Presentation 11, Test of controls of the system, Workshop on System-based auditing, Tirana, 10-12 Sept 2014_ENG

Presentation 11, Test of controls of the system, Workshop on System-based auditing, Tirana, 10-12 Sept 2014_ENG

• 1.
  © OECD Ajoint initiative of the OECD and the European Union, principally financed by the EU Tirana, 10-12 September 2014 Workshop System Based Auditing 11. Test of controls
• 2.
  2
• 3.
  3
• 4.
  11.1 Audit procedures:types of procedures left •Tests of controls ------------------------------------------------ •Substantive procedures: Substantive analytical procedures Tests of detail 4
• 5.
  11.2 Purpose oftest of controls Reduction of control risk can be justified only with evidence that the controls are functioning. 7 basic types of evidence •Physical examination •Confirmation •Documentation •Observation •Accuracy •Analytical evidence •Client inquiry 5
• 6.
  11.3 Audit proceduresfor testing controls •Physical examination •Evidence obtained from the inspection of assets •Confirmation •Written evidence from third parties •Documentation •Evidence obtained from the examination of internal written records •Observation •Visual evidence obtained by the auditor by inspecting client activities 6
• 7.
  11.4 Audit proceduresfor testing controls •Accuracy Evidence obtained by verifying totals, •Client inquiry Evidence obtained by clients personnel or management 7
• 8.
  11.5 Hierarchy ofevidence reliability Best •Physical evidence •Confirmation •External documentation •Test of accuracy/reperform Good •Observation Weak •Internal documentation •Client inquiry 8
• 9.
  11.6 Extent ofprocedures •Reliance on evience of prior audit – every 3rd year •Controls related to significant risks – evidence of current year •Less than entire audit period – evidence that controls were working at end of the year 9
• 10.
  11.7 realionshiop tetsof controls and obtaining understanding process Overlap between the two: => physical evidence, client inquiry, observation are used procedures Differences: •Obtaining understanding covers all controls: testing of controls thios econtrols where tehre were doubts •Obtaining understanding covers only one or few transactions; test of controls more (20-100) 10
• 11.
  11 11.8 Exampleof number of tests of control 11
• 12.
  11.9. Audit proceduresIf nothing is found, everything is OK! Isn’t it? 12 Test control - sample size= 30 No errors found Two or more errors found No reliance possible on this key control Reliance possible on this key control One error found Extra Sample sample size = 20 No further errors found One or more errors found either or Central Limit Theory; http://en.wikipedia.org/wiki/Central_limit_theorem see also http://www.stat.ufl.edu/~aa/articles/agresti_min_binomial.pdf
• 13.
  11.10 Test ofcontrols vs. Substantive tests Test of controls: •System Audit & Financial Audit •Test of internal controls •Residual Risk Substantive Testing: •Financial Audit •Test of amount •Detection Risk 13 13
• 14.
  QUESTIONS? 14