The top-down approach used in the audit process of reviewing internal controls is highly accurate in the detection of material misstatements in a company's financial records. Auditors should use this approach in help of determining a company's overall risks in internal control. The process begins with a review of the financial statements then spotlights entity-level controls to further focus on major accounts and disclosures. Once the auditor has an understanding of possible risks that may slip through the internal control process they set up tests insure the accuracy of company controls. The controls that attract attention from the auditor deal directly with their conclusion on whether the company's internal controls are accurate in financial reporting. Entity-level controls differ from company to company but generally monitoring areas that commonly lead to inaccurate figures. Some examples of these entity-level controls include limiting management override, monitoring results of operations, and develop new company policies that address business control and risk management practices.
Get your grade
or your money back
using our Essay Writing Service!
A key entity-level control screens the control environment of a company to insuring the precision of their internal controls over financial reporting. In testing this control the auditor must insure that the motives of management promote an effective and responsible approach to financial reporting and also whether the audit committee shows responsibility in their supervision of management. Auditor must also develop an understanding of the company's period-end financial reporting process by reviewing company procedures. These procedures include entering in data into general ledger accounts, selecting accounting policies, processing journal entries, recording recurring and nonrecurring adjustments, preparing annual and quarterly financial statements and related disclosures. The auditor must review inputs systems and information technology the company uses in reporting financial statements to insure there accuracy. The auditor must also be knowledgeable on management's responsibility in the process of reporting figures on the financial statements.
Auditor using the top down approach must be able to identify important accounts and disclosures that may have a higher probability of containing inaccurate figures causing the financial statements to be materially misstated. Common assertions include existence, completeness, valuation, rights and obligation, presentation and disclosure. Auditors continually evaluate qualitative and quantitative factors related to the figures listed on the financial statements these assertions would include but not limited to the size and volume of accounts, complexity of disclosures, and significant changes from year to year or quarter to quarter. A judgment call must be made by the auditor in figuring what is most likely to slip through company controls and result in materially misstated financial records. The risks in internal control are similar to those risks in an audit of a companies financial statements, so an audit may evaluate comparable accounts and disclosures to help identify the major threats. Company's functioning with different locations or multiple entities should have consolidated financial statement in which the auditor examines finding possible weaknesses and then indicates scoping decisions for the company.
To understand key sources of misstatements the auditor must realize and understand how the transactions flow within the company (procedures, authorization, documentation), controls that management has put in place and how they stay free of misstatements due to managements eagerness to please stockholders. Due to the fact that a large majority of the auditors work is based on judgment the work should be delegated to different individuals within a firm so the auditor is not always auditing his or her own work. One of the most beneficial resources to the auditor is the use of walkthroughs, this is the process of following a transaction from basic journal entries all the way to the financial statement. During critical points of the walkthrough the auditor will question personnel and discuss issues dealing with internal control procedures issued by the company. The auditor will select transactions that will test those controls that are important to the auditor's decision on the company controls. Multiple controls may be tested with one transaction if so it is not necessary to retest that control. The controls selected to be tested extensively deal with the auditor relevant assertion not on how the control is labeled.
It often becomes cloudy when determining the differences between a significant deficiency and a material weakness. Both in essence are the same, although a significant difference is less severe than a material weakness. If a company has a material weakness in their internal control over financial reporting they have a flawed system. This creates the possibility that a material misstatement will be translated on to the company's financial statements and will not be discovered until it is too late. A significant deficiency is similar in the fact that there is also a flaw in the company's internal control system however this flaw is less significant then in the case of a material misstatement. If a company is found to have a significant deficiency the auditor will relay this information to those individuals in charge of overseeing the company's financial reporting.
Always on Time
Marked to Standard
Accordingly, auditors use techniques of detection to help them discover material weaknesses. Typical indicators include the recognition of fraud (even if the fraud is immaterial), reviewing previous material misstatement corrections, indication of material misstatement that would not have been discovered by company controls and the effectiveness of the company's audit committee. When a deficiency or a combination of deficiencies arises the auditor must decide on the type assurance that would please company leaders and would satisfy the regulations of GAAP. AAAAAA
All material weaknesses must be communicated to the company's management and the audit committee. This is done with a written statement identifying these deficiencies that the audit team has discovered. The written statement on the company's internal control procedures must be given to these groups prior to the auditor's final report. If it is discovered that audit committee is unproductive in supervising internal control over financial reporting a written statement must be given to the company's broad of directors. Significant deficiencies should also be communicated to the audit committee and management in writing. These deficiencies if previously stated do not have to be repeated. The auditor is not responsible to perform procedures that clearly explain the deficiencies but they must communicate deficiencies they are aware of. The audit of internal control over financial reporting does not provide the auditor with assurance that all deficiencies under material weaknesses have been identified the auditor should not issues a report. Finally, the auditor must be aware of their responsibilities under AU section 316 and section 317 if they discover fraud or illegal acts.