CHAPTER 5—AUDIT EVIDENCE

TRANSACTION CYCLE APPROACH

 Auditors typically divide financial statements into components in order to manage the audit
o A component can be:
 a financial statement account or,
 a transaction cycle
o Related types (or classes) of transactions are part of the same cycle
 Entity level controls e.g. supervision controls and information technology general controls affect
multiple or all transaction cycles.
 Auditor will document, evaluate and test entity level prior to working with individual cycles.
Why?
 Transaction Cycles used in our text
o Keep closely related types of transactions in the same segment:
 Sales and receipts –e.g.. sales, returns, cash receipts and uncollectable accounts.
 Acquisition and payment.
 Payroll and personnel –payroll transactions and accrued payroll.
 Inventory and warehousing.
 Capital acquisition and repayment.
o Auditor to understand relationships but treat each cycle separately during the audit.
o See pages 6-8 in lecture notes for illustrative figures

AUDIT ASSERTIONS

 Those charged with governance of an entity are responsible for ensuring that the financial
statements provide a fair presentation of the entity and its operations
 Definition
o Assertions are statements regarding the recognition, measurement, presentation, and
disclosure of items included in the financial statements
 Example:
o EG Land at December 31 balance $ 2,500,000 in balance sheet.
 Accuracy and Valuation –at COST or NRV in CAD
 Completeness–all assets classified as land have been included in the balance
 Classification and understandability–all assets have been classified and
appropriately presented and described
 Occurrence, rights and obligations –company owns land and transactions have
occurred.
 Significance
o Management make assertions about each account and related note disclosures
o When assessing the risk of material misstatement and designing audit procedures,
auditors use assertions for:
 transactions,
  account balances
 presentation and disclosures
o Transaction based assertions focus on the transactions that took place during the period
as opposed to the account balance (at financial year end), for example, in the audit of
inventory the audit will focus o purchases and sales transactions

 3 Ways that Auditors Use Assertions:

 Assertions About Classes of Transactions C³AO

o Completeness—All transactions and events that should have been recorded have
been recorded.
 Auditor gathers evidence that all transactions have been recorded by the
client Was anything missing or FORGOTTEN?
 Most important where there is risk of understatement (e.g.,
expenses)
 Auditor will trace supplier invoices to the purchases journal.
o Cut-off—Transactions and events have been recorded in the correct accounting
period.
 Auditor gathers evidence that the transactions have been recorded by the
client in the correct period
 Most important for transactions near year end
 —Transactions before year end—Year end—Transactions after year end—
>
o Classification—Transactions and events have been recorded in the proper accounts
 Auditor gathers evidence that transaction is in correct account –remember
journal entries
 For Example:
 if administrative salaries are appropriately recorded as an admin.
expense rather than COGs then management could assert that the
expense is appropriately classified.
o Accuracy—Amounts and other data relating to recorded transactions and events
have been recorded appropriately.
 Auditor gathers evidence that transactions are recorded by the client at the
appropriate amount
 Most important where there is higher risk of inaccuracy (e.g.,
complex foreign exchange transactions)
o Occurrence—Transactions and events that have been recorded have occurred and
pertain to the entity.
 Auditor gathers evidence that the transaction recorded by the client actually
took place and relates to the entity
 For example: Management asserts that sales recorded on the
income statement are for shipments made to non-fictitious
customers.
 Most important where there is risk of overstatement (e.g., revenue)
  Auditor will trace sales transactions to sales invoices and signed delivery
notes

 Assertions About Account Balances at Year End—CARE

o Completeness—All assets, liabilities and equity interests that should have been
recorded have been recorded.
 Auditor gathers evidence that asset, liability, and equity items have been
recorded by the client
 That there are no unrecorded assets, liabilities or transactions
 Are all transactions and amounts that happened included? Was anything
missing or FORGOTTEN?
 For example:
 Management asserts that accounts payable on the balance sheet
includes all amounts owed by the company
 Most important where there is risk of understatement (e.g., unrecorded
loans)
o Valuation and Allocation—Assets, liabilities and equity interests are included in the
financial report at appropriate amounts and any resulting valuation or allocation
adjustments are appropriately recorded.
 Auditor gathers evidence that asset, liability, and equity items have been
recorded at appropriate amounts and allocated to the correct accounts by
the client
 Most important where there is risk of over or under statement (e.g.,
inventory at lower of cost and NRV, adequacy of doubtful accounts or other
provisions)
o Rights and obligations—The entity holds or controls the rights to assets, and
liabilities are the obligations of the entity.
 Auditor gathers evidence that recorded assets are owned by entity and that
recorded liabilities represent commitments of the entity
 Most important where there is risk that items are held but not owned (e.g.,
inventory on consignment)
o Existence—Assets, liabilities and equity interests exist.
 Auditor gathers evidence that recorded asset, liability, and equity items
actually exist
 For example:
 Management asserts that finished goods inventory included on the
balance sheet exists and is available for sale at the balance sheet
date
 Most important where there is risk of overstatement (e.g., assets)

 Assertions About Presentation and Disclosure CURV

o Completeness—All disclosures that should have been included in the financial
report have been included.
 o Classification and Understandability—Financial information is appropriately
presented and described, and disclosures are clearly expressed.
o Occurrence, Rights and obligations—Disclosed events, transactions and other
matters have occurred and pertain to the entity.
o Accuracy and Valuation—Financial and other information are disclosed fairly and at
appropriate amounts.

o Presentation and disclosure assertions relate to all items included in the financial
statements to ensure they are presented and disclosed appropriately.
o The auditor searches to ensure that all items that should have been disclosed are
included.
o The auditor also checks that disclosed items represent events and transactions that
have occurred, that they are recorded at the appropriate amount, and described
accurately.

AUDIT EVIDENCE

 Evidence is:
o the information that an auditor uses when arriving at their opinion on the fair
presentation of their client’s financial statements (CAS 500)
 The auditor must gather sufficient appropriate evidence to support their opinion
o Sufficiency relates to quantity of evidence
o Appropriateness relates to quality of evidence
o Audit risk affects the quantity and quality e.g. if the auditor sets audit risk at 2%, the
auditor is willing to accept a low risk of an incorrect opinion.
 Therefore, more audit evidence related to the risk of material misstatement
needs to be accumulated.
 High-risk account => SUBSTANTIVE audit approach
Audit Risk Inherent Risk Control Risk Detection Risk Evidence
High High Low More

 Low-risk account –combined approach

Audit Risk Inherent Risk Control Risk Detection Risk Evidence
Low Low High Less

 Sufficiency of evidence gathered is a matter of professional judgment and will vary

from account to account and client to client
 Appropriateness of evidence refers to relevance and reliability
 Evidence is relevant if it provides confirmation about an assertion most at risk of
material misstatement
o For example:
 If inventory existence is at risk, the auditor should spend more time physically
inspecting inventory
  Reliability of evidence refers to information that reflects the true state of information
o In evaluating reliability of information, the auditor should consider:
 Source of information, specifically, independence of external third parties
 Expertise of respondent
 Consistency of information
 Source of information internal, specifically, is it produced in an environment
where the internal controls operate effectively?

TYPES OF AUDIT EVIDENCE

 External confirmations
o Auditor requests third party to confirm matter in confirmation letter, including:
 Banks: confirm cash balances, securities, loans
 Creditors: confirm amount owed, terms, by client
 Debtors: confirm amount owed to client
 Others: confirm description and quantity of assets held
o Examples:
 Accounts receivable confirmations
 Auditor selects accounts based on: Materiality, Age, & Location
 Primary assertion being tested is existence as well as rights and
obligations.
 Valuation and allocation assertion is not satisfied.
 Two types of confirmations:
o 2 types of confirmations:
 Negative form: reply if information incorrect
 Hard to interpret non-response
 Positive form: reply in all circumstances –superior
evidence
 Cannot know how well other party checked
their records –auditor will perform other
procedures to test valuation
 Bank confirmation
 Request for information directly from the bank. Confirms:
o Asset is recorded at the correct amount (valuation)
o Asset in the client’s name (rights) / Loans are owed
(obligations)
o Liabilities are included in the balance sheet (completeness)
 Documentary evidence
o Invoices, suppliers’ statements, bank statements, minutes of meetings, correspondence,
legal agreements
o Can be internally or externally generated
o Auditor can:
 Verify information in client’s records to supporting external documents to
confirm existence, rights and obligations, or
  Trace from documents to client’s records to confirm classification, accuracy,
completeness
 Representations—Audtor can request a third party to provide written representation
o Legal letter is sent by client to its lawyers to complete and return direct to auditor
 Can include opinions on legal matters, details of disagreements with client etc.
(CAS 501)
o Management representation letter contains acknowledgement of management’s
responsibilities for financial statements, undertaking about legal compliance,
confirmation of effectiveness of internal controls (CAS 580)
 Auditor still needs to gather other evidence
 Verbal evidence
o Auditor documents key discussions with client management and staff
o Used to gain understanding of internal controls; corroborate other evidence
 Computational evidence
o Auditor checks mathematical accuracy; re-adding, can include complex re-calculations,
verifying formulae
 Physical evidence
o Gathered by inspecting assets to assess condition (existence) to reconcile to client’s
records (completeness)
 Electronic evidence
o Includes data held on client’s computer, emails to auditor, and scans.
o No paper trail –transactions are initiated and stored electronically.
o Auditor needs to consider the internal controls in place, including the quality of client’s
computer system when assessing reliability of this evidence –remember general and
application controls

PERSUASIVENESS OF AUDIT EVIDENCE

 Corroboration:
o Auditor is seeking evidence to corroborate client’s recorded transactions and balances.
o Greater corroboration is provided by more persuasive evidence.
 Evidence types vary in persuasiveness.
o Evidence from least to most persuasive—Evidence obtained from a source outside the
entity is more reliable than that obtained within:
 Evidence generated internally by client
 Includes records of cheques sent, copies of invoices and statements
sent to customers, purchase orders, company documentation regarding
policies and procedures, contracts, minutes of meetings, journals,
ledgers, trial balances, spreadsheets, worksheets, reconciliations,
calculations and computations
 Could be held in paper or electronic form
 Least persuasive because it is possible that client could manipulate or
omit this type of evidence
 Evidence generated externally, held by client
  Includes supplier invoices and statements, customer orders, bank
statements, contracts, lease agreements, tax assessments
 Originals are more persuasive than photocopies
 More persuasive than internally generated evidence because it is
produced by third parties
o But still possible that client could omit or tamper with evidence
 Externally generated evidence send direct to auditor
 Includes bank confirmations, accounts receivable confirmations,
correspondence with client’s lawyers, expert’s valuations
 Most reliable type of evidence because it is independent of client
o Client has no opportunity to alter evidence
 More reliable when external party is considered to be more reliable,
trustworthy, & independent of client
 Which of the following are considered external? (also see pg 168 for examples of internally
generated evidence)
 Vendor’s invoices
 General ledgers—internal
 Bank statements (held by client)
 Bank confirmations (externally generated and sent directly to auditor)
 Cancelled payroll cheques—internal
 Payroll time cards—internal
 Minutes of board meetings—internal
 Signed lease agreements (held by client)

USING WORK OF AN EXPERT

 Auditor may engage expert to help in audit when auditor does not possess required skills and
knowledge to assess item
o Expert could be member of audit team, audit firm, client, or independent
o CAS 620 provides guidance
 Is expert required?
 Determining scope of work for expert
 Selecting expert –assessing objectivity, capability of expert
 Assessing work of expert
 Auditor is responsible for drawing conclusions
 Evidence Decisions
o 1—Which risks could result in a risk of material misstatement? Remember assertions?
o 2—Nature –which audit procedures to use
 What is an audit procedure?
  The detailed instruction for the collection of a particular type of audit
evidence that is to be obtained at some time during the audit.
 Actual task that you do to obtain evidence with respect to an audit
objective.
 Specific in terms of WHEN,WHAT,HOW
o Example of a procedure:
 WHEN: During the interim audit
 HOW: Obtain the cash disbursement report
 WHAT: For outstanding cheques, compare the payee
name, amount and date with the cash disbursement
report.
o 3—Extent –what sample size to select for a given procedure
 What sample size to select for a given procedure? In other words –“how many
do I look at?”
 The size selected will vary depending upon:
 The sampling method chosen
 The type of tests (test of controls vs. test of details)
 Amount of assurance to be obtained from the test
 Professional judgement and the practices of the PA firm will also assist in
determining the sample size
o 4—Selection –which particular items to select from the population
o 5—Timing–when to perform the procedures
 Timing can vary from early in the accounting period to after it has ended
 Occurrence: During the interim audit, obtain the October bank
reconciliation……..for a randomly selected sample of 40 outstanding
cheques.
 Need to consider timing of test of controls versus tests of details which normally
happen later during the audit
 Assessing need to use an expert. Consider:
 Knowledge of audit team
 Significance and complexity of item being assessed
 Availability of appropriate alternative corroborating evidence
o The less knowledge held by audit team, the greater risk of material misstatement and
less corroborating evidence available, the more likely that an expert is required
 Scope of work to be carried out
o Auditor must set nature, timing, and extent of work
o Use written instructions covering issues expert will report on, and how work will be
used by auditor
 Assessing competence and capability of expert
o Consider expert’s qualifications, membership in professional body, reputation in the
field, experience
 Assessing objectivity of expert
o More objective if not connected to client
 Assessing the expert’s report
 o Report should be understandable to non-expert
o Include process, assumptions, data used by expert
o Auditor considers consistency with other information
 Responsibility for the conclusion
o Auditor responsible for quality of evidence of expert’s work

USING WORK OF ANOTHER AUDITOR

 Group engagement partner responsible for signing audit report, but may use other auditors,
especially for remote locations
o Consider capacity of component auditors to undertake the work (CAS 600)
o Component auditor’s work must be to same standard as group engagement partner
 Objectivity
 Gathering sufficient, appropriate evidence

EVIDENCE GATHERING PROCEDURES

 Evidence gathering occurs throughout audit

 Guidance about primary evidence gathering techniques /methods contained in CAS 500
o Inspection of records and documents
 E.g., for evidence of authorization, to check amounts
o Inspection of tangible assets
 E.g., that they exist, their condition, to trace to records
o Observation of client staff
 E.g., that they conduct inventory count correctly
 Provides evidence only for date of observation
 Inquiry
o Useful to for gaining understanding, or to corroborate other evidence; auditor will
document conversation
 Recalculations
o To check mathematical accuracy –done by auditor
 Re-performance
o Follow the process used by client –done by auditor
 Analytical procedures
o Relationships between data –done by auditor

DRAWING CONCLUSIONS

 Does the auditor have sufficient, appropriate evidence on which to base conclusions?
o CAS 500
  Does evidence address significant risks faced by the client?
o CAS 315
 Form an audit opinion and report

WORKING PAPERS

 Auditor must document each stage of the audit in working papers (CAS 230)
o Provides evidence of work completed, details evidence gathered to support opinion
o Include in a working paper:
 Client name, audit period
 Title describing contents of paper, file reference
 Details identifying preparer/reviewer and work dates
 Cross references to other documents
 Permanent file
o Client information and documentation that apply to more than one audit
 E.g., client address, key personnel, long term contracts
 Main accounting policies, results of prior audits
 Copies of prior period financial statements
 Current file
o Client information and documentation that apply to current audit
 Evidence gathered for this audit
