CH 10
CH 10
CH 10
C10-1 How is the overall audit strategy linked to the risk assessment procedures?
The information used in determining the overall audit strategy is based upon the evidence
collected by the risk assessment procedures.
C10-2 Explain the purpose of the three types of further audit procedures and provide an
example of each procedure. Note: Multiple examples are possible, two are provided for each
type.
Tests of controls: Observe data entry procedures to see whether passwords are in use by
employees; check bank reconciliation for initials of controller.
Substantive Tests:
Note: Substantive procedures consist of detailed analytical procedures and tests of details.
Analytical procedures can also be used for planning and for end of engagement assessment.
Tests of details: Select a sample of sales invoices and agreeing the details with shipping
Documents. Confirm accounts receivable with major suppliers; recalculate bad-debt allowance.
Analytical procedures: Calculate gross margin and compare to prior years; calculate gross
margin by product and compare to authorized gross margin used in pricing.
C10-3 Explain what are dual-purpose tests and how they improve audit efficiency.
Dual purpose tests are audit procedures that are both tests of controls and substantive procedures
on the same sample of transactions or account balances for efficiency. For example, auditors can
usually apply tests of controls involving inspection and reperformance to the same transactions
tested for monetary misstatements. (Reperformance simultaneously provides evidence about both
controls and monetary correctness.)
C10-4 Read Auditing in Action 10-1, what components of the system of control did the TTC
have in place to address the risk of management override and fraud risk in revenue? Classify
each of the procedures listed in the audit approach column as risk assessment procedures,
tests of controls, tests of details, or substantive analytical review.
• Understand the potential risks of fraud and Risk assessments – understand system of
error related to revenue recognition. internal control
Understand and test the operating Tests of controls (and risk assessment)
effectiveness of internal controls over
revenue recognitions on which we plan to
rely.
Copyright © 2022 Pearson Canada Inc.
9-2
Chapter 10: Risk Response: Audit Strategy, Overall Approach, and Audit Program
C10-5 Explain why it might not be possible to perform an audit of a large bank if the controls
are not effective.
Since a bank would process millions of transactions and have largely automated processes that
do not have an audit trail, it would not be possible to perform substantive tests. Since
controls are not effective, a substantive approach is the only viable choice but is not
possible; therefore the auditor would not be able to perform an audit.
C10-6 Explain how an auditor can use a different audit approach for different accounts of the
same client.
The audit approach is developed to address RMM at the assertion level. Organizations have
different processes with different controls; therefore, it may be efficient to test controls in some
processes and not in others.
C10-7 Why are tests of details often more costly to conduct than other types of procedures?
Substantive tests of details are often considerably more costly than any of the other types of
procedures. For instance, given the involvement of the auditor, it can be costly to send
confirmations and to count assets. Because of the high cost of tests of details of balances,
auditors usually try to plan the audit to minimize their use, focusing these tests upon high-risk
and material balances. However, in situations where the auditor is using automated tools and
techniques, the costs can be reduced.
C10-8 Explain how the auditor uses performance materiality in designing effective further audit
procedures.
Performance materiality is the basis by which the auditor scopes out those accounts that
considered material and for which substantive procedures must be performed.
C 10-9 What factors do auditors take into consideration when determining the nature, timing,
and extent of further audit procedures?
C10-10 List the type of information that would be included in an audit program.
The audit program identifies the auditor’s response to assessed risks, by audit assertion. Audit
tests listed by assertion would be any or all of tests of control, analytical procedures, and tests of
detail.