5. Source of information
a. The audit documentation should indicate source of information:
i. Client records
ii. Client personnel
Related Accounts
One page of audit documentation may provide documentation for more than one account. Many balance sheet accounts are related to income statement accounts. In these circumstances, the audit work on the accounts should be documented in one page of audit documentation. Examples of related accounts are the following:
1. Notes receivable and interest income
2. Depreciable assets, depreciation expense, and accumulated depreciation
3. Prepaid expenses and the related income statement expenses, such as insurance, interest, and supplies
4. Long-term debt and interest expense
5. Deferred income taxes and income tax expense
Client Preparation of Audit Documentation
It is advisable to have the client's employees prepare as much as possible of the auditor's audit documentation. This increases the efficiency of the audit. The auditor should identify the audit documentation as “Prepared by the Client” (PBC) and note the auditor who reviewed the client-prepared audit documentation. The preparation of audit documentation by the client does not impair the auditor's independence. However, the auditor should test the information in client-prepared audit documentation.
Quality of Audit Documentation
Audit documentation aids the execution and supervision of the current year's engagement. Also, such documentation helps the auditor in planning and executing the following year's audit. Audit documentation also serves as the auditor's reference for answering questions from the client. For example, a bank or a credit agency may want information that the auditor can provide to the client for submission to the third party from the audit documentation.
In case of litigation against the client, the auditor's audit documentation may be subpoenaed. In litigation against the auditor, the audit documentation will be used as evidence. Therefore audit documentation should be accurate, complete, and understandable. After audit documentation is reviewed, additional work, if any, is done, and modifications are made to the audit documentation, superseded drafts, corrected documents, duplicate documents, and review notes, and all to-do points should be discarded because the issues they addressed have been appropriately responded to in the audit documentation. (AU-C 230.A6)
Likewise, miscellaneous notes, memoranda, e-mails, and other communications among members of the audit engagement team created during the audit should be included or summarized in the audit documentation when needed to identify issues or support audit conclusions; otherwise, they should be discarded. Any information added after completion of fieldwork should be dated at the date added.
Oral Explanations
Oral explanations on their own do not represent sufficient support for the work the auditor performed or conclusions the auditor reached but may be used by the auditor to clarify or explain information contained in the audit documentation. (AU-C 230.A7)
NOTE: For example, if the auditing standards state that the auditor should obtain an understanding of the entity's control environment, but there is no evidence that he or she obtained such an understanding, then the auditor cannot make a plausible claim that the understanding was obtained but just not documented.
Audit Documentation Deficiencies
Some of the more common audit documentation deficiencies are failure to:
1. Express a conclusion on the account being analyzed.
2. Explain exceptions noted.
3. Obtain sufficient information for note disclosure.
4. Reference information.
5. Update and revise permanent file.
6. Post adjusting and reclassification journal entries to appropriate audit documentation.
7. Indicate source of information.
8. Promptly review audit documentation prepared by assistants.
9. Sign or date audit documentation.
10. Foot client-prepared schedules.
11. Explain tick marks.
Documentation Requirements in Other Sections
Certain other sections require documentation of specific matters. These requirements are presented in Illustration 4 at the end of this chapter. In addition, other standards, such as government auditing standards, laws, or regulations, may also contain specific documentation requirements.
Interpretations
Providing Access to or Copies of Audit Documentation to a Regulator (Issued July 1994; Revised June 1996; Revised October 2000; Revised January 2002; Revised December 2005; Revised December 15, 2012)
A regulator may request access to an auditor's audit documentation to fulfill a quality review requirement or to assist in establishing the scope of a regulatory examination. In making the request, the regulator may ask to make photocopies and may also make such copies available to others. When regulators make a request for access, the auditor should:
1. Consider advising the client about the request and indicating that he or she intends to comply. In some cases the auditor may wish or be required to confirm in writing the requirements to provide access (see Illustration 1).
2. Make arrangements with the regulator for the review.
3. Maintain control over the original audit documentation.
4. Consider submitting a letter to the regulator (see Illustration 2).
5. Obtain the client's consent, preferably in writing, to provide access when not required to provide access (see Illustration 3).
AU-C Illustrations
Illustrations 1,2 and 3 are adapted from AICPA Interpretations of AU-230 (AU-C 9230).
1. An auditor's written communication to client when wishing to or required to provide access
2. An auditor's letter to a regulator
3. A written communication to the client when regulator may request access to audit documentation when not required by law or regulation
Illustration 4, which lists audit documentation requirements in other sections, is adapted from the application guidance in AU-C 230.
Illustration 1. Auditor's Written Communication to Client When the Auditor May Wish and in Some Cases May Be Required to Provide Access (Adapted from AU-C Interpretation AU-C 9230.1 and Footnote 4)
The audit documentation for this engagement is the property of Guy & Co. and constitutes confidential information. However, we may be requested to make certain audit documentation available to [name of regulator] pursuant to authority given to it by law or regulation. If requested, access to such audit documentation will be provided under the supervision of [name of auditor]. Furthermore, upon request, we may provide copies of selected audit documentation to [name of regulator]. The [name of regulator] may intend or may decide to distribute the copies of information contained therein to others, including other governmental agencies.
You have authorized Guy & Co. to allow [name of regulator] access to the audit documentation in the manner discussed above. Please confirm your agreement to the above by signing below and returning it [name of auditor, address].
Firm signature
_______________
Agreed and acknowledged:
_______________
[Name and title]
_______________
[Date]
Illustration