[Image Credit: care-web.co.uk]

This piece seeks to portray how the Ghana Audit Service carries out its auditing process using the Risk based Audit Methodology Manual (hereinafter referred to as the RAM). Documentations on the RAM by the Service shall be heavily drawn upon in this piece.

In Need of Writing Services? Contact us for quality work!

The RAM as a tool is very comprehensive. One key inherent characteristic it possesses is its ability to generate paper trails at virtually every stage of the auditing process. The implementation of the RAM involves four audit regulatory processes. These are: (1) Planning; (2) Strategic Audit Planning; (3) Audit Execution/Fieldwork; and, (4) Reporting. Since the execution of the RAM follows a process, it can thus be inferred that the regulatory process, Audit Execution/ Fieldwork, cannot and would not occur before the Planning regulatory process. Each of these regulatory processes shall be dealt with in more detail.

1. Audit Planning

It must be noted that this particular regulatory process first and foremost covers assessment of competency of audit team members as well as to ascertain whether the audit team has the time to perform the audit. Any identified training needs are addressed, where practicable, before the commencement of the audit. Specific competency facets that are reviewed in relation to knowledge are: Understanding of the audit approach and documentation; Involvement in prior year’s audit and management letter issues; Legislation and regulations relevant to the audited entity; Understanding of the systems and processes of the auditee; Financial Reporting framework: Basis for the preparation of the financial statements (e.g. Modified Cash accounting); IT systems and computerized environment. Competency in the aforementioned is necessary if the audit process is to begin on a sound footing.

You Might Also Like:

Impact of Risk based Audit Approach on Implementation of Internal Control System

The second consideration under this regulatory process is to assess and ensure that any threats to the audit team member’s independence have been eliminated or reduced to an acceptable level. In a bid to ascertain their ethical stance, prospective audit team members are subjected to a series of questions bordering on ethical issues such as conflicts of interest, independence, political neutrality, integrity, objectivity & impartiality, professionalism and professional development.

Furthermore, under this process, the hours required for the audit is budgeted for and then compared against the actual. Hours for activities such as administrative planning (e.g. code of ethics declaration, competency matrix etc.), planning (e.g. internal control checklist, regulatory framework, planning materiality, risk of material misstatement etc.), fieldwork (e.g. system description, reliance on key controls, performing substantive tests, audit observations etc.) and reporting (e.g. audit differences, management letters, audit report etc.) are budgeted for. Additionally, to enhance division of labour, responsibilities for the execution of different audit-related activities are assigned among team members and agreed to in writing. Finally, as a way of assessing the quality of the panning process, audit team members are subjected to some quality control questionnaires so as to ensure that none of the regulations guiding the audit planning process has been flouted.

2. Strategic Audit Planning

The second process in the RAM is the Strategic Audit Planning and it entails understanding the business and operations as well as the legal framework backing the auditee entity, thus allowing for a thorough assessment of material risks. The control framework of the auditee entity is also reviewed with the aid of an internal control checklist, thereby enabling the determination of the audit approach to be used. Furthermore, it is during this process that the overall audit strategy is devised. Approval of the audit plan is also sought during this particular process.

3. Audit Execution

This is the regulatory process that ushers in auditing proper. It all commences with an Entrance

Conference to explain the audit purpose, approach and strategy in a bid to establish communication channels between the audit team and management. The audit execution is then conducted following a number of component levels. These component levels are lead schedule; system description; release on key controls; test of controls to determine if there are any irregularities; and performance of substantive testing. Finally, test controls are evaluated.

4. Reporting

Here, audit completion procedures are performed and the appropriate audit opinion formed. Audit report is then put together and submitted to the Auditor-General who then reviews it and forward it to Parliament.

You Might Also Like:

Impact of Risk based Audit Approach on Implementation of Internal Control System