Tuesday, August 11, 2015

When to perform Tests of Controls in an audit ?

The objective of the auditor while performing the audit is to obtain sufficient appropriate audit evidence regarding the assessed risks of material misstatement, through DESIGNING and IMPLEMENTING appropriate responses to those risks.

TESTS of CONTROLS is an audit procedure designed to evaluate the operating effectiveness of controls in preventing, or detecting and correcting, material misstatements at the assertion level.

As required by ISA 330, the auditor shall design and implement overall responses to address the assessed risks of material misstatement at the financial statement level.

Further, paragraph 6 of ISA 330 states that the auditor shall design and perform further audit procedures whose nature, timing and extent are based on and are responsive to the assessed risks of material misstatement at the assertion level.

In designing the further audit procedures to be performed, the auditor shall :

  1. Consider the reasons for the assessment given to the risk of material misstatement at the assertion level for each class of transactions, account balance, and disclosure, including :
    • The likelihood of material misstatement due to the particular characteristics of the relevant class of transactions, account balance, or disclosure (that is, the inherent risk); and
    • Whether the risk assessment takes account of relevant controls (that is, the control risk), thereby requiring the auditor to obtain audit evidence to determine whether the controls are operating effectively (that is, the auditor intends to rely on the operating effectiveness of controls in determining the nature, timing and extent of substantive procedures);
  2. Obtain more persuasive audit evidence the higher the auditor’s assessment risk.

The auditor shall design and perform TESTS of CONTROLS to obtain sufficient appropriate audit evidence as to the operating effectiveness of relevant controls IF :

  1. The auditor’s assessment of risks of material misstatement at the assertion level includes an expectation that the controls are operating effectively (that is, the auditor intends to rely on the operating effectiveness of controls in determining the nature, timing and extent of substantive procedures); OR
  2. Substantive procedures alone cannot provide sufficient appropriate audit evidence at the assertion level.

In designing and performing tests of controls, the auditor shall obtain more persuasive audit evidence the greater the reliance the auditor places on the effectiveness of a control (A higher level of assurance may be sought about the operating effectiveness of controls when the approach adopted consists primarily of tests of controls, in particular where it is not possible or practicable to obtain sufficient appropriate audit evidence only from substantive procedures) (HRD).