[happygal]

Can someone please give me a very basic explanation/ version/relationship of substantive tests, tests of details, and their overall relationship to auditing, and anything else you may feel is important to understanding these topics. I know my questions may sound a bit confusing as I am very confused with this myself. Tried to get through the Becker text but keep getting stuck on these topics.

Thank you lots and lots and best of luck with your exams!

[lswang]

Substantive tests or procedures are designed to detect material misstatement at the assertion level. For instance you would perform a search of unrecordeds for AP to determine that they are not understated (valuation) or do a physical observation/count of inventory to see that it exists (existence).

FAR | 81 - July 21 15
REG | 66 - Oct 1 15 | 87 - Jan 7 16
AUD | 90 - Oct 29 15
BEC | 86 - Nov 25 15

[FAR_WARS]

Further Audit Procedures= Test of Controls & Substantive Procedures

Test of Controls= Inquiry, Reperformance, Observation, Inspection

Substantive Procedures= Test of Details and Analytical Procedures

Test of Details= Whatever is left. Some can be either TOC's or TOD's depending on circumstance. I often get confused when they overlap…

FAR- 80
BEC- 75
AUD- 78
REG- ?

[NebCPA]

Investors want to know if the financial statements in the companies they are investing in are correct, and management has an incentive to lie/mislead the financial statements (this is known as the agency problem). The main purpose of auditing/auditors, then, is to act as independent intermediaries and issue an opinion on financial statements. The question is, how does an auditor know if the financial statements are correct?

Let’s take a hypothetical, personal example to, maybe, simplify the process. Your friend comes up to you and says: “Can I borrow $50K? Don’t worry, I have a $1M in the bank that is tied up right now. I’ll pay you back in a week with interest.” – how do you know if he is telling the truth or lying?

As an auditor, we are going to look at two areas to determine if your friend has $1M:
1. Controls
2. Substantive procedures

Controls look at processes, not transactions. An example would be a bank reconciliation. A bank reconciliation is a process, and maybe your friend completes one to determine that cash is properly recorded in his balance sheet each month. If we are trying to determine if your friend has $1M, it may lower our risk if we know your friend is actively completely a reconciliation each month, but that along probably won’t make us feel that good, and so, we’re going to want to perform certain procedures (substantive procedures) to determine if your friend has $1M.

Substantive procedures are transaction or account based, and there are two activities that roll-up into substantive procedures:
1. test of details
2. Analytical procedures.

Test of details are what they sound like, tests that look at the details of transactions and accounts. Analytical procedures are broader and look at relationships.

We’re still trying to figure out if your friend has $1M. Let’s start with analytical procedures, since it’s usually a bit quicker and easier. Let’s say we run a trend analysis. What’s our expectation? We know that your friend’s bank account has increased 200% each year for the last 5 years. Given this, we would expect your friend’s bank account to increase 200% in 2015. In 2013, your friend said he had $10K, in 2014 your friend said he had $20K, and in 2015 your friend said he has $1M. Our assumption is that your friend’s cash account should grow at the prior year-rate, so we would expect him to have $40K, but instead he says he has $1M, so our trend analysis (analytical procedure) is going to tell us to look at this account and understand why it has grown so much. The analytical procedure is not telling us that the account is correct or incorrect. It is simply telling us that we should look closer at it. That closer look will be a test of details, because we want to look at the specific details of the account.

So, here’s where were at: we know your friend says he has $1M. He has controls in place to reconcile his cash account each month, which is good, so we would expect him to know what his cash balance is. We ran an analytical procedure over the account in the form of a trend analysis, which shows that a $1M cash balance exceeds or expectation and requires us to do more work to know what the cash account is. Since we still don’t know if your friend has a $1M, we’ll need to do a test of details.

Our test of details will be a confirmation of the cash balance against an independent source, the bank. We are going to send a letter to the bank asking how much money your friend has, and if the bank says your friend has $1M, we’ll believe your friend.

Overall, this example is extremely simplified. Let’s take a company like Berkshire Hathaway. The company shows about 250 subsidiaries in its annual exhibit 21 to the financial statements. Understand that these subsidiaries may have 10 subsidiaries themselves, or 2,500 companies each with 10 cash/bank accounts. That’s 25,000 cash accounts the auditors of Berkshire would have to determine are correct. There’s no way the auditors have the time or resources to send out that many cash confirms to banks, so, they’re going to do the same things we talked about above. They are going to look at materiality and determine if some cash accounts are so small, that even if they were 100% incorrect (ie. had $0) no one would care. A $100 bank account on a balance sheet that shows $57B in cash is highly immaterial. Then the auditor is going to look at controls. If there are controls in place that are working, control risk is lower. Maybe we will sample the bank accounts to determine which one’s we want to confirm. If controls are working, we can afford higher sampling risk (ie. we’ll test few bank accounts). Lastly, we’ll determine which accounts we want to test (test of details).

The response is a bit lengthy but hope it helped. Best of luck to you.

[FAR_WARS]

I thought Inspection was a test of controls. How do I tell when it is being used as a substantive test. For example:

Which of the following procedures concerning accounts receivable would an auditor most likely perform to obtain audit evidence supporting the effective operation of controls?

a. Observing an entity's employee prepare the schedule of past due accounts receivable.
b. Comparing an entity's uncollectible accounts expense to actual uncollectible accounts receivable.
c. Inspecting an entity's analysis of accounts receivable for unusual balances.
d. Sending confirmation requests to an entity's principal customers to verify the existence of accounts receivable.

Choice “c” is incorrect. Inspecting an entity's analysis of accounts receivable for unusual balances is a substantive test, not a test of the operating effectiveness of controls.

Choice “a” is correct. In order to obtain audit evidence supporting the effective operation of controls, an auditor must obtain evidence regarding how controls were applied, the consistency with which controls were applied, and by whom or by what means controls were applied. Observing preparation of the schedule of past due accounts receivable provides some of this evidence.

FAR- 80
BEC- 75
AUD- 78
REG- ?

[NebCPA]

I don’t know that I really like the above question because the wording is a bit misleading but it’s not all bad. When we are talking about controls, where we look at the company’s processes and what the client is doing to prevent financial statement errors, there are two elements:
1. Design and Implementation (D&I) of the control
2. Operating Effectiveness of the control

Before we test the operating effectiveness of the control, we need to know that the control is designed and implemented properly by the company. For example, let’s look at a cash reconciliation. We need to ask ourselves what is a cash reconciliation supposed to do? How will it prevent cash from being misstated? Who’s performing the cash reconciliation? Are they qualified? Does the company have proper separation of duties? We need to understand first and foremost, what the control is and how it operates. In order to do this, the auditor must test/evaluate the D&I of the control (this will usually require walking-through one example of the control with the client, observing the client performing the control, or inquiring with the client about how the control operates – though, inquiry alone is not enough to determine the control is operating effectively).

A test of operating effectiveness is where, after we have an understanding of the control, we select items from the control population and test that the control is being carried out in the manner we understand, i.e., we’d select two bank reconciliations and make sure they were performed, make sure they were reviewed, and such.

You can test/evaluate D&I and perform a test of operating effectiveness at the same time. You can perform a test/evaluate D&I and not a test of operating effectiveness. You cannot perform a test of operating effectiveness without testing/understanding the D&I of the control.

The question asks: which of the following procedures concerning A/R would an auditor most likely perform to obtain audit evidence supporting the operating of controls. The key here is that the question is not saying we are testing the operating effectiveness of the control. Instead, it is simply saying we are supporting the operation of the control – this means we can simply look at the D&I of the control or maybe we can do a full blown test of operating effectiveness. Remember though, with a control, the client is doing something (the control process) and we are verifying the client is doing that process correctly and consistently.

Answer A is correct – observe the employee prepare the schedule. By doing this, we test/evaluate the D&I of the control and gain support for the effective operation of the control. By observing, and probably inquiring of the employee, we gain an understanding of how the control is implemented and whether it is properly designed to be effective. The question with a control is what is the client doing and are they doing it correctly? Here we can see the client is preparing a schedule and we can observe they are doing it correctly.

Answer B and D are test of details – I don’t think there is much confusion here.

Answer C is, also, a test of details, but the devil is in the details. The client prepares an analysis of A/R each month and YOU inspect it for unusual balances, not the client. The key sentence here is you inspect the A/R analysis for unusual balances. This could very well be a control, but in the context of what we are saying we are doing, we are not testing the control. What is the control? We are implying that the control is that management creates an analysis of A/R and reviews it for unusual balances. If this were the case, an example of a test of the control would be inspecting the A/R analysis for review. A control would be if the client had a threshold for “unusual” accounts (anything over 120+ days), and you inspected the report to determine the client identified each unusual balance. The answer isn’t saying you did these things though, the answer is saying you, the auditor, inspected the report for unusual accounts, not the client.

A control is about what the client did. You want to know what the client did. Once you start doing something further than the client or in excess of the client, you are no longer testing the client’s control, you are creating your own test (ie a substantive test). If it is a control, you will inspect what the client is doing – you will not be identifying unusual balances, the client will be identifying the unusual balances.

[FAR_WARS]

That was very helpful- Thanks so much!

So Inquiry, Observation, Inspection, and Reperformance = TOC if testing what client did, TOD if beyond what client did.

But then Becker contradicts itself by presenting Dual Purpose tests that are both TOD and TOC. These include tests such as tracing, vouching, examination, comparison, recalculation.

So these tests do test controls to some extent? I thought Inquiry, Observation, Inspection, and Reperformance were the only ways to test controls.

FAR- 80
BEC- 75
AUD- 78
REG- ?

[NebCPA]

I agree with your understanding. With a dual purpose test, you can separate the procedures performed by the auditor into individual TOD and TOC procedures, but there is really no bleed over between the two technique wise. The TOD and TOC are independent, so a TOD will not test a TOE and a TOE will not test a TOD, if that makes sense. Let me use an example to explain what I mean.

A company has a lot of PP&E on their balance sheet. We audited ending PP&E last year so we know the current year beginning balance is accurate for PP&E and sales during the year are immaterial, so we’re not going to test sales. So, we’re only going to look at purchases during the year to determine the existence and accuracy of ending PP&E on the balance sheet. What do we know about the company?

We know that the company has a policy (control) that any PP&E above $500K in value must be approved by the Board of Directors and we know if the company purchased the PP&E, then there would be a cash outflow. Here we can use a dual-purpose test. What that means is we’re going to do two, independent procedures for each purchase, a TOD and a TOC.

TOC – Inspect purchase order for BOD approval
TOD – Trace purchase to bank statement

We decide to sample and since we are doing a TOC, we can use lower control risk (assuming the TOC ends up being effective), so our sampling program chooses 10 purchases over $500K throughout the year. For each purchase, the client provides the purchase order/receipt for the item. For purchase 1, we are going to inspect (TOC) the purchase order to make sure there was proper approval (the client’s control). Once we see it has been signed, we’re going to trace/vouch (TOD) the purchase to a cash outflow on the bank statement and to the G/L to show existence and accuracy. The TOD and TOC are performed for each item, but they are separate procedures with separate audit techniques.

[FAR_WARS]

So it would be fair to say, “let's dual test that transaction. For TOD we will trace ____, & for TOC we will inspect ____”.

Each Purchase is getting both a TOD and a TOC- hence a “dual test”.

Thank you for clarifying that there is no bleed/overlap.

FAR- 80
BEC- 75
AUD- 78
REG- ?

[happygal]

@ ISWANG, @ NEBCPA, and @ FAR_WARS, thank you so very much! that helped a lot!

[happygal]

@ NEBCPA, would you please mind sharing a few tips on how you study, you seem to have a good grasp on concepts. thanks!

[leglock]

good explanations

[NCnc2]

@NebCPA

Hello NebCPA, you really killed this topic. I wished everyone of these prep courses have the decency to elaborate on every topic as you did. I just wanted to say, thank you for taking the time to make these great posts. Because of the amount of time that you put into constructing your answers, for the first time, I registered myself with any forum, to show you my appreciations. I learned a lot from your post and I have actually printed it to carry with me, as I go about my daily tasks.

Once again, thank you for such a wonderful contribution.

By the way, I have Googled you on Ninja site, but I don't believe you have that many posts on Audit. Or am I missing something? I was kind of interested in reading more about your posts. Do you have a website with these kind of materials?

By the way, I was going to reply to @NebCPA, but I did not know how to do that yet…so forgive me.

Sincerely
MS

[Author]

Replies