Information Produced by the Entity: Evaluation and Use in the Audit Process

By /

Information produced by the entity (IPE) refers to data, documents, and reports generated by an organization’s internal systems or personnel, which auditors use as part of the audit process. This information includes financial records, management reports, reconciliations, and other documentation that supports the financial statements. The International Standards on Auditing (ISA) 500, “Audit Evidence,” provides guidance on how auditors should evaluate the reliability and appropriateness of such information before using it as audit evidence. This article explores the nature of IPE, how auditors assess its reliability, and the role it plays in forming audit conclusions.

1. Understanding Information Produced by the Entity (IPE)

Information produced by the entity encompasses a wide range of internally generated documents and data that serve as critical sources of audit evidence. Proper evaluation of this information is essential for ensuring the accuracy and completeness of the financial statements.

A. Definition of Information Produced by the Entity

  • Internally Generated Data: IPE refers to financial and non-financial information generated by the entity’s accounting systems, management, or other internal processes.
  • Examples of IPE: General ledger entries, trial balances, bank reconciliations, aging schedules, inventory reports, internal control documentation, and management reports.

B. Role of IPE in the Audit Process

  • Supporting Financial Statement Assertions: IPE serves as the primary source of evidence for verifying the accuracy, completeness, and existence of financial statement items.
  • Facilitating Audit Procedures: Auditors rely on IPE to perform substantive procedures, analytical reviews, and control testing throughout the audit process.

2. Evaluating the Reliability of Information Produced by the Entity

Before relying on IPE as audit evidence, auditors must assess its reliability to ensure that it provides a sufficient and appropriate basis for forming audit conclusions. This evaluation involves considering the source, accuracy, and completeness of the information.

A. Factors Affecting the Reliability of IPE

  • Source of Information: Information generated by automated systems with strong internal controls is generally more reliable than manually prepared data.
  • Internal Controls Over Information: The effectiveness of the entity’s internal controls over financial reporting directly influences the reliability of IPE. Strong controls enhance reliability, while weak controls require additional audit procedures.
  • Complexity and Nature of Information: The more complex the information, such as estimates or forecasts, the greater the need for careful evaluation and corroboration with other evidence.

B. Procedures for Evaluating the Reliability of IPE

  • Testing Internal Controls: Auditors assess the design and operating effectiveness of controls over the preparation of IPE, such as authorization procedures, data input validation, and reconciliation processes.
  • Reconciliation to External Evidence: Whenever possible, auditors should reconcile IPE to independent external sources, such as bank statements, supplier invoices, or third-party confirmations.
  • Reviewing Documentation and Calculations: Auditors should examine the supporting documentation, check for mathematical accuracy, and ensure that the data is consistent with other audit evidence.

3. Types of Information Produced by the Entity and Their Use in Audits

IPE can be categorized based on its nature and the specific audit procedures it supports. Auditors use different types of IPE for substantive testing, analytical procedures, and control evaluations.

A. Financial Records and Reports

  • Description: Financial records, such as general ledgers, trial balances, and journal entries, provide the foundation for financial statement preparation.
  • Audit Use: Auditors use these records to verify the accuracy of financial statements, perform substantive testing, and identify potential misstatements.
  • Reliability Considerations: The reliability of financial records depends on the effectiveness of the entity’s accounting systems and internal controls.

B. Management Reports and Internal Documentation

  • Description: Management reports, such as variance analyses, budgeting reports, and internal audit findings, provide insights into the entity’s operations and financial performance.
  • Audit Use: Auditors use management reports for analytical procedures, risk assessments, and evaluating management’s estimates and judgments.
  • Reliability Considerations: The objectivity and accuracy of management reports must be carefully assessed, especially when they involve subjective estimates or assumptions.

C. Reconciliations and Schedules

  • Description: Reconciliations, such as bank reconciliations and accounts receivable aging schedules, help ensure that financial data is complete and accurate.
  • Audit Use: Auditors review reconciliations to verify that account balances agree with supporting documentation and external confirmations.
  • Reliability Considerations: The reliability of reconciliations depends on the accuracy of underlying data and the effectiveness of reconciliation controls.

D. Estimates and Forecasts

  • Description: Estimates, such as provisions for bad debts, warranty liabilities, and fair value measurements, involve management’s judgment and assumptions about future events.
  • Audit Use: Auditors evaluate the reasonableness of estimates by reviewing management’s assumptions, methodologies, and historical accuracy.
  • Reliability Considerations: The inherent uncertainty in estimates requires auditors to apply professional skepticism and seek corroborating evidence from independent sources.

4. Challenges and Risks in Using Information Produced by the Entity

While IPE is a critical source of audit evidence, relying on internally generated information presents certain challenges and risks that auditors must address to ensure audit quality.

A. Risk of Management Bias or Manipulation

  • Challenge: Management may have incentives to manipulate financial information to achieve desired financial results, especially in areas involving estimates or judgments.
  • Mitigation: Auditors should critically assess management’s assumptions, compare reported results to independent benchmarks, and perform additional procedures to detect potential bias.

B. Weaknesses in Internal Controls

  • Challenge: Weak internal controls over financial reporting increase the risk of errors or fraud in IPE, reducing its reliability as audit evidence.
  • Mitigation: Auditors should test the design and operating effectiveness of controls, and if controls are weak, they should increase substantive testing or seek corroborating evidence from external sources.

C. Complexity and Volume of Data

  • Challenge: Large volumes of complex data can make it difficult for auditors to identify errors, inconsistencies, or anomalies in IPE.
  • Mitigation: Auditors can use data analytics tools to analyze large datasets, identify patterns, and detect outliers or unusual transactions.

5. Best Practices for Auditors When Using Information Produced by the Entity

To ensure the reliability of IPE, auditors should follow best practices when evaluating, using, and documenting internally generated information.

A. Understand and Evaluate Internal Controls Over IPE

  • Assess Control Environment: Auditors should gain an understanding of the entity’s internal control environment, focusing on how information is generated, processed, and reviewed.
  • Test Control Effectiveness: Where appropriate, auditors should test the operating effectiveness of controls over data accuracy, authorization, and reconciliation processes.

B. Perform Substantive Procedures to Validate IPE

  • Reconcile to External Sources: Whenever possible, auditors should reconcile IPE to external documents, such as bank statements, third-party confirmations, or supplier invoices.
  • Perform Independent Calculations: Auditors should independently verify key calculations, such as depreciation schedules or interest expense computations, to ensure accuracy.

C. Apply Professional Skepticism and Judgment

  • Question Assumptions and Estimates: Auditors should critically assess management’s assumptions, particularly in areas involving significant judgment, such as fair value measurements or contingent liabilities.
  • Identify and Investigate Anomalies: Auditors should investigate any inconsistencies or unusual trends identified in IPE and seek corroborating evidence to resolve discrepancies.

D. Document the Evaluation and Use of IPE

  • Maintain Clear Audit Trails: Auditors should document the procedures performed to evaluate IPE, including the testing of controls, reconciliations to external evidence, and independent recalculations.
  • Comply with ISA 230 Requirements: Documentation should comply with ISA 230, “Audit Documentation,” ensuring that it is complete, accurate, and sufficient to support the auditor’s conclusions.

6. Examples of Using Information Produced by the Entity in Audit Procedures

Auditors use IPE in various stages of the audit process to support different financial statement assertions. The following examples illustrate how IPE is utilized in audits.

A. Substantive Testing of Account Balances

  • Example: Using the accounts receivable aging schedule produced by the entity to test the existence and valuation of receivables.
  • Audit Procedure: Reconcile the aging schedule to the general ledger, confirm balances with customers, and evaluate the adequacy of the allowance for doubtful accounts.

B. Analytical Procedures

  • Example: Analyzing monthly revenue reports to identify trends, fluctuations, or unusual patterns that may indicate misstatements.
  • Audit Procedure: Compare revenue trends to prior periods, budgeted amounts, and industry benchmarks to identify anomalies for further investigation.

C. Testing Internal Controls

  • Example: Evaluating the effectiveness of the entity’s bank reconciliation process to ensure that cash balances are accurately reported.
  • Audit Procedure: Test the preparation and review of bank reconciliations, verify reconciliations to bank statements, and review outstanding items for reasonableness.

The Importance of Evaluating Information Produced by the Entity in Audits

Information produced by the entity is a critical source of audit evidence, supporting the auditor’s conclusions about the accuracy and completeness of financial statements. However, auditors must carefully evaluate the reliability of this information by assessing internal controls, performing substantive procedures, and applying professional skepticism. Proper evaluation and documentation of IPE ensure that the audit evidence is sufficient and appropriate, contributing to the quality, credibility, and reliability of the audit process. Ultimately, the effective use of IPE helps auditors provide stakeholders with confidence in the integrity of financial reporting.

Scroll to Top