Which of the following is required documentation in an audit in accordance with auditing standards?

Q: Which of the following documentation is not required for an audit in accordance with auditing standards?

Choice D” is correct. The auditor is not required to evaluate operating effectiveness as part of obtaining an understanding of internal control, and therefore need not document the basis for this decision.

[toc-this]

Inhaltsverzeichnis Show

Definitions
Instructions
Structure your audit file
Reference audit documentation
Prepare audit files in a timely manner
Document meetings
Assemble the final audit file
Document additional audit procedures
Ensure confidentiality and data protection
Follow the rules for public access to ECA documents
Handle suspected fraud with care
Follow ownership rules
Respect retention period
Which of the following documentation is not required for an audit in accordance with auditing standards?
What are the documentation requirements for auditors?
What is audit documentation in auditing?

Principles

Audits should be documented, especially
[a-glossary term="significant%20matters"]significant matters.[/a-glossary]
Audit documentation should provide evidence that the audit was planned and performed in accordance with international auditing standards and applicable legal and regulatory requirements.
Audit documentation should enable an
[a-glossary term="experienced%20auditor"]experienced auditor,[/a-glossary]
who has had no previous connection with the audit, to establish and understand the evidence that supports the auditors' significant judgements and conclusions.
Proper documentation of evidence is vital and should be completed before the audit findings are cleared, thus helping to ensure that the audit findings are evidence-based. Audit files and working papers need to contain an audit strategy and an audit plan and information about the approach and work undertaken to answer the audit questions, to be structured logically to provide ready access to the audit evidence and support the communicated results of the audit. Irrelevant or unnecessary documentation should not be included in audit files.
All audit work should be documented in Assyst .
Good documentation of audit evidence helps to ensure that a defensible basis exists for the audit findings and draft final report.
Each auditor is responsible for the proper documentation of the audit task for which they are responsible.

The audit documentation serves many purposes in the audit process. It helps the audit team to plan and perform the audit. It helps responsible team member(s) to direct and

[link title="supervise" link="%2Faware%2FGAP%2FPages%2FSupervision-review.aspx" /]

the audit work. It enables the audit team to be accountable for its work. It retains a record of matters of significance, also for future audits. It enables

[link title="quality%20reviews" link="%2Faware%2FGAP%2FPages%2FQuality-management.aspx" /]

and inspections (

[link title="Quality%20assurance" link="%2Faware%2FGAP%2FPages%2FSpecific%2FQuality-assurance-procedures.aspx" /]

, peer reviews) to take place during the audit and subsequently.

Definitions

Audit documentation is defined as the record of audit procedures performed, relevant audit evidence obtained, and audit conclusions reached ("working papers" or "work papers")
Audit documentation relates to the entirety of documents drawn up by the auditors. It includes documents prepared by the auditor but also documents received from sources internal or external to the audited entity.
The auditor shall prepare audit documentation that is sufficiently detailed to provide a clear understanding of the work performed, evidence obtained and conclusions reached. However, documenting an audit does not mean that every single detail of information needs to be documented.

[toggles]

[toggle title="At%20the%20ECA%2C%20audit%20documents%20typically%20include%3A"]

Audit planning memoranda or task plans;
Audit programmes;
Accompanying working papers;
Correspondence;
Documents from sources internal and external of the audited entity (e.g. national authorities);
Findings;
Clearing documents, including replies and analysis thereof;
Audit completion procedures;
IQR documentation; and
Preliminary Observations and Reports

[/toggle]

[/toggles]

Instructions

Use Assyst

The ECA’s audit documentation tool is Assyst and its use is mandatory for documenting an audit. Using Assyst for audit documentation facilitates quicker production of the clearing documents, and provides an audit trail for the purposes of audit documentation, thus ensuring quality, and an efficient adversarial procedure with the audited entity The use of standardised documents in Assyst is recommended as best practice. Auditors can consult the Assyst user manual and guidelines where also separate specific practical guidelines are available as regards data input in Assyst for SoA audits as well as for performance tasks and more.

Structure your audit file

Audit documentation should be gathered in an audit file. A standard structure in Assyst is recommended.

Reference audit documentation

A documentation referencing system should be in place that links the work done to the resultant findings. A simple 'trail of evidence' should exist, cross-referencing the audit findings to the evidence, prior to their submission to the reviewer/approver. For performance audits, the cross-reference could be supplemented by a short summary explaining how the audit methodology was employed, the nature and extent of evidence collected, and the analyses to which it was subjected. This summary could be in matrix form, grouped around each of the main findings. Key documents should be recorded and cross-referenced, including major decisions influencing the audit work and its management; key correspondence and other contact with the auditee; the main items of evidence, their sources and the analysis undertaken; and evidence of supervisory reviews. Each working paper should be clearly referenced.You may easily cross-reference your findings to any document in Assyst. Cross references in both directions should provide the origin and the destination of the information. All documented information that serves as audit evidence needs to be organised and filed properly according to its purpose. Each auditor is responsible for the proper documentation of the audit task for which they are responsible.

Prepare audit files in a timely manner

This helps in the review and evaluation of audit evidence obtained and conclusions drawn.

Document meetings

The auditor must prepare minutes for all meetings involving auditee staff that the auditor intends to rely on for evidence purposes. It is a matter of judgement as to whether a particular meeting will require minutes to be signed off by the auditee in order to improve its quality as evidence, as well as the extent of detail to be recorded. In many instances, a single note summarising the key points of several meetings is sufficient. However, it is recommended that the auditor, at the beginning of the audit, inform the auditee that the record of certain meetings might be used as audit evidence and that the approval of minutes by the auditee will be necessary in such cases.

Assemble the final audit file

The auditor should complete assembly of the final (current) audit file on a timely basis after the date of the auditor’s report. Information of a long-term nature which is useful for future audits should be kept in a permanent file which is updated regularly, while information on the audit in progress should be included in a current file.

Document additional audit procedures

If, in exceptional circumstances, after the date of the auditor’s report the auditor has to perform new or additional audit procedures or draw new conclusions, the auditor should document the circumstances encountered, the new additional audit procedures performed, audit evidence obtained, and conclusions reached and when and by whom the resulting changes to audit documentation were made and, reviewed.

Ensure confidentiality and data protection

Audit staff frequently has access to confidential personnel files or to information which is commercially or politically sensitive. Staff has both a duty under the Staff Regulations and an ethical responsibility to ensure that the confidentiality of such information is adequately protected. Furthermore, as a general rule, the ECA is only legally bound by documents that are formally and finally adopted by the College of Members. Documents leading to a formal adoption of a report or opinion by the ECA must be considered as being of a preparatory nature only and thus should be treated as “audit in confidence”. Data protection is a legal obligation that also applies to audit documentation. Every new treatment of personal data (collection, storage, calculation, copying, consultation, sorting, deleting, etc.) must be notified to the Data Protection Officer before the treatment starts. The notification must be done at the planning phase and, when it is a recurrent audit, such as the SoA audits, the notification need only be done at the first occurrence. For more details consult Data Protection Officer (DPO).

Follow the rules for public access to ECA documents

The ECA, like the other EU institutions has adopted rules relating to public access to documents. These rules set out how requests for information should be dealt with as well as a list of exceptions in which the general principle of free access to the documents of the ECA does not apply.

Handle suspected fraud with care

In cases of fraud and corruption, the ECA operates a strict “need to know” policy. As a consequence, this information should be communicated only to the ECA Members concerned and to those members of the ECA’s staff for whom it is absolutely essential in order for them to carry out their duties. Also, information and documentation relating to a case of

[link title="suspected%20fraud" link="%2Faware%2FGAP%2FPages%2FFraud.aspx%23Suspected-fraud" /]

should be handled with particular care and confidentiality.

Follow ownership rules

All working papers, documents obtained in accordance with the ECA’s rights of access from external sources and internal reports drawn up in the course of an audit, remain the property of the ECA. To guarantee the proper functioning of the ECA, all documents relating to an audit, regardless of their nature or their sources, must be placed on files that are accessible to the audit staff. Exceptions to the rule apply in the case of sensitive data such as cases of actual or suspected fraud.

Respect retention period

Follow the ECA retention policy. As a rule, audit documentation should be kept for at least seven years from the date of the audit. This means at least five years from the date on which the European Parliament grants discharge for the budgetary year to which the documents relate.

[icons-list icon-size="2" separator="line" icon-vertical-alignment="middle" vertical-alignment="middle"]

[/icons-list]

[/toc-this]

Which of the following documentation is not required for an audit in accordance with auditing standards?

Choice “D” is correct. The auditor is not required to evaluate operating effectiveness as part of obtaining an understanding of internal control, and therefore need not document the basis for this decision.

What are the documentation requirements for auditors?

Audit documentation should be prepared in sufficient detail to provide a clear understanding of its purpose, source, and the conclusions reached. Also, the documentation should be appropriately organized to provide a clear link to the significant findings or issues.

What is audit documentation in auditing?

Audit documentation is the principal record of auditing procedures applied, evidence obtained, and conclusions reached by the auditor in the engagement. The quantity, type, and content of audit documentation are matters of the auditor's professional judgment.