You can identify risks of material misstatement with audit planning analytics.
Audit Planning Analytics
The auditing standards provide four risk assessment procedures:
- Analytical procedures
I previously provided you with information about the first three risk assessment procedures. Today, I provide you with the fourth, analytical procedures.
While analytical procedures should occur at the beginning and the end of an audit, this post focuses on planning analytics.
Below I provide the quickest and best way to develop audit planning analytics.
What are Analytics?
If you're not an auditor, you may be wondering, "what are analytics?" Think of analytics as the use of numbers to determine reasonableness. For example, if a company's cash balance at December 31, 2017, was $100 million, is it reasonable for the account to be $5 million at December 31, 2018? Comparisons such as this one assist auditors in their search for errors and fraud.
Overview of this Post
We'll cover the following:
- The purpose of planning analytics
- When to create planning analytics (at what stage of the audit)
- Developing expectations
- The best types of planning analytics
- How to document planning analytics
- Developing conclusions
- Linkage to the audit plan
Purpose of Planning Analytics
The purpose of planning analytics is to identify risks of material misstatement. Your goal as an auditor is to render an opinion regarding the fairness of the financial statements. So, like a good sleuth, you are surveying the accounting landscape to see if material misstatements exist.
A detective investigates a crime scene using various tools: fingerprints, forensic tests, interviews, timelines. Auditors have their own tools: inquiry, observation, inspection, analytical procedures. Sherlock Holmes looks for the culprit. The auditor (and I know this isn't as sexy) looks for material misstatements.
The detective and the auditor are both looking for the same thing: evidence. And the deft use of tools can lead to success. A key instrument (procedure) available to auditors is planning analytics.
When to Create Planning Analytics
Create your preliminary analytics after gaining an understanding of the entity. Why? Context determines reasonableness of numbers. And without context (your understanding of the entity), changes in numbers from one year to the next may not look like a red flag--though maybe they should.
Therefore, learn about the entity first. Are there competitive pressures? What are the company's objectives? Are there cash flow issues? What is the normal profit margin percentage? Does the organization have debt? Context creates meaning.
Additionally, create your comparisons of numbers prior to creating your risk assessments. After all, the purpose of the analytical comparisons is to identify risk.
But before creating your planning analytics, you first need to know what to expect.
Knowing what to expect provides a basis for understanding the changes in numbers from year to year.
Expectations can include:
- Increases in numbers
- Decrease in numbers
- Stable numbers (no significant change)
In other words, you can have reasons to believe payroll (for example) will increase or decrease. Or you might anticipate that salaries will remain similar to last year.
Examples of Expectations Not Met
Do you expect sales to decrease 5% based on decreases in the last two years? If yes, then an increase of 15% is a flashing light.
Or maybe you expect sales to remain about the same as last year? Then a 19% increase might be an indication of financial statement fraud.
But where does an auditor obtain expectations?
Sources of Expectations
Expectations of changes can come from (for example):
- Past changes in numbers
- Discussions with management about current year operations
- Reading the company minutes
- Staffing reductions
- Non-financial statistics (e.g., decrease the number of widgets sold)
- A major construction project
While you'll seldom know about all potential changes (and that's not the goal), information--such as that above--will help you intuit whether change (or a lack of change) in an account balance is a risk indicator.
Now, let's discuss the best types of planning analytics.
The Best Types of Planning Analytics
Auditing standards don't specify what types of planning analytics to use. But some, in my opinion, are better than others. Here's my suggested approach (for most engagements).
First, create your planning analytics at the financial statement reporting level. Why? Well, that's what the financial statement reader sees. So, why not use this level (if you can)? (There is one exception in regard to revenues. See Analytics for Fraudulent Revenue Recognition below.)
The purpose of planning analytics is to ferret out unexpected change. Using more granular information (e.g., trial balance) muddies the water. Why? There's too much information. You might have three hundred accounts in the trial balance and only fifty at the financial statement level. Chasing down trial-balance-level changes can be a waste of time. At least, that's the way I look at it.
Second, add any key industry ratios tracked by management and those charged with governance. Often, you include these numbers in your exit conference with the board (maybe in a slide presentation). If those ratios are important at the end of an audit, then they're probably important in the beginning.
Examples of key industry ratios include:
- Inventory turnover
- Return on equity
- Days cash on hand
- Gross profit
Okay, so we know what analytics to create, but how should we document them?
Analytics for Fraudulent Revenue Recognition
AU-C 240.22 says, "the auditor should evaluate whether unusual or unexpected relationships that have been identified indicate risks of material misstatement due to fraud. To the extent not already included, the analytical procedures, and evaluation thereof, should include procedures relating to revenue accounts."
The auditing standards suggest a more detailed form of analytics for revenues. AU-C 240.A25 offers the following:
- a comparison of sales volume, as determined from recorded revenue amounts, with production capacity. An excess of sales volume over production capacity may be indicative of recording fictitious sales.
- a trend analysis of revenues by month and sales returns by month, during and shortly after the reporting period. This may indicate the existence of undisclosed side agreements with customers involving the return of goods, which, if known, would preclude revenue recognition.
- a trend analysis of sales by month compared with units shipped. This may identify a material misstatement of recorded revenues.
In light of these suggested procedures, it may be prudent to create revenue analytics at a more granular level than that shown in the financial statements.
How to Document Planning Analytics
Here are my suggestions for documenting your planning analytics.
- Document overall expectations.
- Include comparisons of prior-year/current-year numbers at the financial statement level. (You might also include multiple prior year comparisons if you have that information.)
- Document key industry ratio comparisons.
- Summarize your conclusions. Are there indicators of increased risks of material misstatement? Is yes, say so. If no, say so.
Once you create your conclusions, place any identified risks on your summary risk assessment work paper (where you assess risk at the transaction level--e.g., inventory).
Use Filtered Analytical Reports with Caution (if at all)
Some auditors use filtered trial balance reports for their analytics. For instance, all accounts with changes of greater than $30,000. There is a danger in using such thresholds.
What if you expect a change in sales of 20% (approximately $200,000) but your filters include:
- all accounts with changes greater than $50,000, and
- all accounts with changes of more than 15%
If sales remain constant, then this risk of material misstatement (you expected change of 20%, but it did not happen) fails to appear in the filtered report. The filters remove the sales account because the change was minimal. Now, the risk may go undetected.
I am a believer in documenting conclusions on key work papers. So, how do I develop those conclusions? And what does a conclusion look like on a planning analytics work paper?
First, develop your conclusions. How? Scan the comparisons of prior year/current year numbers and ratios. We use our expectations to make judgments concerning the appropriateness of changes and of numbers that remain stable. Remember this is a judgment, so, there's no formula for this.
No Risk Identified
Now, you'll document your conclusions. But what if there are no unexpected changes? You expected the numbers to move in the manner they did. Then no identified risk is present. Your conclusion will read, (for example):
Conclusion: I reviewed the changes in the accounts and noted no unexpected changes. Based on the planning analytics, no risks of material misstatement were noted.
Alternatively, you might see unexpected changes. You thought certain numbers would remain constant, but they moved significantly. Or you expected material changes to occur, but they did not. Again, document your conclusion. For example:
Conclusion: I expected payroll to remain constant since the company's workforce stayed at approximately 425 people. Payroll expenses increased, however, by 15% (almost $3.8 million). I am placing this risk of material misstatement on the summary risk assessment work paper at 0360 and will create audit steps to address the risk.
Now, it's time to place the identified risks (if there are any) on your summary risk assessment form.
Linkage to the Audit Plan
I summarize all risks of material misstatements on my summary risk assessment form. These risks might come from walkthroughs, planning analytics or other risk assessment procedures. Regardless, I want all of the identified risks--those discovered in the risk assessment process--in one place.
The final step in the audit risk assessment process is to link your identified risks to your audit program.
Overview of Risk Assessment and Linkage
Now, I tailor my audit program to address the risks. Tailoring the audit program to respond to identified risks is known as linkage.
Audit standards call for the following risk assessment process:
- Risk assessment procedures (e.g., planning analytics)
- Identification of the risks of material misstatement
- Creation of audit steps to respond to the identified risks (linkage)
Summary of Planning Analytics Considerations
So, now you know how to use planning analytics to search for risks of material misstatement--and how this powerful tool impacts your audit plan.
Let's summarize what we've covered:
- Planning analytics are created for the purpose of identifying risks of material misstatement
- Develop your expectations before creating your planning analytics (learn about the entity's operations and objectives; review past changes in numbers for context--assuming you've performed the audit in prior years)
- Create analytics at the financial statement level, if possible
- Use key industry ratios
- Conclude about whether risks of material misstatement are present
- Link your identified risks of material misstatement to your audit program
If you have thoughts or questions about this post, please let me know below in the comments box. Thanks for reading.
First-Year Businesses and Planning Analytics
You may be wondering, "but what if I my client is new?" New entities don't have prior numbers. So, how can you create planning analytics?
One option is to compute expected numbers using non-financial information. Then compare the calculated numbers to the general ledger to search for unexpected variances.
A second option is to calculate ratios common to the entity’s industry and compare the results to industry benchmarks.
While industry analytics can be computed, I’m not sure how useful they are for a new company. An infant company often does not generate numbers comparable to more mature entities. But we’ll keep this choice in our quiver--just in case.
A more useful option is the third: comparing intraperiod numbers.
Discuss the expected monthly or quarterly revenue trends with the client before you examine the accounting records. The warehouse foreman might say, “We shipped almost nothing the first six months. Then things caught fire. My head was spinning the last half of the year.” Does the general ledger reflect this story? Did revenues and costs of goods sold significantly increase in the latter half of the year?
The last option we’ve listed is a review of the budgetary comparisons. Some entities, such as governments, lend themselves to this alternative. Others, not so–those that don’t adopt budgets.
So, yes, it is possible to create useful risk assessment analytics–even for a first-year company.