Page 104 - Internal Auditing Standards
P. 104
Guide to Using International Standards on Auditing in the Audits of Small- and Medium-Sized Entities Volume 1—Core Concepts
Observation and inspection:
• Support the inquiries made of management and others; and
• Provide additional information about the entity and its environment.
Observation and inspection procedures ordinarily include a procedure and an application, as outlined in the
exhibit below.
Exhibit 8.6-1
Procedure Potential Application
Observation Consider observing:
• How the entity operates and is organized;
• Entity's premises and plant facilities;
• Management’s operating style and attitude toward internal control;
• Operation of various internal control procedures; and
• Compliance with key policies.
Inspection Consider inspecting documents such as:
• Business plans, strategies, and proposals;
• Industry studies and media reports on the entity;
• Major contracts and commitments;
• Regulations and correspondence with regulators;
• Correspondence with lawyers, bankers, and other stakeholders;
• Accounting policies and records;
• Internal control manuals;
• Reports prepared by management (such as performance data and interim
financial statements); and
• Other reports, such as minutes from meetings of those charged with
governance, reports from consultants, etc.
8.7 Design and Implementation of Internal Controls
Risk assessment procedures also include the procedures involved in evaluating the design and implementation
of relevant internal controls. These procedures are addressed in more detail in Volume 2, Chapter 11.
8.8 Other Sources of Information about Risks
Other procedures performed by the auditor may be used for risk assessment purposes. Some typical
examples are set out in the following exhibit.
102
