Lecture 6

Question 1

Audit programme

Answer 1

Includes various control/ substantive tests for a significant risk. Each programme addresses signif risk

Question 2

Controls =

Answer 2

Elements of systems/ processes (designed by management) to safeguard assets and maintain accurate financial records so financial statements can be prepared

Question 3

Controls are designed to

Answer 3

Reduce the risk of fraud/ error in FSs by detecting, preventing and correcting certain actions on significant risk areas

Question 4

Auditors test controls to see if (2)

Answer 4

• Designed to detect fraud/ error

- Operating effectively

Question 5

If controls designed and appropriately and operating effectively..

Answer 5

Auditor relies on them to detect fraud/ error and reduces substantive testing

Question 6

Entity level controls =

Answer 6

Controls that cover whole company

Question 7

Auditors test entity level controls to

Answer 7

Assess strength of control environment

Question 8

According to ISA 315 > entity level controls > auditors should test: (3)

Answer 8

• Communication and enforcement of ethical values
• Management philosophy (tone at the top)
• Organisational structure

Question 9

How to test entity level controls (3 steps)

Answer 9

1) Understand and document control environment
2) Test controls management have asserted exist
3) Conclude on effectiveness and impact on audit approach

Question 10

Process level controls =

Answer 10

Controls embedded in specific process company has put in place to prevent, detect and correct errors/ fraud

Question 11

Categories of process level controls (4)

Answer 11

• Performance reviews
• Information processing controls
• Physical controls
• Segregation of duties

Question 12

Testing design and implementation =

Answer 12

Auditor confirms what they have learnt, may need walkthrough

Question 13

Walkthrough =

Answer 13

Check that system is operating as noted in process notes by following transaction through system

Question 14

Test of operating effectiveness =

Answer 14

Testing to see if control is actually working

Question 15

Effective control >

Answer 15

Can rely on > reduces substantive testing

Question 16

Ineffective control >

Answer 16

No reliance > increase substantive testing, and communicate to audit committee

Question 17

When testing TOE, must consider…

Answer 17

NET of audit procedures

Question 18

Nature =

Answer 18

Type of testing to perform, and how going to perform

Question 19

Nature of testing egs (4)

Answer 19

• Inspection records/ docs
• Observation/ inquiry
• Confirmation
• Re-calculation/ re-performance

Question 20

Timing =

Answer 20

When you are going to do testing

Question 21

Testing of TOE usually takes place..

Answer 21

At interim, may need to top up at YE

Question 22

Extent =

Answer 22

How much testing going to do and on what population

Question 23

Level of TOE testing depends on (2)

Answer 23

• Frequency of control

- Risk of failure

Question 24

TOE population to test depends on (2)

Answer 24

• Assertions

- Balances

Question 25

Directional testing =

Answer 25

Testing what’s not there

Question 26

HORNET used to..

Answer 26

Work out risk the control will fail

Question 27

HORNET

Answer 27

How is control performed?
how Often is control performed?
Risk the control mitigates
Nature and size of misstatement control likely to detect
how Experienced and competent is person performing control?
is there a Technology component?

Question 28

Sample sizes determined based on: (3)

Answer 28

• Risk of failure
• Frequency
• Whether IT component

Question 29

If IT general controls testing has been completed…

Answer 29

Test of one required

Question 30

If one occurrence fails..

Answer 30

Control deemed to be operating ineffectively