`presidency college (autonomous), Chennai – 5

Practical auditing – study material

Prepared by
Aswin. A
(iii bcom 2022-23)

Unit – I: Introduction
Auditing: Meaning, Definition, Objectives, Scope, Advantages and Limitations -
Classification of Audit - Audit Planning - Audit programme - Audit Note Book, - Audit
working papers - Test checking and Routine checking – Meaning - Internal control –
Meaning - Definition - Objectives - Technique for evaluation of Internal Control System.
Internal check - Meaning - Objectives difference between Internal control, Internal
check and Internal Audit.
Unit – II: Vouching and Verification
Vouching - Meaning and Definitions - Objectives. Trading Transactions - Audit of Ledger
Scrutinizing of ledgers - Vouching of cash Receipts and Payments - Vouching of
outstanding Assets and Liabilities - Verification - Meaning - Objectives and Process -
Valuation of Assets and liabilities - Distinction between Verification and Valuation.
Unit – III: Audit and Accounting Standards
Types of Audit - Statutory Audit - Concurrent Audit - Stock Audit - Cost Audit –Secretarial
Audit - CAG Audit - Management Audit. Accounting Standards - Standards on Auditing
– 65 Standards on Internal Audit - Penal Provisions - Role of National Financial Reporting
Authority (NFRA).
Unit – IV: Auditors and Audit Report
Appointment of Auditors - Procedures - Eligibility and Qualifications - Powers and
Duties -Rotation and Removal of Auditors - Resignation of Auditors - Remuneration of
Auditors - Audit report - Preparation and presentation. Auditor’s Responsibilities and
liabilities towards Shareholders, Board and Audit Committee - Restriction on other
Services.
Unit – V: Recent Trends in Auditing
EDP Audit - Meaning - Division of auditing in EDP environment. Impact of
Computerization on Audit Approach - Online Computer System Audit - Types of Online
Computer System Audit - Audit around with the Computers - Procedure of Audit under
EDP system.
 UNIT – 1: INTRODUCTION
MEANING
Auditing refers to the systematic and independent examination of financial
statements, records, operations, and processes of an organization to ensure
compliance with established accounting principles, laws, regulations, and standards.

DEFINITION
"Auditing is a systematic and independent examination of data, statements, records,
operations and performances (financial or otherwise) of an enterprise for a stated
purpose." - R. M. S. Wilson

"Auditing is an independent examination of financial information of any entity,

whether profit-oriented or not, irrespective of its size or legal form, when such an
examination is conducted with a view to express an opinion thereon." - International
Federation of Accountants (IFAC)

OBJECTIVES OF AUDITING:
• To express an opinion on the financial statements prepared by the management.
• To ensure compliance with applicable laws, regulations, and accounting
standards.
• To detect and prevent fraud, errors, and irregularities.
• To provide constructive recommendations for improvement in the internal
control system and accounting practices.
• To enhance the credibility of financial statements and build trust among
stakeholders.

SCOPE OF AUDITING:
The scope of auditing includes the following:
• Examination of financial statements, records, and transactions to ensure their
accuracy and completeness.
• Review of internal control procedures to assess their effectiveness in preventing
errors and fraud.
• Verification of compliance with applicable laws and regulations.
• Assessment of risk management practices and identification of potential risks.
• Evaluation of the quality of financial reporting and disclosure.

ADVANTAGES OF AUDITING:
• Provides an independent assessment of the financial health and integrity of the
organization.
• Enhances the credibility of financial statements and builds trust among
stakeholders.
• Helps to identify potential risks and weaknesses in internal control systems.
• Facilitates the prevention and detection of fraud, errors, and irregularities.
• Provides constructive recommendations for improvement in accounting
practices and internal control systems.

LIMITATIONS OF AUDITING:
• Audit reports are based on a sample of transactions and are not exhaustive.
• Auditors may be limited by the quality of information provided by the
management.
• Audit reports are based on the information available at a specific point in time
and do not provide assurance about the future.
 • Audit reports may be subject to interpretation and may not always be clear and
concise.
• Auditors may face pressure to provide favourable opinions due to their
dependence on the organization for future business.

CLASSIFICATION OF AUDIT:
Financial Audit: A financial audit is the most common type of audit that is conducted
to express an opinion on the fairness and accuracy of an organization's financial
statements. It involves examining the financial records, transactions, and operations of
an organization to ensure compliance with generally accepted accounting principles
(GAAP) and relevant accounting standards.
Operational Audit: An operational audit is conducted to evaluate the effectiveness and
efficiency of an organization's internal control systems and business processes. It
focuses on identifying areas of improvement in the processes and procedures of an
organization.
Compliance Audit: A compliance audit is conducted to assess whether an
organization is complying with relevant laws, regulations, and policies. It involves
reviewing the organization's procedures and processes to ensure compliance with
legal and regulatory requirements.
securely.
Forensic Audit: A forensic audit is conducted to investigate fraud or financial
irregularities. It involves collecting and analysing evidence to determine the existence,
extent, and impact of fraud, and to identify the parties involved.
Internal Audit: An internal audit is conducted by an organization's internal audit
department to assess the effectiveness of its internal controls, risk management, and
governance processes. It helps to identify areas of improvement in an organization's
operations and ensures compliance with internal policies and procedures.
External Audit: An external audit is conducted by an independent auditor to express
an opinion on the fairness and accuracy of an organization's financial statements. It
provides assurance to external stakeholders, such as investors, creditors, and
regulators, about the organization's financial health and integrity.
Performance Audit: A performance audit is conducted to evaluate the effectiveness
and efficiency of an organization's programs, activities, and operations. It focuses on
measuring and analysing the results achieved by an organization and identifying areas
for improvement.

AUDIT PROGRAMME
An audit program is a detailed plan of the procedures to be performed by an auditor to
achieve the audit objectives. It is a comprehensive guide that outlines the steps an
auditor should take to conduct an effective audit.

The audit program includes a description of the audit objectives, scope, and
methodology, as well as the audit procedures to be performed to achieve those
objectives. The procedures in an audit program may include:

1. Review of financial statements, records, and transactions

2. Verification of assets and liabilities
3. Analysis of financial ratios
4. Evaluation of internal controls
5. Assessment of compliance with laws and regulations
6. Review of management's representations and assertions
7. Communication with stakeholders
AUDIT NOTEBOOK
An audit notebook is a document used by auditors to document their work,
observations, findings, and conclusions during an audit engagement. It serves as a
record of the audit activities and provides evidence of the audit work performed.

The audit notebook typically contains the following information:

1. Audit objectives and scope

2. Audit program and procedures
3. Working papers, including data, calculations, and documentation
4. Observations and findings
5. Conclusions and recommendations
6. Communication with the auditee and other stakeholders
7. Signatures and approvals

AUDIT WORKING PAPER

An audit working paper is a document used by auditors to record and document the
evidence obtained and the procedures performed during an audit engagement. It
provides a detailed and organized record of the audit work performed, including the
data analyzed, the tests performed, and the conclusions reached.

TEST CHECKING & ROUTINE CHECKING

Test checking and routine checking are two methods used by auditors to examine
financial records during an audit engagement.

Test checking involves the examination of a sample of transactions or records to

evaluate the overall accuracy and completeness of the financial records. The selection
of the sample is based on a statistical or judgmental sampling method. The objective
of test checking is to provide reasonable assurance that the financial records are
accurate and complete.

Routine checking, on the other hand, involves the examination of all or a significant
portion of the financial records. It is a more detailed and comprehensive examination
of the records compared to test checking. The objective of routine checking is to
provide a higher level of assurance that the financial records are accurate and
complete.

INTERNAL CONTROL AUDIT

Internal control audit refers to the process of evaluating the effectiveness of an
organization's internal control system. The audit is typically conducted by an
independent auditor or an internal auditor and involves the examination of the
organization's policies, procedures, and processes to ensure that they are designed and
operating effectively.

OBJECTIVES OF AN INTERNAL CONTROL AUDIT:

• Evaluate the effectiveness of the organization's internal control system in

achieving its objectives
• Identify weaknesses or deficiencies in the internal control system and make
recommendations for improvement
• Provide assurance to stakeholders that the organization's internal control system
is operating effectively
• Enhance the credibility and reliability of the organization's financial reporting
• Ensure compliance with laws, regulations, and internal policies and procedures.

TECHNIQUES TO EVALUATE INTERNAL CONTROL AUDIT

Walkthroughs: This technique involves following a transaction or process from start

to finish to understand how controls are applied at each step. This helps auditors to
identify control weaknesses and make recommendations for improvements.
Risk Assessment: This technique involves identifying and assessing the risks that
could affect the organization's objectives. It helps auditors to evaluate the
effectiveness of the organization's internal control system in mitigating the
identified risks.
Document Review: This technique involves reviewing the policies, procedures, and
other documentation that outlines the internal control system. This helps auditors
to understand the design of the internal control system and identify areas for
improvement.
Observation: This technique involves observing the organization's operations and
processes to assess whether the internal control system is being implemented
effectively.
Testing: This technique involves selecting a sample of transactions and assessing
whether they were processed in compliance with the organization's policies and
procedures. It helps auditors to evaluate the operating effectiveness of the internal
control system.
Control Self-Assessment: This technique involves the use of questionnaires or
surveys to obtain feedback from employees about the effectiveness of the internal
control system.
Computer-Assisted Audit Techniques: This technique involves the use of
specialized software to extract and analyze data from the organization's systems to
assess the effectiveness of the internal control system.

INTERNAL CHECK
Internal check refers to a system of internal controls and procedures implemented
within an organization to help ensure the accuracy, completeness, and validity of
financial transactions and other business activities. It involves the separation of
duties, responsibilities, and authorities among different individuals within the
organization to prevent errors, fraud, or other irregularities.

OBJECTIVES OF INTERNAL CHECK

Accuracy and completeness of records: The internal check system aims to ensure
that all financial transactions are recorded accurately, completely, and in a timely
manner. This helps to prevent errors, omissions, or misstatements in financial
statements, which could lead to incorrect decisions by management.
Detection and prevention of errors and fraud: The internal check system is
designed to identify errors and fraudulent activities in the organization. The system
includes checks and balances to ensure that no single individual has complete
control over a transaction, reducing the risk of fraudulent activities.
Compliance with laws and regulations: The internal check system helps to ensure
that the organization complies with all relevant laws and regulations. Compliance
checks are carried out regularly to ensure that the organization is operating within
the legal framework.
Protection of assets: The internal check system helps to safeguard the
organization's assets from theft, loss, or misuse. It ensures that proper controls are
in place for the safekeeping of cash, inventory, and other assets.
Efficient operations: The internal check system aims to streamline the
organization's operations by identifying and eliminating inefficiencies. It helps to
identify areas where processes can be improved and resources can be optimized.

DIFFERENCE BETWEEN INTERNAL CHECK, INTERNAL AUDIT & INTERNAL

CONTROL
 UNIT – II: VOUCHING AND VERIFICATION

MEANING
Vouching is an auditing technique used to verify the authenticity and accuracy of
financial transactions recorded in the books of accounts. It involves examining the
supporting documents and evidence for the recorded transactions to ensure that they
are valid, complete, and properly recorded.

DEFINITION

According to R.K. Mautz and Hussein A. Sharaf in their book "The Philosophy of
Auditing," vouching is "the process of examining documentary evidence supporting
and substantiating a transaction to see if it has been properly recorded."

T.P Ghosh defines vouching as "the process of establishing the accuracy and
authenticity of transactions recorded in the books of accounts by examination of
documentary evidence."

OBJECTIVES OF AUDITING
To verify the authenticity and accuracy of transactions: The primary objective of
vouching is to ensure that all transactions recorded in the books of accounts are
authentic and accurate. The auditor examines the supporting documents and
evidence to verify the details recorded in the books of accounts, such as the amount,
date, and parties involved.
To detect errors, omissions, or irregularities: Vouching helps to identify errors,
omissions, or irregularities in the financial statements. By examining the supporting
documents and evidence, the auditor can identify any discrepancies or inconsistencies
in the transactions recorded in the books of accounts.
To ensure compliance with laws and regulations: Vouching helps to ensure that the
organization complies with all relevant laws and regulations. By examining the
supporting documents and evidence, the auditor can ensure that all transactions are
properly authorized and comply with the legal and regulatory requirements.
To ensure proper accounting treatment: Vouching helps to ensure that all
transactions are recorded in the correct accounts and are properly classified. The
auditor examines the supporting documents and evidence to ensure that transactions
are recorded in accordance with the accounting standards and principles.
To provide assurance on the reliability of financial statements: Vouching is an
essential part of the auditing process, and its objective is to provide assurance on the
reliability of the financial statements. By examining the supporting documents and
evidence, the auditor can obtain sufficient and appropriate audit evidence to support
their opinion on the financial statements.

TRADING TRANSACTIONS
Trading transactions refer to the buying and selling of goods and services in the course
of normal business operations. These transactions involve the transfer of ownership or
rights to use goods or services in exchange for money or other assets.

AUDIT OF LEDGER
Audit of ledger is a crucial part of the auditing process. The ledger is the principal book
of accounts, where all the transactions of the organization are recorded in a
summarized form. The purpose of auditing the ledger is to ensure that the ledger
accounts accurately reflect the transactions that have taken place and that they are
correctly classified and posted to the ledger accounts.

SCRUTINIZING OF LEDGERS
Scrutinizing of ledgers is an essential part of the auditing process, which involves
reviewing the ledger accounts in detail to ensure their accuracy and completeness.
The purpose of scrutinizing the ledger is to detect errors, omissions, or irregularities in
the financial statements and to provide assurance to the auditor that the ledger
accounts are free from material misstatements.

VOUCHING OF CASH RECEIPTS AND PAYMENTS

It involves the auditor examining the cash receipts and payments recorded in the
books of accounts to ensure that they are valid, properly authorized, and correctly
recorded.

The following are the steps involved in vouching of cash receipts and payments:

Review of internal controls: The auditor reviews the organization's internal controls
related to cash receipts and payments to ensure that they are effective and adequate.
Examination of cash receipts: The auditor examines the cash receipts to ensure that
they are supported by relevant documentation, such as invoices, receipts, and bank
statements.
Verification of the source of cash: The auditor verifies the source of cash received,
such as bank deposits or cash sales, to ensure that the amounts received are valid and
properly recorded.
Examination of cash payments: The auditor examines the cash payments to ensure
that they are properly authorized, supported by relevant documentation, and are in
line with the organization's policies and procedures.
Reconciliation of bank statements: The auditor reconciles the cash receipts and
payments with the bank statements to ensure that they agree and that there are no
discrepancies.
Detection of errors or irregularities: The auditor looks for errors or irregularities in the
cash receipts and payments, such as unrecorded receipts or payments, duplicate
entries, or unauthorized transactions, and investigates them further.
Testing of internal controls: The auditor tests the effectiveness of internal controls
related to cash receipts and payments, such as segregation of duties, authorization
and approval of transactions, and physical security of cash.

VOUCHING OF ASSETS AND LIABILITIES

It involves the auditor examining the transactions and events related to the assets and
liabilities recorded in the books of accounts to ensure that they are valid, properly
authorized, and correctly recorded.

The following are the steps involved in vouching of assets and liabilities:
Examination of supporting documentation: The auditor examines the supporting
documentation related to the outstanding assets and liabilities, such as invoices,
purchase orders, contracts, and agreements, to ensure that they are valid, properly
authorized, and correctly recorded.
Verification of outstanding balances: The auditor verifies the outstanding balances
by obtaining confirmations from third parties, such as customers, vendors, or lenders,
to ensure that the amounts owed or due are accurate.
Examination of accruals: The auditor examines the accruals recorded in the books of
accounts to ensure that they are in line with the organization's policies and procedures
and are properly recorded.
Detection of errors or irregularities: The auditor looks for errors or irregularities in the
outstanding assets and liabilities, such as unrecorded liabilities, overstated assets, or
unauthorized transactions, and investigates them further.
Testing of internal controls: The auditor tests the effectiveness of internal controls
related to outstanding assets and liabilities, such as segregation of duties,
authorization and approval of transactions, and proper recording of transactions.

VERFICATION
Verification is the process of confirming or substantiating the accuracy, truthfulness, or
validity of a particular item or information. It involves the auditor checking and testing
the information in the books of accounts to ensure that they are reliable and relevant.

OBJECTIVES OF VERIFICATION

The primary objectives of verification are as follows:

➢ To ensure that the information recorded in the books of accounts is accurate and
reliable.
➢ To detect and prevent errors, fraud, and irregularities in the financial statements.
➢ To ensure that all the transactions are properly authorized, approved, and
recorded.
➢ To ensure that the financial statements comply with the applicable accounting
standards and principles.
➢ To provide reasonable assurance that the financial statements present a true
and fair view of the organization's financial position and performance.

PROCESS OF VERIFICATION
The process of verification involves the following steps:

Planning: The auditor plans the verification process, including the scope of work, the
procedures to be followed, and the resources required.
Examination of supporting documents: The auditor examines the supporting
documents, such as invoices, receipts, contracts, and agreements, to ensure that they
are valid and properly authorized.
Physical inspection: The auditor conducts a physical inspection of the assets or
inventory to ensure that they exist and are in good condition.
Confirmation with third parties: The auditor confirms the balances with third parties,
such as customers, vendors, or lenders, to ensure that the amounts owed or due are
accurate.
Computation, comparison, and analysis: The auditor performs computation,
comparison, and analysis of the financial data to ensure that they are reasonable and
in line with the organization's policies and procedures.
Detection of errors or irregularities: The auditor looks for errors or irregularities in the
financial statements, such as unrecorded liabilities, overstated assets, or unauthorized
transactions, and investigates them further.
Reporting: The auditor reports the findings of the verification process to the
management, highlighting any material misstatements or errors found and making
recommendations for improvement.
VALUATION OF ASSETS & LIABILITIES
Valuation of assets and liabilities refers to the process of determining the monetary
worth or value of the assets and liabilities that are recorded in the financial statements.

Some of the commonly used valuation techniques include:

Cost method: Under this method, the asset or liability is valued at its original cost,
adjusted for any depreciation, amortization, or impairment.
Market method: Under this method, the asset or liability is valued based on the
market price, which is the price at which the asset or liability could be sold or settled in
the open market.
Income method: Under this method, the asset or liability is valued based on the
present value of the future cash flows that are expected to be generated or paid.
Replacement cost method: Under this method, the asset or liability is valued based
on the cost that would be incurred to replace or reproduce it with a similar asset or
liability.

DISTINCTION BETWEEN VERIFICATION AND VALUATION

 UNIT – III: AUDIT AND ACCOUNTING STANDARDS

TYPES OF AUDITS
There are various types of audits, each with its own specific purpose and scope. Some
of the common types of audits are:

Financial audit: This type of audit involves the examination of the financial statements
of an organization to ensure their accuracy and compliance with accounting standards
and laws.
Internal audit: This type of audit is conducted by an internal audit team within an
organization to assess the effectiveness of internal controls, risk management
processes, and compliance with policies and procedures.
Compliance audit: This type of audit is conducted to determine whether an
organization is complying with applicable laws, regulations, and standards.
Operational audit: This type of audit focuses on evaluating the efficiency and
effectiveness of an organization's operations, processes, and systems.
Information systems audit: This type of audit examines an organization's IT systems
and infrastructure to ensure the confidentiality, integrity, and availability of
information.
Performance audit: This type of audit evaluates an organization's performance in
achieving its goals and objectives.
Forensic audit: This type of audit involves the investigation of financial irregularities or
fraud within an organization.
Social audit: This type of audit is conducted to evaluate the social and environmental
impact of an organization's operations and policies.

STATUTORY AUDIT:
Statutory audit refers to the external audit of an organization's financial statements
that is required by law or statute. The purpose of a statutory audit is to provide
assurance to the stakeholders that the financial statements of the organization are
presented fairly and accurately in accordance with the applicable accounting
standards and laws.

CONCURRENT AUDIT:
Concurrent audit refers to the examination of financial transactions on a regular basis,
typically on a daily basis, to ensure their accuracy and compliance with policies and
procedures. It is conducted concurrently with the transactions being processed, and
helps to identify and prevent errors and fraud in real-time.

STOCK AUDIT:
Stock audit refers to the verification and valuation of inventory or stock held by an
organization. The purpose of a stock audit is to ensure that the physical stock matches
the records, and to identify any discrepancies or losses. It is important for organizations
that deal with physical goods or products to conduct regular stock audits to maintain
accuracy in their inventory records.
COST AUDIT:
Cost audit refers to the examination of the cost accounting records and practices of an
organization. The purpose of a cost audit is to determine whether the cost accounting
practices of the organization are accurate, reliable, and comply with applicable laws
and regulations. Cost audit is typically conducted in manufacturing organizations
where the cost of production is a significant factor.

SECRETARIAL AUDIT:
Secretarial audit refers to the examination of the compliance of an organization with
applicable laws, regulations, and guidelines related to corporate governance and other
secretarial compliances. The purpose of a secretarial audit is to ensure that the
organization complies with legal and regulatory requirements related to corporate
governance, disclosure, and reporting.

CAG AUDIT:
CAG audit refers to the audit conducted by the Comptroller and Auditor General (CAG)
of India. The CAG is an independent constitutional authority appointed by the
President of India, and is responsible for auditing the accounts of the central and state
governments, public sector organizations, and other organizations that receive
government funds. The purpose of a CAG audit is to ensure accountability,
transparency, and efficient use of public funds.

MANAGEMENT AUDIT
Management audit refers to the comprehensive examination and evaluation of the
management processes and practices of an organization. The purpose of a
management audit is to assess the effectiveness, efficiency, and suitability of the
organization's management practices in achieving its goals and objectives.

ACCOUNTING STANDARDS:
Accounting Standards refer to the set of guidelines and principles developed by
accounting bodies or regulatory authorities that prescribe the methods, procedures,
and disclosures to be used in preparing financial statements. Accounting Standards
ensure uniformity and consistency in financial reporting, and help stakeholders make
informed decisions based on reliable and comparable financial information.

STANDARDS ON AUDITING:
Standards on Auditing (SAs) refer to the set of guidelines and principles developed by
the Institute of Chartered Accountants of India (ICAI) that prescribe the standards,
methods, and procedures to be followed by auditors in conducting audits. SAs ensure
that auditors follow a consistent approach to auditing, and help to enhance the quality
and reliability of audit reports.

STANDARDS ON INTERNAL AUDIT:

Standards on Internal Audit refer to the set of guidelines and principles developed by
the Institute of Internal Auditors (IIA) that prescribe the standards, methods, and
procedures to be followed by internal auditors in conducting internal audits. These
standards ensure that internal auditors follow a consistent approach to auditing, and
help to enhance the effectiveness and efficiency of internal audit activities.
PENAL PROVISIONS:
Penal provisions refer to the legal provisions that prescribe penalties or punishments
for non-compliance with laws, regulations, or standards. In the context of auditing,
penal provisions may apply to auditors who fail to comply with auditing standards or
commit any other violations of professional ethics or standards.

NATIONAL FINANCIAL REPORTING AUTHORITY

The National Financial Reporting Authority (NFRA) is an independent regulatory body
established by the Indian government to oversee the quality of financial reporting in
India. The NFRA plays a critical role in enhancing the credibility and reliability of
financial reporting in the country.

ROLE OF NFRA
Some of the key roles and responsibilities of the NFRA are:
Prescribing accounting and auditing standards: The NFRA are responsible for
prescribing accounting and auditing standards to be followed by companies, auditors,
and accounting professionals in India. These standards ensure that financial
statements are prepared in a transparent and consistent manner and are reliable and
comparable.
Monitoring compliance with standards: The NFRA monitors compliance with
accounting and auditing standards by companies, auditors, and accounting
professionals. This ensures that financial statements are prepared in accordance with
the prescribed standards and that audits are conducted in a consistent and effective
manner.
Investigating cases of misconduct or non-compliance: The NFRA has the power to
investigate cases of misconduct or non-compliance by companies, auditors, and
accounting professionals. This helps to deter fraudulent practices and enhances the
credibility of financial reporting.
Imposing penalties and sanctions: The NFRA have the power to impose penalties and
sanctions on companies, auditors, and accounting professionals who are found to have
violated accounting and auditing standards. This ensures that the prescribed
standards are followed and helps to maintain the integrity of financial reporting in
India.
 UNIT – IV: AUDITORS AND AUDIT REPORT

APPOINTMENT OF AUDITORS
The appointment of auditors is an important process for any company or organization.
It is the responsibility of the company's shareholders to appoint auditors, and this is
usually done at the company's annual general meeting.

There are a number of factors that should be considered when appointing auditors.
These may include the qualifications and experience of the auditors, their reputation,
and their ability to provide an independent and unbiased assessment of the
company's financial statements.

PROCEDURE TO APPOINT AN AUDITOR

Determine the need for an auditor: The first step is to determine whether an auditor
is needed. This may be required by law, or it may be a voluntary decision made by the
company's management or board of directors.
Call for proposals: If an auditor is needed, the company should issue a request for
proposal (RFP) to potential auditors. The RFP should include details about the scope of
the audit, the timeline for completion, and any other relevant information.
Evaluate proposals: Once the proposals have been received, the company should
evaluate them based on factors such as the auditor's qualifications, experience, and
reputation. The company should also consider the auditor's independence and any
potential conflicts of interest.
Select an auditor: Based on the evaluation, the company should select an auditor and
notify them of their selection.
Finalize the engagement letter: The company and the auditor should work together
to finalize an engagement letter, which outlines the scope of the audit, the timeline for
completion, and the fee structure.
Present the auditor to shareholders: The appointment of the auditor should be
presented to the company's shareholders at the annual general meeting. The
shareholders should have the opportunity to ask questions about the auditor's
qualifications and independence.
Conduct the audit: Once the appointment has been approved, the auditor should
conduct the audit in accordance with professional standards and the engagement
letter.

ELIGIBILITY AND QUALIFICATIONS OF AUDITOR

Professional qualification: Auditors are typically required to have a professional
qualification in accounting, such as a Certified Public Accountant (CPA), Chartered
Accountant (CA), or equivalent.
Knowledge and experience: Auditors should have a strong understanding of
accounting principles, auditing standards, and relevant laws and regulations. They
should also have practical experience in auditing.
Independence: Auditors must be independent of the company being audited and
have no conflicts of interest that could compromise their objectivity.
Ethical standards: Auditors should uphold high ethical standards and adhere to the
principles of integrity, objectivity, confidentiality, and professional behaviour.
Continuing education: Auditors should engage in ongoing professional development
to stay up-to-date with changes in accounting and auditing standards.
Licensing and registration: In some jurisdictions, auditors may be required to obtain a
license or register with a regulatory body in order to perform audits.

POWERS AND DUTIES OF AN AUDITOR

Review financial statements: The auditor's primary duty is to review the company's
financial statements to ensure that they are accurate and comply with applicable
accounting standards and regulations.
Express an opinion: Based on their review of the financial statements, the auditor
should express an opinion on whether the financial statements are presented fairly
and in accordance with accounting standards and regulations.
Assess internal controls: The auditor should assess the company's internal controls to
identify any weaknesses that could impact the accuracy of the financial statements.
Verify assets and liabilities: The auditor should verify the existence and accuracy of
the company's assets and liabilities, including inventory, accounts receivable, and
accounts payable.
Report findings: If the auditor identifies any material issues or concerns during their
review, they should report these to the company's management and board of
directors. In some cases, the auditor may also be required to report these issues to
regulatory authorities.
Provide recommendations: The auditor may provide recommendations for improving
the company's accounting and internal control systems.
Maintain independence: To ensure objectivity, the auditor should maintain
independence from the company being audited and avoid conflicts of interest.

ROTATION OF AUDITORS
• In many countries, there are regulations that require companies to rotate their
auditors after a certain period of time. This is done to ensure independence and
prevent conflicts of interest.
• The specific rules regarding auditor rotation can vary depending on the country
or jurisdiction. For example, some countries may require mandatory rotation
after a certain number of years, while others may allow companies to voluntarily
rotate their auditors.
• The rotation of auditors may also be influenced by the company's own policies,
preferences, and assessments of the auditor's performance.
• The goal of auditor rotation is to promote independence, objectivity, and fresh
perspectives in the auditing process.

REMOVAL OF AUDITORS
• In some cases, a company may choose to remove an auditor before the end of
their contract term. This may be done for various reasons, such as a breakdown
in the relationship between the auditor and the company, a change in the
company's needs, or concerns about the auditor's performance or
independence.
• Removing an auditor before the end of their contract term can have legal and
financial implications for the company. Therefore, it is important to carefully
 consider the reasons for removal and ensure that the process is conducted in
accordance with applicable laws and regulations.
• In some cases, an auditor may also be removed due to regulatory or legal action,
such as violations of auditing standards or conflicts of interest.

RESIGNATION OF AUDITORS
Resignation of auditors refers to the process of an auditor ending their relationship
with a company before the completion of the audit engagement. Here are some key
points related to the resignation of auditors:

Reasons for resignation: An auditor may resign for various reasons, such as conflicts of
interest, differences in professional opinion, or concerns about the company's
accounting practices or management integrity.
Notification requirements: If an auditor decides to resign, they are typically required
to provide written notification to the company's board of directors and regulatory
authorities, if applicable. The notification should include the reasons for resignation
and any issues or concerns identified during the audit engagement.
Steps to be taken: Following the resignation, the company should take steps to find a
replacement auditor to complete the audit engagement. The new auditor may need to
review the work performed by the previous auditor and assess any issues or concerns
raised during the audit engagement.
Impact on the company: The resignation of an auditor can have significant
implications for a company. It may cause delays in the completion of the audit,
increase costs associated with finding a replacement auditor, and potentially damage
the company's reputation and credibility with stakeholders.
Legal and regulatory requirements: Companies may be subject to legal or regulatory
requirements related to auditor resignation. For example, in some countries, auditors
are required to report certain findings to regulatory authorities even if they have
resigned from the engagement.

REMUNERATION OF AUDITORS
The remuneration of auditors refers to the compensation that auditors receive for their
services. Here are some key points related to the remuneration of auditors:

Determination of remuneration: The remuneration of auditors is typically determined

by the company's board of directors or audit committee. The amount of remuneration
may depend on various factors, such as the size and complexity of the company, the
scope of the audit engagement, and the auditor's experience and qualifications.
Transparency and disclosure: Companies should disclose the remuneration of their
auditors in their annual financial statements or other publicly available documents.
This helps to promote transparency and accountability in the audit process and allows
stakeholders to assess the independence and objectivity of the auditor.
Independence and objectivity: The remuneration of auditors should not be linked to
the outcome of the audit engagement or the financial performance of the company
being audited. This helps to ensure the independence and objectivity of the auditor
and prevent conflicts of interest.
Additional fees: In addition to the base remuneration, auditors may also charge
additional fees for services beyond the scope of the audit engagement, such as tax
consulting or advisory services. However, companies should ensure that such fees do
not compromise the independence or objectivity of the auditor.
Regulatory requirements: Some countries or jurisdictions may have regulatory
requirements regarding the remuneration of auditors, such as limitations on the
amount of fees that auditors can charge or restrictions on non-audit services.

PREPARATION AND PRESENTATION OF AUDIT REPORT

The preparation and presentation of an audit report involves several steps to ensure
that the report accurately reflects the results of the audit engagement. Here are some
key steps involved in the preparation and presentation of an audit report:

Planning the audit engagement: Before the audit report can be prepared, the auditor
must plan the audit engagement. This involves understanding the company's
business, identifying areas of risk and materiality, and developing an audit plan to
address these areas.
Conducting the audit engagement: Once the audit engagement is planned, the
auditor will conduct the audit by reviewing the company's financial statements,
assessing internal controls, and conducting testing procedures to verify the accuracy
and reliability of the financial statements.
Drafting the audit report: Based on the findings of the audit engagement, the auditor
will prepare a draft of the audit report. This will typically include a summary of the
auditor's responsibilities, a description of the scope of the audit engagement, a
summary of the auditor's findings and conclusions, and the auditor's opinion on the
accuracy and reliability of the financial statements.
Reviewing the audit report: Once the draft audit report is prepared, it is reviewed by
the audit team and any necessary revisions or corrections are made. This helps to
ensure that the report accurately reflects the findings of the audit engagement.
Presenting the audit report: Once the final audit report is prepared, it is presented to
the company's management and board of directors. The auditor will typically provide
an overview of the findings and conclusions of the audit engagement and answer any
questions or concerns that may arise.
The auditor's responsibilities and liabilities towards shareholders, the board, and the
audit committee are governed by various regulatory and professional standards, as
well as the terms of the audit engagement.

RESPONSIBILITIES (or) LIABILITIES TOWARDS SHAREHOLDERS, BOARD & AUDIT

COMMITTEE

Shareholders: The auditor has a responsibility to provide an opinion on the accuracy

and reliability of the company's financial statements, which is of interest to
shareholders who rely on this information to make informed investment decisions. The
auditor also has a duty to report any material weaknesses in the company's internal
controls that could impact the accuracy of the financial statements.
If the auditor fails to detect material misstatements or fraud in the financial
statements, shareholders may hold the auditor liable for any losses incurred as a result.

Board: The auditor has a responsibility to report to the board of directors on the
findings of the audit engagement and any issues or concerns that arise during the
course of the audit. The auditor also has a duty to provide advice and guidance to the
board on matters related to financial reporting and internal controls.
If the auditor fails to identify and report material issues or concerns to the board, they
may be held liable for any losses incurred as a result.

Audit Committee: The auditor has a responsibility to communicate with the audit
committee regarding the scope and findings of the audit engagement, as well as any
significant accounting and reporting issues that arise. The auditor also has a duty to
provide guidance and advice to the audit committee on matters related to financial
reporting and internal controls.

RESTRICTION ON OTHER SERVICES

In the context of auditing, restrictions on other services refer to limitations placed on
the types of non-audit services that an auditor can provide to their audit clients. This is
done to ensure the independence and objectivity of the auditor in their role as a
watchdog of the financial reporting process.

The restrictions on other services that an auditor can provide to their audit client are
set out in various regulatory and professional standards. These standards typically
require the auditor to avoid providing services that could impair their independence or
create a conflict of interest with their role as auditor.

Examples of services that may be restricted include bookkeeping, internal audit, and
financial information system design and implementation. These services could create
a conflict of interest if the auditor is auditing their own work or providing management
advice that could impact their judgment as auditor.
 UNIT – V: RECENT TRENDS IN AUDITING

EDP AUDIT
EDP (Electronic Data Processing) audit, also known as IT audit, is the process of
evaluating and assessing the effectiveness of an organization's information technology
(IT) systems and controls. This type of audit is important because most organizations
today rely heavily on IT systems to store, process, and transmit financial and other
critical data.

The primary objective of EDP audit is to ensure the accuracy, completeness, and
security of an organization's IT systems and data. This involves assessing the design
and operation of IT systems and controls, identifying weaknesses and vulnerabilities,
and recommending improvements to reduce the risk of errors, fraud, and other forms
of misuse.

DIVISIONS IN AUDITING EDP ENVIRONMENT

Auditing in an EDP (Electronic Data Processing) environment typically involves two

main divisions: general controls and application controls.

General Controls: General controls refer to the overall IT environment, including IT

governance, IT infrastructure, and IT operations. Examples of general controls include
access controls, change management controls, backup and recovery controls, and
system security controls. These controls are designed to ensure the overall integrity,
security, and availability of IT systems and data.
Application Controls: Application controls refer to the specific controls embedded
within individual applications, such as accounting, inventory, and payroll systems.
Examples of application controls include input validation controls, processing controls,
and output controls. These controls are designed to ensure the accuracy,
completeness, and validity of data processed by individual applications.

Both general controls and application controls are essential for ensuring the accuracy
and reliability of IT systems and data. General controls provide a foundation for a secure
and stable IT environment, while application controls ensure the accuracy and validity
of individual transactions and processes.

IMPACT OF COMPUTERIZATION ON AUDIT APPROACH

Increased Reliance on Automated Tools: Auditors are increasingly using automated

tools such as audit software to perform audit procedures. These tools allow auditors to
analyze large volumes of data quickly and accurately, reducing the time and effort
required for manual testing.
Greater Emphasis on System Controls: With computerization, the emphasis has
shifted from verifying the accuracy of manual records to assessing the effectiveness of
system controls. Auditors must now evaluate the design and operation of system
controls such as access controls, data input controls, and backup and recovery
procedures to ensure that data is accurate, complete, and secure.
Increased Focus on Data Analytics: The availability of large volumes of data in
computerized systems has led to an increased focus on data analytics in the audit
approach. Auditors can use data analytics tools to identify trends, anomalies, and
patterns in the data that may indicate areas of risk or potential fraud.
Greater Need for IT Expertise: The increased use of computerized systems in
organizations has created a greater need for auditors to have IT expertise. Auditors
must understand how computerized systems work, the risks associated with these
systems, and the controls needed to mitigate those risks.
More Integrated Auditing: Computerization has led to more integrated auditing,
where auditors work closely with IT personnel to evaluate system controls and assess
risks. This integrated approach helps ensure that the audit is more comprehensive and
effective in identifying and addressing risks associated with computerized systems.

ONLINE COMPUTER SYSTEM AUDIT

Online computer system audit is a type of audit that evaluates and tests the controls of
an information system while it is in operation. The main goal of an online computer
system audit is to assess the system's security, reliability, and compliance with
established standards and regulations.

TYPES OF ONLINE COMPUTER SYSTEM AUDIT

There are several types of online computer system audits that organizations can
conduct to evaluate the effectiveness of their information systems controls. Here are
some of the most common types:

Security Audit: This type of audit focuses on assessing the effectiveness of the
organization's security controls, such as access controls, firewalls, and intrusion
detection systems.
Compliance Audit: This type of audit evaluates whether the organization is complying
with relevant laws, regulations, and standards, such as PCI-DSS, HIPAA, and ISO 27001.
Vulnerability Assessment: This type of audit identifies vulnerabilities in the system
and evaluates their potential impact on the organization. It involves scanning the
system for known vulnerabilities and testing for potential exploits.
Penetration Testing: This type of audit simulates an attack on the system to identify
vulnerabilities and weaknesses that could be exploited by attackers.
Disaster Recovery/Business Continuity Audit: This type of audit evaluates the
organization's disaster recovery and business continuity plans to ensure that the
organization can recover from a disaster or disruption in a timely and effective manner.
Performance Audit: This type of audit evaluates the performance of the system, such
as response time, throughput, and availability, to ensure that it is meeting the
organization's performance requirements.

AUDIT AROUND WITH THE COMPUTERS

"Audit around with the computers" is a term used to describe an audit approach that
involves examining the financial records of an organization without using the
computer system. This approach is typically used in small organizations that do not
have complex computer systems or when the auditor is not familiar with the
organization's computer system.
PROCEDURE OF AUDIT UNDER EDP SYSTEM

Planning: The auditor needs to understand the organization's EDP system and
determine the scope of the audit. This involves reviewing the system documentation,
understanding the system architecture and design, and identifying the key risks and
control points.
Risk Assessment: The auditor needs to assess the risks associated with the EDP
system and the impact on the financial reporting. This involves identifying potential
threats and vulnerabilities, assessing the likelihood and impact of these risks, and
determining the appropriate response.
System Evaluation: The auditor needs to evaluate the EDP system to determine the
reliability and accuracy of the financial data. This involves testing the system controls,
verifying the integrity of the data, and assessing the system's compliance with relevant
laws and regulations.
Data Extraction: The auditor needs to extract relevant data from the EDP system for
analysis. This involves using specialized software tools to extract data, validate the data,
and prepare it for analysis.
Data Analysis: The auditor needs to analyze the extracted data to identify any
anomalies or unusual transactions. This involves using statistical analysis techniques
and data mining tools to identify patterns and trends in the data.
Reporting: The auditor needs to prepare a report of the audit findings and
recommendations. This involves documenting the results of the audit, identifying any
control deficiencies or weaknesses, and making recommendations for improvement.

STUDY FOR KNOWLEDGE, NOT ONLY FOR MARKS!