Limitations Of an Entity's System of Internal Control

One of the fundamental concepts identified earlier in the chapter is that internal control can provided only reasonable assurance to management and the board of directors regarding the achievement of an entity's objectives. AU 319.16-18, Considerations of Internal Control in a Financial Statement Audit, identifies the following inherent limitations that explain why internal control, no matter how well designed and operated, can provide only reasonable assurance regarding achievement of an entity's control objectives.

• Mistake in judgment. Occasionally, management and other personnel may exercise poor judgment in making business decisions or in performing routine duties because inadequate information, time constrains, or other procedures.
• Breakdowns. Breakdowns in established control may occur when personnel missunderstand instructions or make errors owning to carelessness, distractions, or fatigue. Temporary of permanent changes in personnel or in systems or procedures may also contribute to breakdowns.
• Collusion. Individuals acting together, such as an employee who performs an important control acting with another employee, customer, or supplier, may be able to perpetrate and conceal fraud so as to prevent its detection by internal control (e.g, collusion among three employees from personnel, manufacturing, and payroll departments to initiate payments to fictitious employees, or kickback schemes between an employee in the purchasing department and a supplier or between an employee in the purchasing department and a customer).
• Management Override. Management can overrule prescribed policies or procedures for illegitimate purposes such as personnel gain or enhanced presentations of an entitiy's financial condition or compliance status (e.g., inflating reported earnings to increase a bonus payout or the market value of the entity's stock, or to hide violations of debt covenant agreements or noncompliance with law and regulations). Override practices including making deliberated misrepresentations to auditors and others such as by issuing false documents to support the recording of fictitious sales transactions.
• Cost versus benefits. The cost of an entity's internal control should not exceed the benefits that they are expected to ensure. Because precise measurement of both cost and benefits usually is not possible, management make both quantitative and qualitative estimates and judgments in evaluating the cost benefit relationship.

For example, an entity's could eliminate losses from bad checks by accepting certified or cashier's checks from customers. However, because of the possible adverse effects of such a policy on sales, most companies believe that requiring identification from the check writer offers reasonable assurance against the type of loss.

Nature of audit tests

Decision about the nature of audit test are related to the auditors choices about the type of evidence that they collect to support an opinion. There are three common type of audit procedures :

- Risks assesment procedures that are designed to help the auditor assess the risk of material maisstatement in an assertion, wether performed early in the audit engagement or in the response to new information. Recall that the auditor uses risk assessment procedures to obtain evidence about inherent risks and the risk of fraud.

- Test of Control that are designed to provide evidence about the operating effectiveness of various aspect of internal control. Tests of control provide evidence to support control risk assessment below the maximum.

- Substantive test that are designed to provide evidence about to fair presentation of management's assertions in the financial statements. Substantive test include :

1. Initial procedures that involve understanding the economic substance of the account balance or transaction being audited and agreeing on detailed information about an account to general ledger (such as comparing an accounts receivable subsdiary ledger to the general ledger)

2. Substantive analytic procedures that involve the use of comparisons to assess the fairness of an assertion. For example, the auditor might evaluate sales per square foot or retail space in testing the reasonableness of revenues.

3. Test of detail transactions that involve examining documentary support for transactions. For example, an auditor might inspect sales orders and a bill of landing behind a recorded sales invoice.

4. Test of details of balance that involved examining support for a general ledger balance. For example, the auditor might send confirmations to customers to obtain an evidence that they owe receivables.

5.  Test of detail accounting estimates that involve obtaining evidence in support of the client's estimations process and ensuring that the estimation process is applied consistently from period to period.

6. Test of details of disclosures that involve examining support for financial statement disclosures. For example, the auditor might read a loan contract to ascertain the maturity schedule and debt covenants for the loan

Substantive test provide the evidence that allows the auditor to achieve the desired detection risk and ensure that overall audit risk and ensure that overall audit risk is reduced to an appropriately low level.
Recall the risk assessment, for example. For assertion 1, the existence of inventory, the nature of auditor's evidence would include significant test of controls (testing of effectiveness of the client's perpetual inventory system) as well as some limited substantive test (direct observation of inventory). For assertion 2, the valuation of inventory, auditor would perform few test of controls because controls are not expected to be effective. However, the auditor would plan to obtain significant evidence by testing the pricing of inventory to underlying vendor's invoices (substantive test of balances). In addition, the auditor would obtain evidence about sales price after years-end to support a conclusion about the lower of cost of market objective (substantive test of an accounting estimate). 

Objectives, strategies, and related business risks that may result in material misstatements

Objectives, strategies, and business risks may be defined as follows :

An entitiy's objectives are the overall plans for the entity as defined by those charge with governance and management.
Strategies are the operational approaches by which management intends to achieve its objectives.
Business risks result from significant conditions, events, circumstances, or actions, that could adversely affect the entitiy's ability to achieve its objectives and execute its strategies.

Understanding for entitiy's objectives, strategies and strategies and business risks are important because the risks of material misstatement is often associated with an entitiy's business risks. Following are several examples of how an entity's business risks may be associated with the risk of material misstatement in the financial statements.

- If an entity is unable to accomplish a strategy associated with obtaining a significant percent of revenues from new products (such as obtaining FDA approval for new drugs developed by research and development), there may be an increased risk associated with revenue recognition (the exictence and occurance assertion) or with the impairement of development costs that may have been capitalized (valuation and allocation assertion)

- If an entity is planning to o private and to repurchase a significant portion of equity from existing owners, management may have an incentive to understate earnings. In this case the auditor might be concerned that all sales are recorded expenses are appropriate (the occurrence of expenses)

Measurement and Review Of the Entity Financial Performance

generally accepted accounting standards also require auditors to obtain an understanding of the measurement and review of the entitiy's financial performance, including both internal and external measures. Such measures might include :

1. key ratios and operating statistics
2. key performance indicators
3. employee performance measures and incentive compensations plans
4. industry trends
5. the use of forecast, budgets, and variance analysis
6. analyst reports and credit rating reports

a company might use variety of financial and nonfinancial measures to monitor performance. Today, many companies measures the efficiency of the manufacturing process by comparing the quantity of raw material used to the quantity of finished goods, and material and labour variencies. In addition, it might monitor the effectiveness of the manufacturing process using quality control statistics or measures of the amount of rework required to meet standards. This informations is essential for developing a knowledgeable perspective about reported amounts for inventory and cost of sales.

Many performance measures, such as those described above, are produced by the entity's information system. If management asumes that data used for reviewing the entity's performance are accurate without having a basis of that assumption, error may exist in the information, potentially leading management (or the auditors using the same information) to incorrect conclusions about performance. If the auditors uses management's performance measures to form an audit conclusions(e.g., in performing analytical procedures), he or she should consider the realibility of the informations system that produced the measure and wether the measure is sufficienly precise to detect material misstatement.

management and auditors use performance measure informations in different ways. When reported measures differ from management's expectations, management may take corrective action to improve the entitys performance. For example, poor inventory turnover might cause a company to to offer more attractive pricing in order to sell inventory. However, the audtor should consider whether a deviations in performance measures might indicated a risk of mistatement in underlying financial informations. A decline in inventory turnover might mean the certain manufacturing cost are being capitalized as part of inventory rather than being expensed. Deviations from expected performance measures are critical when asessing in inherent risk associated with financial statement assertions.  

Limitations of an audit

A financial statement audit is subject to a number of inherent limitations. One constraint is that the auditor works within fairly restrictive economic limits. Following are two important economic limitations.

Reasonable cost. A limitations on the cost of an audit results in selective testing or sampling, of the accounting records and supporting data. In addition, the auditor may choose to test internal controls and may obtain assurance from a well functioning system of internal controls.

Reasonable lenght of time. the auditor's report on many public companies is usually issued three or five weeks after the balance sheet date. This time constraint may affect the amount of evidence that can be obtained concerning events and transactions after the balance sheet date that may have an effect on the financial statements. Moreover, there is a relatively short time period available for resolving uncertaintes existing at the statement date.

Another significant limitations is the established accounting framework for preparing financial statements. Following are two important limitations associated with the established accounting framework.

Alternative accounting Principles. Alternative accounting principles are permitted under GAAP. Financial statement users must be knowledgeable about a company's accounting choices and their effect on financial statements.
Accounting Estimates. Estimates are an inherent part of the accounting process, and no one, including auditors, can foresee the outcome of uncertainties. Estimate range from the allowance for doubtfull accounts and an inventory obsolescence reserve to impairment tests of fixed assets and goodwill. An audit can not add exactness and certainly to financial statements when these factors do not exist.

Auditing defined

The term auditing is used to described a broad range of activities in our society. The following broad definition of auditing identifies a number of common attributes of most modern auditing activities. The report of the Committee on Basic Auditing Concept of the American Accounting Association defines audit as :
A systematic process of objectively obtaining and evaluating evidence regarding assertion about economic actions and events to ascertain the degree of correspondence between those assertion and established criteria and communicating the result to interested users.

AUDIT PROCEDURES

AUDIT PROCEDURES ARE THE METHODS OR TECHNIQUE THE AUDITOR USES TO GATHER AND EVALUATE AUDIT EVIDENCE. THE AUDITORS PERFORMS AUDIT PROCEDURES TO ACCOMPLISH THE FOLLOWING OBJECTIVES :

1. To obtain an understanding of the entity and its environment, including its internal control, to asses the risk of material misstatement at the financial statement level and at the level (risk assessment procedures).
2. To test the operating effectiveness of control in preventing or detecting material misstatement at the assertions level (test of control). Test of control are required when the auditor plans to assess control risk below the maximum and below the maximum and develop an audit strategy that assumes the operating effectiveness of internal control.
3. To support an assertions or detect material misstatement at the assertions level (substantive test). The auditor plans and performs substantive test that are responsive to assessed risk.