10 Kasım 2012 Cumartesi

The Process of Audit

Since our main focus is on financial audit we will give the standard steps in this type of audit. This audit will be about internal audit. It is for sure that, the auditor must adhere to the general standards and fieldwork and reporting standards in performing an audit of a company's internal control over financial reporting. This involves the following:[1]
·         Planning the engagement
·         Evaluating management's assessment process
·         Obtaining an understanding of internal control over financial reporting
·         Testing and evaluating design effectiveness of internal control over financial reporting
·         Testing and evaluating operating effectiveness of internal control over financial reporting and
·         Forming an opinion on the effectiveness of internal control over financial reporting.

The audit of internal control over financial reporting should be properly planned and assistants, if any, are to be properly supervised. When planning the audit of internal control over financial reporting, the auditor should evaluate how the following matters will affect the auditor's procedures:[2]
·          Knowledge of the company's internal control over financial reporting obtained during other engagements.
·         Matters affecting the industry in which the company operates, such as financial reporting practices, economic conditions, laws and regulations, and technological changes.
·         Matters relating to the company's business, including its organization, operating characteristics, capital structure, and distribution methods.
·         The extent of recent changes, if any, in the company, its operations, or its internal control over financial reporting.
·         Management's process for assessing the effectiveness of the company's internal control over financial reporting based upon control criteria.
·         Preliminary judgments about materiality, risk, and other factors relating to the determination of material weaknesses.
·         Control deficiencies previously communicated to the audit committee or management.
·         Legal or regulatory matters of which the company is aware.
·         The type and extent of available evidence related to the effectiveness of the company's internal control over financial reporting
·         Preliminary judgments about the effectiveness of internal control over financial reporting.
·         The number of significant business locations or units, including management's documentation and monitoring of controls over such locations or business units.

The auditor must obtain an understanding of, and evaluate, management's process for assessing the effectiveness of the company's internal control over financial reporting. When obtaining the understanding, the auditor should determine whether management has addressed the following elements:[3]
·         Determining which controls should be tested, including controls over all relevant assertions related to all significant accounts and disclosures in the financial statements.
·         Evaluating the likelihood that failure of the control could result in a misstatement, the magnitude of such a misstatement, and the degree to which other controls, if effective, achieve the same control objectives.
·         Determining the locations or business units to include in the evaluation for a company with multiple locations or business units
·         Evaluating the design effectiveness of controls.
·         Evaluating the operating effectiveness of controls based on procedures sufficient to assess their operating effectiveness.
·         Determining the deficiencies in internal control over financial reporting that are of such a magnitude and likelihood of occurrence that they constitute significant deficiencies or material weaknesses.
·         Communicating findings to the auditor and to others, if applicable.
·         Evaluating whether findings are reasonable and support management's assessment.

After the above duties, the auditor should obtain an understanding of the design of specific controls by applying procedures that include:[4]
·         Making inquiries of appropriate management, supervisory, and staff personnel;
·         Inspecting company documents;
·         Observing the application of specific controls; and
·         Tracing transactions through the information system relevant to financial reporting.

Internal control over financial reporting is effectively designed when the controls complied with would be expected to prevent or detect errors or fraud that could result in material misstatements in the financial statements. The auditor should determine whether the company has controls to meet the objectives of the control criteria by:[5]
·         Identifying the company's control objectives in each area;
·         Identifying the controls that satisfy each objective; and
·         Determining whether the controls, if operating properly, can effectively prevent or detect errors or fraud that could result in material misstatements in the financial statements.

When forming an opinion on internal control over financial reporting, the auditor should evaluate all evidence obtained from all sources, including:[6]
·         The adequacy of the assessment performed by management and the results of the auditor's evaluation of the design and tests of operating effectiveness of controls;
·         The negative results of substantive procedures performed during the financial statement audit (for example, recorded and unrecorded adjustments identified as a result of the performance of the auditing procedures); and
·         Any identified control deficiencies.

Afterwards, we can think that the process is over. We shouldn’t say that this process will be recurring in each kind of audit but the steps will be similar to each other. For example, the data must be gathered and studied or analyzed and an opinion must be formed.


[1] Public Company Accounting Oversight Board, Audit Standard No:2, An Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements, US, 2006, p. 161.
[2] Public Company Accounting Oversight Board, Ibid, p. 163.
[3] Public Company Accounting Oversight Board, Ibid, p. 165.
[4] Public Company Accounting Oversight Board, Ibid, p. 165.
[5] Public Company Accounting Oversight Board, Ibid, p. 180.
[6] Public Company Accounting Oversight Board, Ibid, p. 194.

Hiç yorum yok:

Yorum Gönder