Chapter 13

Overall Audit Plan and Audit Program

13 - 1

Presentation Outline
I. Application of Audit Testing II. Selecting Tests to Perform III. Design of the Audit Program IV. A Summary of the Audit Process

13 - 2

I. Application of Audit Testing

A. Tests of Controls B. Testing for Monetary Misstatement C. Reduction of Risk D. Audit Assurance at Different Levels of Internal Control Effectiveness E. Simultaneous Testing of Controls and Substantive Testing of Transactions F. Timing of Audit Testing
13 - 3

A. Tests of Controls

Audit procedures to test the operating effectiveness of control policies and procedures in support of a reduced assessed control risk. Some examples include: Matching of vendor invoices against a purchase order and receiving report before approving invoice for payment. Examination of employee time cards for approval of overtime.
13 - 4

B. Testing for Monetary Misstatement

Substantive Tests of Transactions Testing for monetary misstatements to determine if the following 6 transactionrelated audit objectives have been met: Existence Completeness Accuracy Classification Timing Posting and Summarization Tests of Details of Balances Testing for monetary misstatements to determine if the following 9 balance-related audit objectives have been met: Existence Completeness Accuracy Classification Cutoff Detail tie-in Realizable value Rights and obligations Presentation and disclosure
13 - 5

C. Reduction of Risk
Control Risk Procedures to gain an understanding of internal control Tests of controls Once the auditor obtains an initial understanding of controls, tests of controls must be performed to obtain evidence regarding the effectiveness of controls. Stronger controls will allow the auditor to assess control risk below the maximum. Detection Risk Substantive tests of transactions Analytical procedures Tests of details of balances The more evidence an auditor collects from the above procedures, the lower the detection risk. Detection risk must be lower when control risk is higher. 13 - 6

D. Audit Assurance at Different Levels of Internal Control Effectiveness

AUDIT ASSURANCE Acceptable assurance C3 C2 C1 Audit assurance from control risk assessment and tests of control

No assurance

Audit assurance from substantive tests

A C B INTERNAL CONTROL EFFECTIVENESS Weak control Strong control Reliance on controls: C3 None, C2 Some, C1 Maximum
13 - 7

E. Simultaneous Testing of Controls and Substantive Testing of Transactions

The determination of control risk affects the type of procedures and sample size for the substantive testing of transactions. For purposes of convenience, the testing of controls and substantive testing of transactions will often occur simultaneously. In such situations the auditor will make an assumption about the results of tests of controls. If the testing of controls indicates that internal control is worst than expected, substantive testing of transactions will have to be modified accordingly.
13 - 8

F. Timing of Audit Testing

Auditors frequently consider it desirable to perform audit tests prior to year end. Certain procedures may be performed at an interim time (prior to clients year end) : Update depreciation schedules Examine new loan agreements Vouch transactions Analyze changes in clients accounting system Review board of director minutes If strong internal controls exist the auditor may also:
Observe physical inventories Confirm account balances
13 - 9

II. Selecting Tests to Perform

A. The Cost of Testing B. Appropriate Evidence for Audit Testing C. Risk and Testing in the Audit Process

13 - 10

A. The Cost of Testing

Going from the most to least costly, the types of tests are: Tests of details of balances Substantive tests of transactions Tests of controls Procedures to obtain an understanding of internal controls Analytical procedures
13 - 11

B. Appropriate Evidence for Audit Testing

Type of Evidence
Physical Examination Confirmation Reperformance Documentation Analytic performance
13 - 12

Observation

Type of Test
Procedures for internal control Tests of controls Substantive tests of transactions Analytical procedures Tests of details of balances

Inquiries of the client

C. Risk and Testing in the Audit Process

Substantive Testing of Transactions

In some situations it may be more efficient to assess control risk at a higher level and reduce or eliminate tests of controls. This depends on cost of testing controls versus the additional substantive testing that would result from a higher control risk.

Tests of Details of Balances If tolerable misstatement is low, and inherent risk and control risk are high, planned tests of details of balances must be high.

13 - 13

III. Design of the Audit Program

Most audits design an audit program in the following three parts: A. Tests of Controls and Substantive Tests of Transactions B. Analytical Procedures C. Tests of Details of Balances

13 - 14

A. Tests of Controls and Substantive Tests of Transactions A four-step approach when the auditor plans to reduce assessed control risk below the maximum: Transaction related audit objectives are applied to the class of transactions being tested, such as sales. Key controls that should reduce control risk for each transaction-related audit objective are identified. For all internal controls used to reduce the initial assessment of control risk below the maximum (key controls), appropriate tests of controls are developed. Design appropriate substantive tests of transactions, considering weaknesses in internal control and expected results of tests of controls (allows for simultaneous tests of controls and substantive testing).
Note: If control risk is assessed at 1.0, only substantive tests of transactions will be used in this part of the audit program. 13 - 15

B. Analytical Procedures

Analytical procedures may be performed during 3 different stages of the audit: In the planning stage to help the auditor understand the clients business and determine other evidence needed to satisfy acceptable audit risk. During the audit, especially during substantive testing. Near the end of the audit as a final test of reasonableness.13 - 16

C. Tests of Details of Balances

If the results of tests of controls, substantive tests of transactions, and analytical procedures are not consistent with the predictions, tests of details of balances will need to be changed as the audit progresses.
Figure 13-6 on page 388 illustrates the testing methodology using Accounts Receivable
13 - 17

13 - 18

Summary of the Audit Process - Phase I (Planning) Accept client and perform initial planning. Understand the clients business and industry.

Assess clients business risk.

Perform preliminary analytical procedures. Set materiality and assess acceptable audit risk and inherent risk.

Understand internal control and assess control risk.

Develop overall audit plan and audit program.

Summary of the Audit Process - Phase II (Begin Field Work)

From Phase I

Plan to reduce assessed level of control risk? Yes Perform tests of controls.

No

Perform substantive tests of transactions.

Assess likelihood of misstatements in financial statements.

13 - 20

Summary of the Audit Process Phase III (End of Fieldwork)

From Phase II

Likelihood of Misstatement in Financial Statements Low Medium High or unknown

Perform analytical procedures. Perform tests of key items. Perform additional tests of details of balances.
13 - 21

Summary of the Audit Process Phase IV (Wrap-Up)

From Phase III

Review for contingent liabilities. Review for subsequent events. Accumulate final evidence. Evaluate results.
Issue audit report. Communicate with audit committee and management.

13 - 22