Đang tải... (xem toàn văn)
Part 2 book “Auditing and assurance services - an integrated approach” has contents: Audit sampling for tests of controls and substantive tests of transactions, audit sampling for tests of details of balances, audit of the payroll and personnel cycle, audit of the inventory and warehousing cycle,… and other contents.
www.downloadslide.net 13 Chapter Overall audit Strategy and audit PrOgram Learning Objectives Change in Audit Strategy Pays Dividends After studying this chapter, you should be able to Lakeisha Jackson was the in-charge auditor at Probert and Reed, a large regional public accounting firm As she was wrapping up the audit of Simpson Industries, a large, privately held clothing manufacturer, Jason Locke, the manager on the engagement, announced that he was leaving the firm Susan Reed, the partner on the engagement, told Jackson that she would be the manager on the following year’s engagement Reed further told her, “I’d like you to some early planning for next year’s audit The client would like us to keep any fee increase minimal I’d like to see how we can adjust our audit approach to reduce audit hours, but maintain or even increase audit quality.” 13-1 Use the five types of audit 13-2 13-3 13-4 13-5 13-6 13-7 tests to determine whether financial statements are fairly stated Select the appropriate types of audit tests Understand the concept of evidence mix and how it should be varied in different circumstances Design an audit program Compare and contrast transaction-related audit objectives with balance-related and presentation and disclosurerelated audit objectives Understand key evidence-related terms Integrate the four phases of the audit process Jackson spent several hours reviewing the audit files and time budget “I wonder how Susan is going to feel about changing our audit approach when she sees these hours charged to the client,” she thought Still, she had some ideas Most of the hours on the engagement were spent on inventory and accounts receivable In addition, because Simpson had extensive fixed assets, considerable hours were also spent testing fixed assets Simpson had excellent controls, and had recently invested in their inventory accounting system, including new hand-held scanners that made it easy to track inventory They had begun using cycle counts of inventory, but still took complete year-end physical counts of inventory at several locations Although Probert and Reed had gained an understanding of internal control at Simpson, as required by auditing standards, they had done minimal testing of controls and had taken a substantive approach to the audit Jackson summarized her proposed changes in a memo, but waited a day to reevaluate her suggestions before sending them to Reed When Reed received the memo, she was initially taken aback Jackson’s ideas did not involve tinkering at the edges and adjusting a few samples sizes But the more Reed thought about it, the more the changes made sense First, Jackson recommended greater reliance on controls over inventory and sales Most of the controls were automated, and the firm’s information risk specialists could assist with the testing Jackson also recommended elimination of year-end physical counts of inventory, and reliance on cycle counts Additionally, she recommended that Simpson rely solely on cycle counts to test the accuracy of their inventory accounting records For receivables, Jackson proposed testing controls over sales and performing substantive analytical procedures As a result, the sample size for accounts less than performance materiality could be dramatically reduced Finally, Jackson recommended that detail tests of depreciation be replaced by substantive analytical procedures As Reed reviewed the files at the completion of the following year’s engagement, a smile crossed her face Simpson had always been a good audit client, but the change in auditing www.downloadslide.net strategy made her even more confident that the financial statements were fairly stated, and even with additional planning hours, total time on the engagement had been significantly reduced More importantly, client management was also very satisfied Reed met with Chris Palmer, Simpson’s Chief Financial Officer, toward the end of the engagement “We did not think we were ready to use only cycle counts,” said Palmer, “but your suggestion encouraged us that we were ready.” He further noted, “This was the smoothest year-end close and audit we’ve had.” Reed met with Jackson at the conclusion of the engagement “You know, I was a little nervous adopting all the recommendations you made last year, but they all worked out great.” Jackson smiled, thinking she had been a little nervous herself “Oh, I almost forgot to tell you,” Reed added “The partners just voted to promote you, effective July 1.” Jackson thought back to her initial planning for the engagement, and was glad that she had not recommended a same-as-last-year audit approach T his chapter deals with the eighth and last step in the planning phase of an audit This critical step finalizes the audit strategy and entire audit program the auditor plans to follow, including all audit procedures, sample sizes, items to select, and timing The chapter-opening vignette deals with the importance of the decisions involving the overall audit strategy and audit plan and program, considering both audit effectiveness and efficiency First, the overall audit strategy is discussed, which means selecting a mix of five types of tests that will result in an effective and efficient audit This topic includes discussion of the trade-offs among the types of tests, including consideration of the cost of each type After deciding on the most cost-effective mix of the types of tests, the auditor designs a detailed audit program Later in the chapter, we’ll address how phase I, which includes all of the audit planning steps, relates to the other three phases of the audit Types of TesTs In developing an overall audit strategy, auditors use five types of tests to determine whether financial statements are fairly stated Auditors use risk assessment procedures to identify significant risks due to fraud or error, and design tests that address those risks Auditors also assess the risk of material misstatement, represented by the combination of inherent risk and control risk as described in Chapter The other four types of tests represent further audit procedures performed in response to the risks identified Each audit procedure falls into one, and sometimes more than one, of these five categories Figure 13-1 (p 410) shows the relationship of the four types of further audit procedures to the audit risk model As Figure 13-1 illustrates, tests of controls are performed to support a reduced assessment of control risk, while auditors use substantive analytical procedures and tests of details of balances to satisfy planned detection risk Substantive tests of transactions affect both control risk and planned detection risk, because they test the effectiveness of internal controls and the dollar amounts of transactions Auditing standards require the auditor to obtain an understanding of the entity and its environment, including its internal control, to assess the risk of material misstatement in the client’s financial statements Chapter described how the auditor performs procedures to understand the client’s business and industry to assess the risk of material misstatement Chapters and 10 further described how auditors perform procedures to identify significant risks and assess inherent risk and control risk, while Chapter 12 illustrated how auditors perform procedures to obtain an understanding of internal control to assess control risk Collectively, procedures performed to obtain an understanding of the entity and its environment, including internal controls, represent the auditor’s risk assessment procedures Risk assessment procedures are performed to assess the risk of material misstatement in the financial statements The auditor performs tests of controls, substantive tests of transactions, substantive analytical procedures, and tests of details of balances in response to the auditor’s assessment of the risk of material misstatements The combination of these four types of further audit procedures provides the basis for the auditor’s opinion, as illustrated by Figure 13-1 Objective 13-1 Use the five types of audit tests to determine whether financial statements are fairly stated risk assessment procedures Chapter 13 / Overall audit Strategy and audit PrOgram 409 www.downloadslide.net Figure 13-1 Further Audit Procedures and the Audit Risk Model AAR IR × CR Audit Risk Model Further Audit Procedures Tests of controls + Substantive tests of transactions + = PDR Substantive analytical procedures + Tests of details of balances = Sufficient appropriate evidence A major part of the auditor’s risk assessment procedures is done to obtain an understanding of internal control Procedures to obtain an understanding of internal control, which were studied in Chapter 12, focus on both the design and implementation of internal control and are used to assess control risk for each transaction-related audit objective tests of Controls The auditor’s understanding of internal control is used to assess control risk for each transaction-related audit objective Examples are assessing the accuracy objective for sales transactions as low and the occurrence objective as moderate When control policies and procedures are believed to be effectively designed and implemented, the auditor assesses control risk at a level that reflects the relative effectiveness of those controls To obtain sufficient appropriate evidence to support that assessment, the auditor performs tests of controls Tests of controls, either manual or automated, may include the following types of evidence (Note that the first three procedures are the same as those used to obtain an understanding of internal control.) • Make inquiries of appropriate client personnel • Examine documents, records, and reports • Observe control-related activities • Reperform client procedures Auditors perform a system walkthrough as part of procedures to obtain an understanding to help them determine whether controls have been appropriately implemented The walkthrough is normally applied to one or a few transactions and follows that transaction through the entire process For example, the auditor may select one sales transaction for a system walkthrough of the credit approval process, then follow the credit approval process from initiation of the sales transaction through the granting of credit Procedures to obtain an understanding of internal control generally not provide sufficient appropriate evidence that a control is operating effectively Tests of controls are used to determine whether these controls are effective, and manual controls usually involve testing a sample of transactions As a test of the operating effectiveness of the credit approval process, for example, the auditor might examine a sample of 50 sales transactions from throughout the year to determine whether credit was granted before the shipment of goods For automated controls, the auditor’s procedures to determine whether the automated control has been implemented may also serve as the test of that control, if the auditor determines that general controls are effective and there is minimal risk that the automated control has been changed since the understanding was obtained Then, no additional tests of controls would be required 410 Part / The AudiT Process www.downloadslide.net Figure 13-2 Role of Audit Tests in the Audit of the Sales and Collection Cycle Sales Accounts Receivable Ending balance Sales transactions Cash receipts transactions Audited by TOC Audited by TOC Audited by STOT Audited by STOT Audited by SAP Ending balance Audited by SAP Audited by SAP Audited by TDB Audited by TDB Tests of controls (including procedures to obtain an understanding of internal control) (TOC) Cash in Bank Substantive tests of transactions (STOT) Substantive analytical procedures (SAP) Audited by SAP Tests of details of balances (TDB) Sufficient appropriate evidence The amount of additional evidence required for tests of controls depends on two things: The extent of evidence obtained in gaining the understanding of internal control The planned reduction in control risk Figure 13-2 shows the role of tests of controls in the audit of the sales and collection cycle relative to other tests performed to provide sufficient appropriate evidence for the auditor’s opinion Note the unshaded ovals with the words “Audited by TOC.” For simplicity, we make two assumptions: Only sales and cash receipts transactions and three general ledger balances make up the sales and collection cycle and the beginning balances in cash and accounts receivable were audited in the previous year and are considered correct If auditors verify that sales and cash receipts transactions are correctly recorded in the accounting records and posted to the general ledger, they can conclude that the ending balances in accounts receivable and sales are correct (Cash disbursements transactions will have to be audited before the auditor can reach a conclusion about the ending balance in the cash account.) One way the auditor can verify recording of transactions is to perform tests of controls If controls are in place over sales and cash receipts transactions, the auditor can perform tests of controls to determine whether the six transaction-related audit objectives are being met for that cycle Substantive tests of transactions, which we will examine in the next section, also affect audit assurance for sales and cash receipts transactions To illustrate typical tests of controls, let’s return to the control risk matrix for Hillsburg Hardware Co in Figure 12-3 (p 373) For each of the 11 controls included in Figure 12-3, Table 13-1 (p 412) identifies a test of control that might be performed to test its effectiveness Substantive tests are procedures designed to test for dollar misstatements (often called monetary misstatements) that directly affect the correctness of financial statement balances Auditors rely on three types of substantive tests: substantive tests of transactions, substantive analytical procedures, and tests of details of balances Substantive tests of transactions Chapter 13 / Overall audit Strategy and audit PrOgram 411 www.downloadslide.net tabLe 13-1 Illustration of Tests of Controls Illustrative Key Controls Typical Tests of Controls Credit is approved automatically by the computer by comparison to authorized credit limits (C1) Use test data to determine if the computer system automatically approves transactions below authorized credit limits and rejects transactions above authorized credit limits (reperformance) Recorded sales are supported by authorized shipping documents and approved customer orders (C2) Examine a sample of duplicate sales invoices to determine that each one is supported by an authorized shipping document and approved customer order (inspection) Separation of duties exists among billing, recording of sales, and handling of cash receipts (C3) Observe whether personnel responsible for handling cash have no accounting responsibilities and inquire as to their duties (observation and inquiry) Shipping documents are electronically forwarded to billing daily and are billed the subsequent day (C4) Observe whether shipping documents are forwarded daily to billing and observe when they are billed (observation) Shipping documents are prenumbered and accounted for weekly (C5) Account for a sequence of shipping documents and trace each to the sales journal (inspection and reperformance) Batch totals of quantities shipped are compared with quantities billed (C6) Examine a sample of daily batches, recalculate the shipping quantities, and trace totals to reconciliation with input reports (reperformance) Unit selling prices are obtained from the price list master file of approved prices (C7) Examine a sample of sales invoices and agree prices to authorized computer price list Review changes to price file throughout the year for proper approval (reperformance and inspection) Sales transactions are internally verified (C8) Examine documents for internal verification (inspection) Statements are mailed to customers each month (C9) Observe whether statements are mailed for one month and inquire about who is responsible for mailing the statements (observation and inquiry) Computer automatically posts transactions to the accounts receivable subsidiary records and to the general ledger (C10) Use audit software to trace postings from the batch of sales transactions to the subsidiary records and general ledger (reperformance) Accounts receivable master file is reconciled to the general ledger on a monthly basis (C11) Examine evidence of reconciliation for test month, and test accuracy of reconciliation (inspection and reperformance) Substantive tests of transactions are used to determine whether all six transaction-related audit objectives have been satisfied for each class of transactions Two of those objectives for sales transactions are recorded sales transactions exist (occurrence objective) and existing sales transactions are recorded (completeness objective) See Chapter 6, pages 161–162, for the six transaction-related audit objectives When auditors are confident that all transactions were correctly recorded in the journals and correctly posted, considering all six transaction-related audit objectives, they can be confident that general ledger totals are correct Figure 13-2 (p 411) illustrates the role of substantive tests of transactions in the audit of the sales and collection cycle by lightly shaded ovals with the words “Audited by STOT.” Observe that both tests of controls and substantive tests of transactions are performed for transactions in the cycle, not on the ending account balances The auditor verifies the recording and summarizing of sales and cash receipts transactions by performing substantive tests of transactions Figure 13-2 shows one set of tests for sales and another for cash receipts Auditors can perform tests of controls separately from all other tests, but it’s often more efficient to them at the same time as substantive tests of transactions For example, auditors can usually apply tests of controls involving inspection and reperformance to the same transactions tested for monetary misstatements (Reperformance simultaneously provides evidence about both controls and monetary correctness.) In the rest of this book, we will assume that tests of controls and substantive tests of transactions are done at the same time Substantive analytical procedures 412 As we first discussed in Chapter 7, analytical procedures involve comparisons of recorded amounts to expectations developed by the auditor Auditing standards require that these comparisons be done during planning and completing the audit Part / The AudiT Process www.downloadslide.net Although not required, analytical procedures may also be performed to audit an account balance The two most important purposes of substantive analytical procedures in the audit of account balances are to: Indicate possible misstatements in the financial statements Provide substantive evidence Analytical procedures done during planning typically differ from those done in the testing phase Even if, for example, auditors calculate the gross margin during planning, they probably it using interim data Later, during the tests of the ending balances, they will recalculate the ratio using full-year data If auditors believe that analytical procedures indicate a reasonable possibility of misstatement, they may perform additional analytical procedures or decide to modify tests of details of balances When the auditor develops expectations using substantive analytical procedures and concludes that the client’s ending balances in certain accounts appear reasonable, certain tests of details of balances may be eliminated or sample sizes reduced Auditing standards state that substantive analytical procedures are a type of substantive test, when they are performed to provide evidence about an account balance The extent to which auditors may be willing to rely on substantive analytical procedures in support of an account balance depends on several factors, including the precision of the expectation developed by the auditor, materiality, and the risk of material misstatement Figure 13-2 (p 411) illustrates the role of substantive analytical procedures in the audit of the sales and collection cycle by the dark shaded ovals with the words “Audited by SAP.” Observe that the auditor performs substantive analytical procedures on sales and cash receipts transactions, as well as on the ending balances of the accounts in the cycle Tests of details of balances focus on the ending general ledger balances for both balance sheet and income statement accounts The primary emphasis in most tests of details of balances is on the balance sheet Examples include confirmation of customer balances for accounts receivable, physical examination of inventory, and examination of vendors’ statements for accounts payable Tests of ending balances are essential because the evidence is usually obtained from a source independent of the client, which is considered highly reliable Much like for transactions, the auditor’s tests of details of balances must satisfy all balance-related audit objectives for each significant balance sheet account These objectives were introduced in Chapter and are shown on pages 163–165 Figure 13-2 illustrates the role of tests of details of balances by the ovals with half-dark and half-light shading and the words “Audited by TDB.” Auditors perform detailed tests of the ending balances for sales and accounts receivable, including procedures such as confirmation of account receivable balances and sales cutoff tests The extent of these tests depends on the results of tests of controls, substantive tests of transactions, and substantive analytical procedures for these accounts Tests of details of balances help establish the monetary correctness of the accounts they relate to and therefore are substantive tests For example, confirmations test for monetary misstatements in accounts receivable and are therefore substantive tests Similarly, counts of inventory and marketable securities are also substantive tests Figure 13-2 summarizes how auditors respond to the risks of material misstatements identified through risk assessment procedures by using the four types of further audit procedures to obtain audit assurance in the audit of the sales and collection cycle Tests of controls help auditors evaluate whether controls over transactions in the cycle are sufficiently effective to support the reduced assessment of control risk, and thereby allow reduced substantive testing Tests of controls also form the basis for the auditor’s report on internal control over financial reporting tests of Details of Balances Summary of types of tests Chapter 13 / Overall audit Strategy and audit PrOgram 413 www.downloadslide.net for larger public companies Substantive tests of transactions are used to verify transactions recorded in the journals and posted in the general ledger Substantive analytical procedures emphasize the overall reasonableness of transactions and the general ledger balances Tests of details of balances emphasize the ending balances in the general ledger By combining the types of audit tests shown in Figure 13-2, the auditor obtains a higher overall assurance for transactions and accounts in the sales and collection cycle than the assurance obtained from any one test To increase overall assurance for the cycle, the auditor can increase the assurance obtained from any one of the tests selecTing Which Types of TesTs To perform Objective 13-2 Select the appropriate types of audit tests availability of types of evidence for Further audit procedures Typically, auditors use all five types of tests when performing an audit of the financial statements, but certain types may be emphasized, depending on the circumstances Recall that risk assessment procedures are required in all audits to assess the risk of material misstatement while the other four types of tests are performed in response to the risks identified to provide the basis for the auditor’s opinion Note also that only risk assessment procedures, especially procedures to obtain an understanding of controls, and tests of controls are performed in an audit of internal control over financial reporting Several factors influence the auditor’s choice of the types of tests to select, including the availability of the eight types of evidence, the relative costs of each type of test, the effectiveness of internal controls, and inherent risks Only the first two are discussed further because the last two were discussed in earlier chapters Each of the four types of further audit procedures involves only certain types of evidence (confirmation, inspection, and so forth) Table 13-2 summarizes the relationship between further audit procedures and types of evidence We can make several observations about the table: • More types of evidence, six in total, are used for tests of details of balances than for any other type of test • Only tests of details of balances involve physical examination and confirmation • Inquiries of the client are made for every type of test tabLe 13-2 Relationship Between Further Audit Procedures and Evidence Substantive analytical procedures Tests of details of balances 414 Part / The AudiT Process √ √ √ √ √ √ √ √ √ recalculation √ √ analytical procedures Substantive tests of transactions reperformance √ Inquiries of the Client Tests of controls (including procedures to obtain an understanding of internal control) Further audit procedures Observation Inspection Confirmation physical examination type of evidence √ √ √ √ www.downloadslide.net • Inspection is used in every type of test except substantive analytical procedures • Reperformance is used in every type of test except substantive analytical procedures Auditors may reperform a control as part of a transaction walkthrough or to test a control that is not supported by sufficient documentary evidence • Recalculation is used to verify the mathematical accuracy of transactions when performing substantive tests of transactions and account balances when performing tests of details of balances When auditors must decide which type of test to select for obtaining sufficient appropriate evidence, the cost of the evidence is an important consideration The types of tests are listed below in order of increasing cost: relative Costs • Substantive analytical procedures • Risk assessment procedures, including procedures to obtain an understanding of internal control • Tests of controls • Substantive tests of transactions • Tests of details of balances Substantive analytical procedures are the least costly because of the relative ease of making calculations and comparisons Often, considerable information about potential misstatements can be obtained by simply comparing two or three numbers However, when substantive analytical procedures are the primary evidence for an account balance, or are used to reduce tests of details of balances, the auditor must develop a sufficiently precise expectation to support the account balance This may involve more complex calculations and obtaining evidence to support the expectation Risk assessment procedures, including procedures to obtain an understanding of internal control, are not as costly as other audit tests because auditors can easily make inquiries and observations and perform planning analytical procedures Also, examining such things as documents summarizing the client’s business operations and processes and management and governance structure are relatively cheaper than other audit tests Because tests of controls also involve inquiry, observation, and inspection, their relative costs are also low compared to substantive tests However, tests of controls are more costly relative to the auditor’s risk assessment procedures due to the greater extent of testing required to obtain evidence that a control is operating effectively, especially when those tests of controls involve reperformance Often, auditors can perform a large number of tests of controls quickly using audit software Such software can test controls in clients’ computerized accounting systems, such as in computerized accounts receivable systems that automatically authorize sales to existing customers by comparing the proposed sales amount and existing accounts receivable balance with each customer’s credit limit Substantive tests of transactions cost more than tests of controls that not include reperformance because the former often require recalculations and tracings In a computerized environment, however, the auditor can often perform substantive tests of transactions quickly for a large sample of transactions Tests of details of balances almost always cost considerably more than any of the other types of procedures because of the cost of procedures such as sending confirmations and counting inventories Because of the high cost of tests of details of balances, auditors usually try to plan the audit to minimize their use Naturally, the cost of each type of evidence varies in different situations For example, the cost of an auditor’s test-counting inventory (a substantive test of the details of the inventory balance) often depends on the type and dollar value of the inventory, its location, and the number of different items, as well as the effectiveness of the client’s controls over inventory Chapter 13 / Overall audit Strategy and audit PrOgram 415 www.downloadslide.net relationship Between tests of Controls and Substantive tests relationship Between Substantive analytical procedures and Other Substantive tests trade-Off Between tests of Controls and Substantive tests 416 To better understand tests of controls and substantive tests, let’s examine how they differ An exception in a test of control only indicates the likelihood of misstatements affecting the dollar value of the financial statements, whereas an exception in a substantive test of transactions or a test of details of balances is a financial statement misstatement Exceptions in tests of controls are called control test deviations From Chapter 12, you may recall the three levels of control deficiencies: deficiencies, significant deficiencies, and material weaknesses Auditors are most likely to believe material dollar misstatements exist in the financial statements when control test deviations are considered to be significant deficiencies or material weaknesses Auditors should then perform substantive tests of transactions or tests of details of balances to determine whether material dollar misstatements have actually occurred Assume that the client’s controls require an independent clerk to verify the quantity, price, and extension of each sales invoice, after which the clerk must initial the duplicate invoice to indicate performance A test of control audit procedure is to inspect a sample of duplicate sales invoices for the initials of the person who verified the information If a significant number of documents lack initials, the auditor should consider implications for the audit of internal control over financial reporting and follow up with substantive tests for the financial statement audit This can be done by extending tests of duplicate sales invoices to include verifying prices, extensions, and footings (substantive tests of transactions) or by increasing the sample size for the confirmation of accounts receivable (substantive test of details of balances) Even though the control is not operating effectively, the invoices may still be correct, especially if the person originally preparing the sales invoices did a conscientious and competent job On the other hand, if no documents or only a few of them are missing initials, the control will be considered effective and the auditor can therefore reduce substantive tests of transactions and tests of details of balances However, some reperformance and recalculation substantive tests are still necessary to provide the auditor assurance that the clerk did not initial documents without actually performing the control procedure or performed it carelessly Because of the need to complete some reperformance and recalculation tests, many auditors perform them as a part of the original tests of controls Others wait until they know the results of the tests of controls and then determine the total sample size needed Like tests of controls, analytical procedures only indicate the likelihood of misstatements affecting the dollar value of the financial statements Unusual fluctuations in the relationships of an account to other accounts, or to nonfinancial information, may indicate an increased likelihood that material misstatements exist without necessarily providing direct evidence of a material misstatement When analytical procedures identify unusual fluctuations, auditors should perform substantive tests of transactions or tests of details of balances to determine whether dollar misstatements have actually occurred If the auditor performs substantive analytical procedures and believes that the likelihood of material misstatement is low, other substantive tests can be reduced For accounts with small balances and only minimal potential for material misstatements, such as many supplies and prepaid expense accounts, auditors often limit their tests to substantive analytical procedures if they conclude the accounts are reasonably stated There is a trade-off between tests of controls and substantive tests During planning, auditors decide whether to assess control risk below the maximum When they do, they must then perform tests of controls to determine whether the assessed level of control risk is supported (They must always perform tests of controls in an audit of internal control over financial reporting.) If tests of controls support the control risk Part / The AudiT Process www.downloadslide.net Figure 13-3 Audit Assurance from Substantive Tests and Tests of Controls at Different Levels of Internal Control Effectiveness C3 Acceptable assurance AUDIT ASSURANCE C2 No assurance C1 Audit assurance from control risk assessment and tests of controls Audit assurance from substantive tests A C B INTERNAL CONTROL EFFECTIVENESS Ineffective control Effective control C3 C2 C1 No reliance on controls Some reliance on controls Maximum reliance on controls assessment, planned detection risk in the audit risk model is increased, and planned substantive tests can therefore be reduced Figure 13-3 shows the relationship between substantive tests and control risk assessment (including tests of controls) at differing levels of internal control effectiveness The shaded area in Figure 13-3 is the maximum assurance obtainable from control risk assessment and tests of controls At any point to the left of point A, assessed control risk is 1.0 because the auditor initially evaluated internal controls as ineffective based on the performance of risk assessment procedures Notice in Figure 13-3 that any point to the right of point B results in no further reduction of control risk because even with maximum reliance on controls, some substantive procedures are still required in an audit of financial statements Because the audit of financial statements and the audit of internal control over financial reporting are integrated, accelerated filer public company audits will most likely be represented by point B The auditor’s understanding of internal control performed as part of risk assessment procedures provides the basis for the auditor’s initial assessment of control risk Assuming that the auditor determines that the design of internal control is effective and the controls are implemented, the auditor selects a point within the shaded area of Figure 13-3 that is consistent with the assessed control risk the auditor decides to support with tests of controls Assume the auditor contends that internal control effectiveness is at point C Tests of controls at the C1 level will be extensive to support the low assessment of control risk The auditor may then determine through the performance of tests of controls that the initial low assessment of control risk at point C is not supported and that internal control is not operating effectively Then, the auditor’s revised control risk assessment would be at the maximum (point C3) and audit assurance will be obtained from substantive tests Any point between the two, such as C2, represents situations where the audit assurance obtained from tests of controls is less than the maximum level of assurance represented by point C1 If C2 is selected, the audit assurance from tests of controls is C3 – C2 and from substantive tests is C – C2 The auditor will likely select C1, C2, or C3 based on the relative cost of tests of controls and substantive tests Chapter 13 / Overall audit Strategy and audit PrOgram 417 www.downloadslide.net b In assessing the competence of internal auditors, an independent CPA most likely would obtain information about the (1) influence of management on the scope of the internal auditors’ duties (2) policies limiting internal auditors from communicating with the audit committee (3) quality of the internal auditors’ working paper documentation (4) entity’s ability to continue as a going concern c Which of the following is generally considered to be a major reason for establishing an internal auditing function? (1) To relieve overburdened management of the responsibility for establishing effective systems of internal control (2) To ensure that operating activities comply with the policies, plans, and procedures established by management (3) To ensure the accuracy, reliability, and timeliness of financial and operating data used in management’s decision making (4) To evaluate and improve the effectiveness of control processes 26-17 (Objective 26-2) The following questions deal with governmental auditing Choose the best response a Although the scope of audits of recipients of federal financial assistance in accordance with federal audit regulations varies, these audits generally have which of the following elements in common? (1) The auditor is to determine whether the financial assistance has been administered in accordance with applicable laws and regulations (2) The materiality levels are lower and are determined by the governmental entities that provided the federal financial assistance to the recipient (3) The auditor should obtain written management representations that the recipient’s internal auditors will report their findings objectively and without fear of political repercussions (4) The auditor is required to express both positive and negative assurance that illegal acts that could have a material effect on the recipient’s financial statements are disclosed to the inspector general b A governmental audit may extend beyond an examination leading to the expression of an opinion on the fairness of financial statement presentation to include program results Compliance economy and efficiency (1) Yes Yes No (2) Yes Yes Yes (3) No Yes Yes (4) Yes No Yes c Ward is auditing an entity’s compliance with requirements governing a major federal financial assistance program in accordance with the Single Audit Act Ward detected noncompliance with requirements that have a material effect on the program Ward’s report on compliance should express (1) no assurance on the compliance tests (2) reasonable assurance on the compliance tests (3) a qualified or adverse opinion (4) an adverse opinion or a disclaimer of opinion 26-18 (Objectives 26-3, 26-4, 26-5) The following questions deal with operational auditing Choose the best response a Which of the following best describes the operational audit? (1) It requires constant review by internal auditors of the administrative controls as they relate to the operations of the company (2) It concentrates on implementing financial and accounting controls in a newly organized company 842 Part / OTHER ASSURANCE AND NONASSURANCE SERVICES www.downloadslide.net (3) It attempts and is designed to verify the fair presentation of a company’s results of operations (4) It concentrates on seeking aspects of operations in which waste would be reduced by the introduction of controls b The purpose of governmental effectiveness or program auditing is to determine if the desired results of a program are being achieved The first step in conducting such an audit is to (1) evaluate the system used to measure results (2) determine the time frame to be audited (3) collect quantifiable data on the program’s success or failure (4) identify the legislative intent of the program being audited c A means of limiting production delays caused by equipment breakdown and repair is to (1) schedule production based on capacity planning (2) plan maintenance activity based on an analysis of equipment repair work orders (3) pre-authorize equipment maintenance and overtime pay (4) establish a preventive maintenance program for all production equipment multIple choIce QueStIonS From Becker cpa exam revIew 26-19 (Objectives 26-1, 26-2) The following questions deal with internal and governmental auditing Choose the best response a In assessing whether the internal audit function applies a systematic and disciplined approach, the independent auditor most likely would consider the (1) adequacy and use of documented internal audit procedures (2) organizational status of the director of internal audit (3) entity’s ability to continue as a going concern for a reasonable period of time (4) internal auditor’s assessment of inherent risk and whether it is comparable to the independent auditor’s assessment b Which of the following statements regarding the use of internal auditors is correct? (1) The auditor cannot rely on the work of internal auditors because they are not independent of the client, their employer (2) The auditor can rely on the work of internal auditors for any decision because internal auditors are required to report to the audit committee of the board of directors; thus they are independent of the client (3) The auditor can rely on the work of internal auditors in limited circumstances, as long as they are not making decisions with a high degree of subjectivity, or decisions that require judgment and assessment (4) The use of internal auditors can only be allowed if the audit firm is contracting with and reimbursing the internal auditors c The Lawrence Center for the Performing Arts receives government financial assistance and is subject to Government Auditing Standards The auditor’s responsibilities associated with this engagement include all of the following except (1) assessing whether management has identified laws and regulations that have a direct and material effect on determination of amounts in the financial statements (2) obtaining an understanding of the impact of laws and regulations that have a direct and material effect on the determination of financial statement amounts © 2017 DeVry/Becker Educational Development Corp All rights reserved Chapter 26 / Internal and Governmental FInanCIal audItInG and operatIonal audItInG 843 www.downloadslide.net (3) communicating to management and the audit committee that an audit performed purely in accordance with generally accepted auditing standards may not be sufficient if there are additional regulatory requirements (4) obtaining sufficient evidence to form an opinion on internal control over compliance dIScuSSIon QueStIonS and proBlemS 26-20 (Objectives 26-1, 26-4) Lajod Company has an internal audit department consisting of a manager and three staff auditors The manager of internal audit, in turn, reports to the corporate controller Copies of audit reports are routinely sent to the audit committee of the board of directors as well as to the corporate controller and the individual responsible for the area or activity being audited The manager of internal audit is aware that the external auditors have relied on the internal audit function to a substantial degree in the past However, recently the external auditors have suggested there may be a problem related to the objectivity of the internal audit function This objectivity problem may result in more extensive testing and analysis by the external auditors The external auditors are concerned about the amount of nonaudit work performed by the internal audit department The percentage of nonaudit work performed by the internal auditors in recent years has increased to about 25% of their total hours worked A sample of five recent nonaudit activities are as follows: One of the internal auditors assisted in the preparation of policy statements on internal control These statements included such things as policies regarding sensitive payments and standards of control for internal controls The bank statements of the corporation are reconciled each month as a regular assignment for one of the internal auditors The corporate controller believes this strengthens internal controls because the internal auditor is not involved in the receipt and disbursement of cash The internal auditors are asked to review the budget data in every area each year for relevance and reasonableness before the budget is approved In addition, an internal auditor examines the variances each month, along with the associated explanations These variance analyses are prepared by the corporate controller’s staff after consultation with the individuals involved One of the internal auditors has recently been involved in the design, installation, and initial operation of a new computer system The auditor was primarily concerned with the design and implementation of internal accounting controls and the computer application controls for the new system The auditor also conducted the testing of the controls during the test runs The internal auditors are often asked to make accounting entries for complex transactions before the transactions are recorded The employees in the accounting department are not adequately trained to handle such transactions In addition, this serves as a means of maintaining internal control over complex transactions The manager of internal audit has always made an effort to remain independent of the corporate controller’s office and believes that the internal auditors are objective and independent in their audit and nonaudit activities required a Define objectivity as it relates to the internal audit function b For each of the five situations outlined, explain whether the objectivity of Lajod Company’s internal audit department has been materially impaired Consider each situation independently c The manager of internal audit reports to the corporate controller (1) Does this reporting relationship result in a problem of objectivity? Explain your answer (2) Would your answer to any of the five situations in requirement b have changed if the manager of internal audit reported to the audit committee of the board of directors? Explain your answer.* *Based on CMA question paper 844 Part / OTHER ASSURANCE AND NONASSURANCE SERVICES www.downloadslide.net 26-21 (Objective 26-1) The Institute of Internal Auditors (IIA) is an international professional association of more than 180,000 members, with global headquarters in Altamonte Springs, Florida Throughout the world, the IIA is recognized as the internal audit profession’s leader in certification, education, research, and technical guidance Visit the IIA Web site (www theiia.org) to answer questions about the IIA and certification of internal auditors a Why should an organization have an internal auditing department? (Hint: Click on the “About Us” link and review the information under the “About the Profession” link.) b Visit the link for “Certifications” and identify the six steps to receiving a certification in internal auditing as a Certified Internal Auditor (CIA) c What certifications are available to internal auditors? d What are the three parts of the CIA exam? How are the requirements for passing the CIA exam similar to and different from those of the CPA exam? 26-22 (Objective 26-2) The audit firm of Waggoner and Allen, LLP, recently received a request to submit a proposal to audit the financial statements of the Williamson County Public School System The system is funded mostly through property tax assessments of county residents, but it also receives over $15 million in federal financial funding in addition to private foundation gifts State law requires all county school systems to engage a CPA to conduct an external audit of the school system’s financial statements in accordance with Government Auditing Standards While Waggoner and Allen has never audited a governmental entity, it is seriously considering submitting a proposal to conduct the audit of the school system The firm asked you to prepare information to help them make a decision about whether to pursue the engagement required Please respond with your answers to the following questions: a Who issues Government Auditing Standards and what are the most notable differences between those standards and the AICPA auditing standards? b What impact, if any, does the receipt of federal financial assistance have on the audit process? c How might the auditor’s consideration of materiality and internal control differ from the audit of a commercial enterprise? d What types of reports in addition to the report on the audit of the financial statements will Waggoner and Allen need to issue? e How might acceptance of this engagement affect training of Waggoner and Allen staff? required 26-23 (Objectives 26-4, 26-5) Haskin Company was founded 40 years ago and now has several manufacturing plants in the Northeast and Midwest The evaluation of proposed capital expenditures became increasingly difficult for management as the company became geographically dispersed and diversified its product line Thus, the Capital Budgeting Group was organized in 2015 to review all capital expenditure proposals in excess of $100,000 The Capital Budgeting Group conducts its annual planning and budget meeting each September for the upcoming calendar year The group establishes a minimum return for investments (hurdle rate) and estimates a target level of capital expenditures for the next year based on the expected available funds The group then reviews the capital expenditure proposals that have been submitted by the various operating segments Proposals that meet either the return on investment criterion or a critical need criterion are approved to the extent of available funds The Capital Budgeting Group also meets monthly, as necessary, to consider any projects of a critical nature that were not expected or requested in the annual budget review These monthly meetings allow the Capital Budgeting Group to make adjustments during the year as new developments occur Haskin’s profits have been decreasing slightly for the past two years despite a small but steady sales growth, a sales growth that is expected to continue through 2017 As a result of the profit stagnation, top management is emphasizing cost control and all aspects of Haskin’s operations are being reviewed for cost reduction opportunities Chapter 26 / Internal and Governmental FInanCIal audItInG and operatIonal audItInG 845 www.downloadslide.net Haskin’s internal audit department has become involved in the companywide cost reduction effort The department has already identified several areas where cost reductions could be realized and has made recommendations to implement the necessary procedures to effect the cost savings Tom Watson, internal audit director, is now focusing on the activities of the Capital Budgeting Group in an attempt to determine the efficiency and effectiveness of the capital budgeting process In an attempt to gain a better understanding of the capital budgeting process, Watson decided to examine the history of one capital project in detail A capital expenditure proposal of Haskin’s Burlington Plant that was approved by the Capital Budgeting Group in 2016 was selected randomly from a population of all proposals approved by the group at its 2015 and 2016 annual planning and budget meetings The Burlington proposal consisted of a request for five new machines to replace equipment that was 20 years old and for which preventive maintenance had become expensive Four of the machines were for replacement purposes, and the fifth was for planned growth in demand Each of the four replacement machines was expected to result in annual maintenance cost savings of $20,000 The fifth machine was exactly like the other four and was expected to generate an annual contribution of $30,000 through increased output Each machine had a cost of $110,000 and an estimated useful life of eight years required a Identify and discuss the issues that Haskin Company’s internal audit department must address in its examination and evaluation of Burlington Plant’s 2016 capital expenditure project b Recommend procedures to be used by Haskin’s internal audit department in the audit review of Burlington Plant’s 2016 capital expenditure project.* 26-24 (Objectives 26-4, 26-5) Lecimore Company has a centralized purchasing department that is managed by Meg Shen Shen has established policies and procedures to guide the clerical staff and purchasing agents in the day-to-day operation of the department She is satisfied that these policies and procedures are in conformity with company objectives and believes there are no major problems in the regular operations of the purchasing department Lecimore’s internal audit department was assigned to perform an operational audit of the purchasing function Their first task was to review the specific policies and procedures established by Shen The policies and procedures are as follows: • All significant purchases are made on a competitive bid basis The probability of timely delivery, reliability of vendor, and so forth, are taken into consideration on a subjective basis • Detailed specifications of the minimum acceptable quality for all goods purchased are provided to vendors • Vendors’ adherence to the quality specifications is the responsibility of the materials manager of the inventory control department and not the purchasing department The materials manager inspects the goods as they arrive to be sure that the quality meets the minimum standards and then sees that the goods are transferred from the receiving dock to the storeroom • All purchase requests are prepared by the materials manager based on the production schedule for a four-month period The internal audit staff then observed the operations of the purchasing function and gathered the following findings: • One vendor provides 90% of a critical raw material This vendor has a good delivery record and is reliable Furthermore, this vendor has been the low bidder over the past few years • As production plans change, rush and expedite orders are made by production directly to the purchasing department Materials ordered for cancelled production runs are stored for future use The costs of these special requests are borne by the purchasing department Shen considers the additional costs associated with these special requests as “costs of being a good member of the corporate team.” *Based on CMA question paper 846 Part / OTHER ASSURANCE AND NONASSURANCE SERVICES www.downloadslide.net • Materials to accomplish engineering changes are ordered by the purchasing depart- ment as soon as the changes are made by the engineering department Shen is proud of the quick response by the purchasing staff to product changes Materials on hand are not reviewed before any orders are placed • Partial shipments and advance shipments (that is, those received before the requested date of delivery) are accepted by the materials manager, who notifies the purchasing department of the receipt The purchasing department is responsible for follow-up on partial shipments No action is taken to discourage advance shipments Based on the purchasing department’s policies and procedures and the findings of Lecimore’s internal audit staff: a Identify deficiencies and/or inefficiencies in Lecimore Company’s purchasing function b Make recommendations for those deficiencies/inefficiencies that you identify.* required Use the following format in preparing your response: Deficiencies/Inefficiencies recommendations 1 26-25 (Objectives 26-4, 26-5) Superior Co manufactures automobile parts for sale to the major U.S automakers Superior’s internal audit staff is to review the internal controls over machinery and equipment and make recommendations for improvements when appropriate The internal auditors obtained the following information during the assignment: • Requests for purchase of machinery and equipment are normally initiated by the supervisor in need of the asset The supervisor discusses the proposed acquisition with the plant manager A purchase requisition is submitted to the purchasing department when the plant manager is satisfied that the request is reasonable and that there is a remaining balance in the plant’s share of the total corporate budget for capital acquisitions • Upon receiving a purchase requisition for machinery or equipment, the purchasing department manager looks through the records for an appropriate supplier A formal purchase order is then completed and mailed When the machine or equipment is received, it is immediately sent to the user department for installation This allows the economic benefits from the acquisition to be realized at the earliest possible date • The property, plant, and equipment ledger control accounts are supported by computerized depreciation lapse schedules organized by year of acquisition These lapse schedules are used to compute depreciation as a unit for all assets of a given type that are acquired in the same year Standard rates, depreciation methods, and salvage values are used for each major type of fixed assets These rates, methods, and salvage values were set 10 years ago during the company’s initial year of operation • When machinery or equipment is retired, the plant manager notifies the accounting department so that the appropriate entries can be made in the accounting records • There has been no reconciliation since the company began operations between the accounting records and the machinery and equipment on hand Identify the internal control deficiencies and recommend improvements that the internal audit staff of Superior Co should include in its report regarding the internal controls over fixed assets Use the following format in preparing your answer:* Deficiencies recommendations 1 required *Based on CMA question paper Chapter 26 / Internal and Governmental FInanCIal audItInG and operatIonal audItInG 847 www.downloadslide.net Index NOTE: Essential Terms appear in Boldface A Absence of causal connection, 122 Acceptable audit risk, 222, 272–275, 544 assessment of, 275t Acceptable risk of incorrect acceptance (ARIA), 568–569, 577 of incorrect rejection (ARIR), 587 of overreliance (ARO), 494–495 specification of ARIA and ARIR, 587, 588–589 Accountability, 342 Accounting, comprehensive basis of, 815–816 by CPA firms, 26 distinguishing between auditing and, principles departure from, 56–57 shopping for, 95–96 Accounting system, walkthroughs of, 371 Accounts payable designing tests of details of balances for, 616–623, 617f fraud risks, 317–318 master file, 608 risk of material misstatement, 616–617 tests of details of balances, 616–623 trial balance, 608 Accounts receivable agreement with master file and general ledger, 531–532 auditing standards requirements, 537–538 balance-related audit objectives, 526, 528f balances and transactions, 157f classification and, 533 completing tests in, 524–563 confirmation of, 537–543 designing tests of details of balances for, 422f, 423–424, 525–531, 525f fraud risks, 313–317 inclusion of existing, 532–533 lapping of, 466–468 master file, 451 population and, 567t, 576t risk of material misstatement, 526–527 tests of details of balances audit program for, 426t trial balance, 451 Accrued bonuses, 674 Accrued commissions, 674 Accrued interest, notes payable and, 720–721f Accrued liabilities, audit of, 648–649 Accrued payroll expenses, 673 Accrued payroll taxes, 674 Accrued salaries and wages, 673–674 Accrued vacation pay, sick pay, or other benefits, 674 Accumulated depreciation, ending balance verification, 644–645 Accuracy accounts receivable, 533 as balance-related audit objective, 163 recording of acquisitions, 613 as transaction-related audit objective, 159t transaction-related audit objectives transaction file, 161 ACL, 321, 389 Acquisition and payment cycle accounts and classes of transactions in, 605–606 accounts in, 605f audit of accrued liabilities, 648–649 848 Index income and expense accounts, 649–653 prepaid expenses, 645–647 property, plant, and equipment, 637–645 business functions in, 606–609 misappropriations in, 318 other account types in, 637 tests of, 701–702 tests of controls and substantive tests of transactions, 609–616, 610f, 651 transactions and accounts associated with, 637t Acquisitions journal or listing, 608 Adequate documents and records, 345, 455, 669 Adjusted trial balance, 154f Adjusting entries, 203 Adjustment to revenues, manipulation of, 315 Adverse opinion, 59, 65, 382 Advertising and solicitation rule, 101 Aged trial balance, 531–532, 532f Agreed-upon procedures engagements, 810, 814–815 AICPA Clarity Projects, 33–34, 801, 809 Allocation of expenditures, tests for, 651–653 of preliminary judgment about materiality, 239–241 Alternative procedures, 542 American Institute of Certified Public Accountants (AICPA), 16, 31–32 auditing standards, 32 Code of Professional Conduct, 85, 85t, 87t guidance for auditors, 832 peer review program, 39, 423 principles underlying an audit, 35f Professional ethics executive committee, 31 Analysis of differences, 542–543 Analysis of exceptions, 499, 501f Analytical procedures, 161–168, 188–189, 192–196, 265, 639, 650, 672 for accounts payable, 618 for accounts receivable, 423, 529–531 for acquisition and payment cycle, 618t appropriateness of types of evidence, 190–191 during the audit engagement, 193 cash receipts, 742 common financial ratios, 196–199 compare client data with similar prior-period data, 194–195 examples of planning, 232t final, 777 financial instruments, 754 for income and expense accounts, 650t inquiries of the client, 189 for inventory and warehousing, 694–695, 694t for notes payable, 718–719, 719t for payroll and personnel cycle, 672–676, 673t preliminary, 231–234 provide evidence supporting an account balance, 189 relation to substantive tests, 412 signaling of revenue frauds by, 315–316 substantive, 167, 412–413, 421–422 types of, 193 Annual report, example of, 1–16 insert balance sheet, 10 insert company description, insert five-year financial summary, 15 insert letter to shareholders, insert management discussion and analysis, 14 insert management responsibility for financial statement, insert notes to financial statements, 13 insert report of accounting firm, insert statement of cash flows, 12 insert statement of operations, 11 insert statement of stockholders’ equity, 11 insert Annual reports, information included in, 781 Application controls, 349, 353–355 automated controls, 353 categories of, 350t general controls and, 349f input controls, 353–354 processing controls, 354, 354t Application service providers (ASPs), 356 Appropriateness of evidence, 182–184 of types of evidence, 190–191, 190t Assertions see Management Assertions Assessment inquiry, 319–323 Assessment of control risk, 372 related tests and, 672 Asset custody, separation from other functions, 344, 610 Assets and costs, transfer of, 689 fixed, and fraud risk, 318 misappropriation of, 146 and records, physical control over, 346 Association of Certified Fraud Examiners (ACFE), 13 Assurance engagements, limited, 815–817 Assurance services, 8–12, 11t, 799–818 attestation services, 9–10 engagements, 818t green initiatives, 3, 809 nonassurance services, 11–12 Attestation engagements, 807–810 agreed-upon procedures, 810, 814–815 examination, 809 Attestation services, 9–11 Attorneys, clients’, inquiry of, 771–773, 772f Attributes, 488 and exception conditions, 491 sampling, 503–511, 511f, 614–615 Audit in acquisition and payment cycle, 604–624 of capital stock and paid-in capital, 724 communicate with audit committee and management, 432–433, 785–787 completing, 766–796 cycle approach to segmenting of, 153–156 evaluate results, 781–785, 785f evidence see Evidence final evidence accumulation, 432, 777–781 of financial statements, 13–14, 143 of historical financial statements, of internal control over financial reporting, in inventory and warehousing cycle, 690f objectives of, 142–178 purpose, 143 quality around the world, 38 requirements, 832 responsibilities and objectives, 142–178 review for contingent liabilities and commitments, 768–773 subsequent events, 773–776 scope limitation, 58 subsequent discovery of facts, 787–788, 788f types of, 12–13, 12f Audit assurance, 272, 417f www.downloadslide.net Audit committee, 94–95 communicate with, 502–503, 785–787 other communication with, 786 oversight, 310–311 participation in control environment, 341–342 Audit documentation, 199–206 preparation of, 204f, 206 Audit failure, 116–117 Audit file contents and organization, 201f Audit firm rotation in the European Union, 96f Audit objectives, 142–178, 428 balance-related, 157, 163–165, 165t, 426 identifying, 374 meeting, 166–168 presentation and disclosure-related, 157, 165, 165t, 426 setting, 157–158 steps to develop, 143f transaction-related, 161–162, 162t, 426 Audit plan development, 429 evidence mix, 418–419 selection of tests, 414–417 types of tests, 409–414 Audit planning, 221–222 audit risk model for, 269 key parts of, 221f, 244f materiality and, 220–259 understanding client’s business and industry, 269f Audit procedures, 420–421, 571 design and performance, 463 evidence decisions and, 181 for finding commitments, 771 performance of, 498 terms used in, 191–192, 192t Audit process and financial statement cycles, 152–157, 153f, 155t, 156f phases of, 166–168, 427 summary of, 429–433, 430f Audit program, 182, 202 design format, 463 design of, 419–427 evidence decisions and, 182 illustrative, 426, 427t performance format, 463 tests of details development, 543–546 Audit report, 5, 46–77 auditor’s decision process for, 66–67 categories of, 51f conditions requiring departure, 61–66, 67t defined, international accounting and auditing standards, 68–69 international developments related to, 68 issuance of, 164, 432–433, 785 Section 404 reporting on internal control, 382, 383–384 separate report on internal control over financial reporting, 53f unmodified emphasis-of-matter paragraph, 54–57 with explanatory paragraph or modified wording, 54–55 nonstandard report wording, 54–55 Audit risks, 262–263 acceptable, 273–275 assessing, 273–275 audit failure vs., 116–117 for segments, 278–279 model, 269–273, 269f, 270t, 410f Audit sampling, 483, 490–491 summary of steps, 505f terms used in, 489t for tests of controls and substantive tests of transactions, 482–523 for tests of details of balances, 566–604 Audit software, 321, 388, 389t Audit strategy, 224–225 Audit tests expanded in specific areas, 573–574 general cash in the bank and, 748f integration of, for inventory, 701–703, 702f IT effect on testing, 386–390 of prepaid insurance, 646–648 substantive tests of transactions see Substantive tests of transactions tests of controls see Tests of controls for uncollectible accounts, 468 Auditing definition, distinguishing between accounting and, economic demand for, 6–8 internal financial, 827–830 in IT environments, 386–387 nature of, 4–5 operational, 833–840 profession, response to legal liability, 131–132 relation of U.S and International standards, 33f reporting and, through the computer, 386 Auditing procedures for finding contingencies, 769 Auditing Standards Board (ASB), 31–34 Auditors, 14–15 clients and, 8f decision process for audit reports, 66–68 defenses against client suits, 120–122, 129f third-party suits, 122–124, 123t, 127, 129f direct knowledge of, 183 discovery of material misstatements, 145, 146 evaluation of manaagement’s integrity, 274–275 external users and, 8f independent, 4, legal liability, sources of, 118, 120f, 129t listening techniques, 320 operational, 837 opinion of, and supporting evidence, 782 relationship of internal and external, 828–830 reports involving other auditors, 57 responsibilities, 145 material vs immaterial misstatements, 145 responsibilities for reporting on internal control, 339 restricted scope, 63–64 utilization of monetary unit sampling, 582–583 Authorization proper, 455, 669 of purchases, 609 B Backup and contingency planning, 352–353 Bad debt expense, 536 Balance-related audit objectives, 157, 162–165, 165t, 426, 428t, 526, 545t, 620t, 640t, 698t, 700t, 722t, 744t, 755t Bank confirmation receipt, 744–746 standard form, 744, 745f Bank reconciliation, 741–742, 743f tests of, 746–749 Basic precision, 579 Batch input controls, 354t Behavioral cues during inquiry, 320–321 Benford’s Law, 13 Bills not paid after year-end, 620 Blank confirmation form, 538 Block sample selection, 487–488 Board of directors, participation in control environment, 341–342 Bonuses, accrued, 674 Bookkeeping services by CPA firms, 26 Branch bank accounts, 737–739 Breach of contract, 119t Budgets, 195 Business failure, 116–117 C Capital acquisition and repayment cycle, 716 accounts in, 716–717 notes payable, 717–721 Capital stock audit of, 724 certificate record, 723 Cash accounts audit of, 736–764 fraud-oriented procedures, 748–752 imprest petty cash fund, 738 types of, 737–739 Cash disbursements, 608–609, 615t designing tests of controls and substantive tests of transactions for, 614 processing and recording of, 608–609 transaction file, 608–609 Cash equivalents, 738 Cash in the bank, and transaction cycles, 739–740, 739f Cash receipts cutoff, 535 designing tests of controls and substantive tests of transactions for, 464–468 journal or listing, 452 prelisting of, 451–452 processing and recording of, 451–452 proof of, 464–466 subsequent, 542 transaction file, 452 Cenco Incorporated v Seidman & Seidman (1982) Liability to clients, 120f Center for Audit Quality, 29, 40 Certified Public Accountants see CPAs Chart of accounts, 346 Check, 608 Civil liability under federal securities laws, 120f, 124–130 Clarity Project, 33, 34, 801, 809 Classification acquisitions, 613 as balance-related audit objective, 163–164 prepaid insurance-related expense, 647–648 of recorded sales, 461 as transaction-related audit objective, 159t, 161–162, 161t Client business risk, 222 affecting accounts payable, 616–617 cash, 741 financial instruments, 753 payroll, 672 Clients acceptance of, 222–226 attorneys of, inquiry of, 771–773, 772f and CPA firms, litigation between, 92–93 data comparisons of, as analytic procedures, 193–196 investigation of new, 223 liability to, 121f objectives and strategies, 230–231 personnel, inquiries of, 371 rights to accounts receivable, 536–537 all insurance policies, 647 suits by, auditor defenses against, 120–122 Client’s business and industry, understanding of, 188, 226–230, 227f Client’s internal controls effectiveness of, 183 Closely held corporation, 721 Cloud computing environments, 356 Code of Professional Conduct, 31, 35, 37, 85–86, 88 AICPA, 85t American Institute of Certified Public Accountants (AICPA), 31, 85 classification system, 102–103 threats to compliance with rules under, 87t Codification of Auditing Standards, 34, 37 Index 849 www.downloadslide.net Collusion, 337 Combined report on financial statements and internal control over financial reporting, 52 Commissions accrued, 674 rules of conduct and, 100–101 Commitments, 769 Committee of Sponsoring Organizations of the Treadway Commission see COSO Common financial ratios, 196–199 Common law, 119t Comparability, vs consistency of financial statements, 55–56 Compensating control, 375 Competence commitment to, 342 of operational auditor, 837 Compilation omission of disclosures in, 805f Compilation services, 804–806 Completeness as balance-related audit objective, 163 existing acquisitions and, 613 as transaction-related audit objective, 161 Completing the audit checklist, 782, 782f Complex transactions, 277 Compliance audit, 13 Computed upper exception rate (CUER), 489 Computer-generated random numbers, 485–486, 486f Confidence factor, 578, 578t, 580t Confidence limits, calculation of, 590–591t Confidentiality, 98–99 of audit files, 200 need for, 98 rules of conduct and, 98–99 Confirmation, 186 accounts payable, 620–621 of accounts receivable, 537–543 as audit evidence, 186, 187t bank, 744, 745f of code of conduct compliance, 309 Consistency, explanatory paragraph for, 55–56 Consulting services, 94f Content and Skill Specifications for the Uniform CPA Examination, 16 Contingent fees rule, 99–100 Contingent liabilities, 746 review for, 768–773, 769f Contract labor, 675 Contributory negligence, 121–122 Control activities, 343–347 adequate documents and records, 345 adequate separation of duties, 344 independent checks on performance, 346–347 physical control over assets and records, 346 proper authorization of transactions, 344–345 Control deficiency, 374–377 Control environment, 340–343 control activities 343–347 information and communication, 347 monitoring, 347–348 risk assessment, 342–343 Control risk, 271–272, 545 acceptable risk of overreliance (ARO), 494–495 assessment of, 368f, 371–377, 372, 380t, 391f, 502, 609–611, 672, 741–742, 753–754 matrix, 372, 373f, 374, 466f for payroll and personnel cycle, 667 planned acquisitions, 609–611 sales, 453–455 for sales and collection cycle, 527–528 Controls over classes of transactions, 339 over reliability of financial reporting, 338–339 related audit objectives and, 374 Corporate governance oversight, to reduce fraud risks, 307–311 Corporate minutes, 230 850 Index Corporations closely held, 721 general, of CPA firms, 27 professional, 27 publicly held, 721 Correspondence with attorneys, 776 with clients, 542 COSO, components of internal control, 339–348, 340f, 348t principles, 340 Cost of audit test types, 415 of evidence types, 191 persuasiveness and, 184–185 Cost accounting audit of, 685–714 controls, 691–692 records, 687 tests, 703 tests of controls, 692–694 Cost or market, 701 Covered members rule, 90 CPA examination of, 15f CPA exam, next version of, 15 CPA firms, 14, 25–27, 836–837 activities of, 26–27 and client, litigation between, 92–93 ethical conduct by, 84 quality control, 38–40 revenue and other data from US, 25 size categories, 25–26, 25t structure of, 27–28 CPAs, 16 assurance services provided by, 8–12 legal liability, 118, 119t nonassurance services provided by, 11–12 profession of, 24–45 requirements for becoming, 16f Credit Alliance, 123 Credit approval, 449 Credit memo, 452 Criminal liability for accountants, 130–131, 130f Criteria established information and, for evaluating efficiency and effectiveness, 837–838 Critical evaluation of evidence, 303 Current files, 202 adjusting entries, 203 supporting schedules, 203–204 working trial balance, 202 Current year acquisitions and disposals, verifying, 639–642 balance, comparison with preceding year’s, 194 Customer billing and recording of sales, 449–451 business risk for, order processing, 449 Cutoff, 164 for accounts payable, 621 for accounts receivable, 533–535 bank statement, 746 for insurance transactions, 648 misstatement, 533 physical observation of inventory and, 621 Cyberattacks, 335 Cybersecurity, 352 Cycle approach, 153–156, 155f D Data comparisons, client, 193–196 Database management systems, 355 Debit memo, 607 Debt compliance letters, 816 Debt compliance report, 817f Decisions audit evidence, 181–182 auditors’ in observation of inventory, 696–697 regarding audit reports, 66 materiality, 61–62 Deduction authorization, 664 Deficiencies in control identification of, 383f letter regarding, 383f Depreciation expense, verifying, 644 Detail tie-in as balance-related audit objective, 164 Difference estimation, 586, 588–591 Digital signatures, 356 Direct financial interest, 92 Direction of testing, 459, 460f Disclaimer of opinion, 59, 383–384 due to lack of independence, 66f Disclosure-related audit objectives, 426 Discovery of facts, subsequent, 787–788, 788f Discreditable acts rule, 102 Discussion among engagement team members, 265–266 Distribution of the reports, 833 Dividends, audit of, 726 Documentary discrepancies, 316 Documentation audit, 199–206, 204f, 783–784 evidence planning and, 503 of fraud assessment, 323 of understanding of internal control, 368–371 Documents and records acquisition and payment cycle, 606–609 adequate, 345, 669 examination of, 371 inventory and warehousing cycle, 686–688 payroll and personnel cycle, 663–665 sales and collection cycle, 448–452 for transferring inventory, 692 Dodd-Frank financial reform legislation, 305 Dual-dated audit report, 776 Dual dating, 776 E Earnings management, 298 Earnings, retained, 726–727 Economy and efficiency audit, 835–836 Effectiveness, 833 criteria for evaluating, 837–838 vs efficiency, 833–834 operating, of controls, 338 Efficiency, 833–834 Embedded audit module approach, 389–390 Emphasis of other matters, 57 Employees, appropriate, hiring and promoting, 308 Employment relationships conflicts arising from, 97 Encryption techniques, 356 Enforcement action by a State Board of Accountancy, 103 action by AICPA professional ethics division, 103 PCAOB Enforcement actions, 103–105 Engagement attestation, 807–810 staff selection for, 226 types of, 814 Engagement letter, 224, 225f Engagement quality review, 784 Engagement risk, 273 Engagements types of and related reports, 810f Enron, 220 Enterprise resource planning (ERP) systems, 355 Entity-level controls, 348 Equipment-related accounts, 638–639, 638f Error, 146 Errors vs fraud, 146 Escott et al v BarChris Construction Corporation (1968), 125f www.downloadslide.net Estimated population exception rate (EPER), 495–496 Estimated population misstatement, 578 Ethical conduct elements of, 308t need for, 83–84 Ethical dilemmas, 80–81 Ethical values, as subcomponent of control environment, 341 Ethics, 79–80 code of, 230 need for ethics, 79 principles of, 79f and reducing fraud risks, 307–309 unethical behavior and, 80–81 Evaluating audit results, 490, 507, 589–590, 785f Evidence, 4, 179–218 see also Documentation see also Information accumulation assurance and, 800f and evaluation of, 4–5, 839 appropriateness of, 182–183 decisions regarding, 181, 428 differing, among cycles, 270t evaluation of, 784–785 final, 777–781 from prior year’s audit, 379 key terms, 429t vs legal and scientific evidence, 180, 180t nature of, 180 persuasiveness of, 184–185 relationship to risk, 278–283, 281t, 282f reliability of, 182–183, 622–623 sufficient appropriate, 36–37, 183–184, 781–782 terms related to, 427–429 types of, 185–190, 190t audit tests involving, 414–415, 414t, 428 Evidence mix, 418–419 variations in, 418t Evidence-planning worksheet, 282f, 504f tests of details of balances and, 544f Examination, 809 Examination report under attestation standards, 810 Examine minutes issues subsequent to the balance sheet date, 776 Exception rate, 488–489 estimated population, 495–496 tolerable, 493–494 Existence as balance-related audit objective, 163 occurrence as transaction-related audit objective, 161 Expense account tests of details of balances for, 651, 673 Expense account analysis, 651 Explanatory paragraph, of unmodified audit report, 56f, 57 External document, 188 F Fair Labor Standards Act (FLSA), 117 Fair value estimates, 753 Fees contingent and rules of conduct, 99–100 referral and rules of conduct, 100–101 unpaid, 93 Fictitious revenues, 314, 318t Final evidence accumulation, 432, 777–781 Financial audit and reporting requirements— Yellow Book, 831 Financial instruments audit of, 736–764 defined, 738–739 types of accounts, 737–739 Financial interests direct versus indirect, 90 material or immaterial, 90–91 rules of conduct and, 90 Financial reporting fraudulent, 298, 317–319 internal control over, risk assessment for, 342–343 Financial statements audit documentation and, 203f audit of, 8, 12, 13–14, 166f audit of historical, cycles of, 152–157 disclosure checklist, 782–783, 784f disclosures, 782–783 information accompanying, 779–781 preparation, GAAP departure, 58–62, 64–66 prospective, 813–815 Finished goods, storage and shipping of, 687–688 Firewall, 356 Fixed asset master file, 638 Flowchart of internal control, 369 of sales and cash receipts, 454f Follow-up on nonresponses, 541–542 Forecasts, 813 and projections, 813 Foreign Corrupt Practices Act of 1977, 128 charges against Walmart, 128 Foreseeable users, 123–124 Foreseen users, 122–123 Fraud, 119t audit software analysis, 321–322 characteristics of perpetrators, 301f conditions for, 299–303 detection methods, 319f error vs., 145 and general cash account audit, 748–752 and illegal acts, communicate, 785 material, 146 other audit implications, 322–323 responsibilities when fraud is suspected, 319–323 risk factors, 299–300, 305 suspected, 319–323 types of, 298–299 Fraud examiners big data and, 13 Fraud risk, 267–268 antifraud controls and fraud deterrence, 310f assessment of, 268, 297–310 commonly cited conditions for, 301f management’s responsibility to evaluate, 309–310 mitigating, 309 reduction by corporate governance oversight, 307–311 responding to, 311–313 responsibility for mitigating, 311f specific areas of, 313–319 Fraud triangle, 299, 299f Fraudulent expense reports, 671–672 Fraudulent financial reporting, 145–147 Fraudulent Financial Reporting 1998–2007, 229–230 Frequency distribution of sample means, 584f Full disclosure, compilation with, 805f Functional audit, 835 Further audit procedures, 409 audit risk model and, 410f evidence and, 414t G General authorization, 345 General cash account audit of, 737, 740–748 other cash accounts and, 738f General controls, 349, 350–353 administration of the IT function, 350 application controls and, 349f backup and contingency planning, 352–353 categories of, 350t physical and online security, 352 separation of IT duties, 351f systems development, 351–352 General Standards Rule, 97 Generalized audit software (GAS), 389, 389f Generalizing from sample to population, 579–581 Generally accepted accounting principles (GAAP), lack of consistent application of, 55–56 Generally Accepted Attestation Standards, 808t Generally accepted auditing standards (GAAS), 32 Principles, 34–38 Generally Accepted Government Auditing Standards (GAGAS), 830, 831 Global Reporting Initiative (GRI), 11 Going concern entity’s ability to continue as, 188–189 evaluate assumption about, 777 substantial doubt about, 56, 56f Government accountability office auditor, 14 Government Auditing Standards (GAGAS) see also Yellow Book Government auditors, 835–836 Government audits, 830 Governmental financial auditing, 830–832 Guidelines for ARO and TER for nonstatistical sampling: Substantive tests of transactions, 496t Guidelines for ARO and TER for nonstatistical sampling: Tests of controls, 496t Guidelines, for materiality, 237, 238f H Haphazard sample selection, 487–488 Hardware controls, 353 Hierarchy of CPA firm, 28 Hochfelder v Ernst & Ernst (1976), 126f Horizontal analysis, 305, 306f Howard Sirota v Solitron Devices, Inc (1982), 127f Human resource records, 664 Human resources, policies and practices, 664 I IDEA, 321, 389 Illegal acts, 147–148 Imprest accounts, 737 Imprest payroll account, 666 Imprest petty cash fund, 738 Income and expense accounts, audit of, 649–653 Income smoothing, 298 Independence covered members and, 90 financial interests and, 90 in appearance, 89 in fact, 89 in mental attitude, of mind, 89 of operational auditor, 837 of provider, evidence and, 183 rule of conduct, 89–90 and Sarbanes–Oxley Act, 93–96 Independent auditors, Independent checks, 346–347 performance and, 669 Independent registrar, 724 Independent review in completion of audit, 784 of transactions, 610–611 Indirect financial interest, 92 Information about fraud risks, sources of, 304–306, 304f accompanying basic financial statements, 779–781, 780f and communication, 347 and established criteria, interim financial, review of, 806–807 often confirmed, 187t Information risk, biases and motives of the provider, causes of, 6–7 complex exchange transactions, reduction of, 7–8 remoteness of information, voluminous data and, Index 851 www.downloadslide.net Information technology (IT) internal controls specific to, 349–355 Informational inquiry, 320 Inherent limitations, 337 Inherent risk, 271, 276–278, 545, 741 for accounts receivable, 423 assessing, 276–278, 672, 753 Initial audit planning, 222–226 Initial sample size, 496–497, 569–571, 589 Input controls, 353–354 Inquiry of client, 189 of client’s attorneys, 771–773, 772f interrogative, 319 of management, 776 of management, regarding fraud, 264–265, 304–305 Inspection, 186, 265 Institute of Internal Auditors (IIA), 827–828 Ethical principles and rules of conduct, 828f Insurance, prepaid, 645–646 Insurance register, 646 Integrity and objectivity rule, 97 as subcomponent of control environment, 341 Interbank transfers schedule, 752f tests of, 750–751 Interest rate, risk-free, Interim proof of Cash, 750f Internal auditors, 15, 835 Internal comparisons and relationships, 195t Internal control, 336, 722–724 see also Tests of controls auditor responsibilities for reporting on, 339 communicate deficiencies in, 785–786 COSO components of, 339–348, 341f, 348t COSO framework and, 335–366 deficiencies in, 376f design of, 338 evaluating implementation of, 371 financial reporting and, IT enhancement of, 355–356 management and auditor responsibilities for, 337–338 for non-public companies, 385–386 objectives of, 336 over financial reporting, for prepaid insurance, 646 procedures to obtain an understanding of, 410 questionnaire, 369 relationship to operational auditing, 834 understanding, 368f in acquisition and payment cycle, 609 in outsourced systems, 380 in payroll and personnel cycle, 667 summary of, 391f Internal document, 187 Internal financial auditing, 827–830 Internal Revenue Agents, 14, 14–15 Internal Revenue Service (IRS), Internal verification procedures, 455 International and AICPA assertions, 158 International Auditing and Assurance Standards Board (IAASB), 32 International Business Machines Corporation’s report of management, 144f International Ethics Standard Board for Accountants (IESBA) Code of Ethics for Professional Conduct, 89f International Federation of Accountants (IFAC), 32 International Federation of Independent Audit Regulators (IFIAR), 38 International Financial Reporting Standards (IFRS), International Standards for the Professional Practice of Internal Auditing, 827–828, 829f International Standards on Auditing (ISAs), 32, 32–34 Interrogative inquiry, 320 Inventory audit of, 689–691 compilation tests, 690, 697–701 and costs, flow of, 686f fraud risks, 317, 317t 852 Index and fraudulent payroll considerations, 670–671 master file, perpetual, 688, 692–693 observation requirements, 695–697 price and compilation of, 690–691 price tests, 697 pricing and compilation of, 697–701, 700t in transit, 621–622 valuation of, 699–701 Inventory and warehousing cycle, 686 audit of, 685–714 cost accounting, 691–694 pricing and compilation of, 697–701 business functions in, 686–688 functions in, 689f integration of tests, 701–703 physical observation of inventory, 690, 695–697 Invoice sales, 450 vendors’, 607 Invoice confirmation, 538–539 J Job cost system, 687 Job time ticket, 665 JOBS Act of 2012, 725 Joint and several liability, 119t Journal or listing acquisitions, 608 payroll, 665 sales, 450 Judgment, professional, 36, 150–152, 510–511 common biases, 152, 152t elements of effective process, 150f framework 150–152, 150f strategies to mitigate common judgment tendencies, 152t traps, 152, 152t K Key controls, 374, 462, 668t Kiting, 751 L Lack of duty to perform, 121 Laws and regulations, 147–148 Lawsuits, opposed by CPA firms, 131 Lead schedule, 202 Legal concepts affecting liability, 117–119 Legal expense expense analysis for, 652f Legal liability, 114–140 for the acts of others, 118 business failure and, 116 changed legal environment, 115–116 of CPAs, 118, 119t legal terms affecting, 119t protection from, 131–132 lack of privileged communication, 118 profession’s response to, 131–132 prudent person concept, 117 sources of, 118, 120f Lending procedures, independence and, 93 Letter of representation, 776 Level of disaggregation of planning activities, 425–426, 425f Liability accrued, audit of, 648–649 civil, under federal securities laws, 124–130 civil, under the federal securities laws, 118 to clients, 118–122, 121f criminal, 118, 120f legal concepts affecting, 117–119, 119t out-of-period liability tests, 619 payroll, tests of details of balances for, 673 recognition of, 607–608 to third parties under common law, 118, 120f, 122–124, 123t Limited liability company (LLC), 28 Limited liability partnership (LLP), 28 Liquidity activity ratios, 198 Listening techniques, auditors’, 320 Litigation between CPA firm and client, 92–93 Local area networks (LANS), 355 Long-term debt obligations, ability to meet, 198 M Madoff, Bernie, 302 Management communication with, 502–503, 785–787 and governance, 229–230 information risk shared with, 7–8 inquiries of, 264–265 inquiries of, regarding fraud, 304–305 letter, 382, 787 override of controls, 312–313 payment of audit fees, 96 representation letter, 776, 777–779 responsibilities, 144 related to internal control, 337 section 404 reporting responsibilities, 337–338 Management assertions, 158–160, 159t, 165, 165t about account balances, 160 about classes of transactions and events, 159 about presentation and disclosure, 160 audit objectives and, 160 International and AICPA assertions, 158 PCAOB assertions, 158 Management consulting services, 26–27 Management letters, 382 , 787 Manual controls, 353 Manufactured inventory, pricing of, 700–701 Material weakness, 374–377, 384f Materiality, 59–62, 234–235 applying, steps in, 235f decisions, 61–62 for financial statements as a whole, 235–238 levels of, 36, 60–62, 61t performance, 527, 544, 617, 741 preliminary judgment about, 236–237 as relative concept, 236 revised judgment about, 236 McKesson-Robbins, 297 Mean-per-unit estimation, 587 Measurement limitations, 280–281 Minutes of meetings, 230 Misappropriation in acquisition and payment cycle, 318 of assets, 145–147, 298–299, 314 of receipts involving revenue, 316–317 Misstatement bound, 577 Misstatements, 566–567 analysis of, 573 comparison with preliminary judgment, 241–243 cutoff, 533 known, 241 likely, 241 material, 36, 49, 60 discovery by auditors, 145–146 and monetary unit sampling, 580–582 in population, 589 possible, 189 as a result of fraud, 312, 319–323 in sales, 458 tolerable, 578 Monetary unit sampling (MUS), 575–583 acceptability of population using, 577 audit uses of, 582–583 comparison with nonstatistical sampling, 575–577 defined, 575 generalizing from sample to population, 577 when misstatements are found, 580–582 when no misstatements found, 579–580 sample size determined using, 576, 577–579, 579t www.downloadslide.net Monitoring fraud risk prevention programs, 309 of internal control performance, 347–348 Monthly statements, 451, 455 N Name and form of organization rule, 101–102 Narrative, describing internal controls, 369 National Association of State Boards of Accountancy (NASBA), 16 Negative confirmation, 539–540, 540f Negligence constructive fraud, 119t gross negligence, 119t ordinary negligence, 119t Nonassurance services, 11–12 Nonaudit services, 93–94 Noncompliance with laws and regulations, 147–148 Nonexistent payroll, tests for, 671 Nonexistent transactions, 459 Nonnegligent performance, 121 Nonprobabilistic sample selection, 485 methods, 487–488 Nonpublic companies, internal control for, 385–386 Nonresponses, follow-up on, 541–542 Nonroutine transactions, 268, 277 Nonsampling risk, 484, 512 Nonstatistical sampling application of, 489–503 comparison with monetary unit sampling, 575–577 variables sampling, 583 defined, 485 for tests of details of balances, 566–575 Nonverbal cues, during inquiry, 321t Notes payable, 717–721 analytic procedures, 718–719, 719t internal controls, 718 and related interest accounts, 717f tests of controls and substantive tests of transactions, 718 tests of details of balances, 719–720, 722t O Objectivity and evidence, 183 and integrity rule, 97 Obligations long-term debt, 198 Observation, 265 as audit evidence, 190 of entity activities and operations, 371 physical, of inventory, 695–697 Occurrence rate of see Exception rate recorded acquisitions and, 613 of recorded sales, 458–459 as transaction-related audit objective, 161 Office of Management and Budget (OMB) Circular A-133, 832 Officer’s compensation, 674–675 Omitted transactions, 459 Online security, 352 Operational auditing, 12, 833–840 criteria for evaluating efficiency and effectiveness, 837–838 difference from financial auditing, 833 effectiveness vs efficiency, 833–834 examples of findings, 840 independence and competence of auditor, 837 performance of, 835–836 phases in, 838–839 types of, 834–835 Opinion paragraph, 51 of separate report on internal control, 53f of unmodified shared report, 57, 58f Organizational audit, 835 Organizational structures and control environment, 342 of CPA firms, 27–28, 28t Out-of-period liability tests, 619 Output controls, 354 Outsourced systems, understanding internal controls in, 380 Owner’s equity, 721–727 dividend accounts and, 723f Ownership interests, 95 Ownership of audit files, 200 P Parallel simulation testing, 388–389 Parallel testing, 352 Partner rotation, 95 Partnerships general, of CPA firms, 27 limited liability (LLP), 28 Payments, authorization of, 611 Payroll payment of, 666 preparation of, 664–665 Payroll and personnel cycle, 663 accounts and classes of transactions in, 665t accounts and transactions in, 663, 664f audit of, 662–683 business functions in, 663–666 integration of, for inventory, 702 Payroll bank account reconciliation, 666 Payroll expenses, and fraud risk, 318–319 Payroll master file, 665 Payroll taxes, 666, 669–670, 675 PCAOB Staff alert on professional skepticism, 149 Peer review, 38 exceptions to confidentiality and, 99 Percent of misstatement, 580t Performance independent checks on, 346–347 Performance materiality, 235, 238–241, 240f, 423, 527, 544, 617, 672, 741, 753 planned evidence and, 283f Permanent files, 201–202 Perpetual inventory master files, 688, 692–693 Persuasiveness of evidence, 182–185 appropriateness of evidence, 182–183 Petty cash, 738 Phantom inventory (chapter opener), 685–686 Phases of the audit process, 166–168, 429–433 Physical control over assets and records, 346, 669 over computer equipment, 352 over inventory, 692 Physical examination, as audit evidence, 186 Physical inventory, pricing and compilation, 703 Physical observation of inventory, 695–697 Pilot testing, 352 Plan the sample, 490, 506–507 Planned detection risk, 271, 381–382 and planned audit evidence, 546 Planning and supervision, adequate, 36 Planning phase of audit process, 166–167, 429 in operational auditing, 838–839 Pocketing parking cash, 316 Point estimate, 571–572 Ponzi, Charles, 302 Ponzi scheme, 302 Population defining, 491–492, 567–568 effect of size, 507–508 generalize from sample to, 499, 571–572, 579–582, 589–591 misstatements in, 569, 589 recorded dollar, 567, 575–576 rejected, subsequent action, 573–575 requesting client to correct, 574–575 Positive confirmation, 538–539, 539f Preliminary judgment about materiality, 235, 236–237 Premature revenue recognition, 314–316, 450, 534 Prenumbered documents, for sales, 455 Prepaid expenses, audit of, 645–648 Prepaid insurance related accounts and, 646f Preparation services, 806 Prepare proof of cash receipts, 464–466 Presentation and disclosure-related audit objectives, 163–165, 675, 767t for accounts receivable, 537 for capital stock, 725 and completing the audit, 432, 767–768 Pricing and compilation audit of, 697–701 controls, 698–699 procedures, 699 Principles performance, 36–37 reporting, 37 responsibilities, 35–36 underlying an audit, 34 underlying GAAS, 34–38 Private Companies Practice Section (PCPS), 40 Private Securities Litigation Reform Act of 1995, 131 Privileged information, 99 Probability proportional to size sample selection (PPS), 487, 576–577 Procedures suggested for reviews, 801–802 Procedures to obtain an understanding, 369 Process cost system, 687 Processing controls, 354, 354t Professional conduct see also Ethical conduct code of, 85–88 by CPAs, 86f principles of, 88, 88t Professional ethics, 7, 78–113 Professional judgment, 150–152 common biases, 152, 152t elements of effective process, 150f framework, 150–152, 150f strategies to mitigate common judgment tendencies, 152t traps, 152, 152t Professional skepticism, 36, 148–150, 303–304 Profitability ratios, 198–199 Program audit, 836 Projections, 813 Prompt and accurate recording, 607 Proof of cash, 749–751 Proper authorization of transactions and activities, 344–345 Property, plant, and equipment audit of, 637–645 classification of accounts, 638t Property taxes, accrued, audit of, 648–649, 648f Proprietorship, 27 Prospective financial statements, 813–815 potential legal liability in, 814 use of, 813–814 Prudent person concept, 117 Public Company Accounting Oversight Board (PCAOB), 29 auditing standards, 33–34 considering changes to the audit report, 54 report on internal control, 52–53, 53f, 381 sanctions and, 127–128 unqualified report, 51–52, 52f Public company interim review, 806–807, 807f Publicly held corporation, 721 Purchase orders, processing of, 606, 687 Purchase requisition, 606 Purchased inventory, pricing of, 699–700 Purchases authorization of, 609 fraud risks for, 317–318 Index 853 www.downloadslide.net Q Qualifications of individuals providing information, 183 Qualified opinion, 58–60, 63–66, 64f, 65f, 383–384 Quality control, 38 of CPA firms, 38–40 elements of, 39, 39t peer review, 39 relationships, 40f Questionaire, internal control, 369–370, 370f, 371 Questioning mind, 303 R Random sample, 485–486 Ratio estimation, 586–587 Raw materials receipt and storage of, 687 Realizable value of accounts receivable, 535–536 Realizable value as balance-related audit objective, 164 Reasonable assurance, 145, 337 Recalculation, 189 Receipts involving revenue, misappropriation of, 316–317 Receiving report, 606–607 Recorded population value, 577 Related party, 228–229 Related party transaction, 228–229 Relating performance materiality and risks to balance audit objectives, 280 Relevance of evidence, 182 Relevant assertions, 160 Reliability of evidence, 182–183, 622–623 Remittance advice, 451 Reperformance, 189–190 Report on income tax basis, example of, 816f Reports on Controls at Service Organizations (SOC Reports), 811–813 Type report, 811 Type report, 812 Type report, 812–813 Reports on internal control over financial reporting management assertions, separate or combined report, 52 Representative sample, 483–484 Resolving ethical dilemmas, 82–83 Restatement of Torts, 123 Retained earnings, 726–727 Revenue fraud risks, 313–317 Review accounting estimates for biases, 312–313 Review attestation engagement review of, 809–810 Review for subsequent events, 773–776, 774f Review internal statements prepared subsequent to the balance sheet date, 775–776 Review of audit documentation, 783–784 Review of historical financial statements, 10 Review records prepared subsequent to the balance sheet date, 775 Review report, 803, 803f Review services (SSARS review), 800–804 Review services, 800–804 Revenue fraud risks, 313–317 Rights and obligations as balance-related audit objective, 164 Risk, 262 see also Acceptable risk; Client business risk; Control risk evidence and, 269, 279t inherent see Inherent risk of material misstatement, 36, 222, 261–296, 422 of material misstatement at the assertion level, 263 of material misstatement at the overall financial statement level, 263 relationship to materiality, 283 sampling and nonsampling, 483–484 in variables sampling, 587–588 854 Index Risk advisory services, 26 Risk assessment for financial reporting, 342–343 procedures, 227, 263–267, 264f, 409–410 update process, 313 Risk factors for fraudulent financial reporting, 276–277, 299, 300t, 313–319 for misappropriation of assets, 276–277, 300–303, 302t Rules of conduct, 87–88, 96–103 advertising and solicitation, 101 applicability of, 88 commissions and referral fees, 100–101 conceptual framework of, 86–87 confidentiality, 98–99 discreditable acts, 102 enforcement of, 103–105 form of organization and name, 101 independence, 89–90 integrity and objectivity, 97 interpretations of, 88 safeguards, 87 summary of, 104t technical standards, 97 threats to compliance, 86–87 Rusch Factors v Levin (1968)—Liability to third parties, 123 S Salaries and wages, accrued, 673–674 Sales cutoff, 533–534 designing substantive tests of transactions for, 458 designing tests of controls and substantive tests of transactions for, 453f internal control, 453 journal or listing, 450 recorded, existing, 459–461 returns and allowances, 452, 463, 534 summary of methodology for, 462–463 transaction file, 450 Sales and collection cycle, 448 accounts and classes of transactions in, 448f accounts in, 447–448, 447f analytical procedures for, 529t business functions for, 448–452 classes of transactions in, 447–448 control risk for, 423 integration of tests, for inventory, 701–703 role of audit tests in audit of, 411f substantive tests of transactions and, 423 tests of controls and, 423 tests of controls and substantive tests of transactions, 446–480 transaction-related audit objectives, 528f types of audit tests for, 469f Sales order, 449 Sample exception rate (SER), 499 Sample selection, 485, 497–498 evidence decisions and, 181 methods, 485–488 probabilistic, 485–487 probabilistic vs nonprobabilistic, 485 probability proportional to size, 487, 576–577 stratified, 487 Sample size, 578 for accounts payable tests, 623 for attributes sampling, 508t calculation with difference estimation, 588–589 for confirming accounts receivable, 541 determination using monetary unit sampling, 577–578 effect of, 497t evidence decisions and, 181 expanding, 501–502 increasing, 574 initial, 496–497 in physical observation, 696–697 for small populations, 497 tests of details of balances, 570t Sampling attributes, 503–511 audit, 483 decisions about, 541 for exception rates, 488–489, 506t monetary unit, 575–583 nonstatistical, 485, 489–503, 504, 566–575 statistical, 484 statistical vs nonstatistical, 484–485 variables, 583–588 Sampling distribution, 504–506, 584t for a population distribution, 585f Sampling interval, 578–579 Sampling risk, 242, 483 in monetary unit sampling, 581–582 in variables sampling, 587–588 Sampling unit, defining of, 492–493, 568 Sarbanes–Oxley Act, 9, 32, 128–129 and audit documentation, 200 independence and, 93–96 and PCAOB, 29 Section 404, 9, 51–52, 381–382 Scienter, 126 Scientific evidence, 180t Scope limitation of audit, 58 Scope paragraph, 51 of unmodified shared report, 58f Section 404 of the Sarbanes–Oxley Act of 2002 auditor responsibilities, 338–339 management responsibilities, 337–338, 338f report on internal control over financial reporting, 51–53 types of audit opinions, 382–384 Securities Act of 1933, 30, 124–125, 129f Securities Act of 1934, 127f, 129f Securities and Exchange Commission (SEC), 30 authority to sanction, 127–128 provisions addressing auditor independence and, 93–94 Securities Exchange Act of 1933, 125–126, 125f Securities Exchange Act of 1934, 126f, 125–127 Rule 10b-5 of, 126 Segregation of IT duties, 351f Separate and proportionate liability, 119t Separate report on internal control over financial reporting, 51–53, 53f Separation of authorization of transactions from custody of related assets, 344 Separation of duties adequate, 344, 454–455, 669 and proper record keeping for owners’ equity, 723–724 Separation of IT duties, 350–351 from user departments, 344 Separation of operational responsibility from record-keeping responsibility, 344 Service auditor, 380–381 Service center, 356, 380–381 Service organization control (SOC), 811–813 Shareholders’ capital stock master file, 723 Shipping contract FOB destination, 621 FOB origin, 621 Shipping document, 449, 542 Short-term debt-paying ability, 196–198 Significant deficiency, 374–377, 375f Significant risks, 268, 379, 422 Simple random sample selection, 485–486 Single Audit Act of 1984, 832 Six-step approach to resolving ethical dilemmas, 82–83 Skepticism, professional, 148–150, 303–304 Special assignments, in operational auditing, 835 Specialists, 226 Specific authorization, 345 Specified elements, accounts, or items, 816 Standard bank confirmation form, 744, 745f Standard cost records, 698 www.downloadslide.net Standard unmodified opinion audit report, 47, 52, 58–59 conditions for, 50 for nonpublic entities, 47–50 parts of, 47–48 for public companies, 51 Standards accounting principles, 98 attestation, 808 compliance with, 86–87, 98 of conduct, 88f performance, 36–37 responsibilities, 35–36 reporting, 37 set by AICPA, 31–32 Statements on Auditing Standards (SASs), 31, 40 Statements on Internal Auditing Standards (SIASs), 828 Statements on Standards for Accounting and Review Services (SSARS), 800 Statements on Standards for Attestation Engagements (SSAE), 808 Statistical inferences, 585–586 Statistical sampling, 484 Statistical versus nonstatistical sampling, 484–485 Statutory law, 119t Stock transfer agent, 724 Stratified sampling, 487, 567–568 Stratified statistical methods, 587 Subpoenas, 101 Subsequent discovery of facts, 787–788, 788f Subsequent events, 774 audit tests, 775–776 dual dating, 776 review for, 774f types of, 774–775 Substantive analytical procedures, 167, 189, 546 for equipment, 639–641 sales and collection cycle, 530t Substantive testing, 411 expanded when fraud is suspected, 322 Substantive tests of transactions, 167, 411–412, 462–463, 528, 546 audit sampling for, 482–523 designing, 420f, 421f designing for acquisitions and payment cycle, 609–616, 610f financial instruments, 742, 754 payroll and personnel cycle, 666–672 sales, 453f effect of results of, 468–469 for notes payable, 718 in phase II of audit process, 167–168 relationship to tests of controls, 420–421 trade-off with tests of controls, 416–417 Sufficiency of evidence, 183–184, 781–782 Supporting schedules, 203–205 Sustainability reporting, 809 Systematic sample selection, 486–487 Systems development, 351–352 SysTrust services, 813 T Tainting, 580 Tax return audit of, 5f payroll, 666, 673 Tax services, by CPA firms, 26 Test data approach, 386–388, 387f Tests of controls, 377–381, 462, 528 in audit plan development, 410–411 audit sampling for, 482–523 cash receipts, 464 designing, 420f, 421f acquisition and payment cycle, 609–616, 610f, 617–618 cash receipts, 464–468 financial instruments, 754 payroll and personnel cycle, 666–671 sales, 456–458 effect of results of, 468–469 extent of, 378–379, 455–456 illustration of, 412t in phase II of audit process, 167–168 procedures for, 377–378 purpose of, 377 relationship to substantive tests, 416 substantive tests of transactions, 420–421 trade-off with substantive tests, 416–417 Tests of details of balances, 168, 422–425, 640t,719–720 for accounts payable, 616–623, 617f in audit plan development, 413 audit program, 543–546 of cash, 742–744, 744t, 754–755 designing, 424f accounts receivable, 422–424, 525–537, 525f payroll and personnel cycle, 672–676 evidence-planning worksheet, 281–282 expense account analysis, 674–675 for financial instruments, 754–755, 755t inventory and, 698t for inventory pricing and compiliation, 700t for notes payable, 719–720 for notes payable and interest, 722t in phase III of audit process, 167–168 The Uniform CPA Examination Candidate Bulletin, 16 Third parties legal liability to, 120f, 123t suits by, auditor defenses against, 122–124 Third-party beneficiary, 119t Those charged with governance, 342, 382 Tick marks, 206 Time record, 665 Timekeeping payroll preparation and, 664–665 Timing of audit tests, 431t of confirmations, 540–541 difference, 535 evidence decisions and, 181 as transaction-related audit objective, 162 Tolerable exception rate (TER), 493–494 Tolerable misstatement, 568, 577, 578 Total payroll, 675 Tracing, 188 Training, fraud awareness, 309 Transaction classes in sales and collection cycle, 447–448 Transaction cycles, 156f cash in the bank and, 739–740, 739f Transaction file acquisitions, 607–608 payroll, 665 Transaction-related audit objectives, 157, 161–162, 426, 428t, 457t, 462, 465t, 612t, 615t, 668t Transactions flow of from journals to financial statements, 153f timely recording of, 610–611 Trial balance accounts payable, 608 working, 202 Trust Services, five principles of, 812t Type report, 811 Type report, 812 Types of attestation engagements, 808–809 Types of tests, 409–414, 428 U Ultramares Corporation v Touche (1931), 122f Ultramares doctrine, 122 Unadjusted misstatement audit schedule, 782, 783f Unasserted claim, 771 Uncollectible accounts, 536f audit tests for, 468 authorization form, 452 Unethical behavior, 79–80 Unit cost records, 693–694 United States v Andersen (2002), 130f Unmodified audit report with explanatory paragraph or modified wording, 54–55 Unmodified opinion, refusal to give, 575 Unqualified opinion on internal control over financial reporting, 382 Unusual fluctuations, 189 Unusual transactions, significant, 268, 313 U.S Government Accountability Office (GAO), 14 V Vacation pay, accrued, 674 Valuation of inventory, 699–701 Variables methods, 586–587 Variables sampling, 583, 583–588 comparison with nonstatistical sampling, 583 difference estimation, 586 mean-per-unit estimation, 587 ratio estimation, 586–587 sampling distributions, 583–585 sampling risks, 587–588 statistical inference, 585–586 stratified statistical methods, 587 Vendor’s invoice, 607, 620 Vendor’s statement, 608, 620 Verbal cues, during inquiry, 320t Verification in audit of property, plant, and equipment, 639–645 of addresses, 541 of information, by user, Vertical analysis, 306 Voucher, 607 Vouching, 188 W W-2 Form, 666 Walkthrough, 371 WebTrust assurance services, 813 whistleblower, 305 Wide area networks (WANs), 355 Working trial balance, 202 Workplace environment, positive, 308 Y Yellow Book, 830 Index 855 www.downloadslide.net Credits Chapter 25: p 799, Volodymyr Kyrylyuk/Fotolia Chapter 2: p 24, adimas/Fotolia Chapter 10: p 297, Keystone-France\ Gamma-Rapho/Getty Images Chapter 3: p 46, Justaman/Fotolia Chapter 11: p 335, Focus Pocus LTD/Fotolia Chapter 4: p 78, Andrew Martin/Fotolia; p 85 bulleted list, © 2015, AICPA All rights reserved Used by permission; p 87 numbered list, © 2015, AICPA All rights reserved Used by permission; pp 89-102 excerpts, Copyright by American Institute of CPAs All rights reserved Used with permission Chapter 12: p 367, BillionPhotos.com/ Fotolia Chapter 5: p 114, sergign/Fotolia; p 117 text excerpt, A Treatise on the Law of Torts: Or the Wrongs which Arise Independent of Contract, by Thomas M Cooley Chapter 17: p 564, WavebreakMediaMicro/ Fotolia Hillsburg Hardware Insert: p left to right, Esin Deniz/Fotolia; Mr Twister/Fotolia; markobe/ Fotolia; p 3, Monkey Business/Fotolia; p left to right, Michael Levy/Shutterstock; omkar.a.v/ Shutterstock; photocell/Shutterstock; Chad McDermott/Shutterstock; p 5, BillionPhotos com/Fotolia; p bottom left, golubovy/Fotolia: right, top to bottom, ostill/Shutterstock; EDHAR/Shutterstock; Monkey Business/Fotolia; szefei/Shutterstock; Kurhan/Fotolia; Carlos E Santa Maria/Shutterstock; Kurhan/Fotolia; Steve Cukrov/Shutterstock; p 7, Sergii Moscaliuk/ Fotolia; p left to right, Shebeko/Shutterstock; Alex Kuzovlev/Shutterstock; STILLFX/Shutterstock; Shutterstock; p 11 left to right, Pi-Lens/ Shutterstock; Andrew Williams/Shutterstock; Melissa King/Shutterstock; sint/Shutterstock; p. 12 left to right, hektoR/Shutterstock; Olegusk/ Shutterstock; Olegusk/Shutterstock; Artography/ Shutterstock; p 13, francescodemarco/Fotolia Chapter 1: p 3, Naj/Fotolia Chapter 6: p 142, Vladimir Wrangel/Fotolia; p 158 bulleted list, from Auditing Standard No 15 - Financial Statement Assertions Chapter 13: p 408, Wavebreak Media Ltd/123RF Chapter 14: p 446, boscorelli/Fotolia Chapter 15: p 482, acnaleksy/Fotolia Chapter 16: p 524, adam121/Fotolia Chapter 18: p 604, Andrey Popov/Fotolia Chapter 19: p 636, Vladyslav Danilin/Fotolia Chapter 20: p 662, eXpose/Fotolia Chapter 21: p 685, Rolandino/Fotolia Chapter 7: p 179, chatchaiyo/Fotolia Chapter 22: p 715, frenk58/Fotolia Chapter 8: p 220, Keith Wood/Corbis Chapter 23: p 736, Niki Love/Fotolia Chapter 9: p 261, bloomua/Fotolia Chapter 24: p 766, javiindy/Fotolia 856 Credits Chapter 26: p 826, Gary Blakeley/Fotolia ... to Balance-related and presentation and Disclosure-related audit Objectives Objective 1 3-5 Compare and contrast transaction-related audit objectives with balance-related and presentation and disclosure-related... (1) plan and design an audit approach, (2) perform tests of controls and substantive tests of transactions, (3) perform substantive analytical procedures and tests of details of balances, and (4)... 1 3 -2 , the auditor obtains a higher overall assurance for transactions and accounts in the sales and collection cycle than the assurance obtained from any one test To increase overall assurance