Components of an audit

Let’s identify the (1) ……components………………… of an audit; after all, not just
anyone can slap one of these audit reports... on a set of financial statements.

First you need something to audit, in this case a set of financial statements. But behind
these financial statements you need to recognize that there are likely thousands,
millions, or possibly billions of (2) …transactions… Financial statements are a
summary of all business activity that goes on during a period, and a snapshot of all the
entities’ asset and (3)………liability……………… position as at the year end date.
This information is compiled by management - not the auditors. Auditors are usually
(4)……professional…………………, like Chartered Accountants or Certified
Professional Accountants, but they do not prepare the financial information. To do so,
would impair their objectivity. That is, their appearance of being unbiased.

The second component of an audit is that we need (5)……………………… against

which we evaluate the information. If management were free to make the rules about
the accounting policies, readers would have one heck of a time understanding what it
is they are reading. So in the case of financial statement audits, the criteria are
normally (6)…………………………………………... However, different types of
audits can have different criteria, so don’t think of criteria in a narrow sense. For
example, tax auditors have tax rules and regulations. Internal auditors have companies’
policies and (7)……………………… to use as their criteria. External auditors may be
engaged to express an opinion on criteria other than GAAP, such a compliance with a
loan agreement.

The third component of an audit is the auditor needs to do something to support their
opinion. Every single number, every disclosure, every policy you read in a set of
financial statements must be evaluated, tested, and supported. The same way as a legal
prosecutor gathers (8)……………………… to build a case against the defendant, the
auditors builds a case to support or refute management’s presentation of the financial
information. We will spend a number of lessons on how this is done most efficiently.
An audit does not look at every single piece of paper or electronic (9)
……………………… in the organization, to do so is impractical and cost prohibitive.

The fourth component of an audit is the (10)……………………… themselves. These

people are not just smucks we pull off the street. Auditors need a deep background in

13
accounting. Auditors need training in audit approaches. And auditors need savvy (11)
………………………………… and keen (12) ………………………. Public
accounting is a regulated industry, only licensed public accountants can issue audit
opinions.

The last element of auditing is (13)………………………. The auditors need a way of

expressing their opinion. They need a way of disclosing their (14)
……………………… in a way that is meaningful to the readers. These aren’t random
words written in a free form report. Audit reports use very specific language so as to
not (15)……………………… readers to over or under rely on the findings presented.

Required:
1. Listen to the video and fill in the gaps
2. Answer the questions below using words/ or number from the passage for each
answer:
a. How many components of audit? What are they?

………………………………………………………………………………………………

………………………………………………………………………………………………

b. Who are auditors usually?

………………………………………………………………………………………………

………………………………………………………………………………………………

c. In the case of financial statement audits, what are criteria?

………………………………………………………………………………………………

………………………………………………………………………………………………

d. What do auditors need to do an audit?

………………………………………………………………………………………………

………………………………………………………………………………………………

e. How do auditors disclose their findings?

………………………………………………………………………………………………

………………………………………………………………………………………………

14
 The relationship between the level of inherent/control risk and materiality

Hey everyone and welcome to today's video. Uhm… I get asked a lot just to clarify
how materiality, and inherent and control risk are related. So, I am going to use a little
diagram here to try to explain. So, imagine we have two companies.

Alright, on the left, we have a company that is low inherent risk and low control risk,
that means that is low overall (1) ………………………….…… . So that, you can see
here buddy excess, there are too many material misstatements. So, let's assume that is
the (2) ……………………… data.

Okay, on the right hand side, we're going to have a company that is high inherent risk
and control risk and when with high inherent risk and control risk, we know that is a
much greater possibility of material misstatements. So we might have a lot more
imaginary (3) ……………………… …………to find.

So what is a materiality level? A materiality level is some dollar value (4)

……………………… where every misstatement over that amount we're going to ask
the client to make an (5) ……………………… because we think it's a material
misstatement.

So at the top here, we think these are very large ones and these are the smaller ones. if
I did set my materiality at a high-level with this started line, I'm going to catch these
two material misstatements and I'm gonna identified those are material and I'm gonna
say these three are not material.

Now, if I use that same level over here on the right hand side, I still (6)
……………………… more misstatements but they're potentially a lot more
misstatements in the remainder of the financials. So in a high inherent risk and control
risk situation, I'm going to lower my (7)……………………… to detect greater
numbers of misstatements because as a high-risk of material misstatements we did in
the financial statements.

so that's the reason why we have low inherent risk and control risk, we have a high
level of materiality in comparison to where inherent risk and control risk are high.

15
So, in low (8)……………………… situations, I mean I have low materiality
compared to high detection risk situation.

So, my materiality and my detection risk move in the (9)……………………… ,

whereas my detection risk and my inherent and control risks move in opposite or (10)
……………………… directions. So, this is the reason why when as high levels of
risk we got materiality down to allow us to detect more material misstatements.

Required:

3. Listen to the video and fill in the gaps

4. Answer the questions below using words/ or number from the passage for
each answer:
f. How is risk of material misstatements when inherent risk and control risk are low?

………………………………………………………………………………………………

………………………………………………………………………………………………

g. What is the relationship between inherent risk, control risk and possibility of
material misstatements?

………………………………………………………………………………………………

………………………………………………………………………………………………

h. What is materiality level?

………………………………………………………………………………………………

………………………………………………………………………………………………

i. In case of high inherent risk and control risk situation, what will auditors set level
of materiality? Why?

………………………………………………………………………………………………

………………………………………………………………………………………………

j. What is the relationship between materiality and detection risk?

………………………………………………………………………………………………

………………………………………………………………………………………………

16
 INTERNAL CONTROL

Now, what are our objectives of (1) …internal control…….? These are our objectives
of internal control. In other words, what do we want out of a good internal control system?
This is your ace in the whole. I've got to change the mnemonic...the ace in the hole. What is
your ace? Accurate, reliable financial statements. We want accurate, reliable, GAAP financial
statements. So, we want to make sure that these financial statements...what do we want a good
internal control system to do? We want to make sure that these financial statements are (2)
……accurate….., they're reliable and they are in conformity with US GAAP. We want to
make sure that we're in compliance with (3) ………laws and regulations….. Now,
compliance with laws and regulations. That's going be looking at things like a (4)…
compliance audit…….., like GAS, at government auditing standards audit, and (5)………
effectiveness……. and (6)……efficiency….. of operations, effectiveness and efficiency of
ops. That's going to be like an operational audit. So, remember in Audit 1, I said there’re 3
different types of audits? You have a compliance audit, (7)……operational audit……..,
financial statement audit.

So our goal of looking at internal control is, with internal control, we would like
certain (8) …objectives…... And what is our objective? Woot...there's your ace. We want to
make sure we have accurate, reliable financial statements, compliance with laws regulations
and effectiveness and efficiency of operations.

Alrighty...then it says the auditor should obtain an understanding of the five (9)……
components……. of internal control. So these are the 5 components of internal control. Now
remember I said I need to understand internal control. So what we need to do is, we need to
go through and define what internal control really is. And internal control consists of these 5
components. Now, this has shown up as a simulation. It always shows up as multiple choices.
So, you need to remember the five components. So let's put up here the five components of
internal control. And a good way to remember this is, if you don't remember it, it would be a
“crime”. What's your mnemonic? Crime. Wow! Love mnemonics.

So we're going to have things like (C) control activities…, (R) risk assessment, (I)
information and communication, (M) (10)……monitoring…….. and your control (E)
environment. So these are the 5 components of internal control. So, they're going to ask you
which is, which is not a component of internal control. It's imperative, it's important to
remember the mnemonic crime. Alright. We got control activities, (11)…risk
assessment……., information, monitoring, control environment, C-R-I-M-E...There's your
crime C-R-I-M and E...crime, crime.

Do doo doo doo do wooo that was Shane, anyway, old song.

17
 Alright, now, the real order is this, 1 (control environment), 2 (risk assessment), 3
(control activities), 4 (information and communication), 5 (monitoring). Hmm? First, we're
going look at the overall clients (12)…control environment……… and we're going to say
here's what we define as the environment. Is there a basis for reliance? Do we think the
overall environment looks okay? Then we need to assess the risk of something going wrong.
Assess the risk, and by risk assessment, we're saying we need to, how does the company
identify, analyze and manage what could go wrong? Then we're going to look at the (13)…
control activities…………... These are the activities upon which you want controls. For
example, I'd mentioned in audit 1 this mnemonic ARCS... authorization, recording, custody,
comparison... those... and segregation... those are areas upon which you want controls. Then
we're going to gather (14)……information and communicate………it on a timely basis, and
then we're going to see how the system is monitored. How do they (15)…monitor……………
the system, is it operating as designed? So when I say you need to understand internal control,
internal control really consists of those 5 components called CRIME.

Requires:

5. Listen to the audio and fill in the gaps

6. Answer the questions below using words/ or number from the passage for each
answer:
k. What do auditors want to make sure about financial statements?
………………………………………………………………………………………………
………………………………………………………………………………………………
l. How many types of audit? What are they?
…3 diffirent types of audit: compliance audit, operational audit, financial
statement audit ……………………………………………
………………………………………………………………………………………………
m. Name the five components of internal control?
Control activities, Risk assessment, Information and Communication,
Environment, Monitoring ……………………………………………………
………………………………………………………………………………………………
n. What does ARCS stand for?
Authorization, Recording, Custody Comparision, Segregation
……………………………………………………………………………………………

18