MF 0013 Internal Audit and Control-Set-1

Sikkim Manipal University
- MBA -
MF 0013 Internal Audit and Control
=========================================================== Semester: 3 - Assignment Set: 1 =======================================================
Question: 01:- Critically evaluate the qualities of an Auditor in the wake of recent scams Answer: An auditor renders a professional service to his client. He should not only possess the prescribed statutory qualifications but also certain personal qualities. Some of those personal qualities are mentioned below: 1. Common sense: According to Spicer and Pegler, the auditor should have a full share of that most valuable commodity-commonsense. This is necessary to distinguish between important and not so important information. 2. Independence: Expression of opinion is a prime duty of an auditor. An influenced and biased person cannot form an independent opinion. Hence, independence in true sense is an utmost quality of an auditor. 3. Honesty and Integrity: Like any other professional viz. Doctors, Lawyers etc. auditor should possess a high moral character. In a way, he is a public servant. He must not knowingly, misinterpret any fact or sign any document under undue pressure. 4. Objectivity: Independence of an auditor depends on his ability to act with objectivity. For example, the auditor of XYZ Company believes that closing stock has not been properly valued but accepts a certificate from the management as to its valuation. In this case, the auditors judgment lacks objectivity. 5. Communication: He should be able to communicate effectively, both orally and in writing. Particularly in the matter of report writing, he should be able to convey his message clearly and unambiguously. 6. Tactfulness: He should be firm, yet diplomatic with his client and staff. He should be tactful enough to obtain necessary written as well as oral evidence from his client, so that he can form a reasonable opinion. 7. Awareness of latest developments: An auditor should keep his knowledge up to date related to his audit work likes changes in laws, changes in professional standards, latest development in technical guidelines etc.
=========================================================== PANKAJ CHOUREY Reg. No. 521036344 Page 1 of 14
- MBA -
Question: 02 What is social audit? Is social audit taken seriously by the corporate world? Give examples of corporates undertaking social audit. Answer: Social audit The social audit is also called social responsibility audit. A business organization exists in society. Hence, it owes certain responsibilities toward society at large. As Lord Denning has observed: The directors of a great company should owe a duty to those who are employed by the company to see that their conditions of service are proper. They should owe a duty to the customers, to the people to whom the goods are supplied, a public duty perhaps, not to expect excessive prices. They should owe a duty also to the community in which they live, not to make the place of production hideous or a nuisance to those who live around. Social audit is mainly concerned with social accounting. It may be noted that social accounting is still in early stage and so social audit also. Social audit also called Social Responsibility Audit is mainly concerned with social accounting. A continuous audit is basically a perpetual audit, where auditors and his staff constantly engaged in checking the accounts throughout the year. Annual audit is done at the end of the financial year when finalization of accounts has been completed and books of accounts closed. A Balance Sheet audit is mainly concerned with the verifications of items appearing in the Balance Sheet such as share capital, reserve and surplus, current liabilities, fixed assets, current assets, investments etc in detail.
Question:03 Explain the Code of Ethics for Internal Auditor. Explain them in context with blacklisting Price Waterhouse Coopers in Satyam Scam. Answer: Code of Ethics for Internal Auditor In his book Practical Guide for Internal Audit R.S. Adukia has scholarly explained about the code of ethics for internal auditor which is as follows:
- MBA -
This code of ethics sets the minimum requirements for the performance and conduct of internal auditors. This code applies to all internal auditors but does not supersede or replace the requirement on individual to comply with ethical codes issued by professional institutes of which they are members or student members and any organizational codes of ethics or conduct. There are four main principles: 1. Integrity: The internal auditor should demonstrate integrity in all aspects of their work. Their integrity establishes an environment of trust, which provides the basis for reliance on all activities carried out by the internal auditors. 2. Objectivity: Objectivity is a state of mind that has regard to all considerations relevant to the activity or process being examined without being unduly influenced by personal interest or the views of others. Internal auditors should display professional objectivity when providing opinions, assessments and recommendations. 3. Confidentiality: Internal auditors must safeguard the information they receive in carrying out their duties. There must not be any unauthorized disclosure of information unless there is a legal or professional requirement to do so. 4. Competency: The internal auditor should make use of his/her knowledge, skills and practical experience necessary for auditors activity performance. They should not accept or perform work that they are not competent to undertake, unless they have received adequate training and support to carry out the work to an appropriate standard. Achieving compliance with code of ethics i) Security integrity: The internal auditor should: a) Perform his/her job honestly, diligently and with responsibility. b) Perform his/her profession in harmony with the acts and other generally binding regulations. c) Avoid any illegal activity and performing any activity discrediting the internal auditors profession. d) Respect the legal and ethical objectives of the organizations. e) Take care that his/her integrity should not be compromised.
- MBA -
ii) Objectivity: The internal auditor should: a) Avoid taking part in activities or relations which may damage, or might be understood as damaging his/her unbiased assessment including activities or relations which may be in conflict with public interests. b) Avoid accepting anything that may damage or might be understood as damaging his/her objective professional assessment. c) Protect his/her objectivity against political influence. d) Disclose all substantial facts known to him/her that being undisclosed might misrepresent the conclusions on activities or events assessed. iii) Observing Confidentiality: The internal auditor should: a) Be careful when using and protecting information he/she gathered when auditing. b) Avoid disclosing and making use of the information obtained during the auditors activities performance in order to damage the interests of other person or organization. c) Avoid making use of the information obtained during the auditors activities for personal enrichment or in a way which would be in conflict with the law or which would damage legitimate and ethical interests of the organization. iv) Demonstrating Competence: a) It is a pre-requisite that all internal audit staff is aware of and understand: 1. The organizations aims objectives, risks and governance arrangements. 2. The purpose, risks and issues affecting the service area to be audited. 3. The terms of reference for the audit assignment so that there is a proper appreciation of the parameters within which the review be conducted. 4. The relevant legislation and other regulatory arrangement that relate to the service area to be audited. b) The internal auditor should keep educating himself constantly in order to have a good command of internal audit techniques and auditor standards necessary for obtaining, examining and evaluating the information. v) Maintaining Audit Independence: Internal auditors should be independent of the activities they audit. Internal auditors are considered independent when they can carry out their work freely and objectively. Independence permits internal auditors to render the impartial and unbiased judgments essential to the proper conduct of audits. This is achieved through
- MBA -
organizational status and objectivity. Independence stands for an internal auditor being able to take a stand and report on materiality issues, uninfluenced by any favors coercion or undue influence.
Question: 04 As a senior audit assistant of M/s. Asutosh Associates, you are in charge of internal audit team of M/s Rajesh Technologies involved in the manufacture of plastic tubes. From the information you obtained you find the company is facing liquidity problem for the last two years. You are required to prepare working paper indicating the internal audit problems you would expect to face and how you plan to overcome them. Answer: As a senior audit assistant of M/s. Asutosh Associates, I need to prepare working paper indicating the internal audit problems are as follows: Summary of problem area (i) Company is facing liquidity problem due to poor working capital management especially in inventory management area. Planning Points (i) Detailed study of inventory management especially in the area of inventory recording, inventory movement, inventory valuation method, internal control system of inventory etc. (ii) Meerut plant produces all spare (ii) Both the plant i.e. Meerut as well parts, whereas Dehradun plan as Dehradun should be visited by produce less. audit team. Internal control system should be reviewed by audit team. (iii) Level of inventory should be verified at both the plants. (iv) Various ratio analysis particularly related to inventory should be conducted as compared on month to month basis. Some of the important ratios to be considered are inventory turnover ratio, inventory holding period, raw material inventory turnover ratio, work in progress (WIP) turnover ratio etc. (v) Whether the company is following
- MBA -
ABC analysis technique to inventory control. In ACB analysis, inventory is categorized according to relative importance for the purpose of monitoring and control. (vi) Some of the general problem areas should be specifically checked like: (a) The purchase department in order to benefit from the economics of scale, indulges in bulk buying, which may cause an overstocking of raw materials. (b) The production departments focus is on output maximization through improved operational efficiency for which un-interrupted production is pre-requisite. Therefore, the production department would always want sufficient inventory of WIP so that interruption at some stage in the production line does not affect its output i.e. finished goods. (c) The marketing department with its objectives to maximize sales, would focus on maximizing investment in the finished goods inventory, as it enables the firm to exploit any sudden increase in demand. These individual goals of different departments should be analyze carefully and problem areas should be identified. (vii) After completion of internal audit arrange a discussion with management regarding problem areas and suggests them suitable means.
- MBA -
Question: 05: Explain the use of Sampling technique in Internal audit [SA500] Answer: Use of Sampling Techniques in Internal Audit
SA 500: Audit Evidence issued by the Institutes of Chartered Accountant of India says: The audit evidence should, in total, enable the auditor to form an opinion on the financial information. In forming such an opinion, the auditor does not normally examine all the information that is available to him because he can reach a conclusion about an account balance, class of transactions or a control by way of judgmental or statistical sampling procedures.
Statistical sampling technique is a well accepted audit techniques now-adays. Statistical sampling in auditing means forming an opinion about a group of items on the basis of examination of a few of the items. Statistical sampling technique add scientific flavor to old, generally accepted by auditing professional, of test checking. Statistical sampling techniques are based on the probability theory. The Institute of Chartered Accountants of India has issued SA 530: Audit sampling which is mandatory in nature and applicable to all kinds of audit. The following is the text of SA 530 modified as per our requirement:
Introduction
1. The purpose of this standard is to establish standards on the design and selection of an audit sample and the evaluation of the sample results. This standard applies to statistical and non-statistical sampling methods. Either method, when properly, applied can provide sufficient appropriate evidence. 2. When using either statistical or non statistical sampling methods, the auditor should design and select an audit sample. Perform audit procedures thereon, and evaluate sample results so as to provide sufficient appropriate audit evidence. 3. Auditing sampling means the application of audit procedure to less than 100% of an item within an account balance or class of transactions to enable the auditor to obtain and evaluate audit evidence about some characteristics of the items selected in order to form or assist in forming a conclusion concerning the population. 4. It is important to recognize that certain testing procedures do not come within the definition of sampling. Tests performed on 100% of the items within a population do not involve sampling, likewise, applying audit procedures to all items within a
- MBA -
population which have a particular characteristics (for example all items over a certain amount) does not qualify as audit sampling with respect to the portion of the population examined, nor with regard to the population as a whole, since the items were not selected from the total population on a basis that was expected to be representative.
Design of the sample

5. When designing an audit sample, the auditor should consider the specific audit objectives, the population from which the auditor wishes to sample, and the sample size.
Audit objectives
6. The auditor would first consider the specific audit objectives to be achieved and the audit procedures which are likely to best achieve those objectives. Consideration of the nature of the audit evidence sought and possible error conditions or other characteristics relating to that audit evidence will assist the auditor in defining what constitutes an error and what population to use for sampling. For example, when performing tests of control over an entitys purchasing procedures, the auditor will be concerned with matters such as whether an invoice was clerically checked and properly approved on the other hand, when performing substantive procedures on invoice processed during the period, the auditor will be concerned with matters such as the proper reflection of the monetary amounts of such invoices in the financial statements.
Population
7. The population is the entire set of data from which the auditor wishes to sample in order to reach a conclusion. The auditor will need to determine that the population from which the sample is drawn is appropriate to the specific objective. For example, if the auditors objective were to test for overstatement of accounts receivable, the population could be defined as the accounts receivable listing, on the other hand, when testing for understatement of accounts payable, the population would not be accounts payable listing, but rather subsequent disbursements, unpaid invoices, suppliers statements, unmatched receiving reports or other populations that would provide audit evidence of understatement of accounts payable. 8. The individual items that make up the population are known as sampling units. The population can be provided into sampling units in a variety of ways, for example, if the auditors objectives were to test the validity of accounts receivable, the Sampling unit could be defined as customer balance or individual customer invoices. The auditor defines the sampling unit in order to obtain an efficient and effective sample to achieve the particular audit objectives.
- MBA -
Stratification
9. To assist in the efficient and effective design of the sample stratification may be appropriate. Stratification is the process of dividing a population into sub population, each of which is a group of sampling units, which have similar characteristics (often monetary value). The strata need to be explicitly defined so that each sampling unit can belong to only one stratum. This process reduces the variability of the items within each stratum. Stratification therefore, enables the auditor to direct audit efforts towards the items which for example, contain the greatest potential monetary error. For example, the auditor may direct attention to larger value items for accounts receivable to detect overstated material misstatements. In addition, stratification may result in a smaller sample size.
Sample size
10. When determining the sample size, the auditor should consider sampling risk, the tolerable error, and the expected error. Examples of some factors affecting sample size are contained in Table.
Sampling risk
11. Sampling risk arises from the possibility that the auditors conclusion, based on a sample, may be different from the conclusion that would be reached if the entire population were subjected to the same audit procedure. 12. The auditor is faced with sampling risk in both tests of control and substantive procedures as follows: (a) Tests of Control: i) Risk of Under Reliance: The risk that, although the sample result does not supports the auditors assessment of control risk, the actual compliance rate would support such an assessment. ii) Risk of Over Reliance: The risk that, although the sample result supports the auditors assessment to control risk, the actual compliance rate would not support such an assessment. (b) Substantive Procedures: i) Risk of Incorrect Rejection: The risk that, although the sample result supports the conclusion that a recorded account balance or class of transactions is materially misstated, in fact it is not materially mis-stated.
- MBA -
ii) Risk of Incorrect Acceptance: The risk that, although the sample result supports the conclusion that a recorded account balance or class of transactions is not materially mis-stated, in fact it is materially mis-stated. 13. The risk of under reliance and the risk of incorrect rejection affect audit efficiency as they would ordinarily lead to additional work being performed by the auditor, or the entity, which would establish that the initial conclusions were incorrect. The risk of over reliance and the risk of incorrect acceptance affect audit effectiveness and are more likely to lead to an erroneous opinion on the financial statements that either the risk of under reliance or the risk of incorrect rejection. 14. Sample size is affected by the level of sampling risk the auditor is willing to accept from the results of the sample. The lower the risk the auditor is willing to accept, the greater the sample size will need to be.
Tolerable error
15. Tolerable error is the maximum error in the population that the auditor would be willing to accept and still concludes that the result from the sample has achieved audit objective. Tolerable error is considered during the planning stage and, for substantive procedures, is related to the auditors judgment about materiality. The smaller the tolerable error, the greater the sample size will need to be. 16. In tests of control, the tolerable error is the maximum rate of deviation from a prescribed control procedure that the auditor would be willing to accept, based on the preliminary assessment of control risk, in substantive procedures, the tolerable error is the maximum monetary error in an account balance or class of transactions that the auditor would be willing to accept so that when the results of all audit procedures are considered, the auditor is able to conclude, with reasonable assurance, that the financial statements are not materially mis-stated.
Expected error
17. If the auditor expects error to be present in the population, a larger sample than when no error is expected ordinarily needs to be examined to conclude that the actual error in the population is not greater than the planned tolerable error. Smaller sample sizes are justified when the population is expected to be error free. In determining the expected error in a population, the auditor would consider such matters as error levels identified in previous audits, changes in the entitys procedures, and evidence available from other procedures.
Selection of the sample
- MBA -
18. The auditor should select sample items in such a way that the sample can be expected to be representative of the population. This requires that all items in the population have an opportunity of being selected. 19. While there are a number selection methods, three methods commonly used are: (a) Random selection which ensures that all items in the population have an equal chance of selection, for example by use of random number tables. (b) Systematic selection, which involves selecting items using a constant interval between selections, the first interval having a random start. The interval might be based on certain number of items (for example, every 20th voucher number) or on monetary totals (for example, every Rs. 1000 increase in the cumulative value of the population). When using systematic selection, the auditor would need to determine that the population is not structured in such a manner that the sampling interval corresponds with a particular patter in the population. For example, if in a population of branch sales, a particular branchs sales occur only as every 100th item and the sampling interval selected is 50, the result would be that the auditor would have selected all, or none, of the sales of that particular branch. (c) Haphazard selection, which may be an acceptable alternative to random selection, provided that auditor attempts to draw a representative sample from the entire population with no intention to either include or exclude specific units. When the auditor uses this method, care needs to be taken to guard against making a selection that is biased, for example, towards items which are easily located, as they may not be representative.
Evaluation of sample results

20. Having carried out, on each sample item, those audit procedures that are appropriate to the particular audit objective, the auditor should: (a) Analyze any errors detected in the sample. (b) Project the errors found in the sample. (c) Reassess the sampling risk.
Analyze of errors in the sample

21. In analyzing the errors detected in the sample, the auditor will first need to determine that an item in question is in fact an error. In designing that sample, the auditor will have defined those conditions that constitute an error by reference to the
- MBA -
audit objectives. For example, in a substantive procedure relating to the recording of accounts receivable, a misposting between customer accounts does not affect the total accounts receivable. Therefore, it may be inappropriate to consider this an error is evaluating the sample results of this particular procedure, even though it may have an effect on other areas of the audit such as the assessment of doubtful accounts. 22. When the expected audit evidence regarding a specific sample item cannot be obtained, the auditor may be able to obtain sufficient appropriate audit evidence through performing alternative procedures. For example, if a positive account receivable confirmation has been requested and no reply was received, the auditor may be able to obtain sufficient appropriate audit evidence that eh receivables is valid by reviewing subsequent payments from the customer. If the auditor does not, or is unable to perform satisfactory alternative procedures, or if the procedures performed do not enable the auditor to obtain sufficient appropriate audit evidence the item would be treated as an error. 23. The auditor would also consider the qualitative aspects of the errors. These include the nature and cause of the error and the possible effect of the error on other phase of the audit. 24. In analyzing the errors discovered, the auditor may observe that many have a common feature, for example, type for transaction, location, product line, or period of time. In such circumstances, the auditor may decide to identify all items in the population which possess the common feature, thereby producing a sub-population, and extent audit procedures in this area. The auditor would than perform a separate analysis based on the items examined for each sub population.
Projection of errors
25. The auditor projects the error results of the sample to the population from which the sample was selected. There are several acceptable methods of projecting error results. However, in all the cases, the method of projection will need to be consistent with the method used to select the sampling unit. When projecting error results, the auditor needs to keep in mind the qualitative aspects of the errors found. When the population has been divided into sub-population, the projection of errors is done separately for each sub-population and the results are combined.
Reassessing sampling risk

26. The auditor needs to consider whether errors in the population might exceed the tolerable error. To accomplish this, the auditor compares the projected population error to the tolerable error taking into account the results of other audit procedures relevant to the specific control or financial statement assertion. The projected population error
- MBA -
used for this comparison in the case of substantive procedures is net of adjustments made by the entity. When the projected error exceeds tolerable error, the auditor reassesses the sampling risk and if that risk is unacceptable, would consider extending the audit procedure or performing alternative audit procedures.
Effective date
27. This statement on Standard Auditing Practices becomes operative for all audits relating to accounting periods beginning on or after April 1, 1998.
Question: 06 What factors influence the internal control environment? Give examples for each factor. Answer: The environment in which internal control operates has an impact on the effectiveness of the specific control procedures. A strong control environment, for example, one with tight budgetary controls and an effective internal audit function, can significantly complement specific control procedures. However, a strong environment does not, by itself, ensure the effectiveness of the overall system of internal control. The system of internal control must be under continuing supervision by management to determine that it is functioning as prescribed and is modified as appropriate for changes in conditions. The whole internal control environment may change from those in a manual setting. The nature of the audit evidence changes when information is a manual setting. The nature of the audit evidence changes when information is readable only by electronic means. The use of computer assisted audit techniques may result in the performance of audit tests by the computer which were previously done manually. In addition, these
- MBA -
techniques may enable the auditor to carry out audit procedures that were hitherto impracticable. As new systems are acquired or developed he can determine whether data can be accumulated and stored in a manner that will facilitate later audit. Through maximum utilization of computer assisted audit techniques, the internal auditor may not only improve the quality of audits, but also sharpen his capabilities to perform special reviews for management thus provide better service. The internal control environment may be affected by: a) Organizational Structures: The organizational structure of an entity serves as a framework for the direction and control of its activities. An effectives structure provides for the communication of the delegation of authority and the scope of responsibilities. It should be designed, insofar as practicable, to preclude an individual from overriding the control system and should provide for the segregation of incompatible functions. Functions are incompatible if their combination may permit the commitment of concealment of fraud or error. Functions that typically are segregated are access to assets, authorization of transactions, execution thereof, and record-keeping. b) Management Supervision: Management is responsible for devising and maintaining the system of internal control. In carrying out its supervisory responsibility, management should review the adequacy of internal control on a regular basis to ensure that all significant controls are operating effectively. When an entity has an internal audit system, management may entrust to it some of its supervisor functions, especially with respect to the review of internal control. c) Personnel: The proper functioning of any system depends on the competence and integrity of those operating it. The qualifications, selection and training as well as the personal characteristics of the personnel involved are important features in establishing and maintaining a system of internal control.

MF 0013 Internal Audit and Control-Set-1

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

MF 0013 Internal Audit and Control-Set-1

Uploaded by

Copyright:

Available Formats

Sikkim Manipal University