TOPIC 12: PART 1 WAYS OF GATHERING AUDIT EVIDENCE ISA 500 is the relevant auditing standard fr audit evidence. 7 basic ways fr the auditr t gather audit evidence thrughut the audit prcess: 1. Observatin (lk at a prcess) 2. Analytical Review (cmparisn f data with previus year, budget, industry standards) 3. Reperfrmance (auditr executing cntrls that were riginally perfrmed as part f the entitys internal cntrl)/recalculatin (checking the mathematical accuracy f dcuments r recrds) 4. Inspectin f Dcumentatin 5. Cnfirmatins (i.e. ask smene utside/inside the cmpany) 6. Enquiry (i.e. ask smene inside the cmpany) 7. Inspectin f Assets (including the accunting system itself) Memry Aid: OAR ICE I SOURCES OF EVIDENCE There are many surces f audit evidence, and the precise list will depend n the bjective being tested, and the nature f the client. Hwever, a useful list f typical surces is: The accunting system Underlying dcumentatin Tangible assets Management and emplyees Third Parties (experts?) Custmers Suppliers Slicitrs Valuers Insurers 1
SUFFICIENT & APPROPRIATE AUDIT EVIDENCE The auditr is bliged t gather sufficient apprpriate evidence t supprt their Audit pinin. (ISA 500 Audit Evidence). Audit Evidence Sufficient Apprpriate Sufficiency Apprpriateness Quantity f Audit Evidence Quality/Reliability f Audit Evidence Sme general principles n apprpriateness/reliability: Original dcuments better than cpies If pssible, auditr-generated (rather than client-generated) Frm 3rd Party where pssible (rather than client) Written better than ral Hence, a written statement frm a custmer (frm 3 rd Party) f their agreement f a balance wing, sent t the auditr direct, is very reliable evidence s lng as the auditr is assured that the custmer is themselves reliable. Als, nte that where the auditr has t rely n a directr s representatin, it will be dcumented in the Letter f Representatin/Written representatin (ISA 580) Auditrs shuld evaluate the verall quality f the evidence they have cllected. T decide whether sufficient apprpriate evidence has been cllected: Evidence is less useful if it cntradicts ther evidence btained n the same matter Riskier areas are likely t demand mre cnclusive evidence Mre material areas (e.g. inventry) are likely t demand mre cnclusive evidence. Previus experience f the auditr will help the assessment The mre reliable the evidence, the less is needed N single surce f evidence is ever cnclusive and at best adds t the auditrs cnfidence in the accuracy/validity f the item under review 2
ANALYTICAL PROCEDURES Analytical Prcedures as Substantive Prcedures. As nted abve, there are 7 basic frms f audit test. Mst are cnsidered tests f detail f transactins r balances. Hwever, analytical prcedures are nt tests f detail: Analytical Prcedures can be cnsidered a mre glbal apprach t substantive testing. Instead f selecting a sample f transactins r balances that make up the verall figures in the Accunts, the verall figure itself can be analysed fr accuracy using varius techniques. Analytical Prcedures invlve the analysis f relatinships between: Balances within the Accunts Balances in the Accunts with ther internal data Balances in the Accunts with ther external data Specific examples culd include: Mnitring the trend in key ratis ver time Cmparing key ratis with similar cmpanies r with industry averages Cmparing balances with ther knwn infrmatin Cmparing the results f an entity ver time (trend analysis) Cmparing the results f an entity with an industry average Cmparing actual results with auditr generated frecasts. The apprach t analytical prcedures is: Identify relatinships between data, ensuring they are fully understd Develp expectatin f balance in the Accunts Cmpare expectatin t actual balance Seek explanatins fr material differences Factrs that will affect the use f analytical prcedures: Strength f relatinships Reliability f the data being used in the analysis Depth f knwledge auditr has f client Makes analytical prcedures difficult fr new clients!! Nature f the cmpany A cmpany with many similar divisins (e.g. a chain f shps) prvides great scpe fr cmparisn f data Cmparisn f data is ne f the general types f internal cntrl prcedure (Budget v Actual). In ther wrds, many cmpanies will be ding their wn regular analytical prcedures themselves. 3
It may be pssible fr the external auditr t rely n the analysis carried ut by the cmpany..but this will depend n the reliability f thse wh did the wrk. Fr example, we culd get evidence as t the accuracy f the current year Payrll expense in the Statement f Prfit r Lss by: a. Cmparing the figure with last year s figure, nting: Starters and leavers Any pay rises / tax changes during the year b. Cmparing payrll with ther related figures in the FS. This will depend n the specific cmpany, but culd include: Turnver (especially if staff time is charged t clients) Prfit (especially if staff get prfit-related bnuses) Staff entertainment expenses (i.e. fr a given head cunt we shuld expect a cnsistent level f staff entertainment expenses) COMPUTER ASSISTED AUDIT TECHNIQUES (CAATs) The auditr will als need t cnsider whether it is apprpriate t use CAATs as part f the strategy fr btaining sufficient apprpriate audit evidence. Cmputer-assisted audit techniques (CAATs) invlve using a cmputer t perfrm audit wrk. Cmputers can be used t perfrm either substantive tests (tests f detail r substantive analytical prcedures) r tests f cntrls. Audit sftware is primarily used fr substantive prcedures, althugh it can als be used fr tests f cntrl. Client data is prcessed thugh the auditr s prgrams. These prgrams can, fr example: check additins (recast!); select high value, static, r negative transactins and balances, fr review; perfrm, r re-perfrm the ageing f a ledger; select samples fr further testing. The data can be dwnladed directly frm the client s system, r re-input int the auditr s system. Obviusly, the better the cmmunicatins between auditr and client systems, the mre efficient this prcess will be. Majr cnsideratins when deciding t use file interrgatin sftware are Auditrs will need t cnsider hw easy it is t transfer the client s data nt the auditrs PC Auditrs will require a basic understanding f data prcessing and the entity s cmputer applicatin, tgether with a detailed knwledge f the audit sftware and the cmputer files t be used. 4
By using audit sftware, the auditrs may scrutinise large vlumes f data and cncentrate skilled manual resurces n the investigatin f results, rather than n the extractin f infrmatin and selectin f samples. 2 main types f CAAT s are Embedded Audit Facilities and Test Data Embedded audit facilities Embedded audit facilities amunt t audit sftware that has been written int the client s system, t trap items as they are prcessed fr further testing at a later date. Tw example f Embedded Audit facilities are Integrated Test Facility (ITF) and Systems Cntrl and Review File (SCARF). Cnsists f cmputer prgrams used by the auditr, as part f his auditing prcedures, t prcess data f audit significance frm the entity's accunting system. Embedded audit facilities can be used t Read and extract data frm a client's system and prduce a reprt in a specified frmat Select infrmatin (eg a sample) Perfrm calculatins (eg casting) Print reprts in specified frmats Auditr will need t ensure that the data sent t the auditrs system, frm an Embedded Audit Facility is free frm hacking. Test data Used primarily t test the perating effectiveness f the internal cntrl activities f the client. Test data techniques are audit prcedures which enter data int an entity's cmputer system, and cmpare the results btained with pre-determined results. Test data is a fictitius set f test transactins which are input t the client's system in rder t determine whether the internal cntrls within the entity's cmputer systems have perated effectively thrughut the perid. This will require significant c-peratin frm the client, especially in terms f cmputer access time. A prblem with test data is that any resulting crruptin f the data files has t be crrected. This is difficult with mdern real time systems, which have built in cntrls t ensure that data entered cannt easily be remved withut leaving a mark. A weakness f tests data is that it nly tests the peratin f the system at a single pint in time. 5