US U.S. AAM vs. DTTL AAM A Refresher Deloitte Touche Tohmatsu

Similar documents
US Inspection Findings and Internal Control Methodology Changes

Navigating the PCAOB s and SEC s internal control expectations A discussion. June 2015

Auditing Standards and Practices Council

Comparison of the PCAOB s Auditing Standards No. 5 and No. 2 (Certain key differences are highlighted by underlining)

THE AUDITOR S RESPONSES TO ASSESSED RISKS SRI LANKA AUDITING STANDARD 330 THE AUDITOR S RESPONSES TO ASSESSED RISKS

INTERNATIONAL STANDARD ON AUDITING 500 AUDIT EVIDENCE CONTENTS

IAASB CAG Public Session (March 2018) CONFORMING AND CONSEQUENTIAL AMENDMENTS ARISING FROM DRAFT PROPOSED ISA 540 (REVISED) 1

The Auditor s Responses to Assessed Risks

IAASB Main Agenda (March 2005) Page Agenda Item 12-C

International Standard on Auditing (Ireland) 500 Audit Evidence

Auditing and Assurance Standards Council

Audit Evidence. ISA 500 Issued December International Standard on Auditing

IAASB Main Agenda (March 2019) Agenda Item

CPA REVIEW SCHOOL OF THE PHILIPPINES M a n i l a AUDITING THEORY AUDIT PLANNING

Special Considerations Audits of Group Financial Statements (Including the Work of Component Auditors)

Scope of this SA Effective Date Objective Definitions Sufficient Appropriate Audit Evidence... 6

Evaluating Internal Controls

An Examination of an Entity s Internal Control Over Financial Reporting That Is Integrated With an Audit of Its Financial Statements

AUDIT TECHNIQUES---SA 500

AT Assertions, Audit Procedures and Audit Evidence Red Sirug Page 1

Audit Evidence. SSA 500, Audit Evidence superseded the SSA of the same title in September 2009.

International Standard on Auditing (UK and Ireland) 500

ISA 500. Issued March 2009; updated June International Standard on Auditing. Audit Evidence

STATEMENT OF AUDITING STANDARDS 500 AUDIT EVIDENCE

Chapter 06. Audit Planning, Understanding the Client, Assessing Risks, and Responding. McGraw-Hill/Irwin

CPA REVIEW SCHOOL OF THE PHILIPPINES M a n i l a. AUDITING THEORY Risk Assessment and Response to Assessed Risks

Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained

Audit Evidence. HKSA 500 Issued July 2009; revised July 2010, May 2013, February 2015, August 2015, June 2017

International Auditing and Assurance Standards Board ISA 500. April International Standard on Auditing. Audit Evidence

Internal controls over Financial Reporting Key concepts. Presentation by Jayesh Gandhi at WIRC

Institute of Chartered Accountants of India. Standards on Auditing

Chapter 16. Auditing Operations and Completing the Audit. McGraw-Hill/Irwin. Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

SRI LANKA AUDITING STANDARD 600 SPECIAL CONSIDERATIONS AUDITS OF GROUP FINANCIAL STATEMENTS (INCLUDING THE WORK OF COMPONENT AUDITORS) CONTENTS

An Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements

An Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements

Auditing and Assurance Standards Council

Audit Workshop Part 2 12 December 2009

CLIENT ALERT: INTERNAL CONTROL OVER FINANCIAL REPORTING

Audit Evidence This section is effective for audits of financial statements for periods ending on or after December 15, 2012.

STAFF QUESTIONS AND ANSWERS

International Standard on Auditing (UK) 600 (Revised June 2016)

Audit Practice Introduced by HKSA (HKSA 315 and 330) 1 February 2008

FREQUENTLY ASKED QUESTIONS ABOUT INTERNAL CONTROL OVER FINANCIAL REPORTING

IAASB Main Agenda (June 2008) Page Agenda Item

IAASB Main Agenda (December 2004) Page Agenda Item

Reporting on Pro Forma Financial Information

COSO 2013: Updated internal control framework

INTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT CONTENTS

Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment

Report on Inspection of Deloitte LLP (Headquartered in Toronto, Canada) Public Company Accounting Oversight Board

Business development companies

Auditing Standards and Practices Council

Audit & Assurance Update January 16, In This Issue. Background. Background. Key Provisions of the Estimates Standard

Report on Inspection of PricewaterhouseCoopers Audit (Headquartered in Neuilly-Sur-Seine, French Republic)

The Auditor s Consideration of the Internal Audit Function in an Audit of Financial Statements

Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement

IAASB Main Agenda (September 2004) Page Agenda Item PROPOSED REVISED INTERNATIONAL STANDARD ON AUDITING 540

Auditing Standards and Practices Council

Report on Inspection of KPMG AG Wirtschaftspruefungsgesellschaft (Headquartered in Berlin, Federal Republic of Germany)

Mapping of Original ISA 315 to New ISA 315 s Standards and Application Material (AM) Agenda Item 2-C

Chapter 18. Integrated Audits of Public Companies. McGraw-Hill/Irwin. Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

After completing this Session, you should be able to answer the following questions:

INTERNATIONAL STANDARD ON AUDITING (NEW ZEALAND) 500

November 21, Office of the Secretary Public Company Accounting Oversight Board 1666 K Street, N.W. Washington, D.C.

SARBANES-OXLEY COMPLIANCE MANAGING CHANGING EXPECTATIONS January 20, 2017

International Standard on Auditing (Ireland) 315

SECTION A CASE QUESTIONS (Total: 50 marks)

International Standard on Auditing (UK) 315 (Revised June 2016)

February 23, Office of the Secretary Public Company Accounting Oversight Board 1666 K Street, N.W. Washington, D.C.

Audit Quality Assurance workshop Audit Planning by: CPA Steve Obock Associate Director- KPMG Kenya March 2017

Halton Community Housing Corporation Audit Findings Report For the year ended December 31, 2016

2016 INSPECTION OF BHARAT PARIKH & ASSOCIATES CHARTERED ACCOUNTANTS. Preface

(Effective for audits of financial statements for periods ending on or after December 15, 2013) CONTENTS

Analytical Procedures

Report on Inspection of KPMG Auditores Consultores Ltda. (Headquartered in Santiago, Republic of Chile)

International Standard on Auditing (Ireland) 402 Audit Considerations Relating to an Entity using a Service Organisation

AN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS: GUIDANCE FOR AUDITORS OF SMALLER PUBLIC COMPANIES

PLEASE complete #1-25 on your green scantron and the rest of them in your blue book.

Report on Inspection of Crowe Horwath LLP (Headquartered in Chicago, Illinois) Public Company Accounting Oversight Board

Characteristics of Audit Sampling 7

VERSION #1 WRITE ON YOUR SCANTRON!!!

IAASB Main Agenda (March 2016) Agenda Item. Initial Discussion on the IAASB s Future Project Related to ISA 315 (Revised) 1

XBRL + Blockchain + AI/Machine Learning = Continuous Audit Tool. Eric E. Cohen Auditchain Member, XBRL US; guest of XBRL Europe

McGraw-Hill/Irwin. Copyright 2013 by The McGraw-Hill Companies, Inc. All rights reserved.

2013 PUBLIC ENTITIES OVERVIEW FOR KNOWLEDGE COACH USERS

B S R & Co. LLP. Reporting on Internal. Reporting An Overview. Sarbanes Oxley Act (SOX) 28 December 2013

By CPA Alfred Lagat Tullon Audit Consulting Ltd 11 th August 2015

WATCH WORDS FROM THE PEER REVIEW PROCESS

Testing Goodwill for Impairment: Overview and Implications of Recent Changes to ASC

Does Your Report Pass Muster in a BV Audit?

covered member immediate family impaired not a covered member close relative not impaired

Avon Maitland District School Board

FOR SELECTED ITEMS (Effective for all audits relating to accounting periods beginning on or after April 1, 2010)

Chapter 8. Planning and Testing Operating Effectiveness of Internal Control over Financial Reporting. Prepared by Richard J.

Chapter 7. Auditing Internal Control over Financial Reporting. Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

VERSION #1 PLEASE WRITE ON YOUR SCANTRON

Memo. Date: October 2018 INTRODUCTION

Minneapolis Public Schools Special School District No. 1 Minneapolis, Minnesota. Communications Letter of the Student Activity Accounts.

IAASB Main Agenda (December 2008) Page Agenda Item

Mapping Document AU Section 322 to Clarified Statement on Auditing Standards Using the Work of Internal Auditors

Transcription:

US 500-12 U.S. AAM vs. DTTL AAM A Refresher 2008 Deloitte Touche Tohmatsu

Objectives Participants will refresh their knowledge on: Applying the AICPA and the PCAOB Standards. Utilizing the U.S. Audit Approach Manual and other guidance to locate the requirements specific to standards of the AICPA or PCAOB. Planning an audit in accordance with the standards of the AICPA or PCAOB. Conducting an audit of internal control over financial reporting in accordance with the standards of the AICPA or PCAOB. Locating and using resources to support conducting an integrated audit. 2

U.S. AAM Refresher 3

Engagement letters A properly executed engagement letter shall be obtained for all engagements, including all necessary signatures, before beginning significant portions of fieldwork. The illustrative engagement letters contained in INFORM within the U.S. Technical Library shall be used when preparing an engagement letter. <U.S. Audit Approach Manual Process - 1400.04a and 1400.04c, emphasis added> 4

Engagement letters which form? Which U.S. illustrative engagement letter form would be applicable for the audit of a non-accelerated filer (i.e., an issuer that is not required to have an integrated audit)? FORM 1310SP-FS, IILLUSTRATIVE FINANCIAL STATEMENT AUDIT ENGAGEMENT LETTER PUBLIC ENTITY 5

Engagement letters which form? Which U.S. illustrative engagement letter form would be applicable for an integrated audit of a public entity? FORM 1310SP, IILLUSTRATIVE INTEGRATED AUDIT ENGAGEMENT LETTER PUBLIC ENTITY 6

Materiality If we are performing an integrated audit, is the determination of materiality different for a financial statement audit and the audit of internal control over financial reporting? No. If we are performing an integrated audit, we shall use the same materiality used to audit the financial statements in planning and performing our audit of internal control over financial reporting. <U.S. Audit Approach Manual 2210.01b, emphasis added> 7

Materiality Benchmark Profit before tax from continuing operations Typically what users of the financial statements focus on Determination of Materiality Typically 5%-10% of estimated profit before tax Engagement partner may use professional judgment to determine use of other percentages <based on DTTL Audit Approach Manual 2210.10> 8

Performance materiality For audits of SEC listed entities, for purposes of determining the amount to be deducted from materiality to arrive at performance materiality, we shall use the greater of the amounts determined using the iron curtain approach and the approach in U.S. AAM 2220.05. <U.S. Audit Approach Manual 2220.05b, emphasis added> 9

Iron Curtain approach The iron curtain approach quantifies a misstatement based on the effects of correcting the misstatement existing in the balance sheet at the end of the current year, irrespective of the misstatement s year(s) of origination. <Based on U.S. Audit Approach Manual Glossary> 10

Rollover approach Under the rollover approach, uncorrected misstatements include those that have an impact on net income and include the current period carryover effects of misstatements identified in prior periods <U.S. Audit Approach Manual Glossary> 11

Rollover vs. Iron Curtain example Assume that in 20X2, Registrant A began over-accruing a liability each year by $20. Therefore, at the end of 20X6, liabilities are overstated by $100. The $20 annual over-accrual was not considered material to any of the individual prior period financial statements. In 20X6, should the registrant evaluate the error in the current year as a $100 overstatement of liabilities (iron curtain approach), or as a $20 overstatement of expenses (rollover approach)? 12

Rollover vs. Iron Curtain example 20x6 Iron Curtain A 20x6 Rollover B Overstatement of expenses $ 20 $ 20 Entry to adjust (100) (20) Understatement of expenses (as adjusted) $ (80) $ Overstatement of liabilities $ 100 $ 100 Entry to adjust (100) (20) Overstatement of liabilities (as adjusted) $ $ 80 A Under the Iron Curtain approach, after the adjustment, entries will be correct but expenses will be understated by $80. 13 B

Rollover vs. Iron Curtain example: Solution In 20X6, should the registrant evaluate the error in the current year as a $100 overstatement of liabilities (iron curtain approach), or as a $20 overstatement of expenses (rollover approach)? Evaluate the errors using both approaches and adjust the Financial statements if either approach results in quantifying a misstatement that is material. The 100 overstatement in 2006 under the iron curtain approach is material, thus the FS should be adjusted. The 80 understatement of expenses is also material for 2006, thus prior year FS should be corrected regardless of materiality for those years. 14

Develop overall audit strategy and audit plan for group audits AICPA and PCAOB audits When an entity has components, the group engagement team is required to identify material classes of transactions, account balances, and disclosures and their relevant assertions based on the consolidated financial statements <U.S. Audit Approach Manual G860.01b and 2250.02a> The group engagement team is required to determine the extent to which audit procedures should be performed at selected components to obtain sufficient appropriate audit evidence to obtain reasonable assurance about whether the group financial statements are free of material misstatement. Note: This includes determining the components at which to perform audit procedures, as well as the nature, timing, and extent of the procedures to be performed at those individual components. In determining the components at which to perform audit procedures, the group engagement team is required to assess the risks of material misstatement to the group financial statements associated with the component and correlate the amount of audit attention devoted to the component with the degree of risk of material misstatement associated with that component. <U.S. Audit Approach Manual G860.01c> 15

Develop overall audit strategy and audit plan for group audits AICPA and PCAOB audits Consider these factors when assessing the risks of material misstatement associated with a particular component and the determination of the necessary audit procedures: The nature and amount of assets, liabilities, and transactions executed at the component The materiality of the component The risks associated with the component that present a reasonable possibility of material misstatement to the group financial statements Whether the risks of material misstatement associated with the component apply to other components such that, in combination, they present a reasonable possibility of material misstatements to the group financial statements The degree of centralization of records or information processing The effectiveness of the control environment, particularly with respect to management s control over the exercise of authority delegated to others and its ability to effectively supervise activities at the component The frequency, timing, and scope of monitoring activities by the entity or others at the component Whether significant changes have occurred during the period under audit The length of time since a particular component was last selected and the results of the audit procedures performed. <U.S. Audit Approach Manual G860.01d> 16

Scope the group audit AICPA and PCAOB audits Determine whether there is a reasonable possibility of material misstatement in the residual balance of a consolidated material balance In order to determine whether our audit plan is sufficient, it is important to evaluate whether our plan will allow us to conclude that we have obtained sufficient appropriate audit evidence to obtain reasonable assurance about whether the group financial statements are free of material misstatement. As such, the group engagement team is required to evaluate whether the portion of each material balance at the group level * for which no substantive procedures are planned at the group or component level (i.e., the residual balance of the material balance at the group level) presents a reasonable possibility of material misstatement to the group financial statements. *Material balances at the group level include income statement and balance sheet accounts that are material to the group financial statements, considering both quantitative and qualitative factors <U.S. Audit Approach Manual G860.02g> 17

Scope the group audit AICPA and PCAOB audits Example: The group engagement team s planned scope is as follows Horizontal scoping : Subjected to Substantive Procedures in the CY Residual Balance Cash 79% 21% Accounts Receivable 70% 30% Other Current Assets 77% 23% Goodwill 100% 0 Significant Components Residual Balance - Consolidated Material Account Balances Assets Total Balance at Significant Components % of balance tested at significant components U.S. 3 EMEA 1 EMEA 3 APAC Total % Remaining Cash $9,180,733 79% $492,000 $264,000 $700,000 $980,820 $2,436,820 21% Accounts Receivable 6,073,946 70% 800,000 800,000 1,000,000 2,600,000 30% Other Current Assets 630,000 77% 50,000 40,000 100,000 190,000 23% Goodwill 20,970,022 100% 0% 18

Scope the group audit AICPA and PCAOB audits Determine whether there is a reasonable possibility of material misstatement in the residual balance of a consolidated material balance (continued) Considerations (AS 9.12 and G860.01d): The nature and amount of assets, liabilities and transactions executed at the component The materiality of the component The risks associated with the component that present a reasonable possibility of material misstatement to the group financial statements Whether the risks of material misstatement associated with the component apply to other components such that, in combination, they present a reasonable possibility of material misstatement to the group financial statements The degree of centralization of records or information processing The effectiveness of the control environment The frequency, timing, and scope of monitoring activities Whether significant changes have occurred during the period under audit The length of time since a particular component was last selected and the results of the audit procedures performed. 19

Scope the group audit AICPA and PCAOB audits Determine Whether there is a Reasonable Possibility of Material Misstatement in the Residual Balance of a Consolidated Material Balance If, after performing the analysis on the preceding slides, the group engagement team determines that a reasonable possibility of material misstatement to the group financial statements exists in the residual balance of one or more material balances at the group level, the group engagement team is required to modify the audit plan accordingly. <U.S. Audit Approach Manual G860.02h> 20

Communicate with component auditors PCAOB audits The ISAs require the group engagement team to request the component auditor to communicate matters relevant to the group engagement team s conclusion with regard to the group audit. <U.S. Audit Approach Manual G885.06> The standards of the PCAOB have specific requirements on the documentation that must be obtained, reviewed, and retained by the group engagement team related to the work performed by the component auditors. Some of this documentation may have been obtained in connection with complying with U.S. AAM G885.06. (See next slide for detail listing) <U.S. Audit Approach Manual G885.06b> The standards of the PCAOB, also require the group engagement team to determine that the component auditors' audit documentation is prepared and retained in compliance with the standards of the PCAOB. <U.S. Audit Approach Manual G885.07ab> 21

Communicate with component auditors PCAOB audits PCAOB AS 3.19 and PCAOB AU 543.12 require that the following be obtained, reviewed, and retained by the group engagement team: An audit summary memorandum, including all cross-referenced supporting working papers relating to significant matters and significant documentation matters A list of significant risks, the component auditors' response, and the results of the component auditors' related procedures Sufficient information relating to any significant matters that are inconsistent with or contradict the final conclusions Any findings affecting the consolidating or combining of accounts in the consolidated financial statements Sufficient information to enable the office issuing the audit report to agree or to reconcile the financial statement amounts to the information underlying the consolidated financial statements A schedule of accumulated misstatements, including a description of the nature and cause of each accumulated misstatement, and an evaluation of uncorrected misstatements, including the quantitative and qualitative factors the component auditor considered to be relevant to the evaluation All significant deficiencies and material weaknesses in internal control over financial reporting, including a clear distinction between those categories Letters of representations from management All matters to be communicated to those charged with governance. <U.S. Audit Approach Manual G885.06b>: 22

Information produced by the entity When using information produced by the entity we shall evaluate whether the information is sufficiently reliable for our purposes, including as necessary in the circumstances (1)Obtaining audit evidence about the accuracy and completeness of the information, and (2)Evaluating whether the information is sufficiently precise and detailed for our purposes. <U.S. Audit Approach Manual G510.11> 23

Reliance on information produced by the entity When information produced by the entity is used by us to perform audit procedures, we should obtain audit evidence about the completeness and accuracy of the information Controls over preparation and maintenance of information produced by the entity include the following elements: Controls over the accuracy and completeness of the source data Controls over the creation and modification of the applicable report logic and parameters. Controls over the accuracy and completeness of the source data may be addressed by our tests of controls of the related classes of transactions, account balances, and disclosures. Additional testing of general IT controls may provide audit evidence that the program and data sources are protected from unauthorized access or changes. <Based on U.S. Audit Approach Manual G510.13-13b> 24

Illustrative example 1 Information produced by the entity is tested through typical substantive procedures The engagement team is evaluating the following control: The assistant controller reviews an Accounts Receivable (AR) Aging Report on a monthly basis in determining the appropriateness of the reserve for bad debt. The AR Aging report is a standard report (non-customized) generated out of the SAP ERP application. The following procedures were performed by the engagement team during their substantive testing of AR. Foot and crossfoot aging report (Accuracy); Agree Total Aging Balance to G/L (Completeness); Selected a sample of A/R confirms and traced them into the Aging Report (Accuracy); AND Determine appropriateness of aging for a sample of line items in the Aging Report (Accuracy Aging) 25

Illustrative example 2 Information produced by the entity is used to perform a control The engagement team is evaluating the following control: The Assistant Controller reviews an ERP report that identifies the number of units sold by SKU and units in ending inventory by SKU to compute the number of months sales on hand. This information is then used to evaluate the inventory valuation. Question #1 Controls over the accuracy and completeness of the source data are addressed by our tests of controls of the sales and inventory systems, including the proper SKU. (Note: When designing control and substantive procedures, consider the IPE that will be utilized and design control or substantive tests to incorporate appropriate testing related to the proper entry of SKU upon sales to increase efficiencies and eliminate the need for additional samples.) Question #2 Select X items from (1) the sales journal and perpetual inventory and trace back to bill of ladings or production data and (2) the bill of lading or production records and trace to the source data. Alternatively, consider integrating this testing into the detail tests of sales and inventory (i.e., use the same samples for both purposes). 26

Illustrative example 2 (continued) Year 1 Approach Source Data: Test the accuracy and completeness of source data through testing controls over the sales and inventory systems, including entry of SKU when a sale occurs. Report Logic: Test the report directly to determine whether the report is being appropriately created by: Reconciling sales and inventory amounts to sales journal and perpetual inventory. Select X items from the number of units sold and the units in ending inventory columns of the report and trace back to the source data by SKU (e.g., the sales journal or perpetual inventory). Foot and cross-foot report totals and recalculate Year 2 Approach Source Data: Same as Year 1 approach Report Logic: Carry forward a summary of direct testing of the report logic performed in the previous year, including a description of the report, how it was tested, and the conclusions we reached. Obtain evidence in the change management system that validates that the source code underlying the report has not been changed since it was previously tested by us. 27

Information produced by the entity FAQs Information produced by the entity (IPE) FAQs includes: FAQs on the requirements and guidance in U.S. AAM G510 Illustrative testing approaches by IPE type Illustrative testing approaches for certain IPE fact patterns 28

Access the IPE FAQs 1. Deloitte Technical Library 2. Deloitte Policies and Guidance 3. U.S. Guides, Practice Aids, and FAQs for Auditors 4. Audit Process 29

Nature of tests of controls Inquiry Observation Inspection Reperformance Least Evidence Most Evidence Some types of tests, by their nature, produce greater evidence of the effectiveness of controls than other tests. 30

Timing for tests of controls 31

Illustrative example 32

Figure 4200.1 Nature of Control Frequency of Performance of the Control Number of Selections Control Addresses a Significant Risk No Deviations Planned Post-Change Pre-Change Manual Many times per day 45 25 Manual Daily 25 15 Manual Weekly 8 5 Manual Monthly 3 2 Manual Quarterly 2 1 Manual Annually 1 1 We may use professional judgment to determine that larger sample sizes may be appropriate <U.S. Audit Approach Manual 4200.23> Effective for all audits for periods beginning on or after December 15, 2010. 33

Figure 4200.2 34

OE testing strategy thought process Control Environment Risk Assessment Monitoring Risks Identified? Significant Risk Normal risk Where can we leverage knowledge obtained from prior year audits? Where do we think we need to get or are already getting our own independent evidence? Where can we leverage use of work of others? Information & Communication General IT Controls e.g., Lower risk, No significant changes e.g., Higher risk, observations, dual purpose tests e.g., Competent, objective evidence Business Cycles Options: PYK Independent testing UWO Combination 35

Deviations and deficiencies A deviation (or an exception) is a condition that exists if we identify circumstances that indicate that a control is not being performed in the manner described by the entity. A deficiency in internal control over financial reporting exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent or detect and correct misstatements on a timely basis. A deficiency in design exists when (a) a control necessary to meet the control objective is missing or (b) an existing control is not properly designed so that, even if the control operates as designed, the control objective would not be met. A deficiency in operation exists when a properly designed control does not operate as designed, or when the person performing the control does not possess the necessary authority or competence to perform the control effectively. 36

Considerations when evaluating deviations Deviation from control Specific inquiries To determine The tests of controls that have been performed provide an appropriate basis for reliance on the controls Additional tests of controls are necessary The potential risks of misstatement need to be addressed using substantive procedures. <based on US Audit Approach Manual 4300.05> 37

Ineffective general IT controls Nature and significance Likelihood of increased risk Pervasiveness Cause and frequency Assessing impact of Ineffective general IT controls Complexity of environment Relates to material COTABD? Proximity to applications and data 38

General IT controls General IT controls are ordinarily not designed to address risks of material misstatement at the assertion level. Instead, general IT controls address risks arising from IT that may affect the continued effective operation of automated application controls and the reliability of information produced by the entity. Although ineffective general IT controls do not by themselves cause misstatements, they may cause application controls to operate improperly, thereby allowing misstatements to occur and not to be detected. General IT controls are assessed in relation to the associated risk arising from IT and their effect on applications and data that become part of the Financial Statements. 39

Concluding on an audit of ICFR Objective Express opinion on effectiveness of ICFR If material weaknesses exist, ICFR is not effective <AS 5 paragraph 2>. Auditors obtain evidence about whether material weaknesses exist at date of management s assessment. Therefore we evaluate severity of any identified deficiency(s) to assess whether they represent a material weakness. 40

Considerations when evaluating deficiencies Circumstances and reasons for deviation Impact statistically if using attribute sampling Effect on our test of OE of controls Management s actions Considerations Qualitative factors affecting the likelihood that a misstatement could occur 41

Questions on other areas of differences between US AAM and DTTL AAM 1.When performing an integrated audit, are we required to test the operating effectiveness of controls in each of the five components? 2.Could a risk of material misstatement for an assertion be related to one or a combination of relevant controls? 3.Can an engagement team perform their testing of a control subsequent to period-end? 4.For integrated audits, if an entity adopts new controls during the year, do we need to test the controls being replaced? 5.What are the required control procedures to be performed on equity method investments? 42

Answers 1.Yes 2.Yes 3.Yes 4.Yes 5.The selection of accounting methods for its investments. The recognition of equity method earnings and losses. The audit ordinarily would not extend to controls at the equity method investee. 43

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. This publication is for internal distribution and use only among personnel of Deloitte Touche Tohmatsu Limited, its member firms, and its and their affiliates. None of Deloitte Touche Tohmatsu Limited, Deloitte Global Services Limited, Deloitte Global Services Holdings Limited, the Deloitte Touche Tohmatsu Verein, any of their member firms, or any of the foregoing s affiliates shall be responsible for any loss whatsoever sustained by any person who relies on this publication. 2008 Deloitte Touche Tohmatsu

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback