 Hello and welcome to the session. This is Professor Farhad in which we will discuss the integrated audit What is the integrated audit? It's when the when the auditor audit the financial statement and issue an opinion, which is the traditional audit also ordered the internal control over financial reporting and also issue an opinion in This session about the integrated audit We would look at testing and evaluating the design and operation of the internal control over financial reporting In the prior session, we looked at what we call the top-down approach Remember our objective as auditors in an integrated audit is to issue the opinion about the internal control over financial reporting What steps do we undertake? We plan the engagement. We use top-down approach, which we already covered We test and evaluate the design of the internal control over financial reporting We test and evaluate the operating effectiveness. So we're gonna Test the design or evaluate the design test and evaluate the operating effectiveness So I decided to cover these two steps in this session Then at the end we will form an opinion, which is our end the product Which is that's our objective about the effectiveness of internal control Before we proceed any further. I have a public announcement about my company farhad lectures comm Farhad accounting lectures is a supplemental educational tool That's gonna help you with your CPA exam preparation as well as your accounting courses My CPA material is aligned with your CPA review course such as Becker, Roger, Wiley, Gleam, Miles My accounting courses are aligned with your accounting courses broken down by chapter and topics. My resources consist of Lectures, multiple choice questions, true-false questions, as well as exercises. Go ahead start your free trial today No obligation, no credit card required Let's start by looking at testing and evaluating the design of internal control. What is the design? What do we mean? What do we mean by the word design? Well, simply put What does the internal control looks like on a piece of paper? Simply put you are looking at the map You are not doing anything. You are not taking the trip when you look at a map You're just looking to see where you're going. You're not actually going anywhere. Let's talk about something even simpler Let's assume you're studying for the CPA exam. So that's your plan plan is to study You will have a design for that plan and what's the design at the design to read the notes watch the lectures solve MCQ's and Solve simulations. So that's the design. That's the plan now if you do so You might pass but that's how the design but it doesn't mean you are going to do that The design is just basically what you put down on a piece of paper Now, why do we need to learn about the design? Because we need to learn about the design or that or test the design effectiveness and We assume after we learn about the design if that design is working properly It should achieve the company's control objective and effectively prevent and detect errors on fraud that could lead to material mistakes All what we are doing first is we want to see is the design good Maybe the design is no good right from the get go and then you have you have a serious issue here But first we need to learn about the design. Now, what procedures do you have to undertake to learn about the design? One procedure you can use is called walkthrough and basically tracing transactions starting with a transaction from the origination through the company information system Till it appears on the company's financial statement. So taking the Taking the statement from A to Z now the auditor can do this themselves or with the help of the internal With the help of the internal auditors. So the external alone or they can get the help of the internal auditor During this process, they might conduct inquiries talk the management inquiry of personnel observe operation Sometimes they let you know they're observing sometimes they don't and inspection of documents and all what they're doing now is learning is Learning about the design of the internal control. That's all what they're doing But that's not good enough. Why because you can have a great internal control on a piece of paper But if it doesn't work properly that it's useless. So now what you want to know is is it operating? effectively So is the internal control over financial reporting actually working as design? Is it operating effectively if we go back to your CPA plan? Are you going to actually read the notes? Watch the lecture solve the MCQs and the Sims? That's what you said you you want to do that was the design that was the map But are you actually doing it? Maybe you're not reading the notes Maybe you're not watching the lecture. You're just going into the solving MCQs or something like that So you are not following What you said you will do but if you do so you should pass or you should learn the material you should be prepared You should doesn't mean you will pass, but you should be prepared. You should pass eventually Okay, so why test the operating effectiveness because okay, we learned about it now We need to increase our conviction that the internal control over financial reporting is actually working We know by design. It's good if working properly But we need to know whether it's working properly or not When we test the internal control over financial reporting We need to be familiar with three terms the nature of the testing Timing of the testing and extent which is basically very similar to the testing that we learn about in your audit Regular audit which is auditing financial statement. The nature is basically the type of test What type of test can we undertake? Well, we already learn about inquiries asking questions Observation inspection and we do this through in the learning stage. We would also do this during the testing stage Why not we can do it again? In addition, we have to do Repreformance recalculation of the application of the controls now We have to test it actually go through it and run some numbers and see if it's actually working as expected If they're saying they're doing they're getting the approval for that sales order see if they're getting the approval See if they're properly computing the sales tax see if they're properly computing the sales tax go through it For example, if you want to test completeness for recorded invoices Maybe you could use a general audit software something like idea or program Excel to find out if there's any gaps in the shipping documents Now you're actually testing the control Well, you looked at their shipping Design everything looks good. They have a good shipping system. But is it actually working? You will test it Now bear in mind you have to know that inquiries alone are not sufficient to test the operating effectiveness inquiries are good to learn But not the test you could use it during testing that it's by itself is not enough So that's the nature of the test Timing timing basically answer when are you going to test? Okay, it should be over a period of time. Okay Now bear in mind we have certain routine transactions transaction that repeatedly occur and certain transaction or events that are not routine for routine transaction, we would assume that the control is continuously operated as Tested so for example, if you have sales transaction through a computer system You would assume if it's you tested it for a week or a day and it's a computer system and there is no changes You would assume it's routine. It should it should be it should be functioning properly You might have non routine events for example preparing monthly or quarterly financial statements You really cannot test until after they're done to see how well the process went now You have to introduce unpredictability during the process. You cannot tell Management when are you gonna be testing because if you do well, they might Be a little bit more alert and change their method. So that's how when I said about observation Sometime when you want to conduct observation, don't let them know because when people know they are being observed They might behave differently So that's timing extent of the test Well, how much are you going to test like basically the volume? How much are you going to test and the answer is to obtain sufficient and appropriate evidence? Why because you need to provide a high level of assurance that the internal control related to the assertions are operating effectively Now again, we're still talking in general terms and we're gonna keep talking in general terms But basically what you have to know is this if the control is manual. It's not automated It's gonna require more work because automated controls once, you know, they're working properly. You test them once a Computer system process something properly. It's programmed to do it at all. It's always gonna do it Manual control people get lazy get tired. So you have to do a little bit more testing The more important the control the more testing it requires so if a control is important and we should know this because Testing internal control is a risk risk based approach. The more important the more risky the more work you would give it The more frequent the control used the more the testing as well. Okay, so also the more Frequently we use this control because we use it continuously. You want to make sure it's working It's not a one-time thing and you cannot accept less than persuasive evidence So the evidence has to be persuasive how well has to be sufficient and appropriate how to provide high level of assurance How follow these general terms? So this it's a judgment at the end of the day Now we have to understand Because we do test of controls when we audit the financial statements and we do test of controls for integrated audit So we need to understand the differences between the two because you could be asked a question Okay, first the purpose the purpose is different the purpose of Audited financial statement is to assess control risk Why do we need to assess control risk to decide whether we're gonna rely on this control or not rely on this control? Remember we have low control risk and if there's a low low control risk that means we're gonna rely We're gonna obtain evidence to see if that control was operating during the period We are auditing if it's a high control risk. We don't rely. We don't test anything so that's why that's the purpose of auditing financial statement when you are not issuing a report on The controls over financial reporting now if you are issuing a report about Internal control over financial reporting, which is you are conducting an integrated audit The purpose is different the purpose to show an opinion about the effectiveness of internal control taken as a whole to determine Whether it's fairly stated at a point in time. So the the purpose is different Because the purpose is different the scope is different and the procedures are more extensive The scope is definitely different. Maybe the procedures could be similar inquiries observation, but they're more extensive So to answer the question, it's different. They're totally different for purpose scope and procedures. We say they're different Just make sure you know the difference and hopefully the slide kind of explained the difference between The test of control that you learn about during the regular audit the audit for financial statement and the integrated audit is totally Different now we are ready now to form an opinion on the effectiveness of internal control and this is gonna be heavy-duty stuff Forming an opinion and issuing actually the report itself. What should you do now? Go to far hat lectures and look at MCQ's That's gonna help you Understand this concept better in this in this concept. They test you Not only there's some memorization here But if you understand the purpose the overall picture you have to use less memory But if you have to use your memory 100% You'll be in trouble because you're gonna have to learn about this about non attestation services many many different reports So that's why understanding is totally The right thing to do for the CPA exam because think about how many reports you have to deal with reviews Compilations and DNA Suck report should I keep going? So there's a lot of the point is There's a lot of reports relying on your memory Big mistake. There's agreed upon procedure prospective information for former financial information Okay, so bear in mind that memory does not work for the CPA exam Understanding appreciating will work much much better. I'm always here to help you study Good luck Attack each topic one at a time Understand it and assume that's the only topic you're studying for good luck