O'Reilly logo

Internal Control Audit and Compliance: Documentation and Testing Under the New COSO Framework by Lynford Graham

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER EIGHT

Evidence and Testing

GIVEN THE IMPORTANCE of testing in supporting assertions and objectives for controls, one would expect significant official guidance on such matters as the nature, timing, and extent of evidence gathering to meet the needs of the engagement or COSO project. However, the official guidance is somewhat scarce. COSO provides little concrete guidance on testing specifics, and while the Securities and Exchange Commission (SEC) and Public Company Accounting Oversight Board (PCAOB) identify some factors for scoping the assessment and testing, little concrete guidance is provided. The American Institute of Certified Public Accountants (AICPA) Audit and Accounting Guide Audit Sampling (AAG-S)1 does provide some guidance on sample sizes and benchmarks that are in use in current audit practice. While not officially authoritative for public company audits, the AAG was crafted to consider Sarbanes-Oxley (SOX) applications, public company practice and corporate needs for sample size guidance.

images SUFFICIENT EVIDENCE

A common inspection and peer review criticism of auditors is whether sufficient, appropriate evidence was obtained to support the degree of asserted reliance on the controls or on the overall assertions and accounts when considering all tests and procedures. This criticism can apply to all audits, public company or otherwise. While not publicly disclosed, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required