CHAPTER 6: AUDIT EVIDENCE

Auditing

- requires gathering and evaluating sufficient appropriate evidence related to management assertions
- addresses the basic evidence related questions:
o How much audit is sufficient?
o What audit evidence is appropriate?
o What types of procedures should I perform?
o When should I obtain the evidence?
- To best address the risk of material misstatement in the FS or the risk that internal control over financial
reporting contains material weaknesses

Obtaining Sufficient Appropriate Audit Evidence

● Audit evidence
- To reduce the risk of issuing an unqualified opinion on FS containing a material misstatement or on
internal control that has material weakness
- All information, whether obtained from audit procedures or other sources, that is used by the auditor in
arriving at the conclusions on which the auditor’s opinion is based (AS 1105)
- Audit evidence includes:
o Information obtained from audit procedures and other sources
o Information that supports and corroborates management’s assertions regarding the financial
statements or internal control over financial reporting and information that contradicts such
assertions
● Sufficiency of audit evidence (AICPA)
- The measure of the quantity of audit evidence
- The quantity of the audit evidence needed is affected by the auditor’s assessment of the risks of
material misstatement and also by the quality of such audit evidence
● Appropriateness of audit evidence
- The measure of the quality of audit evidence (that is, its relevance and reliability in providing support for
the conclusions on which the auditor’s opinion is based)

What is determined to be sufficient and

appropriate is affected by the client’s risk of
material misstatement:

o Inherent risk: The susceptibility of an

assertion to a misstatement that could be
material before considering related
controls.
o Control risk: The risk that a misstatement
that could occur relating to an assertion
will not be prevented, or detected and
corrected, on a timely basis by the
entity’s internal control.

Sufficiency and appropriateness will vary

across accounts and assertions. Only focus on
accounts and assertions with the greatest likelihood of material misstatement.
 Sufficiency of Audit Evidence
- The measure of the quantity of audit evidence
- E.g. sample size of documents that the auditor will review or the number of observations of a control
activity
- The higher the assessed risk, the more evidence is likely to be required
- To convince the audit team of the effectiveness of the internal control or the accuracy of an account
balance or assertion
- How much evidence is enough? PROFESSIONAL JUDGMENT
- Sample sizes:
o Auditor can determine the sample size by applying a statistically based formula or by using
professional judgment
o Substantive tests
● Confirmations
● The auditor assesses the risk of material misstatement and the assurance obtained from
other substantive procedures performed by the auditor
o Test of controls
● The extent of the evidence is necessary to persuade the auditor that the control is
effective depends upon the risk associated with the control (risk that the control might
not be effected, and if not effective, the risk that a material misstatement could occur)
● Risk associated of control increases, the evidence that the auditor should obtain also
increases
● The type of control will affect the auditor’s sample size
● Manual control – base sample sizes on guidelines developed for attributed
testing using statistical or non-statistical sampling techniques
● Automated control – e.g. control over program changes, and if effective, the
test of computerized application controls could be small as one for each kind of
control the auditor is testing
● Frequency with which a control is performed – such as monthly controls, bank
reconciliation, the auditor could choose one month and perform a test of
control, such as inspection of documentation or reperformance
● If performed multiple times a day, the auditor will use a larger sample
● Adjusting entries – extent of control will be inversely related to the control
environment
● The better the control environment, the smaller sample size, vice versa
● The auditor wants to review a sufficient number of transactions to
determine that:
● Other controls are not being overridden by management
● There is support for the adjusting entries
● The entries are properly approved by the appropriate level of
management
● If the number of transactions is high, use sampling
● If the number of transactions is low, choose to focus on large transactions

Appropriateness of Audit Evidence

- A measure of evidence quality, including the relevance of the evidence.
- Relevance of evidence
o Determines whether the evidence provides insight on the validity of the assertion the auditor is testing
- Reliability of evidence
o Is the evidence is convincing?
Relevance of Audit Evidence
- Relevance relates to the connection between the audit procedure being performed and the assertion being
audited
- Relevance is affected by
o Purpose of an audit procedure (i.e., what is it intended to do in relation to a specific assertion?)
● Determines whether it is a
● Risk assessment procedure
● During audit planning to identify the risk of material misstatement
● Test of controls
● Relevant when the auditor wants to evaluate the operating effectiveness of
controls in preventing, or detecting and correcting, material misstatements
● Substantive procedure
● Relevant when the auditor wants to obtain direct evidence about material
misstatements
- Auditor should guard against unwarranted inferences in gathering the audit evidence
o Direction of testing
● Directional testing – testing for overstatements or understatements but NOT both, e.g., testing
expenses and liabilities for understatement and testing revenue and assets for overstatement.

PANEL A: illustrates the auditor’s workflow when testing for existence

o VOUCHING – taking a sample of recorded transactions and obtaining the original source documents supporting
the recorded transaction (testing from recorded transaction back to source)
o Provides evidence on the assertion that recorded transactions are valid (existence/occurrence)

PANEL B: illustrated the auditor’s workflow when testing the completeness

o REPROCESSING/ TRACING – involves taking a sample of original source documents and ensuring that the
transactions related to the source documents have been recorded in the appropriate journal and general ledger
(testing from source to recorded transaction)

o Type of procedure
● Direct evidence: requires only one inference to reach a conclusion about an assertion being
tested (e.g., invoice for valuation assertion for the purchase price of a fixed asset)
● Indirect evidence: requires multiple inferences to reach a conclusion (e.g., analytical procedures
plus observation of fixed assets to reach a conclusion about valuation)
Reliability of Audit Evidence
- Reliability of audit evidence
o Refers to its ability to provide convincing evidence related to the audit objective being evaluated.
- Factors affecting evidence reliability include
o Source (where is it from; internal vs. external)
o Nature (its type or source)
o Circumstances under which the auditor obtains the evidence (e.g., a well-controlled organization as
compared to an organization with weak controls)

Generalizations About Reliability of Audit Evidence (ISA 500, IAASB)

More Reliable Evidence Less Reliable Evidence

Directly obtained evidence (e.g.,
observation of a control)
Evidence derived from a well-controlled
information system
Evidence from independent outside
sources
Evidence that exists in documentary form
Evidence from original documents
Indirectly obtained evidence (e.g., an inquiry about the working of a
control)
Evidence derived from a poorly controlled system or easily
overridden information system
Evidence from within the client’s organization
Evidence obtained through inquiry
Evidence obtained from photocopies or facsimiles, or digitized data
(would depend on the quality of controls over their preparation and
maintenance)

INTERNAL
DOCUMENTATION:

- Includes the following

types of documents:
legal, business,
accounting and
planning.
- Reliability of internal
documentation:
o Effectiveness
of internal
control over
documents
o Management
motivation to
misstate
individual
accounts
(fraud
potential)
o Formality of documentation
o Independence of those preparing the documentation from recording those transactions
 External documentation

- Highly reliable, but the

reliability varies
depending on whether
the documentation:
o Was prepared
by a
knowledgeable
and
independent
outside party
o Is received
directly by the
auditor

Reliability and Relevance of Evidence from a Management’s Specialist

- Management’s specialist
o An individual or organization possessing expertise in a field other than accounting or auditing, whose
work in that field is used by the entity to assist the entity in preparing the financial statements (AU-C
500)
- Factors affecting the reliability and relevance of information produced by a management’s specialist:
o Competence, capabilities, and objectivity of the specialist
o Work performed by the specialist
o Appropriateness of the specialist’s work as audit evidence for the relevant assertion

Audit Procedures

● Types of Audit Procedures

● Risk assessment procedures (See Chapter 7)
● Tests of controls
o Purpose
 Evaluate the operating effectiveness of controls
o Types of audit procedures typically performed
 Inspection of documentation
 Observation
 Involves looking at a client’s process or procedure
  Such as: observing the client’s process of taking physical inventory to establish
existence and valuation
 Suffers from the following limitations:
 Rarely unobtrusive. Individuals who know they are being observed may
act differently than when not observed.
 On one day does not necessarily indicate how the transactions were
processed on a different day or over a relevant period
 Reperformance
 Involves the auditor’ independent execution of controls that the client originally
performed as part of the client’s internal control
● Substantive procedures
o Purpose
 Determine whether material misstatements exist in the financial statements
o Types of audit procedures typically performed
 Inspection of documentation
 Examining documentation, in either paper or electronic form
 Obtain generally the client’s underlying accounting records:
 Evidence of internal controls over financial reporting, as well as
supporting records such as checks, invoices and contracts
 General and subsidiary ledgers
 Journal entries
 Worksheets supporting cost allocations, computations, reconciliations,
and disclosures
 Common documents: invoices, payroll time cards, and bank statements
 Inspection of assets
 Inspect inventory and long- lived assets
 Provides reliable evidence with respect to the existence of the asset, but not
necessarily about the client’s rights or completeness of the assets
 External confirmation
 Consists of sending an inquiry to an outside party to corroborate information
 Include requests to legal counsel for an assessment of current litigation and the
client’s potential liability
 letters to customers asking whether they owe the amount on client’s AR
 Recalculation
 Recalculates a number of client computations

 Analytical procedures
 Consists of evaluations of financial information through analyzing plausible
relationships among both financial and nonfinancial data.
 Scanning
 Type of analytical procedure involving the auditor’s review of accounting data to
identify significant or unusual items to test
 Unusual individual items:
  Entries in transaction listings
 Subsidiary ledgers
 Adjusting entries
 reconciliations
 Inquiry
 To gain understanding of:
 The accounting system
 Management’s plans
 Pending or actual litigation against the organization
 Changes in accounting procedures or accounting principles
 Management’s approach and the assumption used in the valuation of
key accounts
 Management’s or the controller’s assessment of complex financial
matters
 Evidence typically needs to be corroborated through other audit procedures

Application of Audit Procedures to Testing Management Financial Statement Assertions

● The auditor selects audit procedures to provide evidence relevant to a particular assertion.
● Exhibit 6.7 presents examples of procedures that address specific assertions regarding long-lived assets and
contingencies.
● The Exhibit organizes the procedures according to the assertion; however, some procedures cover more than
one assertion.
Assessing the Consistency and Reliability of Evidence

- Auditor needs to consider all sources of evidence, as well as the consistency of the evidence, in determining
whether the evidence leads to a conclusion about the fairness of the FS presentation
- In determining this, auditor should:
o Consider internal consistency of evidence gathered
o Consider the consistency of internal evidence generated with external evidence gathered that reflects
economic conditions and client operations
o Expand evidence-gathering procedures for areas where results are inconsistent or where results raise
questions on the correctness of account balances
o Document conclusions based on the evidence gathered such that someone knowledgeable in auditing
can follow the reasoning process

Cost–Benefit Considerations When Selecting Audit Procedures

● When determining the audit procedures to perform, recognize that audit firms need to:
● (a) be profitable and
● (b) manage risk.
● Therefore, auditors must perform efficient and effective audits.
● Each audit procedures takes time, effort, and ultimately money.
● Exhibit 6.8 describes some generalizations about the cost–benefit trade-offs that auditors make when deciding
on the appropriate mix of procedures.
Timing of Procedures
- The auditor must determine when to perform audit procedures
o At the balance sheet date
o Earlier than the balance sheet date (referred to as an interim date)
● Allows earlier completion of the audit and might require less overtime of the audit staff
● Meet management’s desire to distribute the FS shortly after year-end
● Increases the risk of material misstatement occurring between the interim date and the year-
end
o After the balance sheet date
- The auditor determines the timing based on
o Risk associated with the account
o Effectiveness of internal controls
o Nature of the account
o Availability of audit staff
- Roll-forward period
o The period between the confirmation date and the balance sheet date

Cutoff Tests

- Cutoff period
o Usually several days before and after the balance sheet date
o Greatest risk of recording transactions in the wrong period
- Cutoff tests
o Used to identify transactions recorded in the wrong period
o Extent of testing depends on effectiveness of client controls
Substantive Analytical Procedures
- Both U.S. and international auditing standards allow the auditor the option of performing substantive analytical
procedures to test account balances; they are not required.
- A primary benefit of performing substantive analytical procedures is that they can reduce the need to perform
additional, possibly more costly, substantive tests of details.
- Exhibit 6.9 shows how the mix of tests may vary if the auditor performs substantive analytical procedures

Questions the Auditor Considers in Deciding to Perform Substantive Analytical Procedures

- Does the organization have effective

internal controls over the account?

- Is the risk of material misstatement low

enough that inferences from indirect
evidence are appropriate to make
conclusions about an account?

- Are the underlying data used in

evaluating an account both relevant and
reliable?

- Are the relationships among the data

logical and justified by current economic
conditions?

Performing Analytical Procedures

- Process of performing is the same regardless whether the analytical procedures are performed during planning,
as a substantive test, or during the final review

1. Determine the suitability of a particular analytical procedure for given account(s)/assertion(s), considering the
risks of material misstatement and tests of details planned.

2. Evaluate the reliability of data that the auditor is using to develop an expectation of account balances or ratios.

3. Develop an expectation of recorded account balances or ratios, and evaluate whether that expectation is precise
enough to accomplish the relevant objective.

Planning Analytical Procedures

- Objective: identify accounts with heightened risk of misstatement during audit planning to provide a basis for
designing and implementing responses to the assessed risks

- Precision of expectation: less precise

 Substantive Analytical Procedures

- Objective: obtain evidence regarding the accuracy of account balance/assertion

- Precision of expectation: more precise

Review Analytical Procedures

- Objective: assist the auditor in forming an overall conclusion about whether the FS are consistent with the
auditor’s understanding of the entity

- Precision of expectation: less precise

4. Define when the difference between the auditor’s expectation and what the client has recorded would be
considered significant.

5. Compare the client’s recorded amounts with the auditor’s expectation to determine any significant unexpected
differences.

6. Investigate significant unexpected differences.

Planning Analytical Procedures – significant unexpected differences suggest that substantive procedures for the
account/assertion will be increased

Substantive Analytical Procedures – the auditor should hypothesize as to the possible reasons for the difference,
inquire of management as to possible reasons for the difference, and obtain evidence to quantify and corroborate
these possible reasons. Auditor need to increase the tests of details for the relevant account/assertion

Review Analytical Procedures – auditor should perform additional procedures as necessary to form an overall
conclusion about whether the FS are consistent with the auditor’s understanding of the entity

7. Ensure that the following have been appropriately documented:

● Auditor’s expectation from Step 3

● Results in Step 4
● Audit procedures conducted in Steps 5 and 6

Improving the Effectiveness of Substantive Analytical Procedures

● The effectiveness of a substantive analytical procedure depends on several factors, including:

a. the nature of the assertion being tested

b. the plausibility and predictability of the relationships in the data
c. the availability and reliability of the data used to develop the expectation
d. the precision of the expectation that the auditor develops
e. the rigor of the analytical procedure employed.

Additional Evidence Considerations

- Accounts involving management estimates

- Accounts involving related-party transactions
- Situations requiring the use of a specialist/expert
Audit Management Estimates

- Most significant measurements in the financial statements are subject to estimates, appraisals, or other
management assumptions.
- The auditor must substantiate such estimates with independent, objective, and verifiable data.
- Auditors need to
o Understand the process used in developing management estimates
o Determine if the estimates are reasonable and appropriate
- Estimates based on industry-wide or economy-wide trends need to be independently evaluated

Auditing Related-Party Transactions

- Related-party transactions
o Transactions a client has with other companies or individuals related to either the client or client’s
senior management.
- Related-party transactions can occur between:
o Parents and subsidiaries
o An entity and its owners
o An entity and other organizations in which it has part ownership, such as joint ventures
o An entity and an assortment of special-purpose entities (SPEs), such as those designed to keep debt off
the balance sheet
- Risk of material misstatement (fraudulent financial reporting or to conceal misappropriation of assets)
- Auditor should expect the client to have an information system, with effective internal controls, that can identify
all related parties and account for all related-party transactions

Using a Specialist/Expert to Assist with Obtaining Audit Evidence

- Auditor’s specialist
● Auditors may need to rely on work performed by an outside specialist/expert
● Expertise in a field other than accounting or auditing is necessary to for some accounts
- Auditing standards require the auditor to understand the role, knowledge, and objectivity of the specialist, and
how the specialist’s work affects important financial accounts.
- Even when the auditor uses a specialist to obtain audit evidence, the auditor still has ultimate responsibility for
the audit opinion.

Documenting Audit Evidence

- Audit documentation
o The record that forms the basis for the auditor’s representations and conclusions
o Paper or electronic form
- Documenting risk assessment procedures
o Overall audit strategy and audit plan
o Overall planned responses to the assessed risk of material misstatement, and the nature, timing, and
extent of audit procedures to be performed, as well as linkage of those procedures with the assessed
risks at the relevant assertion level
- Documenting tests of controls and substantive procedures
o Typical types:
 Client’s trial balance and any auditor-proposed adjustments to it
 Copies of selected internal and external documents
 Memos describing the auditor’s approach to gathering evidence and reasoning
 Results of analytical procedures and tests of client’s records
  Correspondence with specialists who provided evidence significant to the evaluation or
accounting for assets or liabilities and the related revenue expense effects
 Auditor-generated analysis of account balances
- Documenting significant findings and their resolution
o Are essential matters that are important to the analysis of fair presentation to FS
o Significant matters involving: selection, application, and consistency of accounting principles, including
related disclosures. Include but not limited to: accounting for complex transactions, acctg estimates, and
uncertainties, and related management assumptions
o Evidence indicating a need to modifying planned auditing procedures
o Results of auditing procedures signifying the existence of material misstatements, omissions in FS
o Audit adjustment – correction of a misstatement of FS that was, or should have been, proposed by the
auditor, whether or not recorded by management, that could, either individually or when aggregated
with other misstatements, have a material effect on the company’s FS
- Characteristics of quality audit documentation audit documentation serves
o Revisions to and retention of audit documentation
o A heading that includes the name of the audit client, an explanatory title, and the balance sheet date
o The initials or electronic signature of the auditor performing the audit test and the date the test was
completed
o The initials or electronic signature of the manager or partner who reviewed the documentation and the
date the review was completed
o A workpaper page number (see C-1/2 in Exhibit 6.12)
o A description of the tests performed (including the items looked at) and the findings
o Tick marks and a tick mark legend indicating the nature of the work performed by the auditor
o An assessment of whether the tests indicate the possibility of material misstatement in an account
o A cross-reference to related documentation, when applicable (see references to other workpapers,
including B-1 and B-2 in Exhibit 6.12)
o A section that identifies all significant issues that arose during the audit and how they were resolved
o A comprehensive and clear memorandum that delineates the auditor’s analysis of the consistency of
audit evidence and the conclusions reached regarding the fairness of the financial presentation (see
references to other worked performed at B-1 and B-2 in Exhibit 6.12. A second page of this workpaper,
C-2/2, would likely include a more comprehensive memo.)
- Audit programs
o Documents the procedures to be performed in gathering audit evidence and is used to record the
successful completion of each audit step. The auditor makes decisions on the best combination of
procedures to use in gathering evidence to evaluate assertions for each client. The audit program
provides an effective means for:
 Organizing and distributing audit work
 Monitoring the audit process and progress
 Recording the audit work performed and those responsible for performing the work
 Reviewing the completeness and persuasiveness of procedures performed
o Most audit firms have standardized audit programs that should be modified to fit a client’s unique
features, including risk factors.
- Permanent file – includes schedules, documents, and records that are relevant for the current and future audits
- Current file – includes schedules, documents, and analyses that are relevant to the current—year audit]

Revisions and Retention of Audit Documentation

Audit documentation generally should be completed and assembled within 45- 60 days following the audit report
release date. After that date, the auditor must not delete or discard audit documentation before the end of the required
retention period (generally seven years). Occasionally, because of an internal or external quality review process, it may
be determined that procedures considered necessary were omitted from the audit or the auditor subsequently becomes
aware of information related to financial statements that have already been issued. The auditor should then perform
any necessary procedures and make the necessary changes to the audit documentation.