The Financial Reporting Council and the Auditing and Assurance Standards Board - Case Study Example

Auditing practice Student Name: Institutional Affiliation: Course: Date: 1.21 Relationship between FRC and AUASB The Financial Reporting Council- FRC is an independent regulator whose main function is to ensure that corporate governance is practiced. The council also ensures that proper reporting of accounts is done hence an incentive to the investors and other interested parties and stakeholders (Imoniana, 2013). The body is functional in the United Kingdom and the Republic of Ireland. The Auditing and Assurance Standards Board- AUASB is an independent body or agency in Australia. The agency is responsible for the development, issuance and maintenance of auditing and assurance standards (Imoniana, 2013). As much as FRC and AUASB operate in three different countries they relate to each other in various ways. The first relation between the FRC and the AUASB is, the main aim of both bodies is to provide better and accurate information to financial information users. The provision of accurate and timely information will then lead to incentives resulting in larger investment by investors. The second relationship between the FRC and AUASB is that both of them are governing bodies that set the rules and regulations which need to be followed by auditors and accountants as they prepare their financial statements. 5.22 Accounts payable circularization is a technique used where the auditor will send letters to the creditors of the client to verify if the balances provided by the client do actually exist (Wines, 2010). This is usually a corroborative method of obtaining evidence to ascertain whether the account payable do exist, the ownership of the accounts payable and the values of account payable that have appeared in the financial statements have been correctly valued. Usually, the auditor will seek consent of the client in order to perform the accounts payable circularization. After the permission has been granted the auditor will send a letter with a written confirmation by the creditor on the existence ownership and value that has appeared in the financial statement. This technique of accounts payable circularization serves the following purpose for the auditor a. It provides confirmation from third party that the debt from the client do exist b. The creditor lays the claims ownership rights to the amount provided c. It confirms the amounts of money owed by the client to the creditor d. It provides support to compliance tests - it is an undertaking which is designed to get a reasonable assurance the internal controls the auditor has relied on are in fact effective. e. Therefore the internal controls should be able to provide an assurance over the purchases and accounts payables The technique brings into attention any amounts that have been disputed thus will point out to irregularities and frauds in the account payable The account payable circularization should normally be done at either the balance sheet date or where there is adequate use of the internal controls (Imoniana, 2013). Analytical review refers to the process which helps the auditor in understanding the client business, any change in the business and get to identify the risk areas. This will assist the auditor in planning for other audit procedures prior to the yearend should be done on the client transactions of account payable There is two types of accounts payable circularization a. A negative circularization-This type of circularization entails the creditor to respond where they are not in agreement with the contents from the circular. However, this method has a disadvantage with a reason being the creditor may fail to get the circular thus the auditor will wrongly assume that the creditor is in agreement with the circular. Therefore, creates a risk on the auditor's work b. A positive circularization-This method requires the creditor to respond on whether they agree or do not agree with the contents contained in the circular. Therefore, this method is much preferred to the negative circularization However, accounts payable are less confirmed than the account receivables. This highlighted by the fact that already the auditor has external confirmations (Rezaee, 2008). The external confirmations come from the suppliers invoices which show the transactions with the client. The creditor invoices usually provide a reliable form of audit evidence. Consequently the main assertion done to verify the evidence from accounts payable is completeness which would focus that all the business transactions which involves the account payable have been recorded, they are fully reported and all the transactions entitled for disclosure have been disclose 7.14 The sample size for testing control is well-documented with its relationship with the following factors: A relationship exists between the sample size and effectiveness of control in that the auditor will assess the risk that arises from the effectiveness of a control. This implies that a large sample size will be needed where the auditor assessment of inherent risk will likely affect the effectiveness of the control. Therefore, implies that a higher inherent risk will need lower detection risk (Imoniana, 2013). Lower detection risk is a risk that analytical and substantive procedures will fail to detect a material misstatement which exists in the accounts balances. The lower detection risk will be obtained through increase of the sample size Acceptable rate of return represents the maximum deviation rate on which the auditor could be in agreement to make a conclusion the internal control design and operation is effective (Senft, 2010). Therefore if the auditor has a lower acceptable level rate of deviation a large sample size will be required for testing the controls of the client’s small sample size will imply that there is a high acceptable level rate of deviation Expected rate of deviation is presented by the prior experience of the auditor with the client to determine the best estimate of population deviation rate. Therefore, a large sample size is required where the auditor expected rate of deviation that has been found from the population is greater. An auditor will consider some relevant factors to be included in the expected rate of deviation. The factors will include prior periods audit procedures that have been applied in order to get results. The extent where there is subjectivity on item values that have been determined and the other substantive procedure that have been derived (Rezaee, 2008). Small sample size is required where auditor expected rate of deviation found in the population will The auditor reliance, in order to have the required level of confidence of the internal control of the client system, will depend on the auditor assessment of risk. If an auditor cannot place much reliance on the internal controls with respect to assertions of a particular financial statement, it will indicate the control risks are high (Imoniana, 2013). Therefore for an acceptable low level of audit risk is reduced by the need that the auditor will rely more on substantive test. If the reliance on the substantive test is placed by the auditor a large sample size is required and therefore, a lower detection risk. For an auditor to have a small sample size, the auditor will nit place more reliance on the substantive test thus the auditor assessment the internal controls will meet the required confidence. The actual size of a population in regards to large population has very little effect on the sample size. Therefore, small population in sampling will is not an alternative efficient means of obtaining evidence 8.25 Information technology controls Information Technology controls are defined as certain required activities undertaken by persons and or systems with the aim of ensuring that organization’s objectives are met (Senft, 2010). They are measures that deal mostly with the general management of the information technology function in an organization. The main purpose of information technology controls is to ensure that the function has met required qualities such as confidentiality, integrity and data availability. Information technology controls are categorized into two broad categories. The first category is the information technology general controls and the second is information technology application controls. Although both of them are used with the common objective of ensuring organization goals are met, they differ a bit in terms of scope. The details of how the controls are used are as explained below. Information technology general controls include then controls that deal with the IT environment, access to data and information, computer operations, program development and program changes (Wines, 2010). Information technology application controls on the other hand deals with controls ranging from input to processing and finally to output controls. Information technology application controls are also referred to as transaction processing controls. Information technology general controls This kind of controls represents the stepping stone of the IT control structure. The controls are meant to ensure that the output produced by then system is reliable. The aspect of reliability of the information produced by the system as the output is achieved by ensuring that the sets of data fed into the system are accurate. However, can only be achieved if the system functions as intended, meaning that the assumption is made that the system is totally in a good condition. As mentioned above one of the one of the major areas dealt with by the general controls is the access of programs and data. A good example of a control that successfully performs the function is the use of passwords (Senft, 2010). With the use of passwords, access to the systems programs and data is restricted only to persons that are authorized. Therefore, means that the use of passwords as explained in the question is a type of information system general control. However, information technology general controls have other examples of controls as explained below: Change management controls are the kind of controls which are meant to ensure that the changes made to the information system are authorized by the delegated authority and that they meet the requirements of the business. Examples of such controls include the need of the administrator password incase a program needs to be deleted, or whenever changes need to be done to programs in the system, they all require authorization from the administrator. Hardware and software controls are those which ensure the installation, configuration, testing, management standard policy and procedures have been done in a correct and straight-forward manner. Back-up and recovery controls are procedures which ensure that processes in the office continue normally even after adverse conditions such as loss of power due to electrical faults (Rezaee, 2008). These controls ensure that data and information is not lost whenever power is lost in the organization. Physical controls are those controls which ensure that the security of the information is intact. This includes safety from both individuals and the environment. Individuals include people like burglars who would like to steal information vital to the organization while the environment includes factors such as natural calamities that could befall a company and cause it to lose information such as floods and other natural catastrophes. Advantages of Information Technology General Controls i. Enables provision of accurate, timely and up to date information. The information obtained can therefore be used by investors to make sound financial information decisions as they are efficient. ii. Creates more efficient and higher valued audit since the report generated out of the data is accurate and is made out of good and reliable information provided by the system. iii. Enables the management to prepare and implement effective work plans as the controls enable provision of effective and accurate information to the management that is responsible for making such decisions. iv. Enables the implementation of corporate strategy, which helps in attainment of corporate goals by the organization Disadvantages of Information Technology General Controls I. Information Technology General Controls are costly to install. This is due to the costly nature of the hardware and the high costs of paying the personnel involved in the control implementation (Imoniana, 2013). Costs could also include the amounts of money used to maintain the existing hardware in order to maintain a competitive edge. II. It is time consuming as it involves the changing of the entire organization to ensure that all is well. Information technology general controls may cause the company’s auditors to be over reliant on the control system hence leading to relaxation. This will lead auditors to relax rather than checking for other errors and fraud. Reference List Imoniana, J. O. A. M. T. P. M. S. M. &. M. E., 2013. The analytical review procedures in audit: an exploratory study. ASAA-Advances in Scientific and Applied Accounting. 5(2), pp. 282-303. Rezaee, Z. &. R. A., 2008. The impact of emerging information technology on auditing. Managerial Auditing Journal, pp. 465-471. Senft, S. &. G. F., 2010. nformation technology control and audit. In: s.l.:CRC Press. Wines, G. L. &. H. K. A., 2010. Anomalies in the oversight of Australian auditors. Australian Accounting Review,, 20(2), pp. 83-95. Read More