Professional Documents
Culture Documents
ACCO 30043 Assignment No.4 Revised
ACCO 30043 Assignment No.4 Revised
Audit strategy – sets the scope, timing and direction of the audit, and that
guides the development of the audit plan.
Audit plan – an audit plan is more detailed than the overall audit strategy
in that it includes the nature, timing and extent of the audit procedures to
be performed by engagement team members.
If the external auditor plans to use the work of the internal audit function,
the external auditor shall discuss the planned use of its work with the
function as a basis for coordinating their respective activities.
Control Activities
Control activities are actions (e.g., policies, procedures, and
standards) that help management mitigate risks in order to ensure
the achievement of objectives.
Monitoring of Controls
Monitoring is the process of assessing the quality of internal control
performance over time. It involves assessing the design and
operations of controls on a timely basis.
11. Enumerate, in chronological order, the steps followed in the study and evaluation
of internal controls. Explain each step briefly.
I. Obtain an understanding of internal control relevant to the audit
a. Evaluating the design of control and assess whether it is capable of
effectively preventing, or detecting and correcting, material
misstatements.
b. Determine whether controls have been implemented
II. Assess the preliminary level of control risk
a. Identify relevant controls that will be relied upon
b. Perform test of control
c. Conclude on the achieved level of control risk
III. Obtain evidential matter to support the assessed level of control risk
IV. Evaluate the results of evidential matter
a. Document the assessed level of risk
V. Determine the necessary level of detection risk
12. What is a transaction walkthrough? What are the different ways by which an
understanding of controls is documented?
A walk-through test is a process used to assess the reliability of an entity's
accounting system during an audit. A walk-through test follows a
transaction from its inception to its final disposal via the accounting
system. The test can reveal system deficiencies and material weaknesses
that would need to be rectified by the organization as soon as possible.
On the other hand, the different ways to document the understanding of
control is through:
a. Internal Questionnaires – provide a systematic means for the
auditor to investigate areas such as internal control structure.
b. Narrative Description – describes the flow of transaction cycles,
identifying the employees performing various tasks, documents
prepared, records maintained and the division of duties.
c. Flowcharts – a diagram, or a symbolic representation of an entity’s
internal control system or a series of procedures shown in
sequence.
13. When is the control risk assessment High? Less than high? How does a high
control risk assessment affect the planned audit approach?
When there is a high chance that material misstatements exist in the
financial statements as a result of insufficient internal controls that cannot
be relied on to meet all or some audit objectives, the control risk
assessment is high. This indicates that the audit team did not believe the
internal controls were developed and operated properly, so they will not
depend on them. As a result, the audit team would have to reduce the risk
of detection and conduct more substantive testing processes (which costs
more time and money).
On the other hand, when the control risk assessment is less than high the
entity has adequate internal controls to prevent and detect instances of
fraud and error in the financial statements. This indicates that the audit
team believes the internal controls are well-designed and functioning and
that they will rely on them. As a result, the audit team's detection risk
would rise, and substantive testing processes would be reduced (which
saves time and money).
14. What is the relationship of a less than high control risk assessment to the nature,
extent, and timing of substantive tests? May substantive tests be eliminated?
The relationship of the control risk assessment to the nature, extent, and
timing of substantive tests is direct, meaning, the higher the control risk
assessment, the greater the level of detailed testing is required and vice
versa. Therefore, the lower the assessed level of risk, the less evidence
from substantive tests the auditor requires.
On the other hand, regardless of the audit approach selected, the auditor
should design and perform substantive procedures for all relevant
assertions related to each material class of transactions, account balance,
and disclosure. Since internal controls just reduce but do not eliminate the
risk of material misstatements, it is not a good thing to completely
eliminate substantive procedures.
15. How are audit matters related to internal control communicated to management
and to those charged with governance?
The auditor may identify deficiencies in internal control not only during the
risk assessment process but also at any other stage of the audit. If there is
a deficiency in internal control, the auditor determines, based on the audit
work performed, whether, individually or in combination, if it constitutes
significant deficiencies. If the deficiency is significant, the auditor should
communicate in writing the significant deficiencies in internal control
identified during the audit on a timely basis to the management at an
appropriate level of responsibility and those charged with governance.