Chapter 11 (New) Chapter 16 (Old)

Case 1. a. Given identified financial control weaknesses, the auditor may elect to expand the extent of substantive testing, or search for and test compensating controls. In the present case, the following errors and irregularities may occur, given the control weaknesses in the payroll subset of the expenditure cycle: 1. Hours may be in error, inasmuch as the time cards are prepared by employees and not reviewed. This could lead to overstatement or understatement of wages expense in the income statement. This could also affect the carrying value of finished goods inventories if Quicky is a manufacturing company. The payroll could be padded inasmuch as signed checks are returned to the department supervisors for distribution. This could result in overstatements of salaries and wages expense on the income statement. It could also cause a finished goods inventory overstatement. c. 1. Auditors must study and evaluate internal control each year because the environment within which the client operates is subject to constant change; and controls must adapt to these changes if the system is to remain effective. The auditor must identify the environmental changes and determine that the relevant control points remain covered after the changes.

2.

A minimum audit is necessary, even under conditions of excellent internal control, because of the following inherent limitations in all internal control systems: Internal control nonexistence of collusion; assumes the

2.

Management can override the financial controls; Temporary breakdowns in the control system may occur and produce material errors;

b.

If, based on the initial understanding, controls are thought to be adequate, the auditor should consider the following alternatives: 1. Document the understanding, assess control risk below maximum, as considered appropriate, and document the basis for conclusions; or Document the understanding and test controls as a means for further reduction in the assessed level of control risk. This alternative would be chosen if the following conditions exist: a. Controls are thought to be effective; and Cost reductions through reduced substantive testing exceed cost of further testing of controls.

Given that these inherent limitations could produce material financial statement misstatements, and given that the audit report provides reasonable assurance that the financial statements do not contain material misstatements, the auditor must perform a minimum audit, even under conditions of excellent internal control if such assurance is to be provided.

2.

b.

Are each days receipts deposited intact daily? Is the summary listing of cash register receipts reconciled to the duplicate deposit slips authenticated by the bank? Case 2. ISLANDER DRUG STORE, INC. Processing Cash Collections Internal Control Questionnaire Are entries to the cash receipts journal prepared from duplicate deposit slips or the summary listing of cash register readings? Are the entries to the cash receipts journal compared to the deposits per bank statement? No Are Are customers who pay by check identified via store I.D. card or other means? Does company policy prohibit accepting checks for anything except merchandise sales plus a nominal cash amount? Is a receipt produced by the cash register given to each customer? Is the reading of each cash register taken periodically by an employee who is independent of the handling of cash receipts? Are cash counts made on a surprise basis by an individual who is independent of the handling of cash receipts? Is the reading of each cash register compared regularly to the cash received? Is a summary listing of cash register readings prepared by an employee who is independent of physically handling cash receipts? Are receipts forwarded to an independent employee who makes the bank deposits? b. areas involving the physical handling of cash reasonably safeguarded?

-Question

Yes

Are employees who handle receipts bonded? Are charged back items (NSF checks, etc.) directed to an employee who does not physically handle receipts or have access to the books?

Chapter 12 (New) Chapter 11 (Old) Check Chap 10 S

Case 1. a. Antonios activity is an irregularity (intentional distortion of financial statements) rather than error (unintentional mistake). It is also an illegal act on Antonios individual part.

The problem does not describe the kind of related party transactions discussed in PSA 550.

c.

Yes, a weakness in internal control exists. It may be considered a material weakness because the compensating control (internal auditors work on slow-moving inventory) did not operate in a timely enough manner to detect the irregularity before it had gotten large.

If a material weakness in internal control exists, Brava & Campos are obligated to report it to management and/or the board of directors.

c.

d.

The problem description indicates that this element of the audit was conducted in a negligent manner. Theres nothing wrong about auditing a sample of the transactions, but Campos follow-up and explanation of the missing receiving reports leaves much to be desired. At the very least he could have reviewed the reports produced by Antonio at a later date, and he could have traced the purchases to the inventory records and perhaps noticed an over-stocking condition. The auditors had some evidence that an irregularity might exist, but they failed to apply extended audit procedures properly.

Nicolas was not independent. His report is improper and he is probably subject to disciplinary action by the professional organization or regulatory body. According to the ethics interpretation on actual or threatened litigation:

An expressed intention by the present management to commence litigation against the auditor alleging deficiencies in audit work for the client is considered to impair independence if the auditor concludes that there is a strong possibility that such a claim will be filed.

Chapter 14 (New) Chapter 12 (Old)

Case 2. Types of procedures used by auditors in general, with examples: 1. Recalculation by the auditor * recomputing the clients calculation of depreciation expense

Case 2. a.

Yes. Nicolas was a party to the issuance of false financial statements and as such is a joint tortfeasor. The elements necessary to establish an action for common law fraud are present. There was a material misstatement of fact, knowledge of falsity (scienter), intent that the plaintiff bank rely on the false statement, actual reliance and damage to the bank as a result thereof. If action is based upon fraud there is no requirement that the bank establish privity of contract with the CPA. Moreover, if the action by the bank is based upon ordinary negligence, which does not require a showing of scienter, the bank may recover as a third-party beneficiary (an exception to the strict privity requirement). Thus, the bank will be able to recover its loss from Nicolas under either theory.

2.

Observation by the auditor * observation, test-counting physical inventory-taking of clients

3.

Confirmation by letter * * obtaining accounts receivable confirmations obtaining clients lawyers letter

4.

Inquiry and written representations * ask client personnel about accounting events complete an internal control questionnaire obtain written client representation letter

* b. No. The lessor was a party to the secret agreement. As such, the lessor cannot claim reliance on the financial statements and cannot recover uncollected rents. Even if he was damaged indirectly, his own fraudulent actions led to his loss, and the equitable principle of unclean hands precludes him from obtaining relief. * 5.

Vouching * find brokers invoices and cancelled checks showing agreement with record amounts for securities investments

6.

Tracing

select a sample of shipping documents and trace them to sales invoices, sales journal recording and posting to general ledger

d.

An apparent increase in accounts receivable turnover may, in fact, be the result of failure to record credit sales transactions.

7.

Scanning * * scan expense accounts for credit entries scan payroll check lists for unusually large checks e. A higher than average operating return may be indicative of unrecorded purchases or operating expenses; a lower than average return could result from unrecorded sales.

8.

Analytical procedures any example that fits one of these: * compare financial information with prior periods * compare financial information with budgets and forecasts study predictable financial information patterns (e.g., ratio analysis) compare financial information to industry statistics study financial information in relation to nonfinancial information

Chapter 15 (New) Chapter 13 (Old)

Case 1. a. Evidential matter obtained from independent sources outside an enterprise provides greater assurance of reliability (competency) than that which is secured solely within the enterprise.

b.

Accounting data and financial statements

developed under satisfactory conditions of internal control are more reliable (competent) than those which are developed under unsatisfactory conditions of internal control.

Case 5. a.

A material decline in sales may indicate unrecorded sales; a decrease in cost of goods sold may be due to unrecorded purchases; and an increase in cost of good sold may be the result of omissions from the ending inventory. An increase or decrease in gross profit will result from any one or a combination of the above omissions.

c.

Direct personal knowledge obtained by the independent auditor through physical examination, observation, computation, and inspection is more persuasive than information obtained indirectly.

b.

A decline in the miscellaneous revenue account balance, or the absence of a previously existing source of miscellaneous revenue, could be attributable to a failure to record miscellaneous revenue.

Case 2. 1.

Types of evidence

Evidential items/sources d. Letter creditor Monthly statements Voucher register from

in reliability rank

1.

External

c.

Unrecorded accounts payable at year-end would cause an increase in calculated accounts payable turnover.

a.

2.

External-internal

b.

3.

Internal

c.

Audit computation of discounts

4.

Mathematical (based on unaudited data)

2. c. Audit computation of expense amounts Letter from bond trustee Cancelled checks Minutes of directors meetings 1. Mathematical (based on unaudited data)

(4) Interpreting sample results. This requires a decision as to whether the results support the auditors planned assessed level of control risk, or whether additional sampling is necessary to reach a conclusion. (5) Following up on the discovery of critical errors or unacceptable deviation rates. (6) Determining the circumstances under which statistical sampling is appropriate, and those in which other techniques should be used in lieu, of or to supplement, the statistical sampling techniques.

a.

2.

External

d. b.

3. 4.

External-internal Internal

This is an open-ended question. The student may identify numerous other areas in which the auditors must make judgment decisions.

Chapter 16 (New) Chapter 17 (Old)

Case 1. a. Areas requiring the auditors to make judgment decisions when statistical sampling techniques are employed (only four required): (1) Defining population, characteristics to be tested, and deviations. Unless a relationship is defined between the occurrence rate of deviations in the population and either the validity of the clients financial statement or the strength of internal control, little useful information is gained by estimating the occurrence rate. (2) Determining the appropriate statistical selection techniques for drawing a random sample. The auditors must recognize the advantages and disadvantages of stratified selection, unstratified selection, and systematic selection, and determine which technique is appropriate for selecting an economical random sample. (3) Establishing the required maximum tolerable deviation rate and the risk of assessing control risk too low for the procedure. This requires judgment decisions regarding materiality, time, cost, and the planned assessed level of control risk. b. If the CPAs sample shows an unacceptable deviation rate, they may take the following actions: (1) They may enlarge their sample to increase the precision of their estimate. (2) They may isolate the type of deviation and expand examination as it relates to the transactions that give rise to that type of misstatement. (3) The auditors usual response to an unacceptably high deviation rate is to increase their assessed level of control risk. Accordingly, the auditors would increase the intensity of their substantive tests.

c.

Techniques for selecting an unstratified random sample of accounts payable vouchers include the following:

Random Sample. A random sample is a sample of a given size drawn from a population in a manner such that every possible sample of that size is equally likely to be drawn. Items may be selected randomly by:

(1) Table of Random Numbers. Use one of a number of published tables. Using four columns in the table, select the first 80 numbers which fall within the range of 1 to 3,200. The starting point in the table should be selected randomly and the path to be followed through the table should be set in advance and followed consistently. b. (2) Random Number Generator: Using generalized audit software, generate a list of 80 random numbers.

control environment, preliminary sample.

or

utilize

(1) There is a decrease in sample size if the acceptable level of the risk of assessing control risk too low is increased.

Systematic Sample. A systematic sample is th drawn by selecting every n item beginning with a random start. (1) Every n item. Select every 40 voucher after selecting the initial voucher (from 1 to 40) randomly. (2) Several random starting points. For example, use two random starting points and select 40 of the 80 vouchers from each th of the two sequences. Select every 80 voucher (3,200/40) after each of the two random starting points between 1 and 80 for each of the two sequences. c.
th th

(2) There is a decrease in sample size if the tolerable deviation is increased.

(3) There is an increase in sample size if the population deviation rate is increased.

Using a statistical sampling approach, Figure 18.4 reveals that 7 deviations in a sample of size 100 results in an achieved upper deviation rate of 12.8%, well in excess of the tolerable deviation rate (8%). The sample results should thus be interpreted as not supporting the planned assessed level of control risk.

Case 2. a.

(1) Since the results of tests of controls typically play a significant role in determining the nature, timing, and extent of other audit procedures, the auditors usually specify a low level of risk of assessing control risk too low. It is usually set at 5 or 10 percent.

Using a nonstatistical sampling approach, the 7% estimated population deviation rate identified in the sample (7 deviations / 100 sample items) approaches the tolerable deviation rate of 8%. Therefore, using a nonstatistical approach, the sample result would also be interpreted as not supporting the planned assessed level of control risk.

(2) In determining the tolerable deviation rate, an auditor should consider the planned assessed level of control risk and the extent of assurance desired from the evidential matter included in the sample.

d.

Statistical sampling allows the auditors to quantify sampling risk. As described in part (c), only when statistical sampling is used do the auditors know that the achieved upper deviation rate is 12.8%.

(3) In determining the expected population deviation rate, an auditor should consider the results of prior years tests, the overall

Chapter 18 (New) Chapter 19 (Old)

Case 1. a.

Alpha risk is the risk of rejecting a population that is essentially correct. Beta risk is the risk of accepting a population that is materially incorrect. Alpha risk affects audit efficiency because overauditing results from incorrectly rejecting a population. Beta risk impacts audit effectiveness because underauditng results from incorrectly accepting a population. Collectively, alpha and beta risk comprise sampling risk, defined as the probability that the auditor will draw erroneous conclusions about a population.

(1) Estimated population mean =

P582,000 / 200 lots = P2,910 per lot

(2) Estimated total value =

P2,910 per lot x 2,000 lots = P5,820,000

b.

Attention to, and quantification of, alpha and beta risk assist the auditor in applying an audit risk approach to substantive testing. During the audit planning stage, the auditor identifies areas of high audit risk and sets detection (beta) risk low for these areas. The result is that more substantive testing is devoted to the high risk areas relative to the lower risk areas. This approach enhances both audit efficiency and audit effectiveness.

(2) Ratio estimation estimates total population value by (1) using the ratio of the sample audited values to book values as an estimate of the ratio of population audited value to book value, and (2) applying the estimated ratio to the population book value. The computations are as follows: (1) Estimated ratio of audited to book value =

c.

Because it is closely related to the basis for the auditors opinion, alpha risk is usually set equal to overall audit risk. Beta risk is set on the basis of the auditors evaluation of inherent risk and control risk. The greater these risk factors, as determined by the auditor during the audit planning stages, the lower the beta risk set by the auditor. The lower the acceptable beta risk, the larger the sample sizes for substantive testing purposes. Alpha and beta risk, therefore, provide the necessary link between audit risk analysis and substantive audit testing.

P582,000 / P600,000 = 97%

(2) Estimated total value =

97% x P5,900,000 = P5,723,000

Case 2. a.

(1) Mean-per-unit estimates the total value of a population by (1) using the sample mean as an estimate of the true population mean, and (2) extending this estimated population mean by the number of items in the population. The computations are as follows:

(3) Difference estimation estimates total population values by (1) using the average difference between the audited and book values of sample items as an estimate of the average difference for all population items, (2) extending the estimated average difference by the number of items in the population, and (3) using the resulting estimate of the total difference between audited and book value to compute the estimated total value. The computations are as follows:

(1) Estimated average difference in audit and book values:

(P582,000 - P600,000) / 200 lots = - P90 per lot

Case 3. The auditors would project the misstatement found in the sample to the population using either the ratio or difference approach. The ratio approach would result in a projected misstatement of P65,500. This may be computed by first calculating the ratio of the audited to book value as 1.0131 [P23,100 / P22,800 (since there is a net understatement of P300, the audited value is P23,100)] and estimating the audited value of the population as:

(2) Estimated total difference =

- P90 per lot x 2,000 lots = P180,000

1.0131 x P5,000,000 = P5,065,500 (rounded)

(3) Estimated total value =

The projected misstatement is thus P65,500 under the ratio method.

P5,900,000 P5,720,000

P180,000

b.

The sample contains an element of sampling error with respect to the average peso value of production lots. The mean book value of the population is P2,950 (P5,900,000 / 2,000 lots), while the mean book value in the sample is P3,000 (P600,000 / 200 lots). Mean-per-unit estimation uses the mean value of the sample as the basis for estimating total value. Thus, if the sample contains a disproportionate number of higher (or lower) priced items, this sampling error will affect the estimate of the total population value.

The difference approach results in an average difference of P1.50 (P300 net difference divided by 200 items). Multiplying by the 100,000 invoices indicates a projected misstatement of P62,400 (P1.50 x 41,600).

Case 4. The audit risk (ultimate risk) of material misstatement in the financial statements (AR) is the product of: (1) Inherent risk (IR), the risk of material misstatement in an assertion, assuming there were no related internal controls. (2) Control risks (CR), the risk of material misstatement occurring in an assertion, and not being prevented or detected on a timely basis by the internal control structure. (3) Detection risk (DR), the risk that the auditors procedures will lead them to conclude an assertion is not materially misstated, when in fact such misstatement does exist.

The estimate of total value developed in ratio estimation is based upon the ratio of audited values to book values, rather than upon mean peso value. If this ratio has no tendency to vary with the peso value of the lot, the estimate of total value is not affected by the mean value of items in the sample. However, sampling error may still be present if the sample lots are not representative of the population with respect to the ratio of audited values to book values.

In equation form, this relationship is expressed as follows:

AR = IR x CR x DR Note: The reliability factor is from the zero misstatements row of the PPS sampling table given in the case.

This equation may be restated to solve for the allowable detection risk as follows:

DR = AR / (CR x IR)

(2) The sampling interval is calculated simply by dividing the book value of receivables by the sample size, as follows:

Using the risk levels set forth in the problem, the allowable risk of reliance upon substantive tests is computed as illustrated below:

Sampling interval receivables / Sample size

Recorded

DR = .02 / (.2 x .5) = .20 b. Thus the risk of incorrect acceptance should be limited to 20 percent if the auditors are to achieve their objective of holding audit risk to 2 percent.

= P500,000 / 69 = P7,246

The results may be evaluated as follows:

(1) Projected misstatement =

Case 5. a.

(1) Required sample size is calculated as follows:

Bo ok Va lu e P 50

Aud ited Val ue

Missta tement

Tain ting %

Sam plin g Inter val

Project ed Missta tement

P 47 76 0 8,1 00

P 3 6%

P7,246

P 435

Recorded amount of population x Reliability factor Sample size = Tolerable misstatement (Expected misstatement x Expansion factor)

80 0 8, 50 0

40 5%

7,246

362

400 NA

NA

400

P1,197

P500,000 x 3 Sample size = = 69 P25,000 (P2,000 x 1.6)

(2) Basic precision = x Sampling interval

Reliability factor

= 3.0 = x P21,738 P7,246

Incremental allowance (a) Reliability factors are read from the PPS sampling table given in the case, starting at zero misstatements. (b) Increment 1 is the difference in the two adjacent reliability factors minus 1 (e.g., 4.75 3.00 1.00 = .75). Increm ental Allowa nce (c) Misstatements in excess of the sampling interval are not considered in the incremental allowance. This is because the nature of the process requires that all items in excess of the sampling interval be included in the sample therefore no allowance for items not in the sample is necessary.

(3) Incremental allowance =

Relia bility Facto r 3.00 4.75 6.30

Projecte d Incre (Increm Misstat ment ent 1) ement

1.75 1.55

.75 .55

P435 362

P326 199 P525 c.

(4) Upper limit on misstatement P1,197 + P21,738 + P525

The results obtained in part b would indicate that the auditors may accept the population as not containing a tolerable misstatement at the 5 percent level of risk of incorrect acceptance. The auditors would also consider the results obtained in conjunction with other audit tests.

= P23,460

Case 6. a.

The advantages of probability-proportional-tosize (PPS) sampling over classical variables sampling are as follows: PPS sampling is generally easier to use than classical variables sampling. The size of a PPS sample is not based on the estimated variation of audited amounts. PPS sampling automatically results in a stratified sample. Individually significant items are automatically identified. If no misstatements are expected, PPS sampling will usually result in a smaller sample size than classical variables sampling. A PPS sample can be easily designed and sample selection can begin before the complete population is available.

NOTES: Projected misstatement (a) Tainting percentages are calculated as the difference between book and audited value divided by book value (e.g., (P50 P47) / P50 = 6%). (b) No tainting percentage is calculated for items in excess of the sample interval and the actual misstatement is extended to projected misstatement (as for the third error).

Basic precision is always the reliability factor for zero misstatements multiplied times the sampling interval.

b.

Sampling interval = Recorded receivables / Sample size

P300,000 =

/ P5,000

= 60 b.

vouch prices to price lists, and recalculate the math. Errors on the invoice could cause lost billings and lost revenue or overcharges to customers which are not collectible (thus overstating sales and accounts receivable).

c.

Projected misstatement =

Bo ok Va lu e P 40 0 50 0 3, 00 0

Aud ited Val ue

Missta tement

Tain ting %

Sam plin g Inter val

Project ed Missta tement

3.

Duties of accounts receivable bookkeeper. a. Observation and Inquiry. Look to see who is performing bookkeeping and cash functions. Determine who is assigned to each function by reading organization charts. Ask other employees. The bookkeeper might be able to steal cash and manipulate the accounting records to give the customer credit and hide the theft. (Debit a customers payment to Returns and Allowances instead of to cash, or just charge the control total improperly).

P 32 0 0

P 80 20 %

P1,000

P 200 b.

500 10 0% NA NA

1,000

1,000

2,5 00

NA

500

P1,700

4.

Customer accounts regularly balanced with the control account. a. Recalculation. Review the clients working paper showing the balancing/reconciliation. Do the balancing yourself. Accounting entries could be made inaccurately or incompletely and the control account may be overstated or understated.

Chapter 19 (New) Chapter 23 (Old)

Case 1. 1. Controlled access to blank sales invoices. a. Observation. Visit the storage location yourself and see if unauthorized persons could obtain blank sales invoices. Pick some up yourself to see what happens. Someone could pick up a blank and make out a fictitious sale. However, getting it recorded would be difficult because of the other controls such as matching with a copy from the shipping department. (Thus a control access deficiency may be compensated by other control procedures.)

b.

b.

Case 2. The discussion could take several directions, including some or all of the following: 1. Material Weakness. The facts seem to suggest a condition in which specific control features (few or none are described) or the degree of compliance with them do not reduce to a relatively low level the risk that errors or irregularities in amounts that could be material to the financial statements may occur and not be detected within a timely period by employees in the normal course of performing their assigned functions. Castro has authority

2.

Sales invoices check for accuracy. a. Vouching and Recalculation. Select a sample of recorded sales invoices and vouch quantities thereon to bills of lading,

and influence over too many interrelated activities. Nothing he does seems to be subject to review or supervision. He even is able to exclude the internal auditor.

because of Samuels apparent approval of Castros powers. c. Controlled Access. The whole situation gives Castro access to necessary papers, records, and assets to carry out his oneman show. Periodic Comparison. No one else apparently has any access to the materials inventory in order to conduct an actual count for comparison to the book value (recorded accountability) of the inventory.

An identification of the potential irregularities will illustrate the misdeeds he can perpetrate almost single-handedly.

d.

2.

Potential irregularities include: a. Castro can collude with customers to rig low bids and take kickbacks, thereby depriving the company of legitimate revenue. Castro can direct purchases to favored suppliers, pay unnecessarily high prices and take kickbacks. He might even set up a controlled dummy company to sell overpriced materials to the company. No competitive bidding control prevents these activities. Castro, through the control of physical inventory, can (i) remove materials for himself, and (ii) manipulate the inventory accounts to conceal shortages. Castro can order truck shipping services for his own purposes and cause the charges to be paid by the company. Castro can manipulate the customer billing (similar to a above) to deprive the company of legitimate revenue while taking an unauthorized commission or kickback.

b.

Case 3. The purpose of this question is to get the student to consider where the functions that are considered incompatible in a manual system occur in a computer system.

c.

The functions should be separated in a manual or computer accounting system such that different people authorize the sales transactions, record the transactions, have custody to the assets (inventory) and reconcile the books to the assets.

d.

Different people should: indicate the sales order source document (authorize), prepare the computer program (authorize and record), operate the computer (record), have custody of inventory and correct errors (reconciliation).

e.

Case 4. If the credit limits are set and entered incorrectly, the credit approval process will be systematically deficient.

3.

Almost every desirable characteristic of good internal control has been circumvented: a. Segregation of Functional Responsibilities. Castro has authorization and custodial responsibilities. Authorization, Supervision. Castro is apparently subject to no supervision or review. The accounting staff is probably powerless to challenge transactions

b.

Case 5. Memorandum

TO: Art League FROM: DATE: SUBJECT: Admission Fees

Board of Directors, The Potter

Weakness: Cash receipts are not promptly deposited. Cash should not be left undeposited for a week. Recommendation: Cash should be deposited at least once each day.

(Students name)

Control weaknesses related to Cash Weakness: deposited. There is no proof of accuracy of amounts

You requested a report which identifies the weaknesses in the existing system of cash admission fees and my recommendations. Below are the weaknesses that exist and my recommendations for procedures that overcome these weaknesses. I will be pleased to discuss these at the next board meeting and offer further explanations that may be necessary.

Recommendation: Authenticated deposit slips should be compared with daily cash collection records. Discrepancies should be promptly investigated and resolved. In addition, the treasurer should establish a policy that includes an analytical review of cash collections.

Weakness: There is no record of the internal accountability of cash. Recommendation: The treasurer should issue a signed receipt of all proceeds received from the collection clerk. These receipts should be maintained and should be periodically checked against cash collection and deposit records.

Weakness: There is no segregation of duties between persons responsible for collecting admission fees and persons responsible for authorizing admission. Recommendation: One clerk (hereafter referred to as the collection clerk) should collect admission fees and issue prenumbered tickets. The other clerk (hereafter referred to as the admission clerk) should authorize admission upon receipt of the ticket or proof of membership.

Case 6. a.

The purposes of these audit procedures are: 1. To substantiate the validity of the asset cash in the balance sheet, as it may substantially consist of cash in transit from several sales divisions. To determine proper cash cutoff, i.e., to detect any unintentional errors overstating or understating cash between the current and the following accounting period. To disclose kiting (if any), e.g., perpetrated by the home office cashier in collusion with one or more sales divisions employees.

Weakness: An independent count of paying patrons is not made. Recommendation: The admission clerk should retain a portion of the prenumbered admission ticket (admission ticket stub).

2.

3.

Weakness: There is no proof of accuracy of amounts collected by the clerks. Recommendation: Admission ticket stubs should be reconciled with cash collected by the treasurer daily.

b.

Audit Program for Sales Divisions Audit Steps 1. Prepare a schedule of transfer payments made by the branch for a period covering two weeks prior and two weeks after the end of the fiscal period showing: Check number Date of disbursements book entry in cash

Weakness: Cash receipts are not promptly prepared. Recommendation: The cash collections should be recorded by the collection clerk daily on a permanent record that will serve as the first record of accountability.

Amount of check Date of perforation by paying bank Transfer checks outstanding at the date of cutoff Transfer checks outstanding at the date of reconciliation. 2. Compare dates of issue on canceled checks and of entries. Trace and compare dates of perforation and dates of payment on the bank statement and the cutoff statement. Compare dates of issue of checks to date of perforation looking for: a. unusual delays in payment

not promptly notified of new hires and terminations.

2.

a. b.

Recorded payroll deductions are valid. Incorrect amounts might be deducted from pay.

3.

a.

3.

Recorded payroll transactions are valid and authorized. If payroll department personnel were also responsible for time records, they would have effective control over transaction authorization (i.e., hours worked approval) and could overpay themselves or friends.

b.

4.

b. discrepancy in accounting periods for the two dates. 5. Scan cancelled checks and cash disbursements records during the year for: a. b. names of payees, consecutive numbers of checks to determine whether any payments other than regular transfers to main office were made from this account.

4.

a.

Payroll and labor cost transactions are complete. Cost accounting records might contain more or fewer pesos than actually paid (per payroll data). Simple errors in cost analyses might occur.

b.

Chapter 20 (New) Chapter 24 (Old)

Case 1. a. The CPAs test of the sales cutoff at June 30 should include the following steps: 1. Determine what JETOs cutoff policy is, review the policy for reasonableness, and compare it to the prior year for consistency. Select a sample of sales invoices (including the last serial invoice number) from those recorded in the last few days of June and the first few days of July. Trace these sales invoices to shipping documents and determine that sales have been recorded in the proper period in accordance with company cutoff policy. Determine that the cost of goods sold has been recorded in the period of sale. Select a sample of shipping documents for the same period and trace these to the

6.

Reconcile individually several transfers during the year to corresponding collections presumed to be transferred as of each individual date. Reconcile total collections for the year to total transfers.

7.

2.

3.

Case 7. 1.

a.

Recorded payroll transactions are valid (no fictitious employees). 4. Paychecks might be delayed and terminated workers might continue to be paid (with theft of check by someone else) if payroll is

b.

5.

sales invoice. Determine that the sale and the cost of goods sold have been recorded in the proper period. 6. Review the cutoff for sales returns and allowances, determine that it has been based upon a consistent policy and that there have not been abnormal sales returns and allowances in July; this might indicate either an overstatement of sales during the audit period or the need for a valuation account at June 30 to provide for future returns and allowances.

(c) Reviewing other documentation supporting the cutoff bank statement.

Case 2. The procedure followed appears to be appropriate except that the examination of detail transactions for three months might be considered to be excessive in view of the exceptionally good internal control. A lighter test of such transactions, designed to test the effectiveness of the control procedures, might be devised.

b.

(1) The CPA will use the July 10 cutoff bank statement in his review of the June 30 bank reconciliation to determine whether: (a) The opening balance on the cutoff bank statement agrees with the balance per bank on the June 30 reconciliation. (b) The June 30 bank reconciliation includes those canceled checks that were returned with the cutoff bank statement and are dated or bear bank endorsements prior to July 1. (c) Deposits in transit cleared within a reasonable time. (d) Interbank transfers have been considered properly in determining the June 30 adjusted bank balance. (e) Other reconciling items which had not cleared the bank at June 30 (such as bank errors) clear during the cutoff period.

The procedures followed should be supplemented by the following: 1. Review the companys method of sales cutoff at year-end and test billings and shipments (including returns) for an adequate period before and after year-end to establish that cutoff procedures have been adhered to. Examine collections in early part of subsequent period to determine if a substantial portion of the receivables has been collected. Examine agreements entered into with the distributors. If price protection clauses are included, review the current price position and distributor inventory positions to determine whether a reserve for such protection is needed. When a company deals with a limited number of customers, it is dependent upon the continued solvency of all such customers. Obtain a representation letter from appropriate company officials covering the receivables.

2.

3.

4.

5.

(2) The

CPA may obtain information by:

other

audit

Case 3. 1.

a.

Notes payable are authorized according to company policy (proper authorization). For each note outstanding or paid during the year, vouch to written authorizing document. Funds might be borrowed in the companys name without the knowledge of responsible officers.

(a) Investigating unusual entries on the cutoff bank statement. (b) Examining canceled checks, particularly noting unusual payees or endorsements.

b.

c.

2.

a.

Recorded notes payable are valid and documented (separation of duties). Observe the client keeping duties. personnel recordb.

applicable to 2004 have been included in the journal entry recorded by the client.

b.

c.

Someone might intercept a check made out to a bank and convert company funds to his or her own use. Notes payable records could be falsified for a short time to hide the theft.

No. The CPA should obtain a letter in which responsible executives of the clients organization represent that to the best of their knowledge all liabilities have been organized. However, this is done as a normal audit procedure to afford additional assurance to the CPA and it does not relieve him of the responsibility for doing his own audit work.

3.

a.

Valid liabilities are recorded and none omitted (sound error checking practices). Observe client personnel making comparisons. Review correcting journal entries that result from the comparison. Purchases or other liabilities may fail to be recorded and the error not detected by any other means.

c.

b.

c.

4.

a.

Recorded liabilities and cash disbursements valid and documented (sound record keeping). Inspect notes to see if they are marked paid. Notes may get paid a second time if put back through the cash disbursements system (intentionally or inadvertently). d.

b.

Whenever a CPA is justified in relying on work done by an internal auditor, he should curtail (but not eliminate) his own audit work. In this case, the CPA should have ascertained early in his examination that Ozones internal auditor is qualified by being both technically competent and reasonably independent. Once satisfied as to these points, the CPA should discuss the nature and scope of the internal audit program with the internal auditor and review his working papers in order that the CPA may properly coordinate his own program with that of the internal auditor. If the Ozone internal auditor is qualified and has made tests for unrecorded liabilities, the CPA may limit his work in this audit area.

c.

In addition to the 2005 voucher register, the CPA should consider the following sources for possible unrecorded liabilities: 1. Unentered vendors invoice file. Status of tax returns for prior years still open. Discussions with employees. Representations from management. Comparison of account balances with preceding year. Examination of individual accounts during the year. Existing contracts and agreements.

Case 4. a.

The fact that the client made a journal entry to record vendors invoices which were received late should simplify the CPAs audit for unrecorded liabilities and reduce the possibility of a need for a further adjustment, but the CPAs audit is nevertheless required. If the client has not journalized late invoices, the CPA is compelled in his testing to substantiate what will ultimately be recorded as an adjusting entry. In this examination the CPA should audit entries in the 2004 voucher register to ascertain that all items which according to dates of receiving reports or vendors invoices were

2.

3. 4. 5.

6.

7.

8. 9.

Minutes. Attorneys bills and letter of representation. Case 7. a. The objectives (specific assertions) for the audit of non-current investment securities are to obtain evidence regarding the: Existence of the investment securities at the balance sheet date. Ownership of the investment securities. Cost and carrying value of the investment securities. Proper presentation and disclosure of the investment securities in the financial statement. Proper recognition of interest income. Proper recognition of investment gains and losses.

10. Status of renegotiable business. 11. Correspondence with principal suppliers. 12. Audit testing of cutoff date for reciprocal accounts, e.g., inventory and fixed assets.

Case 5. a.

Lourdes should find in the audit working papers a planning memo describing the clients inventory-taking plan and notes about the auditors first-hand observation of the instructions being given to counters, along with a memo about the auditors observation of the counting. This memo should tell about supervision of the audit staff, and the working papers (test counts) should show the review signatures of the supervising auditors.

b.

The following audit procedures should be undertaken with respect to the audit of Tess investment securities: Inspect and count securities in the companys safe and safe deposit box. Examine brokers statements to obtain assurance that all transactions were recorded. Examine documents in support of purchases and sales of investment securities. Inspect the minutes of the board of directors meetings. Review the audited financial statements of the (25 percent) investee. Verify the equity method of accounting was used for carrying value of the investment in Dee Industrial. Obtain a client representation letter that confirms the clients representations concerning the noncurrent investment securities. Verify the calculation of interest income. Review the propriety of the presentation and disclosure of the securities in the financial statements. Make certain that the client representation letter includes the proper assertions concerning accounts payable. Investigate and resolve confirmation exceptions and other matters requiring follow-up.

b.

Working papers should document performance of these substantive procedures for the existence and completeness assertions: 1. Conduct an observation of the companys physical inventory count. Scan the inventory compilation for items added from sources other than the physical inventory count. . . At year end, obtain the number of the last shipping and receiving documents . . . Use these to scan the sales, inventory/cost of sales, and accounts payable entries for proper cutoff. Confirm or inspect inventories held in public warehouses.

2.

3.

4.

Case 6. The three categories of major losses or manipulations in the area of investments are: theft of diversion of funds, manipulation of accounting, and business espionage. Business espionage is generally outside the sphere of independent auditors interest.

Case 8. a.

The audit objectives in the examination of longterm debt are to determine that: 1. 2. All liabilities were properly recorded. Items recorded as liabilities are bona fide obligations. Interest expense and/or amortization was properly computed and recorded. The client is not in violation of restrictions or requirements imposed on it by the terms of the loan agreement. Satisfactory authority existed to enter into long-term obligation agreements. All long-term obligations are properly classified in the balance sheet. Assets pledged as security are adequately disclosed. b.

4.

Check the computation of interest expense for the period May 1 to June 30, and trace the recording of the expense and the accrual on the books. Determine that authority to borrow was granted and is recorded in the board of directors minutes.

5.

3.

Chapter 21 (New) Chapter 14 (Old)

Case 1. a. (1) The functions of audit working papers are to aid the CPA in the conduct of his work and to provide support for his opinion and his compliance with auditing standards. (2) Working papers are the CPAs records of the procedures performed, and conclusions reached in the audit. The factors that affect the CPAs judgment of the type and content of the working papers for a particular engagement include: 1. The nature of the auditors report. The nature of the clients business. The nature of the financial statements, schedules or other information upon which the CPA is reporting and the materiality of the items included therein. The nature and condition of the clients records and internal controls. The needs for supervision and review of work performed by assistants.

4.

5.

6.

7.

b.

The following procedures should be included in an audit program for the examination of the long-term note between Odette and First National Bank: 1. Confirm the loan and terms of the agreement with the bank. Review the agreement between Odette and the bank to determine that: a. The debt is long-term (by reference to dates). Provisions of the agreement have not been violated, e.g., that Odette is complying with any restrictions on the payment of dividends, on the amount of working capital to be maintained, or on the uses to which the funds may be employed and is maintaining the plant pledged as security for the loan. The agreement was signed by person(s) having authority. c.

2. 3.

2.

4.

5.

b.

Evidence which should be included in audit working papers to support a CPAs compliance with generally accepted auditing standard includes: 1. Evidence that the financial statements or other information upon which the auditor is reporting were in agreement or reconciled with the clients records. Evidence that the clients system of internal control was reviewed and evaluated to determine the nature, timing, and extent of audit procedures.

c.

2.

3.

Trace the receipt of funds into the bank account and cash receipts book.

3.

Evidence of the auditing procedures performed in obtaining evidential matter for evaluation Evidence of how exceptions and unusual matters disclosed by auditing procedures were resolved or treated.

not given. 3. Classification of long-term portion indicates no verification. Paid-to-date row is confusing.

working paper. Recompute portions of notes which are longterm.

4.

4. 5. Evidence of the auditors conclusions on significant aspects of the engagement with appropriate commentaries.

Column should say date paid to and this should be confirmed. Include due dates on working paper for these notes.

5.

d.

The CPA should perform an adequate examination at minimum cost and effort and the preceding years programs will aid in doing this. The preceding years audit programs ordinarily contain information useful in the current examination (such as descriptions of the unique features of a clients operations or records, a formalized sequence of audit steps in logical order, and approximate time requirements to perform various phases of the work). The auditor should decide whether to use the old program or prepare a new one.

Due dates are missing for C.C. Co., P. Pablo and Tetra Co.

c.

SPREADSHEET SOLUTION The purpose of using an Excel spreadsheet in this problem is to give the student some experience in preparing a simple working paper using an Excel spreadsheet. It should be explained to students that this type of working paper may or may not be prepared in actual practice, and that often templates are used to prepare more time-consuming working papers. Also, whether or not tick marks are computerized is a matter to be decided. The advantage is that the completed audit work can then be stored and reviewed electronically, a direction many firms are going. On the other hand, it may be more efficient to indicate audit work manually as it is performed, and a contrast in the color of the tick marks through use of a colored pencil may be desirable.

Case 2. In general, the working paper is not set up in a logical manner to show what the auditor wants to accomplish. The primary objective of the working paper is to verify the ending balance in notes receivable and interest receivable. A secondary objective is to account for all interest income, cash received and cash disbursed for new notes, collateral as security, and other information about the notes for disclosure purposes. Specific deficiencies of the working paper presented in the question are:

a. DEFICIENCY 1. Tick mark explanation tested does not indicate specifically what was done.

b. IMPROVEMENT Should have separate tick marks meaning: Agreed to confirmation Footed Traced to cash receipts journal Recomputed, etc. Explain all tick marks on the same page of the

The formulas used are self-evident, so no listing is provided. Two items deserve comment: 1. An advantage of using a spreadsheet program for these types of analyses is that footing and crossfooting are done automatically.

2.

Explanation of some tick marks is

2. When auditor tick marks are done by computer, a problem arises as to how to place them on the worksheet. One could use narrow columns inserted between the scheduled client data, or, as done here, the tick marks are placed in blank rows beneath the related data.

FOURTH PACIFIC COMPANY A/C # 110 NOTE RECEIVABLE 12/31/03 Account # 110 Notes Receivable Date Made / Due c* 6/15/02 / 6/15/04 11/21/02 / Demand 11/1/02 / 4/1/08 (P200/Mo.) 7/26/03 / 8/1/05 (P1000/Mo.) 5/12/02 / Demand 9/3/03 / 2/1/06 (P400/Mo.) Interest Rate / Date Paid to 5% / None pd. 5% / 12/31/03 5% / 12/31/03 5% / 9/30/03 5% / 12/31/03 6% / 11/30/03 Face Amount 5000 Value of Security None Balance 12/31/02 4000 tp 3591 tp 12780 tp 0 Balance 12/31/03 3000

Schedule Prepared by Approved by Interest Receivable 12/31/02 104 tp 0 tp 24 tp 0

N-1 JD PP

Date 1/21/04 2/15/04

Maker Alba Co.

Additions 0

Payments 1000 r 3591 r 2400 r 5000 r 2100 r 1600 r 15691 f

Earned 175 < 102 < 577 < 468 < 105 < 162 < 1589 f op

Received 0

Receivable 12/31/03 279

Barrios, Inc. C.C. Co.

c*

3591

None

102 r 601 r 200 r 105 r 108 r 1116 f

c*

13180

24000

10380

P. Pablo

c*

25000

50000

25000 r 0

20000

268

Martin Cruz Tetra Co.

c*

2100

None

2100 tp 0

0 tp 0

c*

12000

10000

12000 r 37000 f

10400

54

22471 f tp

43780 f, cf wtb

128 f tb

601 f, cf wtb

Legend of Auditors Tick Marks Footed f Crossfooted cf Traced to prior year working papers tp Traced total to working trial balance wtb Traced total to operations working paper OP6 op Examined note for payee, made and due dates, interest rate, face amount, and * value of security. No exceptions noted. Received confirmation, including date interest paid to, interest rate, interest paid c during 2003, note balance, and security. No exceptions noted. Traced to cash receipts journal r Recomputed for the year <

Chapter 25 (New) Chapter 28 (Old)

Case 4. Independent Auditors Report To the shareholders and board of directors of Various Fabrics, Inc.: We have audited the accompanying balance sheets of Various Fabrics, Inc. as of January 31, 2004 and 2003 and the related statements of income, retained earnings, and cash flows for the years then ended. These financial statements are the responsibility of the companys management. Our responsibility is to express an opinion on these financial statements based on our audits. We conducted our audits in accordance with generally accepted auditing standards. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An audit also includes assessing the accounting principles used and significant estimates made by management, as well as evaluating the overall financial statement presentation. We believe that our audits provide a reasonable basis for our opinion. In our opinion, the financial statements referred to above present fairly, in all material respects, the financial position of Various Fabrics, Inc. as of January 31, 2004 and 2003 and the results of its operations and its cash flows for the years then ended in conformity with generally accepted accounting principles.

Anyone could come up with the password by guessing. The backup disks are not stored in a safe place. Was the conversion appropriately executed, with no data lost or added?

Chapter 27 (New) Chapter 21 (Old)

Case 1. Does access to on-line files require specific passwords to be entered to identify and validate the terminal user? POSSIBLE ERRORS OR IRREGULARITIES unauthorized access may be obtained to processing programs or accounting data resulting in the loss of assets or other company resources.

Are control totals established by the user prior to submitting data for processing? POSSIBLE ERRORS OR IRREGULARITIES sales transactions may be lost in data conversion or processing, or errors made in data conversion or processing.

Are input totals reconciled to output control totals? POSSIBLE ERRORS AND IRREGULARITIES (same as above). Control totals are useless unless reconciled to equivalent controls created during processing.

Aya de Jesus, CPA March 2, 2004

Case 2. a.

1.

Input control objectives Transactions have been recorded properly (neither double-counted nor omitted that is, control over validity and completeness) Transactions are transmitted from recording point to processing point Transactions are in acceptable form

Chapter 26 (New) Chapter 20 (Old)

An auditor should have the following concerns about the Box system: Does the system have any flaws or incompatibilities? (No one appears to have tested the software or found out about others satisfaction with it.) The computer sits out in the open. (Anyone could have access to and damage the hardware.)

2.

Processing control objectives Loss or nonprocessing of data is detected Arithmetic functions are performed accurately Transactions are posted properly Errors detected in the processing of data are controlled until corrected and processed

3.

Output control objectives

Processed data are reported correctly and without unauthorized alteration Output is required by the user Output is distributed only to persons authorized to receive it b. 1. Control procedures input source data Registration at point of entry Sequential numbering Grouping (batching) with control totals Key verification Programmed edits Edits for completeness and reasonableness Checklists to ensure input arrived and on time Control procedures processing controls Prevention of loss or nonprocessing of data (e.g., control totals) Performance of arithmetic functions Assurance of proper posting (sample test of postings) Correction of errors Exclusion of unauthorized persons from operating areas (e.g., programmers) Control procedures output controls Review performed by originating area of the reports and other output data Sampling and testing of individual transactions Use of control totals obtained independently from prior processing or original source data Distribution lists used to route output only to authorized persons Making inquiries as to whether the output is desired by the recipient

allowed to attempt to fix the programs. The failed application should be returned to the programmers for correction. b. Compensating controls usually refer to controls in user departments (departments other than computer data processing). In a small computer installation where there are few employees, segregation of the programming and operating functions may not be possible (as in a microcomputer or minicomputer environment). An auditor may find compensating controls in the user department such as: (1) manual control totals compared to computer output totals and (2) careful inspection of all output. Such compensating controls in a simple processing system could provide reasonable assurance that all transactions were processed, processing was proper and no unauthorized transactions were processed.

2.

3.

An auditor may find the following compensating controls that are particularly important when the programming and operating functions are not separate: 1. 2. 3. Joint operation by two or more operators. Rotation of computer duties. Comparison of computer times to an average or norm. Investigation of all excess computer time (errors). Adequate supervision of all computer operations. Periodic comparison of a program code value to a control value. Required vacations for all employees.

Case 3. a.

The primary internal control objectives in separating the programming and operating functions are achieved by preventing operator access to the computer or to input or to output documents, and by preventing operator access to operating programs and operating program documentation, or by preventing operators from writing or changing programs.

4.

5.

6.

7. Programmers should not be allowed in the computer room during production processing. They should submit their tests to be scheduled and run by the operators as any other job.

Case 4. a.

Operators should not be allowed to interfere with the running of any program. If an application fails, the operators should not be

Input editing is the process of including, in EDP systems, programmed routines for computer checking as to validity and accuracy of input. Types of input editing controls are: tests for valid codes; tests for reasonableness; completeness tests; check digits; and tests for

consistency of data entered in numeric and alphabetic fields.

b.

Examples of payroll input editing controls are: Test for validity of employee number; Test for proper pay rate; Test for reasonableness of hours worked. c.

has taken the position that making control recommendations during system design is no different from auditor recommendations for control improvements after the fact and documented in the management letter.

Examples of sales input editing controls are: Test for validity of customer number; Test for credit approval; Credit limit test; Sales price list.

In some complex EDP systems, a computer audit specialist may be needed to assist in designing the necessary controls, as well as monitoring and reviewing the control functions. A computer audit specialist is an employee of the CPA firm who, typically, will have served on the audit staff for a period of time, followed by specialized training in computer system design and control, and EDP auditing.

c.

As EDP system complexity increases, documentation, as well as manual checking decreases. To provide reasonable assurance as to completeness, existence, and accuracy of processed transactions under these circumstances, input editing becomes increasingly necessary.

d. The auditor may rely on the computer audit specialist to whatever degree considered necessary to assure proper control installation and implementation. The incharge field auditor must keep in mind, however, that use of a computer audit specialist does not compensate for the field auditors lack of understanding of the internal control, including the EDP applications. Chapter 28 (New) Chapter 22 (Old) Case 1. a. Auditing around the computer generally refers to examinations of transactions in which a representative sample of transactions is traced from the original source documents, perhaps through existing intermediate records in hard copy, to output reports or records, or from reports back to source documents. Little or no attempt is made to audit the computer program or procedures employed by the computer to process the data. This audit approach is based on the premise that the method of processing data is irrelevant as long as the results can be traced back to the input of data and the input can be validated. If the sample of transactions has been handled correctly, then the system outputs can be considered to be correct within a satisfactory degree of confidence.

Case 5. a.

Most commonly associated with supervisory programs contained in on-line real-time systems, design phase auditing involves the auditor in system design. The goal is to ensure inclusion of controls that will detect exceptions or unusual conditions and record and log information about the initiating transactions. Once the necessary controls have been designed and incorporated into the system, frequent visits by the auditor to the clients premises are necessary to determine that the controls are functioning properly.

b.

Some individuals and groups have suggested that independence may be impaired, given auditor monitoring and reviewing a system which he/she has helped to design. The AICPA

b.

The CPA would decide to audit through the computer instead of around the computer (1) when the computer applications become

complex or (2) when audit trails become partly obscured and external evidence is not available.

d.

Auditing around the computer would be inappropriate and inefficient in the examination of transactions when the major portion of the internal control system is embodied in the computer system and when accounting information is intermixed with operation information in a computer program that is too complex to permit the ready identification of data inputs and outputs. Auditing around the computer will also be ineffective if the sample of transactions selected for auditing does not cover unusual transactions that require special treatment.

In addition to actually observing the processing of data by the client, the CPA can satisfy himself that the computer program tapes presented to him are actually being used by the client to process its accounting data by requesting the program of a surprise basis from a computer librarian and using it to process test data.

c.

(1) Test data is usually a set of data in the form of punched cards or magnetic tape representing a full range of simulated transactions, some of which may be erroneous, to test the effectiveness of the programmed controls and to ascertain how transactions would be handled (accepted or rejected) and if accepted, the effect they would have on the accumulated accounting data. (2) The auditor may use test data to gain a better understanding of what the data processing system does, and to check its conformity to desired objectives. Test data may be used to test the accuracy of programming by comparing computer results with results predetermined manually. Test data may also be used to determine whether errors can occur without observation and thus test the systems ability to detect noncompliance with prescribed procedures and methods.

The CPA may also request, on a surprise basis, that the program be left in the computer at the completion of processing data so that he can use the program to process his test data. This procedure may reveal computer operation intervention. If, so, ensures that a current version of the program is being audited, an important procedure in computer installations newly installed and undergoing many program changes. To gain further assurance about this matter, the CPA should inquire into the clients procedures and controls for making program changes and erasing superseded program tapes, and should examine log tapes where available.

Case 2. a.

Document retention IMPACT ON THE INTERNAL CONTROL SYSTEM: In on-line real time systems and EDI systems, the audit trail is frequently modified in the form of reduced documentation. To compensate, internal controls should provide for adequate input editing, as well as some form of transaction log as documentation at the input stage. IMPACT ON THE INDEPENDENT AUDIT: In examining internal control, under these circumstances, the auditor must rely more on observation, inquiry, and reprocessing of transactions for control testing purposes, and less on document testing. If documents are retained for only a short period, the auditor should also consider the feasibility of frequent visits for both substantive and control testing purposes.

Assurance is provided by the fact that if one transaction of a given type passes a test, then all transactions containing the identical test characteristics will if the appropriate control features are functioning pass the same test. Accordingly, the volume of test transactions of a given type is not important.

b.

Uniformity of processing

IMPACT ON THE INTERNAL CONTROL SYSTEM: The impact of this internal control characteristic is to generally strengthen control by increasing the consistency of processing. Once the proper controls are installed and tested, processing consistency increases the accuracy of transaction processing over that which exists in manual systems. IMPACT ON THE INDEPENDENT AUDIT: The auditor must emphasize control study and testing at the point of transaction input and processing to determine that the necessary controls exist and are functioning. Upon determining that the necessary input and processing controls are in place and functioning properly, the auditor may elect to perform little or no document testing.

d.

Access to data bases IMPACT ON THE INTERNAL CONTROL SYSTEM: The greater the number of input terminals providing access to data bases, and the more integrated the data base, the greater the danger of unauthorized access. To protect the data bases under these circumstances, the internal control policies and procedures should provide for effective control over identification codes and passwords permitting access to data bases; and the control policies should also fix responsibility in designated individuals for specified elements of data bases.

c.

Concentration of functions IMPACT ON THE INTERNAL CONTROL SYSTEM: In manual systems, separation of functional responsibilities provides a double-check for the purpose of enhancing processing accuracy. In EDP accounting systems, consistency of processing removes the need for double-check. IMPACT ON THE INDEPENDENT AUDIT: The auditor must determine that the necessary input editing controls are in place and functioning to ensure that transactions are accurately introduced into the processing stream. Moreover, to ensure checks and balances within the electronic data processing function, the auditor should study the organizational structure of the EDP group to ascertain proper separation among the following functions: Systems analysis and design Program design, development, and testing Computer processing operations involving data

In batch systems, access to magnetic tape and disk files and programs should be secured by assigning responsibility over these files to one or more individuals designated as librarians, and instituting a formal checkout system for releasing and reacquiring files and programs. IMPACT ON THE INDEPENDENT AUDIT: The auditor should determine that proper control over I.D. codes and passwords exists, that codes and passwords are changed frequently and voided upon termination of employment, and that responsibility for elements of data bases has been appropriately fixed.

In batch systems, the auditors should determine that tape and disk files and programs stored offline are properly secured.

Case 3. a.

Test data approach: The auditor prepares simulated input data (both valid and invalid transactions) that are processed, under the auditors control, by the clients processing system.

Distribution of EDP output and reprocessing of errors

Advantage: A good way of testing existing controls for proper functioning. Disadvantage: Difficulty in designing comprehensive test data; Difficulty in ascertaining whether the programs tested are

the same programs used by the client in processing actual transactions and events during the year.

Advantage: Utilizes real- rather than simulatedtransaction data, and does not require reversing the entries. Disadvantage: Does not necessarily capture erroneous data.

ITF approach: The auditor creates a fictitious entity within the clients actual data files, and processes simulated data during live processing by client. The auditor then compares the results of processing with anticipated results.

Surprise audit: The auditor, on an unannounced basis, requests copies of clients programs, and compares them with auditors copy of authorized versions.

Advantage: Greater assurance that programs tested are programs used by the client (the approach can be applied at different points in time during the year). Disadvantage: Difficult to remove test data from the system without harming clients files.

Advantage: Assists the auditor in determining whether client personnel are using authorized versions of programs in processing data. Disadvantage: Auditor may not always be notified by the client when program changes are made, thus making the comparison irrelevant.

Tagging and tracing: This is a technique whereby an identifier or tag is affixed to a transaction record; and the tag triggers snapshots during the processing of transactions. Following the tagged transactions through the system permits the auditor to evaluate the logic of the processing steps and the adequacy of programmed controls.

b.

Advantage: The use of actual data eliminates the need for removing data from the clients processing system. Disadvantage: The auditor analyzes the transactions only after processing is completed. c. SCARF: A systems control audit review file is an audit log used to collect information for subsequent analysis and review. An imbedded audit module monitors selected transactions as they pass by specific processing points. The module then captures the input data so that relevant information, accessible only by the auditor, is displayed at key points in the processing system.

Inasmuch as each of the above alternatives have distinct advantages and disadvantages, a combination approach overcomes the disadvantages resulting from using a single approach. Using ITF, for example on a few simulated transactions, while applying the tagging and tracing or SCARF approach for numerous actual transactions, provides effective testing of control procedures for error prevention and detection, without requiring the reversal of a large number of simulated transactions from the clients system.

In auditing around the computer, the auditor predetermines the processing results (output) of selected input data, and compares the predetermined results with actual computer output. The advantage of this approach is its ease of application; a significant disadvantage is that the auditor gains no understanding of how the computer processes data, nor of the controls which have been incorporated into the computer programs.

In auditing through the computer, the auditor actually tests the programmed controls used in processing specific applications. Such techniques as design phase auditing, ITF, tagging and tracing, SCARF, test data, and surprise audit are examples of auditing through the computer.

d.

Parallel simulation is an automated version of auditing around the computer in that the auditor creates a set of application programs that simulate the processing system, and compares output from the real and simulated systems. Comparison of input with output ignores the essential characteristics of the processing system and assumes that if the outputs are identical, the system is processing transactions accurately.

Uses include checking and verifying: (1) input transaction validation routines, error detection, and application system controls, (2) processing logic, and controls associated with creation and maintenance of master files, (3) computational routines such as interest and asset depreciation, and (4) incorporation of program changes.

The auditor might elect to use parallel simulation in combination with design phase auditing. Design phase auditing ensures that the necessary controls are installed during system design. By permitting the auditor to test large volumes of transactions, parallel simulation helps to confirm whether these controls are working.

(b) Parallel simulation consists of the preparation of a separate computer application that performs the same functions as those used by the actual application programs. The simulation programs read the same input data as the application programs, use the same files, and attempt to produce the same results (e.g., real data run through test programs). These simulated results are matched with those from the live programs, providing a means for testing through comparison.

Uses include all those cited for test decks.

Case 4. (a) Test decks, also called test data, are sets of computer input data which reflect a variety of auditor-identified transactions for verification through actual computer processing to detect invalid processing of results (i.e., existing programs run test data). Ideal test data should present the application under examination with every possible combination of transactions, master file situations, and processing logic which could be encountered during actual comprehensive processing. Test data are usually processed separately from actual data using copies of master files. Test decks are most feasible when the variety of transactions processing and controls is relatively limited (i.e., fairly simple files).

(c) The integrated test facility approach permits the introduction of auditor-selected test data into a computer system with actual or live data and then traces the flow of transactions through the various system processing functions for comparison to predetermined actual results. An ITF involves the creation or establishment of a dummy entity (e.g., a branch or division) to receive the results of the test processing. Therefore, transactions are processed against the test entity together with actual transactions. Test data must be removed from the entitys records upon completion of the test. Uses are identical to the test deck technique.

(d) Tagging and tracing and SCARF are forms of transaction tracking provided only for auditor selected computer inputs carrying a special code. If the capability is provided in the application system in advance, the attachment of a code to any input transaction can be made to generate a printed transaction trail for that

item following each step of the application processing.

features may be planned should they depend upon computer control procedures.

Uses include: (1) determining the impact of specific transactions on master records or calculations in high volume systems, (2) flagging unusual or abnormal transactions, and (3) debugging application programs.

Training and proficiency are very important for being able to obtain an understanding of the internal control structure in a computer system. Client personnel will expect audit personnel to be capable of working with a computer system.

Case 5. In an audit of a computer-based system, adequate training and experience must be directly related to EDP. In particular, the auditor should be knowledgeable of what computer systems do, how to test the operations of an EDP system, and how to use EDP-unique documentation.

The training and proficiency standard contributes to satisfaction of the independence standard by enabling the auditor to make his own decisions and judgments. Otherwise, he might tend to subordinate his judgment to other persons, possibly to client personnel. When the auditor lacks training and proficiency, it is virtually impossible to maintain an operational independence over audit decisions. An independence of mental attitude is futile if actual decisions are subordinated to others.

The Philippine Standards on Auditing also require the auditor to obtain sufficient competent evidential matter to provide a basis for an opinion on financial statements. Documentary evidence relating to a computer system includes program flow charts, logic diagrams, and decision tables that are not normally used in non-computer systems. Since these types of documentation are a part of the evidence, they must be understood by the auditor, and understanding of them comes through training and proficiency in their use.

Chapter 29 (New & Old)

Case 1.
To the Board of Directors of Neiny Ltd.: We have reviewed the accompanying balance sheet of Neiny Ltd. as of December 31, 2004, and the related statements of income, retained earnings, and cash flows for the year then ended, in accordance with standards established by the Auditing Standards and Practices Council. All information included in these financial statements is the representation of the management of Neiny Ltd. A review consists principally of inquiries of company personnel and analytical procedures applied to financial data. It is substantially less in scope than an examination in accordance with generally accepted auditing standards, the objective of which is the expression of an opinion regarding the financial statements taken as a whole. Accordingly, we do not express such an opinion. Based on our review, we are not aware of any material modifications that should be made to the accompanying 2004 financial statements in order for them to be in conformity with generally accepted accounting principles. The financial statements for the year ended December 31, 2003, were audited by us, and we expressed an unqualified opinion on them in our report dated February 27, 2004, but we have not performed any auditing procedures since that date.

The exercise of due audit care requires a critical review at every level of audit supervision of the work done and the decisions made by auditors. Lacking the requisite skills and lacking independent decisions, the due care expected of an auditor at operational, supervisor, and review levels cannot be delivered.

The Philippine Standards on Auditing require adequate planning and supervision of assistants. Training and proficiency in computer systems auditing is necessary in order to plan access to computerized records, programs, and to obtain machine time for conducting audit procedures. The planning should provide for an early examination of the computer system so that further procedures involving non-computer control and accounting

Modelle & Co. March 3, 2006

basis) and statement of changes in partners capital accounts (income tax [cash] basis) for the year then ended. These financial statements are the responsibility of the companys management. Our responsibility is to express an opinion on these financial statements based on our audits. We conducted our audits in accordance with generally accepted auditing standards. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An audit also includes assessing the accounting principles used and significant estimates made by management, as well as evaluating the overall financial statement presentation. We believe that our audits provide a reasonable basis for our opinion. As described in Note X, the partnerships policy is to prepare its financial statements on the accounting basis used for income tax purposes; consequently, certain revenue and related assets are recognized when received rather than when earned, and certain expenses are recognized when paid rather than when the obligation is incurred. Accordingly, the accompanying financial statements are not intended to present financial position and results of operations in conformity with generally accepted accounting principles. In addition, the company is involved in continuing litigation relating to patent infringement. The amount of damages resulting from this litigation, if any, cannot be determined at this time. In our opinion, the financial statements referred to above present fairly the assets, liabilities, and capital of the Vanda & Corona partnership as of December 31, 2004, and its revenue and expenses and changes in its partners capital accounts for the year then ended, on the income tax (cash) basis of accounting as described in Note X, which basis has been applied in a manner consistent with that of the preceding year.

Case 2. a.

The assertions that are incorrect and should otherwise be deleted are the following: 1. Report should be addressed to Ms. Clean Corporations Board of Directors. Delete the entire paragraph describing the scope except for the reference to cash in banks and accounts receivable. Delete the opinion rendered on cash in banks and accounts receivable. Delete the recommendation to acquire Ajacks.

2.

3.

4.

b.

The assertions that are missing and should be inserted are the following: 1. 2. Date of the report. Statement limiting the distribution of the report to Ms. Cleans management. Description of the procedures performed. Statement that the agreed-upon procedures applied are not adequate to constitute a GAAS audit. Description of the accountants findings. Disclaimer of an opinion concerning cash in banks and accounts receivable. Statement limiting the report only to cash in banks and accounts receivable and indicating that the report does not extend to the financials taken as a whole.

3. 4.

5. 6.

7.

[Sterling & Co.] [Date]

Case 3.
Independent Auditors Report [Addressee] We have audited the statement of assets, liabilities, and capital (income tax [cash] basis) of Vanda & Corona, a partnership, as of December 31, 2004, and the related statements of revenue and expenses (income tax [cash]