Tests of details, a substantive procedure, is the auditor's primary response to risks of material misstatement. Today I tell you what a test of details is and how you can best use this substantive approach..
Further Audit Procedures
AU-C 330: Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained defines substantive procedures as:
- Tests of details
- Substantive analytical procedures
Once you assess your risks of material misstatement you determine your responses. These further audit procedures (responses) include the two substantive procedures listed above as well as test of controls.
So of the three further audit procedures, are certain ones required?
A test of controls is necessary if substantive procedures can’t properly address a risk of material misstatement. Think complex information technology processes. For example, when a benefit plan participant changes his investment options in a 401(k). There may be no physical documents to examine. In these circumstances, a test of controls might be your only option.
By contrast, auditors are required to perform tests of details when significant risks are identified. A test of controls alone will not do. So if, for example, you have determined that a complex estimate is a significant risk, then plan and perform a test of details in response. Likewise, if you believe a fraud risk is present, perform a test of details.
Additionally, substantive procedures are required for relevant assertions related to each material class of transactions, account balances, and disclosures. However, for this requirement, the auditor can use:
- Substantive analytics alone
- A tests of details alone
- A combination of substantive analytics and test of details
This article focuses on tests of details. So, let’s move to that topic.
What is a Test of Details?
Audit standards don't define tests of details. They only say that a test of details is one of two substantive procedure options (the other being substantive analytics). Since there is no definition, here are examples of a test of details:
- Vouching invoices
- Tracing bills sent to customers
- Search for unrecorded liabilities in accounts payable
- Testing bank reconciliations by examining subsequent month bank statements
- Sending bank confirmations
- Sending customer confirmations
- Agreeing receivables to contracts
- Vouching subsequent receipts in receivables
- Reconciling payroll in the general ledger to quarterly payroll tax returns
As you can see, a test of details is just what it says it is. You are digging into the details of transactions. Substantive analytics, by contrast, look at numbers from a broader perspective. For example, the auditor might compute the current ratio or compare this year's debt level with prior years. I provided examples of substantive analytics in a recent article.
Now let's see how you can best select your tests of details procedures.
Tests of Details - Selection of Procedures
So, how do you determine which response is best?
AU-C 330 tells us to pay attention to the nature of the risk. Doing so allows us to determine the what, when and how of our procedures. The audit standards refer to this as the nature, timing and extent. So, here is the way to design appropriate responses to your client’s risks of material misstatement.
1. Nature of Evidence
First, let's discuss the type of procedures or, as the audit standards call it, the nature of evidence. If an auditor believes that receivables might be overstated, then she might send confirmations to customers. Why confirmations? To prove the existence of the receivables. And confirmations provide third party evidence which is better than that from within the company. Customers usually have no reason to respond in a dishonest manner, so the third party evidence is more reliable.
Prepaid assets, by contrast, usually has a low risk of material misstatement. They are not complex. The volume of transactions is low. They are not an estimate. So, in this instance, the auditor could use substantive analytics. Again, the nature of the risk drives your response.
Your responses are critical. If your tests don't address the risk of material misstatement, what good are they?
In addition to the nature of evidence, timing matters as well.
2. Timing of Evidence
So, should you perform interim audit procedures? The answer depends on the reliability of the accounting system. Interim work is more easily done when you audit reliable systems. Consider waiting until period-end to audit unreliable systems. Why? If your interim work yields significant problems, you may not feel comfortable with roll-forward procedures. In other words, you may have to re-perform your interim work at period end.
Do you perform a search for unrecorded liabilities? Then some time must pass from period-end before you do this procedure. The entity needs time to receive period-end invoices and make payments before you can review them. Likewise, if you are examining subsequent period receivable collections, some time must pass before you do so. Wait at least three or four weeks from period end before you perform these types of procedures.
In addition to the nature and timing, the quantity of information is critical.
3. Extent of Evidence
The extent or quantity of evidence is another decision. Higher risks call for more evidence. If accounts payable has been materially understated the last two years, then consider lowering your search threshold for unrecorded liabilities. If you've used $10,000, you could, for example, move it to $3,000. The lower threshold will yield more evidence. The main point here is you want more evidential matter as risk increases.
But can you audit too much information? The answer is yes, unless you have an unlimited time budget. So, you want to examine enough information without overdoing it.
A question to ask in designing your quantity is, “Will this test allow me to detect a material misstatement?” For instance, you might plan a sample. But once you total the individually significant items, you see the remaining amount is immaterial. Then test the individually significant items and stop.
Choosing Your Tests of Details
So there you are. A summary of nature, timing and extent as they relate tests of details. Learning to match your procedures with risks is one of the most important things you'll do as an auditor. Using canned audit programs or the same-as-last-year approach can lead to significant problems. Therefore, know your risks. Then design and perform responsive procedures.
Tests of Details by Account Balance
If you desire to see tests of details by account balances and transaction cycles, see The Why and How of Auditing series. There I provide you with tests of details for accounts such as cash, receivables and debt.