strands of evidence (internal control, business background, conversations with employees, subjective feelings, past experience, etc.) and is usually investigating several things at once (e.g. more than one control evidenced on an invoice, proper books, internal control compliance and substantive testing of totals) so that the whole process is too complex to reduce to the simple formulations of the statistician. On the other hand, the statistician can reply that judgment sampling in the past worked well because very large samples were
always taken. Today, the small samples required by economic logic require careful measuring of the risks attached and this can only be done by the use of statistical techniques.
STATISTICAL SAMPLING
______________________________________________________
Drawing inferences about a large volume of data by an examination of a sample is a highly developed part of the discipline of statistics. It seems only common sense for the auditor to draw upon this body of knowledge in his own work. In practice, a high level of mathematical competence is required if valid conclusions are to be drawn from sample evidence. However most firms that use statistical sampling have drawn complex plans which can be operated by staff without statistical training.
These involve the use of tables, graphs or computer methods. The advantages of using statistical sampling are:
• It is scientific.
• It is defensible / justifiable.
• It provides precise mathematical statements about probabilities of being correct.
• It is efficient - overlarge sample sizes are not taken.
• It tends to cause uniform standards among different audit firms.
• It can be used by lower grade staff; that would be unable to apply the judgment needed by judgmental sampling.
There are some disadvantages:
____________________________________
• As a technique it is not always fully understood so that false conclusions may be drawn from the results.
• Time is spent playing with mathematics which might better be spent on auditing
• Audit judgment takes second place to precise mathematics.
• It is inflexible.
• Often several attributes of transactions or documents are tested at the same tir Statistics does not
easily incorporate this.
Characteristics of audit sample:
__________________________________________________
In auditing, a sample should be:
• Random - a random sample is one where each item of the population has an equal (or specified)
chance of being selected. Statistical inferences may not be valid unless the sample is random.
• Representative - the sample should be representative of the differing items in the whole population. For example, it should contain a similar proportion of high and low value items to the population (e.g. all the debtors).
• Protective - protective, that is, of the auditor. More intensive auditing should occur on high value
items known to be high risk.
• Unpredictable - client should not be able to know or guess which items will be examined.
Sample Selection Methods:
______________________________________________________
There are several methods available to an auditor for selecting items. These include:
• Haphazard -Simply choosing items subjectively but avoiding bias. Bias might come in by tendency to favor items in a particular location or in an accessible file or conversely in picking items because they appear unusual. This method is acceptable for non-statistical sampling but is insufficiently accurate for statistical sampling.
• Simple random - All items in the population have (or are given) a number. Numbers are selected by a means which gives every number an equal chance of being selected. This is done using random number tables or computer or calculator generated random numbers.
• Stratified - This means dividing the population into sub populations (strata = layers) and is useful when parts of the population have higher than normal risk (e.g. high value items, overseas debtors). Frequently high value items form a small part of the population and are 100% checked and the remainders are sampled.
• Cluster sampling - This is useful when data is maintained in clusters (= groups or bunches) as wage records are kept in weeks or sales invoices in months. The idea is to select a cluster randomly and then to examine all the items in the cluster chosen. The problem with this method is that this sample may not be representative.
• Random systematic - This method involves making a random start and then taking every nth item thereafter. This is a commonly use method which saves the work of computing random numbers. However the sample may not be representative as the population may have some serial
properties.
• Multi stage sampling - This method is appropriate when data is stored in two or more levels. For example stock in a retail chain of shops. The first stage is to randomly select a sample of shops and the second stage is to randomly select stock items from the chosen shops.
• Block sampling - simply choosing at random one block of items e.g. all June invoices. This common sampling method has none of the desired characteristics and is not recommended.
• Value weighted selection - This method uses the currency unit value rather than the items as the sampling population. It is now very popular and it is also known as “Monetary Unit Sampling”. This in relatively new variant of discovery sampling which is thought to have wide application in auditing. This is because:
o Its application is appropriate with large variance populations. Large variance populations are those like debtors or stocks where the members of the populations are of widely different sizes.
o The method is suited to populations where errors are not expected.
o It implicitly takes into account the auditor’s concept of materiality. Procedures are:
? Determine sample size. This will cover:
• The size of the population
• The minimum unacceptable error rate (materiality)
• The Beta risk desired
? List the items in the population (e.g. 1,250 debtors)
Debtors Name Balance Rs. Cumulative Rs.
______________________________________________________
Jameel 600 600
Ibrahim 100 700
Razi 1,200 1,900
Faiz 500 2,400
Saif 4,000 6,400
Etc. *** ***
Etc. *** ***
1,250. *** ***
_______ _______
300,000 300,000
====== ======
• If the sample size were 100 items then take a random start say 1,000 and every 3,000th (Rs. 300,000/100 sample size) item thereafter, i.e. using systematic sampling with a random start.
The idea is that:
o The population of debtors is not the 1,250 number of debtors but Rs. 300,000.
o If the particular Rupee is chosen then the whole balance of which that Re. 1 is a part will be investigated and any error quantified. In our example, Razi would be selected since 1,000 lies in his balance and then Saif would also be chosen as 1,000 + 3000 = 4,000 lies in his balance.
Note that the larger balances have a greater chance of being selected. This is protective for the auditor but it has been pointed out that balances that contain errors of understatement will have reduced chance of detection.
• At the end of the process, evaluate the result which might be a conclusion that the auditor is 95% confident that the debtors are not overstated by more than Rs. ***. Where Rs. *** is the materiality factor (tolerable error) chosen. If the conclusion is that the auditor finds that the debtors appear to be overstated by more than Rs. *** then he may take a larger sample and/or investigate the debtors more fully.
Monetary unit sampling is especially useful in testing for overstatement where significant understatements are not expected. Examples of applications include debtors, fixed assets and stocks. It is clearly not suitable for testing creditors where understatement is the primary
characteristic to be tested.
Chapter
Considering the work of -
Internal Auditing
CONSIDERING THE WORK OF INTERNAL AUDITING
Introduction (Meaning of Internal Audit)
_____________________________________________________________
Internal audit is part of internal control, set by the management, delegating its supervisory functions to specially assigned staff, with the objective to see that the internal controls are in operation and to
assist them in fulfilling their responsibilities such as
1. Safeguarding of the assets
2. Reliability of financial records and
3. Efficiency in operation
Definition
_________________
“Internal auditing” means an appraisal activity established within an entity as a service to the entity. Its functions include, amongst other things, examining, evaluating and monitoring the adequacy and
effectiveness of the accounting and internal control system.
DIFFERENCE BETWEEN INTERNAL AND EXTERNAL AUDITORS
_____________________________________________________________
INTERNAL AUDITOR EXTERNAL AUDITOR
Objective:
______________
• Accounting system and internal control are operating efficiently.
• Report on Financial statements.
Responsibility
_________________________
Responsibility to the management. Responsibility to the share holders.
Scope of work
____________________
• Determined by management.
• Determined by the statute; otherwise determined through mutual agreement between auditor and the client.
Scope and Objectives of the Internal Audit Function
_____________________________________________________________
Although the exact nature of internal audit function is determined by the management, however, generally the aims and objectives of the internal audit function are:
• Review and assessment of the internal control procedures and accounting system.
• Examination of financial and operating information for management, including detailed testing of transactions and balances.
• Review of efficiency, economy and effectiveness of operation.
• Review of compliance with laws, regulations, management policy and other internal requirements.
Relationship between Internal Auditing and the External Auditor
_____________________________________________________________
Management’s Requirements Vs Independent Report on Financial Statements
Unlike the internal auditor who is an employee of the enterprise, the external auditor is required to be independent of the enterprise, usually having a statutory responsibility to report on the financial
statements giving an account of management’s stewardship.
Common Means
________________________
Some of the means adopted by both the auditors to achieve their respective objectives are common, e.g. evaluation of internal control. Therefore, certain aspect of internal auditing may be useful in
determining the nature, timing and extent of external audit procedures.
Dependence Vs Independence
______________________________________
Whatever be the degree of autonomy given by the management to internal auditing it cannot enjoy the same degree of independence as external auditors. Moreover, the responsibility for the report is
that of the external auditor alone, and therefore is indivisible and is not reduced by the reliance on internal auditing.
As a result, all final judgments relating to matters which are material to the financial statements or other aspects on, which he is reporting, must be made by the external auditor himself.
Understanding of Internal Auditing
_____________________________________________________________
The external auditors should obtain a sufficient understanding of internal audit activities to assist in planning the audit and developing an effective audit approach. Effective internal auditing will often allow a reduction in the procedures performed by the external auditors but cannot eliminate them entirely. However, external auditor may decide not to use the internal auditor’s work.
Preliminary Assessment of Internal Auditing
_____________________________________________________________
After obtaining understanding of internal auditing, if it appears that its work is relevant for external auditors, the external auditor should, during the course of planning perform preliminary assessment
of internal auditing function. An effective internal audit may allow a modification in the nature, timing and extent of procedures performed by external auditors.
Criteria while Obtaining Understanding and Preliminary Assessment of Internal Auditing
_____________________________________________________________
Before relying on the work performed by the internal auditor, it is necessary for the external auditor to make an assessment of the effectiveness and relevance of the internal audit function by considering the following:
A. Organizational status:
________________________________
The internal auditor is an employee of the entity and therefore
cannot be independent, however the external auditor should evaluate to what extent he is free in performing his duties and communicate with external auditor and consider any constraints placed upon his work. Ideally, internal auditor should be reporting to the highest level of management and should be free from other operating responsibility.
B. Scope and Objectives of Internal Audit Function:
_____________________________________________________________
The external auditor should examine the range and aim of the assignments assigned to internal auditors by the management and
whether management acts on internal audit recommendations.
C. Technical Competence:
_______________________________
The external auditor should ascertain whether staff of the internal
audit function has adequate technical training and proficiency as auditors.
D. Due Professional Care:
____________________________________
The external auditor should consider whether the internal auditor
has performed his work with reasonable care and skill i.e. work is properly planned, supervised and reviewed. He should also consider existence of working papers, work programs, audit manuals etc.
Liaison and Coordination
_____________________________________________________________
The extent of liaison would normally encompass the following:
• Initial planning to formulate a joint approach to minimize the tests performed by the two auditors i.e. tests level, sample selection, documentation of work performed, review and reporting procedures.
• Regular meetings between the internal and external auditors during the year.
• Exchange of knowledge between the two auditors i.e. the external auditors should be informed of any significant matter that comes to the knowledge of internal auditor which he believes may affect to work of external auditor. Similarly the external auditor should inform the internal auditor of any significant matters which may affect his work.
Evaluating Internal Audit Work/Review/Controlling
_____________________________________________________________
Where the external auditor has decided to place reliance on the work of internal auditor, he should review the working papers to satisfy himself as to:
• Audit programs are adequate.
• The work is performed by trained staff and the work of assistants is properly supervised, reviewed and documented.
• Sufficient appropriate audit evidence was obtained.
• Conclusions made are appropriate.
• Reports prepared are based on the work done.
• Exceptions or unusual items have been properly resolved. The external auditor should record all the working he has received. The external auditor should also test the work of internal auditor.
Testing the Work of Internal Auditing
_____________________________________________________________
It can be done in the following ways:
i) Re-performing the work done by internal auditor, on test basis, to ensure that the same
results are achieved;
ii) Selecting a few similar items and perform independent test; and
iii) Observation of internal auditing procedures.
Chapter
Audit Planning
AUDIT PLANNING
_______________________________________________________
Audit Engagement letter
_______________________________________________________
Evaluating Internal Audit Work/Review/Controlling
Where the external auditor has decided to place reliance on the work of internal auditor, he should review the working papers to satisfy himself as to:
• Audit programs are adequate.
• The work is performed by trained staff and the work of assistants is properly supervised, reviewed and documented.
• Sufficient appropriate audit evidence was obtained.
• Conclusions made are appropriate.
• Reports prepared are based on the work done.
• Exceptions or unusual items have been properly resolved. The external auditor should record all the working he has received. The external auditor should also test the work of internal auditor.
Testing the Work of Internal Auditing
_______________________________________________________
It can be done in the following ways:
• Re-performing the work done by internal auditor, on test basis, to ensure that the same results are achieved;
• Selecting a few similar items and perform independent test; and
• Observation of internal auditing procedures.
Terms of Audit Engagements
_______________________________________________________
Meaning and Objective
Audit Engagement Letter is written by the auditor to his client. The letter documents terms of engagement as agreed between the auditor and the client.
Following are the components of Audit Engagement Letter
Principal Contents
_______________________________________________________
• The objective of financial statements.
• Management’s responsibility for financial statements.
• The scope of the audit.
• The form of any reports or other communications.
• The fact that due to certain unavoidable factors, the auditors may not be able to detect all material misstatements due to fraud or error.
• Requirement of unrestricted access to records etc.
Optional Contents
__________________________
• Arrangements regarding the planning of the audit.
• Expectation of receiving written representations.
• Request for confirmation of terms of engagement.
• Description of any other letters or reports the auditor expects to issue to the client.
• Basis for computation of fees.
Contents to be included under Special Circumstances
_______________________________________________________
• Arrangements concerning the involvement of other auditors, experts, internal auditors and other client staff.
• Arrangements to be made with predecessor auditor, in case of initial audit only.
• Restriction on auditor’s liability, if any.
• Reference to any further agreements between the auditor and the client.
Note: A specimen engagement letter as given in the AS is given at Annexure-2.
Audit of Components
_______________________________________________________
In case of components (branch, subsidiary or division) the auditor has to decide whether to send a separate engagement letter for the component. It would depend on the following:
• Who appoints auditor of the component.
• Whether a separate audit report is to be issued on the component.
• Legal requirements.
• The extent of any work performed by other auditors.
• Degree of ownership by parent.
• Degree of independence of the component’s management.
Recurring Audits
___________________________________
Should auditor write an engagement letter every year? Answer to this question is dependent on the following factors:
• If client misunderstands the objective and scope of the audit.
• Any revised or special terms of engagement.
• A recent change of senior management, board of directors or ownership.
• A significant change in nature or size of the client’s business.
• Legal requirements.
Example of an Audit Engagement Letter
_______________________________________________________
The following letter is for use as a guide in conjunction with the considerations outlined in this ISA and will need to be varied according to individual requirements and circumstances.
To the Board of Directors or the appropriate representative of senior management:
You have requested that we audit the balance sheet of …………..as of …………., and the related statements of income and cash flows for the year then ending. We are pleased to confirm our acceptance and our understanding of this engagement by means of this letter. Our audit will be made with the objective of our expressing an opinion on the financial statements.
We will conduct our audit in accordance with International Standards on Auditing (or relevant national standards or practices). Those ISAs require that we plan and perform the audit to obtain
reasonable assurance about whether the financial statements are free of material misstatements. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the
financial statements. An audit also includes assessing the accounting principles used and significant estimates made by management, as well as evaluating the overall financial statement presentation.
Because of the test nature and other inherent limitations of an audit, together with the inherent limitations of any accounting and internal control system, there is an unavoidable risk that even some
material misstatements may remain undiscovered.
In addition to our report on the financial statements, we expect to provide you with a separate letter concerning any material weaknesses in accounting and internal control systems, which come to our notice.
We remind you that the responsibility for the preparation of financial statements including adequate disclosure is that of the management of the company. This includes the maintenance of adequate accounting records and internal controls, the selection and application of accounting policies, and the safeguarding of the assets of the company. As part of our audit process, we will request from
management written confirmation concerning representations made to us in connection with the audit.
We look forward to full cooperation with your staff and we trust that they will make available to us whatever records, documentation and other information are requested in connection with our audit.
Our fees, which will be billed as work progress, are based on the time required by the individuals assigned to the engagement plus out-of-pocket expenses. Individual hourly rates vary according to the
degree of responsibility involved and the experience and skill required.
This letter will be effective for future years unless it is terminated, amended or superseded. Please sign and return the attached copy of this letter to indicate that it is in accordance with your understanding of the arrangements for our audit of the financial statements.
XYZ & Co.
Acknowledged on behalf of
ABC Company by
(Signed)
Name and Title
Date ________
PLANNING AN AUDIT OF FINANCIAL STATEMENTS
_______________________________________________________
Purpose of Planning
The auditor should plan the audit so that the engagement will be performed in an effective manner. Planning an audit involves:
1. Establishing the overall audit strategy for the engagement and
2. Developing an audit plan, in order to reduce audit risk to an acceptably low level.
Planning involves the Engagement Partner (auditor) and other key members of the engagement team to benefit from their experience and insight and to enhance the effectiveness and efficiency of the planning process.
Adequate planning helps in achieving the following:
• Ensure that appropriate attention is devoted to important areas of the audit, like; related parties transactions, outsourced activities (debt/revenue collection), payroll, sales, acquisition of noncurrent assets.
• Potential problems, like; slow availability of information, application of new regulations etc. are identified and resolved on a timely basis
• Audit engagement is properly organized and managed in order to be performed in an effective and efficient manner.
• Proper assignment of work to engagement team members,
• Facilitation of direction and supervision of engagement team members and the review of their
work
• Coordination of work done by auditors of components and experts. The nature and extent of planning activities will vary according to the
• Size and complexity of the entity
• Auditor’s previous experience with the entity
• Changes in circumstances that occur during the audit engagement. Planning is a continual process that often begins shortly after the completion of the previous audit
and continues until the completion of the current audit engagement.
Planning Activities
_______________________________________________________
I The Overall Audit Strategy
____________________________
The auditor should establish the overall audit strategy for the audit.
The overall audit strategy
• sets the scope, timing and direction of the audit, and
• guides the development of the more detailed audit plan
The establishment of the overall audit strategy involves:
_______________________________________________________
A. Determining the characteristics of the engagement that define its scope, such as the financial reporting framework used, industry-specific reporting requirements and the locations of the
components of the entity;
B. Ascertaining the reporting objectives of the engagement to plan the timing of the audit and the nature of the communications required, such as: deadlines for interim and final reporting, and
a. key dates for expected communications with management
b. Considering the important factors that will determine the focus of the engagement team’s efforts, such as:
• Determination of appropriate materiality levels,
• Preliminary identification of areas where there may be higher risks of material misstatement,
• Preliminary identification of material components and account balances,
• Evaluation of whether the auditor may plan to obtain evidence regarding the effectiveness of internal control, and
• Identification of recent significant entity-specific, industry, financial reporting or other
relevant developments. The overall audit strategy sets out clearly,
C. The resources to deploy for specific audit areas, such as the use of appropriately experienced team members for high risk areas or the involvement of experts on complex matters;
D. The amount of resources to allocate to specific audit areas, such as the number of team members assigned to observe the inventory count at material locations, the extent of review of other auditors’ work incase of group audits, or the audit budget in hours to allocate to high risk areas;
E. When to deploy these resources?, such as whether at an interim audit stage or at key cutoff dates; and
F. How such resources are managed, directed and supervised?, such as when team briefing and debriefing meetings are expected to be held, how engagement partner and manager reviews are expected to take place (for example, on-site or off-site), and whether to complete engagement quality control reviews.
II The Audit Plan
_______________________________________________________
Once the overall audit strategy has been established the auditor should develop an audit plan for the audit in order to reduce audit risk to an acceptably low level. Although the auditor ordinarily
establishes the overall audit strategy before developing the detailed audit plan, the two planning activities are not necessarily discrete or sequential processes but are closely inter-related since changes in
one may result in consequential changes to the other. The audit plan is more detailed than the overall audit strategy and includes:
• The nature, timing and extent of audit procedures to be performed by engagement team members in order to obtain sufficient appropriate audit evidence to reduce audit risk to an acceptably low level. Documentation of the audit plan also serves as a record of the proper planning and performance of the audit procedures that can be reviewed and approved prior to the performance of further audit
procedures.
• The audit plan includes:
o A description of the nature, timing and extent of planned risk assessment procedures sufficient to assess the risks of material misstatement,
o A description of the nature, timing and extent of planned further audit procedures at the assertion level for each material class of transactions, account balance, and disclosure. (The plan for further audit procedures reflects the auditor’s decision whether to test the operating effectiveness of controls, and the nature, timing and extent of planned substantive procedures); and Such other audit procedures required to be carried out for the engagement in order to comply with ISAs (for example, seeking direct communication with the entity’s lawyers).
• Planning for these audit procedures takes place over the course of the audit as the audit plan for the engagement develops. For example, planning of the auditor’s risk assessment procedures ordinarily occurs early in the audit process. However, planning of the nature, timing and extent of specific further audit procedures depends on the outcome of those risk assessment procedures. In addition, the auditor may begin the execution of further audit procedures for some classes of transactions, account balances and disclosures before completing the more detailed audit plan of all remaining further audit procedures.
Changes to Planning Decisions during the Course of the Audit
_____________________________________________________________
The overall audit strategy and the audit plan should be updated and changed as necessary during the course of the audit. Planning an audit is a continual process throughout the audit engagement. As a result of unexpected events, changes in conditions, or the audit evidence obtained from the results of audit procedures, the
auditor may need to modify the overall audit strategy and audit plan, and thereby the resulting planned nature, timing and extent of further audit procedures.
Information may come to the auditor’s attention that differs significantly from the information available when the auditor planned the audit procedures. For example, the auditor may obtain audit evidence through the performance of substantive procedures that contradicts the audit evidence obtained with respect to the testing of the operating effectiveness of controls. In such circumstances, the auditor re-evaluates the planned audit procedures, based on the revised consideration of assessed
risks at the assertion level for all or some of the classes of transactions, account balances or disclosures.
Direction, Supervision and Review (Audit Program)
_____________________________________________________________
The auditor should plan the nature, timing and extent of direction and supervision of engagement team members and review of their work. The nature, timing and extent of the direction and supervision of engagement team members and review of their work vary depending on many factors, including:
• the size and complexity of the entity,
• the area of audit,
• the risks of material misstatement, and
• the capabilities and competence of personnel performing the audit work
As the assessed risk of material misstatement increases, a given area of the audit, the auditor ordinarily increases the extent and timeliness of direction and supervision of engagement team members and performs a more detailed review of their work.
Documentation
___________________
The auditor should document the overall audit strategy and the audit plan, including any significant changes made during the audit engagement. The auditor’s documentation of the overall audit strategy records the key decisions considered necessary to properly plan the audit and to communicate significant matters to the engagement team.
For example, the auditor may summarize the overall audit strategy in the form of a memorandum that contains key decisions regarding the overall scope, timing and conduct of the audit. The auditor’s documentation of the audit plan is sufficient to demonstrate the planned nature, timing and extent of risk assessment procedures, and further audit procedures at the assertion level for each
material class of transaction, account balance, and disclosure in response to the assessed risks.
The auditor may use standard audit programs or audit completion checklists. However, when such standard programs or checklists are used, the auditor appropriately tailors them to reflect the particular
engagement circumstances.
The auditor’s documentation of any significant changes to the originally planned overall audit strategy and to the detailed audit plan includes the reasons for the significant changes and the auditor’s response to the events, conditions, or results of audit procedures that resulted in such changes.
For example, the auditor may significantly change the planned overall audit strategy and the audit plan as a result of a material business combination or the identification of a material misstatement of the financial statements. A record of the significant changes to the overall audit strategy and the audit plan, and resulting changes to the planned nature, timing and extent of audit procedures, explains the overall strategy and audit plan finally adopted for the audit and demonstrates the appropriate response to significant changes occurring during the audit.
The form and extent of documentation depend on such matters as the size and complexity of the entity, materiality, the extent of other documentation, and the circumstances of the specific audit engagement.
AUDIT PLANNING
_____________________________________________________________
Establishing Overall Audit Strategy)
Audits of Small Entities
In audits of small entities, the entire audit may be conducted by a very small audit team. Many audits of small entities involve the audit engagement partner (who may be a sole practitioner) working with
one engagement team member (or without any engagement team members). With a smaller team, coordination and communication between team members are easier. Establishing the overall audit
strategy for the audit of a small entity need not be a complex or time-consuming exercise; it varies according to the size of the entity and the complexity of the audit. For example, a brief memorandum
prepared at the completion of the previous audit, based on a review of the working papers and highlighting issues identified in the audit just completed, updated and changed in the current period
based on discussions with the owner-manager, can serve as the basis for planning the current audit engagement.
Communications with those charged with Governance and Management
_____________________________________________________________
The auditor may discuss elements of planning with those charged with governance and the entity’s management. These discussions may be a part of overall communications required to be made to
those charged with governance of the entity or may be made to improve the effectiveness and efficiency of the audit. Discussions with those charged with governance ordinarily include:
The overall audit strategy and timing of the audit, including any limitations thereon, or any additional requirements. When discussions of matters included in the overall audit strategy or audit plan occur, care is required in order to not compromise the effectiveness of the audit. For example, the auditor considers whether discussing the nature and timing of detailed audit procedures with management compromises the effectiveness of the audit by making the audit procedures too predictable.
Additional Considerations in Initial Audit Engagements
_____________________________________________________________
The auditor should perform the following activities prior to starting an initial audit:
• Perform procedures regarding the acceptance of the client relationship and the specific audit engagement.
• Communicate with the previous auditor, where there has been a change of auditors, in compliance with relevant ethical requirements.
For initial audits, additional matters the auditor may consider in developing the overall audit strategy and audit plan include the following:
Unless prohibited by law or regulation, an arrangement to be made with the previous auditor for example to review the previous auditor’s working papers.
Any major issues discussed with management in connection with the initial selection as auditors, the communication of these matters to those charged with governance and how these matters affect the
overall audit strategy and audit plan.
The planned audit procedures to obtain sufficient appropriate audit evidence regarding opening balances.
The assignment of firm personnel with appropriate levels of capabilities and competence to respond
to anticipated significant risks.
Other procedures:
________________________
required by the firm’s system of quality control for initial audit engagements (for example, the firm’s system of quality control may require the involvement of another partner or senior individual to review the overall audit strategy prior to commencing significant audit procedures or to review reports prior to their issuance).
Examples of Matters the Auditor May Consider In Establishing the Overall Audit Strategy
_____________________________________________________________
Following are the examples of matters the auditor may consider in establishing the overall audit
strategy:
1. Scope of the audit engagement
2. Reporting objectives
3. Direction of the audit
1. Scope of the Audit Engagement
_____________________________________________________________
The auditor may consider the following matters when establishing the scope of the audit engagement:
• The financial reporting framework on which the financial information to be audited has been prepared, including any need for reconciliations to another financial reporting framework.
• Industry-specific reporting requirements such as reports mandated by industry regulators.
• The expected audit coverage, including the number and locations of components to be included.
• The nature of the control relationships between a parent and its components that determine how the group is to be consolidated.
• The extent to which components are audited by other auditors.
• The nature of the business segments to be audited, including the need for specialized knowledge.
• The reporting currency to be used, including any need for currency translation for the financial information audited.
• The need for a statutory audit of standalone financial statements in addition to an audit for consolidation purposes.
• The availability of the work of internal auditors and the extent of the auditor’s potential reliance on such work.
• The entity’s use of service organizations and how the auditor may obtain evidence concerning the design or operation of controls performed by them.
• The expected use of audit evidence obtained in prior audits, for example, audit evidence related to risk assessment procedures and tests of controls.
• The effect of information technology on the audit procedures, including the availability of data and the expected use of computer-assisted audit techniques.
• The coordination of the expected coverage and timing of the audit work with any reviews of interim financial information and the effect on the audit of the information obtained during such reviews.
• The discussion of matters that may affect the audit with firm personnel responsible for performing other services to the entity.
• The availability of client personnel and data.
2. Reporting objectives, timing of the audit and communications required
_____________________________________________________________
The auditor may consider the following matters when ascertaining the reporting objectives of the engagement, the timing of the audit and the nature of communications required:
• The entity’s timetable for reporting, such as at interim and final stages.
• The organization of meetings with management and those charged with governance to discuss the nature, extent and timing of the audit work.
• The discussion with management and those charged with governance regarding the expected type and timing of reports to be issued and other communications, both written and oral, including the auditor’s report, management letters and communications to those charged with governance.
• The discussion with management regarding the expected communications on the status of audit work throughout the engagement and the expected deliverables resulting from the audit procedures.
• Communication with auditors of components regarding the expected types and timing of reports to be issued and other communications in connection with the audit of components.
• The expected nature and timing of communications among engagement team members, including the nature and timing of team meetings and timing of the review of work performed.
• Whether there are any other expected communications with third parties, including any statutory or contractual reporting responsibilities arising from the audit.
3. Direction of the Audit
________________________________
The auditor may consider the following matters when setting the direction of the audit:
• With respect to materiality:
• Setting materiality for planning purposes.
• Setting and communicating materiality for auditors of components.
• Reconsidering materiality as audit procedures are performed during the course of the audit.
• Identifying the material components and account balances.
• Audit areas where there is a higher risk of material misstatement.
• The impact of the assessed risk of material misstatement at the overall financial statement level on direction, supervision and review.
• The selection of the engagement team (including, where necessary, the engagement quality control reviewer) and the assignment of audit work to the team members, including the assignment of appropriately experienced team members to areas where there may be higher risks of material misstatement.
• Engagement budgeting, including considering the appropriate amount of time to set aside for areas where there may be higher risks of material misstatement.
• The manner in which the auditor emphasizes to engagement team members the need to maintain a questioning mind and to exercise professional skepticism in gathering and
evaluating audit evidence.
• Results of previous audits that involved evaluating the operating effectiveness of internal control, including the nature of identified weaknesses and action taken to address them.
• Evidence of management’s commitment to the design and operation of sound internal control, including evidence of appropriate documentation of such internal control.
• Volume of transactions, which may determine whether it is more efficient for the auditor to rely on internal control.
• Importance attached to internal control throughout the entity to the successful operation of the business.
• Significant business developments affecting the entity, including changes in information technology and business processes, changes in key management, and acquisitions, mergers and divestments.
• Significant industry developments such as changes in industry regulations and new reporting requirements.
• Significant changes in the financial reporting framework, such as changes in accounting standards.
• Other significant relevant developments, such as changes in the legal environment affecting the entity.
Chapter
Auditors' Report
AUDITOR’S REPORT ON A COMPLETE SET OF GENERAL PURPOSE
______________________________________________________
FINANCIALSTATEMENTS
(Effective for auditor’s reports dated on or after December 31, 2006).
Auditor’s report is issued as a result of an audit of a complete set of general purpose financial statements prepared in accordance with a financial reporting framework that is designed to achieve fair presentation.
The Auditor’s Report on Financial Statements
___________________________________________________
The auditor’s report should contain a clear expression of the auditor’s opinion on the financial statements. Unless required by law or regulation to use different wording, the auditor’s opinion on a complete set of general purpose financial statements prepared in accordance with a financial reporting framework that is designed to achieve fair presentation states whether the financial statements “ give a true and fair view” or “are presented fairly, in all material respects,” in accordance with the applicable financial reporting framework. These phrases “give a true and fair view” and “are presented fairly, in all material respects,” are equivalent. Which of these phrases is used in any particular jurisdiction is determined by the law or regulations governing the audit of financial statements in that jurisdiction, or by established practice in that jurisdiction.
Forming an Opinion on the Financial Statements
______________________________________________________
The auditor should evaluate the conclusions drawn from the audit evidence obtained as the basis for forming an opinion on the financial statements.
When forming an opinion on the financial statements, the auditor evaluates whether, based on the audit evidence obtained, there is reasonable assurance about whether the financial statements taken as
a whole are free from material misstatement. This involves concluding whether sufficient appropriate audit evidence has been obtained to reduce to an acceptably low level the risks of material
misstatement of the financial statements and evaluating the effects of uncorrected misstatements identified.
This evaluation includes considering whether, in the context of the applicable financial reporting framework:
• The accounting policies selected and applied are consistent with the financial reporting framework and are appropriate in the circumstances;
• The accounting estimates made by management are reasonable in the circumstances;
• The information presented in the financial statements, including accounting policies, is relevant, reliable, comparable and understandable; and
• The financial statements provide sufficient disclosures to enable users to understand the effect of material transactions and events on the information conveyed in the financial statements, for example, in the case of financial statements prepared in accordance with International Financial Reporting Standards (IFRSs), the entity’s financial position, financial performance and cash flows.
Illustration of the Auditor’s Report
______________________________________________________
Elements of the Auditor’s Report
Consistency in the auditor’s report promotes credibility in the global marketplace by making more readily identifiable those audits that have been conducted in accordance with globally recognized standards. It also helps to promote the reader’s understanding and to identify unusual circumstances when they occur.
Following are the elements of the auditor’s report when the audit has been conducted in accordance with the ISAs:
(a) Title;
(b) Addressee;
(c) Introductory paragraph;
(d) Management’s responsibility for the financial statements;
(e) Auditor’s responsibility;
(f) Auditor’s opinion;
(g) Other reporting responsibilities;
(h) Auditor’s signature;
(i) Date of the auditor’s report; and
(j) Auditor’s address.
Title
__________________
The auditor’s report should have a title that clearly indicates that it is the report of an independent auditor.
A title indicating that the report is of an independent auditor, for example, “Independent Auditor’s Report,” affirms that the auditor has met all of the relevant ethical requirements regarding independence and, therefore, distinguishes the independent auditor’s report from reports issued by others.
Addressee
____________________
Ordinarily, the auditor’s report on general purpose financial statements is addressed to those for whom the report is prepared, often either to the shareholders or to those charged with governance of the entity whose financial statements are being audited.
Introductory Paragraph
_____________________________
The introductory paragraph in the auditor’s report should identify the entity whose financial statements have been audited and should state that the financial statements have been audited. The
introductory paragraph should also:
• Identify the title of each of the financial statements that comprise the complete set of financial statements;
• Refer to the summary of significant accounting policies and other explanatory notes; and
• Specify the date and period covered by the financial statements.
Management’s Responsibility for the Financial Statements
______________________________________________________
The auditor’s report should state that management is responsible for the preparation and the fair presentation of the financial statements in accordance with the applicable financial reporting framework and that this responsibility includes:
• Designing, implementing and maintaining internal control relevant to the preparation and fair presentation of financial statements that are free from material misstatement, whether due to fraud or error;
• Selecting and applying appropriate accounting policies; and
• Making accounting estimates that are reasonable in the circumstances.
Auditor’s Responsibility
______________________________
The auditor’s report should state that the responsibility of the auditor is to express an opinion on the financial statements based on the audit.
The auditor’s report should state that the audit was conducted in accordance with International Standards on Auditing. The auditor’s report should also explain that those standards require that the
auditor comply with ethical requirements and that the auditor plan and perform the audit to obtain reasonable assurance whether the financial statements are free from material misstatement. The auditor’s report should describe an audit by stating that:
• An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the financial statements;
• The procedures selected depend on the auditor’s judgment, including the assessment of the risks of material misstatement of the financial statements, whether due to fraud or error. In making those risk assessments, the auditor considers internal control relevant to the entity’s preparation and fair presentation of the financial statements in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the entity’s internal control. In circumstances when the auditor also has a responsibility to express an opinion on the effectiveness of internal control in conjunction with the audit of the financial statements, the auditor should omit the phrase that the auditor’s consideration of internal control is not for the purpose of expressing an opinion on the effectiveness of internal control; and
• An audit also includes evaluating the appropriateness of the accounting policies used, the reasonableness of accounting estimates made by management, as well as the overall presentation of the financial statements. The auditor’s report should state that the auditor believes that the audit evidence the auditor has obtained is sufficient and appropriate to provide a basis for the auditor’s opinion.
Auditor’s Opinion
________________________
An unqualified opinion should be expressed when the auditor concludes that the financial statements give a true and fair view or are presented fairly, in all material respects, in accordance with the
applicable financial reporting framework.
When expressing an unqualified opinion, the opinion paragraph of the auditor’s report should state the auditor’s opinion that the financial statements give a true and fair view or present fairly, in all
material respects, in accordance with the applicable financial reporting framework (unless the auditor is required by law or regulation to use different wording for the opinion, in which case the prescribed wording should be used).
When International Financial Reporting Standards or International Public Sector Accounting Standards are not used as the financial reporting framework, the reference to the financial reporting
framework in the wording of the opinion should identify the jurisdiction or country of origin of the financial reporting framework.
The auditor identifies the applicable financial reporting framework in such terms as:
“… in accordance with International Financial Reporting Standards” or “… in accordance with accounting principles generally accepted in Country X …” When the applicable financial reporting framework encompasses legal and regulatory requirements,
the auditor identifies the applicable financial reporting framework in such terms as: “… in accordance with International Financial Reporting Standards and the requirements of Country X Corporations Act.”
Other Matters
______________________
Standards, laws or generally accepted practice in a jurisdiction may require or permit the auditor to elaborate on matters that provide further explanation of the auditor’s responsibilities in the audit of
the financial statements or of the auditor’s report thereon. Such matters may be addressed in a separate paragraph following the auditor’s opinion.
Other Reporting Responsibilities
_____________________________________
In some jurisdictions, the auditor may have additional responsibilities to report on other matters that are supplementary to the auditor’s responsibility to express an opinion on the financial statements.
For example, the auditor may be asked to report certain matters if they come to the auditor’s attention during the course of the audit of the financial statements. Alternatively, the auditor may be asked to
perform and report on additional specified procedures, or to express an opinion on specific matters, such as the adequacy of accounting books and records. Auditing standards in the specific jurisdiction
or country often provide guidance on the auditor’s responsibilities with respect to specific additional reporting responsibilities in that jurisdiction or country.
When the auditor addresses other reporting responsibilities within the auditor’s report on the financial statements, these other reporting responsibilities should be addressed in a separate section in the auditor’s report that follows the opinion paragraph.
Auditor’s Signature
____________________________
The auditor’s report should be signed. The auditor’s signature is either in the name of the audit firm, the personal name of the auditor or both, as appropriate for the particular jurisdiction. In addition to
the auditor’s signature, in certain jurisdictions, the auditor may be required to declare the auditor’s professional accountancy designation or the fact that the auditor or firm, as appropriate, has been recognized by the appropriate licensing authority in that jurisdiction.
Date of the Auditor’s Report
_______________________________
The auditor should date the report on the financial statements no earlier than the date on which the auditor has obtained sufficient appropriate audit evidence on which to base the opinion on the
financial statements. Sufficient appropriate audit evidence should include evidence that the entity’s complete set of financial statements has been prepared and that those with the recognized authority
have asserted that they have taken responsibility for them. In some jurisdictions, final approval of the financial statements by shareholders is required before the financial statements are issued publicly. In these jurisdictions, final approval by shareholders is not
necessary for the auditor to conclude that sufficient appropriate audit evidence has been obtained. The date of approval of the financial statements for purposes of the ISAs is the earlier date on which
those with the recognized authority determine that a complete set of financial statements has been prepared.
Auditor’s Address
_____________________
The report should name the location in the country or jurisdiction where the auditor practices.
Auditor’s Report
________________________
The auditor’s report should be in writing. A written report encompasses both reports issued in hard copy format and those using an electronic medium.
Auditor’s Report for Audits Conducted in Accordance with Both ISAs and Auditing
Standards of a Specific Jurisdiction or Country
______________________________________________________
The auditor’s report should refer to the audit having been conducted in accordance with the International Standards on Auditing only when the auditor has complied fully with all of the International Standards on The auditor may refer to the audit having been conducted in accordance with both ISAs as well as national auditing standards when the auditor complies with each of the ISAs relevant to the audit and performs any additional audit procedures necessary to comply with the relevant standards of that jurisdiction or country. A reference to both the ISAs and national auditing standards is not appropriate if there is a conflict between the reporting requirements regarding the auditor’s report in the ISAs and in the national auditing standards that affects the auditor’s opinion or the need to include an emphasis of matter paragraph in the particular circumstances. For example, some national auditing standards prohibit the auditor from including an emphasis of matter paragraph to highlight a going concern problem, whereas ISA 701 requires the auditor to modify the auditor’s report by adding an emphasis of matter paragraph in such circumstances.
In case of such conflicts, the auditor’s report refers only to the auditing standards (either ISAs or the relevant national auditing standards) in accordance with which the auditor has complied with the reporting requirements.
When the auditor’s report refers to both International Standards on Auditing and auditing standards of a specific jurisdiction or country, the auditor’s report should identify the jurisdiction or country of
origin of the auditing standards.
When the auditor prepares the auditor’s report using the layout or wording specified by the law, regulation or auditing standards of the specific jurisdiction or country, the auditor’s report should refer to the audit being conducted in accordance with both International Standards on Auditing and the auditing standards of the specific jurisdiction or country only if the auditor’s report includes, at a
minimum, each of the following elements:
• A title;
• An addressee, as required by the circumstances of the engagement;
• An introductory paragraph that identifies the financial statements audited;
• A description of management’s responsibility for the preparation and fair presentation of the financial statements;
• A description of the auditor’s responsibility to express an opinion on the financial statements and the scope of the audit, that includes:
o A reference to the International Standards on Auditing and the auditing standards of the
specific jurisdiction or country, and
o A description of the work an auditor performs in an audit.
• An opinion paragraph containing an expression of opinion on the financial statements and a reference to the applicable financial reporting framework used to prepare the financial statements (including identifying the country of origin of the financial reporting framework when International Financial Reporting Standards or International Public Sector
• Accounting Standards are not used);
• The auditor’s signature;
• The date of the auditor’s report; and
• The auditor’s address.
Format of Auditor’s Report under Companies Ordinance 1984
______________________________________________________
The format of Auditor’s report to the members as per companies ordinance 1984 is as under that is to be followed by all companies incorporated under this ordinance.
THE COMPANIES ORDINANCE, AUDITORS' REPORT TO THE MEMBERS
_______________________________________________
Introductory Paragraph
We have audited the annexed balance sheet of ……………….……… as at ……..…….... and the related *1 profit and loss account, *2 cash flow statement and statement of changes in equity together with the notes forming part thereof, for the year then ended and we state that we have obtained all the information and explanations which, to the best of our knowledge and belief, were necessary for the purposes of our audit.
Management’s Responsibility
_______________________________________________
It is the responsibility of the company's management to establish and maintain a system of internal control, and prepare and present the above said statements in conformity with the approved accounting standards and the requirements of the Companies Ordinance, 1984. Our responsibility is to express an opinion on these statements based on our audit.
Auditor’s Responsibility
___________________________
We conducted our audit in accordance with the auditing standards as applicable in Pakistan These standards require that we plan and perform the audit to obtain reasonable assurance about whether
the above said statements are free of any material misstatement. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the above said statements. An audit
also includes assessing the accounting policies and significant estimates made by management, as well as, evaluating the overall presentation of the above said statements. We believe that our audit provides a reasonable basis for our opinion and, after due verification, we report that –
Opinion
______________
• in our opinion, proper books of accounts have been kept by the company as required by the
Companies Ordinance, 1984;
• in our opinion –
o the balance sheet and profit and loss account together with the notes thereon have
been drawn-up in conformity with the Companies Ordinance, 1984, and are in agreement with the
books of account and are further in accordance with accounting policies consistently applied *3
except for the changes as stated in note(s) …………… with which we concur;
o the expenditure incurred during the year was for the purpose of the company's business; and
o the business conducted, investments made and the expenditure incurred during the
year were in accordance with the objects of the company;
• in our opinion and to the best of our information and according to the explanations given to us, the balance sheet, *1 profit and loss account, *2 cash flow statement and statement of changes in equity together with the notes forming part thereof conform with approved accounting standards as applicable in Pakistan, and, give the information required by the Companies Ordinance, 1984, in the manner so required and respectively give a true and fair view of the state of the company's affairs as at ……..and of the *4 profit / loss, its *5 cash flows and changes in equity for the year then ended; and
Other Responsibilities
_____________________________
• in our opinion *6 Zakat deductible at source under the Zakat and Ushr Ordinance, 1980 (XVIII of 1980), was deducted by the company and deposited in the Central Zakat Fund established under Section 7 of the Ordinance.
Signature
[Name(s) of Auditors]
Date ……………..
Place …………….
NOTES
_______________
Where applicable –
• Substitute "income and expenditure account".
• Substitute "sources and application of funds".
• Where there is no change in -the accounting policy (ies) the portion “except for the changes
as stated; in note(s) …....with which we concur” may be omitted.
• Substitute "surplus or deficit".
• Substitute "changes in source and application of funds".
• Where no Zakat is deductible, substitute "no Zakat was deductible at source under the Zakat and Ushr Ordinance, 1980”.
Where any of the matter referred to in the Auditors' Report is answered in the negative or with a qualification, the report shall state the reason for such answers along with the factual position to the
best of the auditors' information.
MODIFIED AUDITOR’S REPORT REPORTS/OPINIONS TREE
_______________________________________________
STANDARD MODIFIED
Unqualified
Affect the Do not affect
Auditor’s opinion auditor’s opinion
(Emphasis of the matter)
DEPENDS UPON NATURE OF CIRCUMSTANCES
LIMITATION ON DISAGREEMENT
SCOPE OF WORK WITH MANAGEMENT
Material but not so Material Material but Material &
Material & Pervasive & Pervasive not so material Pervasive
and Pervasive
Adverse opinion Qualified Disclaimer of opinion Qualified (Financial statement Opinion (we do not express an opinion do not give a true (Except for) opinion on the financial (Except for) and fair view) statements)
MODIFICATIONS TO THE AUDITOR’S REPORT
_______________________________________________
(Effective for auditor’s reports dated on or after December 31, 2006).
Here we shall discuss the circumstances when the independent auditor’s report should be modified and the form and the content of the modifications to the auditor’s report in those circumstances.
The wording of auditor’s report is modified in the following situations:
Matters that Do Affect the Auditor’s Opinion
• Qualified opinion,
• Disclaimer of opinion, or
• Adverse opinion.
Matters that Do Not Affect the Auditor’s Opinion
• Emphasis of matter
MATTERS THAT DO AFFECT THE AUDITOR’S OPINION
_______________________________________________________
An auditor may not be able to express an unqualified opinion when either of the following circumstances exists and, in the auditor’s judgment, the effect of the matter is or may be material to the financial statements:
• There is a limitation on the scope of the auditor’s work; or
• There is a disagreement with management regarding the acceptability of the accounting policies selected, the method of their application or the adequacy of financial statement disclosures.
Limitation on Scope
____________________________
• Imposed by the entity. A limitation on the scope of the auditor’s work may sometimes be imposed by the entity (for
example, when the terms of the engagement specify that the auditor will not carry out an audit procedure that the auditor believes is necessary). However, when the limitation in the terms of a proposed engagement is such that the auditor believes the need to express a disclaimer of opinion exists; the auditor would ordinarily not accept such a limited engagement as an audit engagement, unless required by statute. Also, a statutory auditor would not accept such an audit engagement when the limitation infringes on the auditor’s statutory duties.
• Imposed by circumstances. A scope limitation may be imposed by circumstances (for example, when the timing of the auditor’s appointment is such that the auditor is unable to observe the counting of physical inventories). It may
also arise when, in the opinion of the auditor, the entity’s accounting records are inadequate or when the auditor is unable to carry out an audit procedure believed to be desirable. In these circumstances, the auditor would attempt to carry out reasonable alternative procedures to obtain sufficient appropriate audit evidence to support an unqualified opinion. When there is a limitation on the scope of the auditor’s work that requires expression of a qualified
opinion or a disclaimer of opinion, the auditor’s report should describe the limitation and indicate the possible adjustments to the financial statements that might have been determined to be necessary had the limitation not existed.
A qualified opinion:
_______________________________________________
Should be expressed when the auditor concludes that an unqualified opinion cannot be expressed but that the effect of any limitation on scope is not so material and pervasive as to require a disclaimer of opinion. A qualified opinion should be expressed as being ‘except for’ the effects of the matter to which the qualification relates.
A disclaimer of opinion:
_______________________________________________
Should be expressed when the possible effect of a limitation on scope is so material and pervasive that the auditor has not been able to obtain sufficient appropriate audit evidence and accordingly is unable to express an opinion on the financial statements.
Whenever the auditor expresses an opinion that is other than unqualified, a clear description of all the substantive reasons should be included in the report and, unless impracticable, a quantification of the possible effect(s) on the financial statements. Ordinarily, this information would be set out in a separate paragraph preceding the opinion or disclaimer of opinion on the financial statements and
may include a reference to a more extensive discussion, if any, in a note to the financial statements. Illustrations of these matters are set out below.
Limitation on Scope—Qualified Opinion
_______________________________________________
We have audited……………………
Management is responsible ………………………..
Our responsibility is to express an opinion on these financial statements based o our audit. Except as discussed in the following paragraph, we conducted our audit in accordance with
…………………………… We did not observe the counting of the physical inventories as of December 31, 20X1, since that date
was prior to the time we were initially engaged as auditors for the Company. Owing to the nature of the Company’s records, we were unable to satisfy ourselves as to inventory quantities by other audit
procedures.
In our opinion, except for the effects of such adjustments, if any, as might have been determined to be necessary had we been able to satisfy ourselves as to physical inventory quantities, the financial
statements give a true and fair view of ... (remaining words are the same as illustrated in the opinion paragraph)
Limitation on Scope—Disclaimer of Opinion
_______________________________________________
we were not able to observe all physical inventories and confirm accounts receivable due to limitations placed on the scope of our work by the Company.)
Because of the significance of the matters discussed in the preceding paragraph, we do not express an opinion on the financial statements.”
Disagreement with Management
________________________________
The auditor may disagree with management about matters such as the acceptability of accounting policies selected, the method of their application, or the adequacy of disclosures in the financial
statements. If such disagreements are material to the financial statements, the auditor should express a qualified or an adverse opinion.
A qualified opinion:
________________________
Should be expressed when the auditor concludes that an unqualified opinion cannot be expressed but that the effect of any disagreement with management is not so material and pervasive as to require an adverse opinion. A qualified opinion should be expressed as being ‘except for’ the effects of the matter to which the qualification relates.
An adverse opinion
_____________________
Should be expressed when the effect of a disagreement is so material and pervasive to the financial statements that the auditor concludes that a qualification of the report is not adequate to disclose the misleading or incomplete nature of the financial statements.
Illustrations of these matters are set out below.
Disagreement on Accounting Policies—Qualified Opinion
___________________________________________________
We have audited……………………
Management is responsible ………………………..
Our responsibility is to express an opinion on these financial statements based o our audit. Except as discussed in the following paragraph, we conducted our audit in accordance with
……………………………
As discussed in Note (Ref no.) to the financial statements, no depreciation has been provided in the financial statements which practice, in our opinion, is not in accordance with International Financial Reporting Standards. The provision for the year ended December 31, 2007, should be Rs.___ based on the straight-line method of depreciation using annual rates of x% for the building and y% for the equipment. Accordingly, the fixed assets should be reduced by accumulated depreciation of Rs. __ and the loss for the year and accumulated deficit should be increased by Rs.__ and Rs.__, respectively.
In our opinion, except for the effect on the financial statements of the matter referred to in the preceding paragraph, the financial statements give a true and fair view of ... (remaining words are the
same as illustrated in the opinion paragraph)
Disagreement on Accounting Policies—Inadequate Disclosure—Adverse Opinion
______________________________________________________
“We have audited ... (remaining words are the same as illustrated in the introductory paragraph
Management is responsible for … (remaining words are the same as illustrated in the management’s responsibility paragraph –
Our responsibility is to … (remaining words are the same as illustrated in the auditor’s responsibility paragraphs)– (Paragraph(s) discussing the disagreement.)
In our opinion, because of the effects of the matters discussed in the preceding paragraph(s), the financial statements do not give a true and fair view of (or ‘do not present fairly, in all material respects,’) the financial position of ABC Company as of December 31, 2007, and of its financial performance and its cash flows for the year then ended in accordance with International Financial Reporting Standards.”
MATTERS THAT DO NOT AFFECT THE AUDITOR’S OPINION
____________________________________________________
In certain circumstances, an auditor’s report may be modified by adding an emphasis of matter paragraph to highlight a matter affecting the financial statements which is included in a note to the
financial statements that more extensively discusses the matter.
The addition of such an emphasis of matter paragraph does not affect the auditor’s opinion. The paragraph would preferably be included after the paragraph containing the auditor’s opinion but before the section on any other reporting responsibilities, if any. The emphasis of matter paragraph would ordinarily refer to the fact that the auditor’s opinion is not qualified in this respect.
For example:
The auditor should modify the auditor’s report by adding a paragraph to highlight a material matter regarding a going concern problem.
“Without qualifying our opinion, we draw attention to Note (Ref no) in the financial statements which indicates that the Company incurred a net loss of Rs.__ during the year ended December 31,
2007 and, as of that date, the Company’s current liabilities exceeded its total assets by Rs.__. These conditions, along with other matters as set forth in Note (Ref no), indicate the existence of a material
uncertainty which may cast significant doubt about the Company’s ability to continue as a going concern.”
The auditor should consider modifying the auditor’s report by adding a paragraph if there is a significant uncertainty (other than a going concern problem), the resolution of which is dependent
upon future events and which may affect the financial statements.
An uncertainty is a matter whose outcome depends on future actions or events not under the direct control of the entity but that may affect the financial statements. An illustration of an emphasis of matter paragraph for a significant uncertainty in an auditor’s report follows:
“Without qualifying our opinion we draw attention to Note X to the financial statements. The Company is the defendant in a lawsuit alleging infringement of certain patent rights and claiming
royalties and punitive damages. The Company has filed a counter action, and preliminary hearings and discovery proceedings on both actions are in progress. The ultimate outcome of the matter cannot
presently be determined, and no provision for any liability that may result has been made in the financial statements.”
The addition of a paragraph emphasizing a going concern problem or significant uncertainty is ordinarily adequate to meet the auditor’s reporting responsibilities regarding such matters. However,
in extreme cases, such as situations involving multiple uncertainties that are significant to the financial statements, the auditor may consider it appropriate to express a disclaimer of opinion instead of
adding an emphasis of matter paragraph.
In addition to the use of an emphasis of matter paragraph for matters that affect the financial statements, the auditor may also modify the auditor’s report by using an emphasis of matter paragraph, preferably after the paragraph containing the auditor’s opinion but before the section on any other reporting responsibilities, if any, to report on matters other than those affecting the financial statements. For example, if an amendment to other information in a document containing audited financial statements is necessary and the entity refuses to make the amendment, the auditor would consider including in the auditor’s report an emphasis of matter paragraph describing the material inconsistency.
“Without qualifying our opinion we draw attention to the fact that the figures of dividend proposed and earning per share appearing in the director’s report being part of annual report are incorrect and
in conflict with those disclosed in financial statements. The matter has been brought to the notice of the management but no corrective action has been taken by them in this regard.”
Chapter
"Risk based Internal Auditing"
-Its role in Corporate Governance & Mitigating Fraud
Read Article:
__________________________
Internal auditing role in corporate governance
_____________________________________________________________
MANAGEMENT IS counting on internal auditors more than ever to improve governance processes, according to a new report from Crowe Chizek, an assurance, consulting, and risk management provider. Infernal Audit Plays Pivotal Role in Strengthening Corporate Governance focuses on the profession's opportunities to become a strategic player in corporate governance in response to increased government regulation and management directives to strengthen controls and improve risk management.
The report notes that The IIA's International Standards for the Professional Practice of Internal Auditing calls on internal auditors to evaluate and offer recommendations to improve governance processes and affirms their importance in risk management activities. Providing an overview of the governance trends and challenges internal auditors face, the report reminds auditors and management that the board of directors bears the primary responsibility for ensuring effective governance. The report provides examples of steps internal auditors can take to help management and the board with their responsibilities, such as:
• Assisting the board of directors in its governance self-assessment.
• Bringing best practice ideas about internal controls and risk management processes to the audit committee.
• Looking for opportunities to leverage compliance activities to reduce long-term costs.
• Reviewing the organization's code of conduct and ethics policies to ensure they are current and are communicated to employees.
• Conducting annual audits of whistleblower hotline and follow-up processes and reporting the results to the audit committee.
• Addressing disclosure and transparency objectives in the annual audit plan.
Read Article:
__________________________
CORPORATE GOVERNANCE - The Age of Internal Audit
_____________________________________________________________
United States-based Eric Hespenheide is Deloitte's global managing partner of internal audit. It is, he says, an "opportune" time to be an internal auditor. Demand for internal audit services is riding the bow wave of legislative and regulatory change to the rules of corporate governance seeping into economies around the world.
The US, with its wide-ranging and regulation-ridden Sarbanes- Oxley legislation, has already moved. Now European countries are reluctantly accepting that change there is also inevitable. And even though New Zealand's small economy and corporate structures will feel the cost pinch of additional regulation, reporting and control, Hespenheide doubts "cost" will be sufficient excuse to duck the issue.
"It is," he says, "a question of how important it is for New Zealand companies to participate in the global economy. I understand the issue of scale. But [capital markets] are demanding a demonstration of commitment to a controls environment and the governance norms that are being played out in the US and in the United Kingdom."
Even America's larger private companies are adopting key elements of the Sarbanes-Oxley provisions. "They are looking at board composition and setting up audit committees and so on," says Hespenheide. The impetus comes from capital markets and lenders who believe the tougher regulations are now the benchmark for corporate governance levels of performance and conformance. The risk profile of companies that don't adopt these new standards increases.
"For New Zealand's larger companies that want to play on the world stage there will be an expectation that they will have constructs like independent boards of directors, audit committees and so on. We are definitely seeing countries that rely on self-regulatory or principles-based compliance moving away from that. Particularly in Europe. We need some teeth and to make some requirements about how companies conduct themselves," he adds.
Hespenheide was on his way to the Institute of Internal Auditors international annual conference in Sydney. He stopped in New Zealand for two days and met with directors and senior executives in Wellington and Auckland to talk global changes in governance, risk management, audit committee processes and, of course, the issues and opportunities for internal auditing.
Regulatory requirements and systems are irreversibly changing, he said. And New Zealand could not afford to wait for its own major scandal to hit before it implements more prescriptive guidance as opposed to the principles-based approach it currently has.
He concedes, however, that there has been what he calls a "first year pre-occupation" with rules, regulations and compliance. He expects that to settle down and for directors and boards to move back to focusing on performance ahead of conformance. The uncertainty about what constitutes adequate documentation for both directors and management has dominated the change process since the new legislation was introduced. "We have had an extended period of uncertainty while we work out how much [documentation] is enough," he says.
Has this activity caused them to take their eye of the ball when running their businesses? "I certainly hope not," says Hespenheide, "but we have seen some evidence that companies are not making fourth quarter acquisitions, suspending all internal IT projects for the fourth quarter and other kinds of things that have true business consequences. It may be circumstantial because it is the first year [of the new rules] and no one knows exactly what will happen next spring when some of the attestation reports come out. But I don't think businesses generally have taken their eyes off the ball."
The new rules and regulations are, according to Hespenheide, having an impact on how business in the US will conduct itself, hopefully for the better. "But if the investing public at large and the legislators in particular believe that this will prevent any future scandals or frauds, that would be misplaced. Somebody is cooking the books as we sit here," he suggests. "We just don't know about it yet."
Part of the legislative intent of the tougher rules is a response to US chief executive claims that they were not aware of the risks and other issues in their companies. "Having them personally criminally liable and taking responsibility was a conscious effort to elevate expectations that if you are the CEO you should know what is going on," says Hespenheide. The legislators were intent on taking "ignorance" as a defence away in future.
He conceded it is "difficult" to legislate for ethical behaviour. But the whistleblower provisions within the Sarbanes-Oxley rules are intended to help prevent massive frauds. "These frauds aren't unsuspected by people who work in the company. The legislation is trying to ensure a corridor of communication so middle manager or accounts clerks or anyone who has information or evidence that something is amiss can get it confidentially to a place in the organisation that can deal with it. The legislative intent was to create an environment where whistle blowing, if you will, can go on."
For Hespenheide "this is an opportune time to be an internal auditor". Internal auditing is, he hastens to add, "not the answer to good corporate governance" but it an important element. The role of the internal audit has been enhanced because of the regulatory obligations and liabilities that a board audit committee now has. The internal audit function is an ideal way for the audit committee to execute some of its responsibilities. "If the audit committee is going to do its job and execute their fiduciary responsibilities, they will have to have a strong internal audit function," he says. "It is hard to imagine how they would have sufficient knowledge, independent of management, of what is going on with internal audit."
That, of course, drives its own set of tensions between internal audit and management "but the triangle of senior management, internal audit and the board's audit committee and how they interact is undergoing some fundamental change", says Hespenheide. One important change in relationships has come from the fact that external auditors are now hired by the audit committee. "In the past, auditors saw themselves as the clients of management. Notwithstanding the fact the understanding was auditors worked for the board and shareholders, the reality was the relationship was directly with senior management."
Much the same has happened with internal audit. "It too was seen as a function of management and a voluntary activity. Now the audit committee wants to be as independent as possible even though it will be hired by management," he says. "Internal audit should be serving as a monitoring function over management prophecies that go to the board." All of this is premised on audit committees getting a better understand of how to do this. It needs to be clear just where audit committees should be spending their time - presumably helping the company and management to identify, assess and analyse risk.
Will this all make management more risk averse? "It is one of our concerns," he says. "Risk management, if taken to extreme, becomes a risk factor itself if it becomes risk avoidance. You can avoid risk to the detriment of the entity. I think we will, in time, reach an equilibrium between risk management and risk taking. It is not a matter of risk avoidance but of risk intelligence."
Read Article:
____________________________
Getting Leg Up
_____________________________________________________________
As one of the four legs of corporate governance, internal auditors have an opportunity to provide strong support to the audit committee.
CHIEF AUDIT EXECUTIVES (CAEs) AND THEIR INTERNAL AUDIT
_____________________________________________________________
departments are facing significant new challenges and opportunities regarding their role in corporate governance. Currently, many internal audit departments are aiding management in its documenting, analyzing, and testing of internal controls, as required by the U.S. Sarbanes-Oxley Act of 2002. They are also helping external auditors perform internal control testing where the Public Company Accounting Oversight Board (PCAOB) "competence" and "objectivity" standards have been met. These are commendable tasks for internal audit departments, especially during the implementation of a sea change in internal control responsibilities and reporting. However, there is a corporate governance role for internal auditing that transcends these worthy efforts. Internal auditors can perform a set of unique corporate governance activities in addition to supporting management and the external auditors. And if these activities are adopted worldwide, they will enhance corporate governance, reduce overall governance costs, and create an important and valuable role for CAEs and their internal audit departments.
CORNERSTONES OF CORPORATE GOVERNANCE
__________________________________________________
To explore internal auditing's new role fully, it's necessary first to look at where it fits into corporate governance. IIA publications frequently use a four-legged table to describe the cornerstones of corporate governance (see "The Corporate Governance Table," page 43). Each of the table's legs represents one of the four cornerstones. In addition to the internal audit leg, there are the executive management, external audit, and board of directors legs.
EXECUTIVE MANAGEMENT
______________________________________
Most corporate governance responsibilities rest with the organization's senior management. The Committee of Sponsoring Organizations of the Treadway Commission's (COSO's) Internal Control-Integrated Framework recognizes that to maintain an internal control system successfully, senior management must accept responsibility for it. Internal controls, ethics policies and education, risk management, and compliance with laws and regulations must be on every senior manager's radar screen if they are to permeate the organization. In short, corporate governance is every manager's--especially every senior manager's--responsibility.
Internal auditors routinely help executive management with its leg of the governance table by consulting on:
• How to better perform enterprise risk management (ERM). "The Role of Internal Audit in Enterprise-wide Risk Management," a position paper issued by IIA headquarters and the IIA-UK and Ireland, provides information on roles that internal auditors can play in ERM. Generally, tasks listed as "Legitimate Internal Auditor Roles With Safeguards" are activities that relate to management's leg of corporate governance. The safeguards provided in these suggestions help ensure internal auditors do not take on management's role. In short, internal auditors cannot assess management's ERM performance when they have acted as management in ERM activities.
• How to improve the organization's compliance with laws and regulations. Examples of such advice include making the whistleblower hotline more effective or advising management on how to improve anti-fraud programs. Internal auditors should apply the same caution applied in the ERM area when providing advice in the compliance area. To maintain objectivity, auditors must not perform a management role.
• How to comply with Sarbanes-Oxley. As the IIA's position paper "Internal Auditing's Role in Sections 302 and 404 of the Sarbanes-Oxley Act," issued May 26, 2004, notes, supporting management in its Sarbanes-Oxley activities is a legitimate role for internal auditors. This position paper recognizes that there is a "delicate balance" between management's responsibilities and the internal auditors' corporate governance responsibilities. In practice, this delicate balance has been hard to achieve. In the first year of the Sarbanes-Oxley implementation struggle, internal auditors frequently have had primary responsibility for compliance. In a recent IIA Global Auditing Information Network (GAIN) staffing study, 37 percent of the respondents indicated that their internal auditors had the primary responsibility for overseeing their organization's Sarbanes-Oxley compliance efforts. There are two concerns associated with this practice if it continues. First, internal control stewardship responsibilities are vested in management for good reason. When internal auditors relieve management of any portion of its internal control responsibilities, it detracts from management's control attention and efforts. Second, internal auditing has supporting roles to play regarding Sarbanes-Oxley for both external auditors and the audit committee, and acting as management compromises these roles. Thus, barring the appropriate safeguards, internal auditors should avoid taking the lead role in planning, documenting, evaluating, and testing internal controls to support management's control assertions. The management section of The IIA's position paper provides additional guidance.
EXTERNAL AUDITORS
____________________________________
The financial statement audit, with its resulting opinion, has been the major corporate governance role of external auditors. Many internal audit departments have routinely aided the external auditors in their financial statement audits by conducting tests under the external auditors' supervision.
Thanks to Sarbanes-Oxley, the external auditor's governance leg has become much bigger. Section 404 of the act requires external auditors to evaluate management's assertions on internal controls over financial reporting, including evaluations of management's testing and conclusions regarding these controls. Additionally, Section 404 requires external auditors to conduct their own audit of the organization's internal control system over financial reporting, leading to an enormous time commitment. To reduce this burden, the PCAOB allows external auditors to rely on internal audit testing, as long as the internal auditors have the appropriate competence and objectivity. Clearly, when internal auditors perform this work, they are working on the external auditor's leg of the corporate governance table--not their own leg.
BOARD OF DIRECTORS/AUDIT COMMITTEES
_____________________________________________________________
Sarbanes-Oxley has significantly increased the governance responsibilities of publicly listed companies' audit committees, as well. According to Section 301 of the act, audit committees "... shall be directly responsible for the appointment, compensation, and oversight of the work of any registered public accounting firm employed by that issuer...." Section 301 also makes audit committees responsible for the "... resolution of disagreements between management and the [external] auditor regarding financial reporting." Further, Section 301 explicitly empowers audit committees "... to engage independent counsel and other advisers, as it determines necessary to carry out its duties." These are significant changes in the governance duties and responsibilities of the audit committee. Internal auditors can help audit committees meet their newly mandated requirements by recognizing and successfully performing their own unique corporate governance role.
THE INTERNAL AUDIT TABLE LEG
_____________________________________________________________
The new internal audit governance role emanates from gaps in Sarbanes-Oxley, new stock exchange requirements for publicly listed companies, the audit committee's needs, and internal auditing's unique independence, expertise, and experience. Successfully performing this role can reduce the need for further U.S. Securities and Exchange Commission (SEC), PCAOB, or other government action, thereby reducing future costs and allowing the current regulatory and legal situation to work.
To help audit committees meet their new governance responsibilities, internal auditors can perform several support roles.
AID THE AUDIT COMMITTEE IN SUPERVISING AND OVERSEEING THE EXTERNAL AUDITORS
_____________________________________________________________
The audit committee has limited insight regarding the relationship between management and the external auditor and has little time to review the external auditor's work. Thus, as the audit committee's eyes, ears, and hands, internal auditors can perform reviews of the external auditor's work to enable audit committees to make more informed decisions.
There are several functions that internal auditors can perform to aid the audit committee in its supervision and oversight of the external auditors, including:
• Performing the lead role in selecting and retaining the external auditors and negotiating their fees.
• Assessing the work of the external auditors and providing an opinion of the external auditor's work.
• Providing an informed opinion on the relationship between the external auditors and management, such as management's propensity to give due consideration and care in implementing the external auditor's suggestions.
• Providing input regarding the resolution of disputes between management and the external auditors over financial reporting, internal controls over financial reporting, and other control issues.
• Advising on the suitability of approving management's requests to engage the external auditor for extra work outside the normal audit engagement.
Internal auditing should be the premier resource to aid the audit committee in its oversight duties of the external auditors for several reasons, including:
• Internal auditing reports directly to the audit committee; thus, it is in a critical functional advisory position.
• Internal auditors may be viewed as less biased or conflicted and, therefore, more independent than any other financial function in the organization. Because the major output of the external auditor's work is an opinion on the quality of financial management's efforts, the internal audit department is the most independent and knowledgeable of the organization's financial functions.
• Internal auditors are present at all times. They are on site when the external auditors are performing their work, when the external auditors meet with management, and even after the external auditors leave. This makes the internal auditors an ever-present observer of how management and the external auditors react to one another and how management responds to the external auditor's findings.
• Internal auditors have credible auditing and accounting backgrounds, and many have significant experience as external auditors. Thus, internal auditors can provide meaningful, experienced feedback to the audit committee in their assessment of the external auditor's work
• Internal auditors have in-depth knowledge of the organization and its vulnerabilities. Thus, they can assess the suitability of the external auditor's efforts in terms of audit scope and coverage.
The audit committee also can rely on the company's management, representations of the external auditors on their own worthiness and firm quality assurance processes, an independent expert adviser, the PCAOB and its examinations of the external auditor's work, or its own audit committee financial expert. However, internal auditors are the best choice to help the audit committee oversee the external auditors because they are highly qualified, are less expensive, have more candid and meaningful observation opportunities, and are in a better hierarchical position to provide assistance to the audit committee in fulfilling its governance requirements.
EVALUATE MANAGEMENT'S ERM AND COMPLIANCE EFFORTS
_____________________________________________________________
Internal auditors can help the audit committee evaluate management's ERM efforts. The IIA's position paper lists core internal auditing roles as:
• Giving assurance on risk management processes.
• Giving assurance that risks are evaluated.
• Evaluating risk management processes.
• Evaluating reporting of key risks.
• Reviewing management of key risks.
Each of these activities is consistent with IIA Standard 2110.A.1, which specifies internal auditing's roles in evaluating the organization's ERM process. Each task requires that the internal audit department evaluate management's ERM performance. Therefore, it is essential that internal auditing report its ERM findings directly to the audit committee. The IIA wisely recognized the necessity of the internal auditors being the audit committee's eyes and ears with respect to ERM and further institutionalized these as "Core Internal Auditing Roles in Regard to ERM" in the position paper. Thus, the internal audit department's evaluation of management's ERM performance becomes a major component in the internal audit leg of the governance table.
The same can be said about internal auditing's role in the organization's compliance efforts. Of necessity, the audit committee is concerned about the organization's ethics and efforts to ensure compliance with laws and regulations and whether the organization takes such efforts seriously. Due to the internal audit department's independence, its risk assessment efforts when planning audits, and its observation opportunities, it is best suited to provide an opinion on management's compliance efforts. Therefore, the internal auditor's evaluation of management's compliance efforts should be another important element in the internal audit leg of the governance table.
EVALUATE THE ORGANIZATION'S INTERNAL CONTROL
SYSTEM
_____________________________________________________________
Sarbanes-Oxley has reduced the need for internal audit departments to perform evaluations of internal control systems over financial reporting for the audit committee, as many had done in the past. However, The IIA's position paper on the internal audit department's role in Sarbanes-Oxley compliance explicitly calls for other COSO internal control aspects for which audit committees deserve an evaluation. These are elements of the internal control system that help ensure that the entity is operationally effective and efficient, that it complies with laws and regulations, and that it safeguards assets. While these internal control elements may be touched on in the external auditor's internal control system audit, internal audit departments should make it their business to perform a thorough, competent evaluation of these components and provide their evaluation to the audit committee.
An integral part of the internal control system evaluation is an examination of the organization's control environment, especially its propensity for ethical behavior and the tone at the top. Internal auditors are in an outstanding position to assess the ethical climate of the organization because of their daily, bird's-eye view into the organization's culture and corporate attitude. Also, auditors can provide objective reports to the audit committee on the value of structural control activities that ensure control environment adequacy, such as the effectiveness of authorization matrices, codes of conduct, and the disclosure committee.
LEAD EFFORTS IN AUDIT COMMITTEE EDUCATION, SELF-ASSESSMENTS, AND CHARTER DEVELOPMENT AND REVIEW
_____________________________________________________________
The IIA Research Foundation's Emerging Issues Series Vol. 1, No. 1, The Sarbanes-Oxley Act of 2002: Effect on Audit Committee Meetings at Publicly Traded Companies, recognizes that internal auditing is supporting audit committees in new ways. Auditors who responded to a GAIN survey indicated that they were serving audit committees in several new areas, including:
• Orienting new committee members.
• Providing educational experiences for the board of directors.
• Assisting with audit committee self-assessments.
• Developing and maintaining the audit committee's charter
As a competent and objective resource of the audit committee, internal auditors can provide these services more effectively than other less involved parties.
EVALUATE MANAGEMENT'S SARBANES-OXLEY EFFORTS
_____________________________________________________________
As part of their annual engagement, the external auditors assess management's internal control evaluation efforts and provide their assessment of these efforts to the audit committee. Performing this annual assessment requires extensive review by the external auditors. Considering the number of clients each external audit firm serves, continuous monitoring of the internal control system by the external auditors will be unwieldy, error prone, and likely impossible. Internal auditors, on the other hand, can observe and test management's internal control efforts continuously and report to audit committees during the year for a fraction of the cost.
MANAGE OR PARTICIPATE IN SPECIAL AUDIT COMMITTEE INVESTIGATIONS
_____________________________________________________________
Section 301 of Sarbanes-Oxley gives audit committees the authority to hire independent counsel and other advisers to perform investigations of management on behalf of the board of directors. Competent and objective internal auditors can assist audit committee investigations in two ways. First, if they have the experience, they can perform investigations for the audit committee directly, thereby obviating the need for outside assistance. Second, internal auditors can aid the audit committee in searching for or engaging special counsel or advisers and can manage the investigation. Thus, internal auditors can act as the audit committee's hands-on director of the consultant's efforts. At a minimum, internal auditors can keep the committee apprised of the costs, efforts, and expertise of the contracted party. Given the magnitude of professional fees, it is possible that an audit committee could engage a professional services firm to perform an independent investigation and then be surprised at the costs accumulated over a short period. Internal auditors can help by keeping tabs on the costs and progress of the investigation.
AUDIT THE CORPORATE GOVERNANCE PROCESS
_____________________________________________________________
Internal auditors can review the activities of all participants, benchmark performance with corporate governance process best practices, and issue a report with recommendations for the audit committee and all parties. These reviews can be based on the organization's corporate governance process design effectiveness. Benchmarking data are easily obtainable and can be used to evaluate existing corporate governance activities. Internal auditors also may conduct effectiveness reviews of the corporate governance process. Effectiveness reviews are much more subjective and can call for internal audit tools such as interviews and management self-assessment techniques.
MAKING IT HAPPEN
_____________________________________________________________
For internal auditors to perform their governance duties, they must have a desire to do so and believe that they can make a difference. Thus, they must understand how their expanded role can improve the organization's governance performance. Also, they must assess their capabilities and develop them more fully where necessary. Finally, they must advocate their expanded duties zealously and exceed the expectations of the audit committee, management, and external auditors.
It is crucial that internal auditors report directly to the audit committee. This direct reporting relationship is recommended by The IIA's International Standards for the Professional Practice of Internal Auditing, is almost universally incorporated into internal audit and audit committee charters, and is essential to ensure internal auditors have the necessary authority, independence, and resources to carry out their responsibilities. However, the reporting relationship often lacks substance. There are four indicators that a reporting relationship has substance:
1. The audit committee has the sole authority to hire, fire, and compensate the CAE.
2. The audit committee approves internal auditing's budget and scope of work.
3. Communication between the audit committee and internal auditing is frequent and private.
4. The audit committee approves any internal audit department support work requested by either management or the external auditors.
The IIA should lead the effort to ensure all internal auditors have the capability, support, credibility, and authority to perform their new governance roles. The IIA should examine all the new opportunities available to internal auditing due to Sarbanes-Oxley and mandate those activities that will make a positive contribution to governance. The IIA's position papers and standards are guiding the profession in the right direction, but practitioners need more help.
Quality assurance reviews should be used to determine if:
• Audit departments are holding up their leg of the corporate governance table.
• All elements of the direct reporting relationship with the audit committee have substance.
• Executive management governance-support assignments impact internal auditors' credibility or objectivity.
Time is of the essence. New governance practices are constantly proposed and adopted at the urging of investors, regulators, audit committees, law firms, and external auditors. If internal auditors do not step up and perform these new duties, someone else will. It is doubtful that any other party could perform them as effectively, efficiently, or economically.
Not every internal audit department has the independence, capability, credibility, or inclination to perform its unique, new corporate governance duties. However, in some cases, CAEs and their departments are already meeting many, if not all, of their new governance roles. It is time for internal auditing to seize these new governance opportunities and to become a stable and highly valued leg in the corporate governance structure.
No comments:
Post a Comment