Beruflich Dokumente
Kultur Dokumente
INTRODUCTION
1) ISA 315- before an auditor can audit a thorough understanding of a clients internal control systems should be obtained –(do a walk through)
2) Internal Contols: + acc.sys. produce balances & totals –good acc.sys. = generates good ( 1-valid,2-accurate,3-complete,4-timeous = “ VACT”) info.
3) Auditor more interested in acc. info. less in other info : eg sales analysis,budgeting info,marketing info etc.
DEFINITION OF INTERNAL CONTROL.
DEFINITION (PER SAICA BOOKLET :'GUIDANCE FOR DIRECTORS:REPORTING ON INTERNAL CONTROLS')
Internal Control is a PROCESS effected by the 1- COMPANIES BOARD OF DIRECTORS ,2-MANAGEMENT AND 3-OTHER PERSONNEL.Designed to provide
REASONABLE ASSURANCE regarding the achievement of OBJECTIVES in the following 3 categories:
i) 1-ECONOMY 2- EFFICIENCY 3-EFFECTIVENESS.
ii) INTERNAL FINANCIAL CONTROL
iii) COMPLIANCE with applicable LAWS & REGULATIONS.
FOUR ASPECTS OF INTERNAL CONTROL FROM ABOVE DEFINITION.
1. Internal control is a PROCESS , a means to an end, not an end in itself.
2. AFFECTED BY PEOPLE ,not just procedures/policies.
3. Only REASONABLE ,NOT ABSOLUTE ASSURANCE.
4. To achieve objectives in 3 CATEGORIES , which are INTERLINKED. (3 in definit.)
(ISA 315). 5 COMPONENTS OF INTERNAL CONTROL (IN CH 7)
1. CONTROL ACTIVITIES : actual sys.
2. CONTROL ENVIRONMENT (all):+attitudes,awareness,actions, of those responsible for governance,mngmnt
3. ENTITIES RISK ASSESMENT PROCESS:
4. INFORMATION SYSTEM : incl. related business systems, transactions
5. MONITORING OF CONTROLS : eg internal audit dept.
INTERNAL CONTROL OBJECTIVES.
1) Policies & Procedures (internal controls) to ensure orderly & efficient conduct of business.incl. controls to :
a) ADHERE TO MNGMNT POLICIES (INCL. APPLICABLE LAWS & REGULATIONS!)
b) SAFEGUARD ASSETS
c) PREVENT& DETECTION OF FRAUD & ERROR
d) ACCURACY & COMPLETENESS OF ACC RECORDS
e) TIMELY PREPARATION OF RELIABLE FIN. & OTHER INFO NECESSARY TO RUN BUSINESS.
LIMITATIONS OF INTERNAL CONTROL.
1) Cost exceed benefit –limits capacity of int.controls.
2) Directed at routine transactions. –miss non-routine eg sell copier.
3) Human error. – eg: calc. discount after vat.
4) Collusion- eg fraudulent paypacket- collude wage clerk,foreman,personell mngr.
5) Mngmnt Override / Abuse of responsibility over internal control.- eg mngr overrides stop on purchases for overdue acc.
6) Changes in CONDITIONS causes INADEQUATE controls.- sales clerk not check credit record/overdue acc. due to volume
THE ACCOUNTING SYSTEM
1) Category of int. controls = 'INTERNAL FINANCIAL CONTROLS'.
2) Collection of TASKS & RECORDS to process transactions to create fin.records
3) Maj. elements = 1-PAPER 2-PROCEDURES 3-PEOPLE 4-COMPUT
4) BUT , to ensure =” VACT” = VALID ,ACCURATE,COMPLETE +TIMEOUS ADD: control procedures to Acc.Sys. (not calc.price,write invoice,enter in sales
journal, BUT check customer not overdue before sale, check calculations, mnthly check if entered in sales journal afterwards.
WHO IS INTERESTED IN WHAT?
1) MANAGEMENT:all 3 categories , but eg fin director-int.fin. controls, production dir- operations controls(efficiency,effecti...) etc
2) INTERNAL AUDITORS : all 3 categories –eg audit delivery procedures,or compliancewith laws, or stock audit etc.
3) EXTERNAL AUDITORS : last 2 Internal Financial Control :accounting sys. + related controls.,related laws & reh=gulations(but not on eg environmental laws,that
is production mngr etc.,unless fin implications eg a fine is involved.Then he is interested,(now financial))
1) Control Environment (strong) : Attitude and awareness of managers & directors to internal controls and their importance to entity.
1. Eg: fin accountant does not bother to check recon of creditors ledger to creditors statements made by creditors clerk PROPERLY ,only HALF,before
paying ,.So soon clerk wont bother to actually reconcile properly.
2. ISA 315: says good control environment characterised by: see back of isa 350 for list of this
2) Competent ,Trustworthy Personnel. – esp. at internal controls.
3) Segregation of Duties. – collusion is necessary.
1. Eg: E.F.T. control, or storeman signs a gate pass delivery note+ falsify stock record+takes goods
2. A TRANSACTION PASSES THROUGH 4 STAGES:
i) Authorising
(1) Purchase order authorised by chief buyer
(2) Checking & approve supporting docs. For a payment to a creditor.
ii) Executing
(1) Order placed with supplier by the order clerk
(2) Preparing the cheque realisation and cheque (SEPARATE CUSTODY OF CHEQUE)
iii) Custody of Asset
(1) Goods rec. by receiving clerk & placed in store.
(2) Signing cheque (NB person who has signing power auto has SEPARATE HAS CUSTODY OF CASH)
iv) Recording
(1) Transactions entered into acc. records by acc. clerk.
2|Page AUDITING NOTES TEST 2 DIPAC
AUDIT EVIDENCE.
1) THE ASSESMENT of Inherent Risk and Control Risk at the client. :if higher risk – more evidence from most reliable source needed.
3|Page AUDITING NOTES TEST 2 DIPAC
2) THE MATERIALITY Of Item Being Examined :eg if stock is very material – auditor must get more of appropriate evidence.-why –greater likelihood of
material misstatement.
3) Experience from Previous audits (at same client). HISTORY
4) Results of audit procedures ALREADY CONDUCTED. – eg if test of debtors was good , then do less other tests.
5) RELIABILITY and Source of info.available. if no reliable tests available, then much more of less reliable tests must do.
6) PERSUASIVENESS of the audit evidence : eg: evidence gathered on one section of audit which is Supported by evidence from another section = more
persuasive .If it Contradicts it = less pesuasive.
1) The OBJECTIVE of an audit : is for an auditor to EXPRESS an OPINION on whether the FINANCIAL STATEMENTS are FAIRLY PRESENTED. In all MATERIAL
ASPECTS after comparing it to an IDENTIFIED REPORTING FRAMEWORK (check other definitions of this before)
2) Embodiment of Assertions: the financial statements are the EMBODIMENT of the ASSERTIONS of the DIRECTORS of the COMPANY ,in the PRESCRIBED
FORMAT , on the FINANCIAL RESULTS and PERFORMANCE of OPERATIONS ,which they are managing on behalf of shareholders.
3) ISA 500R : the auditor should use assertions for classes of transactions ,account balances,and presentation and disclosure,in sufficient detail to form a basis
for the assesment of risks of material misstatement and the design and performance of further audit procedures.
4) It is the Auditors duty to gather sufficient evidence to support assertion being audited.
5) Every assertion should be considered for audit, but those assert. presenting highest risk of MATERIAL MISSTATEMENT by the AUDITOR in his'"OPINION on ... ",
must be concentrated on.
DIAGRAM OF ASSERTIONS:
PRESENTATION
ASSERTION TRANSACTION EVENTS ACCOUNT BALANCES
DISCLOSURE
1 COMPLETENESS (ALSO ?
# # #
VALIDITY)
2 OCCURRENCE # #
3 EXISTENCE #
4 ACCURACY # #
5 CUT OFF #
6 CLASSIFICATION (and for
Pres.& Disclosure : # #
UNDERSTANDABILITY)
7 RIGHTS and OBLIGATIONS # #
8 VALUATION and ALLOCATION
# #
1.1.3. Accuracy : all sales recorded appropriately , meaning prices discount & vat rates are correct & correctly calculated.
1.1.4. Cut-off : All sales recorded occoured in accounting period being audited.
1.1.5. Classsification : All sales posted to proper account incl. Contra accounts –VAT, DISCOUNT ,CREDITORS.
2. Auditor self stock count= 'existence'+some 'valuation' BUT not 'rights' eg could be uncollected but sold .NOR 'completeness' yet because must first be traced
to records to determine if all were included in records.
3. sheet to shelf = existance BUT shelf to sheet =completeness.
4. Tests of controls specificaly as to accuracy will not prove validity(?occourence /existence? ) or completeness.
3) Good results reduce control risk and hence audit risk , then less time need spent on substantive tests.
4) LIMITATIONS OF : tests of controls:
a) Good when checked but not in the rest of the Fin. Year.
b) Inherent risk? ch7eg 1-only test some 2- subjectivity-auditor own method 3-
5) LIMITATIONS OF : internal controls:
i) Cost exceed benefit –limits capacity of int.controls.
ii) Directed at routine transactions. –miss non-routine eg sell copier.
iii) Human error. – eg: calc. discount after vat.
iv) Collusion- eg fraudulent paypacket- collude wage clerk,foreman,personell mngr.
v) Mngmnt Override /Abuse of responsibility over internal control.- eg mngr overrides stop on purchases for overdue acc.
vi) Changes in CONDITIONS causes INADEQUATE controls.- sales clerk not check credit record/overdue acc. due to volume
6) Example:
a) If control procedures in credit purchase procedure are sound- related balances/transactions rec. will be sound
i) Ie: control when purchase acc and creditors acc debited /reconciled authorised, also controls at creditor payment and creditor acc. DR etc.
SUBSTANTIVE PROCEDURES.
1) Tests controls cannot provide 100% assure so sustant.tests need be done.
2) SUBSTANTIVE TESTS BROADLY DISTIGUISHED INTO;
a) Tests Of Detail.
b) Analytical Procedures.(very powerful tool)
3) CATEGORIES OF SUBSTANTIVE PROCEDURES:
i) REPERFORMANCE : repeating 1-Wholly 2- In Part same procedures performed by client eg:debtors age analysis.
ii) INSPECTION : inspect 1-docs+records, or 2-tangible assets eg: inspect fixed asset to verify existence or inspect .
"Confirmation Of Balance Certificate" from long term loan creditor.
iii) ENQUIRY : 1-oral or 2-formal written : to inside or outside entity to get 1-Corroborative evidence or 2-Plain knowledgeable person inside or
outside entity.
iv) CONFIRMATION : procedure of obtain response to an enquiry to corroborate info. in the acc. records. knowledgeable person inside or outside entity
v) RECALCULATION : check arithmatic on source docs & records. Eg: check depreciation calc.
vi) ANALYTICAL PROCEDURES : analysis of ratios + trends , then investigate inconsistent deviations .(statistics)
4) Substantive procedures are performed on
a) Balances Assertions= ; Existence, Completeness,Rights&Obligations,Valuation&Allocation.,
b) Transactions Assertions= ; Occourence,Completeness,Cut-off,Classification&Understandability,Accuracy
5) Financial stat. consist of only
a) Collection of balances - bal sheet
b) Summary of totals – inc.stat
6) VOUCHING AND VERIFYING:
5|Page AUDITING NOTES TEST 2 DIPAC
AUDIT SAMPLING
DEFINITIONS:
1) From ISA 530 : 'audit sampling and other means of testing': gives definitions
2) AUDIT SAMPLING
a) application of PROCEDURES to LESS THAN 100% OF ITEMS in balance or class of transactions ,to EVALUATE AUDIT EVIDENCE on the some characteristic of
sample to form CONCLUSION ON POPULATION
3) ERROR:
a) 1-Test of Controls =Control deviations 2-Substantive testing= Misstatements OR
4) TOTAL ERROR :
a) 1-Rate of Deviations 2-Total Misstatement . AND
5) ANOMOLOUS ERROR:
a) ERROR FROM ISOLATED EVENT,not representative of population.
6) POPULATION :
a) Total set of data from which samples are selected.eg all items in an account balance or class of transactions.
7) SAMPLING RISK:
a) RISK THAT the auditors conclusion is not true for total population because sample is not representative of the total population .(Sample could be
selected by stat or non-stat approach-any).There are 2 types of Auditing Risk:
i) Risk 1-tests of control =auditor judges them to be more effective than they actually are. 2- Tests of Detail- error exists where it does not : this type
1-AFFECTS AUDIT EFFICIENCY :causes more work for auditor to establish that initial conclusions were incorredt.
ii) Risk 2-tests of control = auditor judges them to be less effective than they actually are. 2- Tests of Detail- error does NOT exist where it does. : This
type2-AFFECTS AUDIT EFFECTIVENESS : more likely to lead to an inappropriate audit opinion than assesing risk to be higher than it is..
8) NON-SAMPLING RISK : risk of
a) apply sampling plan incorrectly, or
b) used inappropriate procedure
c) misunderstood results of sampling exercise.
9) SAMPLING UNIT.
a) :INDIVIDUAL ITEMS making up a population eg: cheques listed on deposit slips/credit entries on bank statements.
10) STATISTICAL SAMPLING :
a) any approach that has following characteristics or it is non-statistical.
i) Random selection of a sample.
ii) Use of probability theory -to evaluate sample results (INCL.MEASUREMENT OF SAMPLING RISK.)
11) STRATIFICATION :
a) DIVIDING a population into sub-populations each with similar characteristics eg : debtors balance >1000.
INTRO.
1. Only some items all are tested eg:loans to directors,but mostly sampling is used due to Resource & Time efficients.
2. Sample results must be EXTRAPOLATED over population(3 mistakes * xxx= 1000 mistakes total) statistical sampling will result in more defensable results
than non-statistical sampling.
3. Other evidence is used together with sampling results like a jigsaw puzzle eg: Analytical procedures on same population.
4. ISA 500 –says auditor must selecyt appropriate means of selecting samples when design audit procedures.
(a) In old days all hardware was centralized and users need bring all documents to dept. to be processed. Some companies still use this
system for certain aspects eg: clock cards to head office for processing, using batch controls.
(b) Characteristics of fully centralized system.:
(i) IT Skills :Employees in user depts. Need have no IT skills.
(ii) Security Easy: maintenance & safekeeping of electronic DATA and computer facilities is Easy since only 1 dept to control access etc.
to.
(iii) (REQUIRES A SYSTEM TO CONTROL PHYSICAL MOVEMENT OF DATA ) Batch Control System: system of controlling physical
movement of data (eg invoices,wage cards,printouts output) to and from user Depts.
(a) Next development was the central IT depts. Linked to user depts. By a terminal in dept where info. could be typed in.Hardcopy (printed
material first had to be delivered(batch controls) but in later years could be printed out in user dept.
(b) Characteristics of this type of system;
(i) Type in data in terminal transfer to central dept
(ii) Output distributed from Central It
(iii) Widening Risk to incl. Users: Employees in user depts. Needed some computer skills, so corresponding widening of risk to include
them, not just ‘boffins’ in computer dept.
(iv) Security Complications : Facilities and data risk spread : hardware + data access by many more depts. widened this risk too.
(3) Use of microcomputers/personal computers
(a) Next stage : explosion of small businesses using self contained computers to do accounting etc.
(b) Segregation of duties: far less since 1 person could do all easily.Very Risky if alternative controls not put in place eg: accountant deletes
debtors and keeps payments.”Physical Audit Trail” missing now.
(c) Possiblity Override Controls : higher possibility of this
(d) Prevalent in Small Businesses :
(3) networked systems
(a) Definition: number of pc s linked together by data cable, each has own powerful processing – input/output/process/- capabilities, but can
share networked computers data and processing power.
(b) Characteristics:
(i) Combined processing power and storage: of each together is considerable.
(ii) Security is Demanding : far more demanding since each computer has access to all other’s data etc.eg employee can alter his
wage record.
(iii) Computer knowledge : Sophisticated software needed so a high level of knowledge is needed to run it.
(3) use of outside service providers
(a) “computer bureau” - Similar to a centralized IT dept. but run by another firm.Very common example is a ‘computer bureau”
(b) Magnetic tapes / e-link : Information can be delivered /collected in hardcopy or magnetic tape or electronicly linked .
(c) Implications of using this type –characteristics:
(i) Natural Segregation of Duties
(ii) Security is dependant on bureau – makes business vulnerable here.
(iii) : Transfer of Information. Controls : these controls must now be very strong –back and forth of magnetic tapes etc..
(3) summary
(1) An Entity may have a mixture of all these systems , lans,wans, networks, central, and use a service bureau for wages to enhance confidentiality
and security , etc etc .controls must be designed to fit the user, a large organization will use all the controls, a small one far less.
COMPUTER AUDITING
DEFINITION OF A GENERAL CONTROL:
1) All controls in a computerized centre are classified as either 1-General or 2-Application controls.
2) Definition: General Controls: Span across all applications. Establish an overall framework of control for computer activities. Must be in place
before any processing of transactions takes place.
3) Definition: Application Controls :relevant to a specific application/task within the accounting system eg wage cycle, purchases cycle,
CATEGORIES OF GENERAL CONTROLS
1) Control environment and security policy
2) Organizational structure and personnel practices
3) Standards and standard operating procedures
4) System development controls
5) Program change controls
6) Continuity of operations
7) Access controls
8) Documentation.
CONTROL ENVIRONMENT AND SECURITY POLICY:
i) Control environment
1) As per normal for control environments , especially the following for I.T.
a) BoD IT representation: “IT Committee” preferably ,all new IT matters referred to them.
b) Internal Control System : incl. an Internal Audit Dept. if possible + embrace characteristics of good internal control
c) Mngmnt style : that promotes good controls.
d) Organizational structure : that promotes to good controls.
i) Control environment
1) For Hardware +Software ONLY:A Policy ,not Procedures, must be developed, must be DOCUMENTED. Characteristics should be :
a) Least Priveledge: clerk cannot access things he does not need to.
b) Fail Safe : if one control fails, another takes its place : eg log in software fails, system shuts down.
8|Page AUDITING NOTES TEST 2 DIPAC
c) Defense in depth : combination of controls ,not just one, eg ATM , no more than balance total give out, in case it spews out thousands.-
sommer add a control.
d) Logging: NOT an EFFECTVE measure unless regular and frequent review/AND follow up action .All access,all changes etc.
ORGANISATIONAL STRUCTURE AND PERSONNEL PRACTICES
1) Should achieve 2 major objectives :
a) Clear Reporting Lines / Levels of Authority
b) Lay foundation for segregation of duties,so no staff perform incompatable functions. :1- segregate IT and user depts., 2- segregate users
within dept.
i) organisational structure
3)
i) personnel practices:
(1) Eg ISO 9000 , and ISO17799 : standards for security ertc. In IT depts..
(2) Makes sure
(a) Compatability with other systems /companies
(b) Communicate requirement for good consistent practices with IT mngmnt .
(1) Prodedures over everyday Operations: compliance with standards and current standards should be frequently reviewed to ensure up to date,in
touch,protected.
(a) Scheduling of jobs : eg wages on thurs for payout fri.
(b) Equipment operation and maintenance. : eg log out, not switch off at plug.
(c) Machine serviceing: eg printer every 1000 copies etc.
(d) Job run procedures: not left to own devices but instructions
(e) Activity logs: as before
(f) Personnel habits and tidiness: eating ,drinking ,smoking etc- protect equip- neatness standards: less loss eg flash disk.
(g) Library(physical) : tapes etc. : label,access,issue,inspection,duty segregation.
SYSTEMS DEVELOPMENT CONTROLS (NB KNOW VERY WELL)
D OU B L E NB
3) For a new system eg payroll or internet shop, new hardware,software,OS,procedures etc must be got
4) RISKS:
i) Costs get out of control
ii) Sytem design end up does NOT suit user at end.
iii) Errors,bugs
iv) Business analyst incorrectly implements accounting procedures etc
v) Not enough controls implemented- users access too easy etc.
vi) No-one knows how to use it
vii) Transfer info old to new system causes errors.
5) To avoid these risks , following controls must be implemented: know well as per lecturer:
i) STANDARDS : eg ISO 9000 , + check compliance
ii) PROJECT APPROVAL: steering committee must approve, feasibility study in-house or off-shelf +cost vs benefits.
iii) PROJECT MANAGEMENT :KNOW well lecturer : 1-project team 2-stages/milestones/deadlines 3-progress monitoring + 4-prog. monit.
reports to steering commitee
9|Page AUDITING NOTES TEST 2 DIPAC
iv) USER REQUIREMENTS : business analyst + auditors consult(int +ext) + mngmnt of depts. sign off approval
v) SYSTEMS SPECIFICATIONS AND PROGRAMMING : specifications documented + programming by international standards –flow
chart etc.
vi) TESTING : debugging, test data run, integration other programs, if users happy
vii) FINAL APPROVAL : test results approved by all involved, + final all users-mngmnt-IT-internal audit approval
viii) TRAINING :schedule for training with times for all users, manuals updated.
ix) CONVERSION: following controls to ensure DATA is VALID,ACCURATE,COMPLETE
(i) CONVERSION PROJECT: seen as a project in its own right
(ii) DATA CLEANUP: thoughrouly checked before conversion eg stock count
(iii) CONVERSION METHOD:
1. parallel OR
2. phases OR
3. shut down old start new
(iv) PREPARATION AND ENTRY:
1. File comparison – old to new data +resolve discrepencies
2. Reconcile old/new using:1- Record counts & 2-Control totals.
3. Use programmed Limit checks etc. to identify problems and follow up
4. user approval per dept if correctly done,
5. confirm all balances with customers/suppliers etc.
(v) POST IMPLEMEMENTATION REVIEW: :users+auditors+ IT for several months : documentation/sys dev. success or
not/bugs/
PROGRAM CHANGE CONTROLS
(1) You want valid + accurate + complete information.
(2) When changes are made to computer programs/ + sytems :Use following controls to ensure above. For “program maintenance”
(a) Similar standards as for system development controls (above)
(b) Documented , Preprinted ,Prenumbered : change control forms.
(c) Change requests: approval by 1- IT manager 2 user dept.
(d) Done by programmers, NOT operators.(separation of duties)
(e) Make it a Mini project
(f) Change a development (test) program first, not the real one.
(g) Test by programmer+ senior use debugging tequniques
(h) Changes : users + internal audit must sign change form control.
(i) Documentation updated
(j) 1-Logging: of changes dine to it by computer + 2-independent tech operator puts program on(separation of duties)
(k) Review of log by it manager to check no extra changes were made skelm in the process.
APPLICATION CONTROLS:
INTRO:
(1) GENERAL CONTROLS & APPLICATION CONTROLS
(a) General = for all applications and the sytem eg hardware, other software etc etc
(b) APPLICATION CONTROLS: only for the software : programs & procedures to satisfy users for 1 task eg: payroll
(2) Suggested framework for application controls: = 10 KEYWORDS:
(a) Masterfile Amendments
(b) Input , Processing ,Output
(c) VAC: Validity Accuracy, Completeness.
(d) Prevention, Detection, Correction.
(3) When input/output/ processing is more real time than segregated(tech), we
(a) More access+programmed controls , less manual controls
(b) More Preventative , less than detective+corrective.
i. Eg: get details of a airline booking correct before its processed(for both above)
DEFINITIONS:
NB
(4) An APPLICATION : a set of procedures and programs , ,designed to satisfy users for a specific task eg payroll cycle(cycle link)
(5) APPLICATION CONTROLS : over input,processing output of fin info , relating to a specific application ,to ensure VAC :Valid Accurate
Complete.
(6) TRANSACTION FILES: files to STORE DETAILS of individual transactions
(7) MASTER FILES: files only to store 1-standing information + 2- latest balances : need tight control
(8) MASTERFILE AMENDMENTS : changes to
(9) VAC: VALID , ACCURATE, COMPLETE (objective of controls in computerized environment is VAC)
(a) VALID: transactions&data : not 1-fraudulent/fictitious 2-in Accordance activities actually authorized by mngmnt.
(b) ACCURATE; transactions&data: are correctly 1-captured,processed,allocated to 2-minimize errors
(c) COMPLETE: transactions&data: not omitted or incomplete
(10) PREVENTION, DETECTION ,CORRECTION : (just the stage at which controls are implemented to achieve objectives of VAC))
(a) PREVENTION : controls to get errors BEFORE input/process/output (check before input)
(b) DETECT :controls to detect errors ALREADY IN SYSTEM + RESOLVE.
(c) CORRECT :controls to RESOLVE ERRORS&PROBLEMS already identified by detection controls
INPUT, PROCESSING, OUTPUT:
NB
(11) Application Controls : are Various controls , designed to ensure info on comp.acc sys. Is VAC , which means controls at stages of
input/processing/output stages
(12) Diagram: masterfiles - programmes - processing – output : see pg 8/26
(13) INPUT: data inputed to computer by:
(a) Manual source docs
(b) PC/keystroke entry
(c) Barcode scanning
(14) PROCESSING: info to masterfile, Application programmes use this to processing, controls to 1-program error 2-hardware/software
malfunctions
(a) HARDWARE MUST FUNCTION PROPERLY : regular servicing,treatment,ie auditer worry
(b) INPUT: TRANSACTIONS MUST BE VAC : computer processes whats fed to it: so need General Controls (eg good source docs)+
Application controls(foreman authorize clockcard)
(c) MASTERFILES: very important eg alter salary.
(d) PROGRAMMES: gives what fed, so general controls eg sytems development/implementation contrls
(15) OUTPUT: eg hardcopy/e-mail/store : Controls to:
(a) Integrity : Preserve data integrity
(b) Effective Use :Ensure of reports
(c) Confidentiality :Ensure
PROCESSING METHODS:
NB
(1) 3 types of controls
(a) BATCH ENTRY ,batch processing/update
(i) First on Source Docs
(ii) In batches of eg 25 : entered on computer to store at efficient/convenient time, to update masterfile immediately
(b) ONLINE ENTRY, batch processing/update
(i) First on directly on PC
(ii) Stored on transaction file, later batches of these files are updated to masterfile.
(c) ONLINE ENTRY, real time processing/update
(i) First direct on PC
(ii) Stored and also Masterfile updated in Real Time eg airline seats available
(2) Todays esp. SME ,Commercial packages incorrectly configured to not do programmed controls are a risk.
APPLICATION CONTROL FRAMEWORK : MASTERFILE AMENDMENTS
NB
VAC OBJECTIVE CONTROL
3-Access Controls
4- Authorisation
5- Independent Checks
2-Screen Aids
4-Independent Checks
(5)
APPLICATION CONTROL FRAMEWORK : INPUT
D OU B L E NB
(1) AUTHORISATION
(i) Signature of supervisor on source doc and batch forms
(ii) input module program application restricted to authorized person
(iii) programmed checks: against parameters : eg loan allowed if income+expenditure right/enough
(iv) overrides to above: min. supervisor +logs and recon by mngmnt
(2) ACCESS
(i) Unused source docs under lock and key, independent person
(ii) Register of issue/receipts + numerical sequenceing
(3) SOURCE DOC DESIGN
(i) Pre-printed, multicopy in differ colours
(ii) Tick , from list rather than write.
(iii) Clear Title
(iv) Instructions written below how to fill in
(v) Field size boxes: eg date= 6 boxes
(vi) Order of keying in : in right order not here and there
(vii) Pre-numbered
(4) INDEPENDENT CHECKS
(i) Independent check others work person eg : foreman checks clerks ‘hours worked’ calculation
(ii) Check numbering sequence correct. Preferably With exeption reports.
(iii) Review : Override Logs, Exception Reports, Audit Trails By Senior/supervisor.
(5) BATCH CONTROLS:
(a) Controls:
(i) Source Docs Grouped Eg 50 : compute following controls MANUALLY.
1. Financial Totals: totals of any fields holding monetary amounts
2. Hash Totals : totals of any numeric field eg: invoice number
3. Record Counts: total records per batch
(ii) Batch Control Sheet :attached to each batch.Should contain on it:
1. Unique batch number : eg batch 3 of 6, week ending 31/07/2008
2. Control totals for batch : see (i) above
3. Transaction Type : eg invoices
4. Signature spaces : prepared by + checked by + reviewed by.
(iii) Batch Register :
1. Recipitent : signs the register after checkingwhat is signed for
(a)Batch Control System Works As Follows:
1. Details(description & control totals) keyed into computer to create “batch header label”
2. Actual Records entered : already then subjected to programmed validsation checks eg valid account number, limit checks.
3. Finsh entering records: computer computes&check all contol totals
4. If totals agree +no other error: batch accepted , else rejected & sent back for re-processing.
5. The contol totals can follow the bach in its life : eg 10 clock cards keyed in, 10 processed,10 output created etc.
(c)Batching assists with the following:
1. Data transcription error identify eg wrong valued entered into computer by accident.
2. Incorrect field : detect data entered in incorrect field.(computates like trial balance)
3. Invalid or omitted or duplicate entry into computer checked for.
(d) Batch control in online entry systems:
1. Pre –entry batch Controls impossible, so use Post-entry batch Controls.
a. Set 1 : Computer generates logical batch totals : eg per user/ application /PC
b. Set 2 : User manually computes same logical batch totals totals on entry.
(e) ACCESS CONTROLS
(i) Only certain PC’s can Access certain applications : eg payroll
(ii) Physical access to PC’s : lock door, key safe.
(iii) User Id/password restrict to (least privaledge)
1. System level (to PC)
2. Application level (to Program)
3. Read only/ write access
4. Time of day
5. Sensitive fields hidden
(iv) PC Shutdown for violation/timeout.
(v) Logs :User ID + application
(f) Screen Aids:
(i) Minimum key in Info.
(ii) Order of type in same as form order
(iii) Screen formatted like form : ie sound source doc design controls.
(iv) Screen dialogue + prompts
(v) Mandatory fields : cannot continue till typed in
(vi) Verbal confirmation of data : eg with customer
(vii) Drop down lists .
(g) PROGRAM CHECKS: V ER Y V ER Y NB
(i) CONTROLS BUILT INTO the software, this list is not exhaustive :
1. Alpha –numeric – if letter or number
2. Range checks –min AND max
3. Limit checks – min OR max
4. Limit test after processing – not on entry
5. Check digit – extra digit on end of field, formula checks if field generates it,no db
6. Size checks – field too many characters
7. Missing data checks – detect blanks
8. Reasonable checks – eg not more than 50 Hrs per week
9. Reasonableness test after processing : eg wage of 100000000
10. Sequence checks –duplications/gaps in numbers
11. Verification checks – masterfile lookup if correct account number
12. Data approval checks –credit limit for all sales
13. Internal label check – if computer file name correct
14. Generation number check – correct file generation loaded ( old/ new etc)
13 | P a g e AUDITING NOTES TEST 2 DIPAC
N B N B D OU B L E NB K N OW V ER Y W EL L.
(1) Scan the file : and produce a report on missing fields ,duplicated item numbers , eg item no.missing/dup
(2) Sort the file : by category : and total fields to determine if any has major portion : determine where to aim audit
(3) Sort the file : by location: add values and quantity fields to assist in planning stockcount attendance
(4) Extract a list : items with negative quantity, or values, or unit costs : ( NB : - X - =+)
(5) Extract a list : items quantity field is zero but date of last purchase is after the date of last sale
(6) Extract a list : items where date of last sale is say > 9 mnths ago , but date of last purchase is < 3 mnths ago : enquiry why ordereod? – is it
because goods in stock were damaged
(7) Extract a list : where date last order > 9 mnths , and date last purchase > 9 mnths : to assist in identifying non saleable stock –which should
be written down.
(8) Extract a list : where date last sale or purchase after stock masterfile date : weird
(9) Extract a list : random sample of items to be counted at stockcount
(10) Cast : value field for total value : to be compared to trial balance
(11) Compare : unit price EXCEEDS selling price
(12) Reperform : Qty X Value : see where clients file has a different answer
2) RECEIPTS: (transactions)
a) Completeless
b) Occourance
c) Accuracy
d) Cut-Off
e) Classification (proper accounts)
a) Credit notes
b) Bad debts write off
c) Special discounts
4) Eg: auditor just selects a sample of Sales Invoices and Does DUAL PURPOSE TESTs on them :”VOUCHING OF TRANSACTIONS ‘ ARE referred to as ‘dual purpose’
tests: because…..
a) DUAL PURPOSE TESTS:
i) Inspect: Match to details on supporting docs –sales order,delivery note
ii) Inspect: trace to entry in sales journal
iii) Inspect : docs for signatures showing control procedures have been carried out.
iv) Reperform :pricing from price list and Enquiry&Confirmation :validity of discounts.
v) Reperform/recalculate: casts, extensions,discounts, vat.
vi) Reperform: posting to debtors ledger.
5) CATEGORIES OF ASSERTIONS: ISA 500R Categorises the Assertions as follows.:
Classes of Transactions and Events (for period) eg:sales, purchases, interest received: Rem‘allowance for doubtful debts ‘ AS WELL AS
‘Revenue’ are ‘transactions’
a)
b) Account Balances carried forward to next year(at year end) eg:property plant &equipment ,accounts receivable.
c) Presentations and Disclosure : eg:notes to bal.sheet , contingent liabilities
DIAGRAM OF ASSERTIONS:
Remember: ‘allowance for doubtful debts ‘ AS WELL AS ‘Revenue’ are ‘transactions’ assertions
PRESENTATION
ASSERTION TRANSACTION EVENTS ACCOUNT BALANCES
DISCLOSURE
1 OCCURRENCE (ALSO ?
# #
VALIDITY)
2 COMPLETENESS # # #
3 ACCURACY # #
4 CUT OFF #
5 CLASSIFICATION (and for
Pres.& Disclosure : # #
UNDERSTANDABILITY)
6 EXISTENCE #
7 RIGHTS and OBLIGATIONS
# #
iii)Negative: only confirm if not correct: weak since could be 1-fictitious debtor 2-incorrect in favour of debtor
iv) Enclose in letter
(1) Sticker/letter requesting confirmation directly with auditor
(2) Self-addressed envelope(‘positive confirmations’ only)
v) Auditor supervise all mailings by:
(1) Direct all ‘addressee unknown’ to return to auditor only
(2) Check all P.O. boxes telephonicly or by looking in the directory.
vi) Auditor collects evidence for Existence & Valuation now by :monitors replies, follows up on:
(1) Disagreements: refer to 1-source docs, 2-client, 3-clients attorneys.
(2) ‘No-replies’, ‘addressee unknowns’ : refer to : 1-recircularise after correct address,&2-telephone/fax &3-post year end receipts.
c) How to ‘subsequent receipts testing’:
i) Select sample
ii) Check CRJ to identify receipts, 1-trace to customers remittance to see for which invoice it was, 2-trace to date, 3-trace to invoice & delivery note& 4-
trace if recorded at year end in sales journal & debtors ledger.
iii) Make sure a cut-off test is performed where last 20 invoices+delivery notes customer signed inspected to make sure they are from year end /OR : at
year end(auditor marks the last invoice/del. Note number as ‘end of year’ & note number)
3) ASSERTION : VALUATION (& ALLOCATION): for debtors consists of 2 parts , gross amount and bad debts
i) Gross Amounts: & follow up
(1) Unusual entries: eg year end dr’s
(2) List of debtors : trace to general ledger debtors control account&trial balance, and debtors ledger individual accounts.
(3) Reconciling items from ii) must be
(a) Casts
(b) Reconciliation logic
(c) Follow up reconciliation items.
(4) re-CAST : Debtors list & control account re-CAST.
(5) Find CR balances in debtors ledger+reverse if needed
(6) Circularization : Refer to circularization & follow up
(7) Foreign currency :
(a) Rates Bank
(b) Old transaction rates calc vs end year rates
(c) Must be at end of year rate in books, or it is wrong!
b) Bad Debts: (this is very close to debtors cause it reduces debtors etc)
(1) Method &procedures enquire (eg if to students hostel room no. then provision must be more)
(2) Authorization procedure :(better if more independent of ‘credit control/er’ itself)
(3) Change in circumstances : have they change so prior year’s method is wrong eg new credit policy.
(4) ENQUIRE MNGMNT: change in circumstances : eg new credit policy/ changed trading conditions major customer.
(5) Reperform ALL calc’s.
(6) Reperform Ageing : on small sample, to check if correct periods, refer to invoice/delivery note.
(7) Long outstanding & material outstanding :discuss ALL with credit controller
(8) Legal &debtors correspondence : check to identify debtors handed over and those with disputes.
(9) Prior year vs Actual compare to check the companies ability to estimate correctly.
(10) MONTHLY REPRTS TO MNGMNT: should be reviewed eg: write offs & debtor liquidity problems.
(11) Analytical Review:
(a) % to prior year
(b) write-offs to prior year.
(c) Age analysis to prior year : is debt getting older?
(d) Ratios year on year : eg Days Outstanding Debtors.
(12) Potentially Uncollectable : debtors should be considered on a 1 by 1 basis, not as a %.Consider all aspects eg large chain store will pay, but
just overdue.
4) ASSERTION : COMPLETENESS : do following to make sure of this
a) Cut-Off Testing:
i) AFTER: first 20 (material) after year end cut off number –trace correct to delivery notes/records
ii) BEFORE: 10 before check as above.
b) Credit Sales: to see whats NOT been recorded is more difficult to check/trace than what has been recorded.
i) Missing dispatch notes (not in debtors)
ii) Dispatch notes NOT MATCHED to an invoice (not invoiced= not in debtors- TAX etc)
iii) Purchases+ inventory left MATCH to Sales (eg sold but not in debtors/or revenue)
iv) Specific Representation from Management as to Completeness of Sales
v) Analytic procedures:
(1) gross profit % fluctuations
(2) prior periods : sales&debtors to
(3) prior periods : sales by characteristic to branch/region/month/customer
(4) sales ratio: eg: commission vs sales (if commission is up, sales should be up)
5) PRESENTATION & DISCLOSURE ASSERTIONS: (not ‘balances’ but next one :ie) as it applies to debtors: as per ISA500
a) COMPLETENESS : IN TERMS OF ias INTERNATIONAL ACCOUNTING STANDARDS, 4TH SCHEDULE. Eg: debtors balance with current assets, + disclosed
encumbrances on debtors. + all dother DISLOSURES are there
b) :Occourance: Evidence :consistent with evidence gathered on audit.
c) Accurate: Amounts , facts ,details, 1-accurate 2- and=evidence
d) Classification&: Appropriate classification of information.
e) Understandablity: Wording is clear and understandable. Eg: accounting policy & explanation of encumbrances.
f) Rights&Obligations: per evidence gathered
g) Valuation&Allocation: per evidence gathered
6) Kiting: where company controls many bank accounts and uses this to inflate ceratin balances using the time taken by a bank to clear payment n a cheque.
You transfer from a bank account at another bank, by cheque to another bank account-then while one is waiting to clear so it gets reduced (has not cleared yet
so not yet reduced at 1 bank) , then other is immediately credited on deposit and youseem to have more than you actually have ie; 50 +10+ deposit of 10 =
70., but deposit only clears after bal.sheet date so then it is 2 weeks before 40-payment of 10 + 10+deposit of 10=60
7)
8) Transfers:
a) Eft TRANSFERS scrutinize : carefully esp. payee account VALIDITY
b) YEAR END : any large transfers at year end, to subsidiary or related party or own bank accounts,CONFIRM(for KITING) (also with reference to other
auditors at related parties if needed).
i) Supporting docs
ii) In same year period : recorded in both enities books in same period
iii) Any outstanding : are included in any bank recons.
9) Cash counts:
a) Simultaneous: counting of all floats prevents cover ups
b) In Presence of cashier responsible for:
c) Alone : auditor NEVER alone with cash, or accused of stealing it
d) Cashier+auditor sign : results on workpaper together
e) Recon as follows: cash float + cash received - cash payments=cash on hand.
f) Supporting docs : all Payments& receipts should be supported by
g) Supporting docs: 1-Valid+2-Authority all to be scrutinized for both of these things.
h) Postings: cash transactions to the ledger
10) PRESENTATION AND DISCLOSURE :
i) Same as for Debtors, eg
ii) Correctly presented on face of SOFP. –in liabilities if in overdraft, or in assets etc
iii) Disclosures
iv) Agree evidence.
22 | P a g e AUDITING NOTES TEST 2 DIPAC
1) 2 major activities:
a) Ordering & receiving : 1-required 2- suitable quality&price
b) Payment 1-valid orders 2-authorised,accurate,timeous
2) Major balance= creditors
3) Control procedures: mainly payments =risk asset=cash
DOCUMENTS IN THE CYCLE:
1) Requisitions: from any dept but mainly stores, from stores mainly by: 1-re-order levels/qtys(computer or count) 2-production schedules 3- special (preferably
written) request.
2) order forms: buying dept,sign chief buyer,details & price
3) Suppliers delivery note: cross reference order form, sign by us,
4) Goods received note: by us, cross-ref SupplierDelnote.
5) Purchase invoice:
6) Credit note: FROM supplier, + returned goods accompanied by “12-returned goods voucher”
7) Creditors statements: mnthly
8) Cheque requisitions: by creditors section to whoever
9) Remittance advice: breakdown of what is being paid
10) Receipt: from supplier
11) PJ,Creditors journal,GL, Purchase Returns & Allowances journal
CHARACTERISTICS OF GOOD INTERNAL CONTROL:
1) Control environment: 1-NORMAL + 2-particular to authorize payments (shows poor contrl envir.…: 1-sign blank cheques, 2-not check supporting doc.
Before sign cheques)
2) Competent , trustworthy staff: boring &mundane& poorly paid (some tasks here)+money+if readily saleable consumer goods = special attention
3) Division of duties:
a) Order goods = not Access goods (order for yourself) + {best if also “not Authorize payment”}
b) 1-Receiving/custody = not amend records , 2-also Receiving=not do Goods Rec.Note.(or receiving does correct GRN but sends half back with suppliers
truck then split proceeds{so receiving signs ‘delivery note’, but warehouse does ‘GRN’ later))
4) Isolation of responsibility:only: 1-moving goods isolate each move BOTH ‘count+sign’ 2-cash transferred isolate each move BOTH ‘c+s’
5) Custody/asset control : 1-blank order forms (etc) 2-bank 3-goods
6) Regular reconciliations & review
a) Creditors Statement vs Company Records (before pay)
b) Orders vs goods received (unfulfilled)
c) Company’s records vs Bank statements
7) Source doc design: 1-normal
1-ORDERING OF Initiate orders, 1-REQUISITION 1-Incorrect/Unnecessary 1-order clerk not order no authorized requisition
GOODS AND always 2-ORDER FORM =liquidity+wastage (a)cross-ref requisition to order
SERVICES available,place 2-unauthorised=losses by (b)confirmation by stores/production (esp. preset levels)
orders,after check fraud 2-before place order senior buyer/supervisor check
suitable deliver/ /qlty 3-order forms misused eg (a)accuracy&authority
/qnty /price private orders (b)supplier suitability, price&qty reasonable, nature goods
4-requisition not acted on reasonable ie used by company
OR orders not timeous 3-approved supplier list
5-inferior quality (a) confirm available+delivery dates
6- unnecessarily high (b)or get quotes if no supplier list
prices (c)seniors evaluate suitability of before approve
7-orders not OR not a supplier
timeously filled 4-order dept file requisitions sequentially by dept + frequent
. review requistions not cross-ref to an order. (unordered)
5-copy of order filed sequentially + review sequence check
+cross-ref to GRN to make sure they were received.OR check
pending file of orders in receiving bay.
6-blank order forms sound stationary controls (custody)
2-Receiving of Accept, 1-supplier delivery 1-acceptance of 1-pysically secured access controlled Goods rec. section
goods&services acknowledge, valid, note(DN) Short deliveries as full 2-offload by goods rec. clerk who must:
record(GRN) + check 2-GRN Damaged/broken (a)match supplier delivery note to Purchase Order
qty, qlty, descr. Itms not ordered (b)check qty+descry. Vs both docs above
Wrong type/qty (c)check goods- broken/wet etc (superficially)
2-GRN incomplete/ (d)reject incorrect + note on both docs
Inaccurate (e)note short delivered on both(+ actual QTY!)
3-no GRN made out (f)include only those accepted on GRN(??????)
4-fraud/theft +collusion (g)suppliers personel sign +sign amendment eg short
outside (h)sign supplier delivery note
3-on transfer to stores next clerk sign GRN + count + report
discrepencies to supervisor
4-Collusion in this cycle is a major problem to many companies, so
isolate responsibilities+independent physical controls eg: tracing
device on vehicles+security cameras to be used by all in supply
chain
3-RECORDING OF 1-purchase invoice(PI) 1-record incorrect amounts 1-purchase invoice must be:
ACQUISITIONS 2-credit note(CN) from incorrect purchase (a)match to1- GRN 2-delivery note+3-purchase order for:
3-Creditors statements invoices Qty, descr,prices, discounts(from order or supplier price lists)
4-Purchases journal (a)QTY/QTY/TYPE notas (b)review if posted to correct account eg: stationary.
5-Purchases Returns ordered or received 2- account to be posted must be got from official list by requisition
23 | P a g e AUDITING NOTES TEST 2 DIPAC
+allowances journal (b)price not as quoted maker outer and written on there-or clerk will not know for which
6-Creditors ledger (c)calc errorsegcast/vat account it is.!
7-General ledger 2-fictitious purchases 3-reperform casts,extentions,calc,s on invoice.
/creditors from invoices 4-Specific emplyee must responsible GRN +invoice dates check
never receiv. or ordered and only then timeously posted to journal+ledger.
3-delays, misallocation,
posting errors = recon
problems+ loose early pay
discounts.
4-Payment 1-remittance advice (RA) 1-pay fictitious creditors 1-creditors statement recon to support docs.+clerk check
preparation 2-cheque requisition 2-pay incorrect amounts invoice accuracy controls done before recorded
(requisitioning) 3-unauthorised payments 2- creditors statements recon creditors ledger individual
4-discounts lost 3-creditors clerk make sure pay early discount 1-pay early2-
actually is deducted
4-cheque requisitions 1-preprinted+ 2-sequenced + 3-custody
controls over blanks
5-cheque requisitions: 4-to incl. details of 5- authorized by
preparer sign 6- maybe even authorized second person
6-cheque requisition+support docs ALL go to cheque signatories.
(+ batch controls if numerous enough)
INTRO.
1) Important cycle –must be comprehensively audited.
2) Product= purchases&creditors also bank
3) If auditor thinks cash&creditors is fair, then purchase&payments should be fair
FINANCIAL STATEMENT ASSERTIONS AND THIS CYCLE
1) Purchase transactions: (TRANSACTIONS)
a) Completeness.-all have been
b) Occourance. -normal
c) Accuracy.
d) Cut-off.
e) Classification.-in the proper accounting records
2) Payments (TRANSACTIONS)
a) Completeness.
b) Occourance.- did actually occour,not fictitious
c) Accuracy.-
d) Cut-off.
e) Classification.
3) Creditors: (BALANCES)
a) Completeness:
b) Existence.-not fictitious
c) Valuation:
d) Rights&obligations.-are actually obligations, not anything else.
4) Assertions pertaining to (PRESENTATION AND DISCLOSURE.)
a) Completeness
b) Accurate
c) Classification & Presentation
d) Understandable
FRAUD IN THE CYCLE
1) FRAUDULENT FINANCIAL REPORTING:
a) Understate trade creditors : to improve ratios (completeness testing)
i) Eg: manipulate cut-off year end = inventory count at year end but only put as a ‘purchase’ after year end.
b) Overstate Purchases : to reduce profits (tax)
c) Trading with many related parties like subsidiaries = “current liabilities” manipulation becomes much easier
2) MISAPPROPRIATION OF ASSETS
i) Order goods for personal use- but company pays (occourance purchase,obligation fictitious creditors)
ii) Fictitious payments to creditors : own companies/friends (obligation of creditors, occourance of purchases)
iii) Claim Vat not entitled to :(completeness of liabilities)
iv) Bribes from suppliers to purchase/or family/friends : Sect 45 Accounting Profession Act (director has not declared his interest to company) –difficult
to catch.
24 | P a g e AUDITING NOTES TEST 2 DIPAC
TESTS :
1) Tests of controls:
a) Observation
b) Inspection
c) Reperformance
d) Enquiry
2) Substantive procedures:
a) Inspection
b) Enquiry & Confirmation
c) Recalculation
d) Reperformance
e) Analytical procedures
TESTS OF CONTROLS:
1) Assess the risk that misstatement will not be identified by the system/risk of misstatement of the fin stats/not fairly presented.
2) Eg:
a) Inspect
i) a sample of purchase orders for supplier is on approved supplier list
ii) Requisitions for authorizing signature
iii) Supporting docs is it stamped so it cannot be used again
b) Enquire: procedures carried out of goods receiving clerk – to reveal missing procedures
c) Observe: procedures carried out of goods receiving
d) Reperform: creditors reconciliation(creditors STATEMENTS to creditors ledger)
3) Test should also be conducted on GENERAL(NON-SPECIFIC) CONTROLS eg: custody of blank order forms
4) Remember limitations of these tests: observing someone performing it only means he did it then, not every time etc.
SUBSTANTIVE PROCEDURES:
1) Main= creditors balance, main=completeness, main
2) Generally seen as :liabilities understated, not overstated
3) In addition to creditors balances auditor may select sample of transactions eg: payments and purchases to perform subst.tests on, to seek EVIDENCE on
assertions :Eg on a purchase transaction:
a) Occourance:
i) Inspect supporting docs (GRN, PURCHASE ORDER, DELIVERY NOTE, INVOICE)to see if
(1) External docs are made out to Why(Pty)ltd
(2) All doc are signed by the authority eg chief buyer.
b) Accuracy: (amount)
i) Recalc name extentions invoice
ii) Confirm prices&discouts: check order or purchase contract
iii) Recalc vat , check discounts come before vat.
c) Cut-off:
i) Date on docs to date in purchase journal +fin year
d) Classification:
i) Should be on purchase order by buyer , check if in right one
ii) Check descr. To be sure correct: eg fixed asset not written off as expense.
iii) Vat correct on invoice+journal
iv) Creditors ledger posting from ..
e) Completeness
i) All that should have been recorded are recorded.
DUAL PURPOSE TESTS
These are combinations of testcontrols& substantive tests : to be done as follows:
1) BY INSPECTION:
a) Supporting docs for:
i) A Requisition from stores or production : 1- signed by foreman etc 2- goods commonly used by company
ii) An Official company order form: 1-signed by the inhousecompany Buyer 2-cross-ref requisition 3-agree descr. Received goods 4-from
authorised supplier
iii) Copy suppliers delivery note which is:
(1) Sign
(2) Descr right / agrees
(3) Cross-ref : (only?)order
iv) Official GRN:
(1) Sign in stamp says qty+qlty checked
(2) Cross-ref :order/suppliers delivery
v) A suppliers invoice which :1-signed to show following tests done: 2-arithmatic accuracy check 3-pricing supplier list vs order price checked 4-the
invoice was reconciled with supporting docs.
vi) A suppliers statement and RECONCILLIATIONwhich: 1-signed by clerk who reconciled 2-cross-ref to cheque requisition& agrees in amount to.
vii) A cheque requisition which: 1-cross ref. to creditors support docs.by name,date amount 2- bears number of cheque issued 3-signed by senior
creditors clerk & fin. Accountant to authorize it
b) Returned paid cheque:
i) Correct creditor
ii) Amount
iii) Crossing&dating
iv) Stamped by bank
v) Signed by authorized signatories( pref.2)
c) General:
i) All docs cancelled
ii) All docs addressed to this company
iii) All docs dates in current fin year + reasonable relation to each other
2) REPERFORMANCE
a) Casts & extentions (generally)
b) Prices correct (generally) test to price lists/orders etc.
c) Recons correct
CREDITORS BALANCE (TRADE) PERFORMING SUBSTANTIVE PROCEDURES ON :
1) Assertion : Existence :
25 | P a g e AUDITING NOTES TEST 2 DIPAC
a) Cut –off tests at year end. 1-record cut off no.& write on invoice 2 select in last 2 weeks material in purchases journal check GRN&delivery note&invoice
that number&date are from last year(check for prematurely3- raised creditors so not overstated )..
2) Assertion : Obligations: :
a) Check supporting docs to get evidence of
i) 1-the goods are commonly used by company
ii) 2-made out in name of company
3) Assertion : Valuation
(1) Individual Creditors Accounts TO Creditors Control account NB- MAIN do not forget this one
(2) Sample of creditors on creditors list TO individual creditors accounts
(3) Cred control+ ACCRUALS in General ledger TO- TrialBalance
(4) Reperform Casts of Creditors list+ Creditors Control acc.
(5) Find ANY ‘dr’ balance and discuss with credit manager if they should be taken off list- put in debtors.
(6) Check Year end Recons by creditors clerk : a sample incl. major suppliers
(a) Reperform casts
(b) Balances on recon- TO creditors list AND creditors statement
(c) Test logic of recon.
(d) Inspect supporting docs & inquiry&confirmation –all amounts/balances
(7) Foreign currency –on date of fin stats = at Spot Rate.
(8) All Accruals (year end adjustments) : 1-re-cast list 2-check all sup docs+Ledger &reperform calculations3- check if total is the same as in
TB,Ledger,Balance Sheet
4) Assertion : Completeness MOST AT RISK of ALL – companies are more likely to understate liabilities than overstate them (find missing ones)
(1) Current year TO last year : 1-missing this year 2-significantly smaller this year 3-find why
(2) Disputes – check creditors correspondence file for evidence –adjust if needed/dispute not winnable?
(3) Check list of GRN unmatched to Invoices year end-which is compiled when doing cut-off at year end 1-was it specially raised in journals at year
end since no invoice was received yet ??Y/N 1-recalc amount 2-check price
(a) Check if Pile of Unmatched GRN,s contains 1 with number lower than cut-off number -and check if that one was put in journal (creditor
raised)-the later in year you do this the less likely there will be 1.
(ALL THE YELLOW ONES BELOW WERE NOT FINISHED_NO TIME)book- page11/28
(4) AFTER year end: 1-GRN purchases journal no. > cutoff . 2-DATES after year end
(5) Check if cheque payments made prior to year end are paid in reasonable time(window dressing creditors)
(6) Check recon-eg premature write off disputed amount
(7) Physical MORE THAN recorded inventory.
(8) GL accounts ACCRUALS correct
5) ASSERTION: Presentation & Disclosure of trade creditors.(ISA500)
NOT FINISHED-NO TIME BOOK pg 11/29 (very short)
2-CONTROL PROCEDURES
1-TRANSFERS N.B. 1) Recorded: no movement without recording eg signed requisition / or barcode scanning.
2) Deliverer + Receiver Sign : both should acknowledge after check qty,descr. Eg material issue
3) Filed Numericly : transfer documents (for finding gaps/false copies/missing/)
4) Regular Review Signature : all docs. Should regular review for authorizing signature.
5) Regular review sequence check: docs regular find missing/false extra etc. +Investigate if
2-DAMAGE/LOSS/THEFT N.B. 1) Physical controls : Stores + All Production Area
a) Limited entry/exit : minimum doors possible
27 | P a g e AUDITING NOTES TEST 2 DIPAC
b) Controlled entry/exit: swipe cards / keypads /turnstiles /x-ray /security guards/gate cntrl.
c) Restricted entry/only: eg buying clerks not unaccompanied, only production employees.
d) Secure buildings: solid structure, minimum windows, locks etc
e) Environmental: pest free, temp. controlled, dry, neat , clean.
f) Surveillance: cameras over production line+receiving+despatch.(it’s often easy to steal from production line)
2) Frequent Comparison & Reconciliation:
a) Inventory theory vs Actual: in all its forms, theoretical vs actual
b) Production schedule VS Actual :where’s the extra raw materials from lower actual gone to?
c) Budget VS Actual : why did it cost more? Dofness on duty?or why?
3) Investigate Reconciliation : material variances.
4) Regular Surprise Checks: by mngmnt+supervisory to see unauthorized production by: machine hours/usage compare to
actual production+production schedule to actual being made comparison
5) Division of Duties : Note: ONLY THIS ONE : custody + recording inventory not by same person.
3-Info. FOR PRODUCTION 1-FOR JOB ORDERS
COSTS 1) Preprinted Job Cards for ALL JOBS TO BE RECORDED ON
a) Sequenced and dated
b) List of materials to be used
c) Cross-ref : to customer order/quote
d) Cross-ref : to materials requisition
e) Cross ref : daily production schedule
f) AUTHORISED by PRODUCTION MANAGER.
2) Job cards Pending File : that are still In production go in a …and updated for labour hours as they are incurred.(could
be computerized)
3) Job cards Finished: should be removed from pending file and costed-labour hours&material prices accumulated and
overheads allocated. (see objectives above)
4)
5) Job Card Calculations Checked : all above calc. should be checked by a second clerk
6) Job Card Numericaly filed : after
7) Job Card Completed file Sequence test & Check for: Frequent & Regular for
a) Cross-ref to “transfer to finished goods note” and to a “sales invoice” ( not skelm private job)
b) Missing job Cards are still in the production stage.
8) Job Card Mngmnt Compare : to QUOTES and BUDGETS & investigate variances.
9) “transfer to finished goods form” : On Completion : make out a
a) Accompany goods to finished goods store
b) Cross-ref to job card
c) Be used to write up perpetual inventory of finished goods (one record-the other is job card accumulation, so you have
2 to stop skelm change 1,as well as other reasons)
d) Allocation & Valuation: appropriate value amount(incl.adjustments ie “carrying value” at lower of cost and net realizable value) and in the right
account headings in ledger.
3) Presentation & Disclosure :
a) Complete : in terms of 4th schedule and IFRS
b) Classified : correctly
c) Accurately: presented
d) Understandable : ..manner
IMPORTANT ACCOUNTING ASPECTS –IAS2 –INVENTORIES
1) IAS-international accounting standards- gives definitions and requirements for methods to value inventory and present &disclose it.
2) DEFINITIONS:
a) Definition: Inventories:consist of
i) Assets held for sale in the ordinary course of business(incl. finshed goods or bought for resale)
ii) Assets held in process of production(WIP)
iii) Raw materials to be consumed in production process
b) Definition:Net Realisable value :
i) The estimated selling price in the ordinary course of business less the estimated costs of completion and the estimated costs necessary to make the
sale.
3) Inventory to be presented at the lower of cost and net realizable value
a) Eg damaged inventory
b) Eg obsolete inventory
c) Eg:selling price has declined to below cost price
4) Cost of inventories:
a) Should consist of
i) Costs of purchase: transport + import duties
ii) Costs of conversion :production overheads & direct labour
iii) Costs to bring to present location and condition: eg costs of designing a product for a client
b) MUST EXCLUDE:
i) Storage costs(unless these costs are necessary in the production process before the (further), following production stage)
ii) Administrative costs (exept those incurred in bringing them to present location and condition)
iii) Selling costs
Auditor must be satisfied that these were written off as expenses and not included in the costs of inventories
2) Misappropriation of assets
a) How to get the goods and how to hide the theft
b) How to get the goods will depend on:
i) Nature of goods: small valuable vs large immovable
ii) Physical control ; limited exits, cameras,etc
iii) Division of duties: custody & recording by same person
iv) Frequency of physical & theoretical reconciliations.the more often the more difficult to steal
v) Controls in other cycles: eg receiving goods(aquisition cycle) , despatching goods(revenue cycle)
vi) How to hide the theft will depend on :
(1) Division of duties-custody & record keeping – presents the BEST opportunity.
(2) Control environment weak.
TESTS OF CONTROLS AND SUBSTANTIVE PROCEDURES:
TESTS OF CONTROLS
The auditors main focus will be substantive testing but some tests of controls are carried out.
1) Observation:
a) of inventory count
2) Inspection:
a) Cycle count amendment forms&recons. For frequency&materiality & how were resolved of discrepencies
b) Of Stores Controls :to determine the effectiveness of:
i) ACCESS : Access Control,(custody and safekeeping)
ii) DOCS: Authorized documentation to record inventory movement.
iii) FIFO: STORES LAYOUT, to facilitate physical implementation of FIFO.
c) Inspect Records controlling inventory movement.
i) Inspecting a sample of requisitions and materials issue notes.
(1) Authorising signatures
(2) Cross-ref to Job cards.
ii) Inspect a sample of inventory movements per the perpetual inventory records to “transfers to finished goods stores”
3) Enquiry: of production & warehousing to see what procedures they really perform.
4) Recomputation:of calculations on 1-production schedules, 2-performance reports, and 3-other costing records.
SUBSTANTIVE PROCEDURES
1) Many of the tests of controls are dual purpose tests
2) Auditors Objective: (all done by substantive procedures)
a) Quantities correct
b) Cost formula correct
c) Reasonableness of write-downs
d) Cut-off procedures(physical vs records)
e) List of GRN no.s not matched to suppliers invoices by year end drawn up for later use.
3) Year-End procedures:
a) Attendance at inventory count (existence ,completeness,valuation)
b) Post – count procedures :subsequent audit of carrying value (valuation, rights, presentation & disclosure)
4) Inventory Count Attendance: (generally)
a) it is both a test of controls & substantive test.
b) Test of controls: of actual controls for the count itself
c) Substantive tests:
i) Existence : of qty by sheet to shelf tests.
ii) Valuation : condition-damaged/obsolete/slow moving.
iii) Completeness: by shelf to sheet
d) Cut-off procedures(physical vs records)
e) List of GRN no.s not matched to suppliers invoices by year end drawn up for later use.
5) INVENTORY COUNT ATTENDANCE: (METHOD) NB
a) PRIOR:
i) dates & times Liase with client about of count
ii) locations: confirm by enquiry, prior audit papers,visit
iii) admin.planning eg organize staff to attend
iv) written instructions: get a copy of clients instructions to his teams
v) not to be counted: get list of eg: consignment,invoiced but not delivered/collected.(&ask how it is identified physically)
vi) brief audit staff: as to their responsibilities.
b) DURING:
i) Written instructions: observe to check clients instruction are adhered to.
ii) Obsolete/damaged/dusty old packets record item no,details etc to check if it was noted on count sheets as it should have.
iii) Sheet to shelf: make sure all categories all sections & categories are tested.
iv) Shelf to sheet: make sure all categories all sections & categories are tested.
v) Resolve discrepencies & amendment: before end, to be sure amendments entered on sheet after recounted with staff.
vi) Numerical Sequence test: check before & after count to be sure all sheets are accounted for
vii) Exclusions: confirm by enquiry (of counters) &inspection (of sheets) whether consignment/undelivered/uncollected/etc have not been included.
viii) Pronounce ‘sixtiey’ etc not sixtie for 60, same for 70, 80, etc. to avoid confusion.
c) CONCLUSION:
i) Inspect Inventory Sheets To Confirm That:
(a) Lines drawn through blank spaces. (so items cannot be added)
(b) Alterations/corrections have been signed.
(c) Sheets signed by counters responsible.
(2) Audit Records (create some by)
(a) Copies: of all inventory sheets.(hardcopy or digital)
(b) Observations: as to clients count procedures.
(c) Test Counts Results :of Test Counts by Audit team
(d) Recording damaged/slow-moving/obsolete : inventory.
(3) Record cut-off numbers: for all docs used in inventory & production cycle.
(4) Record GRN unmatched to Supplier Invoices. List of.
31 | P a g e AUDITING NOTES TEST 2 DIPAC
4) EXISTENCE:
a) Cut-off proves all that was purchased was included and all that was sold, was excluded.
b) Attend inventory count
c) Analytical review
INTRODUCTION:
1. Unique Characteristics:
a. Major Expense: results in an outflow of cash , to most businesses it is a MAJOR expense, not a small one.
b. Involves Cash : many are still cash , exept electronic transactions.
c. Internally generated transactions : most documents are internally generated, not by eg external suppliers.Fraud is thus easy with this.
d. Susceptibility to fraud: wage frauds are not uncommon because:
i. Cash is easy to conceal/steal
ii. Adding fictitious hours/or workers needs no external documentation.
iii.Large amounts of money can be generated, by 20 extra employees, to bribe collusion wage dept.
e. Continuity of Operations: a workforce paid 1 day late is very upset, not suppliers.Thus Contingency Plans Needed.
f. Major Risks Within the Cycle.
i.
DOCUMENTS USED IN THE CYCLE:
1) Employment Contract/ Employee file : Employment contracts + Advert in Newspaper(proof not fictitious) +Interviewing panel results + UIF etc. + Sick
leave taken/signed etc.
2) Payroll Amendment Form : used in detail to authorize all changes per mnth etc. for promotions/dismissals/ higher wages etc.
3) List of Employees: provided by personnel, a list of all employees &details, needed to calc. wages&salries month end etc.
4) Clockcard: card which records hrs a wage earner has worked.
5) Batch Control Sheet & Batch Register: control movements of batches of clockcards between functions.
6) Deduction tables & Returns: PAYE /Med.Aid /UIF etc.
7) Wage journal (PAYROLL is another name) : spreadsheet listing employees names + work/cost centre + overtime&hours etc.
8) Paypackets, Payslips, Salary Advices: cash goes in here./ explains deductions etc.
9) Unclaimed Wage Register: book recording those who did not collect their paypackets.
10) Wage /Salary Reconcillliation: recons this weeks wages/salaries to last weeks .(see example later in chapter)
CHARACTERISTICS OF GOOD INTERNAL CONTROL:
1) Control Environment: important that management insists on strict adherence to controls, if employees perceive weakness frauds will occour.
2) Competent Trustworthy staff.: cash is being handled: accurate& on time & trustworthy.
3) Division of Duties: recording separate to assets(cash&bank) eg clerk prepare payroll may not handle cash./ or sign cheques.
a) 1- creating clockcards 2-recording hours 3-preparing payroll 4- paying over cash/signing cheques
b) Within each of these above functions : divide between Doing task & Checking it.
4) Isolation of Responsibilities : because fraud is likely , workers must be able to prove where their resposnsibility started and ended and prove they carried
out their function. This is very important where cash is passed from 1 to another.
a) Eg: where clockcards are passed from 1 to another : both must sign to show they 1-checked & 2-received/gave the cards so if any false card is inserted,
it can be identified who was involved /put it in.
5) Access/Custody controls : especially: blank clockcards, salary account cheques, clocking device , cash(as paypackets or unclaimed wages)
6) Source document design : eg place to sign payroll journal&clockcards . Also space for normal/overtime/employee details/ etc. and gross wages/deductions
total in payroll journal etc.
7) Comparison and Reconcilliation :
a) Current VS Previous weeks wages/salaries + no. of employees + amounts paid.
b) Payroll(by wages dept) VS Records from User Dept(eg depatch dept etc.)
c) Personell records VS Actual living people
FLOWCHART & DESCRIPTION OF CYCLE :
NOTE: For every single controls column below , ADD: employees must sign docs to acknowledge control procedures they have conducted.( as per
book vertabim)
FUNCTION Descr. DOCUMENTS RISKS CONTROL PROCEDURES
1-PERSONNEL Obtain max 1-Payroll Amendment 1- Unnecessary or 1-Requests: for new retain or old dismiss must be from
(Human efficiency from Form.(PAF) unsatisfactory 1-DEPT making request, IN WRITING
Resources) workforce by 2-Employees File. :recruit/retain such 2-Signed by section head , countersigned by sect.
control: employees. manager,after reference to the budget.
1-Dismissals 2- Dismissal : Incorrect 2-Pay Rate / promotions /other service conditions :
2-Recruitments procedures. 1- Decided by Wage Committee/ or Personnel Dept.
3-Wage 3-Unauthorised after
negotiations amendments to employee 2-Consultation with interested parties eg UNION
4-Labour disputes records. representative
5 Keep Records for -fictitious add 3-Consider Laws & Regulation : eg min. pay
employees(Accurat - wage rate change rate/overtime etc.
e Complete) 4-Documented + Authorised by body authorizing eg:
produce Wage
clockcards from Committee/ Personell
these. 3-Payroll Amendment Form(PAF) : all above to here +
1-Cross Ref to supporting docs +
2-Signed by senior Personnell Dept.
3-Regular Review Gaps in file of PAFS :
sequence&validity.
4-Competent trustworthy Personel :
1-use sound Personell Practices (interview/background
checks.)
5-File Of Each Employee : to be kept incl :
1-copies of relevant PAF’s
2-employment contract
3-performance appraisals & disciplinary warnings
4-personal details including qualifications ,background
info.
2-TIMEKEEPING 1-KEEP VAC record of 1-Clock cards 1-invalid Hrs recorded.by eg: 1-Entry & Exit points of Work area:
34 | P a g e AUDITING NOTES TEST 2 DIPAC
valid hrs worked 2-Batch control sheet Fictitious employee 1-limited (preferably just 1)
2-Clockmachine 3-batch register. Clock for absent friend 2-protect by turnstile mechanism(counts in/out)
commonly used Clock in + leave premises. 3-supervised during clocking periods(watch that no double clock
3-daily hrs added for 2-hrs incorrectly added for etc.)
week & sent to normal / overtime 2-Clockcard : prepare by Personell Dept only,strictly per
payroll preparation. “authorized
employee list.”
3-At end of WEEK : (usual Wednesday Afternoon)
1-agree no. of cards VS list of employees in section.
1- calculate ordinary time
2- calc. overtime
3- divide into workable batches(25)
4- Do batch control sheet:
a-ID section&week
b-control totals(tot.hrs,no.of cards etc)
c-signature
4-Batches: a- Before batch transferred to payroll section head
must:
1-check calculations
2-authorise overtime( need for overtime to be
confirmed
before it is worked)
3- check & sign batch control sheet\
b- Batch Register : details of batch to register & then
securely
transferred to Payroll Preparation
3-PAYROLL Calc. 1-Clock cards 1-Include fictitious 1-Wage clerk check details of batch & sign register on receipt from
PREPARATION: wages&deductions. 2-Deduction tables employee timekeeping.
From hrs. and record 3-Updated List of 2-Use Incorrect/ 2-Wage clerk prepare:
on payroll.(wages employees Unauthorized pay 1-payroll
journal) 4-Payroll (Journal) rates/hrs/deduction tables. 2-coinage schedule
3-Cast & Calculation 3-Recon : this week VS last week (no.employees+amounts
errors. net)
4-A RECORD: control totals for overtime & hrs worked etc.
3-Supervisor or 2nd wage clerk :
1-verify hrs&rates used VS clockcards & employee lists.
2-verify deductions VS relevant table
3-Reperform calculations & wage recon.
4-Sign
4-Head of Payroll Prep : SIGN 1-payroll 2-recon (week to week
one) after careful review.
5-Cheque for wages: give with 1-payroll 2- recon to 2 cheque
signatories who :
1-review for unusual eg large amounts , excessive
overtime.
2-check signatures :for control signatures
3-sign payroll & recon
4- PAYMENT 1-Prepare Pay- 1-Payroll 1-Errors or theft of cash 1- 2 people to make up wage packets (where there is cash allways
PREPARATION packets 2-Payslips & during 2+) (and also “physical” security over cash handling tight)
&PAYOUT 2-Distribute Wages 3-Paypackets 1-drawing of cash 2- Delivery of Wages to payout: section head must
VERY NB: 3-Unclaimed wages 4-Unclaimed wages 2-making up paypackets 1- agree no. paypackets to payroll.
recording. register 3-payment of employees 2-agree control totals : batch register ot.hrs , no. cards.
2-Theft of Unclaimed 3-sign payroll to show receipt & control procedure done.
Wages 3- Lock away paypackets till payout
4- 2 people min. do payout :independant paymaster & foreman
5- Employees must:
1-show ID
2-sign payroll (to show receipt)
3-count & report discrepencies immediately. (tick sheet on
employment date to say read this- tick each & sign.
6- collect for another person : MAY NOT collect the paypacket.
7- AFTER payout: foreman & independent paymaster must :
1-agree all unclaimed paypackets to payroll
2-identify on payroll all employees with unclaimed
paypacket.
3-Unclaimed wage register : fill it in
4-Sign Payroll :to acknowledge this control procedure.
8- Lock away by paymaster : unclaimed paypackets AND payroll
9- Collect Unclaimed Wages : show ID + Sign unclaimed wage
register(not payroll) (it could be a fictitious employee!)
10-After 2 weeks: unclaimed to be a-Banked + b-Copy deposit slip
attached to register + c-Cross-Ref to entries
11- Reconciliation : unclaimed wage packets to unclaimed wage
register +CHECK FOR UNUSUAL OCCOURANCES eg more
unclaimed in one section than another.
POINTS BY LECTURER:
-physical security : high windows + no disturbance allowed during
the paypacket filling with cash.
-people who will count out cash must declare how much cash they
have when they walk into the room- if short wages they must be
searched. & use other people eg creditors or debtors clerk, not
same ones who prepared the wages. Also someone must observe
them to make sure they put nothing in their pockets.
-unclaimed: recon to blank spaces on register
5-DEDUCTIONS: 1-To record liabilities 1-General Ledger 1-penalties due to non- 1-One Single Person to raise & pay deductions :isolate
PAYMENT & in respect of 2-Payroll (wage journal) payment or late payment or responsibility
RECORDING. deductions 3-Cash Payment Journal underpayment. so no confusions develop
35 | P a g e AUDITING NOTES TEST 2 DIPAC
& settle them in time 4-Return form 2-criminal/civil charges 2-a strict monthly schedule for :
due to non-payment (this is 1-post entries to raise liabilities for deductions
theft) 2-make payments timeously
3-Overpayments : losses 3-supervisory checks on above activities
due to 3- Signing cheques: Payroll Journal & Return forms should be
presented for scrutiny before signing .
4- independent monthly scrutiny of general ledger accounts for
deductions (liability/ creditor account) by the financial accountant ,
to be sure they are being cleared
INTRODUCTION
1) Risk of misappropriation is high so direct lots of resources to this one
2) EXPENSE total, not a BALANCE total which can be reconciled to an asset.
3) Auditor must be reasonable certain controls operated efficiently throughout the year to produce VAC total.
4) Substantive tests:
a) Test recording of hours
b) Confirm employees do exist
c) Test week to week changes to PAF
d) Accuracy of calculations & deductions
e) Confirm deductions are paid over
f) Extensive Analytical review
5) BASE WEEK METHOD: common method is to test 1 or 2 base weeks to be sure they are 100% correct, then just compare& recon them to all other weeks in
year and do ANALYTICAL COMPARISONS.
ASSERTIONS:
1) OCCOURANCE : most important one because The Highest risk = overstatement of expense by incl. fictitious payments
2) ACCURACY:
3) CUT- OFF:
4) CLASSIFICATION: in the proper accounts
5) COMPLETENESS : not normally a risk exept make sure no illegal immigrants and not record wages/ or illegally low wages to those who need a job.=
reportable irregularity + contingent liabilities (fines/penalties/ illegal)
6) DEDUCTIONS: the Liabilities part does not form part of this and is done when “creditors” are audited , not here.
FRAUD IN THE CYCLE
1) FRAUDULENT FINANCIAL REPORTING
a) Not really a lot of scope for this, exept profit by manipulating the expense account
b) Illegal immegrants: by not reporting their wages a form of fraudulent financial reporting is taking place.
i) Wages not reported
ii) Contingent liabilities ie possible fines/penalties not reported
2) MISAPPROPRIATION OF ASSETS
a) Wage fraud :
i) OCCOURANCE :Include dummy employees : MASTERFILE+ CLOCK CARD etc
(1) Not remove if retire/dismissed/resign
(2) Collusion is required eg foreman & wage clerk , also possibly fictitious employee.
(3) Note : They MUST get the cash into their own pockets somehow-this is a tricky part
ii) OCCOURANCE :Unauthorized rate/scale changes
iii) OCCOURANCE :Employee paid for Fictitious hours eg foreman authorizes overtime never worked & split proceeds , or clock in for absent friend
iv) VARIOUS ASSERTIONS :Tax evasion schemes - by directors usually , eg company cars for directors not declared and PAYE not deducted & fringe
benefit not reported.This is a reportable irregularity per Auditing Profession Act.
AUDIT PROCEDURES: SALARIES & RELATED ACCOUNTS
1) OCCOURANCE:
a) Check if genuine living people :Sample of Employees from wage register,
i) Inspect Personel file (various docs verify he exists)
ii) Signature : compare “salaries register” one to “employee file” one.
iii) Vouch ; trustworthy eg fin acc. To vouch for people you don’t know
iv) Vouch ; with dept. manager if if worked there in dept.
v) If Doubt, do surprise verification: physical check on person.
vi) Discuss with Personell Staff, & Examine employ/dismiss Docs to:
(1) Make sure removed from salaries register on correct date
(2) Employ/dismiss Docs Properly Authorised
vii) Examine: PAYE /UIF returns for employee name&tax no. etc. VS employee file
viii) AUDIT SOFTWARE: Check masterfile for Error conditions which show fictitious employee
(1) Duplicated/missing ID no.
(2) Duplicated/missing Tax No.
(3) Duplicated: employee no (only duplicated)
(4) Duplicated: Bank acc. No.
2) ACCURACY , CUT-OFF , CLASSIFICATION
a) Inspect : Salaries register Gross salary VS personnel section listing
b) Inspect: if there were lately salary changes – inspect authorized list of salary increases VS actual salary paid to see if correct one was used.
c) Deductions: PAYE/Med aid etc check if correct was made, if wrong ask personell&employee
d) Returned Salary Cheques: correct crossings, + suspicious endorsements + correct amount per salary register.
e) Recompute: 1-deductions & 2-salaries register casts & cross-casts.
f) DATES & details : on Paid cheques VS return forms for : deductions Clearing Accounts+ salaries paid pertain to correct cut off AND deductions paid
timeously.
3) GENERAL ANALYTICAL PROCEDURES:
a) Salaries : Month TO Month any large fluctuations by division/branch/dept etc.
b) Ratio & Trend :
i) Commission % of TOTAL SALES
ii) Salaries as % of TOTAL EXPENSES
c) Payroll ledger accounts : STRANGE/’out of ordinary’ amounts eg 13 th cheque/ lump sum payments
4) ASSERTIONS PERTAINING TO PRESENTATION & DISCLOSURE:
a) Disclosures in notes:
i) Complete in terms of IAS (international acc. Standards) and 4th schedule eg directors emoluments& post employment benefits
36 | P a g e AUDITING NOTES TEST 2 DIPAC
(3) EXTRACT :
(a) List of 1- employed 2- resigned/dismissed and COMPARE to PAF
(b) Random Sample of employees for : physical identification.
(c) Random Sample of employees for : pay rates /grades verified against physical documentation
(4) Masterfiles contain usually:
(a) Name,number, address, grade, section/branch/region, leave entitlement, date employed, date dismissed/resign, earnings&deductions for
current week/month, same for current year .
HOW TO DO A RECONCILLIATION FOR SALARIES AND WAGES AS PER IAS ACC. STANDARDS IN THE NOTES TO THE FIN.
STATS.