Please enable JavaScript.
Coggle requires JavaScript to display documents.
Planning - Coggle Diagram
Planning
Systems + Controls
Internal Control
VAC
BECCS
Internal Control
Control Activities
Objectives
Mitigate business risk
Contained with info system
Information System
VAC
Validity
Genuine
Mng policy
Accuarcy
Corr Amt
Corr Acc
Classified summarised posted
Completeness
Recorded
Acc period
Recorded timeously
Initial
Recording
Processing
Correction
Positioning (general ledger)
Risk Assessment
Objectivities
Integrity , Operation + Completeness
Respond to risk
Monitoring Control
Address the risk
Relevant department staff
Operating efficiency over period of time
Control Environment
integrity + ethical
Comoetence
Governance
Philosophy + operating style
Authority + Responsibility
Policies + Procedure
IT Integral Control
Control Environment
Environment + Ethical Value
Competence
IT governance
Mng philosophy + Operating style
Organisation structure
Policies + Procedure
System Development + Implement Control
Software Updates
Software Upgrades
Hardware changes
Continuity of Operation
Physical Operation
Back up System
Disaster recovery plans
System software + Operation
Firewall
Built in Control
Documentation
Sufficient policies + procedures
P + P document
P + P communicated
Access Contract
Physical
Control
CCTV
Physical camera
Locked Room
Logical
Username/ID/Password
Biometric scanning
Anti - virus
Access Rights
Application Control
Input
Process
Output
Masterfile
4P
process
observe \=reperform sample
arp
enquire \= repform
paper
inspect
\people
observe
Limitation of Control
Cost > Benefit
Abnormal tranasaction
Human error
Mng override
Possibility circumstance of control
Control inadequate and use effectiveness
Steps
Indentify
Document
Objectives + People
Risk
Controls
Risk Assessment + Materiality
RISK
ROMM
AR = Romm x DR
Romm = IR x CR
Business Risk (BECCS)
Business Continuity
Busienss Avalibilty
Economy, Efficiency , Effectiveness
Compliance Law + regulation
Confidentiality
Safeguard of asset
Audit Risk
Financial Statement
New Client
Deadline
Listed
Mng (aggresive, hold shres , performance bonus)
Going COncern
Poor Governace
Group Acc
Complicated IFRS
eliminated, erors in consolidating,difficult fv
Fines + Litagation
Prior Auditors
3rd Parties
Assertion
Transaction
Occurenace
Completeness
Accuracy
Cut Off
Classification
Balance
Completeness
Classificaton
Existence
Rights + Obligation
Accuracy ,Validation + Allocation
IT Risk
Control Environment
Risk Assessment
Information System
Contreol Acvivitries
Monitoring
Quality Control
Standard legal + Regulatory requirements
Report Issues
Materiality
Overall
Overall materiality relates to the financial statements as a whole. It is based on what could
reasonably be expected to influence the economic decisions of the financial statement users,
taken on the basis of the financial statements. It would be changed during the audit if the auditor
becomes aware of information that would have caused him/her to have determined a different
amount (or amounts) initially
Performance Materiality:
Typical ranges used in the calculation of overall materiality would be:
• 5- 10% of Net Income before Tax
• 0.5- 1% of Turnover
• 1%- 2% of Assets
• 1%-2% of Gross Profit
• 2%-5% of Equity
Performance materiality is set at a lower amount than the overall materiality. Performance
materiality enables the auditor to respond to specific risk assessments (without changing the
overall materiality), and to reduce to an appropriately low level the probability that the
aggregate of uncorrected and undetected misstatements exceeding overall materiality.
Performance materiality would be changed based on audit findings (such as where a risk
assessment was revised)
Planning Further Audit Procedure
Financial Statement
Overall Response
Assertion Level
Further Audit Procedure
Substantive Procedure
TOD
ARP
TOC
Audit Plan (Control Risk) Obtain Audit evidence
Timing (when perform controls = audit procedure)
Deadline
Y/E Risk
Client outsource availability data influence time fo data
Timing of data
Extent(how much gonna test)
Client larger sample size
Change year end , test both system
CAAT auditors to test whole population
High risk client
Client system vs Auditors system
Multiple location
Nature (audit approach)
Possible
(Planning relevance control\= can we test controls)
Controls Financial information effective
Control Environment Effective
Necessity staff + resources test control
Client control in place
Client co operation ( time + Helpfulness)
Availbilty of CAAT expert
IT control effective
Describe
(generic)
Cost vs Benfnits
Advice to client
Train staff
War specifically requested by client
Weakness previous audit
Effective internal control
ISA 330 rollover 14 from previous year
Necessity
(can obtain audit evidence from control)
Large volume
Complex
Audit trail
Computer Generated
Audit Strategy (F/S Risk)
Timing
Interim vs YE
Client free meeting
Size of company
Nmr of location
Direction
Risk - transaction or balance
Sound Internal Control
where our focus \9bank and inventory)
Scope (what deployed
Statuary vs Voluntary
Listed
Consoloidated
LOcation
Other auditors
Internal audit function
Complex IT system
Resources
Experience team members
Nmr of team membeers
Hours allocated
Resources deployed
Management supervision available
Engagement with partners - mng review
Obtain audit eveidence