Clarified Auditing Standard, Audit Evidence—Part 1 (AU-C 500)

AU-C Section 500 describes the sufficiency and appropriateness of audit evidence in the following paragraphs

.A4 Sufficiency is the measure of the quantity of audit evidence. The quantity of audit evidence needed is affected by the auditor's assessment of the risks of misstatement (the higher the assessed risks, the more audit evidence is likely to be required) and also by the quality of such audit evidence (the higher the quality, the less may be required). However, obtaining more audit evidence may not compensate for its poor quality.

.A5 Appropriateness is the measure of the quality of audit evidence (that is, its relevance and reliability in providing support for the conclusions on which the auditor's opinion is based). The reliability of evidence is influenced by its source and nature and is dependent on the individual circumstances under which it is obtained.

General types of audit procedures are also discussed in this statement:

.A10 As required by and explained further in section 315 and section 330, audit evidence to draw reasonable conclusions on which to base the auditor's opinion is obtained by performing the following:

a. Risk assessment procedures

b. Further audit procedures, which comprise

i. tests of controls, when required by the AU-C sections or when the auditor has chosen to do so, and

ii. substantive procedures, which include tests of details and substantive analytical procedures.

A Brief Discussion of Basic Types of Tests

To build the foundation for designing the most cost-beneficial audit strategies, a thorough knowledge of the basic types of tests recognized in AU-C 500 is necessary.

Tests of Controls—Compliance Transactions Tests (author’s words)

Compliance tests are designed as tests of internal control procedures or activities to determine:

1.      The frequency with which the control procedures are performed.

2.      The quality of the performance of the control procedures.

3.      The person performing the procedures.

4.      The design effectiveness of the procedures.

Compliance tests of controls are performed to measure the likelihood of errors occurring and going undetected and to reduce the amount of substantive testing. Compliance procedures consist mainly of observations, inspections and inquiries. Documented evidence of the internal control procedures performed by a client personnel is necessary to evaluate compliance for larger entities with effectively designed internal controls. Examining a foreperson’s approval of hours worked on employees’ time cards, for example, is a compliance test of control. Materiality is measured by the frequency of errors.

Owners or managers for small entities may perform key controls that are not documented. In these circumstances, the auditor can assess compliance by making inquiries of an owner or manager, evaluating their responses, and documenting their compliance in a memo or on a working paper.

Tests of Controls—Substantive Transactions Tests (author’s words)

A substantive transactions test is a test of the accounting system and is normally designed to test for monetary errors. Determining that all entries recorded in the cash disbursements journal are valid by examining supporting documents, or that the extension of sales prices and units on sales invoices are correct, are examples of substantive transactions testing procedures. Tests of controls are often used as “dual-purpose” tests, i.e., both compliance and substantive tests of transactions are performed. While both may supply sufficient evidence for evaluation of applicable financial statement assertions, auditors can be more efficient by performing one or the other. Only a “handful” (10%-20%) of the transactions need be tested substantively if compliance tests are chosen.

If a client has limited internal controls, but has a solid accounting system, an auditor may perform only substantive transactions tests or make an assessment of control risk using other procedures such as a systems walk-through procedure, or tests of an owner/manager’s key controls by making inquiries and/or observations of procedures and inspection of documents.

System’s Walk-Through Procedure

The system’s walk-through procedure is often the most cost-efficient, annual risk assessment procedure auditors can use, and is discussed in the auditing standards. It is performed by tracing documents and data through the accounting system from the inception of transaction cycles to their termination. Its primary purpose is to provide a good understanding of the accounting system and any control procedures or activities for risk assessment purposes. Ordinarily 5-10 transactions will be selected for this purpose; selecting more transactions will increase the substantive evidence from this procedure.

The walk-through procedure, coupled with good prior year experience with a client and evidence from reading general ledger account activity, may permit an assessment of control risk at slightly less than high to moderate. An auditor may be able to use lesser reliable procedures (nature) for small details of an account balance, lesser audit coverage of an account balance (extent), and/or perform some procedures before year-end (timing) at these lower risk levels. This procedure, considered along with other risk assessment procedures, can provide substantive evidence that enables the auditor to plan an audit strategy that reduces tests of balances procedures.

Reading (Scanning) the General Ledger 

One of the most pervasive analytical procedures is reading, or scanning, the general ledger account activity. Whether done manually, or with the assistance of data extraction software, this analytical procedure is discussed for the auditing standards.

Many auditors perform this procedure but fail to consider its affect on their audit strategy. After any errors are corrected by proposed journal entries, the auditor has obtained significant, substantive evidence that relevant assertions for many account balances are reasonable. The evidence obtained from this risk assessment procedure should enable the auditor to reduce the assessed level of risk of material misstatement and, therefore, the extent of evidence desired from detailed tests of balances.

This procedure is usually performed by looking for unusual amounts or postings, transactions or general journal entries greater than the lower limit for individually significant items, checks or disbursements to be used in support tests, and other unusual matters. Documentation of the procedure should include the parameters of the test, the exceptions the test revealed and the resolution of the exceptions in a spreadsheet, memo or other working paper. Other modules of this small audit series discuss a General Ledger Analysis Worksheet (an Excel spreadsheet) as the most efficient documentation for listing and following up on unusual matters.

AU-C 620, Using the Work of an Auditor’s Specialist, differs from the previous AU section only in that management’s specialists’ issues are discussed in the Clarified Auditing Standard on quality control.  The auditor has responsibility to evaluate the reputation of any specialist used in and audit and the auditor must have at least a general knowledge of the processes used by the specialist.

Analytical procedures and tests of balances will be discussed in Part 2 of this article.

More Information

These eBook resources, without CPE credit, can be obtained from my website, www.cpafirmsupport.com :

• Small Audits Made Easy and Profitable
• Performing Auditing Tests of Balances Procedures
• Staff Training Series for Entry-Level Accountants, New In-Charge Accountants and Engagement Leaders
• Key Accounting Issues for Non-Profit Organizations
• A Practical Potpourri of Time Savings on Audits
• The Financial Reporting Framework for Small- and Medium-Sized Entities

My exclusive presentation of webcasts on CPE Credit.com and self-study courses covering various applications of auditing standards can be accessed by clicking the appropriate box on the left side of my home page, www.cpafirmsupport.com. Registered users accessing webcasts or self-study courses on my website receive a 20% discount on CPE materials presented by myself and numerous other authors on a variety of professional topics.

My assistance in CPA firm quality control consulting, audit planning and peer review preparation can be obtained by sending an email using the “Contact Us” tab on my home page.