Audit planning been achieved)

1. To gain a clear understanding of the client to 3) Assess clients business risk

enable the auditor to obtain sufficient appropriate
evidence; Client business risk is the risk that the client entity will
2. To ensure a cost-effective audit; fail to achieve its corporate objectives.
3. To avoid misunderstandings with the client. 4) Perform preliminary analytical procedures
Audit planning At the planning stage, analytical procedures assist
1.Acceptable (desired) audit risk = How willing is in risk assessment when obtaining an understanding
the auditor to accept an inappropriate unmodified of the entity.
audit opinion after the audit is done. Comparison of client ratios or data to benchmarks
Lower audit risk Higher certainty that audit provides an indication of the clients
opinion is ok. performance/liquidity/financial stability etc.
2. Inherent risk = likelihood of material Audit documentation
misstatements before internal controls are applied. enable an experienced auditor, having no previous
3. Also helps assess control risk connection with the audit
Audit planning : 1.Permanent audit file. 2. Current audit file
1) Accept the engagement
1. Evaluate new client (:) Quantitative Auditor selects benchmarks
a) Integrity of management appropriate for an entity either dollar amount or
b) Auditors competence & capabilities percentage
c) Ethics & independence Qualitative Significance of
d) Significant matters arisin misstatement to the entity Pervasiveness of the
2. Identify the reasons for the audit () misstatement Effect of misstatement on the
Required by law for disclosing entities financial report as a whole
User: likely statement users & intended uses of
the statements Financial statement level
Discuss with management (The financial report as a whole)
3. Obtain mutual understanding with the client Assertion level (materiality levels for classes of
about the terms of the engagement transactions, account balances or disclosures)
Content: //&/// Performance materiality
///// Applying materiality
Purpose: Confirm terms of the engagement
Effect: Legal contract between auditor and client Step1Preliminary assessment of materiality
4. Select staff for the engagement & evaluate need Step2Allocate preliminary assessment about
for outside specialists( materiality to segments
) Step3Evaluate Results:
2) the clients business & industry Estimated total error =
1. Industry and external environment (Economic Projected error + sampling error
conditions; Competition; Regulatory requirements) Step4Estimate the combined misstatement
2. Business operations and processes. related Step5Compare combined estimate with
parties ( major sources of revenue; Key assessment about materiality
customers & suppliers; sources of financing; related
parties; areas with higher business risk) a) Reliance by External Users b) Likelihood of
3. Management and governance control Financial Failure c) Integrity of Management
environment in Lecture 7 (7 ) Audit strategies
4. Objectives and strategies Preliminary assessment of control risk by
a) Reliability of financial reporting looking at whether control procedures are
b) Effectiveness & efficiency of operations effectively designed.
c) Compliance with laws & regulations The assessed level of control risk will affect the
5. Measurement and performance audit strategy / program (the design of the audit
(eg. creating incentives to manipulate financial procedures to be carried out).
information to look like the performance goals have Inter-control system looks not goodhigh
CRlow or little test of controlfocus on
substantive testinguse Preliminary assessment
Inter-Control system looks goodlow CRtest
of inter-controlsame or lower levelreduced
amount of substantive testinguse assessed
level
Q16 (12 marks) Internal controls, fraud risk, and
audit strategies.
Internal control 1. : c.Output controls e.g., manual review
the control environment. The control environmen
t consists of the actions, policies, and procedures th
at reflect the overall attitudes of top management, d
irectors, and owners of an entity about internal cont
rol and its importance to the company.
1.Communication_& enforcement of integrity &
ethical values
2.Commitment to competence
3. Participation by those charged with governance
4.Managements philosophy and operating style
5.Organisation structure
6.Assignment of authority & responsibility
7.HR policies_&_practices
Risk assessment. This is management's identificat
ion and analysis of risks relevant to the preparation
of financial statements in accordance with appropri
ate accounting frameworks such as GAAPorIFRS
[1business_risk 2.risks_not_identified 3.fraud risk]
Information and communication. These are the
methods used to initiate, record, process, and report
the entity's transactions and to maintain accountabil
ity for the related assets.
1.Identify significant classes of transactions
2. Procedures & records How transactions are
initiated, recorded, processed, corrected & reported
3. How the info system captures significant events
& conditions (other than transactions) relevant to
the financial report.
4. The financial reporting process, e.g., accounting
estimates & disclosures.
5. Controls surrounding journal entries, including
for non-recurring, unusual transactions or
adjustments.
Control activities. These are the policies and proc
edures that management has established to meet its
objectives for financial reporting.
1. Authorisation
General_authorisation_is_permissible for routine
events for which there are policies to follow. For
some transactions.
Specific authorisation is needed on a case-by-case
basis
2.Performance reviews independent checks /
proper supervision
3.Information processing: General Control/
Application controls
a.Input controls e.g., pull-down list, reasonableness
test, validation test.
b.Processing controls e.g., Validation test (correct
master files), sequence test, arithmetic accuracy
test, data reasonableness test, completeness test.
4.Physical controls(Limit access to important
assets and records Assets:e.g.,Physical security and
access.)
5.Segregation of duties
Monitoring.
This is management's ongoing and periodic assess
ment of the quality of internal control performance
to determine whether controls are operating as inten
ded and are modified when needed
a.Assess_effectiveness of controls on a timely basis
b.Take remedial actions.
Management should monitor controls through:
Ongoing activities Separate evaluations Using
info from external parties.
Limitations of Internal Control
Management override.
Collusion among employees.
Non-routine transactions.
Breakdowns carelessness, distractions.
Mistakes in judgment.
Changes in operations / conditions.
Cost versus benefit - How much internal control?
Reasonable assurance.
Assess Control Risk:
Step1: Obtain an understanding of entitys
internal control system.
:
making a preliminary assessment as to the
effectiveness of controls; and
designing procedures for obtaining evidence
applicable to management assertions.
:
Review previous experience with the entity
Inquire of appropriate managers and employees;
Inspect documents and records;
Observe activities and operations.
Step2: Assess control risk
->Preliminary assessment involves:
1. Assessing the control environment;
2. Assessing design effectiveness; and
3. Assessing operational effectiveness
Audit strategy:
1. Predominantly substantive approach
2. Lower assessed level of control risk approach
->Assess CR again when all tests of control are
completed.
1. Identify transaction-related audit objectives
2. Identify specific controls
3. Identify and evaluate weaknesses Criteria:
a) Identify existing controls b) Identify the absence
of key controls c) Determine misstatements that
could result d) Consider compensating controls
Tests of Control
Provide evidence as to the effectiveness of
internal controls. Tests of design effectiveness &
operating effectiveness. The work of the internal
auditor may be taken into account (ASA 610).
Auditors should report material weaknesses in
internal control to management.
[Nature/Timing/Extent]
Step 3: Document assessed CR in working
papers.
Step 4: Report control weaknesses to
management.
3. 3. Design and perform procedures to address the
The auditor must communicate signicant
deciencies and material weaknesses in writing to
those charged with governance as soon as they
become aware of their existence. The
communication is usually addressed to the audit
committee and to management. Timely
communications may provide management an
opportunity to address control deciencies before
management's report on internal control must be
issued. In some instances, deciencies can be
corrected sufficiently early such that both
management and the auditor can conclude that
controls are operating effectively as of the balance
sheet date. These communications must be made no
later than 60 days following the audit report
release.
4. 4. Examine documents, records and reports
Answer: There are a number of reasons an auditor
may choose not to continue a relationship with an
existing client. Examples include:
1. Previous conflicts over accounting issues, scope
of the audit, type of opinion, or fees.
2. Management integrity may be deemed to be
insufficient.
3. Legal action initiated by either the auditor or
client related to prior audit services.
4. The presence of excessive risk which could result
in financial failure of the client or lawsuits against
the audit firm.
Terms: Reasons auditor may not wish to continue
relationship with existing audit client.
Fraud Risk: Acts Resulting in Material
Misstatements Fraud Intentional act
involving the use of deception to obtain an unjust
or illegal advantage.
2 :
1. Fraudulent Financial Reporting
2.Misappropriation of Assets.
Risk Assessment Procedures
Inquiries of Management
Consider fraud risk factors, e.g., 1.Need to meet
3rd party expectations, e.g., financing 2.Targets for
bonuses 3.Ineffective control environment
Consider Unusual or Unexpected Relationships
ASA 240.22 Consider Other Information ASA
240.23.
Responding to the risk of fraud.
1. Change the overall conduct of the audit to
respond to identified fraud risks
2. Design and perform audit procedures to address
fraud risks
risk of management override of controls 4.Update
risk assessment process
Q17 (15 marks) Audit risk model and audit
testing including substantive testing, analytical
procedures, and application of the audit risk
model
1. Procedures to understand the entity
Risk assessment procedures=Control related
Procedures to understand internal control
(design effectiveness)
1. Evaluate and update previous experience with
the entity
2. Make enquiries of audit client personnel
3. Read clients policy, procedure and systems
manual
5. Observe entity activities and operations.
2. Tests of control(TOC) (operational
effectiveness)
1.Make enquiries of audit client personnel
2.Examine documents, records and reports
3.Observe entity activities and operations
4. Re-perform client procedures.
Typically, control related procedures refer to
Documentation, Observation, Inquiries and
Reperformance.
3. Analytical procedures(AP)
Analytical procedures evaluations of financial
information made by a study of plausible
relationships among both financial and nonfinancial
data.
Must be used in planning the audit and in
reviewing the audit.
MAY be used as a substantive testSubstantive
analytical procedures.
Substantive analytical procedures
When used as a substantive test:
If the results are reasonable -Can be used to
reduce tests of details of balances (e.g., sample
size)
Different to planning stage, as planning often
involves preliminary data.
At substantive testing stage, expect to use full
year data.
4.Tests of details of transactions(TOD-T)
=Substantive tests of transactions
Purpose is to determine whether all transactions
related audit objectives have been satisfied for each
class of transaction.
Tests to obtain evidence of a sample (or all) of the
individual debits and credits that make up an
account, to reach a conclusion about the account.
Typically, tests include: 1.Documentation
especially tracing & vouching 2.Inquiries of the
client 3. Re-performance.
5.Tests of details of balances.(TOD-B)
Tests of details of balances focus on obtaining
evidence directly about an ending account balance.
- Emphasis is on the balance sheet
Extent of the test is dependent on the outcome of
tests of controls and tests of details of transactions.
Typical tests of details of balances:
Physical examination
Confirmation
Documentation especially tracing and vouching
Inquiries of the client
Re-performance
Recalculation.
Design substantive procedures arms-length)
1. Develop specific audit objectives
2. Assess IR and CR to determine the acceptable
DR for each assertion (taking into account AR and
materiality level)
3. Determine appropriate audit strategy
Predominantly substantive strategy
Lower assessed level of control risk strategy
4. Perform tests of control if use lower assessed
level of control risk strategy
5. Design substantive procedures
Test of details of transactions
Test of details of balances
Nature, Timing & Extent
6. Perform substantive procedures
7. Evaluate results
Detection risk & Substantive tests
Detection Risk (DR) is the risk that the
auditors substantive procedures will not detect a
material misstatement.
It is directly related to the substantive procedures
performed in an audit DR = AR/(IR x CR)
Audit risk model & Audit testing
DR = AR/(IR x CR)
For a given level of audit risk (AR) specified by
the auditor, DR is inversely related to the assessed
levels of inherent risk (IR) and control risk (CR)
Audit risk: should be kept low b/c
a)Reliance by external users: Larger client /
Listed/Creditors
b)Likelihood of Financial Failure: shortage of
fund/poor performance/ risky industry/mgmt
lacking competency
c)Integrity of mgmt: frequent disagreement with
prior auditors & regulators/frequent turnover of key
audit personnel/ongoing conflict with Labor
unions& employees
Inherent Risk:
1. Industry Factors(Econ condition& competitive)
2. Nature of clients business
3. Integrity of mgmt.
4. Audit client motivation (mgmt. incentives)
5. Previous audit result (errors likely again)
6. Initial vs repeat Engagement
7. Related party (possibility of transaction not at
8. Non- routine (lack exp)
9. Judgement required (a/c estimates)(Doubtful
Debt, inv, contingent)
10. Makeup of population (AR large company)
11.Susceptibility of fraudulent FR
&Misappropriation of Assets (cash & inventory
not building)
12. Other Factors: IT changes, Litigation, legal
environment, country)

Evaluate results
If the results indicate the existence of material mis-
statements / problems with internal controls, the
auditors options include:
Evaluate results from other tests,
Increase sample size,
Expand testing in specific areas,
Ask client to adjust account balance or correct
records,
Communicate with audit committee or
management about problems in internal controls
or other issues of concern,
Modify audit opinion.
Documentation
Remember the auditor has to document the audit
to allow an experienced auditor to review:
1. Nature, timing and extent of audit procedures
2. Results of audit procedures and evidence
obtained
3.Significant matters arising and conclusions
reached.
Particular accounts - examples
Revenue
Risk overstatement
Reasons [Occurrence, Accuracy, Classification,
Cut-off]
Accounts involved [Sales, Account receivables]
Tests.[TOC; Substantive tests of transactions;
Analytical procedures]
Expenses
Risk understatement
Reasons.[Completeness, Accuracy, Classification,
Cut-off]
Accounts involved,[Purchases/COGS, Payroll,
Accounts payable]
Tests[TOC; Substantive tests of transactions;
Analytical procedures]
Assets
Risk overstatement / misappropriation
Reasons, [Existence, Valuation, Rights &
obligations]
Accounts involved. [Inventory, Cash, fixed assets,
investments]
Tests[TOC; Test of details of balances]
Liabilities
Risk understatement
Reasons [Valuation, Rights & obligations,
Completeness]
Accounts involved, [Trade payable, Short term
debt]
Tests.[TOC; Test of details of balances]
Q18 (13 marks) various topics including but not
restricted to sampling, materiality and
subsequent events
Sampling :Application of audit procedures to less
than 100% of items within a population of audit
relevance such that all sampling units have a
chance of selection in order to provide the auditor
with a reasonable basis on which to draw
conclusions about the entire population.
Population: The entire set of data from which a
sample is selected and about which the auditor
wishes to draw conclusions.
Sampling unit: The individual items constituting a
population
Representative Sample:
A representative sample is where the
characteristics of the sample are approximately the
same as those of the population.
Two things cause a sample to be non-
representative:
a) Non-sampling risk
b) Sampling risk - The risk that the auditors
conclusions based on a sample may be different
from the conclusion if the entire population
were subjected to the same audit procedure.
Inherent to sampling.
Sample characteristics will never match the
population exactly.
Higher risk with a very small sample, no risk if
the entire population is tested.
Difficulty for auditors
finding the correct balance.
Stratification can reduce total sample size required
First type:
(a)internal controls are more effective than they
actually are (Risk of over-reliance), or
(b)there are no material misstatements (Risk of
incorrect acceptance). Ineffective audit (more
likely to result in an inappropriate audit opinion)
2nd type:
(a)internal controls are less effective than they
actually are (Risk of under-reliance), or
(b)there are material misstatements (Risk of
incorrect rejection). Inefficient audit (additional
work).
To reduce sampling risk: Non-statistical Sampling
Adjusting the sample size
Larger sample, lower sampling risk.
Using an appropriate method of sample selection.
Non-sampling Risk the results.
The risk that the auditor reaches an erroneous
conclusion for any reason not related to sampling
risk.
Examples:
Failure to detect a material misstatement due
to human error / incompetence.
Inappropriate audit procedures
Not related to sample size. contain items with similar characteristics.
To minimize non-sampling risk: Identifying characteristics, e.g.
Careful design of audit procedures,
Proper instruction / supervision / review
Statistical vs Non-statistical sampling
Similar process:
Step 1 Plan the sample
Step 2 Select the sample
Step 3 Perform the tests Similar Process
Step 4 Evaluate the results
Different Techniques
Statistical sampling allows the quantification of
sampling risk in planning the sample and
evaluating the results
In non-statistical sampling, those items that the
auditor believes will provide the most useful
information are selected D
Sample selection method
1) Random sample selection
Person selecting sample cannot influence choice of
items
Each item has equal chance of being selected
Sample can be stratified before selecting random
sample to increase efficiency. E.g. stratify
population of transactions into different size ranges,
then take different size samples from each stratum.
for test.
2) Systematic sample selection
Calculated interval with a random starting point.
Divide number of items in population by sample
size, giving sampling interval. Select starting point,
then take every nth item.
Risk that items are listed in way that every nth is
related can randomly order first.
3) PPS (Probability proportional to size)
Sample selection (monetary unit sampling).
Probability of selection is proportional to recorded
value of the item.
Does not require quantification of sampling risk.
Use judgment (not probability theory or statistical
inference) to determine sample size and evaluate
To select the sample, use non-probalistic methods:
1) Directed sample selection judgmental criteria
2) Block sample selection sequence
3) Haphazard sample selection no structure, but
no bias
Stratification
The process of dividing a population into
subpopulations. The sub-populations (i.e., strata)
Often monetary value, so greater effort is
directed at larger value items.
Characteristics that indicate a higher risk of
misstatement.
The purpose is to reduce variability of items
within each stratum and so allow a smaller sample
size without increasing sampling risk. Helps
improve audit efficiency.
 Strata must be defined so that each sampling unit To assess monetary mis-statements in
can only be in one stratum. accounts receivable.
Sampling for Tests of Control 3. Choose appropriate sampling method
When performing tests of controls, the auditor is Statistical sampling; Non-statistical
concerned with evidence that controls are operating sampling
effectively. 4. Identify population & sampling unit
Auditor is interested in the frequency of the Population should be appropriate &
occurrence of problems in internal controls, i.e., complete
rate of deviation. Consider stratification of the population
Sampling for Substantive Tests using an appropriate attribute, usually dollar
When performing tests of details of transactions, amount. Advantage: Focus audit work on
the auditor is interested in the misstatements in items of greater risk / interest.
transaction data Occurrence rate (i.e., rate of 5. Specify tolerable error, expected error,
deviation) is again relevant. required confidence level
With tests of details of balances, the auditor is Tolerable error means the maximum error in
interested in the monetary misstatements in account a population that the auditor is willing to
balances (dollar amounts, not deviation rates). accept. Also called tolerable misstatement /
Sample results can be used to estimate total dollar tolerable rate of deviation in ASA530.5.
amount of misstatements.
Expected error rate expected population
Example:
deviation rate or expected $ misstatement
9% of the value of inventory items sampled
Confidence interval (sampling risk)
are misstated, therefore 9% of ending Tests of controls the risk of over
inventory value are estimated to be
reliance
misstated.
Substantive tests the risk of incorrect
Is this amount material?
acceptance
Sampling to estimate deviations / mis-statements 6. Determine the sample size
Consider two risks when making such judgements In determining an appropriate sample size,
(recall the slide on sampling risk): the auditors main concern is with reducing
Risk of incorrect acceptance / the risk of sampling risk to an acceptably low level.
overreliance (wrong opinion) (ASA530.7)
Risk of incorrect rejection / the risk of The level of sampling risk that the auditor
underreliance (inefficient audit) is willing to accept has an inverse relation
with the sample size required.
We are more concerned about the risk of incorrect (ASA530.A10).
acceptance/over-reliance affects whether the fin. See ASA530 appendix 2 & 3 for factors
Statements provide a true and fair view. that may affect sample size for tests of
Using Sampling in Audit Testing =Plan the sample controls and substantive tests.
1. Is sampling required? 7. Select the sample
Alternatives to sampling: All sampling units in the population must
Select all items in a population have a chance of being selected. (ASA530.8)
Select specific items Recall:
High value or key items Probabilistic sample selection methods (for
All items over a certain amount statistical sampling)
Items to obtain information Non-probabilistic sample selection (for
Items to test procedures nonstatistical sampling)
2. Determine Objectives of the Test Need to
8. Perform audit procedure on the sample
define the error / misstatement being
selected.
tested for. E.g.,
9. Evaluate results.
To assess the occurrence rate of monetary
Consider qualitative aspects of the misstatements.
errors in the recording of purchases
Investigate nature & cause of
transactions.
deviation/misstatements, and evaluate possible
effect on the purpose of the audit procedure & on
other areas of the audit.
Project sample result to the population
Compare projected error & tolerable error. E.g.,
for tests of control, if the projected deviation rate
exceeds the tolerable deviation rate, the preliminary
assessment of control risk is not confirmed. More
substantive tests will be required
Additional evidence / testing? Communication
with client? Request to adjust / correct account
balances
Subsequent Event (Adjusted or Non-Adjusted)
Type 1 Adjusted: Event that provide additional
evidence with respect to conditions that existed at
year-end paragraph
Can affect estimates in financial report, or indicate
that going concern assumption is not appropriate.
Accounting treatment: adjust financial report for
the effect of these events, where material
Example:
1) Bankruptcy of customer after year-end which
would be considered when evaluating
provision for doubtful debts.
2) Amounts received for insurance claim in
negotiation at year end.
3) Deterioration in operating results after year-
end that means going concern not
appropriate
1. If the auditor becomes aware of Type 1 event
after the date of the auditors report But
before the financial report is issued, the
auditor: financial report auditor date and events did not occur until after audit report
report
1) Consider whether the financial report
needs changing
2) Discusses the matter with the client
3) Take action appropriate in the
circumstance
If decides adjustment needed, immediately
informs those charged with governance not to
issue to public
Corrects and reissues revised financial & audit
report
If client declines to change, it needs to modify
audit report (qualified or adverse opinion)
2. If the auditor becomes aware of Type 1 event
after the financial report is issued, but the
events occurred before the audit report
signature date: financial report
auditor report
1) Auditor considers whether he would have
issued a different audit opinion if the events
were known at the date the audit report was
signed
2) Discuss the matter with the client
3) Takes appropriate action in the circumstance
General Action
Audit report withdrawn. Company communicates
to third parties in receipt of the report
ASIC/ASX advised formally for onward advice.
Notices placed on company website.
If client agrees with amendments:
Re-issue financial report and audit report
Audit report will include an emphasis of matter
Not modified, but an explanation referring to a
note in the financial report discussing the reason
why the financial report was revised
If client does not agree to re-issue
Take additional steps to prevent future reliance on
previous financial & audit reports issued
Re-affirm steps taken above with added
information as to refusal (NB refusal to change is
not likely to occur)
3. If the auditor becomes aware of Type 1 event
after the financial report is issued, and the
events occurred after the audit report
signature date: financial report
auditor report
No action required
Auditors responsibility not extend to this scenario
Was not aware of events at audit report signing
signed.
Type 2 Non-Adjusted
Events that provide evidence with respect to
conditions that developed subsequent to year-end.
Do not result in changes to mounts in the financial
report
Might be so significant to require disclosure- Do
not require accounts to be adjusted
reporting date
Example:
1) Uninsured loss of assets due to fire, flood,
subsequent to year-end
2) Purchase of a business or debt subsequent to
year-end
Auditing Lecture 5 auditing plannning
Analytical procedures are performed at the
initial stage of an audit to gain an
understanding of the audit clients business
and to identify possible areas of material
misstatements.
Compare the company ratio with industry average
a) Give one example of an account/transaction
class and an assertion that should be tested
more carefully, given the analytical evidence
above. Give an example of a substantive
procedure that can be performed to test the
assertion for the account/transaction class.
1) For the reason improper sales cut-
off, the auditor should perform
procedures to test the cut-off
assertion of the sales revenue
account.
2) One such substantive test is to examine
documents for sales around the balance
date to see whether sales are
recorded/recognised in the correct
accounting period. The documents to be
examined include sales invoices,
shipping documents, sales journal and
general ledger.
3) To test unrecorded sales is to test the
completeness assertion for sales
revenue.
4) A substantive procedure to test this is:
accounts receivable affect the valuation
assertion (NRV) of allowance for doubtful
debts. The concern is whether the client
makes sufficient allowance for doubtful
debts.
5) A substantive analytical procedure for
testing the valuation of allowance of
doubtful debts is
ACCT3101 audit planning
6.4 accepting an engagement
engagement to issue or fees.
ASA 220 A8:
The integrity of the principal owners,
key management and those charged with
governance of the entity.
Whether the engagement team is competent to
perform the audit engagement and has the
necessary capacities, including time and resources.
Whether the firm and the engagement
team can comply with relevant ethical
requirements; and
Significant matters that have arisen during the
current or previous audit engagement, and their
implications for continuing the relationship.
For new engagements the auditor should perform
evaluation procedures, including:
A review of financial information regarding the
prospective client, its standing in the business
community, financial stability and the relationship
with the existing auditors. Often searches are
carried out using the Internet or research databases,
the business press or other media;
Inquiries of third parties (including banks and
solicitors) regarding the company and its
management;
Whether the audit team is competent to complete
the audit and has adequate time and resources to do
so.
Communication with the predecessor auditor. In
particular, issues relating to management integrity
and disagreements;
Consideration of specific audit risks (e.g. evident
from research into the industry, or from
information gained about the client;
Evaluation of the firms independence (e.g. is
there any conflict of interest that may arise through
relationships with existing clients, or are there
audit personnel that may hold positions or financial
interests that may threaten independence), and
Consideration of other ethical requirements.
Existing engagements are usually evaluated
annually to determine whether there are reasons
for not continuing to do the audit.
The evaluation may include consideration of
factors such as:
Previous conflicts over such things as the
appropriate scope of the audit, the type of opinion
Suggestions that the client lacks integrity (e.g.
through media reports, actions of executives or
other evidence) and therefore should no longer be a
client.
When the firm considers that the acceptable risk
in the engagement is below the accounting firm's
threshold (e.g. the client is threatened by going
concern problems due to conflict with a
government agency which may result in a future
threat of litigation).
Competent adequate resources and time to
complete the audit.
Related party
''

A related party is defined in the Corporations
Act and may include controlling or controlled
entities, directors and their relatives (see text
page 221). Entity relationships may include the
holding company and its subsidiaries, or a
direct subsidiary of the client company. Under
accounting standard AASB 124, related parties
also include parties that can control or exercise
significant influence over the client in making
financial and operating decisions. Related party
transactions and balances must be disclosed in
the financial statements. Therefore, the auditor
must identify related parties in the planning
phase of an audit and make a reasonable effort
to determine that all material related party
transactions have been properly disclosed in the
financial statements.
Audit documentation (working papers)
Opportunities Ineffective oversight of financial
Audit working papers (audit documentation) are
referred to in ASA 230.
ASA230 para. 2 states that the two main purposes
of audit documentation are to provide:
a) Evidence of the auditors basis for a conclusion
about the achievement of the overall objective
of the auditor; and
b) Evidence that the audit was planned and
performed in accordance with Australian
Auditing Standards and applicable legal and
regulatory requirements.
Risk and materiality
7.7 Tolerable error &preliminary assessment of
materiality
The following are example of risk factors for
A preliminary assessment of materiality is set for
the financial statements as a whole. Tolerable
error (misstatement) is the maximum amount of
error that would be considered immaterial for an
individual account balance. The amount of tolerable
error for any given account is dependent upon the
preliminary estimate of materiality. Ordinarily,
tolerable error for any given account would have to
be lower than the preliminary estimate of
materiality. In many cases, it will be considerably
Management has disregarded the inadequate
separation of duties that allows the potential theft
of cash receipts.
9.13 Response to fraud risks
(3 ) (3) Perform procedures to address the risk of
lower because of the possibility of errors in
different accounts which, in total, cannot exceed the
preliminary assessment about materiality.
Fraudulent financial reporting is an intentional
misstatement or omission of amounts or disclosures
with the intent to deceive users, while
misappropriation of assets is fraud that involves
theft of an entitys assets. Frauds involving
financial reporting are usually larger than frauds
involving misappropriation of assets, usually
involve top management, and do not directly
involve theft of company assets.
Risk factors for fraudulent
Incentives/Pressures - The company is under
pressure to meet debt covenants or obtain
additional financing.
reporting by the board of directors allows
management to exercise discretion over
reporting.
Attitudes/Rationalisation Management is
overly aggressive. For example, the company
may issue aggressive earnings forecasts, or make
extensive acquisitions using company shares.
9.5Risk factors for misappropriation of assets
For each of the three fraud conditions:
incentives/pressures, opportunities, and
attitudes/rationalisation.
misappropriation of assets for each of the three
fraud conditions:
Incentives/Pressures
The individual is unable to meet personal financial
obligations.
Opportunities
There is insufficient segregation of duties that
allows the individual to handle cash receipts and
related accounting records.
Attitudes/Rationalisation
The three auditor responses to fraud are:
(1) Change the overall conduct of the audit to
respond to identified fraud risks;
(2) Design and perform audit procedures to address
identified risks; and
management override of controls. Examples are: 1. Recalculation of amounts
(quantity times unit selling price) on selected sales
Audit testing invoices and tracing of amounts to the sales journal
Test of control & substantive test of or sales reports.
transactions 2. Examination of vendor invoices in support of
amounts recorded in the purchase journal for
Tests of controls are audit procedures to test the purchases of inventories.
operating effectiveness of control policies and 3. Recalculation of gross pay for selected entries in
procedures in support of a reduced assessed control the payroll journal.
risk. Examples include: 4. Tracing of selected customer cash receipts to the
1. The examination of vendor invoices for accounts receivable master file, agreeing customer
indication that they have been clerically tested, names and amounts.
compared to a receiving report and purchase order, .
and approved for payment. Sampling
2. Examination of employee time cards for Lecture Exercise: Sample Selection Methods
approval of overtime hours worked. 1. Stratification
3. Examination of journal entries for proper
approval. Answer: Stratification is achieved by the
4. Examination of approvals for the write-off of bad auditor dividing a population up into
debts. discrete sub-populations based on an
Substantive tests of transactions are audit identifying characteristic such as
procedures testing for monetary misstatements to monetary value.
determine whether the six transaction-related audit Source: ASA 530.5
objectives have been satisfied for each class of Benefit of stratification: The auditor might have
transactions. reason to expect the risk of deviations or
It involves tracing and checking information from misstatements to be greater in certain items than in
source documents through the various stages of the rest of the population. By stratifying, the auditor
recording to the general ledger and subsidiary can focus on sub-populations with greater risk of
ledgers, looking for dollar errors in processing.
deviations/misstatements. This allows the auditor to there are several possible courses of action:
reduce sample size without increasing sampling 1. Perform expanded audit tests in specific
risk. areas.
2. Increase the sample size.
When a population is not considered acceptable,
3. Ask the client to adjust the account balance. 10. An auditor's legal liability to the client
4. Request the client to correct the population. under common law can result from the auditor's
5. Refuse to give an unmodified opinion failure to properly fulfil his or her contract for
6. Audit liability services. The legal actions can be for breach of
7. the auditors potential liability to each of contract, which is a claim that the contract was
the client and third parties under: not performed in the manner agreed upon, or it
8. , can be a tort action for negligence. An example
would be the client's detection of an error in the
1) Common law 2) Statutory law financial statements, which would have been
9. Describe one situation for each type of discovered if the auditor had performed all audit
liability in which the auditor could be held procedures
legally responsible.
11. required in the circumstances (e.g., 13. Example Pacific Acceptance corporation Ltd
misstatement of inventory account resulting from v. Forsyth Pacifics auditors had been negligent in
an inaccurate physical inventory not properly failing to confirm the execution and registration of
observed by the auditor). loan securities.
12.
14.
 15. Liability to clients under statutory law
occurs under both the Corporations Act and
16. corporation (such as to notify management of
errors or problems) and to members of the
corporation in the expression of an opinion in the
audit report. Failure to detect and disclose a
material misstatement is likely to render the
auditor liable on this basis.
17.
18. The auditor's liability to third parties under
common law results from any loss incurred by the
claimant due to reliance upon misleading financial
statements. An example would be a bank that has
loans outstanding to an audited company. If the
financial report did not disclose that the company
had contingent liabilities that subsequently became
real liabilities and forced the company into
bankruptcy, the bank could proceed with legal
action against the auditors for the material
omission - the bank would have to establish that it
enjoyed sufficient proximity and its reliance was
reasonably foreseeable.
19. Example Esanda Finance corporation Ltd
v. Peat Marwick Hungerfords (Reg.) The
High Court held that foreseeability alone is
insufficient to establish a duty of care and
that a relationship of proximity (relationship
of reliance) had to be shown.
20. case).
, 43.The question is what constitutes reasonable
21. Liability to third parties under statutory law is
most likely to arise under the Fair Trading
legislation regarding misleading or deceptive
statements. Because silence can be construed as
misstatement, this may leave auditors exposed to
third party claims for failure to detect and report
misstatements. However, this is yet to be tested in
court. Where it can be established that a third party
has privity of contract then they will be able to
take action on a similar basis to the members of
the corporation.
22.Four requirements for negligence:
23. 47.-A 6% deviation rate is not material enough
24. 1. Duty of care owed
25. 2. Negligent in performance or opinion
26. 3. Loss is suffered
27. 4. Loss is foreseeable as a result of
negligence
28. Esanda Finance corporation Ltd v. Peat
Marwick Hungerfords (Reg.) Third parties are
owed a duty of care, only if there is a relationship
of reliance. The tests for a relationship of
Trade Practices or Fair Trading acts. The
auditor has a duty to the
reliance are:
29.Reasonable reliance
30.Depends on:
31. Auditor knew the information
would be communicated to the third
party
32. The third party individually or an
identified class
33.Intention by the auditor for the information
to be relied on by the third party
34.The information is for the purpose of the
third party transacting with the company
35.Assumption of responsibility
36.Voluntary provision of information or
advice.
37.6.20Modified to follow the framework
38.The accounting firm is potentially liable to
its client possible negligence of the
partner in charge. Breach of contract or
Tort of negligence.
39.To establish 4 elements of negligence:
40. 1. Auditor does owe a duty of care to the
client.
41. 2. Was the auditor actually negligent?
42.The auditor needs to exercise reasonable
care, skill and caution (Kingston Cotton Mill
care and skill?
44.Was there a breach of the duty of reasonable
care when the partner failed to investigate
further after being apprised by a competent
subordinate of exceptions to 6% of the
vouchers payable examined?
45.In defense, the auditor needs to show the
audit complied with prevailing professional
standards (accounting/auditing standards)
(e.g., Pacific Acceptance case).
46.The auditor may argue that reasonable care
and skill had been exercised, e.g.,
to warrant further investigation;
48.-Collusion is extremely difficult to detect as
it renders segregation of duties ineffective.
49. 3. A loss has been suffered by the audit
client due to its employees fraud.
50.4. The client would argue that the loss was
a reasonably foreseeable result of the
auditors negligence (if auditor was actually
negligent) because the loss would have been
 lower had the auditor discovered the fraud.
51.If found negligent, liability limited to
those losses that would have been avoided
had reasonable care been exercised.
52.$370,000 - $50,000 = $320,000 net loss is
likely the max. amount that can be claimed
from the auditor, likely less because some
54.
money was already stolen before the auditor
could have detected the fraud.
53.Question of causation arises; i.e. whether
further actions by the partner would have
disclosed the fraud. If both lack of due care
and causation are established, recovery for
negligence will be available.
55. Ac 57. Reasons 58. Accounts 59. Tes
cou 56. Risk (Assertio involved ts
nt ns)
60. Rev 64. TO
enu 61. Overstatement 62. O,A,C,Cut 63. Sales, AR C,TO
e of D-
T,AP

65. Exp 67. C,A,Class 69. TO

ense 66. Understatement ification, 68. COGS,Payroll C,TO
s Cut-of ,A/cPayable D-
T,AP

73. Inv,Cash,Fixe 74. TO

70. Ass 71. Overstatement/mis 72. E,Valuati d C,
ets appropriation on,R&O Assets,invest TOD-
ment B

75. Lia 78. Trade 79. TO

biliti 76. Understatement 77. Valuation payable, C,
es , R&O, C Short-term TOD-
debt B
80.
81. Transaction-related audit objective
82. 83.
1. Assertions 2. General obj 3. Specific objectives
4. Occurrence 5. Occurrence 6. Recorded transactions occurred
7. Completeness 8. Completeness 9. Existing transactions are recorded
10. Accuracy 12. Accuracy 15. Recorded transactions are stated
11. 13. at the correct amounts
14. Posting & 16. Transactions are properly
summarisation included in the databases &
correctly summarised.
17. Classification 18. Classification 19. Transactions are properly
classified
20. Cut of 21. Timing 22. Transactions are recorded on the
correct dates

84. Balance-related audit objectives

85.Existence 89.Existence 90.Amounts included exist
86.
87.
88.
91.Rights & 93.Rights & 95.Assets/liabilities are
92.obligations 94.obligatio 96.owned/owed by the entity(eg:rec have not be sold or
ns discounted)
97.Completeness 98.Complete 99.All existing amounts are
ness 100.included
101.Valuation & 104.Accurac 119.Amounts included are stated
102.allocation y 120.at the correct amounts
103.. 105. 121.Amounts are properly classified(eg:Accounts that
106. Classifi are not expected to be collected within a year should
cation be classified as non-current receivables. It is
107. therefore being included as part of the classification
108. objective and consequently under the valuation or
109. allocation assertion.)
110. 122.Proper cutoff for recording
111. 123.items.
112.Cutoff 124.Account balances agree with
113. 125.master file amounts, and with
114.Detail 126.the general ledger
tie-in 127.
115. 128.Realisable value rule is
116.Realisab 129.appropriately applied
le
117.value
118.
130.Existence 132.Existenc 133.Amounts included exist
131. e
134.Rights & 136.Rights 138.Assets/liabilities are
135.obligations & 139.owned/owed by the entity(eg:rec have not be sold
137.obligati or discounted)
ons
 140.Completeness 141.Complet 142.All existing amounts are
eness 143.included
144.Valuation & 147.Accurac 161.Amounts included are stated
145.allocation y 162.at the correct amounts
146.. 148. 163.Amounts are properly classified(eg:Accounts that
149. Classifi are not expected to be collected within a year should
cation be classified as non-current receivables. It is
150. therefore being included as part of the classification
151. objective and consequently under the valuation or
152. allocation assertion.)
153. 164.Proper cutoff for recording
154. 165.items.
155.Cutoff 166.Account balances agree with master file amounts,
156. and with the general ledger
157.Detail 167.Realisable value rule is appropriately applied
tie-in
158.
159.Realisab
le.value
160.
168.
169. 1. Approval of department head or supervisor on 170. Adequates 171
O
time cards is required before preparing payroll eparation.authori
sati
172. 2. All pre- numbered time cards are accounted for 173. Adequate 174.
before beginning data entry for payroll processing documents and C
175. 3. The payroll accounting software application wont 176. Informatio 177.
accept data input for an employee number not contained n processing O
in the employee master file. control,
authorisation
178. 4. Persons preparing the payroll dont perform other 179. Adequate 180.
payroll duties (timekeeping, distribution of cheques) or separation O
have access to payroll master files
181. 5. The computer calculates gross and net pay based 182. Independe 184.
on hours inputted and information in employee nt check A
masterfiles, and payroll accounting personnel double- 183. on
check the mathematical accuracy on a test basis. performance.
185. 6. All voided and spoiled payroll cheques are 186. Adequate 187.
properly retained. documents C

188. 7. HR Investigationincludes checking the employees 189. authorisati 190.

background, former employers and references. onadequate doc O
A
191. 8.Written termination notice, with properly 192. Authorisati 193.
documented reasons for termination and approval of an on & documents O
appropriate official, are required.
194. 9.All cheques, not distributed to employees are 195. Physical 196.
returned to the financial control segregat O

197. 10.Online ability to add employees or change pay 198. access 199.
rates passwordsfrom hr. ctrl,author,segre O
g A
 200.
201.Audit Procedures 203.
type
o
202.type of f 204.audit objectives
evidence t
e
s
t
205.1.Use audit software to foot (add) and 207.
cross-add the cash payments journal and ST 208.Posting&
206.Recalcu o Summarisation
trace the totals to the general ledger. lation f ( Accuracy)
T
209.2. Select a sample of entries in the
211.
purchases journal and vouch each one to a ST
related vendors invoice to determine 210.Docume o 212.Occurrence
ntation f
whether one exists.
T
213.3.Calculate inventory turnover for each 214.Analyti
main product and compare with previous cal 215. 216.Realizable
years. Procedur AP Value,A,E/O,C
e
217.4.Use audit software to scan the AR
218.Reperfo 220.
master file and list all the invoices that TD
have remained unpaid for more than 90 rmance/
o 221.Realisable Value
days. 219.Docume f
ntation B
222.5. Confirm a sample of loan payable 224.
balances, interest rates and security with TD 225.E,R&O,A,
lenders. 223.Confirm o
ation 226.presentation&di
f sclosure
B
227.6. Use audit software to foot (add) the
229.
accounts payable trial balance and compare TD
the balance with the general ledger. 228.Recalcu o 230.Detail tie-in
lation f
B
231.7. Examine documentation for purchase
transactions before and after the balance 233.
sheet date to determine whether they are ST
232.Docume o 234.Cutoff
recorded in the correct accounting period. ntation f
T

235.8. Inquire of the credit manager whether 237.

each account receivable on the aged trial TD
balance is collectible. 236.Inquiry o 238.Realisable Value
f
B
239. Account 240. Risk 241. Reasons(Ass 242. Accounts 243. Tests
ertions) involved
244. Revenue 245. Overstatement 246. O,A,C,Cutoff 247. Sales, AR 248. TOC,TOD-
T,AP

249. Expenses 250. Understatement 251. C,A,Classific 252. COGS,Payroll, 253. TOC,TOD-
ation, Cut-off A/cPayable T,AP
 255. Overstatement/misa 256. E,Valuation, 257. Inv,Cash,Fixed 258. TOC, TOD-
254. Assets ppropriation R&O Assets,investme B
nt

259. Liabilities 260. Understatement 261. Valuation, 262. Trade payable, 263. TOC, TOD-
R&O, C Short-term debt B

264.