Electronic Presentations in Microsoft ® PowerPoint ® Prepared by Brad MacDonald SIAST © 2003 McGraw-Hill Ryerson Limited

Copyright © 2003 McGraw-Hill Ryerson Limited Chapte r A Strategic Systems Approach to the Financial Audit

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter 13 3 Learning Objective 1 Describe the concept of business risk.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter 13 4 Strategic Systems Approach Business risk can be defined as an event or action that will adversely affect an organization’s ability to achieve its business objectives and execute its strategies. –Strategic systems approach (SSA) audit requires the auditor to focus on “auditing the business as management runs it.”

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter 13 5 Strategic Systems Approach Auditor focuses on understanding business risk. –Understand management’s perception of business risk. –Reach an independent conclusion on business risk. Make use of mental models and system thinking. –Second-guess estimates and gain a deeper understanding of business risks.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter 13 6 Learning Objective 2 Discuss how the PA gains an understanding of business risk through strategic analysis and business process analysis.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter 13 7 Analysis of the Business Goal: –To learn about management’s analysis of the risks the business faces and to enable the auditor to determine if management’s analysis identifies all material business risks. –Two parts of business analysis: strategic analysis business process analysis

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter 13 8 Strategic Analysis Auditor begins strategic analysis by gaining an understanding from senior management about key objectives, strategies, and risks. –Objectives – may be profitability and growth –Strategies – the way the organization establishes systems and processes to achieve the objectives at a more detailed level

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter 13 9 Strategic Analysis Determine whether strategies guide lower levels of management of the organization. –Interview other management members. –Determine whether activities in operational units are consistent with senior managements strategies. Deepens understanding of strategies. Identifies gaps between top and middle management.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Strategic Analysis The auditor will assess the completeness of management’s analysis through –independent analysis of the business environment –industry analysis Porter 5 Forces Model/PEST Analysis

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Strategic Analysis Results of strategic analysis: –If management’s analysis is incomplete, discussions can take place, and additional procedures can be planned. –In addition, analysis will prepare the auditor to understand the amounts and relationships between amounts in financial statements suggest certain disclosures that may need to be made

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Business Process Analysis Structured set of activities to produce a specific set of outputs in accordance with the business strategy. –Minimize business risk by designing well thought out business processes. –Business will have a number of processes and sub-processes. The auditor will choose the key sub- processes to examine in detail.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Example: Passenger Airline Company Processes and sub-processes: –Market and sell services. Develop a marketing plan. Form and continue alliances with other airlines. Establish positive customer contact. –Provide transportation services. –Acquire, maintain and manage assets. –Manage safety and risk.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Key Process Selection Auditor will select key strategies according to several factors: –strategic relevance to business’s strategy and objectives –inherent business risk likelihood of risk occurring –control environment reflects the auditors’ assessment of controls for the business

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Key Factors: Questions asked For each key objective the auditor would learn, via enquiry: –process objectives (role) –process activities –classes of accounting transactions and systems employed –process risks –process controls

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Business Process Analysis Results of business process analysis: –If management’s analysis is incomplete, discussions can take place, and additional procedures can be planned. –In addition, analysis will prepare the auditor to understand the amounts and relationships between amounts in financial statements suggest certain disclosures may need to be made

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Learning Objective 3 Describe the types of risk assessment and reduction procedures carried out by an SSA auditor.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Risk Analysis and Reduction Management accepts certain risks from being in business. Other risk factors can be managed in one of four methods. –Avoid risks by not performing business activities that could cause risk. –Reduce risk to an acceptable level via management controls embedded in business processes. –Ignore risks on a cost-benefit basis. –Transfer risk to another party via contract.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Risk Analysis and Reduction The auditor will consider which business risks are high using two factors: likelihood of risk occurrence magnitude of the risk –The two factors are combined to classify risks as low, medium, or high. –The auditor will study controls related to risks classified as high, and test those controls. Good controls may lead to reclassifying risk.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Business Risk Assessment Probable MediumHigh Possible LowMediumHigh Unlikely Low Medium InsignificantModerateSignificant Magnitude of impact Likelihood of occurrence

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Controls and SSA For the SSA auditor, controls are the management control system. –Controls: CICA Criteria of Control Committee: “Those elements of an organization (including its resources, systems, processes, culture, structure and tasks) that, taken together, support people in the achievement of the organization’s objectives”. Broader definition than traditional audit.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Learning Objective 4 Explain how the PA links business risk to audit risk and the nature of the audit evidence acquired.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Business Risk and Audit Risk Audit risk: Risk that the auditor will fail to express a reservation of opinion when the financial statements are misstated. Residual risk: analyzed further –Related to significant classes of accounting transactions. –Consider specific audit objectives (e.g., existence). –Risk the transactions will be misstated as a result of the residual business risk. Additional substantive testing needed.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Learning Objective 5 Relate analysis of business performance to the financial statements.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Business Performance Analysis The SSA auditor considers carefully whether the analysis of business performance is consistent with the performance portrayed in the statements. –considers financial and non-financial performance measures –considers interrelationships of financial and nonfinancial measures

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Financial Performance Key financial ratios –trends over time and considering interrelationships for consistency Review significant accounting policies –benchmark against industry (conservatism of management) –revenue recognition policies Quality of earnings: (replication of earnings)

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Nonfinancial Performance Analyze the relationships among the resources available, processes by which resources are used and ability of the firm to compete in its markets. –Tools for analysis include the balance scorecard and benchmarking the client with others in the industry. –Key part of analysis is determining that resources are used efficiently and effectively.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter 13 28Interrelationships SSA auditor considers whether financial results and nonfinancial performance measures portray the same picture of the business. –Discrepancies should lead to additional substantive procedures.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Learning Objective 6 Describe how an SSA audit complies with GAAS (generally accepted auditing standards).

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter SSA Audit versus GAAS General and examination standards are fully met. –SSA uses a broader definition of internal control than a traditional audit. –Standard audit reports are generated, and no additional reports are issued, so reporting standards are met.

Copyright © 2003 McGraw-Hill Ryerson Limited Chapter Three Generic Strategies (Appendix 13A) Cost Leadership –Lowest cost producer Differentiation –Unique features that customers are willing to pay premium. Focus –Optimize product or service for a narrow segment of the industry.