A presentation: Ram Mohan Johri Principal Accountant General ( Audit) Himachal Pradesh 1

What are the main reasons for audit planning? - to enable the auditor to obtain sufficient appropriate evidence - to help keep audit costs reasonable - to avoid misunderstandings with the client 2

Audit Planning Addresses the specifics of what, where, who, when and how: What are the audit objectives? Where will the audit be done? (i.e., scope) When will the audit(s) occur? (how long?) Who are the auditors? Who are the initial interviewees? How will the audit be done? 3

Audit Planning Planning is required for :  Selection of Audit team with suitable qualifications and experience.  Assessment of need for specialists.  Determination of probable time period in which audit is to be carried out for better utilisation of audit resources and coordination among constituent elements. 4

Audit ObjectivesTransaction-related 1. Existence 2. Completeness 3. Accuracy 4. Classification 5. Timing 6. Posting and summarization summarization Balance-related 1. Existence 2. Completeness 3. Accuracy 4. Classification 5. Cutoff 6. Detail tie-in 7. Realizable value 8. Rights and obligations 9. Presentation and disclosure disclosure 5

Audit process 6

Stages of an Audit Process 7

2. Obtain an Understanding of the Client and its Environment Perform risk assessment procedures, including Inquiries of management and others within the entity Analytical procedures Observation and inspection relating to client activities, operations, documents, reports and premises. Other procedures, such as inquiries of others outside the company (e.g., legal counsel, valuation experts) and reviewing information from external sources such as analysts, banks, rating organizations, journals. 8

Understanding the Client’s Business— Nature of the Auditee Unit Competitive position Organizational structure Accounting policies and procedures Ownership Capital structure Product and service lines Critical business processes Internal control 9

Understanding the Client’s Business, Industry, Regulatory, and Other Factors Competitive environment Supplier and customer relationships Technology developments Major laws and regulations Economic conditions Attractiveness of the industry Barriers to entry Strength of competitors Bargaining power of suppliers of raw materials and labor Bargaining power of customers 10

Understanding the Client’s Business— Objectives, Strategies & Business Risks Objectives—Overall plans Operating and financial strategies—Operational actions to achieve objectives Business risks—Threats to achieving objectives 11

Understanding the Client’s Business— Measuring and Reviewing Performance Budgets Key performance indicators Variance analysis Segment performance reports Balanced scorecard External parties 12

Understanding the Client’s Business – Internal Control Need knowledge and understanding of how a client’s internal control works: What controls exists Who performs them How various types of transactions are processed and recorded What accounting records and supporting documentation exist 13

Understanding the Client’s Business—Sources of Information Inquiries of management Industry Accounting and Auditing Guides Industry Risk Alerts Trade journals and news stories Government publications Prior company annual reports and SEC filings Prior tax returns Electronic sources e.g. web pages for company Tour of plant and offices Analytical procedures The statement of cash flows and obtaining an understanding of the client 14

Transaction cycles Auditors’ consideration of internal control is often organized around client’s major transaction cycles (examples) Revenue cycle Acquisition cycle Conversion cycle Payroll cycle Investing cycle Financing cycle 15

Determining Materiality Use professional judgment and based on reasonable person Considers both Quantitative and qualitative factors Materiality used in Planning the audit At the overall financial statement level Allocate to individual accounts Evaluating audit findings 16

3. Assess the Risks of Material Misstatement and Design Further Audit Procedures Overall approach What could go wrong? How likely is it that it will go wrong? What are the likely amounts involved? Particularly consider Inherent risks Risks of material misstatement due to fraud (fraud risks) Design further audit procedures 17

Assessing Fraud Risks – Identifying Fraud Risks Considerations in identifying fraud risks  Type  Significance  Likelihood that it will result in a material misstatement  Pervasiveness 18

Assessing Fraud Risks Two types Fraudulent financial reporting (management fraud) Misappropriation of assets (defalcations) Procedures to assess fraud risks Discussion among engagement team Inquiries of management and other personnel Risk assessment analytical procedures (to aid in planning the audit) Considering fraud risk factors Incentives Opportunity Attitude 19

Responding to Fraud Risks Overall response Professional skepticism and audit evidence Assigning personnel and supervision Accounting principles Predictability of auditing procedures Alterations in audit procedures More reliable evidence Shifting timing to year end Increasing sample sizes Response to the possibility of management override Examining journal entries Review accounting estimates for biases Evaluating the business rationale for significant unusual transactions 20

Consideration of Fraud Throughout the Audit Evaluating the results of audit tests Discovery of fraud Communication to appropriate level of management If fraud involves senior management or material misstatement communicate to audit committee 21

Audit Program Systems portion Deals with client’s internal control Evidence of test of controls and assessing control risk Substantive test portion Deals with financial statement account balances Indirect and direct verification of income statement accounts 22

Audit Program Tests of controls and substantive tests of transactions Analytical procedures Tests of details and balances It is convenient to think of the audit program as consisting of the three major classes of tests: 23

Summary of the Audit Process Phase I Plan and design an audit approach. Phase II Perform tests of controls and substantive tests of transactions. Phase III Perform analytical procedures and tests of details of balances. Phase IV Complete the audit and issue an audit report. 24

Summary of the Audit Process: Phase I Perform initial planning. Understand the client’s business and industry. Assess client’s business risk. Perform preliminary analytical procedures. 25

Summary of the Audit Process: Phase I Set materiality and assess acceptable audit risk and inherent risk. Understand internal control and assess control risk. Gather information to assess fraud risks. Develop overall audit plan and audit program. 26

Summary of the Audit Process: Phase II Perform substantive tests of transactions. No Yes Perform tests of controls. Assess likelihood of misstatements in financial statements. Plan to reduce assessed level of control risk? 27

Summary of the Audit Process: Phase III Perform analytical procedures. Perform tests of key items. Perform additional tests of details of balances. LowMedium High or unknown 28

Summary of the Audit Process: Phase IV Review for contingent liabilities. Review for subsequent events. Accumulate final evidence. Evaluate results. Issue audit report. Communicate with audit committee and management. 29

Relationship Between Types of Tests and Evidence Type of Test Procedures for I/C Tests of controls Substantive T.O.T. Analytical procedures Tests of details PhysicalexaminationConfirmation Documentation Observation     Type of Evidence Inquiries of the client          Reperformance Analytical 30

Design Further Audit Procedures Further audit procedures should include Substantive procedures for all relevant assertions Tests of controls when the auditors’ risk assessment includes an expectation that controls are operating effectively, or when substantive procedures alone are not sufficient Procedures should be linked with the assessed risks of material misstatement at the relevant assertion level Overall responses when assessed risks of material misstatement are high Heightened professional skepticism Assigning more experienced staff Assigning staff with specialized skills Providing more supervision 31

Audit Trail A trail of evidence that links source documents, journal entries and ledger entries Auditor may follow the audit trail in either of two directions related to the direction of testing Test for existence or occurrence Test for completeness 32

Direction of Audit Testing 33

Impact of Information Technology on Audit Testing Computer assisted audit techniques (CAATS) may be used to test automated controls or data. Reports produced by IT may be used to test the effectiveness of IT general controls. Program change controls Access controls 34

Variations in Evidence Mix 35

An Example :Objectives of Substantive Programs for Asset Accounts Establish the existence of assets Establish that the company has rights to the assets Establish the completeness of recorded assets Verify the cutoff of transactions Determine the appropriate valuation of the assets and accuracy of related transactions Determine the appropriate financial statement presentation and disclosure of the assets 36

Relationships among Audit Objectives, Risks of Material Misstatement, and Audit Procedures 37

What are working papers? procedures applied information obtained conclusions reached tests performed auditor records of: 38

Working papers Working papers also provide: - a basis for planning the audit - a record of the evidence accumulated and the results of tests - data supporting the audit report Their objective is to aid the auditor in providing reasonable assurance that an adequate audit was conducted in accordance with GAAS. 39

Impact of Audit It is carried out after a period of 3 to 5 years of the conduct of audit. It is done to know whether remedial action has been taken in respect of the deficiencies pointed out in audit. It is done to know the extent to which recommendations have been implemented. It gives useful data about the areas of focus in subsequent audit exercises. Complete the audit exercise and helps to access the extent to which it is meaningful. 40

Thank You 41