Assurance Hand Note Professional Stage-Knowledge Level By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM) Assurance

Transcription

1 Assurance 1

2 CONTENTS OF ASSURANCE 01. Preliminary of Assurance: 1.01 Assurance Engagement: 1.02 Key elements of an assurance engagement: 1.03 Levels of assurance 1.04 Objective of an Audit: 1.05 True & Fair 1.06 Why is assurance important? 1.07 Why can assurance never be absolute? 1.08 Professional ethics: 1.09 Basic principle governing of an audit: 1.10 Threats and safeguards: 1.11 Suggestion to improve or safeguard against threat: 1.12 ICAB Code 02. Introduction to internal control 2.01 Internal control System: 2.02 Reasons for internal controls 2.03 Limitations of internal controls 2.04 Components of internal control: 2.05 Audit committee 2.06 Terms of audit committee function: 03. Introduction to Internal Audit 3.01 Internal audit: 3.02 External Audit: 3.03 Differences between internal and external Audit 3.04 What does internal audit do? 04. Audit Appointment: 4.01 Engagement Letter: 4.02 What are the procedures for accepting new engagement? 4.03 The purpose of an engagement letter is to: 4.04 The form and remaining content of audit engagement letters are given below: 05. Planning the assignment 5.01 Audit Planning 5.02 Audit strategy 5.03 Why audit plan is significant? 5.04 Define steps to develop an audit plan including risk assessment procedures, 5.05 Understanding the entity why,what,how 5.06 Professional skepticism 5.07 Analytical procedures 5.08 Possible source of information about the client to perform analytical procedure 5.09 Materially 5.10 Tolerable error 2

3 06. Risk assessment 6.01 Audit risk- Inherent risk, Control risk, Detection risk 6.02 Steps to identifying and assessing the risks 6.03 Significant risks 07. Process of assurance 7.01 Audit evidence 7.02 Tests of controls 7.03 Substantive procedures 7.04 Sufficient appropriate audit evidence 7.05 Procedures for obtaining Audit evidence 7.06 Audit of Accounting Estimates 7.07 Audit sampling 7.08 Statistical sampling 7.09 Non-statistical sampling 7.10 Management Representation 7.11 Management representation as assurance evidence 7.12 When management representation is required Assurance Hand Note 08. Documentation 8.01 Documentation 8.02 Purpose of documentation 8.03 The form and content of working Papers are affected by matters such as: 8.04 The form and contents of Audit working Paper 8.05 Contents of Permanent Audit files 8.06 Contents of current file 8.07 Safe custody, retention, ownership and right of access to documentation 8.08 Importance of confidentiality: 8.09 Security procedures to prevent accidental disclosure of information: 8.10 Where an auditor can disclose information acquired in the course of professional work: 09. Reporting Criteria 9.01 Content of the audit report 9.02 Unqualified report 9.03 Qualified report 9.04 Adverse report 9.05 Disclaimer report 9.06 Level of assurance and the expectations gap 10. Substantive Procedure 11. Revenue System 12. Purchase system 13. Employee costs 3

4 01. Preliminary of Assurance Assurance Hand Note 1.01 Assurance Engagement: An assurance engagement is a practitioner expresses a conclusion designed to enhance confidence of the intended users as well as the responsible party about the result of evaluation of a subject matter against criteria' Key elements of an assurance engagement: 1) Three party relationship: The practitioner (accountant) The intended users The responsible party (Client) 2) A subject matter such as financial statements) 3) Suitable criteria: Standard, practice, policy which is the basis to test whether complied or not. 4) Obtain sufficient appropriate evidence to support the assurance opinion that the user can have confidence that it is reliable. 5) A written report in appropriate form Assurance reports are provided to the intended users in a written form and contain certain specified information so that the user ensures that key information is being given and that the assurance given is clear Levels of assurance a) Reasonable assurance engagement that is A high, but not absolute level of assurance ensures to obtain sufficient and appropriate evidence. b) Limited assurance engagement that sufficiency and appropriateness to obtain evidence is lower level Objective of an Audit: The objective of an audit of financial statements is to enable the auditor to express an opinion whether the financial statements are prepared, in all material respects, in accordance with an applicable financial reporting framework True & Fair True: information is accurate and conforms with reality, not false and conforms with required standards and law. The accounts are correctly take out from the books and records. Fair: information is free from unfairness & bias with compliance expected standards and rules. The accounts should return the business matter of the company's underlying transactions Why is assurance important? a) Independent professional verification given to the users. b) Enhance confidence to the stakeholder c) Enhances the credibility of the financial information. d) Help to prevent errors or frauds and reduce the risk of management bias. e) Where problems exist within information, assurance report draws attention to the deficiencies, so that users know what those deficiencies are Why can assurance never be absolute? Assurance can never be absolute due to assurance providers will never give a certification of absolute correctness due to the limitations set out below: a) Testing is used - the auditors do not oversee the process of the financial statements from start to finish. 4

5 b) Most audit evidence is persuasive rather than conclusive. c) Assurance providers not test every item due to expensive for the responsible party, so a sampling approach is used. d) The client's staff members may collude in fraud that can deliberately hide from the auditor. e) Assurance provision can be subjective and professional judgments have to be made such as what aspects of the subject matter are the most important how much evidence to obtain, etc. f) Assurance providers rely on the responsible party and its staff to provide correct information, which in some cases may be impossible to verify by other means. g) Some items in the subject matter may be estimates due to uncertainly Professional ethics: Accountants require an ethical code because they hold positions of trust and people rely on them. They work in the public interest, which extends beyond clients to people associated with those clients and the general community. ICAB members are subject to ICAB guidance (influenced by IFAC guidance) Basic principle governing of an audit: Integrity: This means that an accountant must be straightforward and honest. It involves fair dealing and truthfulness. Objectivity: This is a state of mind that excludes partiality, unfairness and compromise and that gives fair and neutral consideration to all matters that are relevant to the task in hand. Independence- to ensure the credibility of financial statement to the interested user, it is required to honest assessment and evaluation. To achieve the objective of audit is depend on conducting the audit independently. An auditor is in independent- To develop audit program auditor can apply audit technique and procedure To examine any transaction auditor can excess all books and records and query to any employee. After completion the audit examine auditor can modify the opinion to express Professional competence and due care. A professional accountant has a continuing duty to maintain professional knowledge and skill at the level required to ensure that a client or employer receives competent professional service based on current developments in practice, legislation and techniques. Confidentiality: Client information must be kept confidential unless there is a genuine exception to this requirement. Professional behavior: A professional accountant should comply with relevant laws and regulations and should avoid any action that discredits the profession Threats of Audit: Self interest threat like financial interest, loan and guaranties, overdue fees, high percentage of fees, gifts & hospitality. Self review threat that is tax service, internal audit service, corporate finance etc. Advocacy threat that is legal service, corporate finance service etc. Familiarity threat that is family and personal relationship, recruitment, team members move to employment with client. Intimidation threat that arises when audit team members pressured by client staff due to close business relationship or family and personal relationship or team members move to employment with client. 5

6 Accepting new client without considering ethical issue 1.11 Suggestion to improve or safeguard against threat: Educational training and experience requirements for entry into the profession Continuing professional development requirements Corporate governance regulations Professional standards Professional or regulatory monitoring and disciplinary procedures Involving an additional professional accountant to review the work done or otherwise advise as necessary. Consulting an independent third party, such as a committee of independent directors, a professional regulatory body or another professional accountant Discussing ethical issues with those in charge of client governance 1.12 ICAB Code: The ICAB Code is relevant to professional accountants in all of rheir professional and business activities. ICAB incorporates the IFAC Code of Ethics, but also contains additional rules deemed appropriate by the ICAB. 02. Introduction to internal control 2.01 Internal control: Internal control is the process designed and affected by management, and other personnel to provide reasonable assurance about achievement of entity s objectives with regard to Reliability of financial reporting, Effectiveness and efficiency of operations and Compliance with applicable laws and regulations. And address identified business risks that threaten the achievement of any of these objectives Reasons for internal controls Minimizing company s business risks Ensuring continuing effective operation Ensuring the company complies with relevant laws and regulations 2.03 Limitations of internal controls Expense: A key limitation of controls is that they are expensive that is continual use of the control is more expensive than the cost of the risk arising. Human element: The fact that they are generally relies on humans to operate them. Unusual transactions: Control are generally designed to deal with what normally or routinely happens in a business. But when unusual transaction occur which not fit into the normal routines, standard controls not relevant hence mistakes may be made. Small companies. Small companies generally have fewer employees than larger companies, meaning that there are fewer people to involve in the internal control system as well as due to cost of control owners of company were not interested Components of internal control: Control environment: The control environment includes management functions the attitudes, and actions related the entity's internal control 6

7 Business risk and the entity's risk assessment process Entity's risk assessment process: The process by the management in a business that identifies business risks relevant to financial reporting objectives and decides what actions to take to address those risks Business risk: The risk to the company in its operations. It is risks at all levels of the business. The information system relevant to financial reporting objectives Procedures and records designed to initiate record, process and report entity transactions and to maintain accountability for the related assets, liabilities and equity. Control activities: The policies and procedures that helps and ensure that management directives are carried out. Monitoring of controls: An entity should review its overall control system to ensure that it still meets its objectives, 2.05 Audit committee: A subsection of the board of directors which has a particular interest in the finance and accountant activities of the company Terms of audit committee function: To review integrity of financial statements and formal announcements relating to company's performance To review company's internal financial controls and the company s risk management systems (unless there is a separate risk management committee) To monitor and review the effectiveness of the company's internal audit function (if relevant) To make recommendations to board in relation to the external auditor To monitor the independence of the external auditor To implement policy on the provision of non-audit services by the external auditor 03. Introduction to Internal Audit 3.01 Internal audit: A monitoring activity established within an entity as a service to the entity. Its functions include, examining, evaluating and reporting to management and the directors on the adequacy and effectiveness of components of the accounting and internal control system External Audit: An audit carried out by an external auditor. Remember that the objective of an external audit of financial statements is to enable auditors to express an opinion on whether the financial statements are prepared (in all material respects) in accordance with the applicable financial reporting framework' 3.03 Differences between internal and external Audit Point Internal Audit External Audit Internal audit designed to add An exercise to enable auditors to Reason value and improve an express an opinion on the financial organization s operations. statements Reporting to Internal audit report to the board The external auditors report to the 7

8 Relating to Relationship with the company of directors about financial and audit matters. Internal audit's work relates to the operations of the organization. Internal auditors are employees of the organization. shareholders of a company on financial statements. External audit's work relates to the financial statements. External auditors are independent of the company and its management What does internal audit do? Monitoring the company's overall risk management policy to ensure it operates effectively. Monitoring the strategies implemented to ensure that they continue to operate effectively. Monitoring internal controls. Examining financial and operating information Review of the economy, efficiency and effectiveness of operations Review of compliance with laws, regulations and other external requirements Special investigations, for instance, into suspected fraud 04. Audit Appointment 4.01 Engagement Letter: Engagement letter is a letter sent by the auditor to his client at the time of any new audit. It sets out the terms of the engagement and forms the basis of contract What are the procedures for accepting new engagement? Obtain client s permission to write to the retiring auditor inquiring if there is any professional reason why the appointment should not be accepted. Meet with the client to discuss regarding detail scope of the audit, Send a letter of engagement to the client defining the scope of audit. Obtain acknowledge from client that he received the engagement letter as well as he understood all the terms of the engagement The purpose of an engagement letter is to: a) Define clearly the extent of the audit firm's responsibilities and so minimize the possibility of any misunderstanding between the client and the audit firm. b) Provide written confirmation of the firm's acceptance of the appointment, the scope of the engagement and the form of their report The form and remaining content of audit engagement letters are given below: a) The objective of the audit of financial statements b) Management's responsibility for the financial statements' c) The scope of the audit including reference to applicable legislation, regulations, or Pronouncements of professional bodies to which the auditor adheres' d) The form of any reports or other communication of results of the engagement. e) Unrestricted access to whatever records, documentation and other information is requested in connection with the audit. 8

9 05. Planning the assignment Assurance Hand Note 5.01 Audit Planning An audit plan is more detailed than the strategy and sets out the nature, timing and extent of audit procedures (including risk assessment procedures) in order to obtain sufficient appropriate audit evidence Audit strategy: Is a strategy for the audit, which sets the scope, timing and direction of audit and guides to develop the audit plan Why audit plan is significant? Ensure appropriate attention to important areas of the audit. Identify potential problems and solve them on a timely basis. Assign work to engagement team members properly. directing and supervise to engagement ream members Review of work done by team members Ensure that the audit is properly organized and managed Define steps to develop an audit plan including risk assessment procedures, 01. Understanding the entity s environment: a. General economic factors and industry conditions. b. Important characteristics of the business including business strategies, financial performance and reporting requirements. c. Level of competence of management. 02. Understanding the accounting and internal control systems: a. The accounting policies adopted and changes. b. The effect of new accounting or auditing pronouncements. 03. Risk and materiality: a. The expected assessment of risks of fraud or error and b. Identification of significant audit areas. c. The setting of materiality level. d. The possibility of material misstatements, 04. Nature, time and extend of procedure a. Possible change on specific audit areas. b. The effect of information technology on the audit. 05. Co-ordination, direction, supervision and review: a. The number of locations. b. Staffing requirements Understanding the entity Why? a. To identify and assess the risks of material misstatement in the financial statements. b. To set up the materiality level in the financial statement. c. To enable the auditor to design and perform further audit procedures. What? a. Industry, regulatory and other external factors, b. Nature of the entity, including selection and application of accounting policies. c. Objectives and strategies and relating business risks. d. Evaluate the entity's financial performance. e. Internal control How? 9

10 a. Inquiries of management and others within the entity. b. Analytical procedures c. Observation and inspection. d. Prior period knowledge. e. Discussion among the engagement team regarding material misstatement on the financial statement Professional skepticism: An attitude of professional skepticism means the auditor makes a critical assessment, with a questioning mind, of the validity of audit evidence obtained and is alert to audit evidence that contradicts, 5.07 Analytical procedures: An analytical procedure means evaluation of financial information made by a study of reasonable relationships among both financial and non-financial data. It also includes the investigation regarding fluctuations. The BSA states that, analytical procedures include: The consideration of comparisons with: Comparable information for prior periods Expected results of the entity, from budgets or forecasts. Similar industry information, such as by using ratio analysis determine financial performance, liquidity, solvency and efficiency Possible source of information about the client to perform analytical procedure: Interim financial information Budgets Management accounts Non-financialinformation Bank and cash records VAT returns Board minutes Discussions with the client at the year-end 5.09 Materially: Information is material if its omission or misstatement would reasonably influence the economic decisions of users taken on the basis of the financial statements. Materiality depends on the size of error in the context of its omission or misstatement. Audit Materiality should be considered by the auditor when: Determining the nature, timing and extent of audit procedures; and Evaluating the effect of misstatements Tolerable error: The maximum error that an auditor is prepared to accept in a class of transactions or balances in the financial statements. 10

11 06. Risk assessment 6.01 Audit risk: The risk that the auditors give an inappropriate opinion on the financial statements. Inherent risk: The risk of misstatement that could be material, assuming there were no related internal controls. Control risk: The risk that a material misstatement would not be prevented, detected by the accounting and internal control systems. Detection risk: The risk that the auditors procedures will not detect a misstatement that exists in an account balance or class of transactions that could be material Steps to identifying and assessing the risks Identify risks regarding the process of obtaining an understanding of the entity Define the risks to what can go wrong at the assertion level. Consider whether the risks size that could result in a material misstatement Consider the possibility of the risks causing a material misstatement Significant risks: Risk of fraud Related to recent significant economic, accounting or other development The complexity of the transaction It is a significant transaction with a related party The degree of subjectivity in the financial information It is an unusual transaction 07. Process of assurance 7.01 Audit evidence: All of the information used by the auditor in arriving at the conclusion, on which the audit opinion is based Tests of controls: Audit procedures performed to assess about the effectiveness of controls in preventing, or detecting and correcting material misstatements at the assertion level Substantive procedures: Audit procedures performed to detect material misstatements at the assertion level. They include: Tests of detail of classes of transactions, account balances and disclosures. Substantive analytical procedures Sufficient appropriate audit evidence An auditors should obtain sufficient appropriate audit evidence for able to draw reasonable conclusions to base the audit opinion Sufficiency is the measure of the quantity of audit evidence. Appropriateness is the measure of the quality or reliability of the audit evidence. 11

12 7.05 Procedures for obtaining Audit evidence: Inspection documents: that is examined records and document Inspection of tangible assets: that is physical verification of tangible assets. Observation: observe any process, procedure of entity by the company employee or third party, such as observe inventory counting by company personnel. Inquiry: that is seeking information from knowledgeable person both financial and nonfinancial throughout the entity or outside the entity. Confirmation: that is direct confirmation obtain from third party or bank of accounts balance of specific types of accounts heads such as confirmation of balance of accounts receivable from debtors. Re-calculation: that is mathematical accuracy checking of documents and records. Analytical procedure: Evaluating and comparing financial and/or non-financial data for reasonable relationships and investigating unexpected fluctuations Audit of Accounting Estimates Accounting estimated figures are arises, where the values included in the financial statements are not the result of transactions with third parties but result from judgments made by management. The auditor uses three methods to conduct the audit: Test the process that management used to estimate the figure by Looking at past experience. Checking the calculation Considering if anything this year is likely to have changed the estimate Use an independent estimate Review subsequent events 7.07 Audit sampling: Audit sampling involves the applications of audit procedures to less than 100% of selecting item for test within an account balance or classes of transactions so as to gather sufficient appropriate audit evidence to meet the objectives of the audit procedures Statistical sampling is any approach to sampling that involves random selection of a sample and use of probability theory to evaluate sample results, including measurement of sampling risk Non-statistical sampling is a subjective approach to inference, in that mathematical techniques are not used consistently in determining sample size, selecting the sample, or evaluating sample results Management Representation: A written Representation made by management to the auditor during the course of the audit to confirm certain matter or to support other audit evidence. BSA 580 Management Representations states that an auditor should obtain appropriate representation from management. Management comprises officers (directors and company secretary) and others who perform senior managerial functions Management representation as assurance evidence: General matters: Acknowledges its responsibility for the preparation and fair presentation of the financial statements in accordance with the applicable financial reporting framework and has approved the financial statements. Acknowledges its responsibility for the design and implementation of internal control. 12

13 Believes that the effects of uncorrected misstatements aggregated by the auditors during the audit are immaterial. Audit evidence: Representations relating to responsibility for the financial statements, the auditors may wish to rely on management representations as audit evidence When management representation is required: Seek to confirm audit evidence from sources inside or outside the entity Evaluate whether the representations made by management reasonable and reliable with other audit evidence obtained, including other representations. Consider whether individuals making representations can be expected to well inform on the particular matters. 08. Documentation 8.01 Audit Documentation: Audit documentation (working papers) is the record of procedures performed, relevant evidence obtained and conclusions reached Purpose of documentation: Assist the audit team to plan and perform the audit Assist relevant members of the team for direction and supervise audit. Enable the audit team to be accountable for its work Enable an experienced auditor to carry out quality control reviews Enable an experienced auditor to conduct external inspections in accordance with applicable legal, regulatory or other requirements 8.03 The form and content of working Papers are affected by matters such as: The nature of the audit procedures to be performed The identified risks of material misstatements The level of judgment required in performing the work. The significance of the audit evidence obtained The nature and level of problems identified The audit methodology and tools used 8.04 The form and contents of Audit working Paper Information about understanding the entity and its environment, including internal control. Evidence of the audit planning process Evidence of the auditor's consideration of the work of internal audit Analyses of transactions, balances and significant ratios and trends The assessed risks of material misstatements A record of the nature, timing, extent and results of audit procedures Evidence that the work performed by assistants was supervised and reviewed Copies of communications with other auditors, experts and other third parties Letters of representation received from the entity Copies of the financial statements and auditor s reports Notes of discussions about significant matters with management and others 8.05 Contents of Permanent Audit files: Engagement letters New client questionnaire 13

14 The memorandum and articles of association Other legal documents such as Prospectuses, leases, sales agreements Details of the history of the client's business Board minutes of continuing relevance Previous years signed accounts, analytical procedures and management letters Accounting systems notes, previous years' control questionnaires 8.06 Contents of current file: Financial statements Accounts checklists Management accounts details Reconciliations of management accounts and financial statements A summary of unadjusted errors Report to partner including details of significant events and errors Review notes and it planning memorandum Time budgets and summaries Letter of representation Management letter Notes of board minutes Communications with third parties such as experts or other auditors 8.07 Safe custody, retention, ownership and right of access to documentation Assurance providers should retain documents for a certain period of time. Documents must be kept secure during this period due to confidentiality requirements Working papers belong to the assurance providers The report, once issued, belongs to the client. Assurance providers must keep working papers confidential. They must show working papers to the client at their discretion. They should obtain client permission before showing working papers to third parties Importance of confidentiality: Confidentiality is a fundamental ethical principle. Client information must be kept confidential unless there is a genuine exception to this requirement. Confidentiality is important as it is a key factor in the trust between client and accountant Security procedures to prevent accidental disclosure of information: Do not discuss client matters with any party outside of the accountancy firm (for example, friends and family, even in a general way) as well as with colleagues in a public place Do not leave audit files in cars or in unsecured private residences or to anywhere. Do not remove working papers from the office unless strictly necessary Do not work on electronic working papers on systems that do not have the requisite protection Where an auditor can disclose information acquired in the course of professional work: Consent obtained from the client, employer or other proper source, or There is a public duty to disclose, or There is a legal or professional right or duty to disclose. 14

15 09. Reporting Criteria 9.01 Content of the audit report Title Addressee Introductory paragraph identifying the financial statements audited A statement of management's responsibility for the financial statements A statement of the auditor's responsibly Scope paragraph, including a description of the work performed by the auditor Opinion paragraph containing an expression of opinion on the financial statements Date of the report Auditor's address Auditor's signature 9.02 Unqualified Report: Unqualified opinion should express when auditor understood that financial statement is give a true and fair view or present fairly in all material respect, in accordance with an identified financial reporting framework. Unqualified opinion should indicate any change of accounting principle or method and also properly determine and disclose the effect of financial statement due to the change Qualified Report: The auditor should express qualified opinion when not possible to express unqualified opinion. The matters for express qualified opinion are- The limitation of scope of audit work. Disagreement with the management for acceptability of selection and application method of the accounting policy and the adequacy of the financial statement Adverse Report: The auditor should adverse opinion on the financial statement when disagreement with the management for acceptability of selection and application method of the accounting policy will go in such a manner resultantly financial statement will became an incomplete manner and carry inadequacy for disclose Disclaimer Report: The auditor should express disclaimer opinion when the stage of scope limitation of audit is so high level that the auditor could not possible to obtain sufficient appropriate audit evidence so that the auditor cannot express the audit opinion on the financial statement Level of assurance and the expectations gap The above report is designed to give a reasonable (high) level of assurance. The expectations gap is defined as the difference between the clear public understanding regarding responsibilities of auditors and assurance as per provision. The misunderstanding or expectation gaps are given below: The audited financial statements will give guarantee that the entity will continue to exist. All items in financial statements are tested Auditors will uncover all errors Auditors should detect all fraud The auditors provide absolute assurance that the figures in the financial statements are correct. 15

16 10. Substantive Procedure Assurance Hand Note 01. Non-Current Assets: Key areas when testing tangible non-current assets are: Confirmation of ownership (rights and obligations) Inspection of non-current assets (existence and valuation) Valuation, preferably by third parties (valuation) Adequacy of depreciation rates Key areas when testing intangible non-current assets are: Confirmation that' assets' exist Confirmation of appropriate valuation Key areas when testing investments are: Confirmation of existence Confirmation of ownership Key areas when testing inventory are: Attending an inventory count (existence) Valuation at the lower of cost and net realizable value (valuation) In some cases, confirmation of ownership (rights and obligations) Key areas when testing receivables are: Confirming debt owed by customers with customers (existence, rights and obligations, valuation) Confirming debt is still likely to be collected (valuation) Key areas when testing the balance sheet bank figure are: Confirming bank balances directly with the bank (existence, valuation, right and obligation) Confirming reconciling differences calculated by the client are reasonable (completeness, valuation) Confirming any material cash balances held at the client are correctly stated (valuation) Key areas when testing payable are: Ensuring that all liabilities are included (completeness) Confirming that all liabilities are owed by the company (rights and obligation) Long term liabilities Risks include failure to make correct disclosures and miscalculation of interest. There should be third party evidence from lender. Income statement items A key area when testing income statement item is completeness. 16

17 11. Revenue System Ordering Key Risk Orders taken from customers who not able to Pay Orders taken from customers who pay for a long time Orders not recorded properly so customers lost. Control: Segregation of duties; credit control, invoicing and inventory dispatch. Authorization of credit terms to customers Choose solvent customer Sequential customer order numbering Correct prices quotation given to customers Matching of customer orders with production orders and despatch notes Prompt Customer service. Tests of control: All new receivable accounts have authorized by senior staff on not. Orders accept with credit terms and credit limits Customer order is matched with production orders and despatch notes or not. Despatch and invoicing Key Risk: Goods despatched but not recorded & invoiced so lost to the business Error invoices raised so customer dissatisfaction Invoices wrongly cancelled by credit notes so loss to the business. Control: Authorization of despatch of goods Ensure quantity, quality and condition of delivery goods Recording of all goods outwards on a despatch note Pre-numbering of despatch notes and regular checks Preparation of invoices and credit notes Inventory records updated Regular review matching of sales invoices with despatch notes Test of control: Sales despatch notes information (Quantities, price, discount, Calculation, entry, VAT, Debtors ledger. Inventory records, Numerical sequence of despatch notes, order form. Authorization of special terms. Recording: Key Risk: Sales invoiced, credit notes not properly recorded Sales recorded wrong customer accounts Debts included on receivables ledger that not collectable. Control: Segregation of duties: recording sales, maintaining customer accounts and preparing statements Matching of cash receipts with invoices Regular preparation & checking of trade receivables statements Review and follow-up of overdue accounts Authorization of writing off for bad debts Reconciliation of receivables ledger control account Test of control: 17

18 Sales day book Check entries with invoices and credit notes. Check postings to receivables ledger Receivables ledger Check control accounts regularly reconciled total receivables ledger balances Check that trade receivables statements are prepared and sent out regularly Check overdue accounts have been followed up Check that all bad debts written off have been authorized by management Cash collection: Key Risk: All monies received are recorded All monies received are banked Control: Segregation of duties. 12. Purchase system Ordering: Risks: Unauthorized purchases may made for personal use Goods and services might not obtained on the most advantageous term Control: Segregation of duties: requisition and ordering Quantities and re-order levels Authorization of order forms Pre-numbered order forms Safeguard of blank order forms Monitoring of supplier terms and taking advantage of favorable conditions Test of control: Review list of suppliers and check a sample to orders made Check pre-numbered order forms Check orders are supported by purchase requisition Review security arrangements over blank orders Goods inward and recording of invoices Risk: Goods may misappropriated for private use Goods may accepted that which was not ordered Invoices may not recorded for non-payment The company may not take advantage of full period of credit facility Control: Examination of goods inwards-quality, Quantity, Condition, accuracing of pricing calculation Recording goods in pre-numbered goods received notes Comparison of goods received with purchase orders and suppliers invoices Segregation of duties: accounting and checking functions Regular maintenance of payables ledger Test of control: Check that the item is agreed in origin or brand and size with the work order as well as requisition. Reconcile quantity of item between MRR & Challan and affect made in the bill. Proper approval made in the bill. 18

19 Checking physical existence of goods by physical verification. Payment: Risk False invoices are paid in error Invoices are paid too soon Payment is not correctly recorded Credits are not correctly recorded Payments are not recorded in the right period Control: Cheque and bank transfer payments Cheque and bank transfer requisitions Authority to sign cheques Prompt dispatch of signed cheques Payments recorded promptly In cash book and nominal and payables ledgers Cash payments) Authorization of expenditure Cancellation of vouchers to ensure they cannot be paid twice Limits on payments Rules on cash advances to employees, lous and cheque cashing Test of control: Payments cash book (authorization) Compare with paid cheques to ensure Payee agrees Check that cheques are signed by persons authorized and within their authority limits Check that bank transfer was authorized and initiated by appropriate person Check to suppliers' invoices for goods and services' Verify that supporting documents are signed as having been checked and passed for payment Payments cash book (recording): Check the sequence of cheque numbers and enquire into missing numbers Trace transfers to other bank accounts, Petty cash books Check balances forward at the beginning and end of the months covering the Periods. Check Postings to the Payables ledger 13. Employee costs Calculating wages and salaries Risk: The company may pay employees too much money The company may pay employees who have not been at work The company may pay employees who have left Control: Staffing and segregation of duties Maintenance of personnel records and regular checking of wages and salaries to details in personnel records Proper authorization taken Recording and review of hours worked by timesheets as well as attendance, Recording of advances of pay & Holiday pay arrangements Test of control: Check that the wages and salary summary is approved for payment. 19

20 Check that the engagement of new employees and release has been confirmed in writing. Check calculations of wages and salaries are being checked. For wages, check calculation of gross pay with: - Authorized rates of pay - Production records. See that production bonuses have been authorized and properly calculated - Clock cards, time sheets or other evidence of hours worked. Verify that overtime has been authorized For salaries, verify that gross salaries and bonuses are in accordance with personnel records, and that increases in pay have been properly authorized. Recording of wages and salaries and deductions: Risks: The various elements of pay might not be recorded correctly in the payroll Amounts paid to employees might not be reflected in the cash books Pay might not be recorded correctly in the nominal ledger Controls: Bases for compilation of payroll (for example, clock cards, overtime records, agreed hours) Maintenance of separate employees' previous records Reconciliation of total pay and deductions. Comparison of actual pay totals with budget or standard costs and investigation of differences between them Agreement of gross earnings and total tax deducted with taxation returns. Test of control: Reconciliation of wages and salaries' For wages, there should have been reconciliations with: - The previous week's Payroll - Clock cards/time sheets/job cards - Costing analyses, production budgets The total salaries should reconciled with previous month salary Postings of summary to nominal ledger (including control accounts) Total of net pay column posting into the cash book Auditors should check the calculations of taxation and other deduction to appropriate records Payment of wages and salaries Risks The key risks here are that People who are not employees are paid Employees are not paid. Control: Segregation of duties Authorization of wages payment Custody of cash Recording of distribution Test of control: Check that proper approval taken and calculation review performed before payment Before wages paid compare payroll with wage to ensure all employees get wages. Examine receipts given by employees Check that no employee receives more than one wage packet' 20