Internal Control Audit Standards
a. For what purposes should an auditors’ understanding of the internal control components be used in planning an audit?
An auditors’ understanding of the internal control components should be used for 3 reasons:
a) To identify the potential misstatement that might occurs
b) To identify the factors that affect the risk of material misstatement
c) To influence the design of substantive procedures
b. What is required for an audit team to assess control risk below the maximum level?
It is required for an audit team to assess control risk below the maximum level to identify specific control procedures and policies relevant to specific assertions that will detect and prevent material misstatement regarding those assertions. It is required also to perform control tests in order to evaluate the operating patterns and effectiveness of the internal control procedures.
c. What should an audit team consider when seeking to reduce the planned assessed level of control risk below the maximum?
An audit team should consider mainly two things:
a) If additional audit evidence is available to support further reductions in the planned assessed level of control risk
b) If it would be efficient to perform additional control test in order to obtain the necessary audit evidence
d. What are the documentation requirements concerning a client’s internal control components and the assessed level of control risk?
An auditor should document firstly the understanding of the client’s internal control system audits and also he should document the basis for the conclusion about the assessed level of control risk.
If assessed level of risk is at the maximum level, the auditor should document the conclusion and the reasons leading at it. On the other hand, if the assessed level of risk is below the maximum level, what the auditor should do is to document the basis for the conclusion and also the effectiveness of the patterns and the operations regarding the internal control level procedures that support that assessed level.
Reports On Internal Control Over Financial Reporting
a. A material weakness in the processing of sales transaction has been identified by the auditors.
In this case, the auditor should express an unqualified opinion, which does not indicate that there exist other material weaknesses. This can be reliable for the work of the other auditors as well.
▪ The three paragraphs: introductory, scope and opinion should be modified by stating the division of the responsibility.
b. Because of a relatively short period of time since a control weakness has been remediated, the auditors do not believe that sufficient evidence can be obtained with respect to the operating effectiveness of the entity’s internal control over financial reporting.
In this case, there is a scope limitation, which makes it difficult for the auditor to issue an opinion on the effectiveness of internal control over financial reporting. Depending on the significance of the scope limitation, the auditors can issue both, a qualified opinion or a disclaimer one.
▪ The modifications needed in the case of the qualified opinion:
a) Modification of the scope paragraph explaining the scope limitation.
b) Describe the scope limitation by adding an explanatory paragraph. If the scope limitation is due to inability to gather sufficient evidence regarding to potential material weaknesses, it is necessary to include the definition of the material weakness as well.
c) Modification of the opinion paragraph, stating the other things discovered.
▪ The modification needed in the case of disclaim opinion:
a) In the introductory paragraph, the sentences describing the auditor’s responsibility for internal control over financial reporting should be deleted.
b) The scope...