CHAPTER 3 Audit Planning, Types of Audit Tests, and Materiality

What are the 3 audit planning phases?

Client acceptance/continuance, preliminary engagement activities, and plan the audit.

What 3 things must a firm consider before accepting a new client?

Whether the firm has the capabilities, meets legal/ethical requirements, and has considered the client’s integrity

What does “capabilities” mean for accepting a client?

The firm has the skills, industry knowledge, staff, specialists, and time to complete the audit.

What does the firm check for legal and ethical requirements?

That it is independent and can accept the client without breaking rules or professional conduct requirements.

What does client integrity include?

Reputation of owners/management, business practices, attitude toward controls/accounting rules, scope limitations, possible illegal activity, and why the previous auditor was not reappointed.

When should continuing client retention be evaluated?

Periodically, near audit completion, or after a significant event.

what issues may cause a firm to reconsider keeping an audit client?

Conflicts over accounting/auditing issues or disputes over fees.

What are the 2 preliminary engagement activities?

Determine the audit engagement team requirements and assess compliance with ethical/independence requirements.

What 3 topics are discussed when establishing an understanding with the entity?

Engagement letter, internal audit function, and audit committee.

What does the engagement letter do?

It formalizes the terms of the audit between the auditor and client.

What should an engagement letter include?

Audit objectives, management’s responsibilities, auditor’s responsibilities, and limitations of the engagement

What extra items may be included in an engagement letter?

Use of specialists/internal auditors, liability limits, additional services, and other service arrangements.

What 3 factors are used to evaluate the reliability of the internal audit function?

Objectivity, competence, and systematic/disciplined approach.

What does objectivity mean for internal audit?

Internal audit is free from bias, conflicts of interest, and undue influence.

What does competence mean for internal audit?

Internal auditors have the training, knowledge, experience, and resources needed to do the work.

What does a systematic and disciplined approach mean?

Internal audit uses proper procedures, documentation, risk assessments, work programs, reporting, and quality control.

What is the audit committee?

A subcommittee of the board of directors that oversees audit-related matters.

What are key audit committee requirements for public companies?

Members must be independent board members, oversee the external auditor, preapprove audit/non-audit services, handle complaints, and have authority to get independent counsel.

Are there specific audit committee requirements for privately held companies?

No specific requirements.

What is the difference between an audit strategy and an audit plan?

Audit strategy = overall approach/resources needed. Audit plan = more detailed steps for conducting the audit effectively and efficiently.

What guides the auditor when preparing the audit plan?

Client acceptance/continuance results, understanding of the entity, and preliminary engagement activities.

What key steps are included in planning the audit?

Assess risks, set materiality, consider specialists/laws/related parties, and document the audit strategy, plan, and programs.

Why does the auditor assess business risks?

To understand the entity, identify risks that could cause material misstatements, and evaluate how the entity responds to those risks.

What does assessing business risks help the auditor determine?

The level of risk of material misstatement in the financial statement accounts.

What are the 3 materiality levels shown?

Overall materiality, tolerable misstatement for accounts, and tolerable misstatement for disclosures.

What does the auditor consider for multilocation or multi-business unit audits?

Which locations/business units to audit and how much audit work is needed based on risk.

How does risk affect audit attention for different locations/business units?

Higher-risk locations or units receive more audit attention and procedures.

Why might an auditor need a specialist?

For complex areas requiring special knowledge, such as IT systems, valuations, taxes, legal issues, or actuarial estimates.

Why are IT specialists often important in audits?

Many audits involve complex information systems that affect financial reporting and internal controls.

What are the two types of illegal acts auditors consider?

Direct and material illegal acts, and indirect and material illegal acts.

What are direct and material illegal acts?

Laws/regulations that directly affect financial statement amounts, such as tax and pension laws.

What are indirect and material illegal acts?

Laws/regulations that may affect the business indirectly, such as environmental or employment violations.

What is the auditor’s responsibility for indirect illegal acts?

Be aware of possible violations and investigate if they come to the auditor’s attention.

Suppose your client was involved in the oil and gas industry. What laws or regulations might be applicable?

Environmental protection laws, health and safety regulations, tax/royalty rules, land-use/Indigenous consultation requirements, and industry-specific energy regulations.

What are warning signs that may indicate violations of laws/regulations?

Regulatory investigations/fines, unusual payments, unauthorized transactions, noncompliance reports, or failure to file/pay taxes or duties.

What types of unusual payments may signal illegal acts?

Excessive commissions, payments for unspecified services, cash payments, cashier’s cheques, or transfers to numbered bank accounts.

What should auditors evaluate about related parties?

Whether related party transactions are properly identified, accounted for, and disclosed.

What should auditors ask management about related parties?

The names, relationships, types of transactions, and reasons for the transactions.

What are sources of information about related parties?

Board minutes, conflict-of-interest statements, financial reports, contracts/side agreements, and unusual transaction agreements.

What are examples of additional value-added services auditors may discuss?

Tax planning, system design/integration, internal reporting, risk assessment, benchmarking, and e-commerce.

What must auditors remember about value-added services for public company audit clients?

They are limited in the consulting services they can provide to avoid independence issues.

What 3 things do auditors document when preparing audit programs?

The nature, timing, and extent of audit tests.

Why do auditors document the audit strategy, audit plan, and audit programs?

To link business risks, controls, and audit risks to the planned audit procedures.

What are the 3 types of audit tests?

Risk assessment procedures, tests of controls, and substantive procedures.

What is the purpose of risk assessment procedures?

To understand the entity, its environment, and internal control.

What is the purpose of tests of controls?

To test whether internal controls are designed and operating effectively.

What is the purpose of substantive procedures?

To detect material misstatements in transactions, account balances, and disclosures.

What are common tests of controls?

Inquiry, inspection, observation, reperformance, and walkthrough.

What is supervision of the audit?

Supervisors tell team members their responsibilities, direct them to report audit issues, and review their work.

What are the 2 types of substantive procedures?

Tests of details and analytical procedures.

What are tests of details?

Tests for errors or fraud in individual transactions, account balances, and disclosures.

What are analytical procedures?

Evaluating financial information by analyzing reasonable relationships between financial and non-financial data.

What are dual-purpose tests?

udit procedures that test both controls and transactions at the same time, often using the same document.

Is materiality black and white?

No. Materiality requires professional judgment.

What are the 3 steps in applying materiality?

Determine overall materiality, determine tolerable misstatement, and evaluate audit findings.

What benchmarks can be used to set overall materiality?

Income before tax, total assets, total revenues, net assets, or total equity.

What is tolerable misstatement?

The portion of planning materiality assigned to an account or class of transactions.

What does the auditor do when evaluating audit findings?

Adds up misstatements, compares them to overall materiality, and decides if adjustments are needed.

Which of the following would an auditor most likely use in determining overall materiality when planning an audit?

A.The anticipated sample size of the planned substantive tests

B.The entity’s income before taxes for the period-to-date (e.g., 6 months)

C.The results of tests of controls

D.The contents of the engagement letter

A.The entity’s income before taxes for the period-to-date (e.g., 6 months)