Fraud risk factors - Events

2 Types of Misstatements:
1) Fraudulent Financial Reporting:
Early rev recognition, fictitious sale
Intentional misstatement of acct
estimates: sales return, provisions
Complex, unusual or RPT (Outside
normal course of biz & involve nonconsolidated related party)
2) Misappropriation of Assets:
Embezzlement (Misappr collection of
AR, divert receipts written off to personal
acct) Theft of physical & IP (Sell cust.
data in exchange for payment) Inappr
pmt for g&s not received (Kickbacks for
inflated SP, fictitious employees/
vendors) Inappr personal use of coy
assets (Collateral for personal/RPT
loan)
Explain using Drivers: Incentive/
Pressure, Oppor, Rationalisation.
If got all, Fraud Risk is high
Immaterial is still Fraud (intention!)
Other considerations Size of the
company, complexity of the
transaction, Ownership structure
FRAUD RISK ASSESSMENT PROCEDU
Planning: Enquire mgmt (Process,
policies on IC, coy culture & comm
regarding fraud); others within the
entity (understand fraud risk); IA &
TCWG (oversight function in audit
comm with a financial expert)
Risk response
- Select JE based on complexity, cut off
period, unusual trxn& IC overrode
- Review acct est by evaluating mgmt
judgement for bias & perform
retrospective review of sign mgmt
judgement such as AR ageing sched
- Intro unpredictability by modifying
timing, nature & extent of audit
Reporting: Final analytical review
-Reevaluate misstatement

In the Work Environment

-Obtain mgmt representation letter
Professional Skepticism: Ongoing
Firm wide safeguards: Leadership tt
questioning of whether MM or fraud may stress compliance, doc disciplinary
exist. Auditor may accept records &
polices to implement/ monitor QC of
documents as genuine unless there are audit (compliance, indep), rotation
Engagement specific: Disclosure of
reasons otherwise
CPC & ETHICS
nature of service provided, extent of
5 FUNDAMENTAL PRINCIPLES
fees, independent 3rd party review,
Integrity: Fair dealing & truthfulness,
rotating engagement teams
report when they believe there's
Examples of safeguards:
omission materially false or misleading - Notify the clients of the firms conflict of
statements
interest
Objectivity + Professional
- Obtain clients consent to act
competence & due care: To attain,
- Use of separate engagement teams
maintain&comply to professional stds
- Rotation of audit senior in the
Confidentiality: Disclose only when
engagement team
permitted/required by law or to respond - Involving additional professional
to investigation
accountant to review the work done
Professional behavior: Compliance & - Removing the member from the
integrity, no exaggerated claims
assurance engagement
5 THREATS
- Proper disclosure of the work & extent
Self-interest: Dependence on clients' of fees charged for the work
- Proper proced & policies to require all
fees, contingent fees, potential
professional to report promptly to the
employment
firm any breaches due to purchase,
Self-review: Past employment with
inheritance or other acq of a financial
client; Prohibited non audit svcs
interest / serious employmt discussions
bookkeeping/services related to F/S,
system design & implemtatn, actuarial, w assurance client / acceptance of
sig/insig gifts
IA, HR, IB, legal, mgmt functns,
- Promptly notify the professional to
appraisal/valuation svc/ reports (can
dispose of financial interest @ earliest
recommd depr method but not
practical date aft identificatn
implement/ judgement)
- Independent internal quality review
Advocacy: Promoting shares in a
- Ext quality review of assurance team
listed co, acting as advocate in
rd
PROFESSIONAL LIABILITY
litigation with 3 parties

Fail to carry out audit in compliance &

Familiarity: Close r/s, gifts of sig.
complete on timely basis
value, former employee of client
Negligence in performance: over Intimidation: Threat of dismissal,
reliance on mgmt. rep, failure to report
litigation, reduced fees
fraud to mgmt/authority
2 SAFEGUARDS
Ethical Framework: Identify issue,
Created by Profession, Legislatn,
Regulatn: Education, training, CG, prof affected parties & their rights (Client's
confidentiality>affected parties>prof
stds, ext review, prof regulatory
reputation), alt, conseq mag& likelihd
monitoring & disciplinary procedures

ASSERTIONS

Accuracy
Classification
Completeness
Cutoff
Existence
Occurrence
Rights & Oblig
Understandability
Valuation

Class
of trxn

X
X
X
X

Acct
bal

Pres
disc

X
X
X

X
X
X
X

X
X
X
X

Risks & assertions: Auditors generally

assume mgmt will present its FS in the
positive light. (O/s assets & U/s liab to
net assets or O/s rev & U/s exp to net
profits)
if there is a RMM in a class of trxn,
corresponding RMM in related acct bal
Eg. Revenue occurrence / cutoff will
affect the existence of AR in B/S.
Eg. If revenue is o/s via cutoff, affect the
rights & ob to those cash flows & affect
the accuracy of the revenue
AUDIT RISK MODEL (IR*CR)*DR=AR
1. Determine acceptable level of
audit risk (Low - Risk tt auditor
issues an inappropriate opinion)
2. Understand entity & environment
including IC
3. Identify & assess IR & CR
4. Determine RMM (IR * CR)
5. Determine level of DR necessary
to achieve required audit risk
DR determines the nature, extent
& timing of audit procedures to carry
out (Controlled by the auditor thru
design & perf of audit procedures)
Low DR = Low risk tt audit
procedures will not detect MM More
rigorous testing for higher quality &
quantity of audit evidence.
AUDIT EVIDENCE
Nature: Purpose [TOC, SP(TOD, SAP)]
& type (inspection, obsrvation, recalc,
re-performance or AP)

Timing: Interim / Year-end review

Extent: Qty to perform, sample size.
RATIO ANALYSIS CASE
Debtor (AR) T/O: indicate potential
collectability probsAR% of sales
Low bad debt w/off Valuation
assertion @ risk Slowing collectns
risk tt allowance for doubtful accts is
MM, as assumptions used in calc the
allowance in the past may no longer be
valid Link to entity environment
(upmarket industry is more volatile)
Inventory T/O: Obsolescence
problem given the co reputation for
having the latest products Sales
returns, inventory% w/o sales %
Valuation Risk tt inventory is MM as
the NRV of inventory may not be valid if
there is obsolescence
RISK ASSESSMENT
1. GATHER INFO ABT ENTITY
a. Understanding Inherent Risk
b. Internal Controls
Controls designed to mitigate MM
Preventive: Authorisatn & SOD by
req 2 approving mngrs for PO>$10k
Detective & Corrective: Detect any
deviation in monthly bank recon tt is
checked & approvd by manager
Scope: Auditors are only concerned
with IC relating to financial reporting, tt
include the design & implementatn of
controls to ensure tt all trxns are
properly authorised, recorded in the
correct period & valued correctly &
assets are adequately safeguarded.
COSO Framework (IC)
[Pervasive controls]
CONTROL ENVIRONMENT
1. Comm & enforcement of integrity &
ethical values (Mgmt commitmt to
ethical behaviour, code of conduct,
disciplinary mechanism)
2. Commitment to competence (Job

descrp, training, skills-job match)

3. Participation by TCWG (Expertise,
experience, independence)
4. Mgmt operating style
(Positive attitude + actions to ensure
tt F/R not compromised)
5. Org structure (SOD, flow of reliable &
timely info)
6. Assignment of authority &
responsibility (Authrstn policies)
7. HR policies & practices (Training,
Recruitment, evaluation policies)
RISK ASSESSMENT: Identify Risks, Est
magnitude, Assess likelihood, Manage
- Understand the context: Change in op
environment/regulations, no of
employees, new info system, rapid
growth (high vol of trxns), foreign
currency risks, new biz model/pdt/ svcs,
corporate restructuring
INFO SYSTEM
ITGC: Entity wide controls consisting of
a mix of automated & manual ctrls
1.Std planning & policies (required info
system, budget, strategic plan, IT
policies, procedures & stds) 2.Security
over IT infrastructure, data & daily
ops (Incident tracking, system logging,
monitoring functions)
3.Access to program & application
(User pw, IDs, internet firewall, data
encryption & cryptographic keys, user
account & access privilege)
4.Program development & changes
(New apps, system dvlpmt, maintenance
of existing application)
5.Monitoring IT ops (Accurate data,
ongoing compliance with general IT
controls, aligned with biz requiremts)
Inspect avail doc & perm audit file
[Specific controls]
CONTROL ACTIVITIES (MANUAL):
SOD (Authorisation of PO, review,
execution, recording, reconciliation),

Physical & access controls (asset

security, inventory counts),
Performance review variance
analysis (comparing actual results to
budget & investigating variances)
CONTROL ACTIVITIES (AUTO):
ITAC: Transactional BP controls
(Specific functions - payroll, sales
processing). Check math accuracy,
pricing of invoice, edit check of input
data, numerical sequence check,
exception reports, only valid cust ref can
be entered when creating sales invoice,
error msg for unbalanced JE
Inspect docs, activities, walk-thru
tests (not a TOC)
[Pervasive]
MONITORING: assess design,
effectiveness of IC performance & taking
corrective actions.
Int info: Internal auditor evaluation,
compliance with entity policies
Ext info: Review cust complaints,
auditors/regulators & biz partners
Docs from IA, observe & inspect
monitoring procedures w staff&mgmt
2. RISK ASSESSMENT PROCEDURES
A. Enquiries Of Mgmt: Discuss acctg
function w financial controller on
whether staff have required skills to
properly prepare the FS. Discuss market
conditions w sales manager on whether
there are mat ext risks
B. Observation of operations, premises,
facilities, mgmt operating style & attitude
towards IC, op of IC proced, compliance
w key policies
C. Inspection of doc related to entity biz
plans, strategies, major contracts,
industry studies, commitmts, regulatn &
correspondence with regulators.
D. A Proced performed at high level to
provide a broad indication of MM.
-To form expectations about IC

RMM @ Assertion level

3. ASSESS RMM@FS & ASSERTION LVL
-Sig audit risk when RMM is highest bef
considering any mitigating ctrls a)Risk
of fraud b)Risk related to sig economic,
acctg or recent development
c)Complexity of trxn d)Related parties
trxn e)Degree of subjectivity in
measuremt of fin info f)Sig trxn outside
normal biz course
3A. AUDIT PROCEDURES
TOC: only use when it is det @ risk
assessment tt relevant ctrl has been
designed & implemted appropriately
Rely more on TOC & less on SP when
controls are strong or when
substantive testing alone does not
provide sufficient evidence
Process focused tests: Either the
control works or not Absolute
conclusion & materiality don't apply
Guidance on sampling:
High reliance on ctrls draw more
Partial reliance on ctrlsdraw less
Freq of
No of ctrl
control
occurence
Annual
1
Quarterly
4
Monthly
12
Weekly
52
Daily
250
Multiple time
>250
per day

No items to
test H/Par
1
1
2
1
2
2
5
4
20
10
25

15

LOW reliance on ctrls Do not rely on

ctrls, go straight TOD/SAP
TOC: Inspection, Observation, Inquiry,
Recalcltn, Re-performance
TOC (IT):4 Processing Approach
1. Test data: Feed test data around
threshold limit (simulated trxns both valid
& invalid) to client application. Ensure tt
the testing application is the actual
program. Compare results of processing
with expectations for existence&
effectiveness of control.

2. Integrated test facility: Create a

dummy entity on live master file. Enter
trxn for processing by entity with clients
live data & are processed in the same
way. Output channelled into dummy
entity
- Auditor analyses ITF results against
expected results based on actual
environment which the trxns are
processed Greater assurance.
- Permits random entry of ITF trxns &
continuous entry throughout acctg
period Not just @ point of testing.
-Disadv: ITF data must be removed to
avoid corruption of client system.
3. Controlled processing: No
simulated data unlike Test data & ITF.
Auditor may control a batch of client
trxns before processing& calc key input
$ fields& key processing results.
Overviews ctrl activities over computer
processing & output & compare the
output to expected results.
4. Parallel Processing/Simulation:
Comparison of trxns run through 2
programs (clients& one under auditor
control). Compares results from these 2
programs.
2 NON-PROCESSING APPROACH
1. Program code review:
Review program documentation
(Narrative description & source code)
2. Review of job accounting data:
Reviews printed log produced as jobs
are run & considers any excessive
processing time, error conditions or
abnormal halts.
CASE - APPLE PRINT (IT CONTROLS)
-Control 1 (Test data approach)
Automated controls are inherently
consistent so only need to confirm tt the
controls still operate in the same way till
FY end. Place high reliance on
automated controls.

-Manual control of obtaining credit

report on new cust does not provide
evidence of the ctrl at other times of the
year. Obtain additional sample & repeat
TOC design & implementation
-TOC needs to be performed during the
period under audit. Audit evidence
gathered aft the period will be inappr
Cannot gain suff appr audit evidence
of reliability of the ctrl so must adopt
substantive testing
Rely on ctrl if hv reasonable evidence
tt ctrl operate effectively thru the yr
-Revenue (Occurrence): Online system
provides reasonable assurance tt the
trxn occurs& pertains to the entity.
-AR (Existence): Functioning online
ordering system with unique cust logins
requiring verification from cust provides
evidence tt AR exists.
-Credit check Revenue & AR
Occurrence / Existence: Provide
assurance tt cust recorded in system
exist. Valuation: Provide assurance tt
cust recorded have the capacity to pay
their accts when invoiced.
-Integrated online ordering & acctg
system tt stops orders for publishers
who >cr terms & limits: AR Valuation:
Effective ctrls will provide evidence tt
indiv cust cannot >cr terms, reducing
firm risk exposure to defaults & risks
pertaining to the valuation of AR
SUBSTANTIVE PROCEDURES/SP
TOD/SAP: Designed to detect MM at
assertion level & actual $ amt in FS.
-Output focused tests: Materiality
applies ($ amt) Always need to
perform some substantive testing
TOD: Obtain evidence in relation to
indiv amts tt makes up classes of trxn
(IS), acct bal (B/S) or F/S disc; (IS & BS)
Used when direct evidence of items tt
comprise amts in the FS is required

TOD must be included if only SP are

used to respond to a risk.
Eg: Comparing end bank bal to written
cfmatn frm bank (Existence), Compare
amt capitalised within PPE to supplier
invoice (Valuatn/ Existence), Vouching
sales trxn to cust order, BOL (Cut off,
accuracy, occurence) Inspecting PPE
(Existence),
SAP: Evaluate reasonableness of
financial info by analysing r/s betwn
financial & non-financial data
(trend/ratio analysis)
Used when ctrls are strong as SAP
rely on the data used so poor ctrls
over the data will reduce the reliance tt
can be placed on SAP
Efficient way of achieving the req
assurance in auditing acct with high vol
of trxns tt will require a large number of
samples if use TOD
More predictable outcome of the
procedure More assurance obtained
from SAP.
Example: 1. Develop an expectation
band provide justification (for expected
employee expenses)
2. Compute variances with budgeted
3. Assess materiality & explain.
If the variance is material 1.To what
extent is the expectation accurate &
2.Talk to mgmt to understand the
increase in expenses
Eg: High vol of small revenue trxns
Use SAP as it is more effective &
efficient than TOD
Factors to consider in choosing audit
procedures
-Are there assertions tt cannot be
addressed by substantive tests alone? If
so, require TOCs.
-Occurs when there is no documtatn to
provide audit evidence about an
assertion or when an entity conducts its

biz in a way tt no documentation of trxns

is produced or maintained, other than
through the IT.
-Are IC over related trxns expect to be
reliable? If so then TOC possible, unless
the no of trxns are so small tt
substantive procedures is > efficient
-Are SAP viable?
-Are there sig risks to be addressed
requiring special considerations?
MATERIALITY
-Material when a misstatement (or an
aggregate of >1 misstatement) is
significant to influence the economic
decisions of users of financial report.
Quantifying materiality: Professional
judgment, benchmark (depends on F/S
elements, focus of users, nature of entity
(industry), ownership structure &
financing, volatility of benchmark)
Qualitative factors: Compliance,
ratios, trends, mgmt. compensation,
ability to meet future expectations
-RMM & Materiality Inverse r/s
-When RMM is high, the auditor will set
a lower materiality level (to detect for
more material transactions) & perform
more testing.
FS LEVEL (PERVASIVE):
OVERALL PERF MATERIALITY
OM of the FS as a whole reference to
the needs of the user of the FS.
Benchmark & Overall Materiality %
Public PBT (continuing)=3-7%
Trading Rev=0.5-2%; PBT=3-7%
Not for profit Income/Exp=0.5-2%
Owner mngd PBT&owner's pay=3-7
User primary focus
Nature of entity (Lifecycle - growing,
mature, declining / industry & economic
environment, startups operate at a loss
so use asset to predict future cf)
Financing (If heavily debt financed then
users may emphasise more on pledged

assets, CF & other liab)

Volatility (when break-even profit or
fluctuating profits use revenue
Alt: current assets, net workig capital
-If IR*CR=RMM high, then set a low
materiality level.
Perf M based on the OM, set at a lower
amount with a haircut.
- Compare & correct MM >PM
- Aggregate the misstatements tt are <
PM & compare to the OM
ASSERTION LEVEL: SPECIFIC
SPECIFIC PERFORMANCE MATERIALITY
Relate to mat of lower level than OM for
class of trxn, acct bal, disclosure
Law, regulators, acctg framework
requirement (Disclosures on
remuneration, related party trxns,
statutory reporting requirement)
Key industry discl (reserves &
exploration costs for mining, R&D)
Disclosure of significant events &
changes in operations (M&A,
discontinuity of operation, lawsuits,
contingent liabilities, new products.
SPM is based on a haircut of SM
CASE - OM/PM & SM/SPM
Materiality at FS level
Entity is a listed for profit entity so
users of FS are focused on profit
NPBT is an appropriate benchmark
Stable econ climate + comparable
results with competitors support the
benchmark which is unlikely to be
volatile
Publicly listed so more regulations,
larger vol of users so moderate
RMM Audit decide to apply 5% to
NPBT (OM=NPBT*5%)
Perf Mat: Given strong IC, history of
unmodified audit reports, prelim risk
assessment low. Set a PM < OM to
buffer against uncorrected &
undetected misstatements.

Professional judgement: Set PM at

80% of OM (PM=OM*80%) to det
nature, extent & timing of audit proc
Materiality for an acct balance
Restructuring is a sig operational
change key focus area for users
Based on professional judgement, set
SM at 10% (SM=Restructuring
charge*10%)
Set SPM for this acct bal to reduce the
probability tt the aggregate of
uncorrected & undetected
misstatement would exceed SM set
Based on professional judgement, set
SPM at 60% of SM.
AUDIT EVIDENCE (TOC + SP + RELIANCE
ON OTHERS WORK)
AUDIT TESTING
Target testing: Based on judgement.
Select items to be tested based on high
monetary value / high risk
After testing for material samples,
draw samples frm remaining popultn
NON-STATISTICAL SAMPLING Each item
in the population does not have a known
prob of being selected
Eg: OM 10,000 / PM 75,000 / Tolerable
error 75,000 for cust accts
A-E & F1-F100
Step 1: Target test all individual trxns
with balance above PM level
found a misstatement of 10k.
Step 2: Apply non-stat sampling on
remaining untested bal by drawing
samples using random sampling (60
samples of $80k from $575k bal)
Carry out substantive testing on the 60
samples Misstatement of $5k from
ext confirmation (cust orders).
Project misstatement to the population
(random sample): (5k/80k)*575k=36k
Total estimated misstatement = 10k
(target test) + 36k (Non-stat sampling)
= 46k < Tolerable error 75k which is

immaterial so no further testing requird

If material > tolerable error, then
understand if the materiality is due to
target testing or the projection
figure. Expand testing to increase
samples such tt it covers 60-70% of
575k to reduce sampling bias.
INVENTORY STOCKTAKE: If inventory is
mat to FS, auditor must attend a
physical inventory count. Evaluate mgmt
stocktake instructions, observe inventory
counts, inspect inventory, performing
test counts.
LITIGATION & CLAIMS: Mandatory
requiremt to enquire w mgmt, review
BOD minute, review correspondence
between entity & ext legal counsel,
review legal exp acc, obtain ext legal
cfmatn via an inquiry letter sent by mgmt
but response direct to auditor
RELIANCE ON OTHERS WORK
INTERNAL AUDITOR
Factors to consider - Objectivity*,
technical competence, use of
systematic & disciplined approach
Nature & extent of work tt can be
used: Rely on work tt contains limited
judgement, testing the operating
effectiveness of IC (ITAC)
Using the work of IA: Discuss the
planned use of work with IA, Cfm
understanding of nature, extent&
timing of work performed& review its
findings, Evaluate if the work was
properly planned, performed,
supervised, reviewed, documented &
sufficient evidence was obtained,
Reperform some testing work
EXPERT
Auditor retains sole resp for audit
opinion even when expert is used
Asset valuations, esp unique asset
Deter of qty physical conditions of
assets: Stockpiles of minerals,

remaining useful life of PPE

Experts should be Competent*
EXTERNAL CONFIRMATIONS
Ensure existence of assets &
completeness of liabilities
Bank balance (statement) confirmation
+ reconciliation.
Inventories held by third parties
(consignment) so send confirmation of
inventories to consignees.
Auditor needs to maintain control*
over the ext confirmation process:
Which bal to cfm, who to cfm with,
design & send cfmatn requests &
contain return info for responses to be
sent directly back to the auditor
Positive (High RMM) When cust no
response: Perform alt proced such as
vouching w cust order, BOL, RA
Negative (Low RMM) Use when
(i) Confirming a large no of small cust
bal & (ii) Auditor believes cust is
unlikely to disregard a cfmatn request
WRITTEN REPRESENTATION FRM MGMT
As near to but not after the date of the
auditors report on the FS
Cover all the FS & periods referred to
in the auditor report
Cannot be used as a substitute for
performing other audit proced, sole
source of evidence on sig audit matter
Mgmt fulfilled responsibility for the prep of
F/S in compliance
All trxns are recorded & reflected in F/S
REVENUE CYCLE
SALES REVENUE ASSERTIONS
*Occurrence/Existence Ctrls:
Mgmt auth & review unusual trxn; Credit
is approved bef shipment; Vouch
recorded sales trxns with valid cust
order & shipping doc; Prepare & mail
cust mthly statement SOD Initial
processing of trxn SOD Cust inquires
handling SOD Original trxn recording

TOC: Sample recorded sales trxn &

vouch to shipping doc & cust order;
Sample of cust & vouch to cust credit
report/mgmt approval doc; Compare
cust bal w approvd cr limit
*Cutoff Ctrls: Trxn recorded upon entry
of cust order & shipping info; Prepare &
mail cust mthly statement SOD Initial
processing of trxn SOD Cust inquires
handling SOD Original trxn recording;
TOC: Review mgmt monitoring ctrls;
Create dummy trxn in system & check
recording & billing of trxns; Review
nature of complaints received &
investigate
*Accuracy/Valuation Ctrls: Sales
made from authorised computer px lists;
Mgmt reviews & auth px list changes;
Reconcile input w printed output reports
to ensure all changes were made; Only
auth staff can access & modify px lists
TOC: Sample recorded sales inv & trace
to authorised price lists
Completeness Ctrls: Pre-numbered
shipping docs & invoices are used &
regularly accounted for;
Recon shipping with billing records;
Recon inventory with sales
TOC: Review recon, ensure running
numbers; Review mgmt reports &
evidence of actions taken
Classification Ctrls: Chart of acct is
updated & used; Computerisation of std
trxn to ensure consistency of
classification; Training of employees;
Review complex/unusual trxn
TOC: Sample trxns & trace to GL
Sales Returns Ctrls: Formal
procedures to: approve acceptance of
returns & granting credits/ Det
obsolescence or defects/ Ensure proper
classification of goods & det tt goods reshipped are not recog for revenue;
Return & warranty prov are clear in

sales contract; Record returns on prenumbered doc to ensure all are

recorded promptly; Record sales return
based on RR date, Match a sample of
shipping docs/RR issued during cutoff
period w credit memo issued to cust;
Select JE around y/e & vouch it against
sales invoice, shipping date (delivery
doc), shipping term
Allowance Ctrls: Formal cr policy;
Auth to write-off AR SOD staff who
handles cash trxn with cust; Periodic
review of cr policy; Continuous
monitoring of AR for evidence of
increased risk (Aging report)
AP: Ratio analy Gross margin, compare
industry & p/y AR T/O; Allowance/AR;
Bad debt exp/Net cr sales; Dec/Total
Sales; Return & allowances/Total Sale
Trend analy Rev trend w industry &
economy; CFO/NetY (Rev,-ve CFO
AR, Inventory over/s or AP under/s
Mthly sales compare w p/y &budgets
Spikes in sales at quarter/year end
Reasonableness test Review funny
contract terms & form expectations
TOD Sales (Occ/Acc), *AR (Ex/Val)
Vouch GL trxns to sales inv/RA/BOL/
cust order/bank statement; Confirm
balances or unpaid invoices w cust;
Examine subsequent collections as
evidence that sales existed
TOD Sales,*AR (Valuatn/Accuracy)
Trace sale invsale journal &cust/L;
Positive cfm bal or unpaid inv w cust;
Recon cust/L acct with AR ctrl acct;
Review adequacy of allowance
TOD: *Allowance (Valuation)
Inquire mgmt of collectability of cust bal
& allowance est methods, writeoff
procedures; Review AR anlaysis
TOD: Sales, AR (Completeness)
Trace BOLsales inv &sales journal
TOD: *Sales, Returns (Cutoff)

Sample shipping docs/receiving reports

issued during cutoff period & match to
credit memo issued to cust
TOD: AR (R&O) Inquire mgmt about
such arrangements; Review sales
agreements & BOD minutes; Scan cash
receipts journal for large CF from
unusual sources; Bank cfmation
IMPROPER REV RECOGNITION Fictitious
shipment/invoice; Hidden side letters
that give unlimited right to return;
Accelerate YE sales recog; Shipments
of replacement gds/to coy warehouse as
sales; Ship unfinished gds/goods neh
ordered/>ordered; Ship goods bef
shipment date; Consignment sales as
final sales
COMMON FRAUDS INVOLVING CASH
1.Unauthorised disbursements
2.Embezzlement: employee steals
corporate assets& leaves others to
absorb loss; more common in coys with
weak controls over cash
3.Lapping: Employee steals pmt from
custX & apply pmt frm custY to cover
4.Kiting: involves transferring funds
from one bank account to another just
before year end in order to overstate
cash (deposit is recorded into 2nd acct
bef YE but disbursemt is not recorded in
1st acct till aft YE) TOD: Bank Transfer
Schedule (schedule lists all transfers
btwn coy bank accts for a few days bef
& a few days aft YE; lists dates transfers
cleared the bank& dates they were
recorded in the books. Auditor check to
see if dep & withdrawl were BOTH
recorded in the same acctg period)
5.Skimming: Make a sale but does not
record it & steal the cash
6.Collect pmt from cust, steal cash &
write off AR as uncollectible (SOD)
7.Steal cash&record as fictitious disc

CONTROLS OVER CASH

SOD: Bookkeeping/Bank recon/Cash
handling/Cust enquiries; Indep bank
recon: Recon items recvd w record;
Periodic recon of bank accts w book;
Authorisation of trxn: Auth person to
execute trxn; Auth&review change to
existing bank acct&open new acct; Prenumbering of cust pmt; Access ctrls:
Lock/safe, auth access Monitoring:
Daily report of unusual cash activities;
Review discrepancies in cash recon;
Report unauthorized attempts to access
cash; Periodic IA
AP: Ratio analy CFO/sales or net Y;
If got debt covt, look at current ratio
Trend analy Mthly cash bal with p/y
&budgets, identify spikes/low levels;
Compute trend in interest ROI to det if it
is consistent w expected returns
TOC: Sample cash receipts & det if
Each pmt is given a unique number; Pmt
received = Amt applied to AR;
Det who is auth to Changes in doc/
adjust when cash amt invoiced amt;
Make deposit/withdrawals/transfer;
TOD: Bank confirmations: info on
bank accounts, loans& other facilities,
customers assets held as security,
customers other assets
TOD: Bank recon: VOUCH subseqt
clearances for book adjustments +
perform adjusting entries for book
adj;Check o/s cheques w next period
bank statement
ACQUISITION CYCLE
Requisition for gds Ctrls: Written
req made by pdn/stockroom manager;
Comp-generated req based on current
inventory levels &pdn plans
Purchase Ctrls: Competitive bidding
Rotation of purchase agents; Auth
vendor database; Pre-numbered forms
to est unique & completeness

Receipts Ctrls: Receiving dept use prenumbered receiving doc to record all
receipts (qty, item, date, condition);
Review copy of PO to det if shipment is
authorised & item recvd are those
ordered
Approval of items for pmt Ctrls:
Match vendor invoice, PO & RR bef
approving for pmt & recognising AP
Cash disbursement Ctrls: Review trxn
against supporting doc & auth cash pmt;
Cancel supporting docs upon pmt to
avoid duplication
TOC: Sample pmt & trace to docmtn to
ensure tt controls are performed
AP: Ratio Inventory T/O Shrinkage ratio
(Inv write down/ ending inv) det extent of
obsolescen; Analyse sales by pdt line;
AP T/O; AP/CL; Purchase returns &
allow/Purchases
INVENTORY, COGS ASSERTIONS
Existence/Occurrence Ctrls: periodic
physical counts; all RR are
prenumbered & accounted for
TOD: Review physical inventory
procedures; Observe stocktake & reperform test counts to inventory listing;
vouch/ trace items from inv listing to
location in warehouse/vice versa;
confirm inv held by 3rd party
Completeness: TOD: YE cutoff
testsSample from purchase & sales
journal bef & aft YE, vouch against
shipping & receiving doc to det proper
recording
R&O: TOD: Review vendor invoices
when testing disbursements to det tt
proper title is conveyed; Review
purchase k to assess rights to return
Valuation: TOD: Inquire of pdn staff
abt existence of obsolete inventory;
Note potentially obsolete inventory
during stocktakes, trace items to client
inventory compilation & det if they are

labelled as obsolete items; Test inv cost

by taking sample of recorded inventory
& trace to vendor invoices; Test for
possibility of obsolete (Inquire client
about sales adjustment/markdown;
Verify sales price by reviewing recent
invoices)
Cut-off Ctrls: Stop all inventory
movements during physical count; recon
vendor YE statements TOD: Attend
stocktake & take note of last shipping
docs used; inventory receipt & shipmt &
disbursement cutoff tests; Review
purchase & sales JE around YE & vouch
to shipping doc & RR
Fraud risks: TOD: Alter timing &
extent Observe all inventory locations
simultaneously; Confirm inventories at
locations outside the entity; Send
confirmations to vendors confirming
invoices & unusual terms
AP assertions (recorded in RR)
Existence Ctrls: Match vendor invoices,
requisition form & RR prior to
recording/pmt of vendor invoice TOD:
Confirmation of AP; vouch AP to
requisition/PO & RR/BOL
Completeness Ctrls: Monthly recon
of vendor statements; pre-numbering of
requisition forms & RR TOD: Request
vendors monthly statement or send
vendors confirmation; Draw sample of
cash disbursements made aft YE to det
if disbursements are for g&s applicable
to prev year; Draw
sample from invoices & trace to AP
Valuation Ctrls: Omission of qty in
warehouse copy of req form; Match
descrp, qty, px on vendor invoice to req
form & RR. TOD: Check math accuracy
of payable TB &subledgers Recon
payable TB, G/L, purchase journals, sub
ledgers; Req vendor monthly statement
or confirmations Vouch payables to

vendor statement;
capex are capitalised; Review entries to
LONG LIVE ASSETS: Fraud Risks: Sales repair & maintenance exp to det if items
should have be capitalised TOC: Vouch
of assets not recorded & proceeds
misappr; Sold assets not removed from large R&M charges to supporting docs;
books; Inappr residual value/lives;
Trace physical PPE to clients PPE
listing; Review lease agreements for
Capitalise cost tt shld be exp;
Impairment loss are not recog relative to capital leases; Select sample of addition
& examine RR or det tt all items are
gross assets (depends on plans for
expansion/contractions)
recorded in the correct period
Substantive tests for PPE:
R&O: TOD: Inquire mgmt if PPE have
*Existence Ctrls: Identify existing
been pledged as collateral; Examine
assets & recon with property ledger
document of title; Review BOD min &
periodically; Safeguard the assets;
legal correspondence
TOD: Inspect tangible assets; Select
*Valuation Ctrls: All purchases are
authorised & properly valued; Proper
sample from FA ledger & vouch to
classification of new equipment to
supporting doc; Additn &disposal test
intended use & estimated useful life;
TOC: vouch sampled additions&
Monitoring & review asset impairmt
disposals to supporting docs; physical
inspect sampled PPE; Request
TOD: Review dep/amtzn policy &
additon&disposal schedule & trace
recalculate dep/amtzn;
selected assets to entries in FA ledger; Impairment testing Inquire mgmt
Trace beg bal to prior working paper end abt asset impairmt & assess impairmt
bal; Inquire mgmt abt existence of sig
testing reasonableness;
new leases (classification issue); Inspect Roll forward testing Check tt FA
major facilities for addition/disposal/
records are mathematically correct
obsolescence of sig equipment
agree with GL FA accts
TOD: Addition testingSelect sample Disposal testing Select sample from
FA register & vouch to sales invoice/
from FA register & vouch to vendor
contract; Verify sale proceed to cash
invoice/purchase contracts;
Cap v Exp testingVerify amt of
receipts; Recalculate gain/loss from
each addition to vendor invoice; Check disposal by (vouch cost of asset to
descp on invoice for nature; Verify additn original vendor invoice & recalculate acc
is part of board-apprvd plan; Det if it was dep, CV)
Analytical Procedures: 1)Develop
an upgrade to better op capacity or
extend useful life; InfrequentCap;
expectation Avg beg & end bal, adj for
YearlyExp; *Review FA/L to identify
salvage value, compute annual dep;
item existing tt wld be replaced; *Discuss 2)Compute variance; Compare useful
w mgmt if pre-existing item found shld be lives w industry std; Capex w capital
W-off; *Inspect assets identified &
budget; Dep/asset; Cy/Py dep
DEBT OBLIGATIONS CTRLS: BOD apprv
consider if additions & write-offs are
reasonable
new debt; Debt amtzn sched is
Completeness Ctrls: Authorize
prepared, reviewed & approved by appr
staff; Debt & int accts updated & recon
disposal of assets TOD: Review
capitalisation policy to assure that all sig to ledger on a monthly basis

AP: Est int exp based on avg i/r & avg

debt o/s; Trend DE ratio; EBIT/interest
payable
Completeness TOD: Confirm debt w
debtors/buyer/transfer agent; Vouch
add/deletions to debt
Valuations TOD: Detailed debt records
are math correct & agree with G/L debt
acct; Cfm debt & recalculate debt
amortization schedule
EQUITY: Valuations/existence TOD:
Review BOD minutes; Confirm issuance/
repurchase w stock registrar & transfer
agent; Issuance Trace stock proceed
to cash rec journal; RepurchaseTrace
repurchase to cash pmt journal
Dividend existence TOD: Review BOD
minutes for authorisation of div/share &
record date; Recalc dividend amt &
agree to cash disbursement journal
RATIO ANALYSIS
AR T/O=Net credit salesAvg net AR
Inventory T/O = COGS Avg Inv
AP T/O=Net Purchases Avg net AP
Turnover in Days = 365 T/O
Gross Margin = Gross Profit Sales
Profit Margin = Net profit Sales
AUDIT COMPLETION
Subseq events: FYE reporting date
T1Dir declaratn &auditor rpt signd
T2 Distribution of F/ST3
Mgmt action - T1 events
Adjusting events: Provide evidence of
conditions that existed before FYE
1)New evidence on existing event tt can
reliably estd. Adjust F/S to reflect legal
settlement by adj/recog proviso &
remove any ref to the legal case in
contingent liab under note disclosure
2)Escalatn of existing event@reporti
date due to new info abt a possible
obligation. Cannot est reliablyX adj
Include a disclosure note for the prov in
the F/S on the potential fine.

Non adjusting events: New conditions

that arose after FYE
If amt is material, disclose nature of
event & estimate of financial effect.
Auditors Responsibility T1 only
T1: Obtain suff & appr audit evidence tt
all adjusting events during this period
have been identified. Identify subseq
events even if mgmt dont disclose
T2+3:No obligation to identify subseq
events (Mgmt responsibility) If mgmt
disclose & adj F/S, auditor is required to
perform additional audit procedures to
reassess audit opinion
T3: Include Emphasis of Matter para in
the audit report to draw attn to particular
matters in amended F/S. Applies for
modified & unmodified opinion
ASSESSING GOING CONCERN (GC)
Obtain suff & appropriate evidence on
GC assumption & if mat uc exists
If mgmt has performed preliminary
assessment on the GC assumption
Discuss & obtain mgmt action plan to
manage GC risk
Auditor to evaluate mgmt plan +
supporting docs
Assess GC assumption & if mat UC
exist, disclose nature &effect on FS
AUDIT PROC WHEN GC IS IN DOUBT
Obtain audit evidence on amt to be
disclosed; Analyse &discuss w mgmt
any impact on c/f &profit (projections)
+validate key assumption underlying est;
Read terms of loan agreement & assess
for any breach; Read BOD minutes for
ref to finance difficulties; Inquire with
legal counsel for any existing litigations;
Cfm existence+ legality+enforceability of
arrangemt for financial support (fire
insurance); Cfm existence+ terms+
adequacy of loans facilities; Determine
adequacy of support for planned
disposal of assets; Obtain revised

invoice+check subseq pmt of invoice+

check tt revised amt is reflected in F/S;
Obtain written cfmatn from lawyer to est
likelihood & amt of claim+ compare to
prov amt included to gain evidence tt
prov is materially correct
GC INDICATORS
Financial: Borrowing issues (breach
of debt covt, loan renewal, rely on ST
loans to finance LT assets); Net liab
position; Arrears of divd; Change from
credit to cash on delivery; Sig fall in
value of op assets; Prolonged op loss;
Decline in profitability
Operating: Mgmt intends to liquidate
entity; Loss key mgmt/major cust/mkt
Successful comp; Underpricing by
comp; unrealistic turnaround projectn
Others: Non-compliance/Change in
legal/regulatory requiremts; Pending
litigation risks Co is unlikely to satisfy
Uninsured for catastrophic event
GC MITIGATING FACTORS: Obtain letter
of guarantee frm parent Co, Mgmt plans
to liquidate assets, debt restructuring,
reduce/delay expenditure, funding via
capital/debt. [GC assumption]
Material UC: When any events,
individually or collectively, cast
significant doubt on the entitys ability to
continue as a going concern.

CR insurance exp / DR prepayment);

C/y exp is u/s (Adj by DR insurance exp
CR ORE); Recognise expense & PBT
Identify accts affected by the adj.
Assess materiality individually:
Identify the acct bal w the smallest amt
(result in the largest impact on mat%);
Calc %MM; Det if there is MM for each
acct individually.
Assess materiality on an aggregate
basis: Record each misstatement as a
dr/cr against each acct; Adds up (Net
off) amt in each acct to det the
aggregate misstatemt & total impact of
incorrected misstatement on the F/S;
Calc %MM=Aggregate misstatement/
Acct Bal; Det if theres MM on aggregate
TYPE OF AUDIT OPINION
Unmodified: No mat violations of FRS;
Adeq disclosure; Auditor perf all nec
procedures; No sig doubt abt client
remaining a GC; Auditor is independent.
Modified: MM result from: (i) Selection
of inappropriate acct policy; (ii) Incorrect
application of selected acct policy;
(iii) Inappropriate/Inadequate disclosure
INABILITY to obtain sufficient app audit
evidence: (i)Circumstances beyond ctrl
of entity; (ii)Circumstance relating to
nature/ timing of auditors work;
(iii)Limitation imposed by mgmt
GC
Mat Adeq+App
Auditor rpt PERVASIVE when the impact of
asspn UC
Mat UC disc
opinion
misstatement: Not confined to
App
No
Not requird
Unmodified specific elements/accts of the F/S; If
App
Yes Yes
Unmodified so confined, misstatement represents a
+EOMpara
substantial proportion (no. of acct bal
App
Yes No
Qualified
affected)
of F/S; In relation to disclsr,
Inapp Adverse
misstatements
are fundamental to
AUDIT OPINION
users
understanding
of F/S
Evaluating misstatement: Reassess
Mat+Not Mat +
Nature of mod
mat lvl for F/S as a whole
Pervasive Pervasive
CASE - Assess MM individually & on F/S are MM (able to Qualified Adverse
aggregate basis. Recognise
obtain suff app evid)
prepayment in prior yr as expense: P/y Inability to obtain
Qualified Disclaimer
profit (ORE) & prepayment is u/s (Adj by suff app evidence
of opinion

Qualified: When MM are not pervasive

Adverse: Cast substantial doubt on GC
assumption (Pervasive)
Disclaimer: Scope limitation exist
(pervasive); Auditor lacks independence
BASIS OF MODIFICATION PARAGRAPHS
F/S ARE MM:
Basis for qualified: Inv stated solely at
cost& not at lower of cost/ NRV; Impact
of adj req the Co to recognise xx in write
down to inv; Not pervasive in nature.
Basis for adverse: Pervasive impact on
F/S
INABILITY TO OBTAIN SUFFICIENT APP
AUDIT EVIDENCE:
Basis for qualified: Denied access to
inventory in warehouse; Only affect inv
acct; Not pervasive in nature.
Basis for disclaimer: Pervasive impact
on F/S
EOM / OM (Other Matters) PARAGRAPHS
OM: For matters necessary to draw user
attention; NOT presented/ disclosed in
the F/S; Relevant to understanding of
the audit.
EOM: For matters necessary to draw
user attention; Appropriately presented/
disclosed in the F/S; Fundamental to
user understanding of the F/S.
-Matters not app presented/ disclosed in
the F/S should be reflected in the
audit opinion, not in the additional
paragraph
GC risks
An UC relating to the future outcome of
exceptional litigation/regulatory action
Early application of new acctg std tt
has pervasive impact on F/S
A major catastrophe tt has sig impact
on the entitys financial position
CASE - DET APP AUDITOR OPINION
Obtain reasonable assurance
1. Ability to obtain sufficient appropriate
audit evidence.

2. Determine if the misstatement is

material: Cal % of the acct bal misstated
3. Explanation - Determine if the acct
policy is in accordance with FRS.
3a. Pervasive: Based on the 3 criteria +
Esp if possible misstatement is
fundamental to user understanding of
the F/S.
3b. Type of auditor opinion: F/S is
misstated due to (i)F/S being MM OR
(ii)inability to obtain sufficient app
audit evidence; Effect on the F/S is
material & pervasive (or not pervasive);
3c. As a result, the modified auditor
opinion is a qualified/disclaimer/adverse
opinion.
IDENTIFYING FURTHER AUDIT PROCED
REVIEW POINTS

Describe how what has been done

- is Insufficient (Thus there is

insufficient audit evidence to provide
assurance about the assertion of __)
- is Inappropriate (Thus the evidence is
not relevant to the assertion being
considered)

Describe how to obtain the evidence

(Substantive procedures)

Consider if audit strategy needs to be

revised & identify further audit proce
Consider whether further misstatements
are likely by assessing the nature of MM
& circumstance in which MM occurred

Descriptn of M likely to impact risk

The discovery of unrecorded liabilities
increase the risk that further liabilities
have not been recorded

Key Acct Bal/Trxns & Assertions

Further audit procedures
SUMMARY OF MISSTATEMENTS

-Descrpn of M & proposed JE to correct

-Working paper reference (W/P)
-Impact on F/S: Dr/(Cr) P/L, Assets, Liab

UPDATE AUDIT STRATEGY AND PLAN

Update Overall Audit Strategy

Nature, timing and extent

Engage affiliate office in China to assist
in obtaining audit evidence
Engage a registered property valuator
who resides in China to provide FV of
land as at 31 Dec 20X3

Update Audit Plan

Identifying & assessing RMM

Acct bal | Assertion | IR assessment |
CR assessment | RMM assessment |
Audit procedures required (can
answer all assertions proced together):
Nature:
- As key assertions have high CR, do
not perform TOCs
- Extensive SP must be performed
- Design of TODs
- Audit team will need to perform specific
audit proc as set out in audit manual in
relation to using the work performed by
other auditors & experts
Timing:
- Engage & discuss with audit team in
Chinas affiliate office, the translator,
property valuator in China at interim
audit
- Perform other SPs at year end
Extent:
- Obtain appropriate legal docmtn in
relation to land & construction in the
area, including any constraints or
conditions applicable to building
TOC SUFFICIENCY & APPROPRIATENESS
What remains o/s to TOC documtd?
Auto CR: due to inherent consistency
associated with auto ctrls, merely det it
implementation may serve as test of
operating effectiveness. Need to
confirm ctrl still operated in the same
way for the remaining period to YE
Manual CR: Obtaining evidence abt the
implement of ctrl at point in time does

not provide evidence of operation of ctrl

at other times of the year. Need to
obtain additional samples for May &
June 13 & repeat TOCs designed
Whether TOCs can be relied on
Auto CR: If implemented & operating
effectively, ctrl process has not changed
in the period to YE, can place reliance!
Manual CR: In order to rely on ctrl, need
to obtain reasonable evidence tt ctrl was
operating thru out the period. Need to get
additional samples to test ctrl was
operating effectively for samples selected
TOC not performed: This is outside
current audit period & ctrl need to be
tested thru out the period. Any evidence
obtained aft YE re: implementation of auto
ctrl will be inappr for purpose of audit.
Because cannot gain suff appr evidence
of ctrl reliability, must do Sub testing Pr
REVISING OVERALL MATERIALITY
Revise OM using the adjusted benchmark
Det if additional work required on audit
Consider appropriateness of nature,
timing & extent of audit procedures that
were planned & performed before revision
Need to revisit all audit procedures
- Perform additional proc as appropriate,
where lower materiality changes the
nature, timing & extent of audit procedure
- Re-evaluate any other misstatements
identified against the revised materiality
level set
- Impact on indiv F/S bal & assertions wld
vary, & in some instances, no or minimal
additional audit proc would be required