1. Accounting vs Auditing
• ACCOUNTING: process that creates F/S and
other financial info. for mgt (decision making)
purposes.
• AUDITING: enhance the credibility of F/S through
the audit process (gathering & evaluating
accounting records & supporting documents) in
providing basis of opinion of auditor’s report.
Main distinguishing factor: Auditor must possess
accounting knowledge & expertise to accumulate
& analyse audit evidence.
1

2. THE DEMAND FOR AUDITING
• Greek, Egyptian & Islamic civilisations
• Why do organizations request an audit?
The existence of principal and agent
relationship that causes:
– Conflict of interests
– Information asymmetry
– Manipulation of records and reports
• Audit acts as a cost-effective monitoring device
for contractual relationship  conform to
contracts?
2

3. The objective & definition
• To enable auditors to express an opinion on
whether the F/S are prepared, in all material
respects, in accordance with an identified
financial reporting framework.  TFV?
• AUDITING (broadly defined) is a systematic
process of objectively obtaining & evaluating
evidence regarding assertions about economic
actions and events to ascertain the degree of
correspondence between those assertions &
established criteria & communicating the results
to interested parties.
• AUDITING (narrowly defined) is a written report
3
on the examinations of F/S for a client.

4. ASSURANCE SERVICES
• Assure = to remove doubt / feel confident
(Wilkipedia)
• ASSURANCE services are independent
professional services that improve the quality of
information for decision makers.
 Analogy (House inspection)  Desirable
characteristics  Independence & the
appearance of independence
4

5. OVERVIEW OF THE AUDIT
PROCESS
(Major Phases)
• preliminary Engagement activities
• obtain Understanding of the entity
• establish Materiality & assess Risks
• Planning: set overall strategy & set audit plan
• Tests of control & audit business processes
• Complete the audit
• Evaluate results & issues Audit Report
5

6. AUDIT OF F/S
Auditor’s responsibilities  opinion on compliance
with accounting regulation (based on auditing
standards) .: Accounting stds vs. Auditing stds
– Only reasonable assurance (not a guarantee)
that F/S do not contain material misstatements
• Why only reasonable assurance?
– Use of testing  sampling
– Inherent limitations of internal control
– Audit evidence is persuasive not conclusive 
documents assumed true unless suspected to be false
– Use of judgement
6

7. FINANCIAL REPORTING
FRAMEWORK
• APPROVED ACCOUNTING STANDARDS (in Malaysia)
 approved by MASB
– FINANCIAL REPORTING STANDARDS (FRS)
– PRIVATE ENTITY REPORTING STANDARDS
(PERS)
• Other regulation:
– Co.s Act 1965, Banking Act (specific industries)
• Auditors check to see if F/S comply with the above &
substance over form*
2-7

8. Auditing Standards
• Measure the quality of auditor’s performance.
• In conducting audit, auditors are required to rely on
a codified set of auditing standards issued by
national accounting authority  professional still
needed
• In Malaysia, relevant national standards are
referred to as the approved standards on auditing:
• the International Auditing & Assurance Standards
Board (IAASB) under the International Federation
of Accountants (IFAC) issues the International
2-8
Standards on Auditing (ISA)

9. Main Categories
of Audit Reports
Unqualified
Qualified / Modified

10. Parts of the Standard
Unqualified Audit Report
1. Report title
2. Audit report address
3. Introductory paragraph
4. Scope paragraph
5. Opinion paragraph
6. Name of CPA firm
7. Audit report date
10

11. • AUDITOR’S REPORT  Report title
• TO THE MEMBERS OF ABC Co.  Audit report address
• We have audited the F/S: B/S, I/S & CFS
• These F/S are the responsibility of the directors.
• Our responsibility is to express an opinion on
these F/S based on our audit.  Introductory
paragraph
• We conducted our audit in accordance with
International Standards on Auditing .
• What an audit entails
• We believe that our audit provides a reasonable
basis for our opinion.  Scope paragraph 11

12. • In our opinion, the financial statements give a true
and fair view of, in all material respects, the financial
position of the Company as of December
31, 20X1… and of the results of its operations and
its cash flows for the year then ended
• in accordance with financial reporting
framework… Opinion paragraph
•  Name of CPA firm
•  Audit report date
12

13. Statutory requirements relating to
financial statements audit
• Section 169 of Company Act 1965- requires co.
the directors to present the audited F/S at its
AGM  Directors responsible for F/S
• Section 174 (2) of the Act requires auditor to
report to the members of the company at the
AGM
• Section 174 (3) of the Act requires Auditor to
form an opinion.
Appointment of Auditors
& Disqualification of Auditors
13

14. Corporate Governance (CG)
• Is the corporate framework or structure that an entity applies
to direct & manage it business & affairs.
•  System, units… that govern (monitor) the corporation.
(governor)
• Malaysian Code of CG issued by the Malaysian Institute of
CG  principle & best practices
• Board of Directors (BoD)  6 responsibilities  monitor the
internal control (IC)
• Audit Committee = independent directors?  communication
link between management, auditors & BoD
• Internal audit dept. / unit
2-14

15. INTERNAL AUDITOR
Focus more on accounting & internal control system
& providing recommendations for improvements.
Prior to using internal audit works, perform a
preliminary assessment of internal audit function:
Organisational status – IA report to higher mgmt
level
Scope of responsibility – relevance & usefulness
of nature & extent of audit
Technical competence – adequacy of training &
skill
Due professional care – consider adequacy of
work plan, documentation, etc. 15

16. AUDIT COMMITTEE
Section 344A of Listing Requirements of KLSE
requires PLCs to set up an independent audit
committee.
Functions & duties:
• Consider nomination of external auditor.
• Review external auditor’s plan, audited FS & audit
report.
• Review scope and findings of internal auditors.
Fiduciary duties:
• assist board in ensuring the compliance of accounting
policies & reporting practices.
16

17. ETHICS AND
INDEPENDENCE
• Ethics = system or code of conduct based on
moral duties and obligations that indicates how
one should behave.
• Professionalism = the conduct, aims, or qualities
that characterize or mark a profession or
professional person.
All professions operate under some type of code
of ethics/ conducts.
E.g- MIA issues By-Laws (On Professional
Conduct and Ethics) for auditors
2-17

18. Problems faced by auditors that may affect their
professionalism:
• Low-balling
– decrease (initial) audit fees (lucrative management
service fees)
– Audit fees restricted anyway.
– Need to maintain audit to recover costs
• Opinion shopping
– Choose auditor that agrees with accounts
– Threaten to change auditors
2-18

19. THE AUDITOR’S
RESPONSIBILITY FOR ERRORS,
FRAUD, AND ILLEGAL ACTS
• To plan and perform the audit to obtain reasonable (not
absolute) assurance about whether the financial
statements are free of material misstatement whether
caused by error or fraud.
• To detect misstatements resulting from illegal acts is the
same as that for error or fraud.
• To exercise due professional care (professional
skepticism)  critical & questioning mind
• Whistle blowing (ROC for non-compliance)
2-19

20. Certified Public
Accounting Firms
The legal right to perform audits is granted
to CPA firms by regulation of each state.
CPA firms also provide many other services to
their clients, such as tax and consulting services.

21. The Big-4
• Ernst & Young
• PricewaterhouseCoopers
• KPMG
• Deloitte KassimChan
2-21

22. Hierarchy of a Typical
CPA Firm
Staff LevelExperience Typical Responsibilities
Staff Performs most of the
0-2 years
Assistant detailed audit work
Responsible for the audit
Senior
2-5 years field work, including
Auditor
supervising staff work
2-22

23. Hierarchy of a Typical
CPA Firm
Staff Level Experience Typical Responsibilities
Helps the plan, manages
Manager 5-10 years the audit, reviews work,
and works with the client
Reviews audit work and
Partner 10+ years makes significant audit
decisions
2-23

24. Other Types of Audits Services
• Operational = effectiveness & efficiency of operating
procedures
• Compliance = meeting / performing according to specific
procedures (set guidelines)
• Forensic = obtaining of legal evidence for a court case
2-24

25. Operational Audit
Evaluate computerized payroll system
Example
for efficiency and effectiveness
Number of records processed, cost of
Information
the department, and number of errors
EstablishedCompany standards for efficiency and
Criteria effectiveness in payroll department
Available Error reports, payroll records, and
Evidence
2-25
payroll processing costs

26. Compliance Audit
Determine whether bank requirements
Example
for loan continuation have been met
Information Company records
Established
Loan agreement provisions
Criteria
Available Financial statements and
Evidence
2-26
calculations by the auditor

27. Forensic Audit
• Business and Employee Fraud
• Criminal Investigation
• Shareholders and Partnership disputes
• Business economic losses
2-27

28. Other Activities of CPA Firms
Accounting
and
bookkeeping
services Tax
services Management
consulting
services

29. TYPES OF AUDITORS
• External auditors
• Internal auditors
• Government auditors
• Forensic auditors
2-29

30. ORGANIZATIONS THAT AFFECT FINANCIAL
REPORTING & AUDITS
• Malaysian Accounting Standards Board 
regulate the accounting standards
• Malaysian Institute of Accountants 
regulate the accountants
• Companies Commission of Malaysia 
regulate the companies
• Securities Commission  regulate securities
2-30

31. Engagement
CLIENT ACCEPTANCE & CONTINUANCE
• Prospective or new client:
– Identify status of the client in business
community, financial stability, & relationship with
previous auditor. (background on client)
– Successor auditor must communicate with
predecessor auditor reason for change. (new
auditor must inform / ask previous auditor)
31

32. • The successor auditor is interested in asking
questions related to:
– integrity of management;
– disagreements with management over accounting
and auditing issues;
– illegal acts;
– internal control-related matters;
– and the predecessor's understanding for the
change in auditors.
32

33. • Existing or recurring client:
– Should evaluate existing clients whether to retain
them.
– Reasons: may be due to conflicts on accounting
policies or auditing issues, or dispute on fees etc.
– Reevaluate the integrity of management and
excessive risk relative to industry/entity.
• ESTABLISHING THE TERMS OF THE
ENGAGEMENT  The auditor and the client
must agree on the terms of the engagement,
including the type, scope, and timing of the
engagement.
33

34. Three topics are important for establishing the
terms of the engagement:
– (ISA 210) Engagement letter
– (ISA 610) Internal auditors
– Audit committee
• Engagement letter
– Serve as a contract
– Outlines both parties’ responsibilities
– Prevents misunderstandings.
34

35. Principal contents of EL
 Objective of audit of financial statements
 Management’s responsibility
 Scope of audit (pronouncement of regulations &
applicable standards)
 Form of report
 Nature and inherent limitations of audit
 Unrestricted access in connection of audit
Other components of EL
• Arrangements involving use of specialists
• Additional services to be provided relating to regulatory
requirements
35
• Others services to be provided

36. PLANNING THE AUDIT (How
would you plan)?
• Audit staffing.  considerations
• Obtain knowledge of client’s business & industry
(including applicable law & regulations).
• Consider going concern issue.
• Assess materiality, audit risk& control risk.
• Assess the possibility of illegal acts (fraud/error).
• Identify related parties.
What are related parties?
Why are they important to identify?
36

37. Audit planning (cont’d)
• Conduct preliminary analytical procedures.
• Develop an overall audit strategy and prepare
audit programs.
• Consider additional value-added services.
• Consider the IA functions
• Review audit strategy with audit committee
Considerations on audit staffing
• Professional expertise vs. costs  The more
experienced & qualified the higher the rate/hour
• Costs vs. reputation & risk of litigation
• Independence of the auditor & the audit team
sign form 37

38. ASSESS A PRELIMINARY LEVEL
FOR CONTROL RISK
• In assessing a preliminary level of CR, the auditor
must be concerned about the extent of IT used in
processing accounting information, including:
– The extent that IT is used in each business process.
– The complexity of the entity’s computer operations.
– The organizational structure of the IT activities.
– The availability of data.
– The need for IT-assisted techniques to gather and
conduct audit procedures.
38

39. Assess The Possibility of Illegal Acts
Indicators:
 Unauthorized transactions.
• Investigation by a governmental agency or
payment of unusual fines or penalties.
• Violations of laws or regulations.
• Large payments for unspecified services.
• Sales commissions or agents' fees that appear
excessive.
• Large payments in cash or bank cashiers'
checks.
• Unexplained payments to government officials.
• Failure to file tax returns or pay government
39
duties.

40. AUDIT STRATEGY
SUBSTANTIVE Stratg. RELIANCE STRATEGY
An auditor assess Control An auditor assess Control
Risk as High & extensive Risk as Low and non-
substantive testing: extensive substantive
– The controls are testing:
assessed as ineffective & – To obtain more detailed
inefficient. understanding of IC
– To understand IC and not – To plan & perform test of
to rely on IC at all times in controls & assess control
the extent of audit testing risk
– To document – To document control risk
understanding of IC and assessment
control risk assessment. – To plan extent of
substantive testing 40

41. 3 FUNDAMENTAL CONCEPTS IN
CONDUCTING AN AUDIT
MATERIALITY: magnitude (size) of an omission
or misstatement of accounting information
that may affect F/S significantly.
(ISA 320) Materiality: material if omission or
misstatements could influence the decisions
of F/S users  very judgmental / subjective
(professional judgement)
• it provides threshold or cut-off point.
41

42. AUDIT RISK: The risk that the auditor may
unknowingly fail to appropriately modify the
opinion on F/S that are materiality misstated.
 Risk of giving wrong opinion
(ISA 240) Audit risk:
• Possibility of auditor not detecting all
misstatements.
• Control through proper audit planning, effective
accounting and internal control system.
42

43. • Sampling: The application of an audit procedure to less
than 100 percent of the items (100% = population) 
• Due to cost & time constraints, the auditor examines only
a subset of the client’s data (transactions) in the records.
• To lower the audit risk, need to do more audit work 
bigger sample
• Audit risk vs. cost & time (balance)
• Sample size depends on acceptable audit risk 
established criteria & auditor’s experience
.: Inverse relationship between:
– Sample size & materiality  example
– Sample size & acceptable audit risk
.: if materiality threshold is low, a bigger sample is
collected. 43

44. EVIDENCE: Info. derived from the audit
procedures in order to support the F/S, audit
objectives tested and opinion of the auditor’s
report.
(ISA 500) Evidence:
• Relevance = whether the evidence relates to the
specific audit objective being tested.
 egs. $ in Bank account = RM 554,000
• Reliability = the diagnosticity of the evidence;
does the evidence signal the true state of the
assertion or audit objective.
 Can you rely on it to be true?
44

45. Links to Evidence
• Management assertions & Internal Control
• Materiality & Audit Risks
 Will determine the Nature, Extent & Timing
of evidence collected
• In collecting the evidence:
• Think about what could go wrong in the
accounting process (each step):
– Internal controls }.: procedures to
– Individual transactions }test whether issues
– Account balances }reduced  TFV
45

46. Risk Assessment & Materiality
• Professional guidance in considering materiality
& audit risk when planning & performing an audit
program
• The wording of the auditor's report recognizes
both these concepts due to the following terms:
– Reasonable assurance
– In all material respects
46

47. AUDIT RISK
• What is audit risk?
• AUDIT RISK is the risk that the auditor may
unknowingly fail to appropriately modify the opinion on
financial statements that are materiality misstated. 
Some parts of this risk can be controlled by the
auditor.
• AUDITOR BUSINESS RISK is the exposure to loss or
injury to professional practice from litigation, adverse
publicity, or other events arising in connection with F/S
audited & reported on.
47

48. More …on audit risk
• Audit risk must be at an acceptably low level
• What is acceptably low?  professional judgement
• If not low enough, need to perform more audit procedures.
• The auditor needs to consider risks of material
misstatement at 2 levels:
– The overall f/s level
– The assertion level for individual a/c balances & classes
of transactions
48

49. THE AUDIT RISK MODEL
AR = IR x CR x DR
Inherent Risk (IR) = material misstatement would occur in
the absence of internal control in the business. IR may be due
to the nature of the business.
Control Risk (CR) = material misstatement is not detected by
internal control on timely basis.
Detection Risk (DR) = risk that auditor will not detect
material misstatement in financial statements
= composed of sampling & non-sampling risk
49

50. Detection Risk
• Results from 2 types of risks or uncertainties:
– Sampling risks
– Non-sampling risks
• What is sampling risk and non-sampling risk?
• Sample may not reflect the population hence wrong
conclusion drawn
• Mistake made by auditor by using wrong test or
misinterpreting results
50

51. LIMITATIONS OF THE
AUDIT RISK MODEL
• The model assume the components of the model
(IR, CR, and DR) are independent of each other.
• However, in practice, dependencies exist between
these components [IR = f(CR)].
• Auditor’s assessments of IR and CR may be different
from the actual levels of IR and CR.
• The audit risk model does not consider the possibility
of non-sampling risk.
51

52. Use of the Audit Risk Model
• 3 steps:
– Set a planned level of Audit Risk
– Assess Inherent Risk & Control Risk
– Determine the appropriate level of Detection Risk
AR = IR x CR x DR .: DR = AR
IR x CR
.: if AR ≤ planned level of Audit risk (target)  unqualified
report
52

53. AUDITORS’
RESPONSIBILITY
• Auditor needs to assess IR & CR, then determine level
of DR & what audit procedures to be performed.
• Auditor should document and describe:
– Risk factors identified
– Auditors’ response to those risk factors
• IR is related to client’s business risk (* Not the same as
Auditor Business Risk) 
53

54. CLIENT BUSINESS RISK
• Risk that an entity’s business objectives will not be
attained as a result of the external & internal
factors, pressures, and forces that may affect entity’s
survival and profitability.
In order to properly judge the fair presentation of
F/S, auditor needs to understand the entity’s business
strategy & risks and its ability to respond to the
changing environment.
54

55. ASSESSING CLIENT BUSINESS
RISK
 Industry level:
• Critical industry issues
• Significant industry risk
• Structure and profitability within industry
• Relationship industry and economic environment
 Entity level: market/product positioning, strategy and
measures in dealing with customers/competitors.
 May affect going concern (.: need to keep updated)
55

56. Risk assessment procedures
• INQUIRIES OF MANAGEMENT AND OTHERS
• ANALYTICAL PROCEDURES
• OBSERVATION AND INSPECTION
• These will affect the nature, timing & extent of audit
procedures
56

57. ERROR OR FRAUD
• ERRORS are unintentional misstatements or omissions
of amounts or disclosures and may involve:
– Mistakes in gathering or processing accounting data
– Unreasonable accounting estimates
– Mistakes in the application of accounting principles.
• FRAUD involves intentional misstatements that can be
classified into two types:
– fraudulent financial reporting
– misappropriation of assets.
57

58. ASSESS THE RISK OF
MATERIAL MISSTATEMENT
DUE TO ERROR OR FRAUD
• FRAUDULENT FINANCIAL REPORTING includes:
– Manipulation, falsification, or alteration of
accounting records or supporting documents from
which the F/S are prepared.
– Misrepresentation in, or intentional omission
from, the F/S of events, transactions, or significant
information.
– Intentional misapplication of accounting principles.
58

59. • MISAPPROPRIATION OR DEFALCATION OF
ASSETS includes:
– Embezzling of cash receipts
– Stealing assets
– Causing the entity to pay for goods or services
not received
• Risk factors that cause possible presence of fraud in
reporting:
– Management’s characteristics and influence over
the control environment
– Industry conditions and economic environment.
– Operating characteristics and financial stability.
59

60. • Risk factors that cause possible presence of
misappropriation of assets:
– Susceptibility of assets to misappropriation.
– Controls.
• Similar to indication of material misstatement due to
fraud
• Fraud Risk factors
– Incentives / pressure to commit fraud
– Opportunity to carry out fraud
– Attitude / rationalism to justify fraud
60

61. Response to Risk of Material
Misstatement due to Fraud
• Overall response
• Response at assertion level
• Response to management override of
controls
* Documentation of risk assessment & response
61

62. MATERIALITY
ISA 320 (Para 3): Materiality is the magnitude of
an omission or misstatement of accounting
information that could influence the economic
decisions taken by users of financial statements.
It sets the threshold and cut off point in
determining the size of error or misstatements.
62

63. STEPS IN APPLYING
MATERIALITY
• Step 1: Establish a preliminary judgment about the
materiality.
– The max. amount by which the auditor
believes the F/S could be misstated but still
not affect the decisions of reasonable users.
– Set materiality at f/s level:
i) 5% of GP after depreciation
ii) 3-5% of PBT
iii) ½% of Revenues/ Sales
iv) ½% of Total Assets
v) 1% of equity
63

64. FACTORS THAT AFFECT PRELIMINARY
JUDGMENT ABOUT MATERIALITY
The above was the quantitative aspects
Modify for qualitative aspects:
• Nature of business operations
• Size of the company and volume of business transactions
• Prior client’s history
• To determine the base of the judgment
i.e PBT, Total Assets,Total Equity, Total Revenues
64

65. • Step 2: Allocate the preliminary judgment to account
balances (BS) or class-of transactions (PL).
– Purpose- to plan audit procedures
– Once allocated, it is referred to as tolerable amount of
error or misstatement (ISA 530)
– Small amount of materiality allocated, the more evidence
to be gathered.
• Step 3: Estimate the likely misstatement and compare to
total preliminary judgment
– If likely misstatement is less than the preliminary
judgment, auditor can conclude that the F/S is fairly
presented (unqualified report).
– Otherwise, auditor should request the client to adjust the
F/S. If client refuses, auditor could issue
qualified/adverse audit opinion.
65

66. Factors that should be considered in
allocating materiality to accounts
balances
• The magnitude of the account relative to the F/S
e.g the larger the account balance, the greater the
amount of materiality can be allocated.
• The expectations of error
e.g if auditor expect that little or no misstatement in an
account, they can allocate larger amount of materiality.
• The relative cost to audit
e.g if an account is very expensive to audit (large
inventory, AR and AP), auditor allocate more materiality
to be cost effective.
66

67. How materiality affects the audit
report?
1. Given any misstatements or error that occurred, auditor
need to evaluate and consider whether the
misstatements/ error are immaterial (not affect the
overall picture of F/S) or highly material (requires
adjustment). These will affect the appropriate audit
report to be issued.
2. Any violations against the standards of financial
reporting, materiality of violation influences whether an
unqualified or qualified report should be issued.
67

68. Management Assertions
• Statements that management assert (claim to be true)
• 3 categories
– Transactions
– Account balances
– Presentation & disclosure
2-68

69. MANAGEMENT ASSERTIONS BY
CATEGORY
Assertions about class Assertions about account
of transactions balances
 Existence/  Existence/ occurrence
occurrence
 Accuracy Ownership/ Rights and
Obligation
 Completeness  Completeness
 Cut-off  Valuation
 Classification
2-69

70. MANAGEMENT ASSERTIONS BY
CATEGORY
Assertions about presentation and
disclosure
 Occurrence and rights and
obligation
 Accuracy & valuation
 Completeness
 Classification
2-70

71. FINANCIAL STATEMENTS:
MANAGEMENT ASSERTIONS
AND AUDIT OBJECTIVES
Management assertions Audit objectives
• Existence • Validity
• Occurrence
• Rights and obligations • Ownership
• Completeness • Completeness
• Cutoff
• Valuation • Valuation
• (Measurement) • Accuracy
• Presentation and disclosure • Classification
• (Classification & understandability) • Disclosure 71

72. AUDIT PROCEDURES
• AUDIT PROCEDURES are specific acts
performed by the auditor to gather evidence to
determine if specific audit objectives are being
met.
•  steps taken to collect audit evidence based on
audit objectives
• A set of audit procedures prepared to test audit
objectives for a specific component of the financial
statements is referred to as an AUDIT
PROGRAM.
72

73. The Purpose of Audit Procedures
• RISK ASSESSMENT
• TEST OF CONTROLS
• SUBSTANTIVE PROCEDURES
• Test of Controls
• Evaluates whether controls have been properly
designed to prevent or detect and correct material
misstatements. (timely manner)
• Test the operational effectiveness of the control:
- How it is applied
- Consistency of its application
- By whom it is applied
73

74. TESTS OF CONTROLS
Part of audit procedures in test of controls:
• Inquiries of appropriate management, supervisory, and
staff personnel.
• Inspection of documents, reports, and electronic files.
• Observation of the application of specific internal
controls.
• Walk-through test.
• Reperformance of the application of the control by the
auditor.
74

75. SUBSTANTIVE TESTS
• Concentrate on detecting misstatements in account
balances, individual transactions and disclosure
components
• Substantive tests of transactions (IS)
-test of errors or fraud in individual transactions
-example: examine purchase transactions that contain
material value
• Analytical procedures (AP)
• Tests of account balances (BS)
-concentrate on details of amounts contained in account
balances
-test whether material misstatement is included in the
account balances
75

76. TYPES OF AUDIT PROCEDURES
(purpose: risk assessment, test of
control, substantive tests)
• Physical examination
• Documentation inspection
• Confirmation
• Analytical procedures
• Inquiries of client personnel or management
• Observation
• Computation and Re-performance
• Scanning
76

77. RELIABILITY OF EVIDENCE
BASED ON PROCEDURES
Level of Reliability Type of procedures
High Physical examination
Reperformance
Medium Documentation
Confirmation
Analytical procedures
Low Inquiries of client personnel or
management
Observation 77

78. ANALYTICAL PROCEDURES
• ISA 520: analysis of significant ratios and trends
including results from investigation of fluctuations and
relationships that are inconsistent with other relevant
information or deviate from predicted amounts.
• Evaluations of financial information made by a study of
plausible relationships among both financial and non-
financial data.
• Range from the use of simple comparisons to the use
of complex models.
78

79. TYPES OF
ANALYTICAL PROCEDURES (AP)
• Compare current-year with prior year figure 
Preliminary AP.
• Compare current-year with budgets, projections &
forecasts Variance analysis.
• Relationships among elements of financial information
within the current period  egs. loan terms & interest.
• Compare client’s figure with industry data.  Ratio
analysis.
• Relationship of financial information to non-financial
information.  # of employees, sales commission.
79

80. PURPOSES OF AP
• Assist in planning the nature, timing, and extent of other audit
procedures Understanding the overall picture of the
business, indicates unusual cases
• As a substantive test to obtain evidence (to support a/c
balance or class of transactions)
– Computation of prediction against actual
– Detailed analysis of trends (ratio analysis)
• As an overall review of the financial info. in the audit final
review stage (completion)
– Assess conclusions, evaluate overall FS presentation &
recheck for non-investigation.
80

81. The effectiveness & efficiency of AP in
identifying material misstatement
depend on:
• The nature of the assertion or audit objective
 AP test all objectives except ownership & mostly
effective in completeness.
• The plausibility and predictability of the relationship.
 Predictability of relationships (sales & commission).
• The availability & reliability of the data used.
 Depends on competency of audit evidence.
• The precision of the expectation.
 Accurate estimation.
81

82. Substantive Analytical Decision
Process
• Develop expectations (based on last year’s figure, most
of the time)
• Define tolerable differences:
• Rule of thumb- difference of less than 10% or
difference of less than RM50,000.
• Compare the expectation to the recorded amount
• Investigate differences if greater than tolerable
differences
82

83. FINANCIAL RATIOS USEFUL
AS AP
• Short-term liquidity ratios
• Activity ratios
• Profitability ratios
• Coverage ratios
83

84. Audit Procedures & Audit evidence
• In carrying out your audit procedures, you
need to collect audit evidence
Audit evidence:
• Information obtained by the auditor in
arriving at the conclusions on which the
audit opinion are based. (ISA 500)
• It is obtained to support F/S assertion.
• Comprise of source of documents and
accounting records.
84

85. Concepts of Audit Evidence
• Nature – accounting records, corroborating evidence
including written or electronic form
(invoices, contracts, bank statement)
• Competence (Appropriateness) - quality of evidence
(reliability and relevance)
• Sufficiency - quantity of evidence (due to cost of audit
and nature of evidence)
• Evaluation - persuasive / unbiased (critically analyzed)
 thorough
85

86. The Competence (appropriateness)
of Evidential Matter
Evidence is considered COMPETENT when it is
 RELEVANT - it refers to whether the evidence relates to
the specific audit objective being tested.  Egs. of
relevance of audit procedure in collecting evidence
 RELIABLE - it refers to the diagnosticity of the evidence;
does the evidence signal the true state of the assertion
or audit objective.
86

87. General factors for assessing
reliability
• Independence of the source of the evidence.
• Effectiveness of internal control.
• Auditor's direct personal knowledge.
• Documentation (internal or external).
87

88. A MODEL OF BUSINESS
PROCESSES
• Financing  capital, invest in FA, loans payback
• Purchasing  goods & others, payback creditors
• Human Resource Management  employees (pay)
• Inventory Management  stock / goods
• Revenue  sales & a/cs receivables
* AIS & IC must capture these  auditor must audit
each of these.
2-88

89. DOCUMENTATION
ISA 230 - Documentation of work done &
evidence accumulated in supporting the
opinion in auditor’s report
Functions of working paper (WP):
1. Aid planning and performance of audit
Contain evidence that document auditors
work- comply to the auditing standards
2. Assist supervision and review of audit work
Evaluate the sufficiency of work done by subordinates
3. Provide support and evidence to opinion of
auditor’s report
89

90. The Importance of Working Papers
1. Basis of planning an audit for subsequent
year, as reference of prior working papers
2. To provide record of evidence accumulated and
conclusions indicating that adequate procedures
have been performed & to demonstrate that
sufficient and competent evidence accumulated
by indicating proper x-ref, client’s name, period
covered etc
3. To support proper type of audit report based on
the sufficient data accumulated.
4. Basis for review by manager or partner to
evaluate sufficient and competent evidence
accumulated and support final audit opinion. 90

91. WORKING PAPER
• Types of files: • Organisation of
– Permanent file (PAF)
– Current file (CAF)
working paper:
– Lead schedule
• Format of WP: – X-ref between WP
– Heading – Located in respective
– Indexing & x-ref section
– Audit ticks
• Ownership of working
• Types of working paper:
– Audit programs
paper:
– Property of auditor
– Trial balance
– Including prepared by
– Account analysis/listings
client at auditor’s
– Audit memoranda
request
– Adjustment/Reclassificati
91
on entries

92. AUDIT SAMPLING: AN APPLICATION
TO TESTS OF CONTROLS &
SUBSTANTIVE TESTINGS
What is Sampling?
AUDIT SAMPLING is the application of an audit
procedure to less than 100 percent of the items
within an account balance or class of
transactions for the purpose of evaluating some
characteristic of the balance or transaction (ISA
530)
 Applying audit procedure (testing) to less than
100% of the items
92

93. The importance of Sampling
• Timing, cost, extent and scope of audit
• To provide reasonable (based on sample) not
absolute (population) assurance
• Sufficient evidence to support conclusions and
audit opinion
• Appropriate means in gathering and evaluating
audit evidence since it is impractical to do 100% of
transactions in accounts.
93

94. AUDIT RISK
SAMPLING RISK
• Samples taken may not be representative of the
population tested.
• Overcome: to increase number or sample size.
NON-SAMPLING RISK
• Error in conclusion not due to sample size but to nature
of evidence that is persuasive rather than conclusive. i.e.
inappropriate audit procedures, misinterpret evidence, or
failure in recognizing the error.
• Overcome: by proper planning, supervision and review.
94

95. TYPE I AND TYPE II RISK
• TEST OF CONTROL
– Type I Risk = The risk auditor will conclude that the
control risk is higher than it actually is (assessed CR too
high)
– Type II Risk= The risk of assessing control risk too low
• SUBSTANTIVE TESTING
– Type I Risk = Risk auditor will conclude that material
error exists when in fact it does not.
– Type II Risk = Risk auditor conclude that material error
does not exists when in fact it does exist.
95

96. AUDIT PROCEDURES
THAT DO NOT INVOLVE
AUDIT SAMPLING
• Inquiry and observation
• Analytical procedures
• Procedures applied to every item in
the population (100% examination)
• Classes of transactions or account
balances not tested
96

97. TYPES OF AUDIT SAMPLING
Non-statistical versus statistical sampling
 Non-statistical (or judgmental): use of professional
judgment in designing the sample size.
 Statistical: selection at random or use of law of
probability theory
 Advantages:
1. Design efficient sample
2. Sufficient evidence obtained
3. Quantify sampling risk
 Disadvantage
1. Additional costs incurred for training on proper
sampling techniques
97

98. Non-statistical Sample
Selection Methods
Item selection based on auditor judgmental criteria
Selecting 100% items from population
• Test entire population
• Constitute large number of large value items
Directed Sample Selection
• Items most likely to contain misstatements
• Items containing selected population characteristics
• Large dollar coverage
98

99. Types of Statistical Sampling
Techniques
• Attribute Sampling
- to estimate proportion of population that have
specified characteristics (egs. non-compliance 
battery).
• Monetary Unit Sampling
- to estimate the amount (in RM) of misstatement
for a class of transaction or accounts balances
• Classical Variable Sampling
-use of typical statistical method in making
estimates
99

100. ATTRIBUTE SAMPLING
APPLIED TO TESTS OF
CONTROLS
• Attribute sampling is a statistical method used to
estimate the proportion of a characteristic in a
population.
• The auditor is normally attempting to determine
the operating effectiveness of a control
procedure in terms of deviations from the
prescribed internal control policy.
100

101. Attributes Sampling
Example: Audit test on
• how often a credit check is not
performed on customer orders before
shipment
- sampling unit = customer order
forms
• how often an invoice is not sent after
shipment is made
- sampling unit = invoice or shipping
documents?
Common use of attribute sampling  test
of controls 101

102. Monetary-unit Sampling (MUS)
MUS uses attribute sampling theory and techniques
to estimate the amount (in RM or other currency unit)
of misstatement for a class of transactions or an
account balance.
Sampling unit = in monetary terms
– Focus on monetary value rather
than rate of occurrences.
– To test overstatement (high value
items). 102

103. Audit Sample Selection- continue…
• Statistical Sampling
Simple Random Sample (random number
table/audit software)
Systematic Sample Selection (random/stratified
random)
Random – Select every nth elements in the
sample
Stratified – the population is divided into
strata, then sample is drawn from each strata.
103

104. NEEDS FOR SAMPLING
 SUBSTANTIVE TESTINGS
• To estimate the characteristic in a population.
• Attempting to determine the deviations from the
prescribed accounting system in ensuring the audit
objectives are achieved.
• To provide reasonable assurance.
• Sufficient evidence to support conclusion & audit
opinion.
• Means of gathering and evaluating evidence.
104

105. PHASES IN SAMPLING
APPLICATION
• Planning
• Performance
• Evaluation
105

106. SPECIAL SITUATIONS IN
PERFORMING THE AUDIT
PROCEDURES
• Voided documents.
• Unused or inapplicable documents.
• Missing documents.
• Stopping the test before completion.
 Egs. List of invoices from creditors to
see if the accounts are paid.
106

107. Non-statistical sampling for Test
of Accounts Balances
• Identify individually significant items
-These items will be tested 100%
-The remaining items which insignificant is subjected to
sampling.
• Determine the sample size
= Population Book Value* x Assurance Factor
Tolerable Misstatement**
* Exclude 100% test ** estimated during audit planning
• Calculate the sample results.
107

108. NONSTATISTICAL SAMPLING:
DETERMINING SAMPLE SIZE
Population Book Value
Sam ple Size = x Assurance Factor
Tolerable M isstatem ent
C om b in e d R is k th a t O th e r S u b s tan ti ve P r oc e d u re s w i ll F a il
A s s e s s m e n t of to D e te c t M a te ri al M is s ta te m e n ts
C o n tr o l R is k
a n d I n h e re n t M a xi m u m S li gh tly M o d e ra te S u b s ta n tia l
R is k b e lo w
m a xi m u m
M a xi m u m 3.0 2 .7 2 .3 2 .0
S li gh tly b e lo w
m a xi m u m 2.7 2 .4 2 .0 1 .6
M o d e ra te 2.3 2 .1 1 .6 1 .2
Low 2.0 1 .6 1 .2 1 .0
108

109. NONSTATISTICAL SAMPLING:
CALCULATING SAMPLE RESULTS
• The AICPA's guidance describes two acceptable
methods for projecting the amount of misstatement
found in a nonstatistical sample:
• Project the amount of misstatement by dividing the
amount of misstatement by the percentage of the
dollars of the population included in the sample.
• Project the average misstatement found in the
sample to the population.
109

110. NONSTATISTICAL SAMPLING
AN EXAMPLE - CALABRO
Th e se nio r in c h a rge o f th e a u d it, D o n Jo n e s, h a s d e c id e d to d e sign a
n o n sta tistic a l sa m plin g a p p lic a tio n to e xa m in e th e a c c o u n ts re c e iva ble b a la n c e o f
C a la b ro , In c . a t D e c e m b e r 3 1 , 2 0 0 0 . A s o f D e c e m b e r 3 1 , th e re w e re 1 1 ,8 0 0
a c c o u n ts re c e iva ble a c c o u n ts w ith a b ala n c e o f $ 3 ,7 1 7 ,9 0 0 a n d th e p o p u latio n is
c o m p o se d o f th e fo llo w in g stra ta:
N um b e r a n d Si ze o f A c c o un ts B o o k V al u e o f Str a ta
1 5 a c c o u n ts > $ 2 5 ,0 00 $ 5 5 0 ,0 0 0
2 50 a c c o u n ts > 3 ,0 0 0 8 5 0 ,0 0 0
1 1 ,5 3 5 a c c o u n ts < $ 3 ,0 0 0 2 ,3 1 7 ,4 0 0
110

111. NONSTATISTICAL SAMPLING - CALABRO
Jones has made the following decisions:
• Based the results of the tests of controls, a low
assessment is made for inherent & control risk.
• Tolerable misstatement allocated to accounts
receivable is $40,000. The expected amount of
misstatement is $15,000.
• There is moderate risk that other auditing procedures
will fail to detect material misstatements.
• All customer account balances greater than $25,000
are to be audited.
111

112. NONSTATISTICAL SAMPLING:
DETERMINING SAMPLE SIZE
Population Book Value
Sam ple Size = x Assurance Factor
Tolerable M isstatem ent
C om b in e d R is k th a t O th e r S u b s tan ti ve P r oc e d u re s w i ll F a il
A s s e s s m e n t of to D e te c t M a te ri al M is s ta te m e n ts
C o n tr o l R is k
a n d I n h e re n t M a xi m u m S li gh tly M o d e ra te S u b s ta n tia l
R is k b e lo w
m a xi m u m
M a xi m u m 3.0 2 .7 2 .3 2 .0
S li gh tly b e lo w
m a xi m u m 2.7 2 .4 2 .0 1 .6
M o d e ra te 2.3 2 .1 1 .6 1 .2
Low 2.0 1 .6 1 .2 1 .0
112

113. NONSTATISTICAL SAMPLING
AN EXAMPLE - CALABRO
Sample Size = ($3,167,900/$40,000) x 1.2 = 95*
* Allocation of the 95 to the 2 strata (BV/Pop BV x SS)
Results
St ra ta B o ok V a lue B o ok V alu e A u dit V alu e A m ou n t of
o f St ra ta o f S am ple o f Sa m ple O ve rst ate m e nt
> $ 2 5 ,00 0 $ 5 5 0,0 0 0 $ 5 5 0,0 0 0 $ 5 49 ,5 00 $ 500
> $ 3 ,0 00 8 5 0,5 0 0 4 2 5,0 0 0 4 23 ,0 00 2,0 0 0
< $ 3 ,0 00 2,3 1 7,4 0 0 9 2,0 0 0 91 ,7 50 250
113

114. Projected Misstatement
St ra ta A m ou n t of P ercen ta ge o f P ro jecte d
M isstatem ent S trat a S a m pled M issta tem en t
> $ 2 5,0 0 0 $ 50 0 1 0 0% $ 5 00
> $ 3 ,00 0 2 ,00 0 4 2 5,0 0 0 ÷ 85 0 ,5 00 = .50 4 ,0 00
< $ 3 ,00 0 25 0 9 2 ,00 0 ÷ 2 ,31 7 ,4 00 = .07 3 6 ,2 50
T o tal Pr o jected M isstatem ent 1 0 ,7 50
114

115. CONCLUSION
• If projected misstatements > tolerable
misstatement, conclusion: there is unacceptably
high risk that the account is misstated.
• If projected misstatements is considerably <
tolerable misstatement; compare the projected
misstatements to the expected misstatements.
• If projected misstatement is < expected
misstatement, conclusion: there is acceptably low
sampling risk that projected misstatement exceeds
tolerable misstatements.
• If projected misstatement significantly > expected
misstatements, conclusion: there is unacceptably
high risk that true misstatement exceeds tolerable
misstatements. 115