Audit Exam 2

Internal Control

Process designed to provide reasonable assurance for achieving objectives

Reasonable Assurance

High but not absolute level of assurance

COSO Components

Control Environment, Risk Assessment, Control Activities, Information & Communication, Monitoring

Control Environment

Tone at the top (ethics, integrity, culture)

Risk Assessment

Identifying and analyzing risks

Control Activities

Policies and procedures to reduce risk

Information & Communication

System that provides relevant information

Monitoring

Ongoing evaluation of controls

Audit Risk

Risk of issuing incorrect audit opinion

Audit Risk Formula

AR = IR × CR × DR

Inherent Risk

Risk before considering controls

Control Risk

Risk that controls fail

Detection Risk

Risk auditor fails to detect misstatement

RMM

Inherent Risk + Control Risk

Key Audit Rule

Higher IR/CR → Lower DR → More testing

Fraud Triangle

Pressure, Opportunity, Rationalization

Pressure

Motivation to commit fraud

Opportunity

Ability due to weak controls

Rationalization

Justification of fraud

Most Important Fraud Factor

Opportunity (auditors can control this)

Fraud

Intentional misstatement

Error

Unintentional misstatement

Management Fraud

Intentional financial statement manipulation

Embezzlement

Theft of assets by employee

Lapping

Using later payments to cover earlier theft

Check Kiting

Overstating cash using timing differences

Revenue Cycle

Order, Ship, Bill, Collect

Revenue Risk

Overstatement

Revenue Occurrence

Fake sales recorded

Revenue Completeness

Missing sales

Revenue Cutoff

Sales recorded in wrong period

Revenue Recognition

When goods/services are transferred

Bill and Hold

Recording revenue before delivery

Accounts Receivable (A/R)

Amounts owed by customers

A/R Existence

Receivables are real

A/R Valuation

Collectability of receivables

Allowance for Doubtful Accounts

Estimate of uncollectible A/R

Best Evidence for A/R

Subsequent cash receipts

Confirmations

Third-party verification of balances

A/R Confirmations

Required

Positive Confirmation

Customer must respond

Negative Confirmation

Respond only if incorrect

Alternative Procedures

Used when confirmations not returned

Subsequent Cash Receipts

Strongest alternative evidence

Cutoff

Transactions recorded in correct period

Cutoff Testing

Compare shipping date to invoice date

Cash

Most vulnerable asset

Cash Rule

Always tested

Cutoff Bank Statement

Month after year-end

Proof of Cash

Reconciliation of bank and books

Expenditure Cycle

Requisition, Order, Receive, Record, Pay

Expense Risk

Understatement

Purchase Requisition

Internal request to purchase

Purchase Order

External order to vendor

Receiving Report

Proof goods received

3-Way Match

Purchase Order + Receiving Report + Invoice

Purpose of 3-Way Match

Verify order, receipt, and price

Accounts Payable (A/P)

Liability owed to vendors

A/P Key Assertion

Completeness

A/P Completeness Risk

Missing liabilities

A/P Cutoff

Expenses recorded in wrong period

Search for Unrecorded Liabilities

Procedure to find missing liabilities

Best A/P Test

Review subsequent payments

Expense Recognition

Matching, incurred, allocation

Matching Principle

Match expenses to related revenue

Incurred Expenses

Recognized when they occur

Allocated Expenses

Spread over time (depreciation)

Purchasing Fraud

Fraud in buying goods/services

Kickback

Vendor gives employee money for business

Shell Company

Fake vendor used for fraud

Conflict of Interest

Employee benefits personally

Assertions Overview

Assets → Existence, Liabilities → Completeness, Revenue → Occurrence

Key Differences

Revenue → Overstatement risk, Expenses/A/P → Understatement risk

Audit Stages

Obtain, Plan, Risk, Evidence, Report

Dual-Purpose Test

Test of controls + substantive test

Tests of Controls

Evaluate if controls work

Substantive Procedures

Detect misstatements

Exam Mindset

Auditors look for what is missing (especially liabilities)