Guide to Using International Standards on Auditing in - IFAC
17.03.2014 Views
Share Embed Flag

Guide to Using International Standards on Auditing in - IFAC

Guide to Using International Standards on Auditing in - IFAC

Guide to Using International Standards on Auditing in - IFAC

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
kacr.cz

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

71<br />

<str<strong>on</strong>g>Guide</str<strong>on</strong>g> <str<strong>on</strong>g>to</str<strong>on</strong>g> <str<strong>on</strong>g>Us<strong>in</strong>g</str<strong>on</strong>g> <str<strong>on</strong>g>Internati<strong>on</strong>al</str<strong>on</strong>g> <str<strong>on</strong>g>Standards</str<strong>on</strong>g> <strong>on</strong> <strong>Audit<strong>in</strong>g</strong> <strong>in</strong> the Audits of Small- and Medium-Sized Entities Volume 1—Core C<strong>on</strong>cepts<br />

• Communicati<strong>on</strong>s relat<strong>in</strong>g <str<strong>on</strong>g>to</str<strong>on</strong>g> <strong>in</strong>ternal c<strong>on</strong>trol from external audi<str<strong>on</strong>g>to</str<strong>on</strong>g>rs and c<strong>on</strong>sultants.<br />

Sources of Informati<strong>on</strong> Used for M<strong>on</strong>i<str<strong>on</strong>g>to</str<strong>on</strong>g>r<strong>in</strong>g<br />

Much of the <strong>in</strong>formati<strong>on</strong> used <strong>in</strong> m<strong>on</strong>i<str<strong>on</strong>g>to</str<strong>on</strong>g>r<strong>in</strong>g will be produced by the entity’s <strong>in</strong>formati<strong>on</strong> system.<br />

Management may tend <str<strong>on</strong>g>to</str<strong>on</strong>g> assume that this <strong>in</strong>formati<strong>on</strong> is accurate. If this <strong>in</strong>formati<strong>on</strong> is not accurate, there is<br />

a risk that management could reach <strong>in</strong>correct c<strong>on</strong>clusi<strong>on</strong>s, and make poor decisi<strong>on</strong>s as a result.<br />

Accord<strong>in</strong>gly, when the audi<str<strong>on</strong>g>to</str<strong>on</strong>g>r is evaluat<strong>in</strong>g the m<strong>on</strong>i<str<strong>on</strong>g>to</str<strong>on</strong>g>r<strong>in</strong>g of c<strong>on</strong>trols, an understand<strong>in</strong>g is required of:<br />

• The sources of the <strong>in</strong>formati<strong>on</strong> related <str<strong>on</strong>g>to</str<strong>on</strong>g> the entity’s m<strong>on</strong>i<str<strong>on</strong>g>to</str<strong>on</strong>g>r<strong>in</strong>g activities; and<br />

• The basis up<strong>on</strong> which management c<strong>on</strong>siders the <strong>in</strong>formati<strong>on</strong> <str<strong>on</strong>g>to</str<strong>on</strong>g> be sufficiently reliable for the purpose.<br />

5.9 Understand<strong>in</strong>g of Internal C<strong>on</strong>trols Relevant <str<strong>on</strong>g>to</str<strong>on</strong>g> the Audit<br />

The follow<strong>in</strong>g exhibit summarizes the steps <strong>in</strong>volved <strong>in</strong> obta<strong>in</strong><strong>in</strong>g an understand<strong>in</strong>g of <strong>in</strong>ternal c<strong>on</strong>trols<br />

relevant <str<strong>on</strong>g>to</str<strong>on</strong>g> the audit.<br />

Exhibit 5.9-1<br />

Identify<br />

Specific Risks<br />

of Material<br />

Misstatement<br />

Requir<strong>in</strong>g<br />

Mitigati<strong>on</strong><br />

Management’s<br />

Resp<strong>on</strong>se <str<strong>on</strong>g>to</str<strong>on</strong>g><br />

the Identified<br />

Risks of Material<br />

Misstatement<br />

Significant<br />

Deficiencies<br />

Implementati<strong>on</strong> of<br />

Relevant C<strong>on</strong>trols<br />

Address<br />

The potential risks of material misstatement (related <str<strong>on</strong>g>to</str<strong>on</strong>g> significant classes of<br />

transacti<strong>on</strong>s, account balances, and f<strong>in</strong>ancial statement disclosures) that exist at the<br />

asserti<strong>on</strong> level. For example:<br />

• Regular day-<str<strong>on</strong>g>to</str<strong>on</strong>g>-day transacti<strong>on</strong>al risks;<br />

• Fraud risks (such as management override and asset misappropriati<strong>on</strong>);<br />

• Disclosure risks (<strong>in</strong>complete or miss<strong>in</strong>g <strong>in</strong>formati<strong>on</strong>);<br />

• Significant risks;<br />

• N<strong>on</strong>-rout<strong>in</strong>e risks (such as implement<strong>in</strong>g a new account<strong>in</strong>g system); and<br />

• Judgmental risks (estimates, valuati<strong>on</strong>s, etc.).<br />

What specific (manual or IT applicati<strong>on</strong>) c<strong>on</strong>trol activities that (<strong>in</strong>dividually or <strong>in</strong><br />

comb<strong>in</strong>ati<strong>on</strong> with others) prevent, or detect and correct, material errors and fraud.<br />

This step does not require the audi<str<strong>on</strong>g>to</str<strong>on</strong>g>r <str<strong>on</strong>g>to</str<strong>on</strong>g> identify all the c<strong>on</strong>trol activities that may<br />

exist. For example, an entity may have implemented 15 c<strong>on</strong>trol procedures <str<strong>on</strong>g>to</str<strong>on</strong>g> address<br />

a particular risk. If the audi<str<strong>on</strong>g>to</str<strong>on</strong>g>r c<strong>on</strong>cluded that the first three c<strong>on</strong>trol procedures<br />

identified were sufficient <str<strong>on</strong>g>to</str<strong>on</strong>g> mitigate the risk <strong>in</strong>volved, there is no need <str<strong>on</strong>g>to</str<strong>on</strong>g> carry <strong>on</strong><br />

work <str<strong>on</strong>g>to</str<strong>on</strong>g> identify and document the other 12 c<strong>on</strong>trol procedures.<br />

Failure by management <str<strong>on</strong>g>to</str<strong>on</strong>g> mitigate a risk of material misstatement would likely result<br />

<strong>in</strong> a significant deficiency. These would be reported <str<strong>on</strong>g>to</str<strong>on</strong>g> management and an audit<br />

resp<strong>on</strong>se developed.<br />

This <strong>in</strong>volves procedures (<strong>in</strong> additi<strong>on</strong> <str<strong>on</strong>g>to</str<strong>on</strong>g> <strong>in</strong>quiry of the client’s pers<strong>on</strong>nel) <str<strong>on</strong>g>to</str<strong>on</strong>g> determ<strong>in</strong>e<br />

that relevant c<strong>on</strong>trols identified actually exist and are <strong>in</strong> use by the entity. This can be<br />

carried out at a po<strong>in</strong>t <strong>in</strong> time such as trac<strong>in</strong>g <strong>on</strong>e transacti<strong>on</strong> through the system <strong>on</strong><br />

a particular day. This is not a test of c<strong>on</strong>trols, which is designed <str<strong>on</strong>g>to</str<strong>on</strong>g> evaluate whether a<br />

c<strong>on</strong>trol operated effectively throughout the period covered by the audit.

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!