logo_revista

ISSN 2410-5708 / e-ISSN 2313-7215

Year 11 | No. 30 | February - May 2022

Audit planning strategies

https://doi.org/10.5377/rtu.v11i30.13381

Submitted on May 04, 2021 / Accepted on September 09, 2021

Ingrid del Socorro Ramos Vargas

National Autonomous University of Nicaragua, Managua

Director and Teacher of the Department of Economic and Administrative Sciences

Regional Multidisciplinary Faculty of Chontales

ramirezgalvezjoseroberto@yahoo.com

https://orcid.org/0000-0002-0695-9250

Section: Education

Scientific Articles

Keywords: Audit procedures, audit planning, audit strategies, audit tests, work programs.

Abstract

The Planning of the Audit guarantees the design of a strategy adapted to the conditions of each entity based on the information collected in the Stage of Prior Exploration, and in this process, all the work of the Auditis organized, the people involved, the tasks to be carried out by each of the performers, the necessary resources, the objectives, programs to be applied among others, it is time to plan to guarantee success in the execution of the same.

The audit procedures are not standardized and those that are used are selected because they have particular significance with the work objectives. When the audit is properly planned, the overall strategy for the examination is developed. The auditor must be deeply familiar with the entity. Proper planning includes the auditor gaining an understanding of the operational nature of the business, its organization, location of its facilities, sales, production, services rendered, its financial structure, buying and selling operations, and many other matters that could be significant in which it will audit. It must also know in advance the degree of confidence that can be had in internal control, conditions that may require an extension of the audit tests, and in particular the interests of the highest management. Often the level of knowledge acquired by the auditor is lower than that possessed by management, but it must be sufficient to allow the auditor to plan and conduct the examination by generally accepted auditing standards.

Introduction

The strategy is understood as the set of actions applied in a defined context to achieve objectives. The context to be applied in the audit is developed under Information Assurance Standards. In the audit of financial statements, the public accountant should meet with the client’s officials as many times as he deems necessary at the different stages of the process. This is to obtain all the information that the accountant himself deems appropriate and necessary, to be able to adequately plan his work to be developed in the different stages of the audit, and in this way, adequately comply with an independent professional service, for which he has been hired. As far as all the information that needs to be collected to plan a financial statement audit is concerned, it can be obtained in different ways.

As a matter of principle, the nature of the company and its particular conditions. Given the importance of the preliminary stage of the audit of the financial statements and their planning, it is in this period that the auditor must apply all his skills and experience to obtain all the information he needs. According to ISA 300, carrying out the activities before the start of the current audit work provides the following advantages:

It helps identify and evaluate events or circumstances that may adversely affect our ability to plan and perform audit work.

It allows you to plan an audit work for which, we maintain the independence and skills necessary to carry out the work.

It identifies if there are conflicts with the integrity of management that may affect our willingness to continue the work.

There are no misunderstandings with the client about the terms of the work. [ISA 300.A6]

Consideration of customer continuity requirements and relevant ethical requirements, including independence, occurs throughout all audit work as situations and changes in circumstances occur. Performing the initial procedures for both customer continuity and assessment of relevant ethical requirements (including independence) at the beginning of the current audit work means that these are completed before other activities are carried out that are significant to the current audit work. For ongoing audit work, such initial procedures typically occur shortly after the pre-audit is completed.

Regarding the means that the auditor can use for this, we will mention only three:

1.Interviews with client officials, to determine the objective, conditions, and limitations of the work.

2.The time to be used, the fees, the additional expenses, and the coordination of the work, among others.

3.Visits to the facilities and observation of the operations to know the operational characteristics of the company and read some documents that relate to the legal situation of the company. (Rangel Gonzalez, 2006)

Plan your audit

(Corridor, 2007)Quoted in George Terry (2006), it states that “Planning is selecting information and making assumptions about the future to formulate the activities necessary to realize organizational objectives.”

(Molins Peña, 1998)Quoted in Robert N. Anthony (2018), he states that “Planning is the process to decide the actions that should be carried out in the future, generally the planning process consists of considering the different alternatives in the course of the actions and deciding which of them is the best”.

Planning an audit consists of establishing the overall audit strategy for the job and developing an audit plan. Proper planning benefits the audit in some ways, including the following:

It helps to identify and devote appropriate attention to important areas of auditing.

It helps to identify and solve potential problems promptly.

It helps to properly organize and manage audit work so that it is carried out effectively and efficiently.

Assists in the selection of work team members with appropriate levels of skills and competencies to respond to anticipated risks, as well as the proper assignment of work to them. [ISA 300.2]

It facilitates the direction and supervision of the members of the work team and the review of their work.

It helps, if applicable, in the coordination of the work carried out by internal or contracted specialists.

The nature and scope of planning activities vary depending on the size and complexity of the entity, the previous experience of key team members with the entity, and changes in circumstances that occur during audit work.

Planning is an ongoing, repetitive process that typically begins shortly after the previous audit is completed (or in connection with its conclusion) and continues until the current audit work is completed. However, planning includes consideration of the timeliness of certain audit activities and procedures that need to be completed before additional audit procedures are performed. (Garcia Gil, 2006)

For the audit, planning takes a relevant role since with this tool you can deepen and technical the procedures, identify the availability and scope of each one, the creation of a strategic plan that will identify the risks of the audit. (Alatrista, 2016)

The planning begins with an evaluation of the problems and/or resistances that may have been found in the contact with the Company to be audited. This reflection is important to identify those problem areas that are likely to require more time and resources.

The first result of this phase is the enunciation of the objectives and scope of the audit, which will be presented in a formal document called the Audit Plan. The scope of the audit process can be limited for reasons such as limited resources, proximity to other processes, or inability to make real contact at a critical moment in a certain area. The objective of the planning is to determine the opportunity to carry out the work and the number of professionals to carry out the audit procedures.

The planning of the audit process is an aspect that is deepened and technical to achieve strategic planning, where audit risks are identified, constituting one of the greatest contributions in the new approach to auditing.

Strategic planning, as a first step in the audit, is essential to guide all audit efforts in a coordinated manner, avoid dispersions of work, transmit to the entire work team the ideas of the most experienced staff, foresee situations that do not undermine the efficiency of the review and anticipate difficulties that may affect the conclusion and report of the auditor. (Alatrista, 2016)

The most important features of planning are shown in the following schema:

Esquema1Ing

Planning features

Types of audit planning

In the audit process, there are three types of planning, which depend on the objectives to be achieved and the type of audit to be executed. And they are:

1.Planning for financial audit: includes the audit of the financial statements, and the financial audit in particular.

2.Planning for management audit: aims to evaluate the degree of economy, efficiency, and effectiveness in the management of economic resources, as well as the performance of employees and officials, regarding the fulfillment of scheduled goals and objectives and the achievement of results.

3.Planning for special exams: This planning combines the objectives of the financial and management audit.

Planning

All planning should be well documented and include the Audit Program. This consists of the description of the audit procedures to be followed in the development of the same to achieve the objectives of the exam. Although the audit program is developed as expertly as possible during the preliminary planning stage, it may be necessary to modify the procedures as additional information is acquired during the course of the work. The audited entity’s information system and accounting internal controls have a significant impact on the design of the audit program.

The auditor should avoid the inclination to follow a procedure just because it appears in a generalized program. Such programs are used only as guides, the auditor must ensure that he has not overlooked any important review procedure. Whether by adopting the overall program or preparing a tailor-made program, the auditor must be sure that the needs of each job are met.

The timely appointment of the auditor contributes to proper planning.

In effect, planning requires the auditor to carry out certain procedures in due course, in particular, to have a preliminary exploration in time and a clear and precise illustration that allows coordinating the activities to be developed to comply with the audit program in question. The fundamental work at this stage is to define the strategy that must be followed in the audit to be undertaken.

Work schedules may vary in form and con-had depending on the nature of the work. The internal auditor when planning the Internal Audit must gain an understanding of the importance and complexity of the activities of the established automated information system and the availability of data for use.

This understanding includes matters such as:

Importance and complexity of automated processing in each important operation subject to internal audit. The importance refers to the most relevant items affected by automated processing;

It can be considered an operation as complex when, for example:

a.The volume of transactions is such that users find it difficult to identify and correct errors in processing;

b.The system automatically generates transactions of relative importance directly to another application;

c.The automated system conducts complicated financial reporting operations and/or automatically generates transactions of relative importance that cannot (or are not) independently validated, and transactions are exchanged electronically with other organizations and internally within the entity.

The structure of the automated information system, the degree of concentration and distribution of automated processing throughout the entity may affect the segregation of duties;

Data availability contemplates source documents and other evidentiary materials that may be needed by the internal auditor, which exist or not for a short period or only in readable form by the automated system.

The automated information system can generate useful internal reports to carry out the Internal Audit. (Hernandez Melendez, 2016)

Planning Phases

The planning of each audit is divided into two distinct phases or times, called preliminary planning and specific planning. In the first of them, the strategy to be followed at work is configured preliminarily, based on the accumulated knowledge and information obtained from the entity to be audited; while the second defines such a strategy by determining the specific procedures to be applied by each component and how the work will be developed in the following phases. The aforementioned stages involve the performance of recurrent audit work, in these cases there is already extensive knowledge of the operations of the entity to be audited as a result of previous work, therefore, the analysis must fall on the changes that have occurred since the last exam.

In a job that is being done for the first time, there is no such accumulated knowledge and therefore, the planning stage will demand an additional audit effort. In the case of examinations of relatively small entities or activities, where it is not necessary to present the preliminary and specific planning separately, the Director of the Audit when issuing the work order will instruct the team members so that the report or planning report is unique. (Balseca, 2014)

Preliminary planning:

It represents the basis on which all the activities of the specific planning and audit themselves will be based, hence the importance of knowledge of the activities developed by the entity, together with the evaluation of external factors that may, directly and indirectly, affect its operations, for which it is necessary to carry out a study based on a certain scheme, its main elements are the following:

Knowledge of the entity or activity to be examined;

Knowledge of the main activities, operations, goals, or objectives to be met;

Identification of the main policies and practices: accounting, budgetary, administrative, and organizational;

General analysis of financial information: •Determination of materiality and identification of significant accounts of the financial statements.

Determination of the degree of reliability of the information produced;

Global understanding of the development, complexity, and degree of dependence of computerized information systems;

Determination of operating units;

Inherent Risks and Control Environment;

Planning Decisions for Operational Units;

Preliminary decisions for components;

Preliminary Audit Approach

The products obtained in the preliminary planning allow to qualify it as a complete process, which begins with a work program, which is then applied and results are achieved for internal use of the audit unit, which is contained in the report prepared for the knowledge of the Director of the Unit and includes the definition of the global approach to the audit and the main components on which the evaluation of internal control will be carried out of the entity. (Balseca, 2014)

Specific planning.

Once the preliminary planning has been completed and the operations that require further review and analysis for the proper design of the audit approach have been identified, it will be necessary to consider, among others, the following instructions:

Clarification or additional information on accounting policies applied by the entity;

Verification of important managerial information;

Diagnostic procedures to be performed;

Obtaining additional information from a system.

The Memorandum of Audit also known as a memo, is a document that serves to briefly inform the staff of a company, public institution, private or government office, the matters of an administrative nature concerning the review to be carried out.

Generally, it is writing that is elaborated in printed form and half-letter size, although it can also be done in a complete letter, this does not have a pre-established format but can carry the memorandum legend letterhead, without this being mandatory.

It is used to disclose important information to staff, such as indications, notices, recommendations, or any other that the company considers important to communicate about the audit process.

The content of a memorandum of Audit may vary depending on the type of company, the objective of the same, and the scope that you want to obtain in it.

The parts that an audit memorandum must include services to provide clear information on the procedures to be followed within the audit program, such as:

Name(s) or departments to whom it is addressed. Date.

Subject briefly written that includes: areas to be audited, a period that includes the review (date of the Financial Statements that will be reviewed), identify the commitments of the parties involved in the work (audit firm and audited department), which means establishing pacts and support agreements to carry out the work, establishing a general objective and specific objectives, which serve as premises to know what is intended to be achieved with this process. The areas, documents, and parts to which the audit firm will have access within the entity are established. Establish a start date and presentation of the results of the work to be done. Sender name(s) or departments. Signature(s).

Example of Memorandum of Audit:

Memorandum: 0583/12.

C.P. Mario Avendaño Enríquez

Public Accountant & Purchasing Manager

Nicaragua, C.A., November 10, 2012.

Who subscribes Héctor Sandoval Núñez informs you that the next audit of the department he is in charge of will be carried out, which will be carried out from November 15 of the current year and covers the accounting year 2010-2011.

Therefore, I ask you to take the necessary actions so that the review process can be carried out to satisfaction, as well as to provide all the necessary support to the auditing company so that it can fulfill its mission in optimal conditions.

Cordially

B.A. Alejandro Medina Orozco

Director of Finance

To meet the objectives set out in the audit, the following activities will be carried out:

1.Preliminary investigation:

Visits to the institution to determine the current state of the organization, interviews with administrators and users of the networks to determine possible failures, interviews with administrators and users to determine the opinion regarding the existing hardware and obsolescence of equipment.

2.Collect information:

Design of interview formats, design of formats for checklists, design of formats for questionnaires, design of the test plan, selection of the standard to be applied, elaboration of the audit program, distribution of activities for the members of the working group.

3.Application of instruments:

Apply interviews to the administrator and users, apply checklists to verify controls, apply questionnaires to discover new risks, and conform those that have been detected previously.

4.Execution of the tests:

Execute the tests to determine the obsolescence of the hardware, run tests on the network, run tests to check the correspondence of the inventories with reality.

5.Perform the risk analysis and evaluation process:

Work on the picture of vulnerabilities and threats to which they are faced, determine the risks to which they are exposed, make the risk assessment, develop the map or risk matrix.

6.Risk treatment:

To determine the treatment of risks according to the risk matrix, to propose controls under the standard of good practice applied, to define possible solutions

7.Audit opinion:

Determine the degree of maturity of the company in the management of each of the processes evaluated, measure the degree of maturity according to the findings detected in each process.

8.Final audit report:

Work the draft of the technical audit report to confront it with the audited, preparation of the final technical report, preparation of the executive report, organization of work papers for its delivery.

Resources:

Human: The audit will be carried out by a group of auditors specialized in data networks with the methodological advice of an Audit Engineer.

Physical: Educational institution facilities, computer rooms, and network devices.

Technological: computer equipment, software installed for the network, digital camera, Intranet educational institution. (Solarte Solarte, 2012)

Budget:

Item

Value

Tools and Stationery

$ 20.000.00

Office equipment such as calculators.

$ 80.000.00

Magnetic storage media such as 1 CD box, 1 Diskette box.

$ 20.000.00

General expenses: Cafeteria, unforeseen events, transportation, etc.

$300.000.00

Payment of Fees (1 million monthly x c/u)

$4.000.000.00

Total budget

$4.420.000.00

Work Schedule

Activity

My 1

My 2

My 3

1

2

3

4

1

2

3

4

1

2

3

4

Plan the audit

Preliminary Study

Determination of Critical Audit Areas

Apply the audit model

Preparation of Audit Program

Risk Assessment

Execution of Tests and Obtaining of Evidence

Build improvement plans

Preparation of Report

Report Support


Final Considerations

Planning involves establishing the overall strategy and developing the work plan for the audit, allowing the auditor to properly organize and manage the audit work ensuring efficient and effective work. In the same way, it allows you to select a competent work team with the necessary skills for the development of the work.

For audit planning, the auditor must take into account the entity and its environment. This planning allows you to obtain an understanding of the legal framework and determine risk assessment procedures, important aspects for the development of the audit, taking into account that planning is a continuous and interactive process.

The audit should be performed by personnel who have adequate technical training and audit experience. It is advisable to work with a multidisciplinary team according to the needs of the client, the type of audit, and if possible, with experience in the industry. Examples: Accountants, Lawyers, Systems Engineers, Industrial Engineers, Tax Specialists, Industry Specialists.

In the planning of the audit, it is vital to achieve a comprehensive understanding of the business, the industry environment, and the external environment, which facilitates the identification of risks. The number of significant risks identified is directly proportional to the degree of understanding of the business, its external environment, and the industry. The greater the understanding, the greater the likelihood of identifying significant risks. Significant risks are those with a high probability of occurrence and a significant impact on the financial statements.

To the extent that the Audit is planned with some basic strategies of knowledge before it develops the entity to be audited, the results will be more suitable both for the audit and for the different users of that information in decision making.


References


Alatrista, M. A. (June 13, 2016). The planning process in the audit and its relevance. Auditool. Obtained from the National Institute of Public Accountants of Colombia: https://www.incp.org.co

Balseca, J. (March 13, 2014). Calameo.com. Obtained from Calameo. com: https://es.calameo.com

Corredor, J. (2007). Strategic planning. In J. Corredor, Theoretical Bases for its application. Venezuel: Vadell Hermanos, Editors.

Garcia Gil, V. L. (June 1, 2006). Estrategias and Financial Information Audit Plan. Obtained from Monografias.com: https://www.monografias.com

Hernandez Melendrez, E. E. (April 11, 2016). Audit Planning. Obtained from Gestiopolis.com: https://www.gestiopolis.com

Molins Peña, M. (1998). Theory of Planning. In M. Molins Peña, Teoria de la Planificacion. Venezuela: Ediciones de Universidad Central de Venezuela,Biblioteca.

Rangel Gonzalez, J. A. (December 18, 2006). Strategies to improve audits of financial statements. Strategies to improve audits of financial statements. Mexico, Mexico, Mexico.

Solarte Solarte, F. N. (February 13, 2012). Systems audit. Obtained from Systems Audit: https://auditoria of sistemas.blogspot.com