AUD44M0 Notes - Intro to Ro MM at Assertion Level and Audit Procedures PDF

Preview

Summary

Risk to material misstatements and audit procedures...

Description

DEPARTMENT OF ACCOUNTING AUDITING II [AUD44M0] 2020 LECTURE NOTES Audit Response – ISA 330 Introduction to risk assessment at assertion level + audit procedures (incl. Sampling, CAATs, etc.) & Revenue

Table of content Prescribed reading:.......................................................................................................................................................... 2 Learning objectives: ........................................................................................................................................................ 2 1.

Introduction .............................................................................................................................................................. 4

2.

ASSERTIONS ............................................................................................................................................................. 5

3.

DETERMINANTS OF THE NATURE OF FURTHER AUDIT PROCEDURES ........................................ 6

4.

The SUBSTANTIVE PROCEDURES ................................................................................................................... 8

5.

Class Example ........................................................................................................................................................ 11

6.

Objective Test ........................................................................................................................................................ 11

Prescribed reading: ▪ Auditing Fundamentals in a South African Context- Chapter 13: o section 13.1 – 13.3.2.1 (page 537 - 544) – Intro & Intro to Test of Controls; o section 13.3.3 (pages 553 - 563) - Substantive Procedures – including the substantive procedures over Revenue. ▪ ISA 330.

Learning objectives: ▪ Explain how audit risk can be reduced to an acceptable level. ▪ Describe how the audit plan assists the auditor in reducing audit risk to an acceptable level. ▪ Describe how the nature, timing and extent of the further audit procedures can be varied in an audit to achieve an acceptable level of detection risk. ▪ Develop an audit plan, or aspects thereof, in relation to specific facts and circumstances. ▪ Discuss factors that the auditor considers in determining the nature of the further audit procedures. ▪ Explain the various types of audit procedures available to an auditor and the difference between these. ▪ Explain which of these types of procedures are most appropriate in order to achieve specific audit objectives. ▪ Contrast Tests of Controls and Substantive Procedures. ▪ Discuss the relationship between assertions, specific audit objectives and tests of controls performed by the auditor. ▪ Describe how the auditor concludes on the design and operating effectiveness of controls. ▪ Discuss the relationship between assertions, specific audit objectives and substantive procedures. ▪ Explain how the auditor uses the assessment of risk of material misstatement in classes of transactions and balances to design appropriate substantive procedures to detect potential misstatements. ▪ Describe and apply a general framework and principles that the auditor follows for developing substantive procedures for particular circumstances. ▪ Formulate specific substantive procedures used by the auditor in performing substantive tests of details.

2 | Page

▪ Discuss the nature of substantive analytical procedures as an effective form of audit testing. ▪ Describe the considerations in determining the use and reliability of substantive analytical procedures to provide audit evidence.

3 | Page

Hey there, Welcome to our lecture on Audit Procedures (Chapter 13). Last week you covered the concept of Materiality, which is one of the ways of responding to a risk of material misstatement at an overall financial statement level. The whole purpose of “auditing” is to express an audit opinion, after having gathered sufficient appropriate evidence! However, since we are not able to audit everything, we apply a risk-based auditing approach, which means we first identify audit risk (ISA 315). We do so by Obtaining an Understanding of Entity and its Environment – then identify material risks and then RESPOND to the identified risks (ISA 330). These notes will look at AUDIT RESPONSE to the identified audit risk [Risk of Material Misstatement (Inherent & Control Risk) and Detection risk]. Unless we respond to the audit risk, we are not able to achieve our audit outcome (gathering sufficient appropriate evidence, from which we can base and express an audit opinion). 1.

Introduction

Now that we know what it means when financial statements are at risk of material misstatement (because we know and can quantify even the risk) – we now can set a plan of how to address the risk (reduce the audit risk to an acceptable level) . Remember, the risk of material misstatement can now be identified at an Overall financial statement level (we respond by applying Overall Audit Responses) and Assertion level (meaning that now the risk is affecting a specific account balance, classes of transactions or disclosure). Balances are in the Statement of Financial Position, Classes of Transactions are in the Statement of Comprehensive Income/ Income Statement and the Disclosures can be found in the Notes to the Financial Statements. Our audit response is through formulating Audit Procedures! These can either be Test of Controls (which will always be accompanied by some substantive procedures, hence this is sometimes referred to as the “Combined Audit Approach”) OR Substantive Audit Procedures (made up of Analytical Procedures and Test of Detail). Remember in CFIS, you spent time being introduced to Internal Controls…and at that stage you were designing controls and ensuring that they achieve 4 | Page

management objectives (lead to Valid, Accurate and Complete transactions/ financial records). You assisted the management by evaluating the controls, identifying weaknesses in them and making recommendations. You were NOT an auditor then, but either part of management or a Consultant assisting the Management Team. Now in this course, we expect you to have a sound knowledge and understanding of internal controls, and the control activities of the different business cycles. This includes understanding the documents, processes and people that are involved in the business cycles (e.g. sales order, internal sales order, invoice, delivery note, segregation of duties, etc). You are now an auditor and need to Test the controls (if they are reliable and are working as intended!) and can rely on them. This will help you to conclude that if the internal controls are operating effectively then the figures that are the product of the controls should reasonably be valid, accurate and complete! Meaning that the assertions made by management over these figures are true! If the controls are not effective – you would not bother to test them as the Auditor, meaning that you would rather perform Substantive Audit Procedures to gather your audit evidence. So, we perform audit procedures by either Testing controls or perform Substantive Procedures! While we look at both responses here in this lecture week (Test of Control and Substantive Procedures) – the focus for the week and a couple of weeks following, is on the Substantive Procedures)

2.

ASSERTIONS

ISA 315 defines Assertions as: Representations by management, explicit or otherwise, that are embodied in the financial statements, as used by the Auditor to consider the different types of potential misstatements that may occur. This simply means that when we are looking at the financial statements, we are looking at the “claims” that management are making pertaining those financial statements that they prepared. For example, if we look at Revenue (which is the product of IFRS 15) of R15 Million, management of the entity are making the following “assertions” (assuming that the entity sells both on credit and in cash).

5 | Page

▪ All transactions (credit & cash) that took place during the period have been recorded in the accounting records and none have been left out (omitted) (Completeness) ▪ All revenue transactions (credit & cash) that have been recorded in the accounting records indeed took place and pertain to the entity (Occurrence) ▪ All revenue transactions (credit & cash) have been recorded in the accounting records and disclosed at the correct amounts and are based on correct calculations (Accuracy). ▪ All revenue transactions (credit & cash) have been recorded in the accounting records in the accounting period in which they took place (meaning that all performance obligations that have been satisfied have been correctly accounted for in the period in which they were satisfied) (Cut-Off). ▪ All revenue transactions (credit and cash) have been recorded in the correct and proper GL accounts, meaning that as there are different performance obligations in terms of IFRS 15, revenue transactions for one performance obligation e.g. Sale of Goods) have been recorded in their correct account (not in Interest Revenue for example) (Classification). We have specifically made reference to Revenue above – because in this lecture week, we are looking at Revenue and in following weeks we will be looking at Substantive Procedures over other line items of AFS: PPE, Expenses, etc.

3.

DETERMINANTS OF THE NATURE OF FURTHER AUDIT PROCEDURES

Whether or not the Auditor will follow a Combined Audit Approach (Test of Controls) or a Substantive Audit Approach, to gather audit evidence about a particular assertion depends on many factors; for example, the assessed level of risk of material misstatement for the assertion. For example, if we have assessed that Revenue is at high risk of being materially misstated due to errors as a result of the complexity of the calculations involved in determining it (the assertion at high risk here is Accuracy). Our audit procedures (whether substantive or tests of controls) are going to specifically address (reduce) the audit risk we have assessed as high for the Accuracy Assertion. From this, it is crucial to note that our audit procedures are risk-addressing! In that way, we will be able as Auditors to detect any material misstatements, to an acceptable level (we are not able to 100% eliminate the risk), and therefore enable 6 | Page

us to conclude and express an opinion). Although we “audit” the entire set of the AFS (material balances, transactions and disclosures {quantitatively and qualitatively}) – we “eat” the “audit elephant” in bits and pieces – by “auditing” each section separately! For example, we are testing Revenue in these notes. Revenue is being “tested” or “audited” to address each assertion that we have assessed as being at risk of material misstatement. Very important to note is that we will apply the “Test of Control” only if the controls (which management designed, implemented and monitored - Think CFIS!) are expected to be operating effectively (throughout the year). Controls can only be “working” if they have been designed and then implemented according to the design, then were effective throughout the period – we can then conclude that the controls operated effectively. Remember it is “management” that design controls, implement them and monitor them from time to time if they are still working as intended. Then, we come in as Auditors to test the operating effectiveness of the controls to determine whether we can rely on them. Our ultimate goal is to reduce the risk of material misstatement on the assertions – we therefore indirectly do so by relying on the controls (if we decide to test controls). In deciding whether or not to test controls (i.e. follow a combined audit approach), we look at the following factors: • Necessity of placing reliance on intern al controls (if we expect that the controls are operating effectively and also if we conclude that Substantive Procedures alone will not help us to address the Risk of Material Misstatement). • Possibility of placing reliance on internal controls – if we conclude that the internal controls of the client are strong and if they use a computerised system – their system is compatible with our audit software to be used in conducting the audit. • Desirability of placing reliance on internal controls – placing reliance on internal controls is desirable as there is less time spent on testing “working” controls than doing tests of detail and analytical procedures (Substantive Procedures). If the environment is computerised, as auditors we may even use our audit software to perform certain computer-based testing! CAATs (computer-assisted audit tools/techniques) can be used by the auditor to assist him or her to perform audit procedures. You utilise your audit software to make things easier. Think of an audit client that has a highly 7 | Page

computerised environment. Revenue is a product of sophisticated calculations by the system that the client uses. There is basically no other way to test this Revenue other than “testing” the system – and if the system is good and reliable from your “tests” then you are happy to conclude that Revenue is “free” from material misstatement (reduced risk!). In asking yourself, can you perform test of controls to audit revenue, you reflect as follows: o Is it Necessary? (no alternative?) o Is it Possible? o Is it Desirable to do so?

4.

The SUBSTANTIVE PROCEDURES

Consist of: • Analytical Procedures • Test of detail Substantive procedures are specifically designed by the Auditor to detect the risk of material misstatement at the assertion level. They directly test whether an amount or assertion (on classes of transactions, account balances and disclosures) is free from material misstatement. Think of Test of Controls – these were indirectly testing the assertions by testing the controls which give rise to the transactions, balances and disclosures. The nature of substantive procedures ( Analytical? or Test of detail?) depends on the detection risk for each assertion. In simple terms, you use a different nature of the substantive procedure depending on the situation at hand! Test of detail are detailed – they drill down to the issue! While Analytical substantive procedures are “superficial”. They are most suitable in situations where tests of controls have indicated that internal controls are effective. You cannot use “superficial” procedures where the controls are weak! How do Analytical Audit Procedures work and what do they look like? They use comparisons and analyses relationships among financial and nonfinancial data to assess whether account balances, and totals of classes of transactions appear reasonable in comparison to the expectations of the auditor. 8 | Page

For a moment, consider that our audit client (Company A) has a simple business model of producing office desks and cabinets . These are assembled from the “already-prepared” wood that it buys from Company B. Company A has one client (a furniture shop that buys directly from our client) which places monthly orders in constant quantities throughout the year. How do we audit the Revenue for our client? Can we agree that if all things and other factors are constant, Revenue can be expected (by the auditor) to at least be: • Month 1 revenue x 12 months = R’xxxxx (Annual revenue). Of course the amount in Month 1 will have increased by the “agreed price growth rate” from Month 12 of the previous year. The above is the auditor’s expectation which can now be compared to the actual revenue per client’s accounting records (Journals, General Ledger, Trial balance and AFS). While the two amounts (auditor expectation and client actual revenue) will never be 100% the same, the auditor assesses whether the difference is reasonable. Can you note that there is less work that has been done by the auditor in the above example (the test is rather done at high level and did not drill deep into the detail). However, the substantive test of detail would have included: • Inspecting a sample of contracts that have been entered into with the customer • Inspecting the contracts for the details (such as amount agreed on, the invoicing terms and terms and conditions on delivery of the order) • Recalculating the amounts (on invoices etc) • So on …

Note also that, the analytical substantive procedures cannot work alone, they are used hand-in-hand with the substantive test of detail procedures. For example, substantive procedures which are detailed in nature would have been performed on Month 1’s revenue (inspecting contracts, invoices, performing recalculations, inquiring with management etc), once we are happy about the “tested” month 1, we are able to create an expectation for the rest of the year!

9 | Page

Other areas where analytical review procedures may be applied: • Property rental (testing revenue include lease contracts, month to month comparisons, rental increase rates/ clauses, square meter-based charges can be used to create overall square meter revenue, occupancy levels etc) • Testing Revenue: Royalty which is calculated as a % of another figure! • Water + Electricity charges – expectations can be created considering month-to-month comparisons, usage on buildings, industry/ municipal growth/ increase rates, production levels etc • Testing depreciation calculation can be based on opening balances (book values) for the year, considering additions and disposals during the year). The point to note is that Analytical Procedures have their place and time, and cannot be used as a means to avoid Test of detail! To fully understand the material to this lecture week - more time should be spent on doing the actual questions after going through the theory…however the theoretical guide provided by these notes should help you to learn this section with ease.

10 | Page

5.

Class Examples

Please do Class Example Question 2 of Chapter 13 , and Question 1 in the same Chapter, as the lecture examples for this lecture. Please note that these activities have been scanned and included in Appendix A, for this who do not have their questions book with them. The suggested solutions to these activities have also been included in this same appendix. 6.

Objective Test

Will be uploaded on Blackboard by Monday morning, 27th July 2020.

7. Tutorial Activities Please do the following tutorial activities to enhance your understanding of the concept of Audit Procedures, specifically for Revenue. Physically attempt the activities, then mark yourself using the provided suggested solution. Spend some time reflecting on the issued that you had missed on your attempt, and also those that you had written but were not in the solution. Tutorial Activities: # Reference

1

Graded Questions:

Chapter 6: Q Q14 14

Question from other sources: 2 WSU Test III _2018; Q1 3

4

Graded Questions:

Chapter 13: Q5

Graded Questions:

Chap Chapter ter 13: Q6

Topic

Revenue

Sub-topic Risks Note: For each risk, also indicate whether it is a risk of material misstatement or a business/operational risk.

Marks

30

Revenue

Risks of Material Misstatements

12

Substantive Procedures

Test of Control vs Substantive Procedures

16

Substantive Procedures

Substantive Procedures: Revenue

20

These tutorial exercises have been scanned and are included in Appendix B, a separate document. The suggested solution to these tutorial activities will be provided separately, in Appendix C , and will be available on Blackboard on Monday, 27 July 2020. 11 | Page

...