Summary
Summary Audit term 4 notes
- Institution
- Stellenbosch University (SUN)
Audit term 4 notes: summarising: Data CAATS Sampling & Completion Audit differences Going concern
[Show more]
Content preview
auditingTERM 4
• system / data CAATS
• sample testing
Alexandra Shtein
,AUDIT PROCESS
AUDIT PROCESS
planning
-> Knowledge of the business
-> understanding the systems
Pre-engagement -> materialitly
activities -> audit risk and risk assessment
-> audit strategy and approach
Audit
evaluation and
reporting
procedures
-> test of
control
-> substantive…
HOW DO COMPUTERS IMPACT THE AUDIT PROCESS
What changes at the CLIENT? What changed for the AUDIT What must the AUDITORS do?
Characteristics of the accounting & The following DOES change: Consider additional aspects:
system of internal control CHANGES ◦ Risks on which the audit must ◦ Pre-engagement activities
For example: focus ◦ Obtain an understanding of the
◦ Transactions (generating, ◦ Methods of obtaining audit accounting and system of
processing and storage) (eg evidence internal control (knowledge of
manual VS automated) ◦ Methods of conducting audit the business)
◦ Manual & IT internal controls procedures ◦ During the planning of nature/
(there are additional risks for ◦ Nature, extent and timing of time and extent of auditor
the client) procedures procedures
◦ Information send to ◦ Performing the audit
management (reports are The following does NOT change : procedures
automated) ◦ Overall extent and objective
◦ Audit objectives
◦ Audit process
,PRE-ENGAGEMENT ACTIVITIES (STAGE 1 )
BEFORE accepting the audit engagement (the client ), consider if you have the following :
• Skills required (DO I have the skills required to audit a complex system , IF NOT hire a specialist )
• Resources (hardware, software & time) (AT the client AND at myself )
• Funding (can I do this audit in a cost effective manner
• May require a computer specialist services
PLANNING (STAGE 2 )
A) Knowledge of the Considering normal aspects when understanding the IS AND :
business & ◦ Complexity of accounting activities
understanding the ◦ Significance of the computer activities
system ◦ Data availability
◦ Method of processing used
B) Understand the system Obtain an understanding of the accounting and system of Internal control
◦ IC around transactions (& info) relevant to the audit
◦ Specifically controls relating to significant classes of transactions , accounts & balances and
process to prepare the financial statements
◦ Focus on systems relating to financial reporting framework
◦ Identify relevant risks ( AT financial statement AND accounting level)
Distinguish between :
• Direct (internal controls that address RMM AT account/assertion level)
• Indirect
C) Risk assessment CIS results in a change in the characteristics of the system
◦ Giving rise to additional risks & introduces compensating controls
◦ Has an impact on the auditors risk assessment AND timing, nature and extent of audit
AR = IR x CR x DR procedures
Internal control (IC) characteristics and risks associated with the CIS environment :
◦ Identify “NEW” risks (IR) which are introduced by the CIS
- Financial statement level: errors and unusual items in the AFS
- Account/ assertion level : with respect to figures in the financial statements
◦ Evaluate internal controls which have been implemented in CIS (CR)
◦ Magnitude and likelihood of IR & CR evaluated separately
Risk evaluation is a systematic and iterative process :
1) Identify controls
2) Evaluate the design (on paper)
3) Test implementation (high level test/ walk through
4) Test operations
Characteristic / factors of CIS that give risk to RISKS:
a) NATURE OF PROCESSING
§ Absence of input documents
§ No clear segregation of duties
§ Lack of visible audit trail
§ Potential errors & inconsistencies
b) DEVELOP & PROCEDURAL ASPECTS
§ Consistent processing
v Advantage (programmed internal controls)
v Disadvantage (programming errors)
§ High speed processing
§ Interdependence of controls
§ Programmed application controls ( dependent on the integrity of the program) (IE
general controls only place reliance on the general controls which have operated
effectively )
§ User control (dependent on suitable programmed controls )
, D) Audit approach Decide on :
(more information è Audit strategy (high level)
on following è Audit approach (account & assertion level)
page) è Audit plan (detailed audit procedures in terms of account)
Follow a RISK based audit
- Audit must consider the CIS environment and risks (IR & CR) in designing the audit procedure
to reduce DR (detection risk) to an acceptable level
- MUST consider risks at BOTH financial statement and account/ assertion level
Need to assess the computerized controls – this depends on the complexity of the system
OVERALL APPROACH
NATURE 1) Combined approach (test of controls & substantive procedures)
2) Substantive approach (substantive procedures )
TIMING 1) Before year end
2) AT year end
EXTENT 1) Extensive
2) Limited
AUDIT APPROACH
SIMPLISTIC computer system COMPLEX system
• Review of computerized controls is UNNECSSARY • Must evaluate the computerized controls
• May ignore the computer & perform manual audit procedures • “THROUGH”
• “AROUND” à 1st general controls
à Then application controls
3 types of audit approaches:
1) Audit “AROUND” the CLIENTS system
2) Audit “THROUGH” the CLIENTS system
3) Audit “WITH” with the AUDITORS system
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through EFT, credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying this summary from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller lexishtein. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy this summary for R75,00. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
57114 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy summaries for 14 years now