105. When obtaining an understanding of an entity’s control environment, an auditor should concentrate on the substance of controls rather than their form because c. Management may establish appropriate controls but not act on them.
When obtaining an understanding of the design and implementation of an entity’s internal controls the auditor should?
12. When obtaining an understanding of an entity’s internal control, an auditor should concentrate on their substance rather than their form because 5.3 Understanding Internal Control 10.
How do you assess the risk of material misstatement?
Having obtained and documented an understanding of the entity including its internal control, the auditor is now in a position to identify and assess the risks of material misstatement, which should be done at the financial statement level, and at the assertion level for classes of transactions, account balances and …
When obtaining an understanding of the entity and its environment we obtain an understanding of?
The audit procedures performed to obtain an understanding of the entity and its environment, in- cluding the entity’s internal control, to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and relevant assertion levels.
Who is responsible to obtain an understanding of internal control?
Management is responsible for establishing internal controls. In order to maintain effective internal controls, management should: Maintain adequate policies and procedures; Communicate these policies and procedures; and.
What are the components of an entity’s internal control?
The major components of internal control include control environment, entity’s risk assessment process, information system (including the related business processes, control activities relevant to the audit, relevant to financial reporting, and communication) and monitoring of controls.
What is material misstatement examples?
For example, a material misstatement of revenue could trigger a decision to buy a company’s stock, causing losses for the investor when the misstatement is later corrected and the price of the stock declines.
What is the auditor’s responsibility to identify risks of material misstatement?
The objective of the auditor is to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and assertion levels, through understanding the entity and its environment, including the entity’s internal control, thereby providing a basis for designing and …
What are the three types of audit risks?
There are three common types of audit risks, which are detection risks, control risks and inherent risks.
What is control risk in audit?
Control risk, which is the risk that a misstatement due to error or fraud that could occur in an assertion and that could be material, individually or in combination with other misstatements, will not be prevented or detected on a timely basis by the company’s internal control.
What is audit evidence and examples?
Audit evidence is evidence obtained by auditors during a financial audit and recorded in the audit working papers. Auditors need audit evidence to see if a company has the correct information considering their financial transactions so a C.P.A. (Certified Public Accountant) can confirm their financial statements.
What are the qualities of audit evidence?
Appropriateness is the measure of the quality of audit evidence, i.e., its relevance and reliability. To be appropriate, audit evidence must be both relevant and reliable in providing support for the conclusions on which the auditor’s opinion is based.
What is meant by sufficient audit evidence?
Sufficient audit evidence is the context that refers to the quantity or number of audit evidence. Likewise, the quantity of audit evidence will be influenced by the risk of material misstatement of financial statements and the quality of evidence obtained.
What is the reliable source of audit evidence?
Audit evidence is more reliable when it exists in documentary form, whether paper, electronic, or other medium (for example, a contempo- raneously written record of a meeting is more reliable than a subse- quent oral representation of the matters discussed). audit evidence provided by photocopies or facsimiles.
Page 1 of 13
AT-5910
CPA REVIEW SCHOOL OF THE PHILIPPINES
M a n i l a
AUDITING THEORY
INTERNAL CONTROL
Related PSAs/PAPSs: PSA 400, 402 and 315
The auditor should obtain an understanding of the accounting and internal control systems sufficient
to plan the audit and develop an effective audit approach.
Accounting system means the series of tasks and records of an entity by which transactions are
processed as a means of maintaining financial records. Such systems identify, assemble, analyze,
calculate, classify, record, summarize and report transactions and other events.
Internal Control System means all the policies and procedures (internal controls) adopted by the
management of an entity to assist in achieving management’s objective of ensuring, as far as
practicable,:
• orderly and efficient conduct of its business, including adherence to management policies;
• safeguarding of assets;
• prevention and detection of fraud and error;
• accuracy and completeness of the accounting records; and
• timely preparation of reliable financialinformation.
The internal control system extends beyond those matters which relate directly to the functions of the
accounting system.
Internal Control Components (PSA 315)
(a) The control environment;
(b) The entity’s risk assessment process;
(c) The information system, including the related business processes, relevant to financial reporting,
and communication;
(d) Control activities; and
(e) Monitoring of controls.
Control environment
The control environment includes the attitudes, awareness, and actions of management and those
charged with governance concerning the entity’s internal control and its importance in the entity. The
control environment also includes the governance and management functions and sets the tone of an
organization, influencing the control consciousness of its people. It is the foundation for effective
internal control, providing discipline and structure.
The control environment encompasses the following elements:
• Communication and enforcement of integrity and ethical values.
• Commitment to competence.
• Participation by those charged with governance.
• Management’s philosophy and operating style.
• Organizational structure.
• Assignment of authority and responsibility.
• Human resource policies and practices.
Entity’s risk assessment process
An entity’s risk assessment process is its process for identifying and responding to business risks and
the results thereof. For financial reporting purposes, the entity’s risk assessment process includes
how management identifies risks relevant to the preparation of financial statements that are presented
fairly, in all material respects in accordance with the entity’s applicable financial reporting framework,
estimates their significance, assesses the likelihood of their occurrence, and decides upon actions to
manage them.