The PwC Audit pwc A Continuous Improvement Approach to Audit Methodology
The PwC Audit A Continuous Improvement Approach to Audit Methodology pwc Agenda • Governance of PwC Audit • Overview of recent evolution of PwC Audit • Overview key elements of PwC Audit – Acceptance and Continuance – Audit Comfort Cycle – Substantive Procedures – Other Audit Procedures – Audit Committee Communications Plan 1 PricewaterhouseCoopers PwC Audit Governance Global Audit Policy Board Global R&Q Establish global overarching policy principles & goals and ratify policy statements. Ensure methodology is consistently implemented by providing feedback on practice issues. Global Audit Methodology Steering Group Drive execution of policy in practice through processes, tools, guidance, training content, etc. Implementation Partner Network 2 PricewaterhouseCoopers Towards Performance Audit: a continuous improvement program PwC Audit PwC Audit 2003: 2002: 2001: • Audit Comfort Cycle • Management controls focus • Business analysis framework • Enhanced audit guides/ practices • Show me and Taking stock • Scaling up different client situations • Team redeployment • MyClient integration Historical Financial Statements Opinion 3 • Converged approach, enhanced testing guidance • Enhanced client communications, transparency focus • Application to small companies/ MNCs • Better use of specialists and knowledge sources Time Changes in Deliverables PricewaterhouseCoopers Changing the Focus of the Audit Model Key Risk Key Risk Business Risks 4 Key Risk Key Risk Key Risk Key Risk Audit Risks Identified PricewaterhouseCoopers PwC Audit in 2004 • Acceptance and Continuance (FRISK) • Audit Comfort Cycle – Scoping – Understanding – Evaluating – Validating • Substantive Testing • Other Audit Procedures • Audit Committee Communications Plan 5 PricewaterhouseCoopers PwC Audit Approach Acceptance/Continuance Assessment Audit Comfort Cycle No / Limited controls comfort Significant controls comfort Other audit evidence Mainly tests of details • • • 6 Mainly substantive analytical procedures Other audit procedures Financial statements Completion PricewaterhouseCoopers PwC Audit Approach – With Attestation Acceptance/Continuance Assessment Broader and deeper assessment of COSO controls over financial reporting, including management’s evaluation of those controls. e.g., estimates, fraud, tax accrual, more locations. Audit Comfort Cycle No / Limited controls comfort Report on management’s assertions on internal controls over financial reporting Significant controls comfort Other audit evidence Mainly tests of details • • • 7 Mainly substantive analytical procedures Other audit procedures Financial statements Completion Additional procedures deemed necessary to provide independent assurance on financial statements, taking into consideration the internal controls assessment. Report on Financial Statements PricewaterhouseCoopers Acceptance & Continuance Process • Governance and oversight of management • Past performance • Management’s expertise and skill • Adequacy of management resources • Audit relationship • Audit adjustments • Revenue recognition • Accounting control • Integrity and ethics • Management inclination for intentional misstatement in financial reporting • Reliability of estimates • Incentive for intentional misstatements in financial reporting • Risk of insolvency 8 PricewaterhouseCoopers Acceptance & Continuance Process Risk Conditions (13) (defined within Acceptance & Continuance module) Engagement Leader and Team Manager apply professional judgment in describing specific Key Risks that relate to the broader Risk Conditions 1 Key Risks 2 Risk and Approach Schedule The Risk and Approach Schedule is populated by the Key Risks selected and completed by the Engagement Leader and Team Manager Audit Comfort 3 9 (user defined or selected from Master Data) Matrix MyClient Client File PricewaterhouseCoopers Audit Comfort Cycle ACCEPTANCE/CONTINUANCE ASSESSMENT 4 Key Questions • What does management need to get comfort on? • How does management get comfort? • Are they entitled to that comfort? • Can we audit that comfort? Market Overview Strategy Value Creating Activities Financial Performance Audit comfort cycle SIGNIFICANT CONTROLS COMFORT NO/LIMITED CONTROLS COMFORT SUBSTANTIVE AUDIT EVIDENCE MAINLY SUBSTANTIVE ANALYTICAL PROCEDURES MAINLY TESTS OF DETAILS OTHER AUDIT PROCEDURES FINANCIAL STATEMENTS COMPLETION 10 PricewaterhouseCoopers Audit Comfort Cycle ACCEPTANCE/CONTINUANCE ASSESSMENT Market Overview • What does management need to get comfort on? Strategy Value Creating Activities Financial Performance Audit comfort cycle SIGNIFICANT CONTROLS COMFORT NO/LIMITED CONTROLS COMFORT SUBSTANTIVE AUDIT EVIDENCE MAINLY SUBSTANTIVE ANALYTICAL PROCEDURES MAINLY TESTS OF DETAILS OTHER AUDIT PROCEDURES FINANCIAL STATEMENTS COMPLETION 11 PricewaterhouseCoopers Scoping: Forming a Point of View • Perform company and industry analytical procedures • Research and analyze external communications • Partners connect with staff members • Document the team’s understanding of the business • Knowledge broker to capture and share industry information • Form a point of view on the risks that management should be concerned about 12 PricewaterhouseCoopers Scoping: Business Analysis Framework 13 PricewaterhouseCoopers Scoping: Risk Assessment – Key Risks Business Risks Key Risk Key risks are those conditions or factors within an audit that, in We identify audit risk the judgment the auditor, give through of understanding entity’srisk business rise tothe a greater of material objectives and related financial misstatement or other risks. matters resulting in the issuance of an inappropriate audit report. Key Risk Key Risk Key Risk Key Risk Audit Risks 14 PricewaterhouseCoopers Scoping: Analytical Procedures • High Level – Understand the business – Identify areas of risk • Disaggregated Account Level – Determine the nature, timing & extent of testing • External benchmarking to peers, market trends – Looking for anomalies, areas of risk – Use of extensive knowledge management tools available 15 PricewaterhouseCoopers Scoping Translated into Audit Strategy Business Objectives Risks Controls Stakeholders Alignment Where controls over significant account balances or classes of transaction are not aligned, we will need to perform substantive tests of details. 16 PricewaterhouseCoopers Scoping: Audit Team of Specialists Computer-Assisted Audit Techniques Financial Business Risk Energy Trading Risk Enterprise-wide Risk Business Resilience Objectives Project Management Risks Business Process Controls Stakeholders Performance Improvement Data Risk Regulatory/ Compliance Internal Audit Security Systems & Technology Fraud Alignment Treasury Our best teams use our specialist capabilities to help in forming a point of view. 17 PricewaterhouseCoopers Scoping: Use of Specialists • Policies for the use of Systems and Process Assurance specialists and Fraud Risk & Controls specialists are based around risk attributes • Policies are for consultation with specialists – level of involvement remains a decision of engagement leader • At a minimum, Required to consider use of specialists at mobilization stage 18 PricewaterhouseCoopers Audit Comfort Cycle ACCEPTANCE/CONTINUANCE ASSESSMENT 4 Key Questions Market Overview • What does management need to get comfort on? • How does management get comfort? • Are they entitled to that comfort? • Can we audit that comfort? Strategy Value Creating Activities Financial Performance Audit comfort cycle SIGNIFICANT CONTROLS COMFORT NO/LIMITED CONTROLS COMFORT SUBSTANTIVE AUDIT EVIDENCE MAINLY SUBSTANTIVE ANALYTICAL PROCEDURES MAINLY TESTS OF DETAILS OTHER AUDIT PROCEDURES FINANCIAL STATEMENTS COMPLETION 19 PricewaterhouseCoopers Applying Audit Comfort Cycle from the Top-Down • Organize audit team to align with how management runs the business. Audit controls from the top down Board Sr Mgmt Department Heads Operations • Extend discussions about business objectives & risk to management controls. • Understand & evaluate how management controls risk. • Validate controls against engagement team’s point of view. Transaction Processing 20 PricewaterhouseCoopers “Taking Stock”: Real-Time Linkage in the Iterative Process • Share team members’ cumulative knowledge • Update risk identification and assessment • Consider the audit comfort gained to date, by audit assertion • Answer: “Do we have enough comfort?” • Answer: “What do we do next?” 21 PricewaterhouseCoopers Connecting the Dots … Business Objectives Business Risks related to achieving Objectives …… …… …… Business Process A Completeness Accuracy Validity Restricted Access Account Balances and Transactions Business Process B Completeness Accuracy Validity Restricted Access Account Balances and Transactions Business Process C Completeness Accuracy Validity Restricted Access Account Balances and Transactions Financial Statement Assertions/ Audit Objectives Classes of Transactions Occurrence Completeness Accuracy Cutoff Classification Account Balances Rights & Obligations Existence Completeness Accuracy/Valuation Presentation & Disclosure Occurrence/R&O Completeness Understandability Accuracy/Valuation General Computer Controls 22 PricewaterhouseCoopers Audit Comfort Matrix 23 PricewaterhouseCoopers Summary of Comfort 24 PricewaterhouseCoopers Substantive Audit Evidence ACCEPTANCE/CONTINUANCE ASSESSMENT Market Overview Strategy Value Creating Activities Financial Performance Audit comfort cycle SIGNIFICANT CONTROLS COMFORT NO/LIMITED CONTROLS COMFORT SUBSTANTIVE AUDIT EVIDENCE MAINLY SUBSTANTIVE ANALYTICAL PROCEDURES MAINLY TESTS OF DETAILS OTHER AUDIT PROCEDURES FINANCIAL STATEMENTS COMPLETION 25 PricewaterhouseCoopers Achieving the Right Balance No/Limited Controls Comfort 26 Significant Controls Comfort PricewaterhouseCoopers Assurance Hierarchy Will we obtain audit assurance from tests of controls? Yes No Test controls. Can we obtain audit assurance from substantive analytical procedures? Yes No Perform substantive analytical procedures. Do we need additional audit assurance? Yes Perform tests of details. 27 No No further testing required. PricewaterhouseCoopers Other Audit Procedures ACCEPTANCE/CONTINUANCE ASSESSMENT Market Overview Strategy Value Creating Activities Financial Performance Audit comfort cycle SIGNIFICANT CONTROLS COMFORT NO/LIMITED CONTROLS COMFORT SUBSTANTIVE AUDIT EVIDENCE MAINLY SUBSTANTIVE ANALYTICAL PROCEDURES MAINLY TESTS OF DETAILS OTHER AUDIT PROCEDURES FINANCIAL STATEMENTS COMPLETION 28 PricewaterhouseCoopers Other Audit Procedures: More Connecting the Dots • Link management information to financial statements • Review adjustments necessary to reconcile management information to the financial statements • Review non-standard journal entries and other adjustments to ascertain whether entries may be indicative of fraud based upon the risk of management override on controls • Perform ongoing analytical procedures, including updating analytical procedures related to revenue 29 PricewaterhouseCoopers Audit Committee Communications Framework: Objectives • Promote effective and candid communications • Enhance timely reporting, dialogue and sharing views – Service approach – Risk and Control – Financial Reporting – Governance • Provide consistency in our deliverables through recommended templates and practice aids 30 PricewaterhouseCoopers Audit Committee Communications Plan Getting started Understanding the audit Staying informed Resolution and completion [Indicate timing] [Indicate timing] [Indicate timing] [Indicate timing] Our audit plan Service approach PwC principles and practices Communications plan Engagement letter and independence confirmation – Reporting timetable – Business unit scope – Engagement team – Other deliverables Risk analysis Risk and control Financial reporting Risk condition alert Quarterly review Transparency of corporate reporting Perspectives on fraud risk Internal control and business issues report Other regulatory requirements – plan Quarterly review Update on accounting/audit issues and risk analysis Reporting requirements Quarterly review Best practices in corporate reporting – Internal control deficiencies – Accounting policies – Management judgments Audit opinion – Quality of earnings – Independence Governance – Transparency Corporate governance: roles and practices Assessing our performance and yours Ongoing assessment of needs & expectations 31 PricewaterhouseCoopers The PwC Audit • Global approach adaptable to all clients • Designed for continuous improvement • Performance metrics will play a larger role in future audits • Audit quality is at the core of our long term business objectives. 32 PricewaterhouseCoopers pwc
© Copyright 2024