Scribd Logo
Upload

Welcome to Scribd!

  • Modern Auditing Ch11 - 2

    Uploaded by

    Aris Surya Putra
    240 views31 pages
    Modern Auditing

    Original Title

    Modern Auditing Ch11_2

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Modern Auditing

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    240 views31 pages

    Modern Auditing Ch11 - 2

    Uploaded by

    Aris Surya Putra
    Modern Auditing

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 31

    Modern Auditing:

    Assurance Services and the Integrity of Financial Reporting, 8th Edition


    William C. Boynton
    California Polytechnic State University at San Luis Obispo

    Raymond N. Johnson
    Portland State University

    Chapter 11 Audit Procedures in Response to Assessed Risks: Tests of Controls

    Chapter 11 Overview

    Assessing Control Risk


    In assessing control risk, the auditor must evaluate the effectiveness of : Design of internal controls Operation of internal controls

    Steps in Assessing Control Risk

    Process for Assessing Control Risk


    Consider Knowledge Acquired from Procedures to Obtain an Understanding

    Identify Potential Misstatements

    Process for Assessing Control Risk


    Identify Necessary Controls
    Nature of controls to prevent or detect and correct misstatements Nature of controls implemented by management
    Significance of each control Risk that designed controls may not operate effectively

    Control Design for Specific Assertions


    Completeness Assertion Existence or Occurrence Assertion Valuation and Allocation Assertion Presentation and Disclosure Assertion

    Identify Necessary Controls

    Process for Assessing Control Risk


    Perform Tests of Controls
    Evidence about effectiveness of the design and operation of controls

    Evaluate Evidence and Make Assessment


    Matter of professional judgment Identify strengths and deficiencies Express quantitatively or qualitatively

    Strategies for Performing Tests of Controls in an IT Environment


    User Controls

    Application Controls

    General Controls and Manual Followup Procedures

    Overview of Computer Controls

    Computer-Assisted Audit Techniques (CAATs)


    Auditing through the computer Advantageous when:
    Significant part of internal controls is imbedded in a computer program Significant gaps in visible audit trail Large volumes of records to be tested

    Types of CAATs
    Parallel Simulation Test Data Integrated Test Facility Continuous Monitoring of On-line Real-time Systems

    Parallel Simulation versus Test Data

    Continuous Monitoring of OnLine Real-Time Systems


    Continuous Monitoring Audit Hook Tagging Transactions Audit Log

    Methodologies for Meeting the Second Standard of Fieldwork

    Study Break
    1. This step in assessing control risk allows the auditor to consider the points at which errors or fraud could occur. A. Evaluate Evidence B. Perform Tests of Controls C. Identify Potential Misstatements D. Identify Necessary Controls C. Identify Potential Misstatements

    Study Break
    2. This CAAT uses dummy transactions that are processed under auditor control by the clients computer system and the output is evaluated against expectations. A. Parallel Simulation B. Test Data C. Integrated Test Facility D. None of the above B. Test Data

    Effects of Preliminary Audit Strategies


    Primarily Substantive Approaches

    Lower Assessed Level of Control Risk

    Designing Tests of Controls


    Designed to evaluate the operating effectiveness of a control concerned with:

    How the control was applied Consistency with which it was applied By whom it was applied

    Nature of Tests of Controls


    Inquiries of entity personnel Inspection of items indicating performance of the control Observation of the application of the control Reperformance of the application of the control by the auditor

    Timing of Tests of Controls


    One Occasion versus Multiple Occasions Timing Issues
    Interim Period

    Remaining Period
    Results from Prior Periods

    Extent of Tests of Controls


    Nature of the Control

    Frequency of Operation

    Importance of the Control

    Designing Tests of Controls


    Staffing Tests of Controls

    Audit Programs for Tests of Controls

    Dual-Purpose Tests

    Additional Considerations
    Assessing Control Risk for Account Balance Assertions Affected by a Single Transaction Class Assessing Control Risk for Account Balance Assertions Affected by Multiple Transaction Classes

    Account Balance Assertions and Transaction Class Assertions

    Account Balance Assertions and Transaction Class Assertions

    Documenting the Assessed Level of Control Risk


    Control Risk Assessed at the Maximum
    Only the conclusion is documented

    Control Risk Assessed at Below the Maximum


    Basis for assessment must be documented

    Communicating Internal Control Matters


    Internal Control Deficiency

    Significant Deficiency

    Material Weakness

    Study Break
    3. While evaluating the operating effectiveness of a control, the tests of controls are concerned with all of the following except: A. How the control was applied B. The consistency with which it was applied C. When it was applied D. By whom it was applied C. When it was applied

    Study Break
    4. Auditors are required to report a deficiency in internal controls to management and the audit committee when there is a(n): A. Internal Control Deficiency B. Significant Deficiency C. Material Weakness D. No Deficiencies B. Significant Deficiency and C. Material Weakness

    You might also like