Audit procedures
Show/hide Sharepoint toolbar
Toggle navigation
Menu
Home
General
Compliance
Concepts
Planning
Examination
Reporting
Financial
Concepts
Planning
Examination
Reporting
Performance
Currently selected
Concepts
Planning
Examination
Reporting
More
Review
Opinion
Tools
How To ?
Page index
Resources
Terms
It looks like your browser does not have JavaScript enabled. Please turn on JavaScript and try again.
Audit procedures
Page Content
Audit procedures
An audit procedure is a technique for collecting and analysing data to provide evidence. The audits should use combination of procedures that are appropriate to the subject matter and audit objective and capture a range of data.
Performance audit
Planning
Ref: 34.450
Principles
Clear, robust and practical procedures should be identified in order to obtain
audit evidence
so as to be able to draw conclusions with reasonable certainty. The
subject matter
, the
audit questions
being addressed, and the
resources and time
available should determine the most appropriate combination of procedures.
Evidence collection follows an iterative decision-making process, whereby auditors obtain data, examine it for completeness and appropriateness, analyse it, and make decisions on whether additional evidence is required.
Data requires analysis to explain what has been observed, and to make the connection between cause and effect. Auditors need to be aware that collecting data serves no useful purpose if it cannot be properly analysed.
The final stage of audit procedures involves combining the results from different types of sources, e.g. combining results from surveys with those from case studies, etc., in order to
derive valid audit findings
.
Instructions
Designing audit procedures
Performance audits can draw upon a large variety of methods, commonly used in the social sciences, to gather and analyse evidence. A good performance audit will normally combine different audit procedures to capture a range of data and corroborate
findings
from different sources, and combine
quantitative
and
qualitative (non-numerical)
data. A combination of procedures is necessary to provide solid evidence to support the conclusions and recommendations, with the quantitative data giving the ECA the means to demonstrate the significance of its
observations
and
recommendations
. As it is neither practical nor efficient to cover all possible aspects in a single audit, the nature, extent and timing of audit procedures should be restricted to a limited number of matters of significance. These are matters that pertain to the audit questions, can be carried out with the resources and expertise available, and are critical to the achievement of the intended results of the audit subject.
Different methodological approaches may be employed at different audit phases and for different purposes:
Typically during the planning phase, the auditor is interested in more general information as part of the learning process to understand the subject matter.
Qualitative
techniques are particularly useful at such stage to identify the significant issues, develop preliminary ideas and build hypotheses. These techniques are also particularly well suited to complex problems.
As the audit proceeds, the auditor will need more specific information to assess and measure performance, or to document errors or problems already known (e.g. from the planning phase).
Quantitative
analysis, involving an examination of numerical data, is one of the most powerful audit tools for developing evidence-based conclusions. Such analysis adds considerable value to the audit work, as it can provide clear measures of costs, benefits and performance.
For specific aspects an audit may rely on the
work of other auditors
or
external experts
.
Audit team needs to know what data analysis procedures it will use before designing their strategy for data collection. Otherwise, they may find that the data collected cannot be analysed. It may be necessary to pilot-test certain methods to ensure that they can provide the evidence required to answer the audit questions.
Data collection procedures
Data collection procedures range along a continuum from, at one extreme, those giving an overall picture of a situation or population (e.g. surveys) to, at the other extreme, the in-depth exploration of a small number of subjects or items (e.g. inspection), with other methods in between:
Survey
Auditee data
Interview
with auditee, third parties
Focus group
of experts, stakeholders
Observation
of people, processes
Inspection
of assets
Data analysis procedures
The term ‘data analysis’ is generally used to include both the compilation (coding and tabulation) and analysis of data. Analytical techniques to be employed may be:
quantitative, which may employ simple techniques (e.g. frequency counts) or more sophisticated techniques (e.g. regression analysis). Computer assisted audit techniques (CAATs) are often an essential part of quantitative analysis.
• Frequency counts
• Ratio analysis
• Comparative analysis
• Trend analysis
• Variance analysis
• Regression analysis
qualitative, which may be used to analyse and interpret interviews or documents, or to identify descriptive material that may be used in the audit report.
Bench- marking
Case studies
Coding and abstraction
domain-specific. Audit teams can also use the following domain-specific guidance when relevant to their audit objective.
Auditing evaluations
IT audit
Other considerations
In the course of audit work, the auditor may obtain or come across sensitive information. Such information should be treated in a confidential manner, and data protection rules observed.
The auditor should have a questioning mind and maintain professional scepticism. Notwithstanding the auditor’s past experience of the honesty and integrity of the entity’s management, the auditor should recognise that a situation of irregularity or fraud could exist. Auditors should discuss among themselves and be alert for situations, control weaknesses, errors and unusual transactions or results that could indicate illegal acts, such as
fraud
, impropriety, corruption or irregularities, or
abuse.
In the occurrence of such an event, the audit team should determine the extent to which such acts affect the audit result and should follow the
standard ECA procedures
in respect of fraud.
Resources
Evidence collection plan
It documents the audit questions and sub-questions, criteria, types and sources of evidence, and collection and analysis procedures that will be applied to answer them.
Performance audit database
It consists of audit questions, methods and techniques used in previous audits. It can be searched by keyword and/or filtering the required fields.
Related documents
Standards
ISSAI 300/37-38
ISSAI 3000/101-103
Principles
Instructions
Designing audit procedures
Data collection procedures
Data analysis procedures
Other considerations
Resources
Last Modified
: 22/05/2023 11:31
Tags
:
‹
›
×