FINANCIAL AUDIT METHODOLOGY PETER CARLILL UK NATIONAL AUDIT OFFICE

ROLE OF NAO To provide independent information, assurance and advice to Parliament on the use of public resources To help promote better financial management and value for money Our role

BODIES AUDITED C&AG audits: 600+ financial statements covering £456 billion Revenue of £337 billion Assets worth £203 billion Long term\liabilities of £37 billion

FINANCIAL AUDIT Audit Opinions Reports on Accounts Advice and guidance

PERFORMANCE AUDIT How well Government policy is delivered In particular: –Economy –Efficiency –Effectiveness

IMPACT Savings of over £8 every £1 spent by the NAO £1.4 BILLION saved over the last three years Over 90 PER CENT of PAC recommendations accepted

WHY HAVE A METHODOLOGY? Ensures Auditing Standards are applied Ensures consistency across the NAO (600+ accounts) Helps achieve a quantifiable level of assurance (95% confidence level)

UNDERSTANDING THE BUSINESS AUDITING STANDARD In performing an audit of financial statements, the auditor should have or obtain a knowledge of the business sufficient to enable the auditor to identify and understand the events, transactions and practices that, in the auditor’s’ judgement, may have a significant effect on the financial statements.

UNDERSTANDING THE BUSINESS THREE AREAS TO CONSIDER: Ministry’s external environment Legislative framework Overall control environment within the Ministry

UNDERSTANDING THE BUSINESS AUDITING STANDARD The auditor should apply analytical procedures at the planning stage to assist in understanding the business and in identifying areas of potential risk.

MATERIALITY AUDITING STANDARD Materiality should be considered by the auditor when: a) determining the nature, timing and extent of audit procedures and b) evaluating the effect of misstatements

MATERIALITY An audit needs to be planned and conducted so as to provide reasonable assurance that the financial statements are free from material misstatement. A matter is considered material if its omission, concealment or misstatement could influence the decisions of users of the financial statements that were taken on the basis of the financial statements.

MATERIALITY Usually a percentage (0.5% - 2%) of: Gross Assets Gross Expenditure Income Or, if applicable: Profit (5-10%)

MATERIALITY BUT: Some items can be material because of their sensitivity or by their context, even though they may be small in value.

USE OF MATERIALITY Determines our audit approach to different account areas Helps us conclude on the extent of errors found

IDENTIFY MATERIAL RISKS Normal risk is present where transactions are systematically processed, where the management and control environment is good and where the nature of the transactions themselves does not lead to an increased risk of error. In case of normal risk we can reduce the scope of audit procedures; High risk is present in any account area where the above characteristics do not apply. In case of high risk, we take all the assurance we require from substantive and controls testing.

RISKS ENTITY RISK ACCOUNT AREA RISK

RISKS Plot on the Risk Mapping Diagram: 1. Computer crash leading to loss of all accounting records 2. Failure to estimate useful lives of PCs leading to incorrect depreciation charges 3. Risk of error in social security payments because of highly complex regulations and frequent changes of staff (Ministry’s only activity)

AREAS OF HIGH RISK DETERMINE MINISTRY’S RESPONSE TO THE RISK (IN TERMS OF ADDITIONAL CONTROLS OR SUPERVISION) ASSESS THE RESIDUAL RISK AND AUDIT PROCEDURES PROPOSED IN RESPONSE

AUDIT PROCEDURES: CONCEPT AND DECISION TREE 9 The Decision Tree The Decision Tree provides a framework to determine the audit procedures to be used for each area of the account. The starting point is our assessment of risk for the entity as a whole and for individual account areas. Where we have identified risks of material misstatement we should look to test controls that have been identified as mitigating the risks. Where we have identified no risks of material misstatement we should still look to test controls relevant to the account area to provide the majority of audit assurance. Beyond controls testing the balance of assurance will come from substantive procedures, including analytical procedures (AP’s). * If the account area/balance being audited is not material it may be sufficient to rely on an overall review of outtum only, without testing controls.

UNDERTAKING THE AUDIT ANALYTICAL PROCEDURES RELINCE ON OTHERS CONTROLS TESTING TRANSACTION TESTING

ANALTYCIAL PROCEDURES COMPARATIVE PREDICTIVE TEST/MODELLING

RELIANCE INTERNAL AUDIT OTHER AUDITORS OTHER SPECIALISTS (eg BUILDING VALUATIONS)

ASSURANCE FROM CONTROLS AUDITING STANDARDS The auditor, in determining the extent and scope of the audit, should study and evaluate the reliability of internal controls. The auditor should obtain an understanding of the accounting and internal control systems sufficient to plan the audit and develop an effective audit approach.

CONTROLS HIGH LEVEL controls are those which affect > 1 transaction. For example: Reconciliations Regular monitoring Exception reports

CONTROLS Assurance through: Re-performance Examination Enquiry Observation

TRANSACTION TESTING Transaction testing is expensive, therefore use other methods first to reduce the numbers required. Can use: Statistical sampling Stratified sampling Judgemental sampling But beware of sample sizes too low or too high

EVALUATE RESULTS Errors < materiality Errors> materiality

REPORT RESULTS