Why Should Auditors Perform Audit Walkthroughs?

Post 1 - Why are walkthroughs important and are they required?

Do you ever struggle with audit walkthroughs? Maybe you’re not sure what areas to review or how extensive your documentation should be. Possibly you’re not even sure how walkthroughs are helpful.

Audit Walkthroughs

Picture is from AdobeStock.com

I hear some auditors protest that professional standards don’t require walkthroughs. Right, but we have an obligation to annually corroborate the existence and use of controls, and I know of no better way to achieve this goal than walkthroughs.

What are Walkthroughs?

Walkthroughs are cradle-to-grave reviews of transaction cycles. You start at the beginning of a transaction cycle (usually a source document) and walk the transaction to the end (usually posting to the general ledger). The auditor is gaining an understanding the genesis of the transaction and then each movement through the accounting system.

As we perform the walkthrough, we also:

  • Make inquiries
  • Inspect documents
  • Make observations

By asking questions, inspecting documents, making observations, we are evaluating internal controls to see if there are weaknesses that would allow errors and fraud to occur. And audit standards do not permit the use of inquiries alone. Observations or inspections must occur.

Some auditors believe that audit walkthroughs (or documentation of controls for significant transaction cycles) are not necessary if the auditor is assessing control risk at high. This is not true. While the auditor can assess control risk at high, she must first gain an understanding of the cycle and the related controls. For more information, see my related post.

Why Audit Walkthroughs?

Accountants are often more comfortable with numbers than processes. We like things that “tie,” “foot,” or “balance.” We may not enjoy probing accounting systems for risk—it’s too touchy-feely. Even so, passing this responsibility off to lower staff is not a good choice. It’s too complicated and too important. So there’s no getting around it. The walkthrough—or something like it—must be done, especially if you are mid- to upper-level auditors. Why? You’re developing your audit plan. Screw up the plan, and you screw up the audit.

What is the purpose of the walkthrough? Identification of risk. Once you know the risks, you know where to audit.

Too often auditors do the same as last year (SALY). And why do we do this?

First, it requires no thinking.

Second, out of fear. We think, “if the audit plan was appropriate last year, why would it not be this year?” In short, we believe it’s safe. After all, the engagement partner developed this approach seven years ago. But is it safe?

Why SALY is Dangerous

Suppose the accounts payable clerk realizes he can create fictitious vendors without notice, and his scheme allows him to steal over $10 million over a four-year period.

The audit firm has performed the engagement year after year using the same approach. On the planning side, the fraud inquiry and internal control documentation look the same. Walkthroughs have not been performed in the last five years.

On the substantive side, the auditor ties the payables detail to the trial balance. He conducts a search for unrecorded liabilities. He inquires about other potential liabilities. All, as he has done for years. Even so, in this year alone, the payables clerk walks away with $3 million—and the audit firm doesn’t know it.

Processes matter. And—for the auditor—understanding those processes is imperative.

Why Walkthroughs?

I will say it again: we are looking for risk. Our audit opinion says that we examine the company’s internal controls to plan the audit. The opinion goes on to say that this review of controls is not performed to opine on the accounting system. So we are not testing to render an opinion on controls, but we are probing the accounting processes to identify weaknesses. And once we know where risks lie, we can focus in those areas.

Check Your Work Papers for Audit Walkthroughs

Pick an audit file or two and review your internal control documentation. Have you corroborated your understanding of the controls by inquiring, inspecting, and observing the significant transaction cycles? Again walkthroughs are not technically required, but the corroboration of controls is. The walkthrough process is an  effective way to achieve this objective.

Subscribe to the 4 Days of Walkthroughs

Subscribe to receive four emails explaining how to

use walkthroughs to identify risks in your audits

Powered by ConvertKit

Please note: I reserve the right to delete comments that are offensive or off-topic.

Leave a Reply

Your email address will not be published. Required fields are marked *

4 thoughts on “Why Should Auditors Perform Audit Walkthroughs?

  1. I’d be interested to know what other auditors do in lieu of walkthroughs. As you said, they are probably the most effective way to get an understanding of the controls, so those that don’t utilize them, what do they do?

  2. I fought my whole career to have experienced people do walk throughs. Usually to no avail you have all my support they are important.

    • Lawrence, I fully understand your use of the word “fought.” This seems to be the hardest thing to get auditors to do, but maybe one of the more important steps we can take in the audit process.