Podcast
Questions and Answers
Which of the following is NOT a consideration for auditors using the test data approach?
Which of the following is NOT a consideration for auditors using the test data approach?
What primary purpose does parallel simulation testing serve for auditors?
What primary purpose does parallel simulation testing serve for auditors?
What is a significant advantage of using generalized audit software (GAS)?
What is a significant advantage of using generalized audit software (GAS)?
Which type of network is typically used to link equipment within a single company?
Which type of network is typically used to link equipment within a single company?
Signup and view all the answers
Which issue may arise from a lack of centralized IT function when managing equipment in a network?
Which issue may arise from a lack of centralized IT function when managing equipment in a network?
Signup and view all the answers
What is a key distinguishing feature of the payroll and personnel cycle compared to other transaction cycles?
What is a key distinguishing feature of the payroll and personnel cycle compared to other transaction cycles?
Signup and view all the answers
Why are payroll-related accounts typically smaller compared to the total amount of transactions in the payroll cycle?
Why are payroll-related accounts typically smaller compared to the total amount of transactions in the payroll cycle?
Signup and view all the answers
What is the primary objective when auditing the payroll and personnel cycle?
What is the primary objective when auditing the payroll and personnel cycle?
Signup and view all the answers
How does the effectiveness of internal controls in the payroll cycle compare to that in other cycles?
How does the effectiveness of internal controls in the payroll cycle compare to that in other cycles?
Signup and view all the answers
What factor contributes to potential employee morale problems in payroll processing?
What factor contributes to potential employee morale problems in payroll processing?
Signup and view all the answers
Which statement accurately describes the accounting flow within the payroll and personnel cycle?
Which statement accurately describes the accounting flow within the payroll and personnel cycle?
Signup and view all the answers
What is the relationship between employee service receipt and payroll payment timing?
What is the relationship between employee service receipt and payroll payment timing?
Signup and view all the answers
What is the primary concern when testing payroll liabilities with respect to accruals?
What is the primary concern when testing payroll liabilities with respect to accruals?
Signup and view all the answers
Which of the following is NOT a benefit of integrating IT into accounting systems?
Which of the following is NOT a benefit of integrating IT into accounting systems?
Signup and view all the answers
How does effective management of complex IT activities influence management's decisions?
How does effective management of complex IT activities influence management's decisions?
Signup and view all the answers
What can be a consequence if IT systems fail in an organization?
What can be a consequence if IT systems fail in an organization?
Signup and view all the answers
What objective relates to ensuring that payroll transactions are recorded at the correct amounts?
What objective relates to ensuring that payroll transactions are recorded at the correct amounts?
Signup and view all the answers
Which of the following represents a risk specific to IT systems?
Which of the following represents a risk specific to IT systems?
Signup and view all the answers
What is a common misconception about the capabilities of IT systems in accounting?
What is a common misconception about the capabilities of IT systems in accounting?
Signup and view all the answers
Which of the following does NOT represent a balance-related audit objective in testing payroll liabilities?
Which of the following does NOT represent a balance-related audit objective in testing payroll liabilities?
Signup and view all the answers
What effect do automated controls in IT systems have on transaction processing?
What effect do automated controls in IT systems have on transaction processing?
Signup and view all the answers
What is the key purpose of separating IT duties within an organization?
What is the key purpose of separating IT duties within an organization?
Signup and view all the answers
Which two approaches are typically used for testing software in an organization?
Which two approaches are typically used for testing software in an organization?
Signup and view all the answers
What is one of the critical components of a security plan for an organization?
What is one of the critical components of a security plan for an organization?
Signup and view all the answers
What should be included in backup and contingency planning?
What should be included in backup and contingency planning?
Signup and view all the answers
Why is involving both IT and non-IT personnel important during systems development?
Why is involving both IT and non-IT personnel important during systems development?
Signup and view all the answers
What could be a consequence of not implementing physical controls over computers?
What could be a consequence of not implementing physical controls over computers?
Signup and view all the answers
Which strategy is NOT recommended for managing power outages in an organization?
Which strategy is NOT recommended for managing power outages in an organization?
Signup and view all the answers
What aspect of systems development can lead to better user acceptance of software?
What aspect of systems development can lead to better user acceptance of software?
Signup and view all the answers
Which of the following is NOT a reason to engage in extensive software testing?
Which of the following is NOT a reason to engage in extensive software testing?
Signup and view all the answers
What is an effective feature of a well-designed security plan?
What is an effective feature of a well-designed security plan?
Signup and view all the answers
What is the primary focus of output controls in processing systems?
What is the primary focus of output controls in processing systems?
Signup and view all the answers
Which of the following is NOT a common method for detecting errors in output?
Which of the following is NOT a common method for detecting errors in output?
Signup and view all the answers
In smaller companies, which of the following is often true regarding the IT function?
In smaller companies, which of the following is often true regarding the IT function?
Signup and view all the answers
Which testing approach uses auditors' custom test data to evaluate automated controls?
Which testing approach uses auditors' custom test data to evaluate automated controls?
Signup and view all the answers
What unique consideration arises from the use of computers in auditing non-complex IT environments?
What unique consideration arises from the use of computers in auditing non-complex IT environments?
Signup and view all the answers
For effective error detection in the output phase, auditors should focus on:
For effective error detection in the output phase, auditors should focus on:
Signup and view all the answers
Which of the following describes the role of desktop and networked servers in non-complex IT environments?
Which of the following describes the role of desktop and networked servers in non-complex IT environments?
Signup and view all the answers
What is the objective of the parallel simulation approach in audits?
What is the objective of the parallel simulation approach in audits?
Signup and view all the answers
What is the main challenge in auditing smaller companies compared to larger firms?
What is the main challenge in auditing smaller companies compared to larger firms?
Signup and view all the answers
Which aspect is crucial for auditors when assessing the effectiveness of automated controls during testing?
Which aspect is crucial for auditors when assessing the effectiveness of automated controls during testing?
Signup and view all the answers
Study Notes
Audit Practice and Procedures II - Week Seven
-
Topic: Auditing Payroll and Personnel Cycle and IT Audit
-
Subtopic: Recap of Last Class
- Audit Sampling
- Sample Risk
- Statistical and Non-Statistical Sampling
- Probabilistic versus Non-Probabilistic Sampling
- Types of Sampling; Sample Decisions
-
Subtopic: The payroll and personnel cycle
- There is only one class of transactions for payroll, unlike other cycles which have multiple classes.
- Payroll-related transactions are generally more significant than related balance sheet accounts.
- Internal controls over payroll are effective, especially for small companies due to strict federal and state regulations.
- Employee morale can be affected if employees are not paid or are underpaid.
-
Subtopic: The payroll and personnel cycle
- The cycle begins with hiring, ends with payment for services performed, and includes obtaining services, consistent with company objectives, and proper accounting for the services.
- The overall objective of the audit is to determine if the account balances affected by the cycle are fairly stated according to applicable accounting standards.
-
Subtopic: Accounts in the Payroll and Personnel Cycle
- Typical accounts in the payroll and personnel cycle (as illustrated in Figure 20-1) include: cash in bank, accrued wages, salaries, bonuses, and commissions, earned wages, salaries, etc., withheld income taxes, and other deductions, and payroll tax expense.
- Accounting information flows through these accounts.
- Accrued wages and salaries are used at the end of an accounting period only.
- Expenses are typically recorded when employees are paid, not when the labor is incurred.
-
Subtopic: Classes of Transactions, Accounts, Business Functions, and Related Documents and Records for the Payroll and Personnel Cycle (Table 20-1)
- Key accounts and transactions: Payroll cash, payroll expense accounts, payroll withholding accounts, payroll accrual accounts, Human Resources, Timekeeping, Payroll Preparation, Payment of payroll, Payroll tax returns and payment of taxes.
- Related documents and records: Human resource records, deduction authorization form, rate authorization form, time record, job time ticket, payroll transaction file, payroll journal or listing, Payroll master file, Payroll direct deposit or check, payroll bank account reconciliation, W-2 form, and payroll tax returns.
-
Subtopic: Business Function - Human Resources
- The human resources department is an independent source for interviewing and hiring qualified personnel, as well as an independent verification source of wage information, including additions or changes in payroll and wages, and deductions.
-
Subtopic: Business Function - Timekeeping and Payroll Preparation
- Timekeeping and payroll preparation directly affects payroll expense for each period in the audit.
- Adequate controls are needed to prevent misstatements in preparing time records, summarizing and calculating gross pay, deductions, net pay, and preparing payroll records.
-
Subtopic: Business Function – Payment of Payroll
- Payroll disbursement approval and distribution are critically important to prevent payroll theft, and payroll disbursement should be processed separately from other disbursements.
- Payments should be issued in exchange for services performed and, typically, deposited directly into employees’ bank accounts. The amount paid should reflect gross pay less taxes and other deductions withheld.
-
Subtopic: Business Function – Preparation of Payroll Tax Returns and Payment of Taxes
- Federal and state payroll laws require timely preparation and submission of payroll tax returns using computerized payroll systems.
- Thorough verification by a competent individual is necessary to prevent misstatements and potential tax penalties associated with payroll tax returns.
-
Subtopic: Summary of Transaction-Related Audit Objectives, Key Controls, Tests of Controls, Tests of Transactions for payroll -Detailed table describing transaction-related audit objectives for recorded payroll payments, existing payroll transactions, accuracy of payroll transactions, payroll posting and summarization, payroll classification, timing of transactions and related controls as well as tests that can be performed.
-
Subtopic: Methodology for Designing Tests of Controls and Substantive Tests of Transactions
- Internal control for payroll is highly structured to minimize payroll fraud and employee issues like being underpaid.
- All payroll transactions are usually uniform and uncomplicated.
- Payroll transactions are subject to audit by federal and state governments for income tax withholding, social security, and unemployment taxes.
-
Subtopic: Understand Internal Control-Payroll and Personnel Cycle
- Internal controls for payroll and personnel vary. Auditors must identify deficiencies in controls.
- Auditors must test controls they intend to rely on for reduced assessed control risk.
- For reporting on the effectiveness of internal control over financial reporting, the auditor must understand the relevant controls and controls tests sufficient to form an opinion.
-
Subtopic: Key controls for the payroll and personnel cycle
- Adequate separation of duties: Payroll function should be independent of human resources to prevent overpayments or payments to nonexistent employees. Payroll and payroll disbursement should also be separate.
- Proper authorization: Only human resources should be authorized to add/delete employees or change payroll rates/deductions; hours worked should be approved by supervisors, and done on an exception basis for overtime.
- Adequate documents and records: Appropriate records vary based on the type of compensation system (hourly vs. piece rate).
- Physical control over assets and records: Access to unsigned checks, payroll, and direct deposit systems should be restricted.
- Independent checks on performance: Payroll computations should be independently verified, and unusual amounts or misstatements should be investigated.
-
Subtopic: Inventory and Fraudulent Payroll Considerations
- Auditors extend payroll audit procedures if payroll significantly affects inventory valuation, or when concerned about fraudulent payroll transactions (nonexistent employees or fraudulent hours).
-
Subtopic: Analytical Procedures for the Payroll and Personnel Cycle (Table 20-3)
- Details of analytical procedures for comparative payroll expense with previous years, direct/commission labor as a percentage of sales and sales with previous years, also includes tax expense as a percentage of salaries and wages compared to previous years, and comparison of accrued payroll taxes with previous years.
- Detailed description of possible misstatements.
-
Subtopic: Methodology for Designing Tests of Details of Balances
- Auditors begin by analyzing control risk and substantive tests of transactions.
- After these, they determine the likelihood of misstatement in accounts and perform tests of balance details. -Payroll liabilities are examined regarding accuracy-correct amounts and proper period recording (cutoff).
-
Subtopic: Identifying Client Business Risks Affecting Payroll (Phase I) -Payroll risks are usually not significant unless it is complex compensation arrangements are involved. For example bonus/stock options.
-
Subtopic: Setting Performance Materiality and Assessing Inherent Risk (Phase I)
-
Payroll transactions are typically numerous and involve large amounts but not typically substantial for misstatement concern.
-
Subtopic: Assessing Control Risk and Performing Related Tests (Phase I and II)
-
Auditors must perform control and substantive tests to minimize payroll risks.
-
Subtopic: Performing Analytical Procedures (Phase III)
-
Analytical procedures are essential when investigating payroll for reasonableness and comparing current period to prior ones.
-
Subtopic: Design and Perform Tests of Details of Balances for Liability and Expense Accounts. (Phase III)
-
Auditors check that accrued payroll expenses, payroll-related liabilities, are accurately measured and recorded at the appropriate time. The two major focus point are Accuracy (stated at the correct amount) and cutoff (transactions at the proper period).
-
Subtopic: Chapter 12 - The Impact of Information Technology on the Audit Process
-
Subtopic: How Information Technologies Improve Internal Controls
-
Computers replacing manual controls for cost effective processing.
-
Consistent information processing reduces misstatements.
-
Higher-quality information from IT helps managers for better decisions.
-
Subtopic: Assessing Risks of Information Technology
-
IT may affect the organization's overall control risk but reduce some manual system risks.
-
Risks specific to IT include to hardware/data, reduced audit trails, need for IT experience and separation of IT duties.
-
Subtopic: Risks to Hardware and Data
-
Reliance on functioning hardware and software without proper physical protection.
-
Potential for errors due to systematic (programmed) errors.
-
Potential for unauthorized access due to external parties with remote access.
-
Loss of data from central electronic data storage.
-
Subtopic: Reduced Audit Trail
-
Reduced visibility of audit trail reduces tracing accuracy, which can lead to potential issues.
-
Reduced human involvement from IT systems.
-
Lack of traditional authorization because of automated systems for instance order levels.
-
Subtopic: Need for IT Experience and Separation of IT Duties
-
IT systems reducing traditional separation of duties, such as authorization, record keeping, custody, require additional IT experience.
-
Segregation of duties and qualified personnel for installation, maintenance, and usage are essential for effective control.
-
Subtopic: Internal Controls Specific to Information Technology
-
General controls apply to all aspects of IT systems to address risk, such as administration, separation of duties, developing, physical and online security, back up (contingency plans for unexpected problems).
-
Application controls work at business process level for transactions, such as sales, and cash receipts, and need comprehensive evaluation.
-
Subtopic: Categories of General and Application Controls (Table 12-1)
-
Detailed table describing categories of general controls (IT administration, separation of duties, systems development, physical and online security, backup/contingency planning, hardware controls) and application controls (input controls, processing controls, output controls) including examples for each category.
-
Subtopic: Separation of IT duties
-
It is important to separate the functions of authorization, record keeping, and custody to prevent fraud, and theft.
-
Examples include separating management, systems development, operations (computers-operations, librarian, network administrators), and data control. This is crucial for protecting assets.
-
Subtopic: Systems Development
-
Purchasing right software and in-house development, involving IT and non-IT personnel (including key users and auditors) are important to address needs, software design, and implementation concerns.
-
Thoroughly testing the software with realistic data is crucial for compatibility with existing systems (hardware and/or software) and capacity to handle transaction volumes.
-
Subtopic: Physical and Online Security
-
Physical controls (like restricting access, and security, and online access controls) must be established for computers and data files to mitigate risks of unauthorized changes and improper data file use.
-
Security plans must be documented and monitored.
-
Subtopic: Backup and Contingency Planning
-
Business functions using IT are vulnerable to significant disruptions from various incidents (power failure, fire, extreme heat, water damage, or even sabotage).
-
Implementing backup plans for data loss, generating backups, using on-site generators, storing data offsite, outsourcing to secure storage firms are important to ensure continuity of operations.
-
Subtopic: Hardware Controls
-
Hardware controls built into computer equipment to help with detection of failures. Auditors must ensure that the client handles errors detected by the hardware controls appropriately.
-
Subtopic: Application Controls
-
Application controls are designed to help ensure software operates correctly by handling the six transaction related objectives in financial reporting.
-
Subtopic: Input Controls
-
Effective controls are necessary to assure correct data entry, authorization, and completeness. For example, proper preparation, management authorization, and competent personnel.
-
Subtopic: Processing Controls
-
Controls needed for processing transactions (validation, sequence, arithmetic accuracy, reasonableness tests).
-
Examples of this include ensuring accurate calculations of gross pay and that withholdings are correctly computed and compared.
-
Subtopic: Output Controls
-
Reconciling computer generated output to manual totals, comparing processed units, comparing transaction output to input, and ensuring the proper timing of processing are crucial.
-
Subtopic: Auditing in Less Complex IT Environments
-
Small companies who use IT without dedicated IT personnel or who use periodic IT consultants rely heavily on desktop, or networked servers.
-
Subtopic: Examples of Auditing Around and Through the Computer
-
Table describing various examples of auditing techniques in scenarios such as accounts receivable, payroll or cash disbursement, when performing through and around the computer.
-
Subtopic: Auditing in More Complex IT Environments
-
Auditors have three main considerations using test data, and they include including relevant circumstances, consistency with client usage, and eliminating from records.
-
Subtopic: Parallel Simulation
-
Software controlled to replicate client's operations.
-
Using same data files to validate automated controls and electronic account balances, often called parallel simulation testing.
-
Subtopic: Generalized Audit Software
-
Generalized audit software (GAS) is utilized specifically for auditing purposes in a parallel simulation testing.
-
Advantages: Easy training for staff, flexibility in different clients and cases, faster audit tests than traditional methods. -Detailed table of generalized audit software uses.
-
Subtopic: Issues for Database Management Systems
-
Database management systems centralizing data and sharing amongst applications.
-
Implementation of proper controls (access controls, back up systems) for security, accuracy and completeness of the data.
-
Integrating ERP systems which allows data across many functions.
-
Subtopic: Issues for e-Commerce Systems
-
The use of e-commerce systems.
-
Concerns about security (interception or sabotage)
-
Firewalls/ encryption and digital signatures for mitigation of these exposures.
-
Public and private key encryption to transmit and store information securely.
-
Subtopic: Class Discussion
- Focus is on issues surrounding outsourcing of IT services.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Related Documents
Description
Test your knowledge on auditing principles and the payroll cycle. This quiz covers various aspects of audit practices, including test data approaches, parallel simulations, and specific characteristics of payroll processing. Perfect for accounting and audit students or professionals looking to refresh their knowledge.