SA 500 – Audit Evidence

SA 500 ‘Audit Evidence’ is a revised version of the erstwhile Auditing and Assurance Standard (AAS) 5, “Audit Evidence” issued by the ICAI in 1988. The revised SA is quite detailed in terms of what constitutes audit evidence in an audit of financial statements, and deals with the auditor’s responsibility to design and perform audit evidence to obtain sufficient and appropriate audit evidence to be able to draw reasonable conclusion on which to base the auditor’s opinion.

As mentioned in SA 200 ‘Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with Standards on Auditing’, the auditor’s objective is to obtain a reasonable assurance, that the financial statement as a whole, are free from material misstatement, whether due to fraud or error, thereby enabling the auditor to express and opinion on the financial statements. In the process of obtaining this reasonable assurance, the auditor should focus on obtaining sufficient and appropriate audit evidence (SAAE).

Requirements of the SA 500

• Design and perform audit procedures that are appropriate in circumstances for the purpose of obtaining sufficient and appropriate audit evidence
• Consider relevance and reliability of the information to be used as audit evidence
• Selecting items for test of controls and test of details to obtain audit evidence
• Inconsistency in or doubts over reliability of audit evidence

Information to be used as audit evidence

• When designing and performing audit procedures, the auditor shall consider the relevance and reliability of the information to be used as audit evidence. The points that can be kept in mind for the same are as follows :
• Relevance deals with the logical connection with or bearing upon, the purpose of the audit procedure and, where appropriate, the assertion under consideration.
• The reliability of information to be used as audit evidence, and therefore of the audit evidence itself, is influenced by various factors such as
• The reliability of audit evidence is increased when it is obtained from independent sources outside the entity (for e.g. External Confirmation Procedures as per SA 505)
• The reliability of audit evidence that is generated internally is increased when related controls, including those over its preparation and maintenance, imposed by the entity are effective
• Audit evidence in a documentary form, whether paper, electronic, or other medium, is more reliable than evidence obtained orally (for e.g., a contemporaneously written record of a meeting is more reliable than a subsequent oral representation of the matters discussed.

• Use of management’s expert : When information to be used as audit evidence has been prepared using the work of a management’s expert, the auditor shall, to the extent necessary, having regard to the significance of that expert’s work for the auditor’s purposes:
• Evaluate the competence, capabilities and objectivity of the expert
• Obtain an understanding of the work of that expert and
• Evaluate the appropriateness of that expert’s work as audit evidence for the relevant assertion.

• When using information produced by the entity, the auditor shall evaluate whether the information is sufficiently reliable for the auditor’s purpose, including as necessary in the circumstances :
• Obtaining audit evidence about the accuracy and completeness of the information
• Evaluating whether the information is sufficiently precise and detailed for the auditor’s purposes

Selecting Items for Testing to Obtain Audit Evidence

An effective test provides appropriate audit evidence to an extent that taken with other audit evidence obtained or to be obtained, will be sufficient for the auditor’s purposes. In selecting items for testing, the auditor is required to determine the relevance and reliability of information to be used as audit evidence. The means available to the auditor for selecting items for testing are:

1. Selecting all items (100% examination)
2. Selecting specific items; and
3. Audit sampling in accordance with SA 530

Inconsistency in or doubts over reliability of Audit Evidence

If audit evidence obtained from one source is inconsistent with that obtained from another or the auditor has doubts over the reliability of information to be used as audit evidence, the auditor should determine what modifications or additions to audit procedures are necessary to resolve the matter, and shall consider the effect of the matter, if any, on other aspects of audit.

Audit Procedures for Obtaining Audit Evidence are performed using the following techniques :

Inspection	It involves examining records or documents, whether internal or external, in paper form, electronic form, or other media, or a physical examination of an asset.
Observation	It consists of looking at a process or procedure being performed by others. For e.g., auditor’s observation of inventory counting by the entity’s personnel, or of the performance of control activities.
Inquiry	It consists of seeking information of knowledgeable persons, both financial and non- financial, within the entity or outside the entity. Inquiries may range from formal written inquiries to informal oral inquiries.
Recalculation	It consists of checking the mathematical accuracy of documents or records. It may be performed manually or electronically.
Reperformance	It involves the auditor’s independent execution of procedures or controls that were originally performed as part of entity’s internal control.
Analytical Procedures	It consists of evaluation of financial information and investigation of identified fluctuations and relationships that are inconsistent with other relevant information or deviate significantly from predicted amounts.
External Confirmations	It represents audit evidence obtained by the auditor as a direct written response to the auditor from a third party (confirming party), in paper form, or by electronic or other medium.

Although inquiry may provide important audit evidence, and may even produce evidence of a misstatement, inquiry alone ordinarily does not provide sufficient audit evidence of the absence of a material misstatement at the assertion level, nor of the operating effectiveness of controls.

The sufficiency and appropriateness of audit evidence are interrelated. Sufficiency is the measure of the quantity of audit evidence. Appropriateness is the measure of the quality of audit evidence; that is, its relevance and its reliability in providing support for the conclusions on which the auditor’s opinion is based. The quantity of audit evidence needed is affected by the auditor’s assessment of the risks of misstatement (the higher the assessed risks, the more audit evidence is likely to be required) and also by the quality of such audit evidence (the higher the quality, the less may be required). Obtaining more audit evidence, however, may not compensate for its poor quality.

Certain electronic information may not be retrievable after a specified period of time, for example, if files are changed and if backup files do not exist. Accordingly, the auditor may find it necessary as a result of an entity’s data retention policies to request retention of some information for the auditor’s review or to perform audit procedures at a time when the information is available.

Other Points

As per the requirements of SA 330 ‘The Auditor’s Responses to Assessed Risks’, the auditor to conclude whether sufficient appropriate audit evidence has been obtained.9Whether sufficient appropriate audit evidence has been obtained to reduce audit risk to an acceptably low level, and thereby enable the auditor to draw reasonable conclusions on which to base the auditor’s opinion, is a matter of professional judgment.

As per the requirements of SA 230 ‘Audit Documentation’, the auditor shall assemble the audit documentation, which primarily includes auditor’s work papers on substantiating the audit evidence, in an audit file and complete the administrative process of assembling the final audit file on a timely basis after the date of auditor’s report.

As per SQC-1, the firm should establish policies and procedures for the timely completion of the assembly of audit files. An appropriate time limit within which to complete the assembly of final audit file is ordinarily not more than 60 days after the date of the auditor’s report.

SA 520 – Analytical Procedures

SA 520 ‘Analytical Procedures’ is a revised version of the erstwhile Auditing and Assurance Standard (AAS) 14, ‘Analytical Procedures’ issued by the Institute in 1997. The revised SA deals with the auditor’s use of analytical procedures as substantive analytical procedures that assist the auditor when forming an overall conclusion on the financial statements.

The term “Analytical Procedures” means evaluation of financial information through analysis of plausible relationships among both financial and non-financial data. Analytical procedures also encompass such investigation as in necessary of identified fluctuations or relationships that are inconsistent with other relevant information or that differ from expected values by significant amount. The routine audit checks and procedures cannot be fully depended upon to highlight the material mistakes or manipulation that may exist in accounts and hence the auditors are expected to carry out certain other alternative analytical procedures like analysis of trend and ratio, analysis of significant variances, etc.

Timing of Analytical Procedures

Analytical Procedures can be applied at planning, testing and completion phase.

1. Planning Phase: Trend Analysis of Past Profits.
2. Testing Phase: Comparing salary with total number of employees.
3. Completion Phase: Overall Ratio Analysis of current year financial performance.

The use of analytical procedures as risk assessment procedures is outlined in SA 315 ‘Identifying and Assessing the Risk of Material Misstatement through Understanding the Entity and it’s environment’. SA 330 ‘The Auditor’s Responses to Assessed Risks’ includes requirements and guidance regarding the nature, timing and extent of audit procedures in response to assessed risks; these audit procedures may include substantive analytical procedures.

Requirements of the SA 520

• Designing substantive analytical procedures
• Designing procedures that assist when forming an overall conclusion
• Investigating Results of analytical procedures

Designing Substantive Analytical Procedures

When designing and performing substantive analytical procedures, either alone or in combination with tests of details, as substantive procedures in accordance with SA 330, the auditor shall :

1. Determine the suitability of particular substantive analytical procedures for given assertions, taking account of the assessed risks of material misstatement and tests of details, if any, for these assertions.
2. Evaluate the reliability of data from which the auditor’s expectation of recorded amounts or ratios is developed, taking account of source (source can be interim financial information, budgets, tax returns & board minutes) and, comparability, and nature and relevance of information available, and controls over preparation.
3. Develop an expectation of recorded amounts or ratios and evaluate whether the expectation is sufficiently precise to identify a misstatement that, individually or when aggregated with other misstatements, may cause the financial statements to be materially misstated.
4. Determine the amounts of any difference of recorded amounts from expected values that is acceptable without further investigation.

Designing Procedures that assist when forming an overall conclusion

The auditor shall design and perform analytical procedures near the end of the audit that assist the auditor when forming an overall conclusion as to whether the financial statements are consistent with the auditor’s understanding of the entity.

Investigation Results of Analytical Procedures

If analytical procedures performed in accordance with this SA identify fluctuation or relationships that are inconsistent with other relevant information or that differ from expected values by a significant amount, the auditor shall investigate such differences by :

1. Inquiring of management and obtaining appropriate audit evidence relevant to management’s responses
2. Performing other audit procedure (alternative audit procedures) as necessary in the circumstances.

The auditor’s substantive procedures at the assertion level may be tests of details, substantive analytical procedures, or a combination of both. The decision about which audit procedures to perform, including whether to use substantive analytical procedures, is based on the auditor’s judgment about the expected effectiveness and efficiency of the available audit procedures to reduce audit risk at the assertion level to an acceptably low level. The auditor may inquire of management as to the availability and reliability of information needed to apply substantive analytical procedures, and the results of any such analytical procedures performed by the entity. It may be effective to use analytical data prepared by management, provided the auditor is satisfied that such data is properly prepared.

Auditors may use the following techniques as a substantive analytical procedure to obtain sufficient and appropriate audit evidence

Various methods may be used to perform analytical procedures. These methods range from performing simple comparisons to performing complex analyses using advanced statistical techniques, as presented below.

Trend Analysis	A commonly used technique. It is a comparison of current data with the prior period balance or with a trend in two or more prior period balances. Auditors can evaluate the current balances of an account moves in line with the trend established with previous balance for that account, or based on an understanding of factors that may cause the account to change.
Ratio Analysis	It is useful for analysing asset and liability accounts as well as revenue and expense accounts. An individual balance sheet account is difficult to predict on its own, but its relationship to another account is often more predictable (e.g., trade receivables balances related to sales). Ratios can be also used to compare two players in same industry viz. peer benchmarking.
Reasonableness Test	Unlike trend analysis, this procedure does not rely on events of prior periods, but upon non- financial data for the audit period under consideration (for e.g., occupancy rates to estimate rental income or interest rates to estimate interest income or expense).
Structural Modelling	A modelling tool constructs a statistical model from financial and/or non-financial data or prior accounting periods to predict current account balances (for e.g., linear regression).

Substantive analytical procedures are generally more applicable to large volumes of transactions that tend to be predictable over time. The application of planned analytical procedures is based on the expectation that relationships among data exist and continue in the absence of known conditions to the contrary.

The auditor shall design and perform analytical procedures near the end of the audit that assist the auditor when forming an overall conclusion as to whether the financial statements are consistent with the auditor’s understanding of the entity.

Other Points

Analytical Procedures may help to identify the existence of unusual transactions or events and amounts, ratios, and trends that might indicate matters that have audit implications. Analytical procedures may be applied to consolidated financial statements, components and individual elements of information.  

SA 530 – Audit Sampling

SA 530 ‘Audit Sampling’ is a revised version of the erstwhile Auditing and Assurance Standard (AAS) 15, “Audit Sampling” issued by the Institute in 1998. According to SA 530, audit sampling refers to application of audit procedures to less than 100% of items within a population of audit relevance such that all sampling units have a chance of selection to provide the auditor with a reasonable basis on which to draw conclusions about the entire population.

This SA deals with the auditor’s use of statistical and non-statistical sampling when designing and selecting the audit sample, performing tests of controls and tests of details, and evaluating the results from the sample. It also deals with the requirements relating to sample design, size, and selection of items for testing, performing audit procedures, nature and cause of deviations and misstatements, projecting misstatements, and evaluating results of audit sampling.

What is the need of sampling procedure in auditing financial statements? /Is auditor justified in using sampling technique?

• The extent of checking to be undertaken is primarily a matter of judgement of the auditor, there is nothing statutorily stated anywhere which specifies what work is to be done, how it is to be done and to what extent
• It is not obligatory that the auditor must adopt the sampling technique. What he is to do is to express his opinion and become bound by that
• To ensure good and reasonable standard of work, he should adopt standards and techniques that can lead him to an informed professional opinion.

On a consideration of this fact, it can be said that it is in the interest of the auditor that if he decides to form his opinion based on review of samples, he should adopt standards and techniques which are widely followed and which have a recognised basis. When designing an audit sample, the auditor’s consideration includes the specific purpose to be achieved and the combination of audit procedures that is likely to best achieve that purpose.

Objective of Auditor as per SA 530

• To provide a reasonable basis for the auditor to draw a conclusion about the population from which the sample is selected.

Sampling Risk

• The risk that the auditor’s conclusion based on a sample may be different from the conclusion if the entire population were subjected to the same audit procedure. Sampling risk can lead to two types of erroneous conclusion:
• In case of test of controls, that controls are more effective than they are, or in the case of a test of details, that a material misstatement does not exist when in fact it does. The auditor is primarily concerned with this type erroneous conclusion because it affects audit effectiveness and is more likely to lead to an inappropriate audit opinion.
• In case of test of control, that controls are less effective than they are, or in the case of a test of details, that a material misstatement exists when in fact is does not. This type of erroneous conclusion affects audit efficiency as it would usually lead to additional work to establish that initial conclusion was incorrect.

Non-Sampling Risk

• The risk that the auditor reaches an erroneous conclusion for any reason not related to sampling risk.

The level of sampling risk that the auditor is willing to accept affects the sample size required. The lower the risk the auditor is willing to accept, the greater the sample size will need to be.

Requirements of the SA 530

• Sample Design, Size and Selection of Items of Testing
• When designing an audit sample, the auditor shall consider the purpose of the audit procedure and the characteristics of the population from which the sample will be drawn.
• The auditor shall determine a sample size sufficient to reduce the sampling risk to an acceptably low level.
• The auditor shall select items for the sample in such a way that each sampling unit in the population has an equal chance of selection.

• Sample Selection Methods

Random Sampling	It ensures that all items in the population or within each stratum have a known chance of selection. It may involve the use of random number tables. Random sampling includes two very methods viz. Simple Random Sampling & Stratified Sampling.
Systematic Sampling	It is a selection method in which the number of sampling units in the population is divided by the sample size to give a sampling internal, for example 50 and having determined a starting point within the first 50, each 50th unit thereafter is selected.
Block Sampling	It involves selection of a block(s) of contiguous items from within the population. Block selection cannot ordinarily be used in audit sampling because most populations are structured such that items in a sequence can be expected to have similar characteristics to each other, but different characteristics from items elsewhere in population.
Monetary Unit Sampling	It is a type of value-weighted selection in which sample size, selection and evaluation results in a conclusion in monetary amounts.
Haphazard Sampling	It is a technique in which auditor selects the sample without following a structured way. Although no technique is used, the auditor would nonetheless avoid any conscious bias and predictability.

• Performing Audit Procedures
• The auditor shall perform audit procedures, appropriate to the purpose, on each item selected.
• If the audit procedure is not applicable to the selected item, the auditor shall perform the procedure on a replacement item. For e.g., when a cancelled cheque is selected while testing for evidence of payment authorisation.

If the auditor is unable to apply the designed audit procedures, or suitable alternative audit procedures, to a selected item, the auditor shall treat that item as a deviation from the prescribed control, in the case of tests of controls, or a misstatement, in the case of tests of details. For e.g., auditor unable to apply procedure when documentation relating to item has been lost.

• Nature and Cause of Deviation
• The auditor shall investigate the nature and cause of any deviation or misstatements identified and evaluate their possible effect on the purpose of the audit procedure and on other areas of the audit.
• In the extremely rare circumstances when the auditor considers a misstatement or deviation discovered in a sample to be an anomaly, the auditor shall obtain a high degree of certainty that such misstatement or deviation is not representative of the population.

• Projecting Misstatements
• For tests of details, the auditor shall project misstatement found in the sample to the population.
• When a misstatement has been established as an anomaly, it may be excluded when projecting misstatements to the population. However, the effect of any such misstatement, if uncorrected, still needs to be considered in addition to the projection of the non-anomalous misstatements.
• For tests of controls, no explicit projection of deviations is necessary since the sample deviation rate is also the projected deviation rate for the population.
•  

Evaluating Results of Audit Sampling

1. The auditor shall evaluate the results of the sample and whether the use of audit sampling has provided a reasonable basis for conclusions about the population that has been tested.
2. For tests of controls, an unexpectedly high sample deviation rate may lead to an increase in the assessed risk of material misstatement, unless further audit evidence substantiating the initial assessment is obtained.
3. For tests of details, an unexpectedly high misstatement amount in a sample may cause the auditor to believe that a class of transaction or account balance is materially misstated, in the absence of further audit evidence that no material misstatement exists.
4. In the case of tests of details, the projected misstatements plus anomalous misstatements, if any, is the auditor’s best estimate of misstatement in the population.
5. When the projected misstatements plus anomalous misstatement, if any, exceeds tolerable misstatement, the sample does not provide a reasonable basis for conclusions about the population that has been tested.
6. The closer the projected misstatement plus anomalous misstatement is to tolerable misstatement, the more likely that actual misstatement in the population may exceed tolerable misstatement.
7. Also, if the projected misstatement is greater than the auditor’s expectations of misstatement used to determine the sample size, the auditor may conclude that there is an unacceptable sampling risk that the actual misstatement in the population exceeds the tolerable misstatement.

• Conclusion

If the auditor concludes that audit sampling has not provided a reasonable basis for conclusions about the population that has been tested, the auditor may:

1. Request the management to investigate misstatements that have been identified and the potential for further misstatements and to make any necessary adjustments or
2. Tailor the nature, timing and extent of those further audit procedures to best achieve the required assurance.

Other Points

Use of sophisticated technology and data analytics in the audit is fast becoming a standard operating practice as firm are embracing the digital-first approach to engagements that is becoming more prevalent at firms across the country.

The discussion about technology, digital platforms, and data analytics in audits refers to use of software that gives practitioners the ability to analyse complete datasets in ways that were not possible in the past. Earlier Sampling used to be done manually but now, due to the development of technology, much software are no available which will be now used instead of manually technique.