After conducting the assessment of the design of the internal controls at Crest Outfitters, the team are meeting to discuss their next steps. Tia addresses the team.

‘Now that we’ve determined that Crest Outfitters has a relatively strong set of internal controls, we’ll need to test that they are working as they’re designed. Leigh — how do we do that?’

Leigh responds, ‘I’m not sure. In the past, I’ve only just been told how many items to test and the procedure — I haven’t been involved in this part of the audit planning.’

Rory replies, ‘We need to determine the procedures we’ll use to test the internal controls and also decide how we collect the evidence — the method to select the sample and how much. All of this is documented in the audit program. We can’t sample every transaction, but there’s still a risk that we might not find a misstatement, so we need to think about sampling carefully. And you can’t forget non-sampling risk — the risk that we make the wrong conclusion, not related to sampling. This could happen if we don’t interpret the evidence we collect correctly, we apply the wrong audit procedure or we don’t confirm an unreliable source of evidence. But don’t worry, Leigh, I’ll review your work to help the team minimise non-sampling risk.’ 

Tia sends Rory and Leigh off to develop the audit program and consider what sampling methods they should use. While walking, Leigh asks Rory a final question. ‘With data analytics tools, is it possible that we don’t need to use sampling? That we test every single transaction at Crest Outfitters?’ 

Rory thinks about this for a few moments and says, ‘It’s an interesting thought. I don’t know whether this sort of tool is available yet, but it’s worth raising the question with Tia and Felix at our next meeting. It could help us automate a lot of the audit process if we could use a program to automatically test all transactions. But I wonder if there would be any risks?’

They both ponder this as they walk back to their meeting room to continue planning the audit.

AUDIT DOCUMENTATION

Up until now, Rory has been completing the audit documentation for tasks that he and Leigh have been working on together. However, this time Rory instructs Leigh, ‘You’re going to be completing the working papers related to our next step in the audit. Have you completed audit working papers before? Do you know why they’re important?’

Leigh answers, ‘I know that Tia reviews our working papers and then she provides feedback either in person or in a note to the file. And I guess it helps Felix and Tia keep track of where we’re up to.’ 

‘Correct,’ says Rory, ‘our documentation is really important. We need to justify our professional judgements — to our team members, to ASIC if it chooses to inspect our audit files or to a judge in a legal case. It also helps us plan and review the work completed on the audit. We also need to make sure that we follow ASA 230. This standard requires us to document the evidence and basis for our conclusions. Our working papers are designed to help us meet ASA 230 and should be straightforward and in plain English — just remember to fill in all of the fields.’

Required

Answer the following questions based on the information for Crest Outfitters presented in this chapter and earlier chapters. You should also consider your answers to the case study questions in earlier chapters.

Consider the effects on Crest Outfitters’ accounts and business of opening a physical store to sell its products. Remember that Crest Outfitters currently sells to wholesalers and via its website.

(a) Would this change create any additional business risks for Crest Outfitters? If so, explain what they would be.

(b) Describe how this business change would affect the inherent risk and control risk.

(c) What changes would you expect to see in the accounts of the balance sheet of the client?

(d) In the accounts that you expect to see changes in, what assertions would be at risk?

(e) Describe the population(s) and suggest a sampling approach for controls and substantive testing for inventory.