Should You Perform Audit Walkthroughs Annually?

Post 4 - Corroborating your understanding of controls

Audit walkthroughs, sometimes referred to as “cradle to grave” reviews of transaction cycles, are performed for significant transaction cycles and should be performed early in the audit process. The auditor starts at the beginning of a transaction cycle and walks a transaction completely through the accounting system while observing controls. Why? To see if controls exist and are in use–and ultimately, to identify risks.

audit walkthroughs

Picture from AdobeStock.com

Are Internal Control Walkthroughs Required?

How often is the auditor required to perform a walkthrough?

Answer: Once per year, if this is how you corroborate your understanding of the cycle. Walkthroughs are not required, but you do need to verify your understanding of the accounting system and related controls–and I can think of no better way.

Recently, I was asked, “If a walkthrough is not used, what else can I do?” While questionnaires can be used, there is a risk that key internal controls will be missed. What if the questionnaire doesn’t address a critical piece of the control structure? Walking a transaction through the accounting system and reviewing related controls ensures a full understanding.

AICPA Guidance Concerning Annual Walkthroughs

TIS Section 8200.12, as issued by the AICPA, states the following:

Inquiry—AU section 314 (now AU-C 315) requires the auditor to obtain an understanding of internal control. An auditor might perform walkthroughs to confirm his or her understanding of internal control. If the auditor decides to use walkthroughs to confirm his or her understanding of internal control, how often do walkthroughs need to occur?

Reply—In accordance with AU Section 314 (now AU-C 315), the auditor is required to obtain an understanding of internal control to evaluate the design of controls and to determine whether they have been implemented. To do that, performing a walkthrough would be a good practice. Accordingly, auditors might perform a walkthrough of significant accounting cycles every year [emphasis added].

Controls Documented in Prior Period

In some situations, AU-C section 315 allows the auditor to rely on audit evidence obtained in prior periods. In those situations, the auditor is required to perform audit procedures to establish the continued relevance of the audit evidence obtained in prior periods (for example, by performing a walkthrough). So, an auditor might perform walkthroughs every year to update his or her understanding. (I know the TIS says “might,” but it does appear the AICPA encourages annual walkthroughs.)

Summary Thoughts

Remember, a walkthrough is a risk assessment procedure. As such, it should be performed early in the audit–not as we are finalizing the work paper file. Identify risks and then create audit steps to respond.

Too many auditors see walkthroughs as “something we do because we have to,” rather than as procedures that inform the audit process. That’s why some auditors document walkthroughs at the end of the audit. 

Audits should be performed in the following order:

  1. Identify risk
  2. Assess risk
  3. Create an audit plan
  4. Execute the audit plan
  5. If necessary, revise the risk assessment and audit plan (if new risks are identified during step 4.)

Walkthroughs should be performed in step 1., not after step 4.

See my prior walkthrough posts:

Post 1 – Why Should Auditors Perform Audit Walkthroughs?

Post 2 – How to Identify Risks of Material Misstatements with Audit Walkthroughs

Post 3 – How to Document Audit Walkthroughs

Subscribe to the 4 Days of Walkthroughs

Subscribe to receive four emails explaining how to

use walkthroughs to identify risks in your audits

Powered by ConvertKit

Please note: I reserve the right to delete comments that are offensive or off-topic.

Leave a Reply

Your email address will not be published. Required fields are marked *

6 thoughts on “Should You Perform Audit Walkthroughs Annually?

  1. Charles
    Great article. One of the reasons for the walkthrough is that the ASB wanted us deeper into client internal controls. They wanted get us away from merely relying on verbal evidence, hence the “observation” provided by the walkthrough.