MSAF 608

ADVANCED AUDITING AND

ASSURANCE

Week 6 & 7 – Framework for Audit Evidence

Dr Rita A. Bekoe
rabekoe@ug.edu.gh/celestialrita@gmail.com
 Learning Objectives
• Understand the concept of Audit Evidence

• Discuss the characteristics of audit evidence

• Explain the assertions used in auditing and the proceedures

applicable

• Discuss the various sources of audit evidence

• Understand the purpose and nature of Audit documentation

 Introduction
• Audit evidence is all the information, records, documents used by auditors
in arriving at the conclusions on which the audit opinion is based.
• Auditors spend most of their time obtaining and evaluating evidence
concerning the assertions contained in financial statements and reports on
internal control.
• The evidence gathering and evidence evaluation process is the core of an
audit.
• The nature of audit evidence is broad – with a specific objective to reduce
the auditor’s level of risk that the financial statements may contain
material misstatements.
Slide 3
 Introduction Cont.
According to ISA 500, audit evidence:
• Includes internally generated and external information,
• Includes information that may both support or contradict management’s
assertions,
• Is influenced by management actions, e.g. not producing requested
documentation, or not producing such documentation in a timely manner,
• Can be developed using outside experts or obtained from experts
• Can be obtained through other procedures the auditor normally performs
(e.g. previous year’s audit data)

Slide 4
 Sources of Audit Evidence
Knowledge of the Client Outside Information
Gathered through: Gathered through:
• Previous audit work • Work of the audit team using market
• Client risk analysis data
• Client acceptance analysis • Independent analysis by specialists

Cumulative Audit Evidence

Accounting Systems Quality of Internal Control

Gathered through Gathered through
• Direct tests of account balances and • Evaluation of the design of internal
transactions controls
• Analytical analysis • Evaluation of the operation of controls

Slide 5
 Examples of Evidence :Internal Documents
• Internal documentation could be in the form of
- legal agreements (leases),
- business documents eg. purchase orders, receipts, memos
- accounting documents (depreciation and amortization schedules),
- planning and control documents etc.

• The reliability of internal documentation varies according to:

– Effectiveness of internal control
– Risk and management motivation to misstate individual accounts
– Formality of documentation
– Independence of those preparing the documentation from those recording the transactions
Slide 6
 Examples of Evidence: External Documents
• External documentation are generally considered to be highly reliable,
but the reliability depends on whether;
– a) the documentation depends on a knowledgeable outside party; and
– b) is received directly by the auditor

• E.g. of external documentation includes

– Business documents such as vendor invoices, customer orders, etc
– Third party documents such as confirmation replies from customers, bank
statements etc
• General business information; e.g. industry trade statistics
Slide 7
 Characteristics of Audit Evidence: Sufficiency and
Appropriateness
ISA 330.26 suggests that the:
• auditor has to conclude whether sufficient, appropriate audit evidence
has been obtained to justify the audit opinion given.

• Sufficiency and appropriateness of audit evidence relates to evidence

obtained when testing internal controls and undertaking substantive
testing
• However, determining what is “sufficient” and “appropriate” is not an
easy task

Slide 8
 Characteristics of Audit Evidence: Sufficiency and
Appropriateness Cont.
The auditor's judgement as to what is sufficient appropriate audit evidence is
influenced by a number of factors;
• The Risk assessed
• The nature of the accounting and internal control systems
• The materiality of the item being examined
• The experience gained during previous audits
• The auditor's knowledge of the business and industry
• The results of audit procedures
• The source and reliability of information available
Slide 9
 Sufficiency of Audit Evidence
• The amount of evidence must be of sufficient quantity to convince the audit team of
the correctness or otherwise of an account balance

• Sufficiency is the measure of the quantity of audit evidence.

• The quantity of audit evidence required is affected by the level of risks of material
misstatement and also by the quality of such audit evidence.

• Importantly, audit evidence is integrated from a number of sources. Documentation of

that evidence from multiple sources, and the demonstrated testing of account balances
remain paramount and are the first things to be questioned when an audit fails
Slide 10
 Sufficiency of Audit Evidence Cont.
How much evidence is sufficient?
• This is partly a matter of experienced audit judgement and client risk
characteristics

• If audit evidence obtained from one source is inconsistent with evidence

obtained from another source, the auditor should perform further audit
procedures to resolve the inconsistency and determine the effect on
other aspects of the audit.

Slide 11
 Appropriateness of Audit Evidence
• Appropriateness is the measure of the quality of audit evidence; i.e. its
relevance and its reliability in providing support for the conclusions on
which the auditor’s opinion is based.

• An audit evidence is relevant if it provides insight on the validity of the

assertion being tested

• An audit evidence is reliable if it is convincing. Reliability is influenced by

the source and nature of the information, including the controls over its
preparation and maintenance
Slide 12
 Appropriateness of Audit Evidence cont’d
• Relevance deals with the logical connection with the purpose of the audit
procedure as related to the underlying assertion being tested

• Some evidence is directly relevant to the assertion (direct evidence). E.g.

communicating with a sample of customers

• Indirect evidence on the other hand relies on more inferences. E.g.

analysing expenses and comparing with the previous years

• Appropriate Evidence also depends on:

Slide 13
 Appropriate (Quality) Evidence

External Audit evidence from external sources is more reliable than that obtained from the
entity's records because it is from an independent source.
Obtained by Auditor Evidence obtained directly by auditors is more reliable than that obtained indirectly or
by inference
Obtained by Entity Evidence obtained from the entity's records is more reliable when the related control
system operates effectively
Written Evidence in the form of documents (paper or electronic) or written representations are
more reliable than oral representations, since oral representations can be retracted.
Originals Original documents are more reliable than photocopies or facsimiles, which can easily be
altered by the client.

Slide 14
 Appropriateness: Reliability of Audit Evidence
• The reliability of audit evidence is judged by its ability to provide convincing
evidence related to the audit objective being evaluated.

• Thus, evidence obtained directly by the auditor is preferable to that obtained

indirectly

• As companies are generally computer-dependent and computer-integrated,

paper based documentary evidence reduces

• Documentary evidence of companies could be internally or externally generated.

Slide 15
 Financial Statement Assertions
These are representations by management embodied in the financial statements
for which the auditor seeks sufficient and appropriate evidence. Thus, in
performing direct tests of account balances, the auditor is guided by these
assertions.
The assertions as set out in ISA 315 are in two categories;
1. Assertions about classes of transactions and events and related disclosures for
the period under audit (i.e. income statement assertions)
2. Assertions about account balances and related disclosures at the end of the
period (i.e. statement of financial position assertions)

Slide 16
 Financial Statement Assertions Cont.
Assertions about classes of transactions and events and related disclosures for the
period under audit;
• Occurrence: Transactions and events that have been recorded or disclosed have
occurred, and that such transactions relate to the entity.
• Completeness: All transactions and events that should have been recorded have been
recorded and all related disclosures have been included in the financial statement
• Accuracy: Amounts and other data relating to recorded transactions and events have
been recorded appropriately and all related disclosures have been appropriately
measured and described
• Cut-off: Transactions and events have been recorded in the correct accounting period

Slide 17
 Financial Statement Assertions Cont.
• Classification: Transactions and events have been recorded in the proper
accounts
• Presentation: Transactions and events have been appropriately
presented in the context of the requirement of the applicable financial
reporting framework.

Slide 18
 Financial Statement Assertions Cont.
Assertions about account balances and related disclosures at the end of
the period;
• Existence: Assets, liabilities and equity interest exist
• Rights and obligations: The entity controls the rights to assets, liabilities
and equity and that they are those of the entity
• Completeness: All assets, liabilities and equity that should have been
recorded have been recorded and all related disclosures have been
included in the financial statement

Slide 19
 Financial Statement Assertions Cont.
• Accuracy, valuation and allocation: Assets, liabilities and equity interest
have been included in the financial statement at the appropriate
amounts and any resulting valuation or allocation are appropriately
recorded and related disclosures have been appropriately measured and
described
• Classification: Assets, liabilities and equity interests have been recorded
in the proper accounts
• Presentation: Assets, liabilities and equity interests have been
appropriately presented in the context of the requirement of the
applicable financial reporting framework.
Slide 20
 Financial Statement Assertions Cont.
• For each financial statement item being audited, the auditor should
generate evidence designed to reach a conclusion on the reliability of
the appropriate assertions

Slide 21
 Audit Procedures for Gathering Evidence
• The objective of an audit procedure is to enable the auditor:
• - Understand the business entity and its environment including risk
- Test controls within the entity
- Detect material misstatements
• Audit procedures are used by auditors to determine the quality of the financial information
being provided by their clients. The exact procedures used will vary by client, depending on
the nature of the business and the audit assertions that the auditors want to prove. Here are
several general classifications of audit procedures:
 Analytical procedures
 Observation
 recalculation\reperformance
 Written representation
 Inspection of assets/records
 Enquiry
 Third party confirmation
Slide 22
 Specific Audit Procedures for Assessing Risk
• Inquiries of management and others within the entity.
• Analytical procedures.
• Observation and inspection.
• Discussions among the engagement team.

Slide 23
 Specific Procedures for Testing Controls
• Walk-through tests-In this case the auditor will initiate a transaction to see
how well the system of control works.
• Observations
• Examining reports on the controls usually by the internal auditor.
• Inquiries
• Internal control questionnaires
• Flowchart of processes

Slide 24
 Practical Point to Note
• Auditors must always consider the client’s overall risk profile. If a client
is judged as “high risk”, auditors must be sure not to over-trust
management’s integrity, and should be cognizant that technology can be
used to make documents look as if they are from external independent
sources (when they are not).

• In short auditors need to always exercise professional scepticism,

especially when the client’s overall risk profile is high

Slide 25
 Other forms of Evidence Gathering
• Management Representation
– If management refuses to provide a representation that the auditor considers
necessary, this constitutes a scope limitation and the auditor should express a
qualified opinion or a disclaimer of opinion
• Attendance at Physical Inventory Counting
• Inquiry Regarding Litigation and Claims
• Valuation and Disclosure of Long-term Investments
• Segment Information
• Related Parties
• External confirmations
Slide 26
 Other sources of Evidence: External Confirmation
Obtaining evidence from external bodies/individuals with permission from
the client. Examples of such transactions for which auditors may externally
confirm include:
– Bank balances and other information from bankers.
– Accounts receivable balances.
– Stocks held by third parties at bonded warehouses for processing or on consignment.
– Property title deeds held by lawyers or financiers for safe custody or as security.
– Investments purchased from stockbrokers but not delivered at the balance sheet
date.
– Loans from lenders.
– Accounts payable balances.
Slide 27
 Using the work of another Auditor
• Sometimes, an audit may require the use of another auditor for aspects of
the engagement.
• The auditor must determine who the principal auditor is.
• When the principal auditor uses the work of another auditor, the principal
auditor should determine how the work of the other auditor will affect the
audit.
• Division of Responsibility
• Cooperation
• Reporting Considerations

Slide 28
 Evaluating the work of Another Auditor
• The materiality of the portion of the financial statements which the principal auditor audits.
• The principal auditor’s degree of knowledge regarding the business of the components.
• The risk of material misstatements in the financial statements of the components audited by the other
auditor.
• The performance of additional procedures regarding the components audited by the other auditor resulting
in the principal auditor having significant participation in such audit.
• The independence requirements regarding both the entity and the component and obtain written
representation as to compliance with them.
• The use that is to be made of the other auditor’s work and report and make sufficient arrangements for the
coordination of their efforts at the initial planning stage of the audit.
• The principal auditor would inform the other auditor of matters such as areas requiring special
consideration, procedures for the identification of intercompany transactions that may require disclosure
and the timetable for completion of the audit.
• The accounting, auditing and reporting requirements and obtain written representation as to compliance
with them Slide 29
 Considering the work of Internal Auditor
• Understanding and Preliminary Assessment of Internal Auditing
• Timing of Liaison and Coordination

Slide 30
 Evaluating the Internal Audit Function
• Organizational status
• Scope of function
• Technical competence
• Due professional care
• Sufficient appropriate audit evidence is obtained to be able to draw reasonable
conclusions.
• Conclusions reached are appropriate in the circumstances and any reports
prepared are consistent with the results of the work performed.
• Any exceptions or unusual matters disclosed by internal auditing are properly
resolved.
Slide 31
 Using the Work of Experts
• When using the work performed by an expert, the auditor should obtain sufficient
appropriate audit evidence that such work is adequate for the purposes of the audit.
• In auditing, an expert is a person possessing special skills, knowledge and experience in a
particular field other than accounting and auditing.
• The auditor’s education and experience enables the auditor to be knowledgeable about
business matters in general, but the auditor is not expected to have the expertise of a person
trained for or qualified to engage in the practice of another profession or occupation, such as
an actuary or engineer.
• An expert may be:
– Contracted by the entity.
– Contracted by the auditor.
– Employed by the entity.
– Employed by the auditor.
Slide 32
 Determining the Need to Use the Work of an Expert
• In obtaining an understanding of the entity and performing further procedures in response
to assessed risks, the auditor may need to obtain, in conjunction with the entity or
independently, audit evidence in the form of reports, opinions, valuations and statements of
an expert.

• Examples include the following:

– Valuations of certain types of assets, for example, land and buildings, plant and machinery, works of art,
and precious stones.
– Determination of quantities or physical condition of assets, for example, minerals stored in stockpiles,
underground mineral and petroleum reserves, and the remaining useful life of plant and machinery.
– Determination of amounts using specialized techniques or methods, for example, an actuarial valuation.
– The measurement of work completed and to be completed on contracts in progress.
– Legal opinions concerning interpretations of agreements, statutes and regulations.
Slide 33
 Evaluating The Expert
The auditor will evaluate the:

• Competence and Objectivity of the Expert

• Scope of the Expert’s Work

• The engagement team’s knowledge and previous experience of the matter being considered.

• The risk of material misstatement based on the nature, complexity, and materiality of the
matter being considered.

• The quantity and quality of other audit evidence expected to be obtained.

Slide 34
 Evaluating the work of The Expert
The auditor will consider;
• Source of data used.

• Assumptions and methods used and their consistency with prior periods.

• Results of the expert’s work in the light of the auditor’s overall knowledge of the business
and of the results of other audit procedures

• Making inquiries regarding any procedures undertaken by the expert to establish whether
the source data is relevant and reliable.

• Reviewing or testing the data used by the expert.

Slide 35
 Audit Documentation (ISA 230)
• All evidence obtained should be documented as audit working papers
• These working papers are the tangible evidence of all work done in
support of the audit opinion
• Thus, audit documentation is the record of audit procedures performed,
audit evidence obtained and conclusions reached
• The objective of the auditor in respect of audit documentation is to
ensure that there is
– sufficient and appropriate record of the basis for the auditor’s report
– there is evidence that the audit was planned and performed in accordance with
ISAs and applicable legal and regulatory requirements
Slide 36
 Audit Documentation (ISA 230) Cont.
• Auditors are required to prepare documentation on a timely basis and
sufficient to enable an experienced auditor with no previous connection with
that audit to understand;
– The nature, timing and extent of the audit procedures performed
– The results of those procedures and the audit evidence obtained
– Significant matters which arose during the audit and the conclusions reached thereon

Slide 37
 Audit Documentation (ISA 230) Cont.
• Work performed by each assistant should be reviewed by personnel of appropriate experience
to consider whether:

– The work has been performed in accordance with the audit programme

– The work performed and the results obtained have been adequately documented

– Any significant matters have been resolved or are reflected in audit conclusions

– The objectives of the audit procedures have been achieved

– The conclusions expressed are consistent with the results of the work performed and support the audit
opinion
Slide 38
 Purpose of Audit Documentation
• To enhance the quality of the audit
• To facilitate the effective review and evaluation of the audit evidence
obtained and conclusions reached before the audit report is finalised.
• Other reasons include;
– To provide evidence of work done
– The working papers may be required in the event of litigation arising over the audit
work and opinion given.
– To assist supervisors to in directing and supervising the audit work
– To enable an experienced auditor with no previous connection with that audit to
conduct quality control reviews or other inspections i.e. by understanding the work
that has been performed and the conclusions that have been reached.
Slide 39
 Form, Content and Extent of Audit Documentation
• The content of audit working papers will vary depending on the nature and
size of the client and the complexity of the audit processes required to
reach a conclusion. However, it will generally include:
– Audit programs
– Analyses
– Summaries of significant matters
– Letters of confirmation and representation
– Checklists
– Correspondence
• Traditionally, it has been the normal practice to maintain two types of
audit files, a permanent file and a current file.
Slide 40
 Permanent File
– This file records information that is likely to be of significance to every annual
audit of that client. E.g.
– The constitution of the company
– Legal documents such as loan agreements
– Record of accounting systems and procedures used by the client
– Copies of the financial statements for the previous years with key financial ratios
and trends
• This information is of continuing significance, it is therefore important
for the auditor to review its content regularly to update it

Slide 41
 Current File
• This contains information relevant to the current year’s audit.
• It is usually the main evidence on which the conclusion of the current
audit is based. It includes;
• The final financial statement and auditor’s report
• Audit planning documentation
• Audit control material i.e. time budgets, review points, points for
consideration by the engagement partner
• Audit letters

Slide 42
 Ownership, Custody and Confidentiality of Audit Working
Papers
• The audit firm has ownership of the audit working papers. The papers
are not a part of the client’s accounting records and do not belong to
the client
• The auditor is required to keep the papers for a minimum of five years
from the date of the audit report.
• The standards require the auditor to ensure that working papers are
kept safe and that their contents are kept confidential. Confidential
information should only be made available to third parties in accordance
with ethical guidelines.

Slide 43