THE EPIC AC3101 ASSURANCE & AUDITING NOTES

PART I - INTRODUCTION TO ASSURANCE & F/S AUDITING

INTRODUCTION TO ASSURANCE AND F/S AUDITING

An engagement in which a practitioner expresses a conclusion designed to enhance the degree of confidence of the
Assurance

intended users other than the responsible party about the outcome of the evaluation or measurement of a subject
matter against criteria.
Auditing

A subset of assurance; a systematic process of objectively obtaining and evaluating evidence regarding assertions
about economic actions and events to ascertain the degree of correspondence between those assertions and
established criteria and; communicating the results to interested users.

Overview of the Principal-Agent Relationship Leading to the Demand for Auditing

The Principal-Agent Relationship

Level of Assurance

Reasonable Assurance Engagement – “ Audit “

Level of Assurance

Practitioner gathers sufficient appropriate evidence to enable him to express his conclusion in a positive form
E.g. “In our opinion, management’s assertions are fairly presented”

Limited Assurance Engagement – “ Review “

Practitioner gathers sufficient appropriate evidence to enable him to express his conclusion in a negative form
E.g. “ In our opinion, nothing has come to our attention that causes us to believe that management’s assertions are
not fairly presented”

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 1 © 2015-2017 | SAMUEL WYSTAN

 Types of Assurance

Assertion-Based Engagement

Evaluation or measurement of the subject matter is performed by the responsible party.

Types of Assurance

Subject matter info is made available to the intended users in the form of an assertion by responsible party.
E.g. F/S Audits, External Assurance on Sustainability Reporting

Direct Reporting Engagement

Practitioner either directly performs the evaluation or measurement of the subject matter, or obtains a
representation from the responsible party that has performed the evaluation or measurement that is not available
to the intended users.
Subject matter info is provided to the intended users in the assurance report
E.g. Compliance and Operational Audits (where no assertions are made by the responsible party to intended users)

Overview of the Financial Statement Audit Process

Overview of the Financial Statement Audit Process

Audit Risk
Audit Risk

Audit Risk is the risk that the Auditor expresses an inappropriate audit opinion when the financial statements are
materially misstated.
To be covered later.
Audit Evidence

Audit Evidence

All the information used by the Auditor in arriving at the conclusions on which the audit opinion is based, and
includes the information contained in the accounting records underlying the financial statements and other
information.
To be covered later.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 2 © 2015-2017 | SAMUEL WYSTAN

 THE FINANCIAL STATEMENT AUDITING ENVIRONMENT
THE AUDITING PROFESSION

Profession
Profession

A disciplined group of individuals who adhere to high ethical standards and uphold themselves to, and are
accepted by, the public as possessing special knowledge and skills in a widely recognized, organized body of
learning derived from education and training at a high level, and who are prepared to exercise this knowledge and
these skills in the interest of others.

Characteristics of a Profession

[K] Skill based on theoretical Knowledge

Characteristics

[E] Extensive period of education

[T] Testing competency
[T] Institutionalized training or period of Internship
[L] Licensed Practitioners
[E] Work Autonomy Environment
[A] Professional Associations
[C] Code of Ethics

Some Auditing-Related Professional Associations

Institute of Singapore Chartered The ISCA is the national professional body for accountants in
Accountants Singapore. It sets out to develop, support and enhance the
(ISCA) integrity, status and interests of the accountancy profession in
Formerly ICPAS Singapore.
Association of Chartered Certified ACCA is a leading international accountancy body. The ACCA
Accountants (ACCA) qualification is recognised and is treated in other countries as
being equivalent to their local qualification.
Other Countries Other professional bodies for different countries around the world
Professional Associations

American Institute of CPAs (AICPA)

Institute of Chartered Accountants in
England and Wales (ICAEW)
CPA Australia
The Institute of Internal Auditors (IIA) The IIA is recognized as the internal audit profession's leader in
certification, education, research, and technical guidance.
The International Organization of Supreme INTOSAI is a worldwide affiliation of governmental entities. Its
Audit Institutions (INTOSAI) members are the Chief Financial Controller/Comptroller
General/Auditor General Offices of nations.
Association of Certified Fraud Examiners ACFE is the world's largest anti-fraud organization and premier
(ACFE) provider of anti-fraud training and education. ACFE helps reduce
business fraud worldwide and inspire public confidence in the
integrity and objectivity within the profession.
Information Systems Audit and Control ISACA is a nonprofit, independent association that advocates for
Association (ISACA) professionals involved in information security, assurance, risk
management and governance. It engages in the development,
adoption and use of globally accepted, industry-leading knowledge
and practices for information systems.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 3 © 2015-2017 | SAMUEL WYSTAN

 REGULATION IN SINGAPORE

Difference between Certified Public Accountant and Chartered Accountant in Singapore?

Chartered Accountant of Singapore (CA(Singapore))

The Chartered Accountant of Singapore (CA (Singapore)) title is protected under the Singapore Accountancy
Commission (SAC) Act and the Singapore Qualification Programme (SQP).
SQP is a pathway to obtain the CA (Singapore) designation is owned by the SAC, a statutory board of the Singapore
Chartered Accountants

Government.
The SQP comprises 3 components, namely: academic base, professional programme and practical experience. To
attain the CA (Singapore) designation, Candidates will have to complete 3 years of relevant practical work
experience, under the supervision of an Approved Mentor, and with a Training Agreement at an Accredited
Training Organization (ATO)
The ISCA is also the Administrator of the SQP. ISCA works closely with the SAC in raising the profile of the SQP,
helping it to attain international recognition, and promote it as the educational pathway of choice for professional
accountants.

Certified Public Accountant

No longer used widely in Singapore because of the name change: An accountant - previously known as a CPA - will
now be called a Chartered Accountant of Singapore. All CPA Singapore holders will be automatically converted to
the CA Singapore designation in July 2013.

1. Government Regulation

Accounting and Corporate Regulatory Authority (ACRA) Singapore

Regulation in Singapore

National regulator of business entities and public accountants in Singapore and plays the role of facilitator for their
development.
ACRA undertakes the oversight of issuance of Singapore Standards of Auditing.

2. Self Regulation by the Professional Association (i.e. ISCA)

Institute of Singapore Chartered Accountants

ISCA’s Auditing and Assurance Standards Committee (AASC) manages the due process of localizing the standards
issued by ACRA.

REGULATION IN USA

Sarbanes-Oxley Act (SOX) is a legislation passed by the U.S. Congress to protect shareholders and the general
SOX

public from accounting errors and fraudulent practices in the enterprise, as well as improve the accuracy of
corporate disclosures.

Securities and Exchange Commission (SEC)

The government agency that regulates disclosure of information for an initial public offering of securities and on-
going reporting by companies whose securities are listed and traded on a US stock exchange.
Oversees the Public Company Accounting Oversight Board (PCAOB):
Regulation in USA

o The PCAOB is a nonprofit corporation established by Congress through the Sarbanes-Oxley Act (2002) to
oversee the audits of public companies in order to protect the interests of investors and further the public
interest in the preparation of informative, accurate and independent audit reports.
o The PCAOB also oversees the audits of broker-dealers, including compliance reports filed pursuant to federal
securities laws, to promote investor protection.

Financial Accounting Standards Board (FASB)

A privately-funded, independent board consisting of accounting professionals who establish and communicate
standards of financial accounting and reporting in the United States. FASB standards, known as Generally
Accepted Accounting Principles (US GAAP), govern the preparation of corporate financial reports and are
recognized as authoritative by the SEC.
EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 4 © 2015-2017 | SAMUEL WYSTAN
 INTERNATIONAL STANDARDS AND ORGANIZATIONS

International Standards and Organizations

International IFAC is the global organization for the accountancy profession. It establishes international
Federation of standards on ethics, auditing and assurance, accounting education, and public sector
Accountants (IFAC) accounting through its independent standard-setting boards:

International Auditing and IAASB is the board (funded by IFAC) that develops and
Assurance Standards Board issues standards:
(IAASB)
International Standards of Auditing (ISAs) are
professional standards for the performance of
financial auditing of financial information.
International Standards on Review Engagements
(ISRE) apply in the review of historical financial
information.
International Standards on Assurance Engagements
(ISAE) apply in assurance engagements other than
audits or reviews of historical financial information.
International Standards and Organizations

International Standards on Related Services (ISRS)

apply to compilation engagements and engagements
to apply agreed upon procedures to financial
information.
International Standards on Quality Control (ISQC)
apply for all the engagement standards (ISA, ISRE,
ISAE, ISRS)
International Ethics IESBA develops and issues ethical standards and guidance
Standards Board for for use by professional accountants:
Accountants (IESBA) The Code of Ethics for Professional Accountants
International Public Sector IPSAS develops and issues standards for use by public
Accounting Standards Board sector entities around the world in the preparation of
(IPSAS) financial statements.
International Accounting IAESB develops and issues standards in the area of
Education Standards Board professional accounting education that prescribe technical
(IAESB) competence and professional skills, values, ethics, and
attitudes.

To ensure the activities of the IFAC and the independent boards are responsive to public
interest, an international Public Interest Oversight Board (PIOB) was established to
oversee the standard-setting process:
Public Interest PIOB is an international body that oversees the IFAC and seeks to improve the quality
Oversight Board and public interest focus of the IFAC standards in areas of Audit, education and ethics.
(PIOB) Members of PIOB are nominated by regulators and related organizations.
Before a standard is finalized, the PIOB must approve that the standard-setting has
followed a due process, including that the standard-setting was sufficiently responsive
to the needs and perceptions of various stakeholders.
International IASB is an independent, privately-funded accounting standard-setter that is responsible
Accounting for the development and publication of International Financial Reporting Standards
Standards Board (IFRS) and for approving interpretations of IFRS.
(IASB) Their predecessor is the International Accounting Standards Committee (IASC) and
supersedes their old International Accounting Standards (IAS).

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 5 © 2015-2017 | SAMUEL WYSTAN

 MANDATORY AUDIT REQUIREMENTS IN SINGAPORE

Mandatory Audit in Singapore

Mandatory Audit in SG

Companies Act, Section 201:

Directors of every Company to present at AGM audited profit/loss account and balance sheet that comply with
the requirements of the Accounting Standards and give a true and fair view of the profit and loss and state of
affairs of the Company respectively
Holding Companies to present audited balance sheet of the holding Company and Consolidated profit/loss
account and balance sheet.

Exemption from Audit

Companies Act, Section 205B/C:

A Company is exempt from Audit requirements (above) if it is:

o Dormant (at the time of formation or since the previous financial year)
o An Exempt Private Company (<20 shareholders and no corporate shareholders) with revenue not exceeding
Audit Exemption

the prescribed amount (defined in Regulation 89A of Companies Regulations) of $5,000,000 for financial year
starting on/after 1 June 2004.

[*] Proposed Change to the Small Company criteria

A Small Company is defined as private company that fulfills 2 of 3 criteria

1. Total Annual Revenue of not more than 10 million

2. Total Gross Assets of not more than 10 million

3. No. of employees not more than 50

The above includes subsidiaries; therefore have to do Consolidation first.

Objective and Scope of Financial Statement Audit

Objective/Scope

Singapore Standards on Auditing (SSA) 200:

To enhance the degree of confidence of intended users in the financial statements

Through the express of an opinion by the Auditor on whether the financial statements are presented fairly, in all
material respects, or give a true and fair view in accordance with an applicable financial reporting framework
By obtaining reasonable assurance about whether the financial statements as a whole are free from material
misstatement, whether due to fraud or error.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 6 © 2015-2017 | SAMUEL WYSTAN

 SOCEITY’S EXPECTATIONS AND THE AUDITOR’S RESPONSIBILITIES

Audit Expectation Gap

The difference between the actual and expected performance of an Auditor, also defined as ‘the difference
between what the public and financial statement users believe Auditors are responsible for and what Auditors
themselves believe their responsibilities are’.
Some measures that the profession has taken to narrow the Audit Expectation Gap: Education (e.g. more
information), Improving Auditing Standards
The Audit Expectation Gap

Professional Judgment
Profession

The Auditor, within the context provided by auditing and ethical standards, should apply relevant training,
knowledge and experience in making informed decisions during the Audit.

Professional Skepticism

An attitude that includes a questioning mind and a critical assessment of Audit evidence.

JUDGMENT IN AUDITS

Role and Importance of Judgment in Audits

Judgment in Auditing

Auditor needs to exercise judgment throughout the Audit, such as:

o Client Acceptance and Continuance
o Setting of Audit Fees
o Determining Materiality Level
o Assessing Audit Risks
o Designing Audit Strategy and Plan
o Evaluating Audit Evidence
o Determining Audit Opinion

Impairment of Judgments
Impairment of Judgment

Auditor's Judgment could be impaired by:

o Motivational Biases resulting from Threats to Fundamental Principles (to be covered later)
(i.e. Self-Interest, Self-Review, Advocacy, Familiarity, Intimidation)

o Cognitive Biases resulting from the use of Heuristics such as

– Framing (how a question is phrased)
– Availability (ease of retrieval from memory)
– Representativeness (use of stereotypes)
– Anchoring and Adjustment
– Confirmation

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 7 © 2015-2017 | SAMUEL WYSTAN

 Framing

Frames are mental structures that we use, usually subconsciously, to simplify, organize and guide our
understanding of a situation.
They shape our perspectives and determine the information that we will see as relevant or irrelevant, important or
unimportant. Frames are necessary and helpful, but the problem is that we often are not aware of the perspective
or frame we are using.

Availability

Availability Heuristic is the tendency for decision-makers to consider information that is easily retrievable from
memory as being more likely, more relevant and more important for a judgment.
The information that is most ‘available’ to our memory may unduly influence estimates, probability assessments
and other professional judgments.
E.g. Having just encountered a client involved in Fraud/misappropriation of cash, an Auditor pays disproportionate
attention in the Audit of Cash in the current engagement

Confirmation
Cognitive Biases

Confirmation is the tendency for decision-makers to seek for and give more weight to information that is
consistent with their initial beliefs or preferences.
After receiving confirmatory evidence, decision-makers often are confident that they have/will be able to find
adequate evidence to support their belief.
E.g. Auditors tend to be prone to over-relying on management’s explanation for a significant difference between
the Auditor's Expectation and Management’s Recorded Values, even when the client’s explanation is inadequate.

Representativeness

Representativeness Heuristic is the tendency for decision-makers to compare information to their mental
prototypes (i.e. stereotypes)
E.g. Having known the Management are highly-learned people with MBA educational background from top
business schools, an Auditor concludes that Fraud Risk factor is low
E.g. Believing that the internal controls should be working well, an Auditor disregards his ad-hoc observations that
there were lacking in segregation of duties on certain occasions in the purchasing function.

Anchoring and Adjustment

Anchoring is the tendency for decision-makers to make assessments by starting from an initial numerical value and
then to adjust insufficiently away from that value in forming a final judgment.
E.g. Management’s estimate/unaudited account balance can serve as an Anchor. The Auditor is charged with
objectively assessing the fairness of an account balance.
E.g. When setting preliminary materiality at the planning phase, the Auditor apply a rate of 10% on PBT (the same
basis used as in the previous year’s Audit), even though there are significant increase in the business risks.

Ways to Counter Cognitive Biases

Decision aids (e.g. Checklists)

Awareness training
Breakdown complex tasks into smaller tasks (e.g. Nature of Business/Products, Inherent Risks, Internal Controls)
Develop alternative explanations
Justification of decisions
Group decision-making

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 8 © 2015-2017 | SAMUEL WYSTAN

 MISSTATEMENTS

Misstatement

SSA 200: A difference between the amount, classification, presentation, or disclosure of a reported financial
statement item and that required for it to be in accordance with the applicable financial reporting framework
Can arise from either errors or frauds and can be either immaterial, material OR material and pervasive.

Material Misstatements
Misstatement

SSA 320(2): Misstatements, including omissions, are considered to be material if they, individually or in aggregate,
could reasonably be expected to influence the economic decisions of users taken on the basis of the financial
statements.
Judgments about materiality are made in light of surrounding circumstances, and are affected by the size or nature
of a misstatement, or a combination of both.

Pervasive Misstatements

Misstatements so serious and severe that they are not confined to specific elements, accounts or items of the
financial statements.
Or, if they are confined, they represent or could represent a substantial proportion of the financial statements.
Or, in relation to disclosures, are fundamental to user’s understanding of the financial statements.

QUALITY OF AUDIT / AUDIT FAILURE

In A Framework for Audit Quality by the IAASB, they adopt the view that a quality Audit is likely to be achieved
when the Auditor’s opinion on the financial statements can be relied upon as it was based on sufficient
Quality of Audit

appropriate Audit evidence obtained by an engagement team that:

o Exhibited appropriate values, ethics and attitudes;
o Was sufficiently knowledgeable and experienced and had sufficient time allocated to perform the Audit work;
o Applied a rigorous Audit process and quality control procedures;
o Provided valuable and timely reports; and
o Interacted appropriately with a variety of different stakeholders
Audit Failure may arise in the event of poor Audit Quality.

Audit Failure

Causes of Audit Failure can be due to: Lack of Competence, Lack of Due Care, Lack of Experience, Laziness, Self-
Rationalization, Lack of Integrity, Lack of Objectivity, Conflicts of Interest

Outcome-Based Examples:

The financial statements are found to be materially misstated after the Auditor has issued an Unqualified Audit
Opinion.
The company goes bankrupt in less than 12 months after financial year end, but the Auditors’ report did not
Audit Failure

highlight any going-concern uncertainty when in fact there were several that existed.

Process-Based Examples:

Auditors found to have close relationship with client

Auditors issued an Unqualified Audit Opinion without obtaining sufficient appropriate evidence.

Consequences of Audit Failure

For the Profession:
For Auditors/Audit Firms: o Loss of Confidence and Trust by Society
o Legal Liability
o Loss of Reputation and Future Business
o Disciplinary Actions by Regulators

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 9 © 2015-2017 | SAMUEL WYSTAN

 QUALITY CONTROLS OVER AUDIT FIRMS & ENGAGEMENTS

SSA 220: Quality Control for an Audit of Financial Statements (Engagement Specific)
Quality of Audit

Addresses quality control for the Engagement Team. It requires Engagement Teams to implement quality controls
procedures for every Audit.

Singapore Standard on Quality Control (SSQC) 1:

Addresses a firm’s system of quality control to provide reasonable assurance that the firm and personnel comply
with professional standards and applicable legal and regulatory requirements and compliance with those policies.

Code of Ethics (ACRA and IFAC/IESBA)

Establishes fundamental principles

Provides a conceptual framework to comply with those principles, which requires auditors to:
Code of Ethics

o Identify threats (circumstances or relationships) that may compromise one’s ability to comply with
fundamental principles
o Evaluate the significance of the threats identified
o Apply safeguards (actions or measures), where necessary, to eliminate or reduce threats to an acceptable
level (based on what a reasonable and informed third party would likely conclude)
o If no appropriate safeguards are available, eliminate the circumstance or relationship creating the threats, or
decline or terminate the Audit engagement.
For the purpose of AC3101, we will make reference to IFAC/IESBA Code. Singapore’s Code is ‘backdated’.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 10 © 2015-2017 | SAMUEL WYSTAN

 IESBA CODE OF ETHICS FOR PROFESSIONAL ACCOUNTANTS

Organization and Content of IESBA 2013

Part A: General Application of the Code

Section 100 Introduction and Fundamental Principles

Section 110 Integrity
Section 120 Objectivity
Section 130 Professional Competence and Due Care
Section 140 Confidentiality
Section 150 Professional Behaviour
Content of IESBA Code of Ethics

Part B: Professional Accountants in Public Practice

Section 200 Introduction

Section 210 Professional Appointment
Section 220 Conflicts of Interest
Section 230 Second Opinions
Section 240 Fees and Other Types of Remuneration
Section 250 Marketing Professional Services
Section 260 Gifts and Hospitality
Section 270 Custody of Clients Assets
Section 280 Objectivity – All Services
Section 290 Independence – Audit and Review Engagements
Section 291 Independence – Other Assurance Engagements

Part C: Professional Accountants in Business

Section 300 Introduction

Section 310 Conflicts of Interest
Section 320 Preparation and Reporting of Information
Section 330 Acting with Sufficient Expertise
Section 340 Financial Interests, Compensation and Incentives Linked to Financial Reporting and Decision Making
Section 350 Inducements

Fundamental Principles
Fundamental
Principles

Integrity: Straightforwardness and honesty in dealings

Objectivity: Do not compromise judgment due to bias, conflict of interest, undue influence
Professional Competence / Due Care: Exercise sound judgments and observe standards
Confidentiality: Respects the value and ownership of information and do not disclose client’s confidential info
Professional Behaviour: Comply with laws and regulations, avoid any action that brings discredit to profession

Section 290: Independence – Audit and Review Engagements

290.6a Independence of Mind

The state of mind that permits the expression of a conclusion without being affected by influences that
Independence

compromise professional judgment, thereby allowing an individual to act with integrity and exercise objectivity
and professional skepticism.

290.6b Independence in Appearance

The avoidance of facts and circumstances that are so significant that a reasonable and informed third party would
be likely to conclude, weighing all the specific facts and circumstances, that a firm’s, or a member of the audit
team’s, integrity, objectivity or professional skepticism has been compromised.

Refer to Page 42 of IESBA for Table of Contents of all Independence-Related situations

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 11 © 2015-2017 | SAMUEL WYSTAN

 Threats to Fundamental Principles

A circumstance or relationship may create more than one threat, and a threat may affect compliance with more
than one fundamental principle. Memory Tip: Si.r. A.f.i.”
(a) Self-Interest Threat – the threat that a financial or other interest will inappropriately influence the professional
accountant’s judgment or behavior; Examples

A member of the assurance team having a direct financial interest in the assurance client.
A firm having undue dependence on total fees from a client.
A member of the assurance team having a significant close business relationship with an assurance client.
A firm being concerned about the possibility of losing a significant client.
A member of the audit team entering into employment negotiations with the audit client.
A firm entering into a contingent fee arrangement relating to an assurance engagement.
A professional accountant discovering a significant error when evaluating the results of a previous professional
service performed by a member of his own firm.

(b) Self-Review Threat – the threat that a professional accountant will not appropriately evaluate the results of a
previous judgment made or service performed by himself, or by another individual within his firm or employing
organization, on which he will rely when forming a judgment as part of providing a current service;

A firm issuing an assurance report on the effectiveness of the operation of financial systems after designing or
implementing the systems.
A firm having prepared the original data used to generate records that are the subject matter of the assurance
Threats to Fundamental Principles

engagement.
A member of the assurance team being, or having recently been, a director or officer of the client.
A member of the assurance team being, or having recently been, employed by the client in a position to exert
significant influence over the subject matter of the engagement.
The firm performing a service for an assurance client that directly affects the subject matter information of the
assurance engagement.

(c) Advocacy Threat – the threat of promoting a client’s or employer’s position till his objectivity is compromised;

The client or firm promoting shares in an audit client.

A professional accountant acting as an advocate on behalf of his client in litigation or disputes with third parties.

(d) Familiarity Threat ─ the threat that due to a long or close relationship with a client or employer, a professional
accountant will be too sympathetic to their interests or too accepting of their work;

Senior personnel having a long association with the assurance client.

A member of the engagement team having a close family member who is a director or officer of the client.
A member of the engagement team having a close or immediate family member who is an employee of the client
who is in a position to exert significant influence over the subject matter of the engagement.
A director or officer of the client or an employee in a position to exert significant influence over the subject matter
of the engagement having recently served as the engagement partner.
Accepting gifts or preferential treatment from a client, unless the value is trivial or inconsequential.

(e) Intimidation Threat – the threat that a professional accountant will be deterred from acting objectively because of
actual or perceived pressures, including attempts to exercise undue influence over the professional accountant.

A firm being threatened with dismissal from a client engagement.

An audit client indicating that it will not award a planned non- assurance contract to the firm if the firm continues
to disagree with the client’s accounting treatment for a particular transaction.
A firm being threatened with litigation by the client.
A firm being pressured to reduce inappropriately the extent of work performed in order to reduce fees.
A professional accountant feeling pressured to agree with the judgment of a client employee because the employee
has more expertise on the matter in question.
A professional accountant being informed by his Audit Partner that a planned promotion will not occur unless he
agrees with an audit client’s inappropriate accounting treatment.
Client CFO happens to be your ex-Partner in the firm.
EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 12 © 2015-2017 | SAMUEL WYSTAN
 ACRA/IFAC Independence and the Conceptual Framework Approach
The Approach

Step 1: Identify Threats to Independence

Step 2: Evaluate the significance of the threats identified.
Step 3: Apply Safeguards, when necessary, to eliminate the threats or reduce them to an acceptable level.

If the Practitioner determines that appropriate Safeguards are not available/cannot be applied to eliminate the threat
or reduce them to an acceptable level, then he shall eliminate the circumstance/relationship creating the threats, or
decline or terminate the Audit Engagement.

Safeguards

1. Created by Profession, Legislation or Regulation

Educational, training and experience requirements for entry into the profession.
Continuing professional development requirements.
Corporate governance regulations.
Professional standards.
Professional or regulatory monitoring and disciplinary procedures.

2. Created in the Work Environment

a. Firm-Wide Safeguards

Leadership of the firm that stresses the importance of compliance with the fundamental principles.
Leadership of the firm that establishes the expectation that assurance team will act in the public interest.
Policies and procedures to implement and monitor quality control of engagements.
Documented policies regarding the need to identify threats to compliance with the fundamental principles,
evaluate the significance of those threats, and apply safeguards to eliminate or reduce the threats to an acceptable
level or, when appropriate safeguards are not available or cannot be applied, terminate or decline the relevant
engagement.
Documented internal policies and procedures requiring compliance with the fundamental principles.
Safeguards

Policies and procedures that will enable the identification of interests or relationships between the firm or members
of engagement teams and clients.
Policies and procedures to monitor and, if necessary, manage the reliance on revenue received from a single client.
Using different partners and engagement teams with separate reporting lines for the provision of non-assurance
services to an assurance client.
Policies and procedures to prohibit individuals who are not members of an engagement team from inappropriately
influencing the outcome of the engagement.
Timely communication of a firm’s policies and procedures, including any changes to them, to all partners and
professional staff, and appropriate training and education on such policies and procedures.
Designating a member of senior management to be responsible for overseeing the adequate functioning of the
firm’s quality control system.
Advising partners/professional staff of assurance clients and related entities from which independence is required.
A disciplinary mechanism to promote compliance with policies and procedures.
Published policies and procedures to encourage and empower staff to communicate to senior levels within the firm
any issue relating to compliance with the fundamental principles that concerns them.

b. Engagement-Specific Safeguards

Having a professional accountant who was not involved with the assurance/non-assurance service review the
assurance/non-assurance work performed or otherwise advise as necessary.
Consulting an independent third party, such as a committee of independent directors, a professional regulatory
body or another professional accountant.
Discussing ethical issues with those charged with governance of the client.
Disclosing to those charged with governance of client the nature of services provided and extent of fees charged.
Involving another firm to perform or re-perform part of the engagement.
Rotating senior assurance team personnel.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 13 © 2015-2017 | SAMUEL WYSTAN

 PART II – THE AUDIT PROCESS
OVERVIEW OF THE AUDIT PROCESS

The Audit Process

Stage 0: Understanding of Client & Environment

Stage 1: Client Acceptance & Continuance

Stage 2: Preliminary Engagement Activity

2.1 Determining the Audit Engagement Team Requirements
2.2 Ensuring that the Audit Team / Firm are in compliance with Ethical and
Independence Requirements
2.3 Establishing an Understanding with the Entity

Stage 3: Plan the Audit

3.1 Overall Audit Strategy and Plan
3.2 Supervision of the Audit
3.3 Consider Typs of Audit Tests
3.4 Determine Materiality
3.5 Auditor's Risk Assessment / Audit Risk Model
3.6 Consider Management Assertions
3.7 Plan for Gathering Audit Evidence

Stage 4: Consider Internal Controls

4.1 Obtain understanding of Internal Controls
The Audit Process

4.2 Assess Control Risks and Decide whether to rely on Controls

4.3 For Reliance Strategy – Plan and Perform Test of Controls
4.4 For Reliance Strategy – Set Control Risks based on Test of Controls
4.5 Perform Substantive Procedures based on level of Control Risk
Spotlight on: Controls in a Computerized Environment
Spotlight on: Audit Sampling

Stage 5: Audit Business Processes & Related Accounts

5.1 Auditing the Revenue Process
5.2 Auditing the Purchasing Process
5.3 Auditing the Inventory Management Process
5.4 Auditing the Human Resource Process
5.5 Auditing the PPE Management Process
5.6 Auditing Investments
5.7 Auditing Intangible Assets and Goodwill
5.8 Auditing Prepaid Expenses
5.9 Auditing Long-Term Debt
5.10 Auditing Shareholders’ Equity
5.11 Auditing Cash

Stage 6: Complete the Audit

6.1 Review for Contingencies
6.2 Review for Commitments
6.3 Review for Subsequent Events
6.4 Final Evaluation of Audit Evidence
6.5 Communications with TCWG and Management

Stage 7: Evaluate Results and Issue Audit Report (Audit Opinion)

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 17 © 2015-2017 | SAMUEL WYSTAN

 STAGE 1: CLIENT ACCEPTANCE AND CONTINUANCE
CLIENT ACCEPTANCE / CONTINUANCE

Client Acceptance

SSA 220(A8) states that the following information assists the engagement partner in determining if the conclusions
Client Acceptance

reached regarding acceptance/ continuance of client relationships and Audit Engagements are appropriate:

The Integrity of the Principal Owners, Key Management and those charged with Governance of the entity
Whether the Engagement Team is Competent to perform the Audit Engagement and has the necessary
capabilities, including time and resources;
Whether the firm and the Engagement Team can comply with relevant ethical requirements; and
Significant matters that have arisen during the current or previous Audit Engagement, and their implications for
continuing the relationship.

Procedures for Evaluating a Prospective Client

1. Obtain and Review available financial information (Annual Reports, Interim Financial Statements, Income Tax
Procedures for Evaluating

Returns, etc.)
Prospective Client

2. Inquire of Third Parties (e.g. Client's Bankers, Lawyers, Credit Agencies, Business Community) regarding any
Information concerning the Integrity of the Prospective Client and its Management
3. Communicate with the predecessor Auditor about whether there were any disagreements about Accounting
Policies, Audit Procedures or similar significant matters.
4. Consider whether the Prospective Client has any circumstances that will require special attention or that may
represent unusual business or Audit risks, such as litigation or going-concern issues.
5. Determine if the firm is independent of the entity and able to provide the desired service.
6. Determine if the firm has the necessary technical skills/knowledge of the industry to complete the engagement.
7. Determine if acceptance of the entity would violate any applicable regulatory or ethical requirements such as
those in the IESBA Code of Ethics for Professional Accountants.

Client Continuance
Continuance
Client

Evaluate periodically whether to continue their relationship with current clients.

This evaluation may take place at or near the completion of an Audit or when some significant event occurs.
Consider: Any conflicts over accounting/auditing issues? Or Dispute over Fees?

STAGE 2: PRELIMINARY ENGAGEMENT ACTIVITIES

STAGE 2.1 DETERMINING THE AUDIT ENGAGEMENT TEAM REQUIREMENTS
Determine Team Req.

Audit firms need to ensure that their engagements are completed by Auditors having the proper degree of
technical training and proficiency given the circumstances of the entity.
Factors that should be considered in determining staffing requirements include:
o Engagement Size and Complexity
o Level of Risk (If high, maybe need more senior/experienced Auditors)
o Any Special Expertise Required (e.g. Banking/Insurance/Casino or Sophisticated IT processes)
o Personnel Availability
o Timing of Work to be performed
STAGE 2.2 ENSURING THAT THE AUDIT TEAM AND AUDIT FIRM ARE IN COMPLIANCE WITH
ETHICAL AND INDEPENDENCE REQUIREMENTS
Ensure Compliance

Auditing Standards require the Auditors comply with the profession’s ethical requirements, especially that of
Independence. The legal and regulatory requirements in the jurisdiction and the IESBA Code of Ethics prescribe the
relevant requirements.
At the Engagement Level, the Partner should ensure that all individuals assigned to the Engagement are
independent of the entity (review Annual Independence Reports in Database etc.)
Other examples include being Objective when evaluating activities developed by Consultancy branch of our firm,
not taking on a client until all prior year’s fees/AR are paid as it may impair Independence etc…

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 18 © 2015-2017 | SAMUEL WYSTAN

 STAGE 2.3 ESTABLISHING AN UNDERSTANDING WITH THE ENTITY

The Auditor should establish an understanding with the entity about the Terms of Engagement (documented in
the Engagement Letter). This understanding reduces the risk that either party may misinterpret what is expected
or required of the other party.
In establishing an understanding with the entity, three topics should be discussed:

1. The The Objective and Scope of the Audit

Engagement Auditor's Responsibilities and Limitations
Letter Management’s Responsibilities
Fees
Establish Understanding with Entity

Reporting
Additional things like arrangements involving the use of experts/internal Auditors, explanation
of the Auditor's responsibilities to communicate Audit matters of governance interest with
those charged with governance, additional services to be provided relating to regulatory
requirements, arrangements regarding other services (e.g. consulting, tax) etc…
2. Using the If the entity has a Internal Audit Function (IAF), Auditor may use their work as evidence and
Work of request IAF assistance in conducting the Audit (if direct assistance is not prohibited by
Internal law/regulation)
Auditors The Auditor first needs to obtain an understanding of the IAF, including information about the
activities that it performs and whether they are relevant to the Audit of financial statements.
The Auditor must evaluate:
o The extent to which the IAF’s organizational status and relevant policies and procedures
support the objectivity of the internal Auditors.
o The level of competence of the IAF
o Whether the IAF has a quality, systematic and disciplined approach.
3. The Role Can be Supervisory Boards (Two-tier Board Structure) or Board of Directors (Single Board
of Those Structure) or an Audit Committee (Large/Public Entities)
Charged Communicate with those charged with governance before the Engagement starts, to establish a
With communication process and discuss matters such as Auditor's Responsibilities, Significant
Governance Accounting Policies of the Entity, Overview of the planned Scope and Timing of the Audit and
Compliance matters etc.

Preconditions for an Audit

SSA 210.6b Auditor has to obtain the agreement from Management that it acknowledges and understands its
responsibility:

i. For the preparation of financial statements in accordance with the applicable financial reporting framework,
including where relevant their fair presentation
ii. For such internal control as management determines is necessary to enable the preparation of financial
statements that are free from material misstatement, whether due to fraud or error; and
Preconditions for Audit

iii. To provide the Auditor with:

a. Access to all information of which management is aware that is relevant to the preparation of the
financial statements such as records, documentations etc.
b. Additional information that the Auditor may request from Management for the purpose of the Audit;
c. Unrestricted Access to persons within the entity from whom the Auditor determines it necessary to
obtain Audit Evidence.

If Preconditions Not Met

SSA 210.8 states that if the preconditions for an Audit are not present, the Auditor shall discuss the matter with
Management. Unless required by law/regulation to do so, the Auditor shall not accept the proposed Audit
Engagement.

SSA 210.7 states that if management or those charged with governance impose a limitation on the scope of the
Auditor's work in terms of a proposed Audit Engagement such that the Auditor believes the limitation will result in the
Auditor Disclaiming an Opinion on the financial statements, the Auditor shall not accept such a limited engagement as
an Audit Engagement, unless required by law/regulation to do so.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 19 © 2015-2017 | SAMUEL WYSTAN

 STAGE 3: PLANNING THE AUDIT
STAGE 3.1 OVERALL AUDIT STRATEGY AND PLAN
Audit Strategy

Audit Strategy
and Plan

Engagement Planning involves all the issues that an Auditor should consider in developing an Overall Audit
Strategy for conducting the Audit, which will help in determining what resources are needed for the engagement.
Determine the Scope of the Engagement, Ascertain reporting objectives to plan the timing of the Audit, Consider
the factors that will determine the focus of the Engagement Team’s Efforts etc.

Audit Plan

The Audit Plan is more detailed than the Audit Strategy.

Audit Plan

In the Audit Plan, Auditor documents a description of Nature, Timing and Extent of the planned Audit Procedures
to be used in order to comply with Auditing Standards and to conduct the Audit effectively and efficiently.
Quintessentially, the Auditor should be guided by the results of the Entity Acceptance/Continuance Process,
Procedures performed to gain the understanding of the entity and the Preliminary Engagement Activities. The
Auditor should modify the overall Audit Strategy and Audit Plan as necessary if circumstances change significantly
during the course of the Audit.

Additional Steps that should be performed include:

Assess Business Risks

Additional Steps

Establish Materiality
Consider Multi-Locations/Business Units
Assess the need for Experts
Consider Non-Compliance with Laws and Regulations
Identify Related Parties
Consider Additional Value-Added Services
Document the Overall Audit Strategy and Audit Plan

STAGE 3.2 SUPERVISION OF THE AUDIT

Engagement Partner has the overall responsibility for the engagement and its performance and should supervise
the Audit Engagement Team so that the work is performed as directed and supports the conclusions reached.
Audit Strategy and Plan

Inform Engagement Team members of their responsibilities, including:

o Objectives of Procedures that they are to perform
o Nature, Timing, Extent of the Procedures they are to perform
o Matters that could affect the procedures to be performed or the evaluation of the results of those procedures
Direct Engagement Team members to bring any significant accounting/auditing issues that they identify to the
attention of the Engagement Partner so they can evaluate those issues and determine appropriate actions
Review the work of Engagement Team members to evaluate whether
o The work was performed and documented
o The objectives of the procedures were achieved
o The results of the work support the conclusions reached.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 21 © 2015-2017 | SAMUEL WYSTAN

 STAGE 3.3 CONSIDER TYPES OF AUDIT TESTS
A. RISK ASSESSMENT PROC EDURES

Used to obtain an understanding of the entity and its external/internal environment to access the risks of material
misstatement at the financial statement and relevant assertion levels.
Includes Inquiries of Management and Others, Preliminary Analytical Procedures, Observation, Inspection etc.
B. TEST OF CONTROLS

Used to test the operating effectiveness of controls in preventing, or detecting and correcting, material
misstatements at the relevant assertion level.
Includes Inquiries of Management and Others, Inspection of Documents, Observation of Application of Controls,
Types of Audit Tests

Walk-throughs (Tracing), Reperformance of Application of Controls by Auditors etc.

C. SUBSTANTIVE PROCED URES

Used to detect material misstatements at the relevant assertion level.

There are two Categories of Substantive Procedures:
a. Test of Details
There are two types of Test of Details:
i. Substantive Tests of Transactions: Test for errors/fraud in individual transactions.

ii. Tests of Details of Account Balances and Disclosures: Focus on items that are contained in the ending
financial statement account balances and disclosures.
b. Substantive Analytical Procedures
Analytical Procedures means evaluations of financial information through analysis of plausible relationships
(e.g. examination of trends and ratios) among both financial and non-financial data.
Analytical Procedures also encompass the investigation, if necessary, of identified fluctuations or relationships
that are inconsistent with other relevant information or that differ from expected values by a significant amt.

SPOTLIGHT ON: ANALYTICAL PROCEDURES

Preliminary Analytical Procedures: Used in the Risk Assessment to better understand the business and to plan the
Purposes

Nature, Timing, Extent of Audit Procedures to be used. SSA 315.6

Substantive Analytical Procedures: Used to obtain evidence about particular assertions related to account
balances or classes of transactions
Final Analytical Procedures: Used as an overall review of the financial information in the final review stage of the
Audit. SSA 520.6

Major Types of Analytical Procedures

1. Trend Analysis of changes in an account over time.
Analysis Simple trend analysis compares last year’s account balance (‘the expectation’) with the
(Evaluative) current balance.
Trend Analysis can also encompass multiple time periods and includes comparing recorded
trends with budget amounts and with competitor and industry information.
Types

2. Ratio Analysis Comparison, across time or benchmarks, of relationships between financial statement
(Evaluative) accounts (e.g. ROE) or between an account and non-financial data (e.g. sales per item)
Also includes ‘common-size analysis’, which is the conversion of financial statement
amounts into Percentages (%).
3. Development of a model to form an Expectation using financial data, non-financial data, or
Reasonableness both, or test account balances or changes in account balances between accounting periods.
Analysis (e.g. Depreciation exp can be modeled by taking book value/average useful life)
(Predictive)

Usefulness Depends On:

Usefulness

Assessed risk of material misstatement: Higher Risk Greater Reliance on Test of Details
Precision of Expectation , which is affected by:
o Degree of Disaggregation (e.g. by Period/Product Line)
o Predictability of Relationships (e.g. Recurring)
Availability of Relevant and Reliable Data (e.g. Industry Results, Non-Financial Information)

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 22 © 2015-2017 | SAMUEL WYSTAN

 STAGE 3.4 DETERMINE MATERIALITY

Materiality

SSA 320(2): Misstatements, including omissions, are considered to be material if they, individually or in the
aggregate, could reasonably be expected to influence the economic decisions of users taken on the basis of the
financial statements.
Materiality

Judgments about materiality are made in light of surrounding circumstances, and are affected by the size or nature
of a misstatement, or a combination of both.

SSA 320(A1): Materiality and Audit Risk are considered throughout the Audit, in particular when:
o Identifying and Assessing the Risks of Material Misstatement (SSA 315)
o Determining the Nature, Timing and Extent of further Audit Procedures. (SSA 330)
o Evaluating the effect of uncorrected misstatements, if any, on the financial statements and in forming the
opinion in the Auditor's Report (SSA 700)
STEP 1 (DURING THE AUDIT PLANNING STAGE): DETERMINE OVERALL MATERIALITY

SSA 320 (A3-4, A7, A13): Overall Materiality is the maximum amount by which the Auditor believes the financial
statements could be misstated and still not affect the decisions of users.
It may need to be revised as the Audit progresses due to changes in circumstance.
Auditing standards require the Auditor to establish a Materiality Amount for the financial statements as a whole
and for particular classes of transactions, account balances or disclosures.

Rules of Thumb for Planning Materiality

Benchmark Range of Percentages
Applied to Base Relative Advantages
Profit/(Loss) Before Tax 5 – 10 % Relevance
Total Assets 0.5 – 1 % Predictability / Stability
Total Revenues 0.5 – 1 % Stability
Total Equity 1–2% Stability

Deciding the Benchmark

Steps in Applying Materiality

o Difficulties also arise in using profit as a benchmark when the entity is close to breaking even or experiencing
a loss. Thus, with fluctuating profit, using an average of the prior 3-years profit or another base such as Total
Assets/Total Revenues may provide a more stable benchmark from year-to-year.
o For Non-Profit-Organizations, Total Revenues/Total Expenses might be more appropriate benchmarks. For
Asset-Based Entities (e.g. Investment Funds), Net Assets would be a more appropriate benchmark.

Deciding the %
o Lower the percentage (more strict; easier to exceed) if there is high risk of fraud; material misstatements in
prior years; entity close to violating a covenants in a loan agreement; entity operating in a highly volatile
environment; small amounts may cause the entity to miss forecasted revenue/earnings etc…
STEP 2 (DURING THE AUDIT PLANNING STAGE): DETERMINE PERFORMANCE MATERIALITY

SSA 320 (9, 11, A12) In practice, Auditors commonly set Performance Materiality (PM) for each account at
between 50 and 75% of Overall Materiality (OM). This results in total combined PM that is greater than OM so
most firms cap the size of Combined/Aggregated PM to a multiple of OM (e.g. 4 times)
This is because it is inefficient for the Auditor to simply subdivide Materiality proportionally to each account,
resulting in unnecessarily low PM levels. The lower the Performance Materiality, the more extensive the required
Audit Testing will be.

Deciding the %
In addition to those discussed in Overall Materiality, Lower the percentage if there is high risk of misstatement
within the account balance/class of transaction/disclosure; if there is increased number of accounting issues that
require significant judgment and/or more estimates with high estimation uncertainty; a history of significant
deficiencies and/or a high number of deficiencies in internal control; high turnover of senior management or key
financial reporting personnel.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 23 © 2015-2017 | SAMUEL WYSTAN

 STEP 3 (NEAR THE END OF AUDIT): EVALUATE AUDIT FINDINGS

SSA 450.11 The Auditor shall determine whether uncorrected misstatements are material, individually or in
aggregate, considering
Steps in Applying Materiality

o Size and Nature of the misstatements

o Particular circumstances of their occurrence
o Effect of uncorrected misstatements related to prior periods

SSA 450 The Auditor shall

o Accumulate misstatements identified during the Audit, other than those that are clearly trivial
o Evaluate if identified misstatements require revision to overall Audit Strategy and Audit Plan
o Communicate identified misstatements with management and request for correction
o Evaluate the effect of uncorrected misstatements on the FS (after updating materiality where necessary)
o Communicate uncorrected misstatements with those charged with governance (TCWG) and request for
correction
o Request written representation from management and TCWG that effects of uncorrected misstatements are
immaterial, individually and in aggregate, to the FS as a whole

Nature of Misstatements SSA 450:A3

Nature of Misstatements
Factual Misstatements About which there is no doubt
Judgmental Misstatements Related to Management’s selection or application of accounting policies or
Nature of Misstatements

judgments concerning accounting estimates that the Auditor considers

inappropriate or unreasonable.
Projected Misstatements Related to the Auditor's best estimate of misstatements based on projection of
identified misstatements from Audit samples to entire populations

Examples of Circumstances that may render a Misstatement Material SSA 450.A16

The extent to which the misstatement:

Affects compliance with regulatory requirements, debt covenants or other contractual requirements
Masks a change in earnings or other trends
Affects ratios used to evaluate the entity’s financial position, results of operations or cash flows
Affects significant segment information presented in the financial statements
Increases management compensation (e.g. by meeting bonus criteria)

Relationship Between Materiality and Audit Risk

Relationship Between Materiality and Audit Risk

The effect of setting Materiality limits at different levels on Audit Risk and Planned Audit Procedures.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 24 © 2015-2017 | SAMUEL WYSTAN

 STAGE 3.5 AUDITOR'S RISK ASSESSMENT (TO ASSESS RMM & SET DR IN AUDIT RISK MODEL)

Audit Risk is the risk that the Auditor expresses an inappropriate audit opinion when the financial statements are
materially misstated. (Issue an unmodified opinion on materially misstated financial statements)
o Audit Risk = Inherent Risk (IR) x Control Risk (CR) x Detection Risk (DR)
o Risk of Material Misstatements (RMM) = IR x CR

Inherent Risk (IR): The susceptibility of a Management Assertion (about a class of transactions, account balance or
disclosure) to a misstatement that could be material (either individually or when aggregated with other misstatements)
before consideration of any related or internal controls.

Control Risk (CR): The risk that a misstatement that could occur in a Management Assertion (about a class of
transactions, account balance or disclosure) and that could be material (individually or when aggregated with other
misstatements), will not be Prevented, or Detected and Corrected on a timely basis by the entity’s internal control.

Detection Risk (DR)

The risk that the procedures performed by the Auditor to reduce Audit Risk to an acceptably low level will not
Audit Risk

detect a misstatement that exists and that could be material (either individually or when aggregated with other
misstatements)
Relates to the Nature, Timing and Extent of Auditors' procedures determined by Auditors to reduce Audit Risk to
an acceptably low level. SSA 200
Is a function of the effectiveness of an Audit Procedure and its application by Auditors, which may be affected by
factors such as: Adequate Planning, Proper assignment of personnel to the engagement team, Application of
profession skepticism, Supervision and review of the Audit work performed.
Not possible to reduce to 0 because:
o Sampling Risk: Auditor will never examine 100% of the class of transactions/ account balances
o Non-Sampling Risk: Erroneous conclusion as a result of human error. Auditor might select an inappropriate
audit procedure / misapply the appropriate audit procedure / misinterpret the audit results / judgment bias
DR has an inverse relationship to IR x CR.
o If Auditor judges a client’s IR x CR to be high, he would set a lower DR in order to achieve the planned level of
Audit Risk and vice versa.
EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 25 © 2015-2017 | SAMUEL WYSTAN
 STEP 1 PERFORM PRELIMINARY RISK ASSESSMENT PROCEDURES

1. Inquiries of Management and Others

The Auditor obtains information about the entity and its environment through preliminary inquiry.
Entity Personnel (Internal Audit, Employees involved in initiating, processing or recording complex/unusual
transactions, In-house Legal Counsel, Production/Marketing/Sales)
Others Outside the Entity

2. Analytical Procedure
The Auditor conducts preliminary analytical procedures to evaluate financial information and analysis plausible
relationships between financial and non-financial data. These procedures assist the Auditor in understanding the
entity and its environment and identify areas that may represent specific risks relevant to the Audit.
Helpful in identifying unusual transactions or events, amounts, ratios and trends that might have implications for
Audit planning.
To be discussed in other chapter.

3. Observation or Inspection
Reading reports prepared by Management, TCWG, Internal Audit function
Visits to the entity’s premises and plant facilities
Read about industry development and trends, read the current year’s interim financial statements and review
regulatory or financial publications.
Preliminary observation of entity activities and operations.
Preliminary inspection of documents, records, internal control manuals

STEP 2 UNDERSTANDING THE ENTITY & ITS ENVIRONMENT

Auditor's Risk Assessment

The goal of this process is to assess the business risks faced by the entity and how those risks are controlled or not
controlled by the entity. (Refer to previous Diagram)
The Auditor's understanding of the entity and its environment includes knowledge about the following categories:

Client’s Business Risk

The risk resulting from significant conditions, events, circumstances, actions or inactions that could adversely
affect an entity’s ability to achieve its objectives and execute its strategies, or from the setting of inappropriate
objectives and strategies. SSA 315

Why assess Client’s Business Risk?

Business Risks include any external/internal factors, pressures, forces that bear on the entity’s ability to survive
and be profitable.
Hence, there are implications for the Auditor:
o Risk of Materiality Misstatement (Inherent and Control Risk)
o Auditor's Business Risk (Engagement Risk)
o Financial Statement Expectations
o Going-Concern Risks
o Value-added Advice and Services

SSA 315 (11): Auditor is required to obtain an understanding of the entity and its environment, including the
entity’s internal control:
o Relevant industry, regulatory and other external factors
o Nature of the entity, including its ownership and governance, operating, investing and financing activities
o Selection and application of accounting policies
o Objectives and strategies and those related business risks that may result in risks of misstatement
o Measurement and review of entity's financial performance

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 26 © 2015-2017 | SAMUEL WYSTAN

 Techniques for Assessing Business Risk
1. PESTLE Analysis
Political Government Stability Employment Law Trade Treaties
Taxation Laws Mergers Law Environmental Law
Industrial Policies Infrastructure Corruption / Wars
Economic Inflation Employment Disposable Income
Growth Rate Business Cycle Labor Costs
Trends
Social Demographics Income Distribution Level of Education
Attitude to Work/Leisure Cultural Norms Population Growth
Ethnic/Religious Factors Social Mobility
Technological New Developments Technological Transfer Technological
R&D Efforts Communications Obsolescence
Accessibility
Legal Law Enforcement Regional Laws Judiciary System
Patent Laws
Environmental Resource Management Energy Availability Workforce Health
Climate Change

2. Porter’s Five Forces

Auditor's Risk Assessment

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 27 © 2015-2017 | SAMUEL WYSTAN

 3. SWOT Analysis

Types of Business Risk

1. Strategic Risk: They are the risks associated with the operations of that particular industry. These kind of risks
arise from
o Business Environment: Buyers and sellers interacting to buy and sell goods and services, changes in supply
and demand, competitive structures and introduction of new technologies.
o Transaction: Assets relocation of mergers and acquisitions, spin-offs, alliances and joint ventures. Emphasis
on wrong products, inappropriate acquisitions etc.
o Investor Relations: Strategy for communicating with individuals who have invested in the business.

2. Financial Risk [*]: These are the risks associated with the financial structure and transactions of the particular
industry.

3. Operational Risk: These are the risks associated with the operational and administrative procedures of the
particular industry, which are very common in today's generation. They could be flaws in the way business is
carried on, its processes and systems (e.g. poor labor-relations, loss of key employees, reliance on few suppliers or
Types of Business Risks

customers, lack of R&D)

4. Compliance Risk (Legal Risk): These are risks associated with the need to comply with the rules and regulations of
the government.

5. Other Risks
o Governance Risk: Poor or inadequate Corporate Governance

o Natural Disasters: Acts of God and Hazards such as Floods, Fire.

o IT Risk: Any risk related to Information Technology.

o Reputational Risk: A risk of loss resulting from damages to a firm's reputation, in lost revenue; increased
operating, capital or regulatory costs; or destruction of shareholder value, consequent to an adverse or
potentially criminal event even if the company is not found guilty. Adverse events typically associated with
reputation risk include ethics, safety, security, sustainability, quality, and innovation. Reputational risk can be
a matter of corporate trust.

o Political Risk: A type of risk faced by investors, corporations, and governments. It is a risk that can be
understood and managed with reasoned foresight and investment. Broadly, political risk refers to the
complications businesses and governments may face as a result of what are commonly referred to as political
decisions—or “any political change that alters the expected outcome and value of a given economic action by
changing the probability of achieving business objectives”

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 28 © 2015-2017 | SAMUEL WYSTAN

 [*] Financial Risk

a. Asset-backed Risk: Risk that the changes in one or more assets that support an asset-backed security will
significantly impacts the value of the supported security. Risks include interest rate, term modification,
and prepayment risk.

b. Credit Risk: Credit risk, also called default risk, is the risk associated with a borrower going into default (not
making payments as promised). Investor losses include lost principal and interest, decreased cash flow, and
increased collection costs. An investor can also assume credit risk through direct or indirect use of leverage. For
example, an investor may purchase an investment using margin. Or an investment may directly or indirectly use
or rely on repo, forward commitment, or derivative instruments
o Refinancing Risk: Possibility that a borrower cannot refinance by borrowing to repay existing

c. Foreign Investment Risk: Risk of rapid and extreme changes in value due to: smaller markets;
differing accounting, reporting, or auditing standards; nationalization, expropriation or confiscatory
taxation; economic conflict; or political or diplomatic changes. Valuation, liquidity, and regulatory issues may
also add to foreign investment risk.

d. Financial Operation Risk: Risk incurred by an organization’s internal activities.

o Model Risk: Risk of loss resulting from using models to make decisions, initially and frequently referring to
valuing financial securities
o Legal Risk
Types of Business Risk - Financial Risk

o Political Risk
o Valuation Risk: The financial risk that an asset is overvalued and is worth less than expected when it
matures or is sold. Factors contributing to valuation risk can include incomplete data, market
instability, financial modeling uncertainties and poor data analysis by the people responsible for
determining the value of the asset. This risk can be a concern for investors, lenders, financial
regulators and other people involved in the financial markets. Overvalued assets can create losses for their
owners and lead to reputational risks; potentially impacting credit ratings, funding costs and the
management structures of financial institutions.

e. Liquidity Risk: This is the risk that a given security or asset cannot be traded quickly enough in the market to
prevent a loss (or make the required profit).

f. Market Risk
o Equity Risk is the risk that stock prices in general (not related to a particular company or industry) or
the implied volatility will change.
o Interest Rate Risk is the risk that interest rates or the implied volatility will change.
o Currency Risk is the risk that foreign exchange rates or the implied volatility will change, which affects, for
example, the value of an asset held in that currency.
o Commodity Risk is the risk that commodity prices (e.g. corn, copper, crude oil) or implied volatility will
change.

g. Other Risks
o Reputational Risk
o Volatility Risk: The risk of a change of price of a portfolio as a result of changes in the volatility of a risk
factor. It usually applies to portfolios of derivatives instruments, where the volatility of its underlying is a
major influencer of prices.
o Settlement Risk: The risk that a counterparty does not deliver a security or its value in cash as per
agreement when the security was traded after the other counterparty or counterparties have already
delivered security or cash value as per the trade agreement.
o Profit Risk: A risk management tool that focuses on understanding concentrations within the income
statement and assessing the risk associated with those concentrations from a net income perspective.
o Systemic Risk: The risk of collapse of an entire financial system or entire market, as opposed to risk
associated with any one individual entity, group or component of a system, that can be contained therein
without harming the entire system.

STEP 3 IDENTIFY BUSINESS RISKS THAT MAY RESULT IN MATERIAL MISSTATEMENTS IN F/S

The Auditor identifies Business Risks that may result in Material Misstatements.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 29 © 2015-2017 | SAMUEL WYSTAN

 STEP 4 EVALUATE THE ENTITY’S RISK ASSE SSMENT PROCESS (IE HOW MANAGEMENT
RESPONDS TO THOSE BUSINESS RISKS) AND OBTAIN EVIDENCE ON ITS IMPLEMENTATION

Management has a responsibility to identify, control and mitigate Business Risks that may affect the Entity’s ability
to achieve its Objectives. The Auditor should obtain information on the Management’s Risk Assessment process
and whether it is operating effectively.
o If the Entity’s response to the identified risks are adequate, the RMM may be reduced.
o If the Entity’s response to the identified risks are inadequate, the RMM may be increased.
o If the Entity does not have any response to identified risks, then the Auditor must develop tests to determine
if any misstatements are present in the related class of transactions or account balance.
STEP 5 ASSESS THE RISK OF MATERIAL MISSTATEMENT (DUE TO ERROR / FRAUD)

To assess the RMM, the Auditor must consider how the identified risks could result in a Material Misstatement in
the Financial Statements. This includes considering how the Entity’s Risk Assessment Process may affect the
magnitude and likelihood of potential misstatements.

SSA 315 (27-28) As part of Risk Assessment, Auditors shall determine whether any risks identified are significant
risks, including:
o Fraud
o Significant economic, accounting or other developments
o Complex transactions
o Significant transactions with related parties
o Financial information involving high measurement subjectivity or uncertainty.
o Significant transactions outside normal course of business or otherwise appear unusual.

Misstatements can be due to:

o Error
o Fraud (tend to be more difficult to detect as it is well-concealed)

Fraud can be classified into two types:

1. Misstatements arising from Fraudulent Financial Reporting
o Manipulation, falsification, alteration of accounting records or supporting documents from which
financial statements are prepared.
o Misrepresentation in, or intentional omission from, the financial statements of events, transactions or
other significant information.
o Intentional misapplication of accounting policies relating to amounts, classification, manner of
presentation or disclosure.
2. Misstatements arising from Misappropriation of Assets (Defalcation)
o Embezzling cash received.
o Stealing assets and intellectual property.
o Causing the entity to pay for goods/services not received.

SPOTLIGHT ON: THE FRAUD RISK ASSESSMENT PROCESS

For more information on Fraud, refer to Pg 37 of THE EPIC RISK MANAGEMENT NOTES

Auditor's Responsibility & Objectives

The primary responsibility for Prevention and Detection of Fraud rests with Management and TCWG.
Fraud

Auditor conducting an audit is responsible for obtaining reasonable assurance that the FS taken as a whole are
free from material misstatement, whether caused by fraud or error.

In relation to RMM due to fraud, the Auditor's Objectives are:

o Identify and assess RMM due to fraud
o Design and implement appropriate responses
o Respond appropriately to identified or suspected fraud

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 30 © 2015-2017 | SAMUEL WYSTAN

 SSA 240 Requirements for Auditors on Fraud
Professional Skepticism Auditor must recognize the possibility that a material misstatement due to fraud could
exist, notwithstanding the Auditor's past experience of the honesty and integrity of
the entity’s management and TCWG.
Discussion among the Place emphasis on how/where the entity’s financial statements may be susceptible to
Engagement Team material misstatement due to fraud and how fraud might occur.
Risk Assessment a. Enquire Management, TCWG and Others (e.g. Internal Auditors)
Procedures and Related - Find out their Fraud Risk Management process
Activities - Knowledge of actual, suspected or alleged fraud.

b. Apply Analytical Procedures to identify unusual/unexpected relationships that may

be indicative of fraud

c. Consider other information (e.g. from client acceptance process or other

engagements) that may be indicative of fraud.

d. Evaluate Fraud Risk Factors (Appendix 1, SSA 240)

Identification and At the F/S Level and at the Assertion Level
Assessment of the RMM Base on a presumption that there are risks of Fraud in the Revenue Recognition
due to Fraud process and Management Override of Controls
Responses to the At the F/S Level (Overall Responses) – SSA 240 (A28)
Assessed RMM due to o Assignment of more experienced staff/ experts
Fraud o Closer supervision
At the Assertion Level – SSA 240 (A30, Appendix 2)
o Nature, timing and extent of further Audit procedures responsive to the
assessed risk.
Evaluation of Audit If the auditor identifies a misstatement, whether material or not, and the auditor
Evidence has reason to believe that it is or may be the result of fraud and that management
is involved, the auditor shall reevaluate the assessment of the RMM due to fraud
Fraud

and its resulting impact on the nature, timing and extent of audit procedures to
respond to the assessed risks.
The auditor shall also consider whether circumstances or conditions indicate
possible collusion involving employees, management or third parties when
reconsidering the reliability of evidence previously obtained.
Consider if Auditor Determine the professional/legal responsibilities applicable in the circumstances,
Unable To Continue the including whether there is a requirement for the Auditor to report to the person
Engagement who made the Audit appointment / regulatory authorities
Consider if it is appropriate to withdraw from the engagement, where withdrawal
is possible
Obtain Written Acknowledgement of responsibility for internal controls to prevent/detect fraud.
Representations from Results of Management’s assessment of RMM due to fraud
Management / TCWG Any known, alleged or suspected fraud.
Communications to Communicate on a timely basis to Management / TCWG.
Management / TCWG Discuss with them the Nature, Timing, Extent of Audit Procedures necessary to
complete the Audit
Communications to Legal responsibilities of Auditor may override the duty of Confidentiality.
Regulatory and
Enforcement Authorities Auditor's Responsibility to Report Non-Compliance with Companies Act
Under the CA s207(9), Auditor has to report the matter in writing to the Registrar,
if he is satisfied that (a) there has been a breach or non-observance of any of the
provisions in the CA and (b) the matter not / will not be adequately dealt with by
Directors.

Auditor's Responsibility to Report Fraud

Under the CA s207(9A), if the Auditor of a Public Company has reason to believe
that a serious offence involving Fraud or Dishonesty (offence imprisonment of
more than 2 years and value of property involved more than $20k) is being/has
been committee, he shall immediately report the matter to the Minister.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 31 © 2015-2017 | SAMUEL WYSTAN

 Auditor's Other Reporting Responsibilities for Fraud / Terrorism
(continued) EP200 (reiterating the former SAP1):
o Auditors need to take the possibility of money laundering and terrorism
financing into account (SAP 1 para 21)
o Auditors need to be sufficiently aware of the main provisions of the anti-
money laundering and anti-terrorism financing legislation (para 44)
o Mandatory Reporting/Tip-Offs for all Professional Accountants.

Consideration of Related SSA 550 Audit Significance of Related Parties (RP) and RP Transactions include:
Parties o Risk from inappropriate accounting
o Risk from non-identification or non-disclosure
- Inherent difficulty in identifying undisclosed RPs/RPTs (management
themselves may be unaware; esp. if framework does not req. disclosure)
o Heightened Risk of Fraud
Fraud

- RPs present greater opportunities for collusion, concealment,

manipulation by management
- RPs involved in a number of corporate reporting scandals in recent
times.

SSA 315 Risk-based Approach requires a thorough understanding of RPs and RPTs
to identify and assess risks.
o Consider RPs in Engagement Team Discussion
o Inquire into changes in RPs from prior period, nature of RP relationships and
type and purpose of RPTs
o Understand controls to identify, account for, and disclose RPs and RPTs; and
to authorize and approve significant RPTs
o Determine whether any of the assessed risks are significant
o Respond appropriately to assessed risks.

STEP 6 AUDITOR'S RESPONSE TO ASSESSED RMM

Response to Assessed RMM at the F/S Level

SSA 330 (5, A1-3): Auditor shall design and implement overall responses to address the assessed RMM at the FS level,
including:

Emphasizing to the Audit team the need to maintain Professional Skepticism

Assigning more Experienced staff or those with special Skills or use of Experts
Providing more Supervision
Incorporating additional elements of Unpredictability in the selection of further Audit Procedures to be performed

Making general changes to the Nature, Timing, Extent of Audit Procedures

(e.g. performing substantive procedures at the period end instead of at an interim date; or modifying the nature of
Audit Procedures to obtain more persuasive Audit Evidence)

Response to Assessed RMM at the Assertion Level

SSA 330 (6, A4-16): Auditor shall design and perform further Audit Procedures whose Nature, Timing and Extent are
based on and are responsive to the assessed RMM at the Assertion Level:

Nature: Purpose (e.g. Tests of Control vs Substantive Procedures) and Type (e.g. Confirmation vs Substantive
Analytical Procedures)
Timing: (e.g. At Interim Date vs Period End)
Extent: (e.g. Sample Size, Frequency of Observation)

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 32 © 2015-2017 | SAMUEL WYSTAN

 STAGE 3.6 CONSIDER MANAGEMENT ASSERTIONS

Overview of Management Assertions

Management is responsible for the fair presentation of the financial statements. Assertions are representations by
Management that are embodied in the financial statements.
Used by Auditor to consider the different types of potential misstatements that may occur.
Categories of Assertions
Classes of Account Balances at the end Presentation and Disclosure
Transactions/Events during of the period
the period
Occurrence Transactions and events that Disclosed events,
have been recorded have transactions and other
occurred and pertain to the matters have occurred and
entity. pertained to the entity.
Existence Assets, Liabilities, Equity
Interests exist.

Rights & The entity holds or controls The rights and obligations
Obligations the rights to Assets and have been disclosed in the
Overview of Management Assertions

Liabilities are the obligations financial statements.

of the entity.
Completeness All transactions and events All Assets, Liabilities and All disclosures that should
that should have been Equity Interests that should have been included in the
recorded have been have been recorded have financial statements have
recorded. been recorded. been included.
Accuracy Amounts and other data Financial and other
relating to recorded information is disclosed fairly
transactions and events have and at appropriate amounts.
been recorded appropriately
in accordance to the financial
reporting framework
standards and methods.
Valuation & Assets, Liabilities and Equity
Allocation Interests are included in the
financial statements at
appropriate amounts, and
any resulting valuation or
allocation adjustments are
appropriately recorded.
Cutoff Transactions and events have
been recorded in the correct
accounting period.
Classification Transactions and events have Financial information is
been recorded in the proper appropriately presented and
account. described, and disclosures
are expressed clearly.
Understandability

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 33 © 2015-2017 | SAMUEL WYSTAN

 ASSERTIONS ABOUT CLASSES OF TRANSACTIONS (P&L)

Occurrence VS Completeness

Occurrence assertion relates to whether all recorded transactions have occurred and pertained to the entity.
For e.g. Management asserts that all revenue transactions recorded during the period were valid but entity’s
personnel might have incentives to record fictitious transactions, resulting in an Overstatement in the related
account.

Completeness assertion relates to whether all transactions that occurred during the period have been recorded.
Assertions about Classes of Transactions

For e.g. If the entity fails to record a valid revenue transaction that ought to be recorded, it will result in an
Understatement of the related account.

Accuracy

Accuracy assertion addresses whether amounts and other data relating to recorded transactions have been
recorded in appropriate amounts.
Financial reporting frameworks establish the appropriate method for recording a transaction. For e.g. FRS states
that the amount recorded for the cost of a new machine includes all directly attributable costs necessary to bring
the machine to its required working condition.

Cut-Off

Cut-Off assertion relates to whether transactions have been recorded in the correct accounting period.
For e.g. Auditor may want to test proper cut-off of revenue transactions at 31-Dec-2015. The Auditor can examine
a sample of shipping documents/sale invoices for a few days before and after year-end to test whether the sale
transactions have been recorded in the proper period.

Classification

Classification assertion is concerned with whether transactions and events have been recorded in the proper
accounts.
For e.g. Management asserts that Maintenance costs to repair a machine that do not add to its usefulness are
properly charged to the Repairs and Maintenance Expense account instead of the Machine Asset account.

ASSERTIONS ABOUT ACC OUNT BALANCES (BALAN CE SHEET)

Existence

Existence assertion addresses whether ending balances of Assets, Liabilities and Equity included in the financial
Assertions about Account Balances

statements actually exist at the date of the financial statements.

For e.g. Management asserts that Inventory shown on balance sheet exists and is available for sale.

Rights and Obligations

Rights (Assets) & Obligations (Liabilities) assertion addresses whether the entity holds or controls the rights to
assets and that liabilities are the obligations of the entity.
For e.g. Amounts capitalized for leases reflect assertions that the entity has rights to leased property and that the
corresponding lease liability represents an obligation of the entity.

Completeness

Completeness assertion addresses whether all Assets, Liabilities and Equity Interests that should have been
included as ending balances on the financial statements have been included.
For e.g. Management implicitly asserts that the ending balance shown for Accounts Payable on the Balance Sheet
includes all such liabilities as of the balance sheet date.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 34 © 2015-2017 | SAMUEL WYSTAN

 Valuation and Allocation

Valuation and Allocation assertion addresses whether Assets, Liabilities and Equity Interests included in the
financial statements are at appropriate amounts, and any resulting adjustments are appropriately recorded.
For e.g. For Valuation, Management asserts that inventory is carried at the lower of cost or NRV on the Balance
Sheet. For Allocation, Management asserts that the cost of PPE is systematically allocated to appropriate
accounting periods by recognizing Depreciation Expense.

ASSERTIONS ABOUT PRESENTATION & DISCLOSURE

Occurrence & Rights and Disclosure

Occurrence & Rights and Disclosure assertions address whether disclosed events, transactions and other matters
have occurred and pertained to the entity.
For e.g. When Management presents capitalized lease transactions on the Balance Sheet as leased assets, the
related liabilities as long-term debts, and the related note, it is asserting that a lease transaction occurred, it has a
right to the leased asset and it owes the related lease obligation to the lessor.
Assertions about Presentation & Disclosure

Completeness

Completeness assertion relates to whether all disclosures that should have been included in the financial
statements have been included.
Therefore, Management asserts that no material disclosures have been omitted from the notes and other
disclosures accompanying the financial statements.

Classification and Understandability

Classification and Understandability addresses whether the financial information is appropriately presented and
described, and disclosures and clearly expressed.
For e.g. Management asserts that the portion of long-term debt shown as a current liability will mature in the
current year. Similarly, Management asserts that all major restrictions on the entity resulting from debt covenants
are disclosed in notes and are able to be understood by the users of the financial information.

Accuracy & Valuation

Accuracy & Valuation assertions addresses whether financial and other information is disclosed fairly and at
appropriate amounts.
For e.g. When Management discloses the FV of Securities, it is asserting that these financial instruments are
properly valued in accordance with the applicable financial reporting framework. In addition, Management may
disclose in a note other information related to financial instruments.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 35 © 2015-2017 | SAMUEL WYSTAN

 STAGE 3.7 PLAN FOR GATHERING AUDIT EVIDENCE
Audit Evidence

Audit Evidence (SSA 500(5))

The information used by the Auditor in arriving at the conclusions on which the Audit Opinion is based, and it
includes the information contained in the accounting records underlying the financial statements and other
information.
The following concepts of Audit Evidence are important to understanding the conduct of the Audit:
1. NATURE OF AUDIT EVIDENCE

The nature of the evidence refers to the form or type of information, which includes accounting records and other
available information.
o Accounting Records: Includes the records of initial entries and supporting records, such as records of
1. Nature

electronic funds transfers; invoices; contracts; the general and subsidiary ledgers, journal entries and other
adjustments to the financial statements that are not reflected in formal journal entries; and records such as
worksheets/spreadsheets supporting cost allocations, computations, reconciliations and disclosures.
o Other Information: Includes the minutes of meetings; confirmation from third parties; analysts’ reports;
comparable data about competitors (for benchmarking); controls manuals; information obtained by the
Auditor from such Audit Procedures as Inquiry, Observation and Inspection; and other information developed
by/available to the Auditor that permits the Auditor to reach conclusions through valid reasoning.
2. THE SUFFICIENCY & APPROPRIATENESS OF A UDIT EVIDENCE

SSA 500(6): The Auditor should obtain sufficient appropriate evidence to be able to draw reasonable conclusions on
which to base the Audit Opinion. SSA 200(A48): The matter of difficulty, time or cost is not in itself a valid basis for the
Auditor to omit an Audit Procedure for which there is no alternative or to be satisfied with Audit Evidence that is less
than persuasive.

Sufficiency: The measure of the quantity of Audit Evidence.

Appropriateness: The measure of the quality of Audit Evidence.
The Auditor must consider both concepts when assessing risks and designing Audit Procedures. Both are
interrelated and have an inverse relationship:
2. Sufficiency and Appropriateness

o Greater risk of material misstatement More Quantity of Audit Evidence required.

o Higher Quality of Audit Evidence Lower Quantity of Audit Evidence required.

Evidence is considered appropriate when it provides information that is both relevant and reliable:
o Relevant: Relevance of Audit Evidence refers to its relationship to the assertion being tested. If the Auditor
relies on evidence that is unrelated to the assertion, he may reach an incorrect conclusion about the
assertion.

o Reliability: Reliability refers to whether a particular type of evidence can be relied upon to signal the true
state of an assertion.
– Independence of Source: Evidence obtained by the Auditor from an independent source outside the
entity is usually viewed as more reliable than evidence obtained solely from within the entity.
More reliable
Document obtained directly by Auditor that originate outside the Client (e.g. Direct Bank confirmation)
Document obtained by the Auditor from the Client that originated from outside (e.g. Bank Statements)
Documents originating inside the Client but which circulates outside (e.g. Cancelled Cheques)
Documents originating inside the Client and never circulated outside (e.g. Cash Book)

– Effectiveness of Internal Control: Weak Internal Control High Control Risk Accounting System
more likely to be unreliable (and vice versa)
– Auditor’s Direct Personal Knowledge: Generally, evidence obtained by Auditor is more reliable.
– Nature of Evidence: Documentary evidence more reliable than Oral form.
– Original Documents: Originals are more reliable than photocopies.
3. THE EVALUATION OF AUDIT EVIDENCE
3. Evaluation

Auditor must be thorough, unbiased in evaluation and remain objective.

Requires understanding of the (i) Types of Evidence Available and (ii) Relative Reliability of Available Evidence.
Evidence Triangulation (SSA 500(A8)): Consistent evidence from different sources more Assurance.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 36 © 2015-2017 | SAMUEL WYSTAN

 SPOTLIGHT ON: AUDIT PROCEDURES

Audit Procedures are specific acts performed by the Auditor to gather evidence about whether specific assertions
are being met. There are three categories of Audit Procedures and serve the following purposes:
Audit Procedures

Risk Assessment Procedures Used to obtain an understanding of the entity and its external/internal
environment to access the risks of material misstatement at the financial
statement and relevant assertion levels.
Tests of Controls Used to test the operating effectiveness of controls in preventing, or detecting and
correcting, material misstatements at the relevant assertion level.
Substantive Procedures Used to detect material misstatements at the relevant assertion level.
Two Categories: Test of Details (of Classes of Transactions, Account Balances,
Disclosures) and Substantive Analytical Review Procedures
Analytical Consists of evaluations through analysis of plausible relationships among financial/non-
Review financial data. Involves comparison of recorded values with expectations by auditor.
Procedures Effective and efficient form of Audit Evidence.

External Audit Evidence obtained by Auditor as a direct written response from a Confirming Third-Party.
Confirmation Information Confirmed Source of Confirmation
Cash Balance Bank
Account Receivable Customers
Inventory on Consignment Consignee
Accounts Payable Individual Vendors (Suppliers)
Insurance Coverage Insurance Company
Contingent Liability Lawyer
Collateral for Loan Creditor
Inquiry Seeking information of knowledgeable persons within the entity.
Usually to understand entity and its environment (i.e. internal controls)
Inquiry alone ordinarily does not provide sufficient Audit Evidence, and requires additional
collaborative evidence to support the responses.
Inspection Inspection Reliability of Records or Documents (Internal/External)
of Records Internal documents: Generated and maintained within the entity
and External documents (generally more reliable) has two forms:
Documents o Documents originating within the entity but circulated to independent
Types of Audit Procedures

sources outside (e.g. remittance advices returned with cash receipts

from customer payment and payroll payments)
o Documents generated outside the entity but included in the entity’s
accounting records. (e.g. bank statements, vendors’ invoices)
Direction of Testing
Vouching (Occurrence) – From Journal Ledger to Source Document: This
approach provides evidence that the items included in the accounting
records have occurred. (e.g. Auditor examine a sample of sales transactions
from sales journal to ensure that sales are not fictitious.)
Tracing (Completeness) – From Source Document to Journal Ledger:
Ensures that transactions that occurred are indeed recorded in the
accounting records. (e.g. Auditor selects a sample of shipping documents
and traces them to the related sales invoices and then to the sales journal)
Inspection Physical Inspection (Existence) of the Assets. (e.g., counting Cash on Hand,
of Tangible examining Inventory Stock, Marketable Securities, Fixed Assets)
Assets Physical Inspection (Valuation) of the Assets. (e.g. Identifying items that are
obsolete or slow-moving)
Observation Looking at a process or procedure being performed by others. The actions being observed
typically do not leave an Audit trail that can be tested by examining documents
However, not very reliable and requires additional corroborating evidence.
RecalcUlation Checking the mathematical accuracy of documents through manual/use of IT (i.e.
Computer-Assisted Audit Techniques)
Includes footing, crossfooting, reconciling subsidiary ledgers to account balances and testing
postings from journals to ledgers.
Highly reliable as the Auditor creates the evidence.
Reperformance Independent execution by the Auditor of procedures/controls originally performed by
Company personnel. Highly reliable as Auditor creates the evidence.
Scanning Review of accounting data for large/unusual items, non-standard journal entries.
EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 37 © 2015-2017 | SAMUEL WYSTAN
 Designing
Designing the Audit Procedure

Nature, Timing, Extent of Audit Procedures need to respond to the assessed risks of material misstatement at the
assertion level.

Relying on the Work of Others

Auditors may rely on the work of others during an Audit:

o Internal Auditors – SSA 610
o Component Auditors (in a Group Audit for JV, Overseas Subsidiaries etc.) – SSA 600
o Experts (e.g. IT, Legal, Valuation Specialists etc.) – SSA 620
Relying on the Work of Others

Using the Work of Experts

SSA 620(12): An Auditor should:

Assess capabilities and competence of the expert

Assess objectivity of the expert
Obtain an understanding of the expert’s field of expertise and work performed
Evaluate the adequacy of the expert’s work, including:
o Relevance and Reasonableness of expert’s findings and conclusions, and their consistency with other Audit
evidence
o Relevance and Reasonableness of assumptions and methods used
o Relevance, Completeness and Accuracy of Source Data used

E.g. Internal Auditors: Some of their work performed may be directly relevant to External Auditors’ work.
But before the decision to use Internal Auditors’ work, the External Auditors must evaluate the internal Auditors’
objectivity and competence first.

Hierarchy of Evidence Reliability

Hierarchy of Evidence Reliability

Best Physical Evidence – Inspection of Tangible Assets

External Confirmations
Inspection of External Documentation
Recalculations / Reperformance
Good Inspection of Internal Documentation (Strong Internal Control)
Analytical Review Procedures (Strong Internal Control)
Observation
Client Inquiry done rigorously
Weak Inspection of Internal Documentation (Poor Internal Control)
Analytical Review Procedures (Poor Internal Control)
Client Inquiry done informally

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 38 © 2015-2017 | SAMUEL WYSTAN

 SPOTLIGHT ON: AUDIT DOCUMENTATION
Definition

Audit Documentation

Audit Documentation consists of the record of Audit Procedures performed, relevant Audit Evidence obtained and
conclusions the Auditor reached, aka the ‘Audit File’ or ‘Working Papers’. It is like the ‘story’ of the Audit.

Objectives of Audit Documentation

1. To provide Principal support for the representation in the Auditor’s Report that the Audit was conducted in
accordance with Auditing Standards
2. To aid in the planning, performance and supervision of the Audit
3. To provide the basis for the review of the quality of the work by providing written documentation of the evidence
supporting the Auditor’s significant conclusions.
Objectives

How Much Documentation is Required?

SSA 230(8): The Auditor shall prepare Audit Documentation that is sufficient to enable an experienced Auditor, having
no previous connection with the Audit, to understand:

(a) The nature, timing and extent of the Audit Procedures performed to comply with the SSAs and applicable legal and
regulatory requirements.
(b) The results of the Audit Procedures performed and the Audit Evidence obtained; and
(c) Significant matters arising during the Audit, the Conclusions reached thereon, and significant professional
judgments made in reaching those Conclusions.

Content of Audit Documentation

Most Audit firms maintain Audit Documentation in two types of files:

Permanent Current
Contain historical data about the entity that are of Includes information and data related specifically to the
continuing relevance to the Audit. Current Year’s Engagement.
Content

Copies of Corporate Charter Copy of Financial Statements and Auditor’s Report

Charts of Accounts Overall Audit Strategy / Audit Plan
Organizational Chart Minutes of Important Meetings
Copies of Important Contracts (Pension, Union, Leases..) Working Trial Balance
Documentation of Internal Control (Flowcharts) Adjusting and Reclassification of Journal Entries
Terms of Stock/Bond Issues Working papers supporting financial statement accts.
Prior Years’ Analytical Procedure results And more…

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 39 © 2015-2017 | SAMUEL WYSTAN

 STAGE 4: INTERNAL CONTROL
INTERNAL CONTROL

Internal Control

COSO Internal Control Integrated Framework: Internal Control is a process designed and effected by an entity’s
Board of Directors, Management and Other Personnel to provide reasonable assurance that the organization’s
Objectives are being met in the following categories:
o Reliability, timeliness and transparency of internal and external, non-financial and financial reporting
o Effectiveness and efficiency of operations, including safeguarding of assets
o Compliance with applicable laws and regulations

Management’s Responsibility for Internal Control

SSA 200 (A2): An audit in accordance with SSAs is conducted on the premise that Management and TCWG have
acknowledged and understand their responsibility for:
Internal Control

o Preparation of f/s in accordance with the applicable financial reporting framework; and
o Such internal control determined by them to be necessary for preparation of f/s that are free from material
misstatement, whether due to fraud or error.

Companies Act (S199, 2A): Every public company and every subsidiary of a public company shall devise and
maintain a system of internal accounting controls sufficient to provide a reasonable assurance that
o Assets are safeguarded against loss from unauthorized use or disposition; and
o Transactions are properly authorised and recorded to permit the preparation of true and fair profit and loss
accounts and balance‐sheets and to maintain accountability of assets.

Auditor's Responsibility for Internal Control

SSA 315 (12): Obtain an understanding of internal control relevant to the Audit when identifying and assessing the
risks of material misstatement.
SSA 265: Communicate identified control deficiencies to TCWG and management that are of sufficient importance
to merit their respective attention.
In some jurisdictions (e.g. USA) but not others (e.g. Singapore), Auditors are required to express an opinion on the
effectiveness of internal controls over financial reporting for public companies.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 41 © 2015-2017 | SAMUEL WYSTAN

 STAGE 4.1 OBTAINING UNDERSTANDING OF INTERNAL CONTROLS
Understanding Internal Controls

Auditor needs to evaluate the design of controls relevant to the Audit and determine whether they have been
implemented.
Typical Audit Procedures used include:
o Inquiry of Entity’s Personnel
o Observing Application of Specific Controls
o Inspecting Documents and Reports
o Tracing transactions through the information system relevant to financial reporting (‘walkthrough’)
STAGE 4.2 ASSESS CONTROL RISK AND DECIDE WHETHER TO RELY ON CONTROLS

Control Risk assessed at Maximum (Substantive Strategy):

Assess Control Risk

Auditor do not intend to rely on the entity’s internal controls to reduce substantive testing because he concludes
that Internal Controls are not effectively designed or implemented (hence reliance strategy is not justified), and/or
a Substantive Strategy is more efficient

Control Risk assessed at below Maximum (Reliance Strategy):

Auditor intends to rely on the entity’s Internal Controls to reduce substantive testing. Need to test operating
effectiveness of controls to assess if the “achieved ” level of control risk is in line with the “planned” control risk
(i.e. whether preliminary assessment of control risk is supported)

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 42 © 2015-2017 | SAMUEL WYSTAN

 STAGE 4.3 FOR RELIANCE STRATEG Y – PLAN & PERFORM TEST OF CONTROLS

Auditor uses a combination of Audit Procedures to test control effectiveness:

o Inquiry, Inspection of Documents, Observation and Reperformance
Test of Controls

Auditor should also consider:

o Who performs the control
o How well was the control performed
o How consistent was the control applied throughout the period of intended reliance
o Potential risk factors, such as:
– Changes in personnel
– Seasonal fluctuations in volume of transactions
STAGE 4.4 FOR RELIANCE STRATEG Y - SET CONTROL RISK BASED ON THE TEST OF CONTROLS
STAGE 4.5 PERFORM SUBSTANTIVE PROCEDURES BASED ON THE LEVEL OF CONTROL RISK

The Nature, Timing and Extent of Substantive Procedures will vary for different entities as a function of the
Detection Risk Level.

Example Entity 1 Entity 2

Substantive Procedures

High RMM (IR x CR) and Low DR Low RMM (IR x CR) and High DR
Nature Audit tests for all significant Audit assertions Corroborative Audit tests using the following types of
using the following types of Audit Audit tests:
procedures: o Physical examination (conducted at an interim
o Physical Examination (Conducted at date)
year end – stronger) o Analytical procedures
o Review of external documents o Substantive tests of transactions and balances
o Confirmation
o Reperformance

Timing All significant work completed at year-end Interim and year-end

Extent Extensive testing of significant accounts or Limited testing of accounts or transactions
transactions

SPOTLIGHT ON: CONTROLS IN AN COMPUTERIZED ENVIRONMENT

Issues introduced in a Computerized Environment

Issues

1. Input Errors
2. Systematic vs Random Processing Errors
3. Lack of Audit Trail
4. Inappropriate access to computer files and programs
5. Reduced human involvement in processing transactions

Implications of IT/CIS for Auditor's Risk Assessments

SSA 315 (11d): Auditor shall obtain an understanding of the entity’s objectives and strategies, and those related
business risks that may result in risks of material misstatement.

SSA 315 (Appendix 2): Examples of events and conditions that may indicate risk of material misstatement:
o Inconsistencies between the entity’s IT strategy and its business strategies
Implications

o Changes in the IT environment

o Installation of significant new IT systems related to financial reporting

SSA 315 (A55‐56): IT can improve an entity’s internal control (e.g. by enhancing consistency of information
processing, segregation of duties)
o However, IT can also pose specific risks to internal control (e.g., risks of unauthorized access or change to data
and programs.

SSA 315 (21): In understanding the entity‘s control activities, the auditor shall obtain an understanding of how the
entity has responded to risks arising from IT.
EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 43 © 2015-2017 | SAMUEL WYSTAN
 Controls over IT Systems

There are two broad categories:

General Controls

Policies and procedures that relate to all applications and support the effective functioning of application controls
Deficiencies will affect processing of various types of transactions
Controls over IT Systems

Examples include controls over:

o Systems development, acquisition, change and maintenance (e.g., proper authorization, testing,
documentation, user involvement)
o Computer operations
– Segregation of duties (systems analysts, programmers, operators, librarian)
– Regular backups of programs and data
o Access security (physical and logical access controls, access logs)

Application Controls

Manual or automated controls over input, processing and output of individual applications to help ensure
transactions are authorized and processed accurately and completely

Examples include:
o Batch controls (e.g., record count, control totals)
o Data validation controls (e.g., validity, range, limit, reasonableness, sequence tests)

Impact on Audit Strategy

Auditing ‘Around’ the Computer

Auditor treats the computer system as a “black box” and performs tests on inputs and outputs of the system
May be appropriate for less complex IT systems with existence of ‘hard copy’ audit trail

Auditing ‘Through’ the Computer

Impact on Audit Strategy

Auditor directly tests IT controls, usually with the help of Computer Assisted Audit Techniques (CAATs)
SSA 330 (8) requires Auditors to test the operating effectiveness of relevant controls if substantive procedures
alone cannot provide sufficient appropriate audit evidence at the assertion level (e.g. for highly automated
systems)

Deciding When To Use Each Approach

Around The Computer Through The Computer
Complexity of Processing Computer used for relatively simple Computer applications are more
calculations. complex in nature.
Implementation of Computer Less extensive. More extensive.
Controls
Existence of Source Documents and Existence of ‘hard copy’ (paper) Source documents exist in electronic
Audit Trail source documents or Audit trail. format.
Results of one stage of
computerized processing are used as
inputs in subsequent stages of
processing.

Computer Assisted Audit Techniques

Generalized Audit Software (e.g. ACL)

CAATs

Specialized / Custom Audit Software

Test Data
Integrated Test Facility (e.g. Test data in Client Environment for about 1 year)
Parallel Stimulation (e.g. write a similar client programme – may be costly)

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 44 © 2015-2017 | SAMUEL WYSTAN

 SPOTLIGHT ON: AUDIT SAMPLING

Audit Sampling

SSA 530.5 The application of Audit Procedures to less than 100% of items within a population of Audit relevance,
such that all sampling units have a chance of selection, in order to provide the Auditor with a reasonable basis on
which to draw conclusions about the entire population.

Sampling Risk

The risk that the sample drawn is not representative of the population and that, as a result, the Auditor will reach
an incorrect conclusion about the account balance or class of transactions based on the sample.

Non-Sampling Risk

The risk that the Auditor reaches a wrong conclusion due to reasons other than Sampling Risk such as:
o Use of inappropriate Audit Procedures
o Misinterpretation of Audit Evidence
o Failure to recognize a misstatement / deviation
o Human errors

Can be controlled by measures such as:

o Adequate training
Audit Sampling - Key Concepts

o Proper planning
o Effective supervision

Decision Errors

Risk of Incorrect Rejection Risk of Incorrect Acceptance

(Type I) (Type II)
Relates to Efficiency Effectiveness (More Severe)
Test of In testing an Internal Control, this is the risk that In testing an Internal Control, this is the risk that
Controls the sample supports a conclusion that the the sample supports a conclusion that the control
control is not operating effectively, but in truth, it is operating effectively, but in truth, it is not
is working effectively. working effectively.
Assess Control Risk too High (Risk of Assess Control Risk too low (Risk of
Underreliance) Overreliance)
Do too much Substantive Testing Do too little Substantive Testing
Audit Efficiency decreases Audit Risk (Specifically Detection Risk)
increases
Test of In Substantive Testing, this is the risk that the In Substantive Testing, this is the risk that the
Details sample supports a conclusion that the recorded sample supports a conclusion that the recorded
account balance is materially misstated when it is account balance is not materially misstated when
actually not materially misstated. it is materially misstated.
Auditor may do further testing Auditor wrongly issues an unmodified Audit
Audit Efficiency decreases. Opinion when the FS is materially misstated
Audit Failure

Three Important Factors To Determine Sample Sizes For All Types of Audit Sampling

1. Confidence Level: The desired level of assurance in the results

2. Tolerable Error: The acceptable defect rate
3. Expected Error: The historical defect rate

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 45 © 2015-2017 | SAMUEL WYSTAN

 Statistical Sampling

To be classified as Statistical, the Sample must meet these three objectives:

(1) Sample size must be determined objectively or quantitatively
(2) The sample members must be selected randomly or approximately randomly
(3) The sample results must be evaluated mathematically.

Advantages:
o Determine an efficient sample
o Measure the sufficiency of evidence obtained
o Quantify sampling risk
Disadvantages:
Statistical Sampling

o Add cost in training Auditors in the proper use of sampling techniques

o Trouble in designing and conducting the sampling application
o Lack of consistent application across engagement teams due to complexities / underlying concepts

Non-Statistical Sampling:

Any approach that does not meet the three objectives above.

Types of Statistical Sampling

1. Attribute Sampling Used to estimate the proportion of a population that possesses a specified
characteristic.
Most common use is for Test of Controls
2. Monetary-Unit Uses Attribute Sampling theory and techniques to estimate the monetary amount ($)
Sampling (MUS) of misstatement for a class of transactions or an account balance.
3. Classical Variables Uses a normal distribution theory to evaluate the characteristics of a population based
Sampling on sample data.
The sampling distributions are formed by plotting the projected misstatements yielded
by an infinite number of Audit samples of the same size taken from the same
underlying population.

Key Steps in Audit Sampling

Step 1 Define Test Objective, Population, Sampling Unit, Control Deviation or Misstatement

Step 2 Determine Sample Size

Judgmentally or Statistically (Optimal)
General Audit Sampling

Consider desired level of assurance (confidence) in the results (confidence level = 1 – risk of
incorrect acceptance)
Consider tolerable misstatement or deviation rate
Consider expected misstatement or population deviation rate
Consider negligible effect of population size (beyond 500)

Step 3 Select Samples and Perform Tests on Samples

Random selection (e.g. random number generator)
Systematic selection (with a random start point)
Haphazard (avoid conscious bias or predictability)
[x] Unacceptable: Block Selection (e.g. all items processed on a particular month), Judgmental
Selection (e.g. select large and unusual items)

Step 4 Evaluate Results and Draw Conclusions

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 46 © 2015-2017 | SAMUEL WYSTAN

 ATTRIBUTE SAMPLING

Key Steps in Attribute Sampling

Planning
Step 1 Determine Test Objectives – To determine the degree of reliance that can be placed on controls.
(e.g. Determine if the revenue process is functioning as documented, if the controls identified concerning
credit authorization, contract approval and proper pricing are operating effectively)
Step 2 Define the Population Characteristics
Define the Sampling Population
Define the Sampling Unit
Define the Control Deviation Conditions
Step 3 Determine the Sample Size, using the following inputs:

The Desired Confidence Level or Risk of Incorrect Acceptance

(The risk that the sample results will support a conclusion that the control is functioning effectively
when in truth it is not – the Risk of Incorrect Acceptance)
o Consider the Significance of the Account
o Consider the Importance of the Assertion on which the Control provides Assurance
o Consider the Difficulty/Complexity in applying the Control
o Consider the Degree of Reliance
o The higher the significance, importance, complexity, reliance higher desired confidence.
o The higher the Auditor wants to be confident (and the less risk he is wiling to accept) the
larger the sample size must be.
(e.g. 95% Confidence Level, Auditor only willing to accept a 5% risk of accepting the control as
Attribute Sampling

effective when it is not)

The Tolerable Deviation Rate (TDR)

(The maximum deviation rate from a prescribed control that the Auditor is willing to accept and rely
on the control activity)
o A low TDR (3~5%): Used when Auditor plans to test the effectiveness of a highly important
control. The lower the TDR, the higher the Sample Size.
o A high TDR (6~10%): Used when the Auditor plans to test the effectiveness of a moderately
important control. The higher the TDR, the lower the Sample Size.

The Expected Population Deviation Rate (EPDR)

(The rate the Auditor expects to exist in the population.)
o Consider based on prior years’ results or on a pilot sample.
o If Auditor believes the EPDR exceeds the TDR, no statistical testing should be performed, as
there is no amount of sampling that can reduce the PDR below the TDR. The Auditor should
then perform additional Substantive Procedures rather than relying on the control.
o The higher the EPDR, the larger the sample size.

Performance
Step 4 Select Sample Items
Random Number Selection (Spreadsheet App/Audit Sampling Software)
Systematic Selection
Step 5 Perform the Audit Procedures
Understand and analyze any deviations observed
Evaluation
Step 6 Calculate the sample deviation rate and the computed upper deviation rate.
Sample Deviation Rate + Allowance for Sampling Risk = CUDR
CUDR < TDR: Conclude that control is effective and reduce Substantive Testing
CUDR > TDR: Conclude that control is not effective and increase Substantive Testing (Or Increase
Sample Size, Test a Compensating Control)
Step 7 Draw final conclusions.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 47 © 2015-2017 | SAMUEL WYSTAN

 MONETARY UNIT SAMPLING (MUS)

Uses Attribute Sampling theory to express a conclusion in monetary amounts, rather than rate of occurrence (i.e.
whether an account balance or class of transactions is materially misstated).
o Quintessentially, MUS uses Attribute Sampling theory to estimate the Percentage (%) of Monetary Units in a
Population that might be misstated and then multiplies this Percentage (%) by an estimate of how much the $
are misstated.
Every dollar in the population (account balance or class of transaction) is a sampling unit Larger balances or
transactions are more likely to be selected More effective in detecting overstatement.
Commonly used by Auditors to test accounts such as Accounts Receivable, Loans Receivable, Investment
Securities, Inventory.

Advantages

When the Auditor expects few/no misstatements, MUS usually results in a smaller sample size than classical
variables sampling.
When applied using a probability-proportional-to-size sample selection procedure, MUS automatically results in a
stratified sample because sampled items are selected in proportion to their $ amounts. Larger $ items have a
higher probability of being selected. With classical variables sampling, population must be stratified in order to
MUS Sampling

focus on larger items.

MUS does not require the user to make any assumptions about the distribution of misstatements, whereas
classical variables sampling relies on normal distribution theory and requires an estimate of the variation (or
standard deviation) of misstatements in the population.

Disadvantages

The selection of zero or negative balances generally requires special design consideration. For example, if
examining zero balances is important (searching for unrecorded liabilities in accounts payable), the Auditor must
test those items separately because such items will not be selected using a probability-proportional-to-size
selection method. Alternatively, if an account such as Accounts Receivable contains credit balances, the Auditor
should segregate those items and test them separately.
The general approach to MUS assumes that the audited amount of the sample item is not in error by more than
100%. If the Auditor detects items that are in error by more than 100%, special adjustments will be necessary
when calculating sample results. For example, suppose an Accounts Receivable account contains a debit balance
book value of $1,500. If the Auditor determines that the correct value for the account should be a credit balance
of $3,000, the account will be in error by 300%. Such an item would require special consideration when the
Auditor projects the amount of misstatement.
When more than a few misstatements are detected using an MUS approach, the sample results calculations as
shown in the textbook may overstate the allowance for sampling risk. This occurs because the methods used to
determine the amount of misstatement are conservative. Thus, an Auditor is more likely to reject an acceptable
recorded book value and overaudit.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 48 © 2015-2017 | SAMUEL WYSTAN

 Key Steps in MUS Sampling
Planning
Step 1 Determine Test Objectives
Sampling may be used for Substantive Testing to (1) Test the reasonableness of assertions about a
financial statement amount (e.g. Accuracy, Existence) or (2) Develop an estimate of some amount.
Step 2 Define the Population Characteristics
Define the Population
o For MUS, the population is defined as the monetary value of an account balance, such as
Accounts Receivable or Inventory.
Define the Sampling Unit
o For MUS, an individual dollar $ represents the Sampling Unit.
(e.g. if the Accounts Receivable balance is $2.5million, there are 2.5million sampling units.
o However, Auditor cannot very well Audit a single dollar $, instead, he will Audit the entire
customer account (or transaction) aka the Logical Unit.
Define a Misstatement
o Defined as the difference between monetary amounts in the entity’s records and amounts
supported by Audit evidence.
Step 3 Determine the Sample Size, using the following inputs:

Factor Relationship Examples

to Sample Change Effect on
Size in Factor Sample
Desired Direct Lower Decrease
MUS Sampling

Confidence Higher Increase

Level
Tolerable Inverse Lower Increase
Misstatement Higher Decrease
Expected Direct Lower Decrease
Misstatement Higher Increase
Population Direct Lower Decrease
Size Higher Increase
Performance
Step 4 Select Sample Items
Systematic selection approach called the Probability-Proportionate-To-Size Selection, often with the
help of an ACL.
Sampling Interval = Book Value of Population (e.g. Total Accounts Receivable Bal.) / Sample Size

Step 5 Perform the Audit Procedures

Understand and analyze any misstatements observed
If supported document is missing, unless explained, such items are considered misstatements.
Evaluation
Step 6 Calculate the projected misstatement and the upper limit on misstatement.
Projected Misstatement + Allowance for Sampling Risk = Upper Misstatement Limit (UML)
UML < TM: Conclude that Accounts Receivable is not materially misstated.
UML > TM: Conclude that Accounts Receivable is materially misstated.
Step 7 Draw final conclusions.

[*] Refer to Lecture Notes / Textbook for more on MUS Sampling and how to compute the Tabulated Format.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 49 © 2015-2017 | SAMUEL WYSTAN

 STAGE 5: AUDITING THE BUSINESS PROCESSES & RELATED ACCOUNTS
5.1 AUDITING THE REVENUE PROCESS
Typical Credit Sales & Collection Flowchart
Overview of the Revenue Process

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 53 © 2015-2017 | SAMUEL WYSTAN

 Overview of the Revenue Process

Three Types of Transactions are typically processed:

1. The sale of goods (or rendering of service) for Cash or Credit.

2. The receipt of Cash from the Customer in payment for goods or services.
3. The return of goods by the Customer for Cash or Credit.

Financial Statement Accounts Affected

Type of Transaction Account Affected

Sales Transactions Sales
Accounts Receivable
Allowance for Impairment of Accounts Receivable
Impairment Loss on Accounts Receivable
Cash Receipts Cash
Transactions Cash Discounts
Accounts Receivable
Sales Returns and Sales Returns and Allowances
Allowance Transactions Accounts Receivable

Types of Documents and Records in the Revenue Process

Overview of the Revenue Process

Document/Records Description
Customer Sales Order Details of the type and quantity of products/services ordered by the customer and
customer information.
Credit Approval Form When a customer purchases products on Credit from the entity for the first time, the
entity should have a formal procedure for investigating the creditworthiness of the
customer. The result should be documented on a Credit Approval Form.
Open-Order Report A report of all customer orders for which processing has not been completed (e.g. out-
of-stock or on back-order). Must be reviewed daily or weekly and old orders should be
investigated to determine if any goods have been shipped but not billed or to
determine why orders have not been filled.
Shipping Document Prepared every time goods are shipped to a customer. Generally serves as a bill of
lading, and contains information on the type of product shipped, the quantity shipped
etc. A copy is sent to customer and the other copy is used to initiate the billing process.
Sales invoice The document used to bill the customer and serves as the source document that signals
the recognition of revenue. Contains information on the type of product/service,
quantity, price and terms of trade.
Sales Journal Once a Sales Invoice has been issued, the sale needs to be recorded in the accounting
records. The Sales Journal contains columns for debiting Accounts Receivable and
crediting the various Sales Accounts.
Customer Statement Usually mailed to a customer monthly. Contains details of all Sales, Cash Receipts,
Credit Memorandum Transactions processed for the period.
Accounts Receivable Contains an account and the details of transactions with each customer. A transaction
Subsidiary Ledger recorded in the sales journal and cash receipts journal is posted to the appropriate
customer’s account in the Accounts Receivable Subsidiary Ledger.
Aged Trial Balance of This report is normally prepared weekly/monthly and summarizes all the customer
Accounts Receivable balances in the Accounts Receivable Subsidiary Ledger. Customers’ balances are
reported in categories (<30 days, 30-60 days, 60-90 days, >90 days old). Used to
monitor the collection of receivables and to ensure the details of the Accounts
Receivable Subsidiary Ledger agrees with the General Ledger Control Account. Auditor
uses this report to conduct much of the Substantive Audit work in Accounts Receivable.
Remittance Advice Document forwarded with the customer’s bill and returned with their payment (e.g.
cheque). Contains information regarding which invoices are being paid by the customer.
Cash Receipts Journal Journal used to record the entity’s cash receipts. Contains columns for debiting Cash,
crediting Accounts Receivable (and other accounts such as scrap sales, interest income)
Credit Memorandum Record credits for the return of goods in a customer’s account or to record allowances
that will be issued to the customer. Similar to a sales invoice and processed similarly.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 54 © 2015-2017 | SAMUEL WYSTAN

 The Major Functions of the Revenue Process

Functions Description
Order Entry Acceptance of customer orders for goods and services into the system in accordance
with management criteria.
Credit Authorization Appropriate approval of customer orders for creditworthiness.
Shipping Shipping of goods that have been authorized.
Overview of the Revenue Process

Billing Issuance of sales invoices to customers for goods shipped (or services provided);
Processing of billing adjustments for allowances discounts and returns.
Cash Receipts Processing of the receipt of cash (electronic/cheques) from customers.
Accounts Receivable Recording of all sales invoices, collections and credit memoranda in individual customer
accounts.
General Ledger Proper accumulation, classification, summarization of revenues, collections and
receivables in the financial statement accounts.

Segregation of Duties

Segregation of Duties Possible Errors/Fraud from Conflicts of Duties

Credit // Billing Possible for sales to be made to customers who are not creditworthy, resulting in bad
debts.
Shipping // Billing Possible for unauthorized shipments to be made and for the usual billing procedures to
be circumvented. Result in unrecorded sales transactions and theft of goods.
AR // General Ledger Possible for the individual to conceal unauthorized shipments, resulting in unrecorded
sales transactions and theft of goods.
Cash Receipts // AR Possible for cash to be diverted and shortage of cash in accounting records to be
covered. Theft of the entity’s cash.

TESTS OF CONTROLS FOR (SALES) REVENUE TRANSACTIONS

Assertion Possible Control Activities Test of Controls

Misstatement
Occurrence Fictitious revenue Segregation of duties between Observation and evaluation of proper
… that have Shipping Function and Order segregation of duties.
been recorded Revenue Entry / Billing Functions to
have occurred recorded but prevent unauthorized shipments
and pertained. goods not made to fictitious customers by
Tests of Controls for Revenue Transactions

shipped (or circumvention of normal billing

Overstated services not activities.
performed) Sales recorded only with Testing of a sample of sales invoices for
approved customer order and the presence of authorized customer
*Client are likely shipping document. order and shipping document.
to overstate sales Accounting for numerical Review and testing of entity procedures
than understate sequences of sales invoices. (control activities) for accounting for
them. numerical sequence of sales invoices.
Monthly customer statements Review and testing of entity procedures
and complaints handled for mailing and handling complaints
independently. about monthly statements.
Completeness Goods shipped Accounting for numerical Review and testing of entity’s
… that should (or services sequences of shipping documents procedures for accounting for numerical
have been performed) but and sales invoices sequence of shipping documents and
recorded have revenue not sales invoices.
been recognized. Shipping documents matched to Tracing of a sample of shipping
recorded. sales invoices. documents to their respective sales
(i.e. customer not invoices and to the sales journal.
Understated billed for goods Sales invoices reconciled to daily Testing of a sample of daily
and entity does sales report reconciliations.
not receive An open-order file is maintained Examination of the open-order file for
payment) currently and reviewed any unfilled orders.
periodically.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 55 © 2015-2017 | SAMUEL WYSTAN

 Assertion Possible Control Activities Test of Controls
(continued) Misstatement
Accuracy Revenue Authorized price list and specified Comparison of prices and terms on sales
…have been transaction terms of trade. invoices to authorized price list and
recorded recorded at an Price list updated promptly and terms of trade.
appropriately. incorrect only authorized changes are
monetary made to the master file.
account. Each sales invoice agreed to Examination of sales invoice for evidence
shipping document and customer that entity personnel verified
order for product type and mathematical accuracy.
quantity.
Mathematical accuracy of sales Recomputation of the information on a
invoice verified. sample of sales invoices; if IT,
Revenue examination of application controls and
transactions not consideration of use of CAATs.
posted correctly Sales invoices reconciled to daily Examination of reconciliation of sales
Tests of Controls for Revenue Transactions

to the sales sales report. invoices to daily sales report.

journal, Daily postings to sales journal Examination of reconciliation of entries
customers’ reconciled with posting to to sales journal with entries to
accounts in Subsidiary Ledger. Subsidiary Ledger.
accounts Subsidiary Ledger reconciled to Review of reconciliation of Subsidiary
receivable General Ledger control account. Ledger to General Ledger control
subsidiary ledger, account.
or general
journal.
Cut-Off Revenue All shipping documents Comparison of the date on sales invoices
… have been transactions forwarded to the billing function with the dates of the relevant shipping
recorded in recorded in the daily. documents.
the correct wrong period.
accounting
period. Daily billing of goods shipped. Comparison of the dates on sales
invoices with the dates they were
recorded in the sales journal.

Classification Revenue Chart of accounts. Review of sales journal and general

…have been transaction not ledger for proper classification.
recorded in properly
the proper classified. Proper codes for different types Examination of sales invoices for proper
accounts. of products or services. classification.

Authorization Goods shipped Proper entity procedures for Review of entity’s procedures for
…properly (or services authorizing credit and shipment granting credit.
authorized. performed) for of goods.
customer who is a Examination of sales orders for evidence
bad credit risk. of proper credit approval.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 56 © 2015-2017 | SAMUEL WYSTAN

 TESTS OF CONTROLS FOR CASH RECEIPTS TRANSACTIONS

Assertion Possible Control Activities Test of Controls

Misstatement
Occurrence Cash Receipts For instruments like cheques, Observation and evaluation of proper
… that have recorded but not proper segregation of duties segregation of duties.
been recorded received or between the cash receipt
have occurred deposited. function and the Accounts
and pertained. Receivable function.
Have two guys in the mailroom,
one has to compile a pre-listing of
all cheques received etc.
Use of electronic cash receipts Examine application controls for
transfer to prevent employees electronic cash receipts transfer.
from having access to cash.
Bank reconciliations prepared Review of bank reconciliation for
regularly and independently indication of independent review.
reviewed.
Completeness Cash Receipts Same control activities as above. Same tests of controls as above.
… that should received or Daily cash receipts reconciled Testing of the reconciliation of daily cash
Tests of Controls for Cash Receipts Transactions

have been deposited but not with posting to Accounts receipts with posting to Accounts
recorded have recorded. Receivable Subsidiary Ledger. Receivable Subsidiary Ledger.
been Customer statements prepared Inquiry of client personnel about
recorded. on a regular basis, complaints handling of customer statements and
handled independently. examination of resolution of complaints.
Accuracy Cash Receipts Daily remittance report Review and testing of reconciliation.
…have been recorded at reconciled to control listing of
recorded incorrect amount remittance advices.
appropriately. / incorrectly Bank statement reconciled Examination of bank reconciliation for
processed during regularly and independently independent review
data entry. reviewed.
Cash Receipts not Daily remittance report Review and testing of reconciliation.
properly posted reconciled daily with postings to
to cash receipts cash receipts journal and
journal, Accounts Accounts Receivable Subsidiary
Receivable Ledger.
Subsidiary Ledger Monthly Cash Receipts journal Review of posting from Cash Receipts
and General agreed to General Ledger journal to the General Ledger.
Ledger accounts. posting.
Accounts Receivable Subsidiary Examination of reconciliation of
Ledger reconciled to General Accounts Receivable Subsidiary Ledger
Ledger control account. to General Ledger control account.
Cut-Off Cash Receipts Cash Receipts at, before, and Review and testing of reconciliation.
… have been recorded in the after an accounting period are
recorded in wrong period. reconciled to ensure recording in
the correct appropriate period.
accounting
period.
Classification Cash Receipts Chart of accounts. Tracing of Cash Receipts from listing to
…have been recorded in the Cash Receipts journal for proper
recorded in wrong Financial classification.
the proper Statement Review of Cash Receipts journal for
accounts. account. unusual items.
Authorization Cash Discounts Entity’s procedures specifying Review and test entity’s procedures to
…properly not properly policies and controls for Cash control proper Cash Discounts.
authorized. taken. Discounts.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 57 © 2015-2017 | SAMUEL WYSTAN

 AUDITING REVENUE-RELATED ACCOUNTS
(1) SUBSTANTIVE ANALYTICAL PROCEDURES

Revenue
Substantive Analytical Procedures Possible Detections
Comparison of Gross Profit (%) by Product Line with previous years’ and industry data. Unrecorded
Substantive Analytical Procedures for Auditing Revenue-related Accounts

Comparison of reported revenue to budgeted revenue. (Understated)

Analysis of the ratio of Sales for the Month/Week to Total Sales for the Quarter/Year Revenue
Comparison of revenues recorded daily for periods shortly before/after the end of the Fictitious (Overstated)
Audit period for unusual fluctuations such as an increase just before / decrease just Revenue
after the end of the Audit period. Changes in pricing
Comparison of details of units shipped with revenues and production records and policies
consideration of whether revenues are reasonable compared to levels of production Product-pricing
and average sales price. problems
Comparison of the number of weeks of inventory in distribution channels with prior
periods for unusual increases that may indicate channel stuffing.
Comparison of percentages and trends of sales in the distributor channel with industry
and competitors’ sales trends, if known.
Accounts Receivable, Allowance for Impairment of Accounts Receivable, Impairment Loss on Accounts Receivable
Substantive Analytical Procedures Possible Detections
Comparison of Receivables Turnover and days outstanding in Accounts Receivable to Understatement /
previous years’ and/or industry data Overstatement of
Comparison of ageing categories on Aged Trial Balance of Accounts Receivable to Allowance for
previous years. Impairment Loss of
Comparison of Impairment Loss on Accounts Receivable (Bad Debt Expense) as a % of Accounts Receivable
Revenue to previous years’ and/or industry data. and Impairment Loss
Comparison of the Allowance for Impairment Loss of Accounts Receivable as a % of on Accounts
Accounts Receivable or Credit Sales to previous years’ and/or industry data. Receivable
Examination of large Customer Accounts individually / in comparison to previous year.
Sales Returns and Allowances and Sales Commissions
Substantive Analytical Procedures Possible Detections
Comparison of Sales Returns as a % of Revenue to previous years’ and/or industry Understatement /
data Overstatement of
Comparison of Sales Discounts as a % of Revenue to previous years’ and /or industry Sales Returns, Sales
data Discounts, Sales
Estimation of Sales Commission expense by multiplying Net Revenue by average Commission Expense
commission rate and comparison of recorded sales commission expense. and related accrual.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 58 © 2015-2017 | SAMUEL WYSTAN

 AUDITING REVENUE-RELATED ACCOUNTS
(2) TEST OF DETAILS

Assertions about Substantive Tests of Transactions

Classes of Transactions (Can also be Test of Controls or Dual-Purpose Test)
Occurrence For a sample of sales transactions recorded in the sales journal, vouch the sales
invoices back to customer orders and shipping documents.
Completeness Trace a sample of shipping documents to the details of the sales invoices and to the
sales journal and customers’ Accounts Receivable Subsidiary Ledger.
Authorization and Compare prices and terms on a sample of sales invoices with authorized price list and
Accuracy terms of trade.
Cut-off Compare the dates on a sample of sales invoices with the dates of shipment and with
the dates they were recorded in the sales journal.
Classification Examine a sample of sales invoices for proper classification into revenue accounts.
Assertions about Test of Details of Account Balances
Account Balances
Existence Confirmation of selected Accounts Receivable
o Positive Confirmation: Requires customers to indicate whether they agree with
Tests of Details for Auditing Revenue-Related Accounts

the amount due to client stated in the confirmation. Response is required.

Generally used when an account’s individual balances are large or if errors are
anticipated because CR is too high.
o Negative Confirmation: Requires customer only to respond if they disagree with
the amount due to the client. Usually used only when RMM as low and obtained
sufficient, appropriate Audit evidence regarding the operating effectiveness of
controls.
Performance of alternative procedures for Accounts Receivable confirmation
exceptions and non-responses.
Rights and Obligations Review of Bank Confirmations for any liens on receivables.
Inquiry of Management, review of any loan agreements and review of Board of
Directors’ minutes for any indication that the Accounts Receivable has been sold.
Completeness Obtain an Aged Trial Balance of Accounts Receivable and agree the total to General
Ledger control accounts.
Review results of testing the completeness assertion for assessing Control Risk; trace
shipping documents into sales journal and to Accounts Receivable Subsidiary Ledger
if such testing was not performed as a Test of Controls.
Valuation and Examination of the results of confirmations of selected Accounts Receivable.
Allocation Examination of the adequacy of the Allowance for Uncollectable Accounts.
Assertions about Test of Details of Disclosures
Presentation &
Disclosure
Occurrence, and Determine whether any receivables have been pledged, assigned or discounted.
Rights and Obligations Determine if such accounts require disclosure.
Completeness Complete financial reporting checklist to ensure that all financial statement
disclosures related to Accounts Receivable and Related Accounts have been disclosed
Classification, and Review of Aged Trial Balance for material credits, long-term receivables and non-
Understandability trade receivables.
Determine whether such items require separate disclosure on the balance sheet.
Read notes to ensure that required disclosures are understandable.
Accuracy and Valuation Read notes and other information to ensure that the information is accurate and
properly presented at the appropriate amounts.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 59 © 2015-2017 | SAMUEL WYSTAN

 5.2 AUDITING THE PURCHASING PROCESS

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 61 © 2015-2017 | SAMUEL WYSTAN

 Overview of the Purchasing Process

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 62 © 2015-2017 | SAMUEL WYSTAN

 Overview of the Purchasing Process

Three Types of Transactions are typically processed:

1. Purchase of goods and services for Cash or Credit.

2. Payment of the liabilities arising from such purchases.
3. Return of goods to suppliers for Cash or Credit.

Financial Statement Accounts Affected

Type of Account Affected

Transaction
Purchase Accounts Payable
Transactions Inventory
Various Asset / Expense Accounts
Cash Cash
Disbursement Accounts Payable
Transaction Cash Discounts
Various Asset / Expense Accounts
Purchase Return Purchase Returns
Transaction Purchase Allowances
Accounts Payable
Various Asset / Expense Accounts
Overview of the Purchasing Process

Types of Documents and Records in the Revenue Process

Document Description
/Records
Purchase Document that requests goods/services for an authorized individual/department within the entity
Requisition (e.g. order for supplies from an office supervisor / order for newspaper advertising space from a
marketing manager)
Purchase Document that includes the description, quality, quantity and other information on the
Order goods/services being purchased. The PO also indicates who approved the acquisition and represents
the authorization to purchase the goods/services. May be sent electronically, mailed, faxed or placed
by telephone with the supplier or vendor.
Receiving Document that records the receipt of goods. Often, the RR is a copy of the PO with the quantities
Report omitted. This encourages receiving department personnel to make an adequate, independent count
of the goods received. Important to lead the recognition of the liability by the entity.
Vendor The bill from the vendor. The invoice includes the description, quantity of the goods shipped/services
Invoice purchased, the price (including freight), terms of trade (cash discounts etc.) and date billed.
Increasingly, vendor invoices are transferred electronically between businesses by email or as part of
an EDI system (e.g. SAP)
Voucher Frequently used by entities to control payment for acquired goods and services. Serves as a basis for
recording a vendor’s invoice in the voucher register or purchases journal. Voucher is normally
attached to the Purchase Requisition, PO, RR and Vendor Invoice to create a voucher packet.
Voucher Used to record the vouchers for goods/services. Contains numerous columns for recording the
Register account classifications for the goods/services, including a column for recording credits to accounts
payable, and columns for recording debits to asset accounts (e.g. inventory) and expense accounts
or (e.g. repairs and maintenance)
With a purchases journal instead, either vouchers/ vendors’ invoices may be used to record the
Purchases liability. The main difference is in the way individual vouchers/vendor invoices are summarized.
Journal When a voucher register is used, the details of accounts payable are normally represented by a list of
unpaid vouchers. With a purchases journal, the vendor normally maintains subsidiary records in the
same manner as an Accounts Receivable Subsidiary Ledger.
Accounts When a purchases journal is utilized, this Subsidiary Ledger records the transactions with, and the
Payable balance owed to, a vendor. When a voucher register system is used, the Subsidiary Ledger is a listing
Subsidiary of the unpaid vouchers. The total in the Subsidiary Ledger should equate the balance in the General
Ledger Ledger Accounts Payable account.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 63 © 2015-2017 | SAMUEL WYSTAN

 Vendor Periodically sent by the vendor to indicate the beginning balance, current period purchases and
Statement payments, and ending balance. Represents the purchase activity recorded on the vendor’s records.
May be different from the entity’s records because of errors or timing differences (e.g. shipping
delays) The entity verifies the accuracy of its records by comparing vendor statements with the
Accounts Payable records.
Cheques Disbursements, approved by an individual of authority that pays for goods/services. Can be electronic
funds transfer (EFT)
Cash This journal records the disbursements made electronically or by cheque. Contains columns for
Disburse- recording credits to Cash and debits to Accounts Payable/Cash Discounts. Columns may also record
ment miscellaneous debits/credits. Payments recorded in the cash disbursements journal are also recorded
Journal in the voucher register or in the Accounts Payable Subsidiary Ledger (depending on which is used)

The Major Functions of the Purchasing Process

Functions Description
Requisitioning Initiation and approval of requests for goods/services by authorized individuals
consistent with management criteria. Usually have authorization monetary limits for
Overview of the Purchasing Process

different levels of employees.

Purchasing Approval of Purchase Orders and proper execution as to price, quantity, quality and
vendor choice.
Receiving Receipt of properly authorized goods/services.
Invoice Processing The AP department processes vendor invoices for goods/services received, also,
processing of adjustments for allowances, discounts and returns of goods. Involves
matching PO to RR and Vendor Invoices.
Disbursements Processing of payment to vendors. Responsible for authorizing EFTs, preparing and
signing cheques. Documents should be marked ‘PAID’, ‘CANCELLED’.
Accounts Payable The AP department records of all vendor invoices, cash disbursements and adjustments
in individual vendor accounts.
General Ledger The Accounting department that does proper accumulation. classification and
summarization of purchases, cash disbursements and payables in the General Ledger.

Segregation of Duties

Segregation of Duties Possible Errors/Fraud from Conflicts of Duties

Purchasing // Fictitious or unauthorized purchases can be made. Resulting in theft of goods and
Requisitioning // possibly payment for unauthorized purchases.
Receiving
Invoice Processing // Purchase transactions can be processed at the wrong price or on incorrect terms, or a
Accounts Payable cash disbursement can be processed for goods/services not received. Resulting in
overpayment for goods/services or the theft of cash.
Disbursement // Unauthorized payments supported by fictitious documents can be issued, and
Accounts Payable unauthorized transactions can be recorded, resulting in theft of the entity’s cash.
Accounts Payable // Possible concealment of misappropriation (defalcation) that would normally be
General Ledger detected by reconciling subsidiary records with the general ledger control account.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 64 © 2015-2017 | SAMUEL WYSTAN

 TESTS OF CONTROLS FOR PURCHASE TRANSACTIONS

Assertion Possible Control Activities Test of Controls

Misstatement
Occurrence Purchase Segregation of duties between Observation and evaluation of proper
recorded but Requisitioning and Purchasing segregation of duties.
Assets/ goods/services functions from the Accounts
Expenses not Payable and Disbursement
Overstated ordered/received. functions.
Purchases will not be recorded Test a sample of vouchers for the
without approved PO and RR. presence of an authorized PO and RR.
Accounting for numerical Review and testing of entity procedures
sequences of RRs and vouchers. (control activities) for accounting for
numerical sequence of RRs and vouchers
Completeness Purchases made Accounting for numerical Review entity’s procedures for
but not recorded. sequence of POs, RRs and accounting for numerical sequence of
Assets/ vouchers. POs, RRs and vouchers.
Expenses / AP RRs matched to vendor invoices Trace a sample of RRs to their respective
Understated. and entered in the purchases vendor invoices and vouchers.
journal. Trace a sample of vouchers to the
Tests of Controls for Purchase Transactions

purchases journal.
Accuracy Vendor Invoice Mathematical accuracy of vendor Recompute the mathematical accuracy
improperly priced invoice verified. of vendor invoice.
or incorrectly PO agreed to RR and Vendor Agree the information on a sample of
calculated. Invoice for product, quantity and voucher packets for product, quantity
price. and price.
Purchase Vouchers reconciled to daily Examine reconciliation of vouchers to
transactions not Accounts Payable listing (or daily daily accounts payable report (or
posted to the postings to purchases journal) reconciliation of entries in purchases
purchase journal, and then reconciled with postings journal with entries to Accounts Payable
the Accounts to Accounts Payable Subsidiary Subsidiary Records)
Payable Records.
Subsidiary Voucher register or Accounts Review reconciliation of Subsidiary
Records or the Payable Subsidiary Records Records to General Ledger control
General Ledger reconciled to General Ledger account.
control account.
Cut-off Purchases All RRs forwarded to the Compare the dates on RRs with the
transactions Accounts Payable department dates on the relevant vouchers.
recorded in the daily.
wrong period. Existence of procedures that Compare the dates on vouchers with the
require recording the purchases dates they were recorded in the
as soon as possible after purchases journal.
goods/services are received.
Classification Purchase Chart of accounts. Review purchases journal and General
transaction not Ledger for reasonableness.
properly Independent approval and review Examine a sample of vouchers for proper
classified. of accounts charged for classification.
acquisitions.
Authorization Purchase of Approval of acquisitions Review entity’s monetary limits
goods/services consistent with the entity’s authorization for acquisitions.
not authorized. authorization monetary limits.
Approved purchase requisition Examine purchase requisitions or POs for
and PO. proper approval.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 65 © 2015-2017 | SAMUEL WYSTAN

 TESTS OF CONTROLS FOR CASH DISBURSEMENT TRANSACTIONS

Assertion Possible Control Activities Test of Controls

Misstatement
Occurrence Cash Segregation of duties Observation and evaluation of proper
disbursement segregation of duties.
recorded but not Vendor statements Review entity's procedures for
made. independently reviewed and reconciling vendor statements.
(e.g. cheque lost reconciled to Accounts Payable
or stolen before records.
mailed) Bank reconciliations prepared Review bank reconciliations for
and reviewed regularly. indication of independent review.
Completeness Cash Same as above. Same as above.
disbursement Management reviews listing of Examine and test indication of
made but not cash disbursements prior to management reviews listing of cash
recorded. release. disbursements.
Daily cash disbursements Review entity’s procedures for
reconciled to postings to reconciling daily cash disbursements
Accounts Payable Subsidiary with postings to Accounts Payable
Records. Subsidiary Records.
Accuracy Cash Daily cash disbursements report Review reconciliation.
disbursement reconciled to EFTs and cheques
recorded at issued.
incorrect amount. Vendor statements reconciled to Review reconciliation.
Accounts Payable records and
independently reviewed.
Cash Cash disbursements report Review and testing of reconciliation.
disbursements reconciled with postings to cash
not properly disbursements journal and
posted to cash Accounts Payable Subsidiary
disbursements Records.
journal, Accounts Monthly cash disbursements Review of posting from cash
Payable journal agreed to general ledger disbursements to the general ledger.
Subsidiary posting.
Records or to the Accounts Payable Subsidiary Examination of reconciliation of
General Ledger. Records reconciled to General Accounts Payable Subsidiary Records to
Ledger control account. General Ledger control account.
Cut-off Cash Reconciliation of EFTs and Review reconciliations.
disbursement Cheques issued with postings to
recorded in the the cash disbursements journal
wrong period. and Accounts Payable Subsidiary
Records.

Authorization Cash Segregation of duties. Evaluate segregation of duties.

disbursement not EFTs and cheques prepared only Examine indication of approval on
authorized. after all source documents have voucher packet.
been independently approved.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 66 © 2015-2017 | SAMUEL WYSTAN

 AUDITING PURCHASES-RELATED ACCOUNTS
Substantive Analytical Procedures for
Auditing Purchases-Related Accounts
(1) SUBSTANTIVE ANALYTICAL PROCEDURES
Accounts Payable and Accrued Expenses
Substantive Analytical Procedures Possible Detections
Compare Accounts Payable Turnover/ Days outstanding to previous years’ / industry data. Understatement /
Compare current year balances in Accounts Payable and Accruals with prior years’ Overstatement of
balances. Liabilities and
Compare amounts owed to individual vendors in the current year’s Accounts Payable Expenses.
listing to amounts owed in prior years.
Compare purchase returns and allowances as a percentage of revenue or cost of sales to Understatement/
prior years’ and industry data. Overstatement of
Purchase Returns

(2) TEST OF DETAILS

Assertions about Substantive Tests of Transactions
Classes of (Can also be Test of Controls or Dual-Purpose Test)
Transactions
Occurrence Test a sample of vouchers for the presence of an authorized PO and RR.
Completeness Trace a sample of vouchers to the purchases journal.
Authorization Test a sample of purchase requisitions for proper authorization.
Accuracy Recompute the mathematical accuracy of a sample of vendors’ invoices.
Cut-off Compare dates on a sample of vouchers with the dates transactions were recorded in the
purchases journal.
Test transactions around year-end to determine if they are recorded in the proper period.
Classification Verify classification of charges for a sample of purchase transactions.
Assertions about Test of Details of Account Balances
Tests of Details for Auditing Purchases-Related Accounts

Account Balances
Existence Vouch selected amounts from the Accounts Payable listing and schedules for accruals to
voucher packets or other supporting documentation.
Obtain selected vendors’ statements and reconcile to vendor accounts.
Confirmation of selected Accounts Payable.
Rights and Review voucher packets for presence of purchase requisition, PO, RR and Vendor Invoice.
Obligations
Completeness Obtain listing of Accounts Payable and agree total to General Ledger.
Search for unrecorded liabilities by inquiring of management and examining post-balance
sheet transactions / vouch large monetary items for a limited time after year-end
Obtain selected vendors’ statements and reconcile to vendor accounts.
Confirm selected Accounts Payable.
Valuation and Obtain listing of Accounts Payable and account analysis schedules for accruals; foot listing
Allocation and schedules and agree totals to General Ledger.
Trace selected items from the Accounts Payable listing to the subsidiary records and
voucher packets.
Review results of confirmations of selected accounts payable. Obtain selected vendors’
statements and reconcile to vendor accounts.
Assertions about Test of Details of Disclosures
Presentation &
Disclosure
Occurrence, and Inquire about Accounts Payable and accrued expenses to ensure that they are properly
Rights and disclosed.
Obligations
Completeness Complete financial reporting checklist to ensure that all financial statement disclosures
related to accounts payable and accrued expenses have been disclosed.
Classification, and Review listing of Accounts Payable for material debits, long-term payables and non-trade
Understandability payables.
Determine whether such items require separate disclosure on the balance sheet.
Read notes to ensure that required disclosures are understandable.
Accuracy and Read notes and other information to ensure that the information is accurate and properly
Valuation presented at the appropriate amounts.
EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 67 © 2015-2017 | SAMUEL WYSTAN
 5.3 AUDITING THE INVENTORY MANAGEMENT PROCESS

Overview of the Inventory Management Process

Types of Documents and Records in the Inventory Management Process

Document Description
/Records
Production Prepared periodically based on the expected demand for the entity’s products. Based on the current
Overview of the Inventory Management Process

Schedule backlog of orders or o sales forecasts from the sales and marketing department. Many organizations
use material requirements planning or just-in-time inventory programs to assist with planning. Gives
Auditor information on the planned level of operating activity.
Receiving Document that records the receipt of goods form vendors. Copy of the document accompanies the
Report goods to the inventory department and is used to update the entity’s perpetual inventory records.
Materials Normally used by manufacturing companies to track materials during the production process.
Requisition Normally prepared by department personnel as needed for production purposes, such as the
authorization for release of raw materials from the raw materials department.
Inventory Contains all the important information related to the entity’s inventory, including the perpetual
Master File inventory records. Contain standard costs used to value the inventory at different production stages.
Production Production information about the transfer of goods and related cost accumulation at each stage of
Data Info production. Updates the entity’s perpetual inventory system. Also used as input to generate the cost
accumulation and variance reports produced by the inventory system.
Cost Summarizes the various costs charged to departments and products. Presents the results of inventory
Accumulation processing in terms of actual costs vs standard/budgeted costs. Cost Accounting and Manufacturing
& Variance
departments reviews these reports for appropriate charges.
Report
Inv. Status Shows the types and amounts of products on hand. Essentially the summary of the perpetual
Report inventory records. Also used to determine the status of goods-in-process. Assessed from e.g. SAP.
Shipping A copy of this document is used to remove goods from the entity’s perpetual inventory records.
Order Inventory master file is updated when a RR (buy) is processed or when Shipping Order (sell) generated

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 68 © 2015-2017 | SAMUEL WYSTAN

 The Major Functions of the Inventory Management Process

Functions Description
Inventory Management Authorization of production activity and maintenance of inventory at appropriate levels.
Issuance of purchase requisitions to the purchasing department.
Raw Materials Stores Custody of raw materials and issuance of raw materials to manufacturing department.
Manufacturing Production of goods.
Finished Goods Stores Custody of finished goods and issuance of goods to the shipping department.
Cost Accounting Maintenance of the costs of manufacturing and inventory in cost records.
General Ledger Proper accumulation, classification and summarization of inventory and related costs in
the General Ledger.

Segregation of Duties

Segregation of Duties Possible Errors/Fraud from Conflicts of Duties

Inventory Management Production and Inventory costs can be manipulated, leading to an overstatement /
// Cost Accounting understatement of inventory and profit for the year.
Inventory Stores Unauthorized shipments can be made or theft of goods can be covered up.
// Cost Accounting
Cost Accounting Possible to conceal unauthorized shipments, resulting in theft of goods, leading to
// General Ledger overstatement of inventory.
Supervisor of Physical Possible that inventory shortages can be covered up through the adjustment of the
Inventory // Inventory inventory records to the physical inventory, resulting in an overstatement of inventory.
Management // Stores

TESTS OF CONTROLS FOR INVENTORY TRANSACTIONS

Assertion Possible Control Activities Test of Controls

Misstatement
Occurrence Fictitious Segregation of duties of Observation and evaluation of proper
Inventory Inventory Management and segregation of duties.
Inventory Stores Functions from
departments responsible for
Inventory and Cost Accounting
Tests of Controls for Inventory Transactions

records.
Inventory transferred to Review and test procedures for the
inventory department using an transfer of inventory.
approved, pre-numbered RR.
Inventory transferred to Review and test procedures for issuing
manufacturing department using materials to manufacturing
prenumbered materials departments.
requisitions.
Accounting for numerical Review and test entity procedures for
sequence of materials accounting for numerical sequence of
requisitions. materials requisitions.
Inventory Physical safeguards over Observe the physical safeguards over
recorded but not inventory. inventory.
on hand due to
theft.
Completeness Inventory Accounting for numerical Review entity’s procedures for
received but not sequence of POs, RRs and accounting for numerical sequence of
recorded. vouchers. POs, RRs and vouchers.
RRs matched to vendor invoices Trace a sample of RRs to their respective
and entered in the purchases vendor invoices and vouchers.
journal. Trace a sample of vouchers to the
purchases journal.
Consigned goods Procedures to include goods out Review and test entity’s procedures for
not properly on consignment and exclude consignment goods. Contractual
accounted for. goods held on consignment. documents etc.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 69 © 2015-2017 | SAMUEL WYSTAN

 TESTS OF CONTROLS FOR INVENTORY TRANSACTIONS (CONT’D)

Assertion Possible Control Activities Test of Controls

(continued) Misstatement
Accuracy Inventory Periodic or annual comparison of Review and test procedures for taking
quantities goods on hand with amounts physical inventory.
recorded shown in perpetual inventory
incorrectly. records.
Inventory and Standard costs that are reviewed Review and test procedures used to
Cost of Goods by management. develop standard costs.
sold not properly Management periodically reviews Review and test cost accumulation and
costed. cost accumulation and variance variance report.
reports.
Inventory Inventory Management Review and test procedures for
obsolescence personnel review inventory for identifying obsolete, slow-moving or
obsolete, slow-moving or excess excess quantities.
Tests of Controls for Inventory Transactions

quantities.
Inventory Perpetual inventory records Review the reconciliation of perpetual
transactions not reconciled to General Ledger inventory to General Ledger control
posted correctly control account monthly. account.
to the perpetual
inventory records
or the General
Ledger.
Cut-off Inventory All RR processed daily by the IT Review and test procedures for
transactions are department to record the receipt processing inventory included on RRs
recorded in the of inventory. into perpetual records.
wrong period. All shipping documents Review and test procedures for
processed daily to record the removing inventory from perpetual
shipment of finished goods. records based on shipment of goods.
Classification Inventory Materials requisitions and Review the procedures an forms used to
transactions not production data forms are used classify inventory.
properly classified to process goods through
among raw manufacturing.
materials, work-
in-process and
finished goods.
Authorization Unauthorized Preparation and review of Review authorized production
production authorized purchase or schedules.
activity, resulting production schedules.
in excess levels of
inventory
Inventory Use of materials requirements Review and test procedures for
Obsolescence planning and/or just-in-time developing inventory levels and
inventory systems. procedures used to control them.
Review of inventory levels by
design department.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 70 © 2015-2017 | SAMUEL WYSTAN

 AUDITING INVENTORY-RELATED ACCOUNTS
Substantive Analytical Procedures for
Auditing Inventory-Related Accounts
(1) SUBSTANTIVE ANALYTICAL PROCEDURES
Substantive Analytical Procedures Possible Detections
Compare raw material, finished goods and total inventory turnover to previous Obsolete, slow-moving or
years’ and industry averages. excess inventory.
Compare days outstanding in inventory to previous years’ and industry average.
Compare Gross Profit % by product line with previous years’ and industry data. Unrecorded or fictitious
inventory.
Compare actual cost of goods sold to budgeted amounts. Overstated / Understated
Compare current-year standard costs with prior years’ after considering current Inventory
conditions.
Compare actual manufacturing overhead costs with budgeted/standard costs Inclusion or exclusion of
(materials, labor, overheads) overhead costs.

(2) TEST OF DETAILS

Assertions about Substantive Tests of Transactions
Classes of
Transactions
Occurrence Vouch a sample of inventory additions (i.e. purchases) to RRs and purchase requisitions.
Completeness Trace a sample of RRs to the inventory records (i.e. master file, status report)
Authorization Test a sample of shipments to ensure there is an approved shipping ticket/ customer sales.
Accuracy Recompute the mathematical accuracy of a sample of inventory transactions (i.e. price x
quantity)
Audit standard costs or other methods used to price inventory.
Trace costs used to price goods in the inventory compilation to standard costs or vendors’
invoices.
Cut-off Trace a sample of time cards before/after period end to the appropriate weekly inventory
Tests of Details for Auditing Inventory-Related Accounts

report, and trace the weekly inventory report to the General Ledger to verify inventory
transactions are recorded in the proper period.
Classification Examine a sample of inventory checks for proper classification into expense accounts.
Assertions about Test of Details of Account Balances
Account Balances
Existence Observe count of physical inventory.
Confirm inventory held at other locations.
Rights and Verify that inventory held on consignment for others is not included in inventory.
Obligations Verify that ‘bill-and-hold’ goods are not included in inventory.
Completeness Trace test counts and tag control information to the inventory compilation.
Valuation and Undertake tests of inventory pricing (unit cost test)
Allocation o FIFO Method: Costs for purchased inventory should be traced to appropriate vendor’s
invoices consistent with the accounting method being used. Inventory on hand should
be priced using the most recent vendor’s invoices.
o Weighted Average Method: Inventory unit cost is weighted for each purchase.
Check subsequent sales prices and compare with cost (lower of cost / NRV test)
Obtain a copy of the inventory compilation and agree totals to general ledger.
Trace test counts and tag control information to the inventory compilation.
Test mathematical accuracy of extensions and foot the inventory compilation.
Inquire of management concerning obsolete, slow-moving or excess inventory.
Review book-to-physical adjustment for possible misstatements.
Assertions about Test of Details of Disclosures
P&D
Occurrence, and Inquire of management and review any loan agreements and Board Minutes for any
Rights and indication that inventory has been pledged or assigned.
Obligations Inquire of management about issues related to warranty obligations.
Completeness Complete financial reporting checklist to ensure that all financial statement disclosures
related to inventory are made.
Classification, and Review inventory compilation for proper classification among raw materials
Understandability
Accuracy and Read notes and other information to ensure that the information is accurate and properly
Valuation presented at the appropriate amounts.
EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 71 © 2015-2017 | SAMUEL WYSTAN
 5.4 AUDITING THE HUMAN RESOURCE MANAGEMENT PROCESS

Overview of the Human Resource Management Process

Overview of the Human Resource Management Process

Overview of the Human Resource Management Process

Two Types of Transactions are typically processed:

1. Payments to employees for services rendered.

2. Accrual and payment of payroll-related liabilities arising from employees’ services such as liabilities for payroll
taxes and social security.

Financial Statement Accounts Affected

Type of Account Affected

Transaction
Payroll Cash
Transactions Inventory
Direct/Indirect Labor Expense Accounts
Various Payroll-related Liability and Expense Accounts
Accrued Payroll Cash
Liability Various Accruals (such as payroll taxes and pension costs)
Transactions

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 72 © 2015-2017 | SAMUEL WYSTAN

 Types of Documents and Records in the Human Resource Process

Documents and Records

Personnel Records, including wage-rate and salary authorizations
Deduction authorization forms (authorize the withholding of payroll tax / healthcare etc.)
Time card/ Time sheet
Direct deposit records / payroll cheque
Payroll register
Payroll master file
Overview of the Human Resource Management Process

Payroll master file changes report

Periodic payroll reports
Various tax reports

The Major Functions of the Human Resource Management Process

Functions Description
Human Resources Authorization of hiring, firing, wage-rate, salaries, adjustments and payroll deductions.
Supervision Review and approval of employees’ attendance. Monitoring of employee scheduling,
productivity and payroll cost variances.
Timekeeping Processing of employees’ attendance and time information and coding of account
distribution.
Payroll Processing Computation of gross pay, deductions and net pay; recording and summarization of
payments and verification of account distribution.
Disbursement Payment of employees’ compensation and benefits.
General Ledger Proper accumulation, classification and summarization of payroll in the General Ledger.

Segregation of Duties

Segregation of Duties Possible Errors/Fraud from Conflicts of Duties

Supervision // Personnel Records, Fictitious employees can appear on the payroll records or unauthorized
Payroll Processing payments can be made.
Disbursement // Personnel Records, Unauthorized disbursements can be made.
Supervision and Payroll Processing
Payroll Processing // General Ledger Individual can conceal any misappropriation (defalcation) that would
normally be detected by independent review of accounting entries.

TESTS OF CONTROLS FOR HR PAYROLL TRANSACTIONS

Assertion Possible Control Activities Test of Controls

Tests of Controls for HR Payroll Transactions

Misstatement
Occurrence Payments made Segregation of duties Observation and evaluation of proper
to fictitious segregation of duties.
employees Adequate personnel files Review and test personnel files
Initiation of changes in Review and test entity’s procedures for
Payments made employment status, wages or changing employee’s records;
to terminated salaries, and benefits made by
employees operating departments reported
to the office of human resources.
Payments made Time clocks used to record time Observe employees’ use of time clocks.
to valid Time sheets approved by Inspect time sheets presented for
employees who supervisors. approval by supervisor.
have not worked Only employees with valid Review and test entity’s procedures for
employee numbers are paid. entering and removing employee
numbers from the payroll master file.
Use of payroll budgets with Review entity’s budgeting procedures.
review by department
supervisors.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 73 © 2015-2017 | SAMUEL WYSTAN

 TESTS OF CONTROLS FOR HR PAYROLL TRANSACTIONS (CONT’D)

Assertion Possible Control Activities Test of Controls

Misstatement
Completeness Employee Pre-numbered time sheet Check numerical sequence of time
services provided accounted for by client sheets.
but not recorded. personnel.
Verification that all employees in Review and test entity’s verification
the master payroll file submitted procedures.
a time sheet for the pay period.
Accuracy Employee Verification of payroll amounts Review and test entity’s verification
compensation and benefit calculations. procedures.
and payroll Review of payroll register for If IT-prepared, use CAATs to test
deductions are unusual amounts. computer program logic of calculating
computed amounts.
incorrectly. Use of payroll budgets with Review entity’s budgeting procedures.
review by department
supervisors.
Payroll Changes to master payroll file Test reconciliation of ‘before and after’
transactions not verified through ‘before and reports to payroll master file.
Tests of Controls for HR Payroll Transactions

posted correctly after’ reports.

to the payroll
journal.
Cut-off Payroll Notices of additions, terminations Review and test entity’s procedures for
transactions are and changes to salaries, wages changes to master payroll file.
recorded in the and deductions reported
wrong period. promptly to the payroll
processing function, after which
the changes are updated
promptly on the master payroll
file.
All time sheets forwarded to the Review and test procedures for
payroll department weekly. processing time sheets.
Procedures that require Review and test procedures for
recording payroll liabilities as recording payroll liabilities.
soon as possible after they are
incurred.
Classification Payroll Chart of accounts Review chart of accounts
transactions not Independent approval and review Review and test procedures for
properly classified of accounts charged for payroll. classifying payroll costs.
Use of payroll budgets with Review entity’s budgeting procedures.
review by department
supervisors.
Authorization Unauthorized Authorization procedures in place Review and test authorization
payments made for: procedures for each point of
to employees. Hiring / Terminating authorization in the payroll cycle.
Time worked
Payments made Wage, salary, commission
to employees at a Withholdings
rate in excess of Benefits
authorized Payroll payments
amount or for
unauthorized
employee
benefits.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 74 © 2015-2017 | SAMUEL WYSTAN

Auditing HR Payroll-Related Accounts AUDITING HR PAYROLL-RELATED ACCOUNTS
Substantive Analytical Procedures for

(1) SUBSTANTIVE ANALYTICAL PROCEDURES

Payroll Expense Accounts
Substantive Analytical Procedures Possible Detections
Compare current-year balances in the various payroll expense accounts with prior Overstatement /
years’ balances after adjustment for pay changes and number of employees. Understatement of
Compare payroll costs as a percentage of sales with prior years’ and industry data. Payroll Expense.
Compare labor utilization rates and statistics with industry data.
Compare budgeted payroll expenses with actual payroll expenses.
Estimate sales commissions by applying formulas to recorded sales totals. “ of Sales Commissions.
Payroll-Related Accrual Accounts
Compare current-year balances in payroll-related accrual accounts with prior years’ Overstatement /
balances after adjusting for changes in conditions. Understatement of
Test reasonableness of accrual balances. Accrued Liabilities.
(2) TEST OF DETAILS
Assertions about Substantive Tests of Transactions
Classes of
Transactions
Occurrence Vouch a sample of payroll direct deposits to the mater employee list to verify validity.
Completeness Trace a sample of time sheets to the payroll register.
Authorization Test a sample of payroll direct deposits for the presence of an authorized time sheet.
Accuracy Recompute the mathematical accuracy of a sample of direct deposits: CAATs may be used
to test the logic of the computer programs for proper calculation of gross pay, deductions
and net pay.
Cut-off Trace a sample of time sheets before/after period end to the appropriate weekly payroll
Tests of Details for Auditing HR Payroll-Related Accounts

report, and trace the weekly payroll report to the General Ledger to verify proper period.
Classification Examine a sample of payroll direct deposits for proper classification into expense accounts
Assertions about Test of Details of Account Balances
Account Balances
Existence Vouch selected amounts from the account analysis schedules for the accruals to
supporting documentation (payroll tax returns, corporate benefits policies etc.)
Rights and Review supporting documentation to determine that the entity is legally obligated to pay
Obligations the liability.
Test a sample of bank reconciliations for the payroll bank account.
Completeness Search for unrecorded liabilities.
Use CAATs to foot weekly payroll reports and reconcile the total to the General Ledger
(payroll expense and related accruals)
Valuation and Obtain an account analysis schedule for accrued payroll liabilities; foot schedules and
Allocation agree total to General Ledger.
Compare the amounts accrued to supporting documentation, such as payroll tax returns.
Assertions about Test of Details of Disclosures
P&D
Occurrence, and Inquire about accruals to ensure that they are properly disclosed.
Rights and
Obligations
Completeness Complete financial reporting checklist to ensure that al financial statement disclosures
related to payroll expenses and related accruals have been made.
Classification, and Review accrued payroll liabilities for proper classification between short-term and long-
Understandability term liabilities.
Read notes to ensure that the required disclosures are understandable.
Accuracy and Review benefit contracts for proper disclosure of pension and post-retirement benefits.
Valuation Read notes and other information to ensure that the information is accurate and properly
presented at the appropriate amounts.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 75 © 2015-2017 | SAMUEL WYSTAN

 5.5 AUDITING THE PROPERTY, PLANT, EQUIPMENT (PPE) MANAGEMENT PROCESS

Overview of the PPE Management Process

Overview of the PPE Management Process

Management Process
Overview of the PPE

Four Types of Transactions are typically processed

1. Acquisition of capital assets for cash (or non-monetary) considerations.

2. Disposal of capital assets through sale, exchange, retirement or abandonment.
3. Depreciation of capital assets over their useful economic life.
4. Leasing of capital assets.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 76 © 2015-2017 | SAMUEL WYSTAN

Overview of the PPE Management

Segregation of Duties Possible Errors/Fraud from Conflicts of Duties

Initiating Capital Asset Acquisition Fictitious or unauthorized purchases of assets can occur. Result in
// Final Approval purchases of unnecessary assets, assets that do not meet quality control
standards, or illegal payments to suppliers or contractors.
Process

PPE Records // General Ledger Ability to conceal any misappropriation (defalcation) that would normally
be detected by reconciling subsidiary records with the General Ledger.
PPE Records PPE can be stolen and theft can be concealed by adjustment of the
// Custodial or Safeguarding accounting records.
Person doing periodic physical PPE can be stolen and theft can be concealed.
inventory check // independent of
Custodial and Record Keeping

AUDITING PPE-RELATED ACCOUNTS

Substantive Analytical Procedures for

(1) SUBSTANTIVE ANALYTICAL PROCEDURES

Auditing PPE-Related Accounts

Substantive Analytical Procedures Possible Detections

Compare prior-period balances in PPE and Depreciation If ratio of Depreciation Expense to the related PPE is
Expense with current-period balances, taking into account less than prior years’ and few assets have been
any changes in conditions or asset composition. disposed of, the Auditor might be concerned that
Compute the ratio of Depreciation Expense to the related Depreciation has not been taken on some assets
PPE accounts and compare to prior years’ ratios. included in the account.
Compute the ratio of Repairs and Maintenance Expense /
Insurance Expense to the related PPE and compare to prior
years’ ratios.
Review Capital Budgets and compare the amounts spent
with amounts budgeted.
(2) TEST OF DETAILS
Assertions about Substantive Tests of Transactions
Classes of
Transactions
Occurrence Vouch significant additions/disposals to vendor invoices or other supporting documents.
Review lease agreements to ensure that lease transactions are accounted for properly.
Completeness Trace a sample of purchase requisitions to loading dock reports and to PPE records in the
transaction/master file.
Tests of Details for Auditing PPE -Related Accounts

Authorization Vouch a sample of PPE additions to documentation indicating proper authorization.

Accuracy For assets written off, test the amounts charged against income and accumulated dep.
Cut-off Examine the purchases and sale of capital assets for a few days before/after year-end.
Classification Vouch transactions included in repairs and maintenance for items that should capitalize.
Review lease transactions for proper classification between operating/capital leases.
Assertions about Test of Details of Account Balances
Account Balances
Existence Verify the existence of major additions by physically inspecting the capital asset.
Rights & Obligations Examine or confirm deeds or title documents for proof of ownership.
Completeness Obtain a lead schedule of PPE; foot schedule and agree totals to the General Ledger.
Obtain detailed schedules for additions and disposals of PPE; foot schedule; agree
amounts to totals shown on lead schedule.
Physically examine a sample of capital assets and trace them to the PPE Subsidiary Ledger.
Valuation and Evaluate fixed assets for significant write-offs or impairments by performing procedures:
Allocation o Identify the events/ change in circumstances indicating that the carrying value of the
asset may not be recoverable.
o Verify impairment loss by determining recoverable amount and comparing it to the
carrying value.
o Examine client documentation supporting impairment of write-off.
Test depreciation calculations for a sample of capital assets.

Completeness of Disclosure Items for PPE: Classes of capital assets and valuation bases, Depreciation methods and
useful lives for financial reporting / tax purposes, Non-Operating assets, Construction / Purchase commitments, Liens
and mortgages, Acquisition or disposal of major operating facilities, Capitalized and other lease arrangements.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 77 © 2015-2017 | SAMUEL WYSTAN

 5.6 AUDITING INVESTMENTS

Segregation of Duties
Segregation of Duties Possible Errors/Fraud from Conflicts of Duties
Investments

Initiation // Final Approval Fictitious transactions can be made or securities can be stolen.
Valuation-Monitoring // Acquisition Securities values can be improperly recorded or not reported to Mgmt.
Maintaining Securities Ledger Ability to conceal any defalcation that would normally be detected by
// General Ledger reconciliation of Subsidiary Records with General Ledger control accounts.
Custody of Securities // Accounting Theft of securities can be concealed

AUDITING INVESTMENTS-RELATED ACCOUNTS

(1) SUBSTANTIVE ANALYTICAL PROCEDURES
Substantive Analytical

Substantive Analytical Procedures Possible Detections

Comparison of the balances in the current year’s investment accounts with
Procedures

prior years’ balances after the consideration of the effects of current-year

operating/financing activities on cash and investments
Comparison of current-year interest and dividend income with the reported
income for prior years and with the expected return on investments.
Recomputation of current-year interest income using the face amount of
securities held, interest rate and time period held.

(2) TEST OF DETAILS

Assertions about Test of Details of Account Balances
Account Balances
Existence Inspect securities if maintained by client or obtain confirmation from independent
custodian.
Rights & Obligations Examine brokers’ advice for a sample of securities purchased during the year.
Completeness Search for purchases of securities by examining transactions for a few days after year-end.
Confirm securities held by independent custodian.
Tests of Details for Auditing Investments -Related Accounts

Review and test securities information to determine if all interest and dividend income has
been recorded.
Valuation and Review brokers’ invoices for cost basis of securities purchased.
Allocation Determine basis for valuing investments by tracing values to published quotations for
marketable securities.
Determine whether there has been any permanent impairment in the value of the cost
basis of an individual security.
Examine sales of securities to ensure proper recognition of realized gains/losses.
Obtain a listing of investments by category (HTM,HFT,AFS); foot listing and agree totals to
securities register and general ledger.
Inquire how management considers the nature of the asset/liability being valued and
why/how they selected a particular valuation method/model.
Inquire the extent to which the entity’s process relies on a Third-Party Expert to provide
fair value measurements and inspect the associated documents.
Assertions about Test of Details of Disclosures
P&D
Occurrence and Determine whether any securities have been pledged as collateral by (1) inquiring with
Rights & management and (2) reviewing BoD Minutes, loan agreements and other documents.
Obligations
Completeness Determine that all disclosures required by IFRS7 has been made for Investments (both
debt and equity securities)
Complete financial reporting checklist to ensure all financial statement disclosures related
to investments are made.
Classification and Review and inquire of management regarding proper classification of investments.
Understandability Read notes to ensure that required disclosures are understandable.
Accuracy and Read notes and other information to ensure that the information is accurate and properly
Valuation presented at the appropriate amounts.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 78 © 2015-2017 | SAMUEL WYSTAN

 5.7 AUDITING INTANGIBLE ASSETS / GOODWILL

Overview of Intangible Assets

Intangible Assets (IAs) are assets that provide economic benefit for longer than a year but lack physical substance.
Overview of Intangible Assets / Goodwill

They comprise of 5 categories:

1. Marketing – Trademark, Brand Name, Internet Domain Names etc.

2. Customer – Customer Lists, Order Backlogs, Customer Relationships etc.
3. Artistic – Items protected by Copyright etc.
4. Contract – Licences, Franchises, Broadcast Rights etc.
5. Technology – Patented and Unpatented Technology etc.

IAs are generally amortized over time with the exception of some (e.g. ordinarily broadcast licences and
trademarks) which are similar to Goodwill, are considered to have indefinite lives and are not amortized.
All IAs and Goodwill would be tested for impairment annually.

Goodwill

Essentially the difference between Acquisition Price of Company and the Fair Value of the Identifiable
Tangible/Intangible Assets and Liabiltieis.

TEST OF DETAILS
Assertions about Test of Details of Account Balances
Account Balances
Existence Inspect legal documentation supporting the validity of the asset.
Customer backlogs can be validated by examining customer order information or by
Tests of Details for Auditing Intangible Assets-Related Accounts

sending confirmations to customers requesting information on their order status.

Rights & Obligations Examine supporting legal and contractual documentation to verify the entity’s legal rights
to these assets.
Read the BoD Minutes and communicate with entity’s legal counsel to determine if there
is pending litigation regarding legal rights.
Completeness Determine if entity’s impairment-testing procedures includes all IAs and Goodwill. Obtain
a copy of the entity’s detail listing of IA and Goodwill, and agree with the total amount of
IA and Goodwill as reported on the balance sheet.
Examine impairment documentation to ensure that each asset is subject to the
appropriate impairment testing in accordance with FRS.
Valuation and Auditor not required to become an expert in valuation, hence, often rely on the help of an
Allocation Expert. Auditor have to evaluate the Expert’s qualifications and objectivity, determine if
the valuation model used by the Expert is appropriate and consistent with FRS and
understand/verify the reasonableness of the underlying data and assumptions.
Test the reasonableness of the useful lives used for amortizing IAs with definite lives. Look
at the competitive advantage or market outlook to determine if legal life should be
amortized over a shorter period (e.g. patented product no longer selling)
Assertions about Test of Details of Disclosures
Presentation &
Disclosure
Classification and Examine purchases / acquisition / contractual documentations and see if the IAs are
Understandability classified appropriately.
Accuracy and Read notes and other information to ensure that the information is accurate and properly
Valuation presented at the appropriate amounts.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 79 © 2015-2017 | SAMUEL WYSTAN

 5.8 AUDITING PREPAID EXPENSES
Overview of Prepaid

Overview of Prepaid Expenses

Expenses

Examples of Prepaid Expenses

Prepaid Insurance
Prepaid Rent
Prepaid Interest

AUDITING PREPAID EXPENSES

Substantive Analytical

(1) SUBSTANTIVE ANALYTICAL PROCEDURES

Substantive Analytical Procedures Possible Detections
Procedures

Comparing the current-year balance in Prepaid Insurance and Insurance Expense with the
prior years’ balances, taking into account any changes in operations.
Computing the ratio of Insurance Expense to Asset/Sales, and comparing it with the prior
years’ ratios.
Computing an estimate of the ending prepaid account balance(s) using the current
premium and the amount of time remaining on the policy at the end of the period.
(2) TEST OF DETAILS
Assertions about Test of Details of Account Balances
Account Balances
Existence Sending external confirmation to entity’s insurance brokers, requesting information on
Tests of Details for Auditing Prepaid Expenses

each policy’s number, coverage, expiration date and premiums.

Examination of the underlying supporting documents such as insurance bills and policies.
Rights & Obligations Sending external confirmation to entity’s insurance brokers or by examining the insurance
policies. If the beneficiary is someone other than the entity, this could indicate an
unrecorded liability or that another party has a claim against the insured assets.
Completeness Comparing the detailed policies in the current year’s insurance register with the policies
included in the prior year’s insurance register.
Valuation and Recomputation of the unexpired portion of insurance after considering the premium paid
Allocation and the term of the policy. By verifying the unexpired portion of prepaid insurance, the
Auditor also verifies the total amount of Insurance Expense.
Assertions about Test of Details of Disclosures
P&D
Classification and Examination of insurance policy’s coverage to understand the nature of the insurance.
Understandability (e.g. fire insurance policy on main manufacturing/admin facilities should be charged to
both the manufacturing overhead insurance expense account and also to the
general/administrative insurance expense account.
Inquire with management or insurance broker about the adequacy of the entity’s
insurance coverage.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 80 © 2015-2017 | SAMUEL WYSTAN

 5.9 AUDITING LONG-TERM DEBT
AUDITING LONG-TERM DEBT
(1) SUBSTANTIVE ANALYTICAL PROCEDURES
Substantive Analytical

Substantive Analytical Procedures Possible Detections

Estimate interest expense by multiplying the 12 monthly balances for long-term debt by the
Procedures

average monthly interest rate. The reasonableness of interest expense could then be
assessed by comparing this estimate to the interest expense amount recorded in the GL.
If the estimated amount of interest expense is materially higher than the recorded
amount, the Auditor might conclude that the entity has failed to record a portion of
interest expense.
If the recorded amount of interest expense is materially higher than the estimated
amount, the entity may have failed to record debt.
(2) TEST OF DETAILS
Assertions about Substantive Tests of Transactions
Classes of
Transactions
Occurrence Examine copies of new note or bond agreements.
Examine BoD Minutes for approval of new lending agreements.
Completeness Trace large cash receipts and payments to source documents and General Ledger.
Review interest expense for payments to debt holders not listed on the debt analysis
schedule.
Review notes paid or renewed after the balance sheet date to determine if there are
unrecorded liabilities at year-end.
Evaluate lease contracts to determine if leases are properly accounted for as an
operating/capital lease (i.e. if a lease should be a capital lease, it would likely require
Tests of Details for Auditing Long-Term Debt

recognition of long-term debt)

Authorization Examine BoD Minutes for evidence of proper authorization of notes or bonds.
Accuracy Test a sample of receipts and payments.
Cut-off Review debt activity for a few days before/after year-end to determine if the transactions
are included in the proper period.
Classification Examine the due dates on notes or bonds for proper classification between current and
long-term debt.
Assertions about Test of Details of Account Balances
Account Balances
Existence Confirm notes or bonds directly with Creditors (i.e. banks, insurance companies, trustees
representing Creditors)
Rights & Obligations Examine copies of note and bond agreements.
Completeness Obtain an analysis of notes payable, bonds payable and accrued interest payable; foot
schedule and agree totals to the General Ledger.
Obtain a bank confirmation that requests specific information on notes from banks.
Confirm notes or bonds with Creditors.
Inquire of management regarding the existence of off-balance-sheet activities.
Review BoD Minutes for debt-related activity.
Valuation and Examine new debt agreements (e.g. bond indentures) to ensure they were recorded at the
Allocation proper value.
Confirm the outstanding balance for notes/bonds and the last date on which interest has
been paid.
Recompute accrued interest payable.
Verify computation of the amortization of premium or discount.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 81 © 2015-2017 | SAMUEL WYSTAN

 5.10 AUDITING SHAREHOLDERS’ EQUITY

Overview of Shareholders’ Equity

Three Major Types of Transactions

Overview of Shareholders’ Equity

1. Issuance of Stock (i.e. sale of stock for cash, exchange of stock for assets/services/convertible debt, issuance of
stock for stock splits)
2. Repurchase of Stock (i.e. re-acquisition of stock ‘treasury stock’ and the retirement of stock)
3. Payment of Dividends (i.e. payment of cash dividends or issuance of stock dividends)

Segregation of Duties

Segregation of Duties Possible Errors/Fraud from Conflicts of Duties

Issuing/Transferring/Cancelling Stock Certificates // Accounting
Maintaining Detailed Stockholders’ Records // Maintenance of
General Ledger control accounts
Maintaining Detailed Stockholders’ Records // Cash Receipts
and Disbursements
Payment // Recording of Dividend Payments

AUDITING SHAREHOLDERS’ EQUITY

TEST OF DETAILS
Assertions about Substantive Tests of Transactions
Classes of
Transactions
Occurrence If outside Agent is used by entity to maintain stock register and/or a stock certificate book,
Auditor confirms the total number of shares outstanding at the end of the period. Shares
listed as outstanding on the confirmation must reconcile to the General Ledger Equity
Capital Accounts.
Tests of Details for Auditing Shareholders’ Equity

Examine any cancelled stock certificates.

Completeness Tracing transactions recorded in current year to BoD Minutes.
Account for and inspect any unissued stock certificates in the stock certificate book.
Foot the shares outstanding in the stock register and/or stock certificate book and agree
them to total shares outstanding in the General Ledger Equity Capital Account.
Trace the transfers of shares between stockholders to the stock register and/or stock
certificate book.
Accuracy Trace the transfers of shares between stockholders to the stock register and/or stock
certificate book.
Cut-off Review equity activity for a few days before/after year-end to determine if the
transactions are included in the proper period.
Assertions about Test of Details of Account Balances
Account Balances
Valuation and Recompute values assigned to each transaction. (Par value for the shares issued is
Allocation assigned to the respective equity capital account, while the difference between price and
par is allocated to paid-in capital)
Trace proceeds from the sale of stock to cash receipt records.
More complex if equity capital is issued in exchange for assets/services / merger and
acquisitions, convertible securities or for a stock dividend. Auditor should evaluate if any
fair value measurements are in accordance with the applicable FRS.

Completeness of Disclosure Items for SE: Number of shares authorized, issued and outstanding for each class of stock,
Call privileges, prices and dates for preferred stock, Stock option or purchase plans, Restrictions on retained earnings
and dividends, Any completed or pending transactions (e.g. stock dividends or splits) that may affect SE.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 82 © 2015-2017 | SAMUEL WYSTAN

 5.11 AUDITING CASH

Overview of Cash
Overview of Cash

Entity Usually Have Three Major Types of Bank Accounts

1. General Cash Account: Main Cash account for most entities. Major source of Cash Receipts is the revenue
process and major sources of Cash Disbursements are purchasing and human resource process etc.
2. Imprest Cash Account: Stipulated amount of money for a specific purpose, usually transferred from the General
Cash Account when needed (I.e. accounts for disbursing payroll, payroll taxes and dividends
3. Branch Account: For companies who operate branches in multiple locations. Usually submits periodic cash
reports to HQ and receives transfer from General Cash Account.

AUDITING SHAREHOLDERS’ EQUITY

TEST OF DETAILS
Assertions about Substantive Tests of Transactions
Classes of
Transactions Cash Receipts Cash Disbursements

Occurrence Vouch a sample of entries in the cash Vouch a sample of entries from the cash
receipts journal to remittance advices, disbursements journal to voucher packet
daily deposits and bank statement. and bank statement.
Completeness Trace a sample of electronic cash receipts Trace a sample of electronic cash
transfers to the cash receipts journal. disbursements transfers to the cash
disbursements journal.
Authorization For a sample of days, examine the Reconcile a sample of electronic cash
signature on the deposit slip for proper disbursements transfers with list of
authorization. payments authorized by management.
Accuracy For sample of daily deposits, foot the For a sample of voucher packets, agree
Tests of Details for Auditing Shareholders’ Equity

remittance advices and agree to the cash amounts in PO, RR, Invoice, electronic
receipts journal and bank statement. cash disbursements transfer and
For a sample of weeks, foot the cash disbursements journal.
receipts journal and agree posting to the For a sample of weeks, foot the cash
General Ledger. disbursements journal and agree posting
to the General Ledger.
Cut-off Test a sample of cash receipts at, before Test a sample of cash disbursements at,
and after an accounting period for before and after an accounting period for
recording in appropriate period. recording in appropriate period.
Classification Examine a sample of remittance advices Examine a sample of electronic cash
for proper account classification. disbursements transfers for proper
account classification.
Assertions about Test of Details of Account Balances
Account Balances
Existence Confirm bank account balance with financial institution.
Completeness Test bank reconciliation for each account
Valuation and Foot the reconciliation
Allocation Trace balances per book to the General Ledger
Obtain bank confirmation and trace balance per bank to the bank reconciliation
Obtain cut-off bank statement (i.e. 7-10 day period after the date on which the bank
account is reconciled or B/S date. Any reconciling Cash items should have cleared)
Trace deposits in transit and other reconciling items to cut-off bank statement
If Control Risk is high / Fraud suspected
Perform extended bank reconciliation procedures
Perform a proof of cash
Test for Kiting
o The practice of writing out cheques from one bank (but not recording the
disbursements) and depositing them into another bank (and recording the receipts).
Kiting takes advantage of the time in-transit (e.g. could be days) for the second bank
to collect funds from the first bank.
o Overstatement of Cash / Theft.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 83 © 2015-2017 | SAMUEL WYSTAN

 STAGE 6: COMPLETING THE AUDIT
6.1 REVIEW FOR CONTINGENCIES

Review for Contingencies (FRS 37)

Liabilities differ in their uncertainty about timing and amount. Most liabilities are legally enforceable and arise
under contractual arrangements for amounts, borrowed, amounts owed for assets purchased or services
obtained. Other liabilities are uncertain because the possible outflow of resources from the entity will ultimately
be resolved when some future event occurs or fails to occur. These Liabilities are known as Contingencies:
o Pending or threatened litigation
o Actual or possible claims and assessments
o Income tax disputes
o Product warranties or defects
o Guarantees of obligations to others
Review for Contingencies

o Agreements to repurchase receivables that have been sold.

Probable: When the chance of the future event occurring is ‘more likely than not’ , must recognize in the Financial
Statements and be accompanied with appropriate disclosure.
Neither Probable / Remote: Contingency should be disclosed.
Remote: No need disclose.

Audit Procedures for Identifying Contingencies

1. Reading the Minutes of Meetings of TCWG (e.g. BoD and Audit Committee)
2. Reviewing Contracts, Loan Agreements, Leases, Correspondence from Government Bodies
3. Reviewing Tax Returns, Tax Liability, Tax Authorities’ Reports
4. Confirming or otherwise documenting Guarantees / Letters of Credit obtained from Lenders / Financial Institutions
5. Inspecting Other Documents for possible Guarantees or similar arrangements.
6. Inquiry of and discussion with Management about the Entity’s Policies and Procedures for Identifying, Evaluating
and Accounting for Contingencies.
7. Examining Documents in the Entity’s records such as Correspondence, Invoices from Lawyers / Pending Lawsuits
8. Obtaining a Legal Letter that describes and evaluates any litigation, claims or assessments.
9. Obtaining Written Representation from Management that all Litigation, Asserted and Unasserted Claims, and
Assessments have been disclosed in accordance with the FRS.
6.2 REVIEW FOR COMMITMENTS

Review for Commitments

Commitments
Review for

Companies often enter into long-term commitments to purchase raw materials / sell their products (e.g. Hedging
with Futures, Put/Call Options, Non-cancellable Contracts)
Accounting Standards on Derivatives and Hedging require such commitments to be disclosed in a Note to the
Financial Statements with an Adjustment to OCI for any gains/losses.
Auditor has to make sure that appropriate disclosures and accruals are made in the Financial Statements.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 86 © 2015-2017 | SAMUEL WYSTAN

 6.3 REVIEW FOR SUBSE QUENT EVENTS

Subsequent Events

FRS 10: Events after the F/S Date that occur from F/S Date till F/S Issue Date can be:

Adjusting Events: Events that provide additional evidence of conditions that existed at the F/S Date and affect the
estimates that are part of the F/S preparation process.
o Require Adjustment Adjusted Amount Recognized in F/S
o Examples:
– Uncollectable Accounts Receivable resulting from continued deterioration of a customer’s financial
condition leading to bankruptcy after F/S Date
– Sale of inventories after the F/S Date giving evidence about their NRV at the end of the reporting period
– Settlement of a lawsuit after the F/S Date for an amount different from the amount recorded in the F/S
– Determination after the F/S Date of cost of assets purchased/ proceeds from assets sold before F/S Date

Non-Adjusting Events: Events that provide evidence about conditions that did not exist at the F/S Date but arose
subsequent to that date.
o Require Disclosure of Nature and Estimated Financial Effect
o Examples:
– Purchase or disposal of a business by the entity.
– Sale of equity capital or bond issue by the entity.
Review for Subsequent Events

– Loss of the entity’s manufacturing facility due to fire / flood

– Commencing major litigation arising solely out of events that occurred after the F/S Date.

SSA 560: Subsequent Events

Events occurring between the F/S Date and Date of Auditor's Report (Formal Subsequent Events Period)
Facts that become known to the Auditor after the Date of Auditor's Report
(i.e. material misstatements and events not detected by Auditors before Date of Auditor's Report)
Date of
F/S Date Auditor's Report F/S Issue Date
31/12/15 15/2/16 5/3/16

Formal

Date of Issuing Auditor's Report

Auditing Standards state that the Auditor's Report shall be dated no earlier than the date on which the Auditor has
obtained sufficient appropriate Audit Evidence on which to base the Auditor's Opinion on the F/S including
evidence that:
(1) All the statements that comprise the F/S, including notes, have been prepared.
(2) Those with the recognized authority (i.e. BoD) have asserted that they have approved those F/S

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 87 © 2015-2017 | SAMUEL WYSTAN

 Auditor's Responsibility Regarding Subsequent Events Up To Date Of Auditor's Report

Auditor responsible to perform Audit Procedures to identify Subsequent Events that may require F/S Adjustment
or Disclosure up to the Date of Auditor's Report:
o Obtaining an understanding of any procedures management has established to ensure that subsequent
events are identified.
o Inquiring of Management and TCWG on whether any Subsequent Events have occurred which might affect
the F/S, some examples:
- Current status of any items in the F/S that were accounted for based on preliminary / inconclusive data
- Whether any new commitments, borrowings or guarantees have been entered into
- Whether any developments regarding contingencies
- Whether any events have occurred that are relevant to measurement of estimates/provisions in the F/S
- Whether any events have occurred that are relevant to the recoverability of assets.
o Reading of Minutes of Meetings held after the F/S Date and inquiring about matters discussed
o Reading the entity’s latest subsequent interim F/S
o Examining the books of original entry (such as sales journal, purchases journal, cash receipts and cash
disbursements journals, general ledger) for the Subsequent Events period and investigating any usual
transactions
Review of Subsequent Events

o Asking Legal Counsel about any litigation, claims or assessments against the entity.

Date of
F/S Date Auditor's Report F/S Issue Date
31/12/15 15/2/16 5/3/16

Auditors Responsibility Regarding Subsequent Events After Date of Auditor's Report

Auditor has no obligation to perform Audit Procedures on F/S after Date of Auditor's Report.
However, if Auditor becomes aware of a fact that would have caused Auditor to amend the Auditor's Report IF it
had been known at Date of Auditor's Report:

o After Date of Auditor's Report but before F/S Issue Date

– Require Management to Amend F/S, Extend Audit Work and Issue New Auditor's Report
– If Management does not want to Amend, Modify Audit Opinion
o After F/S Issued
– Require Management to Amend F/S, Extend Audit Work and Issue New Auditor's Report with Emphasis
of Matter Paragraph
– If Management does not want to Amend, notify TCWG and take action to prevent future reliance on
Auditor's Report (e.g. Issue Public Statement to withdraw Auditor's Report, speak at AGM to explain)
– May not need to act if issue of next period’s F/S is imminent.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 88 © 2015-2017 | SAMUEL WYSTAN

 6.4 FINAL EVALUATION OF AUDIT EVIDENCE

In addition to Review for Contingencies and Review for Subsequent Events, the Auditor conducts a number of Audit
Steps before deciding on the appropriate Auditor's Report to issue for the entity. These steps are:
STEP 1 PERFORM FINAL ANALYTICAL PROCEDURES

Objective is to help the Auditor assess the conclusions reached on the F/S elemnts and evaluate the overall F/S
presentation. Usually includes:
o Recalculating some of the ratios
o Reviewing the adequacy of the evidence gathered in response to unexpected fluctuations in the account
balances (identified in the planning statge)
o Identifying any unusual or unexpected relationships not previously considered.
o Re-examine business risks, considering critical issues and significant industry business risks and whether such
risks might impact the F/S.
o Assess the structure and profitability of the industry and how the entity fits within the industry in terms of
profitability and solvency.
STEP 2 EVALUATING ENTITY’S ABILITY TO CONTINUE AS GOING-CONCERN

Going-Concern Assumption: Entity will continue in business for the foreseeable future.
Management’s Responsibility: Assess the entity’s ability to continue as a going-concern.
Auditor's Responsibility: Obtain sufficient, appropriate evidence on appropriateness of Management’s use of
going-concern assumption. Three overall steps in evaluating:

(1) Identifying and Assessing Going-Concern Problems

Financial Conditions (e.g. Recurring Operating Losses, Current-Year Deficit, Accumulated Deficits,
Final Evaluation of Audit Evidence

Negative Net Worth, Negative Working Capital, Negative Cash Flow, Negative Income from Operations,
Inability to Meet Interest Payments etc.)
Ratios (e.g. Net Worth / Total Liabilities, Working Capital from Operations / Total Liabilities, Current
Assets / Current Liabilities , Total Long-Term Liabilities / Total Assets, Total Liabilities / Total Assets, Profit
Before Tax / Net Sales)
Operating Indicators (e.g. Loss of Key Management, Agreements, or Customers)
Other Financial Difficulties (e.g. Default on Loans, Dividends in Arrears, Restructuring of Debt, Denial of
Trade Credit by Suppliers, No additional Sources of Financing)
Other Internal Matters (e.g. Work Stoppages, Uneconomic Long-Term Commitments, Dependence on the
Success of one particular Project, Loss of Key Management)
Other External Matters (e.g. Legal Proceedings, Loss of a Major Customer or Supplier essential, Loss of a
Key Franchise, Licence or Patent)

(2) Consideration of Management’s Plans

Plans to dispose of assets, Plans to borrow money/restructure debt, Plans to reduce or delay
expenditures, Plans to increase ownership equity etc.

(3) Implications on the Auditor's Report SSA 570

If going-concern assumption is appropriate but material uncertainty exists:

o If there is Adequate Disclosure in F/S:
– Unqualified Opinion with Emphasis of Matter paragraph that draws attention
– Disclaimer of Opinion in situations involving multiple material uncertainties (rare cases)
o If there is Inadequate Disclosure in F/S:
– Qualified or Adverse Opinion

If going-concern assumption is inappropriate

– Adverse Opinion (unless F/S prepared on appropriate alternative basis like Liquidation)

In light of the new and revised Auditor Reporting Standards, the reporting on Going-Concern will also be revised.
o More explicit description of respective responsibilities of Management and Auditor in all Auditor's Reports.
o Separate Going-Concern setion required when material uncertainty exists, with a heading ‘Material
Uncertainty Related to Going-Concern’
o New requirement to challenge adequacy of Disclosures for Going-Concern ‘close calls’.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 89 © 2015-2017 | SAMUEL WYSTAN

 STEP 3 OBTAINING A WRITTEN REPRESENTATION LETTER

During the course of the Audit, Management makes a number of representations in response to Auditor's
inquiries. SSA 580 requires the Auditor to obtain a Written Representation from the Management to corroborate
Oral Representations and document the continued appropriateness of those representations.
Final Evaluation of Audit Evidence

o To reduce possibility of misunderstanding between Management and Auditor.

o To provide evidence on matters where other evidence may not exist (e.g. plans or intentions)
Should be dated same date / before the Date of Auditor's Report.
Auditor should exercise Professional Skepticism over Written Representations by critically evaluating its reliability
(e.g. Management’s Integrity and Competence) and Consistency with other corroborative evidence.

STEP 4 REVIEWING WORKING PAPERS

STEP 5 CARRYING OUT A FINAL EVALUATION OF AUDIT RESULTS

STEP 6 EVALUATING F/S PRESENTATION AND DISCLOSURE

STEP 7 OBTAINING A QUALITY CONTROL REVIEW OF THE ENGAGEMENT

STEP 8 ARCHIVING AND RETENTION

6.5 COMMUNICATIONS WITH TCWG & MANAGEMENT

SSA 260 deals with the Auditor's responsibilities to communicate with TCWG. This is to encourage a healthy, two-
way dialogue about financial reporting maters, including obtaining information from TCWG that is relevant to the
Audit and ensuring that TCWG receive adequate information on significant Audit-related issues.
Some examples of items that the Auditor communicates with TCWG include:

The Auditor's Responsibilities in Relation to the Financial Statement Audit

The Nature of the Auditor's responsibility for forming and expressing an Opinion on the F/S that have been
Communications with TCWG / Management

prepared by Management with the oversight of TCWG.

The fact that the Audit of the F/S does not relieve Management or TCWG of their responsibilities.
An Overview of the Planned Scope / Timing of the Audit

The entity’s Objectives, Strategies and Related Business Risks that may result in material misstatements.
How the Auditor proposes to address the significant risks of material misstatements, whether fraud or error.
The Auditor's approach to Internal Control relevant to the Audit.
The application of the concept of Materiality in the context of an Audit
Significant Findings From An Audit

The Auditor's views about qualitative aspects of the entity’s significant accounting practices, including
accounting policies, estimates and financial statement disclosures.
Significant difficulties encountered during the Audit, for e.g., restrictions imposed on Auditor by Management.
Significant matters arising from the Audit that were discussed, or subject to correspondence with Management.
Significant deficiencies in internal control identified.
Identified fraud or information that indicates fraud.
Significant matters in connection with the entity’s related parties.
Events/Conditions identified that may cast significant doubt on entity’s ability to continue as a going-concern.
Uncorrected misstatements.
Expected inclusion of an Emphasis of Matter paragraph or Other Matter paragraph in the Auditor's Report.
Expected modification of the Opinion in the Auditor's Report.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 90 © 2015-2017 | SAMUEL WYSTAN

 STAGE 7: EVALUATE RESULTS & ISSUE AUDIT REPORT
ELEMENTS OF A STANDARD AUDIT REPORT
Elements of a Standard Audit Report (Unmodified Opinion)

The Auditor’s Report

Seeks to reduce Expectation Gap (i.e. informing the Auditor’s Responsibilities such as reminding users that the
Auditors do not ‘express an opinion on the effectiveness of the entity’s internal control’)

Upcoming Changes

IAASB issued an Exposure Draft in July 2003.

The ED will bring about substantive changes in the approach and format of the Auditor’s report, although the core
principles of SSA705 on the types of Audit opinion will not change.
Seeks to reduce Information Gap (i.e. give more wholesome information that will benefit users.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 91 © 2015-2017 | SAMUEL WYSTAN

 TYPES OF AUDIT OPINIONS (SSA 700, 705, 706)

Types of Audit Opinion

SSA 700: Forming an Opinion and Reporting on Financial Statements

SSA 705: Modifications to the Opinion in the Independent Auditor’s Report

SSA 706: Emphasis of Matter Paragraphs and Other Matter Paragraphs in the Independent Auditor’s Report
Audit Opinion

✓Unqualified and Unmodified Opinion

Auditor concluded that the financial statements are free from material misstatements; the Auditor does not find it
necessary to modify his opinion about the fairness of the financial statements.

Conditions for Modification

Scope Limitation: Results from the Auditor’s inability to obtain sufficient appropriate evidence, such as when
management or some set of circumstances prevents the Auditor from conducting an Audit procedure that the
Auditor considers necessary.
o Client-Imposed: Client don’t want/ cannot give. (e.g. When the client requests that the Auditor does not
confirm Accounts Receivable because of concerns over customer relations etc.)
o Condition-imposed: (e.g. Documents in warzone, Fire that destroyed accounting records)

Departure from applicable Financial Reporting Framework (i.e. SFRS, Companies Act)
(e.g. Accounting policy that is not appropriate (e.g. operating/finance lease, wrong FV, never accrue certain
expenses)

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 92 © 2015-2017 | SAMUEL WYSTAN

 EMPHASIS OF MATTER / OTHER MATTER PARAGRAPHS (SSA 706)

Emphasis of Matter

o To draw user’s attention to a matter which, although appropriately presented/disclosed in the financial
statements, is of such importance that it is fundamental to user’s understanding of the financial statements.
o Included immediately after the Opinion paragraph and includes a clear reference to the matter being emphasized
and to where the relevant disclosures that fully describe the matter can be found in the financial statements.
o The Auditor should indicate that the Auditor’s opinion is not modified in respect of the matter emphasized.
o Examples of usage:
o Early application of a new accounting standard that has a pervasive effect on the financial statements in
advance of its effective date
o A major catastrophe that has had, or continues to have, a significant effect on the entity’s financial
position
o Uncertainty relating to the future outcome of exceptional litigation or regulatory action:
Emphasis of Matter

Qualified Opinion

In our opinion, except for the effects of the matter described in the Basis for Qualified Opinion paragraph,
the financial statements present fairly……

Emphasis of Matter
We draw attention to Note 17 to the Financial Statements, which describes the uncertainty related to the
outcome of the lawsuit filed against the Company by Apple Inc. Our opinion is not qualified in respect of this
matter.

o A material uncertainty that may cast significant doubts about the Company’s ability to continue as a
going-concern which has been adequately disclosed:

Emphasis of Matter
We draw attention to Note 7 in the financial statements which indicates that the Company incurred a net
loss of $100,000,000 during the year ended 31-December-2016 and, as of that date, the Company’s current
liabilities exceeded its total assets by $50,000,000. These conditions, along with other matters set forth in
Note 11, indicate the existence of a material uncertainty that may cast significant doubt on the Company’s
ability to continue as a going-concern. Our opinion is not qualified in respect of this matter.

Other Matter

The term Other Matter is used because the matter communicated is a matter other than those that are presented
or disclosed in the financial statements.
The Other Matter must relate to the understanding of the Audit, the Auditor’s responsibilities or the Auditor’s
Other Matter

Report.
Included immediately after the Opinion paragraph and any Emphasis of Matter paragraph.

Other Matter
The financial statements of Shamu Company for the year ended 31-December-2018 were audited by another
Auditor who expressed an unmodified opinion on those statements on 31-March-2019.

EPIC NOTES™ | AC3101 ASSURANCE & AUDITING 93 © 2015-2017 | SAMUEL WYSTAN