IAF520 - Key Audit Topics

Final Comprehensive Exam

1. External Audits: Management responsibilities vs. Auditor responsibilities

2. Materiality - quantification using professional judgment - maximum error tolerance - consider

both quantitative and qualitative matters (ie) errors/mistakes in previous audits, adequacy of
key controls

3. Audit opinions: unmodified vs. qualified (“except for” clause due to GAAP or scope issue),
Adverse opinion - material and pervasive GAAP issue, Denial/disclaimer of opinion - material
and pervasive scope limitation issue

4. Management assertions:
i. existence,
ii. completeness,
iii. ownership,
iv. valuation, and
v. presentation

5. Internal control objectives of auditors:

i. validity,
ii. completeness,
iii. authorization,
iv. accuracy,
v. classification, and
vi. proper period

6. Internal controls (general, I.T., physical & cash) - understand, assess & test - leads to
identification of strengths & weaknesses, determination of extent of substantive testing and
recommendations of additional/revised procedures required to mitigate weaknesses

7. Audit Risk Model AR = CR x IR x APR x RIA (incorporation of analytical procedures risk and risk
of incorrect acceptance)

8. Good/poor controls - impact on substantive testing

9. Audit approaches/strategies:
  controls-based testing
 substantive-based testing
 combined - controls & substantive testing

10. Sampling risks - efficiency risk (assess control risk too high, over-auditing) vs effectiveness risk
(assess control risk too low, under-auditing). Which risk is more important auditors?

11. Sampling risk vs. non-sampling risks

12. Audit Cycles - sales & A/R & cash receipts, purchases & payables & cash payments, payroll &
production, finance and investments etc. - all audit cycles have cash control implications

13. Audit Evidence - sufficient (enough), appropriate (relevant & reliable)

14. Types of audit evidence gathering techniques: )

I. inspection,
II. observation,
III. confirmation,
IV. re-performance/re-calculation,
V. analysis, and
VI. inquiry

15. Audit Risk and Audit Evidence - relationship

16. Analytical Procedures (substantive in nature) - ratios/formulas/comparisons, commonly used

during audit planning & final audit review

17. Common red flags (indicators) of fraud:

 missing documents,
 unusual endorsements,
 unexplained accounting entries or adjustments,
 poor management,
 old/unusual reconciling items
 ineffective (or non-existent) internal controls
18. Extended audit procedures to consider when fraud is likely/suspected - to be focused in the
area where the audit is suspected (ie) Payroll or Inventory or Fleet Management, etc.:

 inquiries
 review of journal entries
 surveillance
 compare to previous year(s)
  compare to budget
 ledger account analysis
 review of accounting “estimates”
 expenditure analysis
 vertical analysis
 horizontal analysis
 other relevant analytical procedures

19. Professional scepticism - questioning management representations, obtaining corroborating

evidence - “assume nothing, verify everything”

20. Cash controls for cash receipts & cash payments, petty cash and payroll - cash balancing, petty
cash item dollar limit, petty cash amount, expenditure authorization, review of cash
transactions, regular deposits of cash & cash equivalents, security of petty cash fund, pre-
numbered cheques, monthly reconciliations, technological controls, bonding of employees,
rotation of duties, segregation of cash handling/cash accounting duties/bank reconciliation
duties.

21. Types of assurance engagements: Audit (reasonable assurance), Review (negative assurance) &
Compilation (virtually no assurance) - audit procedure similarities & differences, costs, resources
required, expertise requirement, independence of practitioner

22. Common audit correspondence (purpose, who initiates, who receives, timing):
 engagement letter
 audit planning memo
 internal control deficiencies memo
 confirmations (A/R, banks)
 lawyer letters
 management representation letter
 management letter
 significant audit findings (a.k.a. management letter)
 audit report

23. Confirmations: Positive vs Negative - similarities & differences, which type of A/R confirmation
provides better audit evidence?

24. Good general internal controls: segregation of incompatible duties, adequate supervision,
regular & independent reconciliations, rotation of duties, pre-numbered documents, up-to-date
policies & procedures, regular training etc.

25. Common Payroll risks: paying fictitious employees, over-payment of employees, incorrect
accounting for payroll costs