An audit engagement checklist is an important document that helps internal auditors perform tasks adequately and in accordance with generally accepted accounting principles, or GAAP, and generally accepted auditing standards, or GAAS. The U.S. Public Company Accounting Oversight Board, or PCAOB, and international financial reporting standards, or IFRS, also require checklists in all audit engagements.
Learn about the Control Environment
An internal auditor learns about a company's control environment to familiarize himself with important elements affecting its operating activities. For instance, a firm in the construction industry may receive greater scrutiny from the U.S. Occupational Safety and Health Administration than a company in the financial services sector. Similarly, the Commodities Futures Trading Commission may regulate an investment bank more than a biomedical firm. Two factors generally affect a corporation's control environment—internal and external. Internal elements relate to corporate rules, guidelines, processes and mechanisms. External factors relate to the firm's competitive standing, economic developments in the industry and regulatory actions.
Test Internal Controls
After reviewing a company's control environment, an auditor tests internal controls to ensure they are adequate, functional and conform to GAAS, GAAS and PCAOB rules. A control is a set of recommendations that senior leadership establishes to prevent operating losses originating from computer hardware or software malfunction, fraud, error and theft. A control is adequate if it details steps to perform tasks, make decisions and report problems. A functional control provides proper solutions to internal problems and breakdowns. Adequate and functional controls in financial reporting systems are important to prevent material, or substantial, errors in financial statements.
Rank Controls and Risks
After testing internal controls and procedures, an auditor ranks the risks in those controls as "high," "medium" and "low," based on the loss expectation. "High" and "medium" risks may cost a firm substantial losses in operating activities. They also may cause a company to report inaccurate or incomplete financial statements. Complete financial reports include a balance sheet (also called statement of financial position), statement of profit and loss, statement of cash flows and statement of retained earnings. Senior management usually focuses on "high" and "medium" risks, whereas department heads and segment managers provide corrective measures for "low" risks.
Issue the Final Report
Before issuing a final report, a senior auditor reviews mitigating solutions that senior leaders provide for "high" and "medium" risks. If the corrective measures meet GAAS procedures and auditing guidelines, he can make a note about the subject in a separate explanatory paragraph but not in the audit report. The American Institute of Certified Public Accountants and the Institute of Internal Auditors recommend that an auditor documents important risks in an audit sheet. An auditor can also note the risk mitigation progress in the "risk and control self-assessment" (RCSA) report that department heads periodically prepare. In an RCSA, segment managers rate internal risks as "tier 1," "tier 2" and "tier 3," depending on expected losses.
- Photo Credit accounts image by Alexey Klementiev from Fotolia.com
How To Design an Audit Checklist
Audits are conducted by companies, government agencies and accrediting bodies to evaluate if individuals and businesses are meeting desired outcomes, documenting accurately...
Internal Audit Checklist Samples
Companies face a wide array of governmental regulations and legal requirements. Public companies must have their financial statements and the information technology...
Steps of an Audit Engagement
Although not all audit engagements are the same in substance or in scope, they often share basic steps in preparation, planning, field...
Audit Engagement Procedures
The audit engagement process is a professional negotiation between public accounting firms and prospective clients. This process is used to find new...
Checklist for an Accounting Audit
Many auditors use more than a checklist to review an organization's accounting activities, according to "The CPA Journal." With the amount of...
Checklist for a Statutory Audit
A statutory audit is an in-depth examination of corporate controls, procedures and financial accounting systems. A statutory auditor reviews such controls in...
An audit checklist provides a professional auditor with a group of instructions that they must follow when reviewing a company, department, business...
Financial Audit Checklist
Auditing is the process of validating an organization's financial tracking and reporting system and verifying that financial managers have been diligent in...