Question

Revenue is recognized when shipped. Based on shipping dates, total revenue for 2018 is $1,372,637. The audit team has set overall materiality at $13,000.

The total dollar volume of AR that was not approved was $13,726.

Would you classify the authorization control deficiency identified above as material weakness, control deficiency or significant deficiency?

Answer 1

As an Auditor before setting materiality we need to assess the internal controls of the entity which can be done by testing of controls for its effectiveness and effeciency. Then after we perform Combined risk assessment as follows

Inherent risk	rely on controls	doesnt rely on controls
low	minimal	moderate
high	low	high

When we rely on controls and the inherent risk is high then the overall audit is at low level as we plan materiality at lower levels , but if we have multiple transactions failing to provide audit evidence and the controls are ineffective after assessing the controls the we redraft our materiality levels and perform substantive audit procedures to obtain audit evidences.

In the given case , we should identify the overall audit risk from the above matrix first in order to satisfy that the set materiality levels are appropriate for the audit procedures. Here we have identified Authorisation control defeciency which will be considered as significan deficiency if we have relied on controls and we will perform all the substantive procedures to obtain audit evidence about the management Assertions to deteremine whether they has stated correctly or not. We even need to change our audit procedures if its classified as significant items as the overall audit risk will change once their is a detection of defect in controls.