Upload
support-for-improvement-in-governance-and-management-sigma-oecd
View
179
Download
0
Tags:
Embed Size (px)
Citation preview
© OECD
A j
oin
t i
nit
iati
ve o
f th
e O
EC
D a
nd
th
e E
uro
pe
an
Un
ion
,
pri
nc
ipall
y f
ina
nced
by t
he
EU
Tirana, 10-12 September 2014
Workshop System Based Auditing
11. Test of controls
2
3
11.1 Audit procedures: types of procedures left
• Tests of controls
------------------------------------------------
• Substantive procedures:
Substantive analytical procedures
Tests of detail
4
11.2 Purpose of test of controls
Reduction of control risk can be justified only with evidence that the controls are functioning.
7 basic types of evidence • Physical examination • Confirmation • Documentation • Observation • Accuracy • Analytical evidence • Client inquiry
5
11.3 Audit procedures for testing controls
• Physical examination • Evidence obtained from the inspection of assets
• Confirmation • Written evidence from third parties
• Documentation • Evidence obtained from the examination of internal written
records
• Observation • Visual evidence obtained by the auditor by inspecting client
activities
6
11.4 Audit procedures for testing controls
• Accuracy
Evidence obtained by verifying totals,
• Client inquiry
Evidence obtained by clients personnel or management
7
11.5 Hierarchy of evidence reliability
Best
• Physical evidence
• Confirmation
• External documentation
• Test of accuracy/reperform
Good
• Observation
Weak
• Internal documentation
• Client inquiry
8
11.6 Extent of procedures
• Reliance on evience of prior audit – every 3rd
year
• Controls related to significant risks – evidence of
current year
• Less than entire audit period – evidence that
controls were working at end of the year
9
11.7 realionshiop tets of controls and obtaining understanding process
Overlap between the two:
=> physical evidence, client inquiry, observation are used procedures
Differences:
• Obtaining understanding covers all controls: testing of controls thios econtrols where tehre were doubts
• Obtaining understanding covers only one or few transactions; test of controls more (20-100)
10
11
11.8 Example of number of tests of control
11
11.9. Audit procedures If nothing is found, everything is OK! Isn’t it?
12
Test control -
sample size= 30
No errors
found
Two or more
errors found
No reliance
possible on this
key control
Reliance possible
on this key control
One error
found
Extra Sample
sample size = 20
No further
errors found
One or more
errors found
either or
Central Limit Theory; http://en.wikipedia.org/wiki/Central_limit_theorem
see also http://www.stat.ufl.edu/~aa/articles/agresti_min_binomial.pdf
11.10 Test of controls vs. Substantive tests
Test of controls:
• System Audit & Financial Audit
• Test of internal controls
• Residual Risk
Substantive Testing:
• Financial Audit
• Test of amount
• Detection Risk 13
13
QUESTIONS?
14