安永审计流程课件.ppt

1、E&Y GAM:Road MapClient Needs and Expectations/Our Responsibilities/Professional StandardsValue/Knowledge/TeamworkEstablish Engagement ObjectivesUnderstand Business andEstablish AuditStrategyPerformAuditProceduresConclude the Audit and Assess Performance915Perform Analytical and Data AnalysisProcedur

2、es10Perform Tests ofDetails11Perform GeneralAuditProcedures1412Concludethe AuditAssessOurPerformanceCo-DevelopClientExpectations12Identify andOrient theAudit TeamINHERENT RISKPerform Tests of Controls7Understand theBusiness3455Business6CONTROL RISKAssess Internal Control at the Entity Level and the

3、Risk of FraudUnderstand and Evaluate Significant Processes and Related ControlsDevelop thePreliminary Audit Strategy13AssessClientSatisfactionCombined Risk AssessmentValue ObservationsPerform Risk Assessments andCustomize AuditSolutions8Develop thePreliminary Audit StrategyPotential ClientDeliverabl

4、esPerformance SupportInputsOutputsActivity 1:Co-Develop Client Expectations1.1 Develop an understanding of the clients needs and expectations with respect to how we deliver our audit and other business services with the clients key decision maker(s)and other key executives.1.2 Develop,in conjunction

5、 with the key decision maker(s),a value scorecard,based on the clients needs and expectations,desired deliverables,and the measurement criteria that were agreed upon 1.3 Communicate and agree with the key decision maker(s)(and,where appropriate,the audit committee or its equivalent)our understanding

6、 of its needs and expectations and our related responsibilities.Continue throughout the audit,to communicate our value deliverables and compare those deliverables to the agreed upon measurement criteria.Co-DevelopClientExpectations1 Value Observation/ML items Engagement Letter Summary of co-develope

7、d expectations(client service communication)Summary of client relationshipexpectations and service delivery needsand expectations Our action plan High level understanding of businessgoals,objectives and strategies,CSFs Value scorecard components(measurements)Record effect of business and financial s

8、tatement risks on significant accounts andtheir related financial statement assertions in our Combined Risk Assessment(Inherent Risk,Control Risk items)Audit Planning Presentation Template Co-Develop Expectations Template(Value Scorecard)Service Charter BEAT/SWOT Other forms&templates EY/AWS,GDAProc

9、eduresKnowledge ResourcesAudit Team Relationship expectations Service delivery needs and expectations Mission statement Business goals,objectives and strategies E&Y GAM Database GAAIT Press releases Market information,economic trends Industry and business knowledge Analyst reports/industry journals

10、Output from prior year audit Team knowledge from discussions withclient personnel Information regarding changes instandards,policies and regulationsOther DocumentationClientPotential ClientDeliverablesOutputsInputsActivity 2:Identify and Orient the Audit Team2.1 Identify the key engagement roles,con

11、sider each engagement team members skills in order to assign the team members to specific roles,identify and address additional resource needs(if any),and gain the commitment of the team members to their assigned roles.2.2 Discuss our understanding of the clients needs and expectations,value measure

12、ment criteria,and deliverables agreed upon with the clients key decision maker(s)with the engagement team members who were not involved in that process.2.3 Develop the teams goals and objectives,and discuss how the team will work together,the specific observable behaviors that team members are to de

13、monstrate,and the ground rules for conduct,accountability,and respect among the team members.2.4 Develop plans for timely,direct executive participation in the performance of the audit.Identify andOrient theAudit Team2 Engagement Team Database Area Assignment and Review Responsibilities Template Aut

14、omated Time Control Template Other forms&templates EY/AWS,GDA Client communication of whois part of the team together with assigned roles Summary of:-Team goals and objectives-Each team members key responsibilities:*Role*Audit areas*Work products and deliverablesProceduresAudit Team E&Y GAM Database

15、 HR Database(skills,availability,etc.)Output from prior year audit Output from current year:Activity 1(client relationship expectations and service delivery needs and expectations)Knowledge of team roles Knowledge of team members skills Team members development objectivesKnowledge ResourcesOther Doc

16、umentationPerformance SupportPotential ClientDeliverablesInputsOutputs Global Benchmarking Browser Analytical tools Value chain and process models Understand the Business Template Understand Critical Business Processes T.BEAT/SWOT/Other forms&templates EY/AWS,GDAActivity 3:Understand the Business3.1

17、 Update and/or obtain an understanding of the relevant market forces and other environmental factors.3.2 Update and/or obtain knowledge of how the expectations of key stakeholders influence managements actions.3.3 Understand the clients business goals and objectives and the strategies developed to a

18、chieve those goals and objectives.3.4 Identify the critical success factors that are most important to the achievement of the clients strategies.3.5 Identify and gain a high-level understanding of the clients business processes.3.6 Identify the clients critical business processes.3.7 Understand how

19、management controls its critical business processes in order to achieve the clients critical success factors.Summary of significant changes in market forces,environmental factors,influence of key stakeholders on managements actions(BEAT)/strategic SWOT Summary of clients goals,objectives strategies

20、and CSFs Customized clients mega/major processes/organizational components List of the critical business processes Summary of how management controlsand monitors the critical processes Record effect of business and financial statement risks on significant accounts andtheir related financial statemen

21、t assertions in our Combined Risk Assessment(Inherent Risk,Control Risk items)Analysis of market forces,environmentalfactors and key stakeholders for validation Goals,objectives,strategies,CSFs for validation Clients mega/major process documentationfor validation Value scorecard items Value Observat

22、ion/ML items(Identification ofsolutions and/or service opportunities)Understand theBusiness3ProceduresAudit Team Analysis of market forces Analysis of environmental factors Analysis of stakeholders Loan documents,union agreements,etc.Financial and operating data Product and marketing literature Orga

23、nization chart Business plan and other strategic planning documents Process models,including value chain,KPI IT Goals,Objectives and Strategies E&Y GAM Database GAAIT Industry Knowledge Online Kweb Tools and Reference Guide Market information,economic trends Other industry and business knowledge,int

24、elligence and leading practices Analyst reports/industry journals Output from prior year audit Output from current year Activity 1(understanding of business goals objectives,strategies and CSFs)Knowledge and considerations of key stakeholdersas well as economical,technological,compliance and regulat

25、ory,political and social factors Knowledge of accounting practices and reportingobligations Information from related companiesKnowledge ResourcesOther DocumentationPerformance SupportClientPotential ClientDeliverablesInputsOutputsActivity 4:Assess Internal Control at the Entity Level and the Risk of

26、 Fraud4.1 Gain an understanding of each of the fivecomponents of the clients internal control atan entity level and identify the fraud riskfactors that are present.4.2 Understand and evaluate the clients ITgeneral controls.4.3 Assess the effectiveness(ineffectiveness)ofthe clients internal control a

27、t the entity leveland the risk of fraud.Assess Internal Control at the Entity Level and the Risk of Fraud4 Value scorecard items Value Observation/ML items(Internal control improvement ideas,IT process leading practice information,etc)Assessment of internal control at the entity level Consideration

28、of risk of fraud Evaluation of the effectiveness of theinternal audit function Assessments made as an input forclient continuance process Understanding of IT environment,processes and general controls Results of walk-through and evaluation regarding the effectivenessof the design of IT general contr

29、ols Record effect of business and financial statement risks on significant accounts andtheir related financial statement assertions in our Combined Risk Assessment (Inherent Risk,Control Risk items)Analytical tools ICFC Questionnaire EY Technology Summary Form Other forms&templates EY/AWS,GDAProcedu

30、resAudit Team Organization chart,including concentration ofauthority and responsibilities Information about the control structure of thecompany(Control environment,risk assessment,control activities,information and communication,monitoring)Compliance requirements imposed by regulatory agencies Finan

31、cial and operational information Board minutes/Internal audit reports Human resources,and management policies and procedures IT process models,policies and procedures,other plans and performance targets E&Y GAM Database IT process models,benchmarks and leadingpractices Output from prior year audit O

32、utput from current year:Activity 1 Clients needs and expectationsActivity 3 Significant environmental changes,business goals,objectives,strategiesand CSFs,(critical)businessprocesses,business risk Understanding of Internal Audit FunctionKnowledge ResourcesOther DocumentationPerformance SupportClient

33、Potential ClientDeliverablesInputsOutputsActivity 5:Develop the Preliminary Audit Strategy5.1 Perform an overall analysis of the financial statements and other relevant financial and non-financial information,supplemented by inquiries of operating and financial management.5.2 Establish planning mate

34、riality and tolerable error,and set a nominal amount below which we will not carry audit differences to the Summary of Audit Differences.5.3 Identify significant accounts or groups of accounts.5.4 Identify processes that influence the significant accounts or groups of accounts.5.5 Develop a strategy

35、 for understanding and evaluating significant processes.5.6 Make a preliminary combined(inherent and control)risk assessment for each significant account or group of accounts and the related financial statement assertions.5.7 Establish our preliminary audit scope.5.8 Prepare the Audit Strategies Mem

36、orandum.5.9 Prepare the preliminary audit program or work plan.5.10 Complete other planning and engagement management items.Develop thePreliminary Audit Strategy5 Value scorecard items Value Observation/ML items Audit planning presentation List of documentation to be prepared byclient Global Benchma

37、rk Browser(GBB)Analytical tools Engagement Team Database Value chain and process models Significant Process Map Template EY Technology Summary Form Other forms&templates EY/AWS,GDAProceduresAudit Team Interim financial statements,including management analysis Other interim financial and operating da

38、ta Knowledge of overall trends in the businessand the industry Statutory and other reports Board minutes E&Y GAM Database GAAIT Output from prior year audit Output from current year:Activity 1 Clients needs and expectationsActivity 2 Team goals,objectives,rolesActivity 3 Significant changes in marke

39、t forces,environmental factors and stakeholderinfluence,business goals,objectivesstrategies,CSFs and major businessprocesses,definition of critical processesActivity 4 Internal controls/IT general controls Information regarding changes in standards,policies and regulations Audit instruction from cor

40、porate auditor to subsidiary auditors Results from client continuance processKnowledge ResourcesPerformance Support Conclusion from overall analysis of financial/non-financial data/inquiries of management Planning materiality,tolerable error,and SAD nominal amount Determination of significant accoun

41、ts Link between significant processes and significant accounts Decision/strategy for understanding and evaluating significant processes Preliminary Combined Risk Assessment Preliminary audit scope Audit Strategies Memorandum(ASM)Preliminary audit program or work steps Engagement budget and staffing

42、assignments Multi-location audit considerations and corresp.Record effect of business&financial statement risks on significant accounts and their related financial statement assertions in our CRA(IR&CR items)Engagement LetterOther DocumentationClientPerformance SupportPotential ClientDeliverablesInp

43、utsActivity 6:Understand and Evaluate Significant Processes Related Controls6.1 Gain an understanding of the significantprocesses.6.2 Identify the types of errors that could occur.6.3 Decide whether we plan to identify,understand,and evaluate controls overthese processes,or follow an approach ofasse

44、ssing control risk at the maximum andperforming substantive procedures at ornear year end.6.4 When we plan to assess control risk atless than the maximum,identify therelated controls designed to preventand/or detect the types of errors that couldoccur(i.e.,understand how managementcontrols the proce

45、ss).6.5 Conduct a walk-through to confirm ourunderstanding of the process design,andwhen we have decided to assess controlrisk at less than the maximum,ourunderstanding of the related controls,anddetermine that the identified controls havebeen placed in operation.6.6 Preliminarily evaluate the effec

46、tiveness ofthe related controls.6.7 Decide whether we will test(beyond ourwalk-throughs)and place additionalreliance on controls related to theprocess.6Understand and Evaluate Significant Processes and Related Controls Value scorecard items Value Observation/ML items(process improvement ideas:time,c

47、ost,quality,benchmarks and leading practices)Process documentation for validation For each significant process we decided toevaluate in A5(Business,Accounting,FSCP)Record effect of business and financial statement risks on significant accounts andtheir related financial statement assertions in our C

48、RA (Inherent Risk,Control Risk items)ABC Flowcharter Business Process Profiler Value chain and process models Gain an Understanding of Sign.Processes Template/Perform Walk-Throughs Template IT Controls Evaluation Form Other forms&templates EY/AWS,GDA-Documentation of our understanding of thedesign a

49、nd operation of the process andrelated manual and application controls-Types of errors that could occur in connection with each of the relevant financialstatement assertions-Documentation and conclusions of our walk-throughs of the process and relatedmanual and application controls-Preliminary evalu

50、ation of the effectiveness of the related controlsProceduresAudit Team Documentation of significant processes,Including FSCP(objectives,owners,inputs/outputs,controls)Trial balance,general and subsidiary ledgers Financial statements and disclosures Performance targets/KPIs Policies and procedures ma