Chapter 13 Overall Audit Plan and Audit Program

1
Chapter 13Overall Audit Planand Audit Program
2
Presentation Outline

1. Application of Audit Testing
2. Selecting Tests to Perform
3. Design of the Audit Program
4. A Summary of the Audit Process

3
I. Application of Audit Testing

1. Tests of Controls
2. Testing for Monetary Misstatement
3. Reduction of Risk
4. Audit Assurance at Different Levels of Internal
   Control Effectiveness
5. Simultaneous Testing of Controls and Substantive
   Testing of Transactions
6. Timing of Audit Testing

4
A. Tests of Controls

• Audit procedures to test the operating
  effectiveness of control policies and procedures
  in support of a reduced assessed control risk.
  Some examples include
• Matching of vendor invoices against a purchase
  order and receiving report before approving
  invoice for payment.
• Examination of employee time cards for approval
  of overtime.

5
B. Testing for Monetary Misstatement

• Substantive Tests of
• Transactions
• Testing for monetary
• misstatements to determine
• if the following 6 transaction-
• related audit objectives
• have been met
• Existence
• Completeness
• Accuracy
• Classification
• Timing
• Posting and Summarization

• Tests of Details of
• Balances
• Testing for monetary
• misstatements to determine if the
• following 9 balance-related audit
• objectives have been met
• Existence
• Completeness
• Accuracy
• Classification
• Cutoff
• Detail tie-in
• Realizable value
• Rights and obligations
• Presentation and disclosure

6
C. Reduction of Risk

• Control Risk
• Procedures to gain an understanding of internal
  control
• Tests of controls
• Once the auditor obtains an initial understanding
  of controls, tests of controls must be performed
  to obtain evidence regarding the effectiveness of
  controls. Stronger controls will allow the
  auditor to assess control risk below the maximum.

• Detection Risk
• Substantive tests of transactions
• Analytical procedures
• Tests of details of balances
• The more evidence an auditor collects from the
  above procedures, the lower the detection risk.
  Detection risk must be lower when control risk is
  higher.

7
D. Audit Assurance at Different Levels of
Internal Control Effectiveness
C3
Acceptable assurance
Audit assurance from control risk assessment
and tests of control
C2
Audit assurance from substantive tests
AUDIT ASSURANCE
C1
No assurance
A
C
B
INTERNAL CONTROL EFFECTIVENESS
Weak control
Strong control
Reliance on controls C3 None, C2 Some, C1
Maximum
8
E. Simultaneous Testing of Controls and
Substantive Testing of Transactions

• The determination of control risk affects the
  type of procedures and sample size for the
  substantive testing of transactions.
• For purposes of convenience, the testing of
  controls and substantive testing of transactions
  will often occur simultaneously.
• In such situations the auditor will make an
  assumption about the results of tests of
  controls. If the testing of controls indicates
  that internal control is worst than expected,
  substantive testing of transactions will have to
  be modified accordingly.

9
F. Timing of Audit Testing

• Auditors frequently consider it desirable to
  perform audit tests prior to year end. Certain
  procedures may be performed at an interim time
  (prior to clients year end)
• Update depreciation schedules
• Examine new loan agreements
• Vouch transactions
• Analyze changes in clients accounting system
• Review board of director minutes
• If strong internal controls exist the auditor may
  also
• Observe physical inventories
• Confirm account balances

10
II. Selecting Tests to Perform

• The Cost of Testing
• Appropriate Evidence for Audit Testing
• Risk and Testing in the Audit Process

11
A. The Cost of Testing

• Going from the most to least costly, the types of
  tests are
• Tests of details of balances
• Substantive tests of transactions
• Tests of controls
• Procedures to obtain an understanding of internal
  controls
• Analytical procedures

12
B. Appropriate Evidence for Audit Testing
Type of Test
Procedures for internal control
Tests of controls
Substantive tests of transactions
Analytical procedures
Tests of details of balances
13
C. Risk and Testing in the Audit Process

• Substantive Testing of Transactions
• In some situations it may be more efficient to
  assess control risk at a higher level and reduce
  or eliminate tests of controls. This depends on
  cost of testing controls versus the additional
  substantive testing that would result from a
  higher control risk.

• Tests of Details of Balances
• If tolerable misstatement is low, and inherent
  risk and control risk are high, planned tests of
  details of balances must be high.

14
III. Design of the Audit Program
Most audits design an audit program in the
following three parts

1. Tests of Controls and Substantive Tests of
   Transactions
2. Analytical Procedures
3. Tests of Details of Balances

15
A. Tests of Controls and Substantive Tests of
Transactions

• A four-step approach when the auditor plans to
  reduce assessed control risk below the maximum
• Transaction related audit objectives are applied
  to the class of transactions being tested, such
  as sales.
• Key controls that should reduce control risk for
  each transaction-related audit objective are
  identified.
• For all internal controls used to reduce the
  initial assessment of control risk below the
  maximum (key controls), appropriate tests of
  controls are developed.
• Design appropriate substantive tests of
  transactions, considering weaknesses in internal
  control and expected results of tests of controls
  (allows for simultaneous tests of controls and
  substantive testing).

Note If control risk is assessed at 1.0, only
substantive tests of transactions will be used
in this part of the audit program.
16
B. Analytical Procedures

• Analytical procedures may be performed during 3
  different stages of the audit
• In the planning stage to help the auditor
  understand the clients business and determine
  other evidence needed to satisfy acceptable audit
  risk.
• During the audit, especially during substantive
  testing.
• Near the end of the audit as a final test of
  reasonableness.

17
C. Tests of Details of Balances

• If the results of tests of controls, substantive
  tests of transactions, and analytical procedures
  are not consistent with the predictions, tests of
  details of balances will need to be changed as
  the audit progresses.

Figure 13-6 on page 388 illustrates the testing
methodology using Accounts Receivable
18
IV. A Summary of the Audit Process
19
Summary of the Audit Process - Phase I (Planning)
Accept client and perform initial planning.
Understand the clients business and industry.
Assess clients business risk.
Perform preliminary analytical procedures.
Set materiality and assess acceptable audit risk
and inherent risk.
Understand internal control and assess control
risk.
Develop overall audit plan and audit program.
20
Summary of the Audit Process - Phase II (Begin
Field Work)
From Phase I
Plan to reduce assessed level of control risk?
No
Yes
Perform tests of controls.
Perform substantive tests of transactions.
Assess likelihood of misstatements in
financial statements.
21
Summary of the Audit Process Phase III (End of
Fieldwork)
From Phase II
Likelihood of Misstatement in Financial
Statements Low Medium High or unknown
Perform analytical procedures.
Perform tests of key items.
Perform additional tests of details of balances.
22
Summary of the Audit Process Phase IV (Wrap-Up)
From Phase III
Review for contingent liabilities.
Review for subsequent events.
Accumulate final evidence.
Evaluate results.
Issue audit report.
Communicate with audit committee and management.