战略系统审计

0AuditComfortCycle4KeyQuestions•Whatdoesmanagementneedtogetcomforton?•Howdoesmanagementgetcomfort?•Aretheyentitledtothatcomfort?•Canweauditthatcomfort?MarketOverviewStrategyValueCreatingActivitiesFinancialPerformanceOTHERAUDITPROCEDURESFINANCIALSTATEMENTSCOMPLETIONACCEPTANCE/CONTINUANCEASSESSMENTSUBSTANTIVEAUDITEVIDENCEMAINLYSUBSTANTIVEANALYTICALPROCEDURESSIGNIFICANTCONTROLSCOMFORTNO/LIMITEDCONTROLSCOMFORTAuditcomfortcycleMAINLYTESTSOFDETAILS1Scoping:FormingaPointofView–Performcompanyandindustryanalyticalprocedures–Researchandanalyzeexternalcommunications–Partnersconnectwithstaffmembers–Documenttheteam’sunderstandingofthebusiness–Knowledgebrokertocaptureandshareindustryinformation–Formapointofviewontherisksthatmanagementshouldbeconcernedabout2Scoping:BusinessAnalysisFramework34StrategicAnalysis•Understandtheclient’sstrategicadvantage567RiskAssessment•Understandtherisksthatthreatenattainmentoftheclient’sbusinessobjectives–“Theprimarygoalofmanagementcontrolistoensurethatriskmonitoringandcontrolactivitiesarealignedproperlywithoverallstrategicobjectives”p.35–Strategicrisks–Processrisks8Scoping:RiskAssessment–KeyRisksKeyRiskWeidentifyauditriskthroughunderstandingtheentity’sbusinessobjectivesandrelatedrisks.BusinessRisksAuditRisksKeyRiskKeyRiskKeyRiskKeyRiskKeyrisksarethoseconditionsorfactorswithinanauditthat,inthejudgmentoftheauditor,giverisetoagreaterriskofmaterialfinancialmisstatementorothermattersresultingintheissuanceofaninappropriateauditreport.9Scoping:AnalyticalProcedures–HighLevel•Understandthebusiness•Identifyareasofrisk–DisaggregatedAccountLevel•Determinethenature,timing&extentoftesting–Externalbenchmarkingtopeers,markettrends•Lookingforanomalies,areasofrisk•Useofextensiveknowledgemanagementtoolsavailable10BusinessProcessAnalysis•Understandthekeyprocessesandrelatedcompetenciesneededtorealizestrategicadvantage–Processdrivencompetition•Measureandbenchmarkprocessperformance•Documentunderstandingoftheclient’sabilitytocreatevalueandgeneratefuturecashflowsusingaclientbusinessmodel,processanalyses,keyperformanceindicators,andabusinessriskprofile11BusinessRisksrelatedtoachievingObjectives………………BusinessProcessACompletenessAccuracyValidityRestrictedAccessBusinessProcessBCompletenessAccuracyValidityRestrictedAccessBusinessProcessCCompletenessAccuracyValidityRestrictedAccessAccountBalancesandTransactionsAccountBalancesandTransactionsGeneralComputerControlsAccountBalancesandTransactionsConnectingtheDots…BusinessObjectivesFinancialStatementAssertions/AuditObjectivesClassesofTransactionsOccurrenceCompletenessAccuracyCutoffClassificationAccountBalancesRights&ObligationsExistenceCompletenessAccuracy/ValuationPresentation&DisclosureOccurrence/R&OCompletenessUnderstandabilityAccuracy/Valuation1213Assessimplicationsforbusinessandaudit–Isriskidentificationcomplete?–Aretheyprioritizedproperly?–Aretherecontrolstominimizeriskstoacceptablelevel?–Doaccountingchoicesanddisclosuresadequatelyreflectuncontrolledrisks?–Groupsresidualbusinessriskbyfinancialstatementassertion14ScopingTranslatedintoAuditStrategyWherecontrolsoversignificantaccountbalancesorclassesoftransactionarenotaligned,wewillneedtoperformsubstantivetestsofdetails.StakeholdersRisksControlsAlignmentBusinessObjectives15BusinessMeasurement•Usethecomprehensivebusinessknowledgedecisionframetodevelopexpectationsaboutkeyassertionsembodiedintheoverallfinancialstatements•Comparereportedfinancialresulttoexpectationsanddesignadditionalaudittestworktoaddressanygapsbetweenexpectationsandreportedresults•Transactionbasedauditingproceduresareappliedtonon-routinetransactionsandnon-routineandhighlyjudgmentalaccountingestimates(p.36).•Computeraudittechniquesfilterroutinetransactionsforunusualitems•AdditionaltestworkisperformedwheninterrelatedfinancialandNonfinancialperformancemeasuresareinconsistentandwhenkeyfinancial-statementassertionsarenotconsistentwiththeauditor’sunderstandingoftheorganization’sstrategic-systemsdynamic•Qualityofearningsareassessed•Processperformanceevaluatedon–Cycletime–Processquality–Processcost16Scoping:AuditTeamofSpecialistsOurbestteamsuseourspecialistcapabilitiestohelpinformingapointofview.StakeholdersBusinessObjectivesFinancialRiskBusinessProcessEnterprise-wideRiskSystems&TechnologyEnergyTradingRiskBusinessResilienceProjectManagementInternalAuditSecurityDataRiskRegulatory/CompliancePerformanceImprovementTreasuryRisksControlsAlignmentComputer-AssistedAuditTechniquesFraud17AuditComfortCycle4KeyQuestions•Whatdoesmanagementneedtogetcomforton?MarketOverviewStrategyValueCreatingActivitiesFinancialPerformanceOTHERAUDITPROCEDURESFINANCIALSTATEMENTSCOMPLETIONACCEPTANCE/CONTINUANCEASSESSMENTSUBSTANTIVEAUDITEVIDENCEMAINLYSUBSTANTIVEANALYTICALPROCEDURESSIGNIFICANTCONTROLSCOMFORTNO/LIMITEDCONTROLSCOMFORTAuditcomfortcycleMAINLYTESTSOFDETAILS•Howdoesmanagementgetcomfort?•Aretheyentitledtothatcomfort?•Canweauditthatcomfort?18“TakingStock”:Real-TimeLinkageintheIterativeProcess–Shareteammembers’cumulativeknowledge–Updateriskidentificationandassessme