Annual Audit Manual

COPYRIGHT NOTICE — This document is intended for internal use. It cannot be distributed to or reproduced by third parties without prior written permission from the Copyright Coordinator for the Office of the Auditor General of Canada. This includes email, fax, mail and hand delivery, or use of any other method of distribution or reproduction. CPA Canada Handbook sections and excerpts are reproduced herein for your non-commercial use with the permission of The Chartered Professional Accountants of Canada (“CPA Canada”). These may not be modified, copied or distributed in any form as this would infringe CPA Canada’s copyright. Reproduced, with permission, from the CPA Canada Handbook, The Chartered Professional Accountants of Canada, Toronto, Canada.

202 Audit Program—Overview
Oct-2012

In This Section

Audit program overview diagram

Overview

This topic explains:

  • How the audit program is used to support an effective and efficient audit process

The following Overview diagram is designed to help you understand how the elements of OAG annual audit methodology fit together.

Audit program overview diagram

OAG Guidance

The Overview diagram below provides a high level illustration of the principal elements of the OAG annual audit methodology.  The diagram shows our focus on a top-down risk-based approach and gives a high level representation of both the auditor's thought process and its practical application.

Principle elements of the OAG annual audit methodology

View actual size

Image description

This chart shows the principle elements of the annual audit process.

At the top of the chart are 4 high-level steps:

  • Planning
  • Understand the business, assess risk, and determine audit strategy
  • Respond to risk and gather evidence
  • Finalize the audit

Under the Planning step are the following:

  • Acceptance and continuance
  • Terms of engagement
  • Solicitor-client privilege letter
  • Mobilize team
  • Assess independence
  • Required planning procedures

Under the next step, Understand the business, assess risk, and determine audit strategy, there is a grid representing the process to follow. The first row has “Understand the business including its internal control.” The second row contains “Determine materiality” and “Risk assessment analytics, followed by “Identify risks relevant to the audit whether due to fraud and/or error.” At the centre of these items is “Risk-based approach.” Under that section are 4 rows:

  • Assess the level of inherent risks, indicating normal and significant risks.
  • Establish audit strategy.
  • Identify and evaluate controls that mitigate assessed risks.
  • Begin audit plan.

Under the step, Respond to risk and gather evidence, there is a grid. The first row has “Record the combination of expected controls reliance and planned substantive evidence.” The second row has “Approve audit plan.” The third row is about determining the nature, timing, and extent of testing. It contains “perform tests of controls—high expected controls reliance” and “Perform tests of controls—none or partial expected controls reliance.” Under that section are 3 rows:

  • Substantive analytical procedures and/or tests of details
  • Update risk assessment and audit plan.
  • Perform other required procedures.

Under the last step, Finalize the audit, are the following:

  • Perform audit completion procedures.
  • Reference financial statements.
  • Issue our reports.
  • Debrief client.
  • Debrief team and assess performance.

At the base of the 4 high-level steps are 3 items that span the whole audit process:

  • Iterative review, team discussion, and consultation
  • Libraries support professional judgment.
  • Communicate with management or those in charge of governance.