Академический Документы
Профессиональный Документы
Культура Документы
Phase-2. Obtain an Understanding of the Client and Its Environment [Including Internal Control]
Auditors must attain a sufficient background to assess the risk of material misstatement of the financial statements and to design the nature, timing, and extent of further audit procedures. Risk assessment procedures are used here and include inquiries of management and others within the entity, analytical procedures, observation and inspection, and other procedures. Obtaining an understanding of the nature of internal control is an essential part of this understanding, as it allows the auditor to identify areas that may be misstated and to design other procedures based on characteristics of the existing system.
Risk assessment provides the auditors with evidence on potential risks of material misstatement. The risks of material misstatement are composed of inherent and control risks for relevant assertions. Inherent risk is the susceptibility of a relevant assertion to material misstatement, assuming that there are no related controls. Inherent risk arises for a variety of reasons including the business risk faced by management, the possibility of material misstatement due to fraud, and significant measurement uncertainty in accounting estimates and in non-routine transactions. Control risk is the risk that a material misstatement could occur in a relevant assertion and not be prevented or detected on a timely basis by the entitys internal control.
After analyzing the design and implementation of internal control, the auditors must decide whether the system appears adequate to prevent or detect and correct material misstatements. For example, if the auditors believe that internal control is weak for an important area (that is, control risk is high), they will assess the risk of material misstatement as high. On the other hand, if the system seems capable of preventing or detecting and correcting misstatements, the auditors may conclude that internal control may be strong. But in this case they must determine that it is strong by performing tests of controls. Based on the assessed risks of misstatement for various transactions, account balances, and disclosures, and on various requirements to perform certain audit procedures regardless of the individual company risk assessment, the auditors will design and perform further audit procedurestests of controls and substantive procedures.
Substantive proceduresAnalytical procedures. Analytical procedures used as substantive procedures are used to obtain evidential matter about particular assertions related to account balances or classes of transactions. In these tests auditors gather evidence about relationships among various accounting and non-accounting data such as industry and economic information. When unexpected changes occur (or expected changes do not occur) in these relationships, an auditor obtains an explanation and investigates. Substantive proceduresTests of details of account balances, transactions and disclosures. The objective of these tests is to detect misstatements in the financial statementsmore specifically, misstatements of relevant assertions relating to transactions, account balances, and disclosures. The details supporting financial statement accounts are tested to obtain assurance that material misstatements do not exist. Sending confirmations for year-end receivable accounts is an example of a substantive test of details.