UNIT III
Auditing Techniques and Internal Audit
INTRODUCTION
SA 700 (Audit Report) mentions that an audit includes examination, on a test basis, of evidence supporting the amounts and disclosures in financial statements.
MEANING
SA 500 issued by the institute of Chartered Accounts of India (ICAI) states that in forming an opinion an auditor may obtain audit evidence on selective basis. The selection may be based on auditor’s personal judgment or statistical sampling technique.
TEST CHECKING VS. STATISTICAL SAMPLING
When items are selected and checked on the basis of the personal judgment of auditor, it is called Test Checking. When items are selected by applying statistical techniques of sampling, random selection etc., it is called Statistical Sampling.
UNSUITABLE
The following transaction/balances are not suitable for test checking.
- Opening and closing entries.
- Bank Reconciliation statements.
- Item recurring calculations/estimates e.g. depreciation, royalty etc.
- Very important/material transactions/ balances etc.
IMPORTANCE
- Full Checking Impossible
When the number of transactions is large auditor cannot check all the transactions 100%. In such cases auditor has to resort to test checks.
2. Full Checking Unnecessary
In most cases, 100% checking is unnecessary. Statements on Auditing Practices issued by the ICAI states that where an adequate system of internal control is in force, the auditor is entitled to apply test checks.
3. Extent of Checking
The extent of checking should be based on the following factors:
- Possibility of errors and frauds.
- Nature and materiality of item being checked.
- Nature of the business and size of the company.
- The system of accounting.
- Internal controls.
- Internal audit.
ADVANTAGES
- Reduces the cost of audit.
- It helps to speed up the audit work.
- It helps to decide whether the financial records are reliable and to what extent.
- It is a labor saving technique.
- It helps auditor to arrive at a conclusion regarding the true and fair view.
DRAWBACKS
- Arbitrary Selection
The selection depends upon the personal judgment of the auditor.
2. Ignores Statistical Techniques
Test checking ignores statistical techniques of sampling, random selection, risk assessment etc. Thus, auditor cannot be confident that he has selected the right sample.
3. Ignores Quality
An audit instruction regarding, say 25% checking of purchase entries, does not indicate how those 25% entries are to be selected.
4. Risks
Risk means the possibility that conclusions from test checks may be different from those based on 100% checking. Risks are of the following types –
(a) Reliance on Internal Controls
(b) Wrong Conclusions
PRECAUTIONS
- Classify Transactions under proper heads
- System and Procedures for a transaction right from the beginning to the end should be studied in their sequence.
- The whole of the system of internal control in the areas of accounts and finance should be studied and evaluated.
- A properly thought-out test check plan should be prepared.
- The transactions falling under each tests-check plan should be selected in such a manner that bias cannot enter in the selection.
- Auditor should identify the areas where test check may not be suitable.
AUDITOR’S LIABILITY
The test checking does not reduce auditor’s liability. If an auditor is accused of negligence, he cannot say that the items for test checking were free of errors. It is the duty of the auditor to take reasonable care and exercise his skill during an audit. Auditors must keep proper record of the test checks carried out, to help him defend his conclusions later on.
Key Takeaways:
- When items are selected and checked on the basis of the personal judgment of auditor, it is called Test Checking.
- The test checking does not reduce auditor’s liability.
Audit sampling is an investigative tool in which less than 100% of the total items within the population of items are selected to be audited. It is an auditing technique that provides supporting evidence that allows auditors to issue audit opinions without having to audit every single item and transaction.
Purpose of Audit Sampling
No matter what kind of audit is being performed – internal, external, or government – audit sampling needs to be used so that auditors can complete their audits without wasting resources in checking every single item. The objectives of audit sampling are as follows:
• Gather enough evidence to conclude an audit opinion
• Reduce the number of resources used
• Provide the basis for auditors to issue a conclusive audit opinion
• Detect any errors or fraud that can occur
• Prove that auditors have completed their audit fully in accordance with auditing standards
• Used as a tool for investigating
Importance of Audit Sampling
When auditing financial statements, it is not feasible to audit and check every single item within the financial statements. It will be very costly and will take a lot of resources and time to do so.
Audit sampling enables auditors to make conclusions and express fair opinions based on predetermined objectives without having to check all of the items within financial statements. The auditors will only verify selected items, and through sampling, can infer their opinion on the entire population of items.
Forms of sampling
1. Statistical audit sampling
Statistical audit sampling involves a sampling approach where the auditor utilizes statistical methods such as random sampling to select items to be verified. Random sampling is used when there are many items or transactions on record.
Consider a company with more than 100 inventory transactions on its records. Using statistical sampling is recommended due to the high number of transactions.
For example, with statistical sampling, ten items are selected from the total population randomly. Every single item within the 100 has an equal probability of being selected and tested for accuracy as a result. Again, it benefits auditors since they can still make an audit opinion but do not have to check all 100 transactions.
2. Non-statistical audit sampling
In contrast to statistical audit sampling, non-statistical audit sampling items are not chosen randomly. Instead, they are chosen based on the auditor’s judgment, and the result of the testing from the selections is not used to infer the conclusion for the entire population.
In the example earlier, ten inventory transactions can be used to infer the opinion on all 100 transactions. In non-statistical audit sampling, the auditors may choose to select items based on criteria such as:
• The value of items (e.g., items greater than $100,000)
• Items with specific information (e.g., items related to a certain company)
Key Takeaways:
- Audit sampling is an investigative tool in which less than 100% of the total items within the population of items are selected to be audited.
- Audit sampling enables auditors to make conclusions and express fair opinions based on predetermined objectives without having to check all of the items within financial statements.
MEANING
SA 400 issued by the Institute of Chartered Accountants of India (ICAI) deals with the study and evaluation of Internal Control in connection with an audit. It defines internal Control as “all the policies and procedures adopted by the management of a concern to ensure the orderly and efficient conduct of its business.”
PURPOSE, ADVANTAGES AND OBJECTIVES
The objective of internal control i.e. accounting Controls and Operational Controls are as follows.
- Accounting controls
- All transactions are duly authorized, properly recorded and recorded promptly.
- The accounting policies adopted by the management in respect of stock valuation, depreciation etc. are implemented.
- The assets of the concern are safeguarded; the assets are not used or sold without proper authorization and are verified regularly.
- Errors and frauds are prevented and detected.
- The books of accounts are complete and accurate.
- The final accounts are reliable and ready in time.
2. Operational or Administrative Controls
Operational Controls aim to ensure that the management policies in respect of the operations and administration of the concern are implemented. This in turn ensures that the business is conducted in an orderly and efficient manner. Examples of operational controls are Quality Control, Budgetary Control, Internal Check, Internal Audit, Quantitative Controls etc.
AUDITORS DUTIES
SA 400 makes the following recommendations in this regard:
- Responsibility of Management
Basically, the management is responsible for establishing and operating the Internal Control system.
2. Auditor’s Duty
The auditor’s duty is to study system, check whether the system was actually in operation during the year and evaluate the system to ascertain how much he can rely upon it.
3. Need for Evaluation
An auditor needs to evaluate internal control system to achieve the objectives.
4. Steps in evaluation
a) Understand the System: In the first stage, the auditor should understand the system of Internal Control. He can understand the system with the help of manuals, discussions with managers or the technique of Flow Charts.
b) Test Application: He should check whether the controls were actually applied in practice. He can check some transactions in depth. Thus he can take up some sales transactions and check all the documents right from the sales order to the receipt from debtors.
c) Evaluate the system: He should judge, on the basis of above tests, whether he can rely on the system and if so to what extent.
5. Communicate Weakness to Management
a) The material weakness in internal controls should be communicated to the management by the auditor. Material weakness means the absence of adequate controls that increase the possibility of errors and frauds in the financial statements.
b) Such communication should be in writing.
INHERENT LIMITATIONS OF INTERNAL CONTROL
All the objectives of internal control, listed above, may not be actually achieved, because of its following limitations.
- Costs
Cost of implementing control procedure may be much more than its benefits.
2. Human Error
A control procedure may not prove effective due to human errors e.g. carelessness of employees, mis-understanding of instructions, wrong judgments etc.
3. Collusion
Even if duties are divided among different employees, they may collude (work together fraudulently).
4. Misuse
An employee responsible for a particular function may misuse his authority.
5. Manipulation by Management
Manipulation and misappropriation by top management will defeat the very purpose of internal control.
INTERNAL CONTROL FOR SALARIES AND WAGES | INTERNAL CONTROL FOR PURCHASE | INTERNAL CONTROL FOR SALES | |
Division of Work | Work relating to payment of salaries and wages should be divided among different employees. Different person should employ the staff and workers, record the attendance, prepare the pay Sheet, check the Pay Sheet, make the payment and record the entries. | Work relating to purchase should be divided among different departments and employees. Thus sales and Debtors would involve the Sales Department, the stores and the account department. | Work relating to sales and debtors should be divided among different departments and employees. Thus sales and Debtors would involve the Sales Department, the stores and the account department. |
Procedures | The employees should sign in the Pay sheet or Vouchers in acknowledgment of payment received. Payment to representatives of absent employees should be made only after verifying their authorization. If salaries are paid by cheques, they should be crossed “A/C payee” to prevent misuse. | Purchase department should invite tenders on the basis of purchase requisitions received from the factory or stores. Material should be received in the godown and property inspected before acceptance. Payments should be made by the Account department only after verifying the Goods Received Note and the Inspection report. | Sales department should obtain sales Orders and issue Dispatch Orders to the stores. Material should be dispatched from the godown only on the basis of such dispatch orders and after preparing delivery challans. The Sales Bills should be raised and the cash or cheques from debtors should be received by the Accounts department. |
Cross-Check | The work should be divided in such a way that the related documents are prepared by different persons and automatically checked by another employee. | The work should be divided in such a way that the related documents are prepared by different persons and automatically checked by another employee. | The work should be divided in such a way that the related documents are prepared by different persons and automatically checked by another employee. |
Change in Duties | The security Staff, the Personnel Staff and the Cashier should be changed from time to time. | The duties of the concerned employees (purchase officer, storekeeper) should be rotated from time to time. They may be transferred to a different location. | The duties of the concerned employees (salesman, storekeeper) should be rotated from time to time. They may be transferred to a different location. One employee should not do same work for a long time. |
Annual Leave | The security staff and the cashier should be asked to go on leave at least once every year, to enable detection of errors or frauds. | The concerned employees (especially the storekeeper) should be asked to go on leave at least once every year, to enable detection of errors or frauds. | The concerned employees (especially the storekeeper) should be asked to go on leave at least once every year, to enable detection of errors or frauds. |
Access to Books | The security staff should not have access to the pay sheets. The personnel Staff or Cashier should not have access to the books of accounts. | The purchase officer or Storekeeper should not have access to the books of account, such as sales Journal or ledgers. | The sales staff should not have access to the books of account, such as sales Journal or ledgers. |
Proper Recording | The attendance should be recorded in the Attendance Records properly. Mechanical Time Clocks should be used to prevent errors and frauds. All payments should be properly recorded. | All goods should be properly recorded i.e. the right quantity should be entered, against the right party and on the right date. | All goods should be properly recorded i.e. the right quantity should be entered, against the right party and on the right date. |
Prompt Recording | The attendance and payments should be recorded promptly in the relevant books. | The transaction should be recorded promptly in the relevant books of accounts. | The transaction should be recorded promptly in the relevant books of accounts. |
Accounting policies | The payments should be recorded on the basis of the accounting policies adopted by the management. | The purchase should be recorded on the basis of the accounting policies adopted by the management. | The sales should be recorded on the basis of the accounting policies adopted by the management. |
Safeguarding | The cheques signed but not handed over to the employees who may be absent should be kept in safe custody. Such as cheques or cash vouchers for unpaid salaries should be verified immediately after the ‘pay-day’ | The stock in hand should be safeguarded i.e. stored safely and properly. Stock in hand should be verified regularly. | The stock in hand should be safeguarded i.e. stored safely and properly. Stock in hand should be verified regularly. |
Errors and Frauds | Pay sheets, cash Book and bank book should be checked to detect errors in recording payments of salaries and wages e.g. errors of commission, errors of omission or errors of principle etc. these books should be checked to detect frauds by inflating payments, by showing payments to dummy workers etc. Payments to dummy persons may be detected by checking the attendance record, making surprise check on attendance. | Stock books should be checked to detect errors in recording purchase. e.g. errors of commission, errors of omission or errors of principle etc. stock books should be frequently reconciled with the physical stocks to detect frauds e.g. misappropriation of goods by inflating dispatches. | Stock books should be checked to detect errors in recording sales. E.g. errors of commission, errors of omission or errors of principle etc. stock books should be frequently reconciled with the physical stocks to detect frauds e.g. misappropriation of goods by inflating dispatches. |
Reconciliation and confirmations | --- | The Creditors accounts should be reconciled regularly. Confirmation of balances should be obtained from them at least once during year. | The Debtors accounts should be reconciled regularly. Confirmation of balances should be obtained from them at least once during year. |
| Internal Control for Creditors | Internal Control for Debtors |
Credit Limits | a) Fixed on a basis which is clearly laid down b) Approved by an officer independent of the sales department c) Checked before accepting orders from customer, and d) Reviewed from time to time. | |
Prompt Recording | The procedures should ensure prompt recording of the amounts due to creditors and the amounts paid to creditors. | The procedures should ensure prompt recording of the amounts due from debtors and the amounts received from debtors. |
Prompt Adjustment | The amount paid to a creditor should be promptly adjusted against the relevant bill. Unadjusted amounts should be reconciled regularly. | The amount received from a debtor should be promptly adjusted against the relevant bill. Unadjusted amounts should be reconciled regularly. |
Age-wise Schedule | There should be a procedure for preparing age wise schedule of creditors. The schedules should be reviewed by a senior officer. | There should be a procedure for preparing age wise schedule of debtors. The schedules should be reviewed by a senior officer. |
Statements of Accounts | Statements of accounts should be prepared and periodically to all creditors. They should be prepared by a person other than the ledger-keeper and sent by yet another person. | Statements of accounts should be prepared and periodically to all debtors. They should be prepared by a person other than the ledger-keeper and sent by yet another person. |
Discounts & write-offs | All materials adjustments such as discounts, allowances and rebates received, amount not payable written back etc. should be approved by a senior manager. | All materials adjustments such as discounts, allowances, rebates, and debts written off etc. should be approved by a senior manager. |
Reconcile Control Accounts | There should be a system of periodic reconciliation of creditors’ balances with related control accounts. | There should be a system of periodic reconciliation of debtors’ balances with related control accounts. |
Key Takeaways:
- Operational Controls aim to ensure that the management policies in respect of the operations and administration of the concern are implemented.
- Basically, the management is responsible for establishing and operating the Internal Control system.
MEANING
SA 610 issued by the Institute of Chartered Accountants of India (ICAI) defines Internal Audit as follows: Internal audit is a separate component of internal Control established to determine whether other Internal controls are well designed and properly operated.
OBJECTIVES
- Review of accounting system and Internal controls
- Examination of Accounting controls
- Examinations of Operational controls
- Physical verification
SCOPE / FUNCTIONS OF INTERNAL AUDIT
- Monitoring of internal control
- Examination of financial and operating information
- Review of operating activities
- Review of compliance with laws and regulations
- Risk management
- Governance
INTERNAL AUDIT VS. STATUTORY AUDIT
TOPIC | INTERNAL AUDIT (IA) | STATUTORY AUDIT (SA) |
Voluntary / Compulsory | IA is Voluntary | SA is compulsory under law e.g. under Companies Act. |
Appointment | Internal Auditor is appointed by the management itself. | Statutory Auditor is appointed by the shareholders of a Company. |
Status | Internal Auditor is an employee of the concern. | Statutory Auditor is an independent outside expert. |
Responsible & reports to | Internal Auditor is responsible and reports to management. | Statutory Auditor is responsible and reports to shareholders. |
Scope of duties | Management decides the scope of duties of internal Auditor. It includes non accounting matters. | Duties of statutory auditor are laid down by law (e.g. Companies Act) its scope limited to accounting matters. |
Removal | Internal auditor can be removed by the management on its own. | Statutory Auditor can be removed by shareholders only if approved by central Government. |
Objectives | IA aims to review the internal control system of concern. | SA aims to report to shareholders whether the accounts are true and fair. |
Period | IA is continuous. | SA is normally periodical or annual. |
Qualifications | No qualifications are prescribed by law for an Internal Auditor. | Qualifications are prescribed by law for Statutory Auditor. |
Liability for Negligence | Internal Auditor is liable only to management and not to shareholders or third parties. | Statutory Auditor is liable to shareholders and in some cases to third parties also. |
Key Takeaways:
- Internal audit is a separate component of internal Control established to determine whether other Internal controls are well designed and properly operated.
- Internal Auditor is appointed by the management itself.
References:
- ‘Auditing and Assurance services’ by Alvin A. Arens and Randal J. Elder
- ‘The Why and How of Auditing’ by Charles B. Hall
