Documentation and Evidence

    Cards (29)

    • Audit Documentation
      • Purpose: Provide proof that we have carried out audit work and gives the basis for our audit report
      • Gives evidence that the audit was planned and performed in accordance with auditing standards and regulatory requirements
      • Allows the audit to be reviewed and supervised
      • Ensures the audit team are accountable for the work done and conclusions made
      • Aids future audits
    • Audit Documentation
      • Working papers may be paper or electronic
      • If legal action is taken against an auditor, audit files will be used in court to prove or disprove negligence
    • Content of working papers
      • Documentation must be sufficient to allow an experienced auditor with no connection to the audit to understand
      • Work performed
      • Evidence obtained
      • Significant matters
      • Conclusions drawn
    • All working papers should include
      • Client name
      • Year end date
      • File reference
      • Name of preparer and date
      • Name of reviewer and date
      • Subject
      • Objective of test
      • Source of information
      • Sample size
      • 10)Work performed
      • 11) Conclusion made
      • 12) Errors
    • Audit work is confidential so working papers should be kept secure
    • All working papers should be kept for 5 years from the date of the audit report
    • Qualities of Audit Evidence
      • Sufficient - There must be enough evidence (Quantity)
      • Appropriate - It must be reliable and relevant (Quality)
    • More evidence will be needed if
      • Risk is higher
      • Items are material
      • Internal controls are weak
      • The evidence is not as reliable
    • Qualities of audit evidence

      • Auditor generated or third party evidence is more reliable than client generated evidence
      • Client generated evidence is more reliable if it generated from strong internal controls
      • Original or written evidence is more reliable than a copy or oral evidence
      • Evidence is relevant if it proves one or more of the financial statement assertions
    • Financial Statement assertions - Items in the Statement of Profit and Loss

      • Occurrence - Have transactions occurred and relate to the entity
      • Completeness - Have all transactions been recorded
      • Accuracy - Have amounts been recorded appropriately
      • Cut off - Have transactions been recorded in the correct period
      • Classification - Have transactions been recorded in the correct account
      • Presentation - Are transactions and disclosures adequate
    • Financial statement assertions - Items in the Statement of Financial Position

      • Completeness - as before
      • Classification - as before
      • Presentation - as before
      • Existence (rather than occurrence) - do assets, liabilities and equity exist
      • Rights & Obligations - Does entity own assets / have rights to obligations
      • Accuracy & Valuation - Assets, liabilities and equity are recorded at appropriate values
    • Types of Procedures
      • Tests of control - Designed to test if controls are operating effectively in preventing or detecting material misstatements
      • Substantive Testing - Designed to test the figures in the financial statements and detect material misstatements
      • Test of detail - Test individual transactions and balances
      • Analytical Procedures - Evaluate the financial statements through analysis of plausible relationships
    • Tests of Control
      1. Understand how the system operates
      2. Document the system
      3. Test the controls to assess their effectiveness
      4. Determine the impact on the audit
    • To rely on the controls as part of the audit we need to
    • Substantive Procedures

      • Test the numbers in the financial statements
      • Auditors may choose to rely 100% on substantive procedures
    • Small business

      Controls are weak
    • ISA 330 - Requires an auditor to carry out the following substantive procedures

      • Checking the financial statements to the underlying records
      • Examining material journals and transactions
      • Examining adjustments made in the financial statements
    • Types of audit tests - How do we gather evidence
      • Inspection of assets or documents
      • Observation
      • Inquiry
      • Confirmation
      • Recalculation
      • Re-performance
      • Analytical review
    • Using the work of others
      • Eg: Property valuations, work in progress, legal provisions
      • ISA 620 'Using the work of an Auditor's expert' states that an auditor should obtain sufficient and appropriate evidence that the work of the expert is adequate for audit purposes
    • Assessing the expert's competence
      • Enquiring about qualifications, experience and membership of professional bodies
      • Objectivity can be assessed by enquiring if there are any business or personal relationships between the expert and the client
    • The work of the expert must be
      • Agreed
      • Evaluated to ensure it is consistent with other evidence and the auditors are comfortable with the methods and assumptions used by the expert
    • Relying on the work of internal audit
      • Auditors may be able to cooperate with the client's internal audit department and place reliance on their work
      • Tests of control
      • Risk assessments
      • Fraud investigations
      • Compliance with laws and regulations
    • ISA 610 'Using the work of Internal Auditors'
      • States that auditors must assess the effectiveness of the internal audit function and if their work is adequate for audit purposes
      • The external auditor must re-perform some of the internal audit team's procedures to ensure they would have reached the same conclusions
      • The extent of the checks on internal auditor's work depends on the amount of judgement involved and the risk of material misstatement
    • Service Organisations
      • ISA 402 'Audit Considerations Relating to an Entity Using Service Organisations' deals with the auditor's responsibility to obtain sufficient appropriate audit evidence when a client outsources functions to service organisations
      • Examples include Payroll, Receivables, The entire finance function
    • The auditor should
      1. Gain an understanding of the services being provided
      2. Assess the design and implementation of the internal controls of the service provider
      3. Visit the service provider and perform tests of control
      4. Contact the service provider's auditor to obtain an opinion on the systems and the suitability of controls
    • Sampling
      • Definition - The application of audit procedures to less than 100% of the items within a population such that all items have a chance of selection in order to provide a reasonable basis to draw conclusions about the whole population
      • An auditor must choose a representative sample so that same conclusion is drawn from the sample as would have been drawn if the whole population had been tested
      • To reduce audit risk sample size can be increased or stratification can be used
    • Stratification
      • Involves breaking down a population into smaller sub populations. Each subpopulation have similar characteristics
      • Eg: payroll might have the following subsections - Production staff, Administration staff, Management
    • Sampling methods
      • Statistical Sampling
      • Random selection - eg using random number generators
      • Systematic selection - eg every 100th item with the 1st item being selected randomly
      • Monetary selection - eg selecting higher value items
      • Non-statistical Sampling
      • Haphazard selection
      • Block selection eg for cut off testing
      • Sequential selection
    • Deviations and misstatements
      • Deviations - Issues identified during tests of control
      • Misstatements - Issues identified during substantive testing
      • If the deviation rate is above a tolerable level more substantive testing will be needed
      • Isolated misstatements can be ignored as the misstatement is not representative of the population
      • If the total projected misstatement in the sample exceeds a tolerable level the auditor will extend the sample