Auditing Study Material

AUDIT EVIDENCE

Audit evidence is all information and documentation collected and used by an

auditor on which the auditor’s opinion is based in arriving at the conclusions of his
or her review of the financial accounts, internal controls, and other matters needed
to certify the company's financial statements.

Audit evidence includes both information included in the accounting records

underlying the financial statements and other information. The amount and type of
audit evidence differ from one audit to another based on the business industry, the
company's financial system, the scope of the audit, and the type of audit.

Examples of auditing evidence include bank accounts, management accounts,

payrolls, bank statements, invoices, and receipts.

Method of obtaining evidence

Audit evidence should be sufficient, reliable, and provided from an appropriate

source. Obtaining audit evidence can be collected by different methods, the
following are the most common methods auditors use to get audit evidence:

 Inspection

This is the main method of obtaining audit evidence. This method involves
examining all records, documents, whether internal or external, in paper form,
electronic form, or other media, and physical assets. The source of records and
documents provided as audit evidence considers its reliability. The executed
contracts as an example by the company may provide audit evidence relevant to
accounting policies, such as revenue recognition.

 Observation
Observation consists of looking at a process or procedure being performed by
others, for example, the auditor’s observation of inventory counting by the
company's personnel, or of the performance of control activities. Observation is
also the main method of audit evidence. In this method, the auditor obtains the
testimony of witnesses, after this auditor can get the pinpoints of facts.

Observation provides audit evidence about the performance of a process but is

limited to the time the observation takes place.

 Inquiry and Confirmation

Inquiry is the research of information from knowledgeable resources within the

entity or outside the entity. Inquiries may vary from formal written inquiries to
informal oral inquiries. Confirmation consists of responses to inquiries. After true
confirmation, the auditor can trust and audit evidence.

Evaluating responses to inquiries is an essential part of the inquiry process.

Responses to inquiries may provide the auditor with information not previously
obtained. In some cases, responses to inquiries provide a basis for the auditor to
modify or conduct additional audit procedures. Considering some issues, the
auditor may consider it necessary to obtain written representations from
management and, where appropriate, those charged with governance to confirm
responses to oral inquiries.

 Computation

Computation is the calculation of the correctness of accounting data. To prove the

arithmetical accuracy of an entity's records, the auditor creates computations
independently as another form of audit evidence. Computations verify the
mathematical processes and are used to prove the calculation of the entity.

 Analytical Review

Analytical review can indicate possible problems with the financial records of a
company with the medium of ratio analysis.

Analytical procedures involve comparisons of different sets of financial and

operational information, to see if historical relationships are continuing forward
into the period under review. In most cases, these relationships should remain
consistent over time. If not, it can imply that the entity’s financial records are
incorrect.

Audit Programme

An audit program provides a basic plan for the audit team regarding the entity’s
business, its size, how to conduct the audit, allocation of work among team members
and the estimation of time within which it should complete the work.

It contains details regarding the relevancy of evidence, materiality level, risk

tolerance, measure of the sufficiency of the evidence. Thus, programs enhance the
accountability of the audit team and its members for the work performed by them

An auditor may revise the audit program if he considers it necessary due to prevailing
circumstances. The size of the entity, type of business or services in which entity
deals, applicable laws, the effectiveness of internal controls, and various other
relevant factors, also affect an audit program.

Thus, an auditor prepares an audit program according to its scope of work. The
minimum essential work to be performed is the Standard Programme. However,
there is no set audit standard program applicable in all the circumstances.

Audit working papers document the activities that the audit program performs. Audit
working papers support the work performed by the auditor for providing assurance
that the audit was performed in accordance with all the applicable standards on
auditing (SA’s). It helps the auditor in the proper execution of audit work.

An audit program covers various steps of auditing in an audit program like the
assessment of internal control, ascertaining accuracy and reliability of books of
accounts, inspection, vouching and verification, valuation of assets and liabilities,
scrutiny of accounts, presentation of financial statements, and submission of reports
and related disclosures.
Advantages of the Audit Programme

1. An audit program helps in ensuring that all-important areas are considered

while conducting the audit.
2. An audit program helps an auditor in the allocation of work among its team
members according to their skills and competency.
3. It enhances the accountability of audit team members towards work performed
by them
4. An audit program also reduces the scope for misunderstanding among team
members regarding the performance of audit work.
5. It helps the auditor in checking the status of audit work, its progress, how much
it is left for performance while conducting the audit.
6. Auditor prepares audit working papers which contains a record of various audit
procedure applied which serves as evidence against the charge of negligence.
7. Audit program enables the auditor to keep a record of useful information
specifically for future audit and references.

Disadvantages of Audit Programme

1. Rigidity: There is no set standard audit program that can be applied in the case
of every entity. However, programs differ for different types of entities. Every
entity has its own problems. Therefore, we cannot apply for a single audit
program in the case of all business entities.
2. Reduces the Initiative of Efficient Staff: – A program reduces the initiatives
of efficient and competent staff. Thus, staff members cannot make changes to
the audit plan and cannot make suggestions for it.
3. Audit Work becomes Mechanical: The program becomes mechanical when it
ignores other aspects like internal control.
4. Overlooking New Areas: A program may overlook the new areas. With the
change in time and technology, new problems may arise that an audit program
may not consider.
Types of Audit Programs
The two main types of audit programs are:
1. Fixed Audit Program
2. Flexible Audit Program
Fixed Audit Program
A fixed audit program is a set of standardized instructions that need to be followed
by the auditor while conducting the audit. It includes all possible audit procedures to
be followed during the audit although all of them may not be applicable in a
situation. A fixed audit program aims to take care of every possible audit situation
that may arise during an audit.

The disadvantage of the fixed audit program is that it is very rigid and nothing is left
to the discretion of the audit team. Also, it is difficult to follow the same audit
program even in the same organization over the years, as the conditions in the
organization are likely to change.

Flexible Audit Program

A flexible audit program is one that does not prescribe the exact audit procedure to
be followed by the auditors while conducting an audit. It simply gives an outline of
the scope, nature and limitations of the audit assignment to be conducted. Also, the
nature of work to be performed by each person of the audit staff is not predetermined
under it. The auditors decide most of the things as the work proceeds and the
reliability of procedures and internal control system become known to the auditor.

Thus, it allows the auditor to develop, adapt and modify the program according to the
situation. Also, there is a scope for some initiative by the audit staff if the situation so
requires. However, it is possible that some important audit procedures may not be
followed.

Standardized audit programs

These audit programs are available for many different industries and are used
proactively to help organizations create their own internal compliance
framework and internal audit program.

For example, the International Federation of Accountants publishes financial audit

standards called the International Standards on Auditing. A standardized audit
program is different from a fixed audit program, which is defined as an audit
program that cannot be changed during the course of an audit.

Tailored audit programs

Tailored audit programs incorporate procedures designed to match the needs of the
auditing entity. These programs are customized to reference specific areas, such as
business procedures, financial statements, legal documents and assets. Tailored
programs target specific requirements, letting companies more easily identify
compliance lapses and develop internal controls to offset them.

Compliance audit programs

A compliance audit program outlines how an organization adheres to regulatory

guidelines. The details of these programs vary, depending on whether an
organization is public or private, what kind of data it handles, if it transmits or
stores sensitive financial data and similar factors. Audit programs can be internal
or external audits. Compliance audits are often carried out by an external auditor.

Financial Audits Program

These audits focus on an organisation's financial statements and records and are
typically conducted by external auditors. The purpose of a financial audit is to
provide assurance that an organization's financial statements are accurate and
reliable.

Operational Audits program

These audits focus on the efficiency and effectiveness of an organisation's

operations and processes. They may be conducted by internal or external auditors.

Compliance Audits program

These audits are designed to ensure that an organisation is complying with relevant
laws, regulations, and standards. They may be conducted by internal or external
auditors.

IT Audits program
These audits focus on an organisation's information technology systems and
controls. They may be conducted by internal or external auditors.

Environmental Audits program

These audits evaluate an organisation's environmental performance and

compliance with environmental regulations. They may be conducted by internal or
external auditors.

Quality Audits program

These audits evaluate an organisation's quality management system and assess

whether it meets relevant standards and requirements. They may be conducted by
internal or external auditors

Preparing an audit program

Audit program details are based on an organization's unique needs. Plan
preparation will consider the relevant regulatory deadlines, staff requirements, the
reporting structure and overall goals.

Audit goals take into account how a company will maintain regulatory compliance
using risk assessment and management procedures. The audit program also
includes a timeline detailing when specific aspects of the program take place and
how to prioritize them.

Audit program planning is usually a continual and iterative process. During

planning and development, companies build on lessons learned from previous
audits. They also implement new best practices that alleviate risk and maintain
compliance.

Audit development guidelines and best practices vary by industry. Local and
regional auditing certifications are available, as are internationally recognized
ones, such as the following:
  the Certified Internal Auditor designation offered by the Institute of Internal
Auditors;
 the Certified Information Systems Auditor designation offered by the
Information Systems Audit and Control Association; and
 International Register of Certificated Auditors membership.

TYPES OF AUDIT

Internal audit

Internal audits take place within your business. As the business owner, you initiate
the audit while someone else in your business conducts it.

Businesses that have shareholders or board members may use internal audits as a
way to update them on their business’s finances. And, internal audits are a good
way to check in on financial goals.

Although there are many reasons you may conduct an internal audit, some
common reasons include to:

 Propose improvements
 Monitor effectiveness
 Make sure your business is compliant with laws and regulations
 Review and verify financial information
 Evaluate risk management policies and procedures
 Examine operation processes
2. External audit

An external audit is conducted by a third party, such as an accountant, the IRS, or a

tax agency. The external auditor has no connection to your business (e.g., not an
employee). And, external auditors must follow generally accepted auditing
standards (GAAS).
Like internal audits, the main objective of an external audit is to determine the
accuracy of accounting records.

Investors and lenders typically require external audits to ensure the business’s
financial information and data is accurate and fair.

Audit reports

When your business is audited, external auditors usually give you an audit report.
Audit reports include details of the audit process and what was found. And, the
report includes whether your financial records are accurate, missing information,
or inaccurate.

3. IRS tax audit

IRS tax audits are used to assess the accuracy of your company’s filed tax returns.
Tax auditors look for discrepancies in your business’s tax liabilities to make sure
your company did not overpay or underpay taxes. And, tax auditors review
possible errors on your small business tax return.

Auditors usually conduct IRS audits randomly. IRS audits can be conducted via
mail or through in-person interviews.

4. Financial audit

A financial audit is one of the most common types of audit. Most types of financial
audits are external.

During a financial audit, the auditor analyzes the fairness and accuracy of a
business’s financial statements.

Auditors review transactions, procedures, and balances to conduct a financial audit.

After the audit, the third party usually releases an audit opinion about your
business to lenders, creditors, and investors.

5. Operational audit

Operational audits are similar to internal audits. An operational audit analyzes your
company’s goals, planning processes, procedures, and operation results.
Generally, operational audits are conducted internally. However, an operational
audit can be external.

The goal of an operational audit is to fully evaluate your business’s operations and
determine ways to improve them.

6. Compliance audit

A compliance audit examines your business’s policies and procedures to see if they
comply with internal or external standards.

Compliance audits can help determine whether or not your business is compliant
with paying workers’ compensation or shareholder distributions. And, they can
help determine if your business is compliant with IRS regulations.

7. Information system audit

Information systems audits mostly impact software and IT companies. Business

owners use information system audits to detect issues relating to software
development, data processing, and computer systems.

This type of audit ensures the system provides accurate information to users and
makes sure unauthorized parties do not have access to private data.

Also, IT and non-software businesses should regularly conduct mini cybersecurity

audits to ensure their systems are secure from fraud and hackers.

8. Payroll audit

A payroll audit examines your business’s payroll processes to ensure they are
accurate. When conducting payroll audits, look at different payroll factors, such as
pay rates, wages, tax withholdings, and employee information.

Payroll audits are typically internal. Conducting internal payroll audits helps
prevent possible external audits in the future.

Businesses should conduct internal payroll audits annually to check for errors in
their payroll processes and remain compliant.
9. Pay audit

Pay audits allow you to identify pay discrepancies among your employees.

A pay audit can help you spot unequal pay at your company. During a pay audit,
analyze things like disparities due to race, religion, age, and gender.

Pay audits can also help you ensure workers are paid fairly based on your
business’s industry and location.