ACCO 360 YOUTUBE TUTORIALS

Chapter 1

Definition of an auditor:
2 characteristics: 1) Competent 2) Independent

As an auditor, you must issue an opinion that you are reasonably certain that are no material
misstatement due to error or fraud

Information Risk:
The risk that info upon which business decision made is INACCURATE

CAUSES OF INFORMATION RISK:

1. Remoteness of Information: you do not have access to all the information
2. Bias and motives of providers: Management has incentives/ bonuses based on earnings
(overstate revenues)
3. Voluminious Data: too many transactions
4. Complex transactions: can be incorrectly stated/ data inaccurate
5. Perceived cost/benefit: benefits are higher than the cost
Chapter 2

Quality Control: what auditing firms used to make sure they meet professional responsibilities/
put in quality controls to make sure their work is done properly/ once they issue an opinion
that FS are free from material misstatements

7 ELEMENTS OF QUALITY CONTROL

1. LEADERSHIP: tone of the top/ organizational cultural to promote quality/ organizational
culture that promotes quality
2. ETHICAL: Independence in fact and appearance
a. In fact: on paper
b. Appearance: looking from the outside, conflict of interest
c. Integrity and objectivity in performance
3. INDEPENDENCE
4. CLIENT ACCEPTANCE AND CONTINUANCE: both require judgment call
a. Acceptance (New client)
b. Continuance (Existing client)
5. Human Resources Policies
a. Staff working on audit team is profession and is update with COSO
b. Adequate hiring policies that ensure competence, appropriate training,
contributing professional development and promotion subject to ability to fulfill
assigned responsibilities
6. Engagement Performance
a. Have adequate policies and procedures to ensure that the work meets the
professional standard, regulatory requirement and the firm quality standards
7. Monitoring: Monitoring of the 6 elements above
Chapter 4

MANAGEMENT RESPONSIBILITIES:
• Prepare the FS
• Provide fair representation in the financial statements
• Adopt sound and appropriate accounting policies (AFDA)
• Implement adequate internal controls (Auditor: Evaluate if these controls are adequate
or not)
• Access to all information that is relevant to the preparation of audit (any information
the auditor request, and give unrestricted access to people)

Corporate Governance

Those that overlook management (responsible for the oversight of management)

Board of directors:
• Audit Committee – independent of management but they work for the company.
o Select the external auditors.
o Responsible for any audit related matters.
o Their job is supervision
o Not responsible for doing the FS
o We (external auditors) work for the audit committee

Material VS Immaterial

Misstatement are considered material if the combined uncorrected errors and fraud in the
financial statements would likely have changed or influenced the decisions of a reasonable
person using the statements

Error Vs Fraud
• Error: unintentional
• Fraud: intentional

Types of Fraud:
1. Misappropriation of assets
a. Mainly done by employees
b. “employee fraud” / “defalcation”
2. Fraudulent financial reporting – overstatement of earnings
a. Playing with the numbers
b. “Management fraud”

ROLE OF EXTERNAL AUDITOR IN REGARDS TO FRAUD

 • Fraud = management responsibility
• As an auditor, you must simply conduct risk analysis
• If the risk of fraud is high in an area, we spend more time working on this specific area
• Financial statements audit is NOT fraud audit
• However, that doesn’t mean the auditor is not concerned with fraud

JUDGMENT TRAPS
1. Confirmation Bias
a. Confirming already established beliefs, relying on beliefs
b. Put more weight on information that is consistent with our initial belief
c. Always ask yourself, questioning mind, make opposing cases, consider conflicting
information
2. Overconfidence Bias
a. Not going to have a questioning mind
b. The potential for the auditor to overestimate their own ability to perform tasks
c. Lead to inability to see different points of view
d. Ex: might not seek the opinion of an expert
e. Challenge opinions and experts
3. Anchoring
a. Auditor referred to what was done last year and repeat (risks might have
changed)
b. SALY (Same As Last Year)
c. Solicit input of others
d. Consider management bias, consider that things change year to year
4. Availability
a. Rely on the information available
b. Make decision based on how easily the auditor can recall and event
c. Base the decision on the information available to you
d. Consider why something comes to your mind
e. Consider consulting others

CYCLES
1. Revenue and collection
2. Acquisition and payment
3. HR and payroll
4. Inventory and distribution
5. Capital Acquisition and repayment
ASSERTIONS FOR CLASSES OF TRANSACTIONS (INCOME STATEMENT)
1. Occurrence
a. Make sure things truly occurred
2. Completeness
a. All the transactions are included (there’s no missing transaction)
3. Accuracy
a. Verify the math
4. Cut-off
a. Make sure recorded in the right period
5. Classification
a. Make sure recorded in the right account
6. Presentation
a. Make sure everything is properly described and disclosed

ASSERTIONS FOR ACCOUNTS BALANCES

1. Existence
a.
2. Completeness
3. Accuracy, Valuation and Allocation
a. Verify the math
4. Rights and Obligations
a. Ownership of the assets are truly owned by the company
b. Do the liabilities truly belong to the entity
5. Classification
a. Make sure recorded in the right account
6. Presentation

Occurrence: Do recorded transactions EXIST?

Completeness: Have ALL transactions been included and recorded
Accuracy: Were transactions recorded correctly?
Cut-Off: Were transactions recorded on the correct date?
Classification: are the transactions included in the clients’ journal properly classified

Existence: Do all amounts included EXIST?

Completeness: Are all amounts recorded?
Rights and Obligations: Are the assets owned? Do the liability belong to the entity?
Accuracy: Were transactions recorded correctly? In the customer’s master file?
Valuation: Are the assets recorded at the amount estimated to be realized? A/R
Allocation: Are all the amounts included appropriate>
Shipping documents -> books = Completeness
Ex: shipping documents -> sales journal

Books -> supporting documents = Occurrence

Disclosures = Presentation

Taking the last transactions of the year making sure they are recorded in the current period=
Cut off

Foot means to add up so = accuracy

Think of assets as things that exists = EXISTENCE

Think of sales transactions as events that occurs = OCCURRENCE

Vouching – downstream; form accounting records (sales journal) -> source document (invoice);
testing for occurrence and possibly cut off

Tracing – upstream; from source document to the financial records -> tests for completeness

Verify and matching with the GL – accuracy and valuation

Labelling and listing – completeness

Anything payroll related – occurrence

Chapter 5

Audit Procedures
1. Risk Assessment
a. To obtain info for identifying and address risk of material misstatement
b. To identify areas that are risky/ address of material misstatement
c. Ex: Nature of the company and if there are some areas that are risky
2. Test of Controls
a. To verify if the auditor can rely upon the internal controls to do less substantive
procedures
b. Assess where the internal controls are good or bad
c. If the test controls = good = less risk of MM = rely on test of controls to do less
substantive procedures
d. Ex: verifying properly doing Credit Check
3. Substantive Procedures
a. Testing assertions, account balances and transactions
b. Ex: testing sales transactions by looking at the shipping docs
c. Ex: going to the warehouse to supervise a count of inventory

Persuasiveness of evidence

Good Evidence Vs Bad Evidence

• Good Evidence: Appropriate, Sufficient, Timely
o Appropriate: Relevant and reliable
▪ Evidence obtained directly by external auditor/ external party/
independent source

The persuasiveness of evidence is:

1. Appropriate: relevant and reliable
a. Reliable Evidence:
i. Evidence obtained directly by external auditor
ii. Independence of the source
iii. Qualification of the source (competent and qualified)
iv. Consistency from the multiple sources
v. Effectiveness of client’s internal controls
vi. Degree of objectivity
2. Sufficient: enough evidence
3. Timely: covers the appropriate time period

HOW TO COLLECT EVIDENCE

7 Methods:
1. Inspection (most common)
a. Very popular and reliable
 b. Ex: Wanna see how the warehouse manager puts the shipment in the truck and
see how the process goes
c. Doing it yourself
2. Observation
a. Observe procedures
b. Ex: you wanna go to the office to see if they do credit checks before sale. Look at
someone doing the sale transaction
c. Ex: Observe employees doing inventory
3. External Confirmation
a. Receipt of a written or oral response
b. Very reliable, because it is a third party
4. Recalculation
a. Redoing math
5. Reperformance
a. Redoing procedure itself
b. Ex: Try to create an fake sale online system to test IT controls
6. Analytical procedures
a. Coming up your own estimate of something and comparing it to industry or
period to period balances
7. Inquiry
a. Asking
Chapter 6

WE DO AUDIT PLANNING BEFORE AUDIT PROCEDURES

AUDIT PLANNING: sets the tone for the audit procedures

• Carefully analyze the client
• Identify a risky area
• Decide how youre going to respond to those risk areas
• Decide the acceptable audit risk

ACCEPTABLE AUDIT RISK: risk the auditor willing to accept that AFTER all procedures
performed some material misstatements haven’t been caught

RISK OF MATERIAL MISTATEMENT: risk that the financial statements are materially misstated
BEFORE the audit
Ex: due to the nature of the company, there is more risks to fraud

CLIENT INVESTIGATION: auditor must perform this before accepting an engagement

• Communicate with the predecessor auditor to see if there are any reasons to not accept
engagement

FACTORS THAT CAN HELP THE AUDITOR ASSESS RISK (DONE BEFORE PLANNING OF AUDIT)
1. Understand the nature of the Client’s business and environment
2. Understand Regulatory, External problem
3. Business operations and processes
a. Understand how operations work
b. Identify related party operations (parent company- subsidies)
4. Management and Governance
a. Management’s Philosophy
b. Discuss with management
c. Understand the code of ethics
5. Client Objectives and Strategies
6. Measurement and Performance

START PLANNING
1. Preliminary Analytical Review and the Audit Plan
a. Calculate key ratios
b. Calculate debt to quity ratio
2. Develop overall strategy: Resource Required for the engagement

MATERIALITY – judgment call

OVERALL MATERIALITY – determining materiality as a whole
Benchmark
More risk of materiality, take the smaller percentage
 Lower risk of materiality, take the higher percentage
If 50/50 find average of both

PERFORMANCE MATERIALITY – between 50% (high risk)- 75% (low risk) of overall materiality
Amount less than materiality that the auditor uses to plan and conduct the financial statement
audit
Always work with overall materiality

1. Auditor assess risk

2. Audit planning
3. Audit procedures
CHAPTER 8

Control Risk – risk that internal controls do not prevent MM

If controls are bad -> control risk is high -> detection risk is low -> has a lot of work
to do

• Entity level controls – pervasive in nature (nothing to do with day to day transactions) ->
pervasive controls
o Do not address particular transaction cycles
o Pervasive sets the tone at the top
o Not specific to anything
• Transaction controls – implemented for specific transactions
o Designed to specifically prevent to detect or correct
Before an auditor can conclude a class of transaction, assertions must be ment
Controls helps those assertions to hold

5 COSO COMPONENTS OF INTERNAL CONTROLS

1. Control environment (Management)
a. Tone at the top
b. Does management promote ethical behaviour and compliance with rules?
c. Foundation of effective internal control
d. Governance and management functions as well as the attitudes concerning
internal controls and its importance
e. Having a good tone at the top reduce fraud risk
2. Risk Assessment
a. Make sure the risks are properly identified
b. If a risk is not identified, no controls will be put in place
3. Control Activities
a. Procedures to eliminate or reduce risks
b. Combination of preventive and detective controls
c. Preventive: controls designed to avoid errors, prevent problems form happening
i. Prevents the problem
d. Detective: Identify errors or irregularities after they have occurred; corrective
action
i. Detects the problem

Business Process – set of manual or computerized procedures that collect record and process
data
“Application system”

Typical Controls of Business Process:

• Proper authorization of transactions and activities
 Authorization of transactions, authorization of new programs and changes to programs
• Adequate documents and records
Everything you have in your financials must be backed up and categorized, important ot
have prenumbered documentation
• Physical and logical control over assets and records
Make sure records and assets are protected
• Adequate segregation of duties
Can reduce the opportunities for a person to be in a position to perpetuate and conceal
a fraud.
➔ Rotate duties if not enough employees
• Independent checks of performance, recorded data and actual results

4. Information and Communication

a. Capture and process and report on data
b. Information must be gathered and process and it has to be communicated to the
people responsible for working with that information
5. Monitoring
a. Making sure the previous 4 components work properly
CHAPTER 9 ASSESSING THE CONTROL AND RISK OF DESIGNING TESTS OF CONTROLS

UNDERSTANDING INTERNAL CONTROLS

Priority: understanding internal controls. Auditors not required to conduct internal controls.
Done at planning (controls are absent or weak) -> allows to identify risky areas -> identify the
areas where the risk of mm is higher

UNDERSTANDING THE INFORMATION SYSTEM AND COMMUNICATION

MUST UNDERSTAND WHAT THE OCMPNAY DOES TO UNDERSTAND THEIR TRANSACTIONS
and how they record it (gain general understanding)

UNDERSTANDING CLIENT’S ACTIVITY

Understand the company’s operations

Methods for documenting understanding of controls/:

• Narrative- written description of a client’s internl controls
• Flowchart – diagram to present a sequence in which they are processed
• Internal control questionnaire
One is not better than the other

Step 1: Understand controls

Step 2: Evaluate Controls
• @ entity level
• @ assertion level
Step 3: Assess the effectiveness of controls with tests of controls
• this is when its cost effective
Step 4: decide whether to use a substantive or a combined approach

Steps to Evaluate Internal Control Designs and Implementation

Step 1: Update and evaluate auditor’s previous experience with the entity
• we can review last year’s documentation
Step 2: Make inquiries of client personnel
• talk to the client
Step 3: Examine documents and records
• show list of controls, how you created these controls
Step 4: Observe the entity’s activities and operations
• visit the warehouse
Step 5: Perform walk throughs
Step 6: assess control risk
CONTROL RISK
• management lacks integrity
• accounting records are deficient
• complex IT environments

ASSESSING CONTROL RISK AT THE ENTITY LEVEL

• pervasive
• tone of the top: code of ethics
• general procedures

ASSESSING CONTROL RISK AT THE ASSERTION LEVEL

Control Risk matrix: matching internal controls with assertions

3 LEVELS OF THE ABSENCE OF INTERNAL CONTROLS

• Control deficieny – design of control that does not detect ad correct misstatements
• Significant deficiency – exists if one or more control deficiencies exist that are less seevr
than a material weakness
o In between control deficiency and material weakness
• Material weakness – if significant deficiency results in a reasonable possibility that
internal control will not prevent or detect material financial misstatements on a timely
basis
o Major control deficiency
o Biggest concern
o Control problem that s likely not prevent or detect material misstatements

5 STEP APPROACH FOR IDENTIFYING SIGNIFICANT AND OR MATERIAL INTERNAL CONTROL

WEAKNESSES
1. Identify exisiting controls
2. Identify the absence of key controls
3. Consider the possibility of compensating or mitigiating controls
4. Decide whether there is a significant deficiency or material weakness
5. Determine potential material misstatements that could result
TESTS OF CONTROLS
• Test effectiveness of controls
• We only do this if we think internal controls will be good based upon our understanding
the controls
• If controls are bad, NO TESTS OF CONTROLS
• NOT a requirement

5 AUDIT PROCEDURES
1. Make inquiries of appropriate entity personnel
2. Inspect documents, records and reports
3. Observe control related activities
4. Test Data
5. Reperform Client procedures – supervisor signs off a timesheet

SUBSTANTIVE AND COMBINED APPROACH

Substantive: test the numbers
Test of control: test the controls
Combined: test both numbers and controls

ALWAYS test substantive testing: numbers

NO NEED to test controls (test them according to the efficiency standpoint)
BANK RECONCILIATION
HOW TO TEST
BANK BALANCE: confirm with the bank
OUTSTANDING CHEQUES: look at previous/next statements, cash disbursement journals, look
at the copy of the cheque
DEPOSITS IN TRANSIT: check the following month bank statement, verify cash receipt journal
BANK ERROR: many ways of testing depending on the situation, look at letter from the bank.
Bank statement of the following month, look at copy of the receipt, look at copy of the cheque

BOOK BALANCE: confirm with GL

Recording Error: look at sept bank statement, look at copy of deposit, look at journal entry so
you know there’s a mistake
Receivable collected: look at sept bank statement, look at copy of the payment, look for bank
credit memo
INTEREST EARNED: look at bank statement of the current month
NFS CHEQUE: look at the bank statement, copy pf the actual cheque and look for the letter or
note from the bank
FOR EACH ACCOUNT WHAT CONTROL SHOULD BE IN PLACE?
• Objective with assertion
• Control
Typical Controls of Business Process: (AAPSC)
• Proper authorization of transactions and activities
Authorization of transactions, authorization of new programs and changes to programs
• Adequate documents and records
Everything you have in your financials must be backed up and categorized, important ot
have prenumbered documentation
• Physical and logical control over assets and records
Make sure records and assets are protected
• Adequate segregation of duties
Can reduce the opportunities for a person to be in a position to perpetuate and conceal
a fraud.
➔ Rotate duties if not enough employees
• Independent checks of performance, recorded data and actual results

• Test of Control (IIOTR)

o Make inquiries of appropriate entity personnel
o Inspect documents, records and reports
o Observe control related activities
o Test Data
o Reperform Client procedures – supervisor signs off a timesheet

For ex:
Sales – objective: occurrence (matching shipping document), completeness ( prenumbered),
classification (codes)
Purchases
Payroll
Cash payments – segregation of duties

• CYCLES

CYCLES
1. Revenue and collection
2. Acquisition and payment
3. HR and payroll
4. Inventory and distribution
5. Capital Acquisition and repayment
 • TYPE OF EVIDENCE
HOW TO COLLECT EVIDENCE
7 Methods:
1. Inspection (most common)
a. Very popular and reliable
b. Ex: Wanna see how the warehouse manager puts the shipment in the truck and
see how the process goes
c. Doing it yourself
2. Observation
a. Observe procedures
b. Ex: you wanna go to the office to see if they do credit checks before sale. Look at
someone doing the sale transaction
c. Ex: Observe employees doing inventory
3. External Confirmation
a. Receipt of a written or oral response
b. Very reliable, because it is a third party
4. Recalculation
a. Redoing math
5. Reperformance
a. Redoing procedure itself
b. Ex: Try to create an fake sale online system to test IT controls
6. Analytical procedures
a. Coming up your own estimate of something and comparing it to industry or
period to period balances
7. Inquiry
a. Asking