The audit process at Deloitte consists of 4 stages Prepare audit plan and design overall audit strategy In this step, Deloitte, after finding and offering leads, will give a basicassessm
CHARACTERISTICS OF AUDIT PLANNING IN FINANCIAL AUDIT
Overview of audit planning in financial audit conducted by DELOITTE VIETNAM 3 1 Process of financial statements audit
1.1.1 Process of financial statements audit
At Deloitte, the financial statements audit service begins with a thorough understanding of clients through a risk-based auditing approach Our audit process is meticulously designed and executed by leading experts to ensure accuracy and reliability.
The audit process at Deloitte consists of 4 stages
Prepare audit plan and design overall audit strategy
Deloitte begins the process by identifying and qualifying leads, then providing a preliminary assessment of risks and benefits associated with signing an audit contract with potential clients During this phase, the firm collects basic customer information and selects suitable audit team members The Audit Partner conducts the risk assessment and finalizes the contract, while the Audit Manager evaluates business activities and internal controls, also responsible for selecting the audit team for year-end or periodic audits After gaining an initial understanding, the Audit Manager summarizes findings and reports to the Audit Partner for approval, before initiating detailed planning procedures for the audit engagement.
After completing preliminary information gathering and assessing materiality, the Audit Senior carefully plans the audit based on the team size and timeline established during the "Prepare audit plan" stage They collect and preliminarily analyze the financial statements to identify items and figures with potential misstatement risks Controls are then tested to evaluate the design and effectiveness of internal controls, while the engagement team reviews relevant audit reports and internal inspection documents Based on this, the Audit Senior determines the scope of substantive tests and the sample sizes required for audit assistants to ensure a thorough and effective audit process.
After completing all necessary audit procedures, the audit team visits the customer to gather data and conduct the audit They begin with testing controls to verify the existence of effective internal controls, followed by evaluating key control points to assess the overall effectiveness of the internal control system.
In case the internal control is effective and effectively operated, auditors will minimize the basic tests to save on audit costs and minimize unnecessary procedures In contrast, the substantive tests will be conducted as planned
During the audit process, the Audit Manager and Audit Senior evaluate and communicate audit results to both clients and the Audit Partner, focusing on events beyond the cut-off date They review and summarize new developments, determine whether these should be reflected in the financial statements, disclosed in notes, or omitted if immaterial Additionally, auditors gather management’s representation letters, publish the audit report and management letter to highlight key issues requiring resolution Finally, auditors review the audit quality and present their findings to senior management within the company, ensuring transparent communication and understanding of audit outcomes.
This thesis provides a detailed analysis of the first two stages of the auditing process, highlighting specific methods used at each step It emphasizes the practical application of these methods during actual audits conducted in my last internship By contrasting theoretical approaches with real-world operations, this study offers valuable insights into effective audit procedures and their implementation in professional settings.
The planning process is always closely supervised by the Audit Partner and Audit Manager The organization of audit planning for each position at Deloitte can be summarized as follows:
Figure 1.1: Organizing the audit of financial statements at Deloitte
(Source: Author self-collected from Deloitte Vietnam, 2020)
The Audit Manager plays a key role in preparing the audit plan following the signing of the audit contract with the client Their planning work is consistently reviewed and monitored by higher-level professionals, such as the Audit Partner and Senior Audit Manager, ensuring thorough oversight throughout the audit planning process This structured approach guarantees effective coordination and quality control in audit preparations.
Review the work of Manager, Senior, Associate
Establish audit contract Review audit plan
Understand the business environemnt of client
Determine materiality Construct audit program
Understand the accounting cycle Associate
1.1.3 The role of audit planning
According to VSA Auditing Standard No 300, issued alongside Circular No 214/2012/TT-BTC by the Ministry of Finance, the audit plan involves developing an overall audit strategy and detailed audit plan At Deloitte, this process consists of two key stages: preparing the audit strategy and plan, followed by planning detailed audit procedures Effective audit planning is crucial as it enhances the quality and efficiency of the financial statements audit, as emphasized in Auditing Standard VSA 300.
An effective audit plan helps the auditing company minimize risks and liabilities while maintaining a strong professional reputation with clients It provides a clear framework for auditors to avoid misunderstandings related to client properties and ensures adherence to the agreed audit scope and responsibilities The plan also facilitates selecting qualified team members capable of handling potential risks, assigns specific tasks accordingly, and directs focus on key material items and risks of material misstatements, thereby improving audit efficiency and reducing costs Additionally, it fosters effective coordination among auditors, internal auditors, external experts, and relevant departments, enabling the audit manager to monitor progress, direct efforts, and ensure timely review of the audit work.
(Source: Vietnam Standards on Auditing VSA 300, 2012)
Order of planning and designing audit methods in the audit of financial
1.2.1 Prepare audit plan and establish overall audit strategy
This initial phase is crucial for developing a comprehensive audit plan, with the primary focus on identifying key risks and benefits associated with the audit contract During this stage, auditors gather essential information about the audit object, including an understanding of its operations and financial position Six fundamental activities are involved in this process, ensuring a thorough assessment that lays a strong foundation for the subsequent audit procedures Properly conducting this premise period enhances the overall effectiveness and reliability of the audit.
1.2.1.1 Assess and respond to risks, decide to accept and continue the audit contract
The Audit Partner is directly responsible for performing audit work, as they possess the expertise and accountability for audit revenue activities, representing Deloitte and ensuring the quality of services provided to clients When entering into an audit contract, Deloitte employs specific evaluation procedures tailored to whether it is a new client (first-year audit) or an existing client (previous year's audit), with a stronger focus on caution for new clients The Audit Partner authorizes the Audit Manager to investigate the reasons behind a client's decision to switch auditors and to seek consent from the client to contact their previous auditor on key issues, thereby assessing audit risks and making informed decisions about signing the audit contract.
In general, Deloitte's audit contracts are analyzed and finalized in three steps:
Step 1: Assess the risks of audit contracts
The audit manager is responsible for conducting a comprehensive risk classification, which involves evaluating the potential for material misstatement or fraud in both new and existing contracts This process aims to identify and respond effectively to risks that could impact financial accuracy Deloitte utilizes specific criteria, outlined in Table 1.1, comprising multiple-choice questions designed to facilitate thorough customer risk assessments.
Table 1.1 Factors determining risks of audit contracts
Indicator Need to understand Evaluation question Yes No
Factors related to fraud in preparation and presentation of financial statements
An auditor must carefully assess whether there are valid reasons to distrust the governance framework and question the integrity of management It is crucial to evaluate management's ability to provide clear and reliable explanations regarding financial statements and operational practices When uncertainties arise about management's explanations, an auditor may need to scrutinize governance characteristics more thoroughly to ensure accurate and fair financial reporting Overall, maintaining a skeptical approach helps in identifying potential risks related to management's transparency and integrity.
Corresponding risk Interview chief accountant and managers
Assess the risk of fraud from the management
Functions and duties of the Council members, the Board of General
Does the organizational and management structure have incompatibility with the size and nature of the business?
Management mindset and executive style of the Coucil members and the Board of Management Organizational structure, powers and
Control procedures are incompatible with responsibilities of the sections the size and nature of the business or not?
Does the auditor understand the management's supervisory capability, the control performance authorized by others, and the effectiveness of the supervisory effect on management?
Control system of the Board of Management
Business activities Is there any doubt to delve deeper into the business nature of client’s business?
Investment activities Financial structure Business environment
Overview of economic and social situation
Are there any external impacts from the business environment that affect the business performance and the ability of customers to continue as a going concern?
Market overview of business lines
The laws and regulations, including financial mechanisms, accounting regime
Finance Financial goals and Are managers under performance governance risks pressure to disclose positive financial performance?
Related-party and related party transactions
Auditors may lack sufficient knowledge regarding the nature of activities and business relationships between the audit subject and related parties This issue is particularly critical when auditors act as third parties rather than directly involved related parties, potentially impacting the accuracy of their assessments Ensuring comprehensive understanding of these relationships is essential for effective audit procedures and compliance with regulatory standards Addressing this knowledge gap can enhance the quality and reliability of financial reporting in complex related-party transactions.
Auditors’ experience Does the firm have a member related to the audit object or are there any major changes that could lead to increased risk?
The audit satisfies quality control requirements
Fraudulent risks Fraudulent assumption relates to management’s override of control
Does auditor recognize fraud risk factors related to frauds resulting from financial disclosure fraud or
Assumptions related to accounting policies misappropriation of assets?
(Source: Author self-collects from Deloitte’s documents, 2020)
During the audit process, auditors evaluate the necessary procedures for each element and respond to related multiple-choice questions If the answer is "Yes," the corresponding element is identified as a customer risk The auditor then summarizes these risks and records them in the Deloitte Risk Management System (DRMS) to ensure comprehensive risk tracking and management.
This software is utilized across all departments at Deloitte, including Audit, Tax Consulting, Risk Advisory, and Financial Management, at Deloitte member companies Developed in 2006, it was created with the primary goal of enhancing operational efficiency and ensuring seamless collaboration among departments Its widespread adoption underscores its importance in streamlining processes and delivering accurate, timely results across the organization.
•Accurate and more complete risk assessment of customers and contracts
•Identify issues of independence or conflicts of interest related to current and potential customers and service contracts
•Ensure appropriate people are consulted with the best information in a timely manner before accepting/continuing to sign contracts with customers.
•Facilitate appropriate decisions about accepting or withdrawing from a service contract
•Formalize the risk assessment process for customers
•Support supervising the process of accepting or continuing a service contract
•Improve the efficiency of processes for accepting or continuing a service contract”
The software significantly assists member companies in ensuring compliance with legal requirements, professional ethics, and standards set by accounting and auditing associations It helps to effectively manage and mitigate financial risks, promoting transparency and accuracy in financial reporting Detailed information on the DRMS form will be provided in the context of actual financial statement audits, illustrating its practical application.
Step 2: Deal with the risks of signing an audit contract
After evaluating auditing risks, auditors develop a detailed plan to effectively minimize potential issues Key risks identified and documented in the DRMS include customer risks, contract risks, customer understanding risks, corruption risks, independence risks, customer information risks, and confidentiality of contract information risks Deloitte Vietnam reviews these risks comprehensively before signing an audit contract to ensure thoroughness and accuracy, as highlighted in their official documents.
Client and/or engagement risk for this case have been identified
Know Your Client Check Risk Factors
Anti-Money Laundering Risk Factors
Figure 1.2: Risks classification before signing audit contracts
(Source: Documents from Deloitte Vietnam, 2020)
The figure summarizes the key risks associated with audit contracts at Deloitte, highlighting nine critical risk factors: overall risk, client risk, engagement risk, "know your client" check risk, anti-money laundering risk, conflict check risk, independence check risk, client information risk, and engagement information risk The Audit Manager is responsible for completing questionnaires addressing each of these risk factors using the DRMS system, with the outcomes displayed in Figure 1.2.
Step 3: Decide to accept or continue the audit contract
Before accepting an audit contract, auditors must thoroughly evaluate all related risks, including customer risk, contract risk, and customer understanding risk Deloitte utilizes multiple-choice tools to assess corruption risks, conflicts of interest, independence, and information confidentiality, with detailed questionnaire procedures outlined in Chapter 2: Practice of Audit Planning in Financial Audit at ABC Joint Stock Company, Vietnam After comprehensive risk assessment, the Audit Partner decides whether to accept or renew the contract and delegates the preparation of the audit agreement to authorized team members.
1.2.1.2 Select the engagement team and agree on terms in the audit contract
When selecting an audit team, Deloitte prioritizes hiring qualified and experienced auditors to ensure professional and high-quality services They emphasize the importance of independence and integrity, avoiding any conflicts of interest that could compromise audit objectivity The team members typically include the Financial Statements Audit Team, Deloitte's internal experts, external specialists, and the client’s internal auditors, all bringing professional skills and a commitment to ethical standards.
Figure 1.3: List of members participating in the audit contract
(Source: Documents from Deloitte Vietnam, 2020)
Specifically, in the capacity position, Deloitte suggests one or more of the following requirements:
Expertise in accounting standards and presentation of financial statements;
Valuation experts include intangible / valuables / business valuation experts;
Forensic experts in fraud investigations;
Specialist with appropriate audit and training experience;
Tax experts include indirect / transfer / consolidation and mergers.
Draft and agree on terms
Deloitte determines the audit fee by evaluating factors such as the risk associated with the audit contract, services related to year-end financial statements, and the client's business type and nature The calculation also considers the number and experience of auditors involved, along with the estimated audit hours for each service level, ensuring the fee aligns with Deloitte's high audit quality and agreed-upon pricing.
Deloitte will send a comprehensive offer worldwide, including the detailed audit plan and the expected audit fee If the client agrees that Deloitte will provide the financial statement audit services, both parties will proceed to finalize and sign the audit contract.
According to the Commercial Code, the Law on Independent Auditing, Vietnam Standards on Auditing (VSA), and the agreement with the audit client, the audit contract defines the essential terms and scope of the audit engagement It outlines the responsibilities of both parties, ensuring compliance with legal and professional standards The contract specifies the audit procedures, deliverables, and deadlines to guarantee transparency and accountability This comprehensive agreement forms the foundation for a thorough and compliant audit process conducted by firms like Deloitte.
Information about the two parties to the contract of service;
Service fees and payment methods;
Terminate the contract ahead of time
Limitation of liability and compensation;
The validity, language and duration of the contract;
Signatures of representatives of both Parties.
1.2.1.3 Collect customer information about business operations and the accounting cycle
After signing the audit contract, auditors begin collecting the necessary information to plan the overall audit In accordance with VSA Auditing Standard No.
PRACTICE OF AUDIT PLANNING IN FINANCIAL AUDIT CONDUCTED BY
Introduction of the ABC Joint Stock Company
Deloitte offers comprehensive financial statement audit services across a wide range of industries, including manufacturing, energy, finance, real estate, telecommunications, healthcare, education, tourism, construction, and transportation Their expertise extends to various business types, such as state-owned enterprises, private companies, and foreign-invested enterprises, demonstrating their versatility and extensive industry coverage.
During the internship, the author focused on a single enterprise to assess the audit planning process in Deloitte’s financial statement audits This analysis involved comparing the actual audit work with Deloitte’s standardized planning methodology, highlighting the differences between theoretical frameworks and practical applications The study underscores the strengths of Deloitte’s audit planning approach while also identifying potential shortcomings when the methodology is implemented in real-world scenarios This evaluation provides valuable insights into the effectiveness of audit planning practices within large professional firms like Deloitte.
During my internship at Deloitte, I gained valuable experience supporting year-end audits alongside my colleagues, exposing me to various types of businesses, including significant State enterprises among former Joint Stock Companies For my thesis, I selected the year-end audit of ABC Joint Stock Company (name changed for confidentiality) to illustrate audit planning processes, providing insights into the specific procedures involved in auditing financial statements of such enterprise clients.
ABC is a leading company specializing in the manufacturing and trading of energy equipment, requiring auditors to have in-depth knowledge of industry-specific business activities and risks Established on October 27th, 2005, as a subsidiary of ABC International Joint Stock Company, it was founded with the goal of delivering clean, natural, and safe energy to consumers The company's core operations include the export and trade of energy equipment, as well as manufacturing measuring, testing, navigating, and control equipment such as insulation tanks, water filters, and solar-powered devices focused on renewable and clean energy In addition to its manufacturing activities, ABC engages in wholesale distribution of various machines, equipment, spare parts, electronic telecommunication components, and provides architectural services, technical consultancy, civil engineering construction, and other support services The company also operates in professional science and technology activities, brokerage, and auction services, positioning itself as a versatile enterprise within the energy industry.
This is Deloitte's first year auditing ABC, requiring meticulous and thorough audit planning to ensure a comprehensive approach The planning process for ABC's financial statement audit highlights Deloitte's distinctive audit planning methods, which facilitate effective analysis and comparison This approach allows preliminary assessment of the strengths and weaknesses in Deloitte's financial statement planning process, providing valuable insights for future audit strategies.
Prepare audit plan and establish overall audit strategy
2.2.1 Assess and respond to risks, decide to accept and continue audit contract 2.2.1.1 Assess the risks of audit contracts
Audit Manager conducts surveys, collects and presents information in Deloitte Vietnam's form on EMS auditing software
Illustration 2.1: Excerpt of working papers "Assessing the risk of audit contracts at
ABC customers for the 2019 audit year"
“Answers to the general questions and consideration factors should be based upon inquiry, analytical procedures and observations and inspections.
If the answer to any of the consideration points is "Yes", consider documenting as a risk in the Risk Detail screen to populate the Risk Strategy View
“Document procedures performed to assess management characteristics and integrity.
Based on direct discussions and interactions with Mr T - GD, as well as comprehensive observations, we have evaluated the management's characteristics and integrity Our review aligns with the criteria outlined in DPM 3210.11 regarding management integrity, and no issues or concerns were identified during this assessment.
Are we aware of reasons to question the characteristics or integrity of one or more members of management or otherwise question our ability to rely on management's representations? No
“Document procedures performed to assess organization and management structure.
In June 2019, a discussion with Mr T revealed that, based on our comprehensive understanding of the organization's management structure, no issues or findings were identified For more detailed information, please refer to [12100].
Is the organizational and management structure inappropriate in relation to the size and nature of the business? No
Ensuring that control processes are appropriate for the size and nature of the business is essential for effective management It is important to assess whether management has the capability to supervise and monitor operations effectively Concerns may arise regarding the delegation of authority and the effectiveness of monitoring systems over both management and delegated responsibilities Regular evaluation of these control measures helps maintain organizational integrity and prevents potential oversight issues.
“Document procedures performed to assess the nature of the business.
Our recent fraud inquiries and discussions with the management and engagement team confirmed that no additional issues or findings related to fraud and error have been identified, aside from the following items.
- Presume fraud risk related to Revenue recognition
- Risk about cutoff sale, expense and purchasing
- Equity transaction is not recorded appropriately
- Slow-moving of inventory, make provision for doubtful debts
Is there reason to be concerned about the nature of the entity's business?” No
“Document procedures performed to assess the business environment.”
Inquire Ms H - CA, the Company's management performed assessment of business environment as well its effect to ability of the Company to continue at good position in the market.
Based on our review of the entity and its operating environment, no material issues or findings have been identified However, the significant risks outlined below necessitate a higher-than-normal assessment of engagement risk, highlighting potential challenges that could impact the audit or overall operations.
Are there external influences in the business environment that affect the entity's operations and its viability as a going concern?” No
“Document procedures performed to assess financial results.
The Company listed in HNX and has good financial result of operation.
In 2018, the Company's profit was A0 billion dong, based on Inquiry Ms H - CA, in this year, the Company still makes a profit.
Is management under pressure to report certain financial results?” No
6 Business relationships and related parties
“Document procedures performed to assess business relationships and related parties.
Discussion with Mr T in June 2019 The transaction with related party has update monthly This transaction was performed by accountant and reviewed by Ms H - Chief Accountant.
In current year, the main transactions with related parties are purchasing materials, goods and buying goods, providing some services for HO Company and other related parties
There is no reason to believe that we lack a clear understanding of the nature of significant transactions and business relationships between the entity and other entities Specifically, concerns about misclassification of related parties as third parties are unwarranted, indicating transparency and proper identification of related-party interactions.
“Document procedures performed to assess prior knowledge and experience.
This year marks ABC's first statutory DTT audit, but the partner and team members have prior experience auditing similar clients Since ABC does not require any specialized skills, the existing expertise of the audit team ensures a smooth and efficient audit process.
Are we in the early years of a member firm association with an entity or are there significant changes in the business which could indicate a heightened client level risk?” No
“Document procedures performed to assess fraud risk.
Based on our thorough fraud investigations and discussions between the management and engagement team, no additional issues or findings related to fraud or error have been identified, except for the items listed below.
- Presume fraud risk related to Revenue recognition – Details in subphase
- Management override of control – Details in subphase 13500.T01
Is there reason to believe that fraud risk factors exist relating to misstatements arising from fraudulent financial reporting or misappropriation of assets?” No
(Source: Extracted from audit files ABC JSC, 2019 – Working paper 11100.T01 Assess engagement risk)
2.2.1.2 Deal with the risks of signing an audit contract
Auditors complete their training by answering multiple-choice questions before recording risk assessments on the Deloitte DRMS system They are responsible for designing solutions to minimize risks when accepting audit contracts, with a particular focus on conflicts of interest and information security Additionally, auditors conduct thorough investigations into potential conflicts and secure data protection measures to ensure compliance and reduce organizational risks.
Table 2.1: Multiple-choice questionnaire about risks of conflicts of interest and information security affecting the independence of auditors
Financial interests (typically not applicable for governmental and not-for profit entities)
Do any team members and/or their immediate family members hold any direct financial interest or material indirect financial interest in the restricted entity?
Note: Typically not applicable for governmental and not-for-profit entities.
Do any team members and/or their immediate family members have any other financial relationship with the restricted entity?
Are any partners, professional staff, or others employed by the member firm serving as (1) an officer,
(2) a director on the board or similar management or governing body, or (3) except as provided in DPM Section
1420, the company secretary of a restricted entity?
Are any team members former employees of the restricted entity or are any of their immediate family members currently employed by the restricted entity?
It is important to determine whether any former team members are currently employed by the restricted entity, or if any current team members are aware of, or have reason to believe, that a former colleague may join the restricted entity in the future This information is crucial for compliance and risk management, ensuring transparency regarding potential conflicts of interest and insider connections Monitoring such relationships helps maintain organizational integrity and adherence to legal and regulatory standards related to restricted entities.
Are any immediate family members of team members serving as directors, officers, or employees with significant influence over the preparation of accounting records or financial statements for the restricted entity? This question assesses potential conflicts of interest that could impact the integrity of financial reporting during the engagement period Ensuring transparency about familial relationships helps maintain compliance with accounting standards and strengthens the overall credibility of the financial statements.
Are any retired partners participating in the engagement? NO
Do any team members and/or their immediate family members have a close business relationship with the restricted entity or its management, which is not clearly insignificant?
If any team members or their immediate family members hold an interest in a closely held entity, and the same entity also has a significant interest in that entity, it raises potential conflicts of interest that require careful review It is important to assess whether such interests are clearly insignificant or meaningful, as this can impact compliance with relevant regulations and company policies Proper disclosure and transparency are essential when close relationships exist between team members and entities with shared interests, especially in scenarios where the entity's stake is substantial Addressing these situations proactively helps ensure ethical practices and maintains organizational integrity.
Ensure that team members and their immediate family members do not purchase goods or services from the restricted entity beyond normal business transactions or without an arm's length basis Such conduct could indicate a conflict of interest and compromise compliance with ethical standards Regularly review transactions to confirm they are legitimate, transparent, and adhere to company policies and applicable regulations Maintaining strict adherence to these guidelines helps mitigate risks and uphold organizational integrity.
Do any team members accept gifts or hospitality from the restricted entity, the value of which is not clearly insignificant?
Do team members comply with the applicable independence policies during the engagement period for that restricted entity?
Do total fees generated by the restricted entity represent a large proportion of a member firm’s total fees?
Are there significant overdue fees that might be regarded as being equivalent to a loan to the restricted entity?
Has the member firm accepted the audit engagement at a significantly lower fee level than that charged by the predecessor firm or quoted by other
Issues Yes/No Comments firms?
Has the member firm entered into a contingent fee arrangement with the restricted entity? NO
Has the member firm received or paid commissions to obtain the client? NO
Have the familiarity and self-interest threats that arise from using the same partners and professional staff on the audit over a long period of time been evaluated?
If there is significant litigation, or does litigation appear likely, between a member firm and a restricted entity?
Provision of non-assurance services
Do any team members perform any of the following activities:
Acting in a capacity equivalent to that of a member of management
Reporting, in a management role to those charged with governance
Determining which recommendation of the member firm should be implemented
Authorizing, executing, or consummating a transaction or otherwise exercising authority on behalf of the restricted or having the authority to do so?
Does the member firm provide non-assurance service to the restricted entity? Such as:
Litigation support and expert services.
All team members must acknowledge the obligation to respect and protect client confidential information, ensuring it is not used or disclosed to other clients or third parties, unless specific conditions permit such disclosure.
Disclosure is required by law or regulation.
A professional duty or a right to disclose exists.
Consent has been obtained from the Client and there are no restrictions or prohibitions under Local Laws or other contractual arrangements.
(Source: Extracted from audit files ABC JSC, 2019 – Working paper 11200.T02 Independence and confidentiality questionnaire)
Figure 2.1: Summary of risks when accepting an ABC JSC audit and how to respond to risks
(Source: Extracted from audit files ABC JSC, 2019 – Working paper 11200.T04 DRMS ABC Joint Stock Company 2019)
2.2.1.3 Decide to accept or continue the audit contract
As a first-year Deloitte client, ABC's decision to proceed with the audit was based on a thorough review of the previous year's audit firm and the survey data collected This decision received approval from senior management, including the lead partner and other executive partners, ensuring a comprehensive and aligned approach to the auditing process.
Establish detailed audit plan
Following the development and presentation of the overall audit strategy, auditors proceed to establish a detailed audit plan, which encompasses two key planning stages: testing of controls and substantive testing Both stages are conducted in strict accordance with the work outlined in the overall audit strategy, ensuring a comprehensive and effective audit process.
During an audit at ABC, control tests are conducted to evaluate the effectiveness of internal control activities Based on identified control risks, auditors develop and perform control procedures, including design and implementation (D&I) and operational effectiveness (OE) tests, focusing on key processes such as sales revenue These tests verify whether the controls established are properly designed and operating effectively throughout the year, ensuring the reliability of financial reporting in ABC’s manufacturing and trading operations.
The operation involves multiple control activities, which are summarized by auditors in the "Summary" sheet This summary includes control objectives, risks, and responses to material risks, as well as assertions, operational effectiveness, ROMM (Risk of Material Misstatement), RAWC (Risk Associated with the Control), control frequency, automation status, and expected sample size The expected number of test samples is determined using Deloitte's standardized sample size calculation method to ensure effective audit coverage.
(Source: Extracted from audit files ABC JSC, 2019 – Working paper 13210.T07 Appendix V - Testing OE sales)
Deloitte's year-end audit plan for ABC Joint Stock Company’s revenue section includes a comprehensive OE testing strategy The plan involves estimating the appropriate sample size and conducting multiple-choice control tests to ensure the accuracy and compliance of revenue recognition processes This structured approach aims to enhance audit effectiveness and adhere to regulatory standards.
Table 2.10: Planning of operational effetiveness revenue section
Summarize the control activities related to sales revenue cycle
Control the Addresses Risk of Material Misstatement
OE testing Strategy ROMM RAWC Frequency occurrence of
Recognition Ensure the validity of revenue
Revenue recognition are not reviewed and signed by the authorized person
==> No guarantee of occurred revenue
ABC primarily serves related-party customers by supplying water and solar water purification equipment The company offers essential machine installation materials, ensuring seamless setup and operation Delivery times are scheduled based on when the goods or finished products are taken out of stock, providing customers with clear and reliable delivery timelines.
Delivering goods to the customer and recording revenue upon delivery is essential, typically based on the signed delivery note between the customer and the carrier In cases where customers handle their own transportation, revenue recognition occurs at the time of delivery to the carrier Ensuring accurate documentation of delivery and revenue recognition is critical for maintaining comprehensive financial records and complying with accounting standards.
At the end of each day, Ms H, the chief accountant, reconciles delivery notes with inventory data to ensure accuracy She records the number of sales to customers in accounting books and sales diaries, maintaining precise financial records.
Occurrence Testing in current period
Significant risk Not higher due to not complex and objectivity, no judgment
1 per days No 45 price of each item with the unit price in the sales contract with the customer in case there is a difference,
Ms H will find out the difference and correct the data on the book, making sure The payment data is correct.
(Source: Extracted from audit files ABC JSC, 2019 – Working paper 13210.T07 Appendix V - Testing OE Sales)
Objective: Test OE for cover Control 1
Workdone: Select the sample and test the control signal in the sales process
Delivery notes and invoices created by the warehouse department Contract created by sales department
Reconciled by Ms Vân - Accountant
Số Ngày Người lập Aprove by Ms
Check Stamp of incharge person on contract/PO? Hợp Check stamp of Warehouse Check stamp of salesman in charge Record Reconlice
PGH3.19.01.003 1/5/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.02.034 2/22/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.03.039 3/11/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.03.030 3/8/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.04.052 4/17/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.04.040 4/12/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.04.005 4/3/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.04.061 4/18/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.05.034 5/14/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.05.063 5/24/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH2.19.05.024 5/17/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.06.026 6/9/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.06.004 6/3/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
SHI 6/30/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.06.040 6/12/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.06.061 6/18/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.06.087 6/28/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.07.116 7/30/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH1.19.07.056 7/17/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
PGH2.19.07.012 7/6/2019 Ms Vân Yes yes yes yes Ms Vân Ms Hợp
Every day, the accountant will check with the invoice, contract, delivery note and minutes of handover to record revenue
Figure 2.9: Example of OE test for sales
Deloitte auditors design specific procedures for each section when identifying risk items within the ABC financial statements to ensure accurate assertions These procedures are linked to particular assertions and are documented in the “Risk Strategy View” section of the EMS audit software This feature provides a level display indicating the risk level and the degree of reliance on internal controls, enhancing audit risk assessment and control testing.
During substantive testing, audit associates verify that the performed work aligns with planned procedures, ensuring these procedures are fully executed They gather sufficient and appropriate audit evidence to support the audit findings, thereby enhancing the reliability and accuracy of the audit opinion This process is essential for complying with auditing standards and conducting a thorough, effective audit.
In all audit sections, the primary objective of the first worksheet is to perform analytical procedures to summarize, break down, and analyze variances between previous and current year figures This process enables auditors to identify abnormal fluctuations and focus their attention on areas that require further investigation Additionally, for small and straightforward item balances, analytical procedures can effectively reduce the extent of detailed testing needed, streamlining the audit process.
After completing the analytical procedures, auditors proceed with the predetermined substantive procedures established by the Manager and Senior These procedures are essential for ensuring the accuracy and completeness of financial statements For the 2019 year-end audit at ABC, Deloitte auditors outlined specific substantive procedures tailored to key audit items, demonstrating a thorough and systematic approach to audit testing.
1 Management override of control Significant risk
- Interview with the Board of Management about the process of controlling the preparation of the financial statements
- Gathering the minutes of the Board meeting, checking the matching between the plan and the actual business performance
- Test Journal entries, test unusual transactions and accounting estimate for bias
(SR) To test occurrence of revenue, beside DI testing related to control procedure of the Company, auditor perform substantive test procedures as below :
- Select a sample of revenue transactions from GL
- Trace to sales invoice (taking note of date) and other supporting document (handover minutes, sales contract) and ensure that the sale recorded actually incurred
Inquiry and Investigate any differences might arise.
3 Inventory is misstated Higher risk
When verifying inventory costs, it is essential to test the unit costs of items included in the final inventory compilation This involves tracing the prices used to calculate the average cost back to the corresponding purchase invoices from the most recent period.
2 Test and assess the reasonableness of production overheads to the cost of inventory and whether any standard costs used are reasonable.
3 For costs affected by exchange rates, agree a selection of these rates to independent published records.
Inventory is often misstated when adjustments from inventory counts are not accurately recorded, leading to discrepancies between the general ledger and actual inventory records Additionally, incorrect or invalid items included in reconciliation processes can cause inventory values to be distorted, highlighting the importance of precise inventory management and reconciliation procedures Properly recording adjustments and ensuring accurate reconciliation are crucial to prevent inventory misstatement and maintain reliable financial statements.
Higher risk (HR) 1 Obtain the final costed inventory compilation, and test the reconciliation to the general ledger as well as to the quantities tested during the inventory count.
2 Test cut-off of inventories by using the cut-off documents obtained during the inventory count.
3 Perform tests of details to test items from the final inventory compilation by tracing quantities of items test counted or confirmed by us on the physical observation date to the compilation.
4 Test quantities of inventories from the final inventory compilation by making a selection of items from the final inventory compilation and tracing the quantities to the original count documents.
5 Equity may be misstated because the Company Lower risk
(LR) - Obtain BOD meeting related to distrubition of retain earnings end other funds of the Company
- Reconcile between BOD meeting with recorded entries in GL
Financial statements often lack essential disclosures related to operating expenses, selling, general, and administrative expenses, or the disclosed amounts may be inaccurate or improperly classified Additionally, the reported events, transactions, and management assertions might not have occurred or may not be relevant to the entity, compromising the overall reliability of financial reporting.
Higher risk (HR) Test disclosures, if applicable, related to OPEX/SGA to confirm they have been disclosed in line with the applicable accounting standards.
Request disclosure information and evaluate whether the disclosures are in line with the applicable accounting standards and reporting requirements using relevant disclosure checklists or other available tools.
7 PPE balances are not appropriately classified in the financial statements.
Lower risk (LR) At year-end - Test disclosures of Property, Plant and Equipment to confirm they have been disclosed in line with the applicable accounting standards.
- Request disclosure information and evaluate whether the disclosures are in line with the applicable accounting standards and reporting requirements, using relevant disclosure checklists or other available tools.
8 Inventory may be overstated or understated Higher risk