Chapter 5 - Audit Evidence and the Technology-Driven Audit 

What is audit evidence? 

• It is the information to which audit procedures are applied, that the auditor uses to draw conclusions upon which the auditor’s opinion and report is based. 

• Audit evidence is gathered in all phases of the audit process and is used to help the auditor make a variety of judgments and conclusions, such as 

  • To accept (or continue with) the client 

  • To plan the audit 

  • To decide where there could be a risk of material misstatement in the financial statements 

  • To develop and perform an appropriate risk response 

  • To conclude the type of audit report 

Types of information used for audit evidence?

• Oral information

  • Oral inquiries made to the accounting staff 

  • Oral inquiries made to external information sources 

• Visual information 

  • The auditor observes a message that appears onscreen for a control restricting access to the IT system 

  • Inventory observed by audit through live bideo steam sent with smart glasses worn by the client representative 

• Paper documents

  • Original sales contract provided by client 

  • Written confirmation was provided by the client’s customer 

• Electronic documents 

  • A scanned version of a sale contract 

  • Electronic confirmation 

• Data 

  • Data stored in the entity's IT system 

  • Data from external information sources ( social media, government agencies) 

• Types of sources?

What are audit procedures? 

• Techniques for collecting and analyzing information to provide audit evidence. 

• How the information is gathered

• The nature of audit producer refers to their purpose and type, which varies according to the objective(s) of the phase in the audit process. 

Purpose of Audit Procedures

• Rist assessment procedures: identify and assess risk 

  • Done during phases of the audit process, to obtain an understanding of the entity and the environment

  • Used for planning the audit, assessing the risk of material misstatement, and developing a risk response 

• Test of Controls: Determine if controls are operating effectively 

  • Auditor may perform tests of internal control policies and processes to determine if effective

• Substantive Tests: Determine if accounts and assertions are fairly stated 

  • Tests of details of balances and transactions, and analytical procedures, linked to specific assertions. 

Persuasive of Audit Evidence

• The auditor must be persuaded that his or her opinion is correct with a high level of assurance. 

• The auditor decides if sufficient and appropriate audit evidence has been collected to be able to draw reasonable conclusions, on the basis that the evidence is persuasive, not conclusive. 

• Sufficient refers to the quality of evidence and is based on: 

  • The extent of audit procedures

  • The different types of audit procedures 

  • The variety of sources 

• Appropriateness refers to the quality of the audit evidence, which depends on 

  • Relevance and reliability of the information used

  • Effectiveness of the designated of audit procedures 

  • Auditotr’s performance of the procedures. 

• The auditor needs to consider all of the evidence factors together, i.e., the combined effects of sufficient and appropriateness in the context of the risk of material misstatement for the audit objective. 

• Part of the evidence-gathering decision is related to the trade-off of the cost of gathering evidence versus its persuasiveness

Evaluating Relevance and Reliability: 

. 

Types of Audit Procedures Commonly Used

• Inspection 

  • The auditor’s examination or count of a tangible  asset, or inspection of a document 

  • Auditor can be physically present or through remote observation tools 

  • Examples 

    • To test a purchasing control, the auditor inspects purchase orders, using manual or automated tools and techniques, for proper authorization before the purchase is made. 

    • The auditor uses automated tools, such as drones or smart glasses, to inspect inventory items, which provides audit evidence that the items exist. 

  • Vouching and Tracing 

    • Voudicning and tracing are not the same thing. 

    • Vouching is the use of documentation to support recorded transactions or amounts. 

    • Tracing is the use of documentation to determine if transactions or amounts are included in the accounting recovers. 

  • Observation 

    • Looking at processes or procedures being performed by others; usually by being physically present or through remote tools. 

    • Example: 

      • As a risk assessment procedure, the auditor may tour a plant, observe what people are doing, and obtain a general impression of a client’s facilities. 

      • As a test of control, the auditor may observe individuals performing accounting tasks to determine whether the persons responsible are performing them. 

  • Confirmation 

    • External: The auditor requests a direct response from a third party; must be controlled fully by the auditor. 

    • Example: 

      • Bank accounts and bank facilities with the bank 

      • Account balances, such as accounts receivables and accounts payable 

      • Terms of agreements or transactions with third parties 

  • Recalculation 

    • Checking the mathematical accuracy of information prepared by the client. 

    • Example: 

      • As a test of detail, check the mathematical accuracy of sales invoices. 

      • As a test of detail, check the calculator of amortization expense. 

  • Reperformance 

    • Independently executing procedures or controls that were performed by the client’s internal control system. 

    • Example: 

      • A control test compares the price of an invoice to an approved price list. 

      • A control test, reperformance the reconciliation of accounts payable at year-end, by matching the creditor’s statement to the transactions in the underlying accounting records. 

  • Inquiry 

    • Obtaining information from knowledgeable people within the entity or outside the entity. 

    • May range from formal written inquiries to informal oral inquiries. 

    • Inquiry alone does not provide sufficient appropriate audit evidence of the absence of a material misstatement or the operating effectiveness of controls. 

    • It is normally necessary to obtain corroborating evidence through produces. 

  • Analytical Procedures

    • Evaluation of information through plausible relationships among data, investigation of fluctuations or relationships that are inconsistent with other relevant information. 

Design Analytical procedures

• Evaluations of financial information are done through analysis of plausible relationships among economic and nonfinancial data. 

• Analytical procedures can be performed at any time during engagement. 

  • Rist assessment as part of planning the audit 

  • Substantive analytical procedures (SAP) can support account balances 

  • Final overall analytical review for completing the audit, as a final “objective look” 

Common Types of Analytical Procedures

• Trend analysis 

  • Analysis of changes in accounts over time, to identify variances and unexpected differences. 

• Ratio analysis (Common Financial Ratios) 

  • Comparison across time or to a prior year, budget, or industry average, to examine relationships between financial statement accounts and between an account and non-financial data 

• Reasonableness testing 

  • Analysis of accounts or changes in accounts between accounting periods, by calculating the expected balance for comparison with the actual balance.  

Using Analytical Procedures as Substantive Tests 

• The degree of precisions of the analytical procedures is dependent on various factors such as: 

  • Disaggregation of data, 

  • Data reliability 

  • Plausibility and predictability of relationship 

  • The type of analytical procedure. 

Use of Automated Tools and Techniques (ATTs) 

• ATTs can improve the efficiency and effectiveness of an audit by 

  • Saving time 

  • Improving the quality of audit evidence by analyzing entire data sets and increasing the information sources 

    • Allows auditors to obtain deeper insights, focus on exceptions and outliers, identify unusual trends 

  • Increase the information sources available for use. 

Audit Data Analytics (ADAs)

• Advances in audit-related technologies are providing opportunities for auditors to apply audit data analytics (ADAs) to obtain and evaluate audit evidence. 

• Audit data analytics is the science and art of discovering and analyzing patterns, identifying anomalies, and extracting other useful information in data underlying or related to the subject matter of an audit through analysis, modelling and visualization for planning or performing the audit.  

Use of Emerging Technologies 

• AI allows computers to perform routine, repetitive processes and begin to learn or develop “intelligence” that allows them to recognize patterns and take actions automatically. 

• Types of AI being used in an audit context

  • Machine learning: use of algorithms to ‘learn’ from data 

  • Textual analysis: assess, summarize, and analyze existing text in documents 

  • Predictive analysis: assist in predicting outcomes, determining expectations

• Smartphones are often used for inventory count procedures or inventory observation. 

• Drones can be helpful with inspections 

• Robotics can perform repetitive activities. 

• Bots can be programmed to automate processes such as data entry and manipulation tasks.

• There are many challenges that ATTs bring forward, such as analyzing historically biased data, client confidentiality, and over-reliance on auditors. 

Purposes of Audit Documentation 

• Audit documentation is the written or electronic record of risk assessments, procedures or tests performed, information obtained and conclusions reached. 

  • Support was retained for anything we examined or performed in the audit. 

• Audit documentation is prepared and kept 

  • As a basis for planning the audit 

  • As a record of the evidence accumulated and the results of the tests 

  • To provide support for determining the proper type of auditor’s report 

  • Basis for review by supervisory personnel 

Contents and Organization 

• The two main types of files held for each client are the permanent files and current files. 

  • The permanent files contain data of a historical or continuing pertinent to the current audit. These files provide a convenient source of information about the audit that is of continuing interest from year to year. 

  • The current files include all audit documentation applicable to only the year under audit. There is one set of permanent files for the client and a set of current files for each year’s audit. 

Preparation of Working Papers

• Working papers should have certain characteristics: 

  • Each working paper should be properly identified with such information as the client’s name, the period covered, a description of the contents, the name of the preparer, the date of preparation and an index code. 

  • Working papers should be indexed and cross-referenced to aid in organizing and filing. 

  • Completed work must clearly indicate the audit work performed. 

  • Each working paper should include enough information to fulfill the objectives for which it was designed. 

Ownership of Working Papers

• The working papers prepared during the engagement, including those prepared by the client for the auditor, are the property of the auditor. 

• Unless subpoenaed by the court or through a disciplinary proceeding or practice inspection, no others have a legal right to examine the working paper. 

Confienditaly of Working Papers

• The rules of conduct of the professional accounting bodies require their members not to disclose any confidential information obtained in the course of a professional engagement expect with the consent of the client or when required by the courts or by the professional accounting associations.