Management Audit Training Session: Basic Auditing Skills for Management Audit Resource Person: CA Kumud Tripathy FCA, ISA, MBA June 19, 2015
Subject Matters to be covered A. B. C. Procedures for collecting necessary information for management audit Problem Identification and Prioritization Skill Investigation of Subject Matters and Analysis of Facts
Subject Matters to be covered Contd. D. E. F. Factors to be considered while giving suggestion/recommendation after management audit Monitoring and evaluation of audit process Professional competence/quality of management auditor and code of ethics
Subject Matters to be covered Contd. G. Necessary skills of management auditor with regards to communication, relationship, coordination and networking
Background What is Audit? In general, auditing is defined as “a systematic and independent examination of data, statements, records, operations and performances (financial or otherwise) of an enterprise for a stated purpose.
What is Audit? – Contd. In any auditing situation, the auditor perceives and recognizes the propositions before him for examination, collects evidence, evaluates the same and on this basis formulates his judgment which is communicated through his audit report. ”
What is Audit? – Contd. Thus, auditing is a specialized function having complex legal, economic and ethical implications
What is Management Audit in our perspective? Management Audit Guidelines – 2067 -Joj: yfkg k/LIf 0 f lgb]{lzsf – @)^&_ defines management audit as:
What is Management Audit in our perspective? Contd. “Joj: yfkg k/LIf 0 f” e. Ggfn] nf]s; ]jf cfof]usf] sfo{If]q leqsf ljifox? Affx]ssf ; fdf. Go k|zf; g d+qfno jf ; f] af 6 tf]ls. Psf lgsfon] g]kfn ; /sf/sf lale. Gg lgsfox? df sfo{/t lghfdlt sd{rf/Ln] k|rlnt sfg"g tyf k|zf; s. Lo lgod / sfo{ljlwx? Kffngf u/] gu/]sf] ; Da. Gwdf ; 'kl/j]If 0 f, cg'udg / d"Nof+sg u/L lgb]{zg ; d]t lbg]
Audit Procedures A. Procedures for collecting necessary information for management audit
Audit Procedures Contd. Why Management Audit? Scope of Management Audit? (Details are given in Chapter 2 of Management Audit Guidelines – 2067)
Audit Procedures Contd. Objectives of Management Audit n Consistency in managerial activities of different entities of Nepal Government n Examine the activities of civil servants of Nepal Government to find out whether they are in compliance with the prevailing laws and
Audit Procedures Contd. regulations and recommend for the improvement of short comings, if any n Determine the strength and weakness of the organization and recommend for further improvements of the strength and remedial measures for the weaknesses
Audit Procedures Contd. Help to increase efficiency and effectiveness in the organization by optimal utilization of available resources n Help to develop sense of accountability by controlling the probable shortcoming and mismanagement n
Audit Procedures Contd. Evaluate the working capacity of all the levels of management of the organization n Identify the problems in the implementation level of the organization and recommend the appropriate suggestions n
Audit Procedures n Contd. Improve good governance by helping to maintain law and order in work performance
Audit Procedures Contd. Scope of Work: n Organizational Policy and Behavior n Organization Structure n Work Process and Office Lay-out n Staff Management and Record n Financial Administration and Store Management
Audit Procedures n n Contd. Delivery of Services and Transparency Use of Information Technology Management of Employee’s Complaint Others
Audit Procedures Contd. Procedures to be used for collecting information: Observation, Discussion, Interview, Questionnaire, Study of documents or evidence, Review and study of earlier reports, Other procedures deemed necessary by the audit team
Audit Procedures Contd. Objectives and General Principles Governing an Audit (NSA 200) Ethical Requirement for Audit n Conduct of audit in accordance with regulatory requirements n
Audit Procedures n Contd. Audit Risk and Materiality: The auditor should plan and perform the audit to reduce audit risk to an acceptable low level
Audit Procedures Contd. Audit Documentation (NSA 230) The auditor should prepare audit documentation that provides: n Sufficient and appropriate record of basis of his report
Audit Procedures Contd. The evidence that the audit was conducted in accordance with the applicable legal and regulatory requirements n The nature, timing and extent of audit procedures performed to comply with applicable legal and regulatory requirements n
Audit Procedures Contd. The result of the audit procedures and the audit evidence obtained n Significant matters arising during the audit and the conclusions reached n
Audit Procedures Contd. Responsibility to Consider Fraud (NSA 240) n In planning and performing the audit to reduce audit risk to an acceptable low level, the auditor should consider the risk of material misinformation due to fraud or error
Audit Procedures Contd. n The primary responsibility for the prevention and detection of fraud rests with both those charged with governance and with the management n Owing to the inherent limitations of an audit, there is an unavoidable risk that some material misinformation will not be detected, even though the audit is properly planned and performed
Audit Procedures Contd. B. Problem Identification and Prioritization Skill
Audit Procedures Contd. The management auditor should compare the performance requirement of the organization being audited and the actual performance of the organization n The comparison shall be done on the basis of audit evidence gathered n
Audit Procedures Contd. The problem shall be identified while comparing the required performance with the actual performance n The variances should be analyzed properly for prioritization for investigation and presentation in the report n
Audit Procedures C. Contd. Investigation of Subject Matters and Analysis of Facts
Audit Procedures Contd. Consideration of Laws and Regulations in an Audit (NSA 250) n The auditor should design and perform the audit procedures such that the non -compliance with relevant laws and regulations are identified
Audit Procedures Contd. The responsibility for the prevention and detection of non-compliance with laws and regulations primarily rests with the management n However, in order to plan the audit, the auditor should obtain general understanding of legal and regulatory framework applicable to the organization being audited n
Audit Procedures n Contd. When the auditor believes that there may be non-compliance, he should document the findings and discuss with the management and also inform the matter to those charged with governance
Audit Procedures Contd. Understanding the Entity and its Environment and Assessing the Risks of Material Misstatement (NSA 315)
Audit Procedures n Contd. The auditor should obtain an understanding of the organization and its environment, including its internal control, sufficient to identify and assess the risks of material misstatement of the information
Audit Procedures n Contd. The auditor should perform the following risk assessment procedures to obtain an understanding of the organization and its environment, including internal control: Inquiries of management and others within the organization; Analytical procedures; Observation and inspection
Audit Procedures n Contd. After understanding the organization, its environment and audit risk, appropriate audit procedures should be applied
Audit Procedures Contd. Audit Materiality (NSA 320) n The auditor should consider materiality and its relationship with audit risk when conducting an audit n There is an inverse relationship between materiality and the level of audit risk, i. e. the higher the materiality level, the lower the audit risk and vice versa
Audit Procedures Contd. Auditor’s Procedures in Response to Assessed Risks (NSA 330) n The auditor should determine overall responses to address the assessed risk and should design and perform further audit procedures to respond to assessed risks
Audit Procedures Contd. Audit Evidence (NSA 500) n The auditor should obtain sufficient appropriate audit evidence to be able to draw reasonable conclusions for the audit report n Sufficiency is the measure of the quantity of audit evidence where as appropriateness is the measure of the quality of the audit evidence
Audit Procedures Contd. Audit evidence is more reliable when it is obtained from independent sources outside the organization n Audit evidence that is generated internally is more reliable when the related controls imposed by the organization are effective n
Audit Procedures n Contd. Audit evidence provided by original documents is more reliable than the audit evidence provided by photocopies or facsimiles
Audit Procedures n Contd. Audit procedures for obtaining audit evidence may be: Inspection of records or documents Inspection of tangible assets Observation Inquiry Confirmation from third parties
Audit Procedures Contd. Recalculation (checking of mathematical accuracy) Re-performance (independent execution of procedure- e. g. aging of receivables) Analytical procedures
Audit Procedures Contd. External Confirmations (NSA 505) n The auditor should determine whether the use of external confirmations is necessary to obtain sufficient appropriate audit evidence n External confirmations are frequently used in relation to accounts balances and their components but need not be restricted to these items only
Audit Procedures Contd. Confirmation requests ordinarily include management’s authorization to the respondent to disclose the information to the auditor n The auditor may use positive or negative external confirmation requests or combination of both. Positive external confirmation requests are more reliable audit evidence n
Audit Procedures n Contd. When performing confirmation procedure, the auditor should maintain control over the process of selecting those to whom a request will be sent, the preparation and sending of confirmation requests; and the responses to those requests
Audit Procedures n Contd. The auditor should consider whethere is any indication that external confirmations received may not be reliable
Audit Procedures Contd. Analytical Procedures (NSA 520) n The auditor should apply analytical procedures as risk assessment procedures to obtain an understanding of the organization and its environment and in the overall review at the end of the audit
Audit Procedures n Contd. “Analytical procedures” means evaluation of financial information made by a study of plausible relationship among both financial and non-financial data
Audit Procedures Contd. Audit Sampling and Other Means of Testing (NSA 530) n The auditor should assess the audit risk through tests of control and substantive procedure n In obtaining audit evidence, the auditor should use professional judgment to assess audit risk
Audit Procedures Contd. Sampling risk and non-sampling risk can affect the components of the audit risk n The auditor may decide to apply audit sampling to a class of transactions or activities n
Audit Procedures Contd. In determining the sample size, the auditor should consider whether sampling risk is reduced to an acceptable low level n The auditor should select items for the sample with the expectation that all sampling units in the population have a chance of selection n
Audit Procedures Contd. Audit of Accounting Estimates (NSA 540) n The auditor should obtain sufficient appropriate audit evidence regarding accounting estimates
Audit Procedures n Contd. The auditor should design and perform further audit procedures to obtain sufficient appropriate audit evidence as to whether the organization’s accounting estimates are reasonable in the circumstances
Audit Procedures Contd. The auditor should review and test the process used by the management to develop the estimate n The auditor should use an independent estimate for comparison with that prepared by the management n
Audit Procedures Contd. The auditor should review subsequent events which provide audit evidence of the reasonableness of the estimates made n The auditor should evaluate whether the data on which the estimate is based is accurate, complete and relevant n
Audit Procedures Contd. The auditor should evaluate whether the organization has an appropriate base for the principal assumptions used in the accounting estimate n The auditor should compare previous estimates with the actual results to assess the reliability of current estimates n
Audit Procedures Contd. Related Parties (NSA 550) n The auditor should perform audit procedures designed to obtain sufficient appropriate audit evidence regarding the identification and disclosure by management of related parties and the effect of related party transactions
Audit Procedures Contd. An audit cannot be expected to detect all related party transactions n Management is responsible for the identification and disclosure of related parties and transactions with such parties n
Audit Procedures n Contd. The auditor should review the information provided by the management with regards to related party and transaction with them and try to ensure completeness of such disclosure
Audit Procedures n Contd. While examining the identified related party transactions, the auditor should obtain sufficient appropriate audit evidence as to whether these transactions have been properly recorded and disclosed
Audit Procedures n Contd. The auditor should obtain written representation from the management regarding completeness of information about related parties and the adequacy of related party disclosure
Audit Procedures Contd. Management Representations (NSA 580) n The auditor should obtain appropriate representations from the management acknowledging its responsibility for the financial information and other relevant regulatory matters
Audit Procedures n Contd. Management Representation may be considered as audit evidence when other sufficient appropriate audit evidence cannot reasonably be expected to exist
Audit Procedures n Contd. If management representation seems to be contradictory with other audit evidence, the auditor should investigate the circumstances and reconsider the reliability of other representations made by the management
Audit Procedures n Contd. If the management refuses to provide a representation that the auditor considers necessary, this constitutes a scope limitation and the auditor should prepare its report accordingly
Audit Procedures Contd. Considering the Work of Internal Audit (NSA 610) n The external auditor (Management Auditor in our case) should consider the activities of internal auditing and their effect, if any, on external audit procedure
Audit Procedures Contd. The external auditor should perform an assessment of the internal audit function for assessing its audit risk n For the assessment of internal audit function, the important criteria are: Organizational Status, Scope of Function, Technical Competence and Due Professional Care n
Audit Procedures Contd. Using the Work of an Expert (NSA 620) n When using the work performed by an expert, the auditor should obtain sufficient appropriate audit evidence that such work is adequate for the purposes of the audit
Audit Procedures n Contd. . An expert may be contracted by the organization; may be contracted by the auditor; may by employed by the organization; or employed by the auditor (applicable in case of independent management auditor)
Audit Procedures Contd. When planning to use the work of an expert, the auditor should evaluate the professional competence of the expert n The auditor should obtain sufficient appropriate audit evidence that the scope of the expert’s work is adequate for the purposes of the audit n
Audit Procedures Contd. D. Factors to be considered while giving suggestion / recommendation after management audit
Audit Procedures Contd. Communication of Audit Matters with those charged with Governance (NSA 260) n The auditor should communicate audit matters of governance interest found during the audit with those charged with governance
Audit Procedures Contd. The auditor should determine the appropriate person for communicating relevant audit matters n The auditor should communicate audit matters of governance interest on a timely basis. The matters may be communicated orally or in writing n
Audit Procedures n Contd. The legislation or the regulation of the country may impose obligation on the auditor to make communications on governance related matters
Audit Procedures Contd. Subsequent Events (NSA 560) n The auditor should consider the effect of subsequent events on the financial information and the audit report
Audit Procedures n Contd. When the auditor becomes aware of events which materially affect the financial information, the auditor should consider whether such events are properly accounted for and adequately disclosed
Audit Procedures E. Contd. Monitoring and evaluation of audit process
Audit Procedures Contd. Quality Control for Audits (NSA 220) n The engagement team should implement quality control procedures that are applicable to the individual audit n The management audit team leader should be responsible for the quality of audit
Audit Procedures Contd. The management audit team leader should ensure that the appropriate audit procedures are in place throughout the audit process n The team leader should consider whether the members of the audit team have complied with ethical requirements n
Audit Procedures F. Contd. Professional competence/quality of management auditor and code of ethics
Audit Procedures n Contd. The management audit team should ensure that all the members of the audit team comply with professional standards and regulatory and legal requirements
Audit Procedures n Contd. Capabilities and competence are developed through: Continuing professional development, including training; Professional education; Work experience; Coaching by more experienced staff
Audit Procedures n Contd. The quality control policies and procedures with regards to management audit developed by the ministry of general administrations, if any, should be communicated to the audit team
Audit Procedures n Contd. All the members of the management audit team should comply with the relevant ethical requirements that are expected from the government employees
Audit Procedures n Contd. ICAN Code of Ethics establishes the fundamental principles of professional ethics, which include: Integrity; Objectivity; Professional competence and due care; Confidentiality; Professional behavior; Independence
Audit Procedures Contd. G. Necessary skills of management auditor with regards to communication, relationship, coordination and networking
Audit Procedures n Contd. On top of auditing skills, all the members of the management audit team are expected to possess good skill with regards to communication, relationship, coordination and networking with the concerned staff of the organization being audited
Audit Procedures n Contd. Such skills can be acquired by participating in appropriate technical, professional and skill development training programs conducted in house as well as outside the organization with the help of professional resource persons
Audit Procedures n Contd. The management audit team should give prior written information to the organization being audited, except in case of surprise audit, so that the management audit could be carried out smoothly and completed within stipulated time frame
Audit Procedures n Contd. The information should include: time required for audit; subject matter of the management audit; audit procedures; name of audit team members; support expected from the organization being audited
Any Question?
Thank You For your Patience
Скачать презентацию Management Audit Training Session Basic Auditing Skills for
248d9a003a8092daef689eb2e1c17b43.ppt