Vincent Young Auditing 1 UAS Summary Odd 2018/2019

Overview
Planning an audit:
1. Accept Client and Plan Audit
a. Accept new or continue with existing?
b. Why Client wants audit
c. Terms of audit (with engagement letter)
d. Develop strategy, engagement, etc.
2. Understand the business
a. Risks of the client’s business
b. Why should Auditor do this?
i. Required by standards
ii. Changes in economic conditions of the World
iii. Companies now go global
3. Preliminary AP
a. Projected balances, based on knowledge and historical data
4. Preliminary judgement of materiality and performance materiality
a. Professional opinion may change during engagement.
b. Materiality is subjective, and benchmarks are required.
c. Performance Materiality = Per classes of transaction or balance.
d. Problems in allocating materiality to B/S Accounts:
i. Auditor expects more misstatements in one account over another
ii. Overstatements and Understatements must be considered
iii. Relative audit costs affect the allocation.
e. 2 types of misstatements in accounts:
i. Known
ii. Likely:
1. Arise from difference in judgement.
2. Projections of misstatements by auditor.
5. Identify significant risks due to fraud
a. Fraudulent misstatements are considered more important than error.
6. Assess IR
a. Factors:
i. Nonroutine transactions
ii. Nature of business
iii. Results of previous audit
iv. Initial or repeat engagement
v. Judgement requirement
vi. Makeup of the population
vii. Factors related to fraud and misappropriation

7. Understanding Internal Control and Assess CR

a. Objectives of internal control:
i. Reliability of reporting
ii. Efficiency and Effectiveness of operations
iii. Compliance with laws and regulations
8. Finalize audit strategy and plan.
Vincent Young Auditing 1 UAS Summary Odd 2018/2019

5 types of Test:
1. Risk assessment $$
2. Test of Control (TOC) $$$
a. Test effectiveness of internal control
b. The extent depends on preliminary assessed control risk
c. Evidences:
i. Inquiries
ii. Examine documents (Inspection)
iii. Observation
iv. Reperformance
3. Substantive Tests of Transactions (STOT) $$$$
a. Used to determine whether all SIX transaction-related objectives are satisfied
for each class of transactions.
b. Evidences:
i. Inspection
ii. Inquiries
iii. Reperformance
iv. Recalculation
4. Substantive Analytical Procedure (SAP) $
a. 2 Most important purpose:
i. Indicate possible misstatements
ii. Provide substantive evidence
b. Evidences:
i. Inquiries
ii. Analytical Procedures
5. Test of details of balances (TDB) $$$$$
a. Focus on the ending general ledger balances for both B/S and I/S Accounts
b. More focus on B/S Accounts
c. Evidences:
i. Physical Examination
ii. Confirmation
iii. Inspection
iv. Inquiries
v. Reperformance
vi. Recalculation
Vincent Young Auditing 1 UAS Summary Odd 2018/2019

Chapter 8 – Audit Planning and Materiality

• AICPA states that Auditor must plan and supervise assistants.

Chapter 9 – Assessing risk of material misstatement

• PDR = AAR/(IR+CR)
• AAR: Willingness to accept the fact that an unmodified opinion was issued although
the statements are materially misstated.
o Engagement risk: audit firm suffer harm after engagement is completed.
o Factors affecting AAR:
§ Users Degree of reliance of statements
§ Likelihood client will have financial difficulties
§ Management’s integrity
• IR: Risk before considering control effectiveness.
• High risk = More experienced staff+ More careful review
• Low PDR = Find more evidence
• Auditor use control risk assessment and results of TOC to determine PDR, and
substantive tests of audit

Chapter 11 – Internal Control and COSO Framework

• Management sets internal control, based on 2 concepts:
o Reasonable Assurance that financial statements are fairly stated
o Inherent Limitations, as effectiveness depends on people’s dependability
• SOX 404(a) requires management to issue:
o Statement of Responsibility
o Assessment of effectiveness of internal control
• Auditors responsibility:
o Obtain understanding of Internal control
o Especially on reliability of reporting and over classes of transaction.
• SOX 404(b) requires auditor to report on reasonable assurance that material
weakness in internal control are identified.

• COSO components:
o Control Environment
§ Consists of actions, policies and procedures that reflect the attitude of
top management.
§ Most important (top umbrella)
§ 5 principles:
• Integrity and Ethical Values
• BOD participation
• Organizational structure
• Commitment for competence
• Accountability
Vincent Young Auditing 1 UAS Summary Odd 2018/2019

o Risk Assessment
§ Process of identifying and analyzing risk that may prevent the
organization from achieving its objectives
§ 4 principles:
• Clear objectives
• Determine how risk should be managed
• Consider potential fraudulent behavior
• Monitor changes

o Control Activities
§ Policies and procedures to help ensure necessary actions are taken.
§ 3 Principles:
• Mitigate risk to an acceptable level
• Controls over technology
• Establishing appropriate policies and procedures.
§ 5 types of activities:
• Segregation of duties
• Authorization
• Documents and Records
• Physical Control
• Independent checks on performance

o Information and Communication

§ To initiate, record, process, and report the entity’s transactions.

o Monitoring
§ To ensure control measures are operating as intended.
• 2 Categories of controls for IT:
o General (All aspects of IT function)
o Application (Transaction processing)
Vincent Young Auditing 1 UAS Summary Odd 2018/2019

Chapter 12 – Assessing CR
• How to obtain understanding?
o Narrative
o Flowchart
o Questionnaire

• Evaluating Internal Control Implementation:

o Update and Evaluate previous experience
o Make inquiries of client
o Examine documents
o Observe operations
o Reperformance of accounting system

• 3 levels of absence of internal controls:

o Control Deficiency
§ Exists when design and implementation does not permit personnel to
prevent misstatements on a timely basis.
• Design deficiency – missing a necessary control activity.
• Operation deficiency – Not carried out properly
o Significant Deficiency
§ Exists when one or more control deficiencies exist that are less severe
than a material weakness but are important enough to merit
attention by those responsible for oversight.
o Material Weakness
§ Exists if a significant deficiency results in a reasonable possibility that
internal control will not prevent or detect material misstatements.
§ To determine the deficiencies to be a material weakness, they must
be evaluated along 2 dimensions:
• Likelihood
• Significance

• Types of opinion for SOX 404(b):

o Unqualified
o Adverse
o Qualified or Disclaimer

• Small public and nonpublic companies do not need to fill in 404(b). Differences:
o Reporting Requirements
o Extent of required internal controls
o Extend of understanding needed
o Assessing Control Risk
o Extent of TOC needed
Vincent Young Auditing 1 UAS Summary Odd 2018/2019

Chapter 13 – Overall Audit Strategy and Program

• Risk assessment is the first step, the other 4 tests are called Further Audit
Procedures.

• Further Audit Procedures = Sufficient Appropriate Evidence

• Cycles in the business:

o Sales and Collection
o Acquisition and Payment
o Inventory and Warehouse
o Acquisition of capital
o Personnel and Payment

• Substantive Tests are designed to test for monetary misstatements. (STOT, SAP, TDB)

• 6 Transaction-Related Objective:
o Occurrence
o Completeness
o Accuracy
o Posting and Summarization
o Classification
o Timing

• 8 Balance-Related Objective:
o Existence
o Completeness
o Accuracy
o Detail Tie-In
o Classification
o Cut Off
o Realizable Value
o Rights and Obligations

• Phases of Audit Process:

1. Plan and design approach (Risk Assessment)
2. TOC and STOT
3. SAP and TDB
4. Issue audit report