Listen to: "The Five Types of Testing Methods Used During Audit Procedures"

Summary

Regardless of the type of audit, professional auditors set out to discover facts and answer crucial questions. Audits of all kinds work best when applying certain industry-standard testing methods to help uncover those facts and answers to help improve business operations and instill greater trust with customers and any interested third parties. In many cases, it is also a matter of ensuring compliance for a regulation.

Type 2 Engagements for SOC 1 and SOC 2 Audits Require Their Share of Testing

Service organizations bear a great responsibility when working with clients to fulfill service needs while ensuring protection of certain aspects of the client’s business.

For the Type 2 portion of both the SOC 1 and the SOC 2 audits, walkthroughs and testing of the controls set up at the service organization. Testing is crucial to Type II engagements to give the auditor more information to form an opinion on the suitability of the design, as well as the operating effectiveness of controls during the specified period under review.

During either SOC Type 2 audit, the auditor walks through and tests each control objective or criteria with a specific type of testing method or procedure.

The Five Types of Testing Methods Used During Audit Procedures

There are five core testing methods that auditors use to confirm the facts and answers that a business wants to attain during an audit. The nature of these test methods focuses on everything from asking probing questions to inspecting documents and re-performing calculations.

Each testing method helps the auditor issue a well-informed opinion, based on evidence. Further, it provides the auditor with the information needed to provided qualified conclusions, whether the business is operating optimally and managing risks properly.

Following are the five types of testing methods used during audits.

  1. Inquiry
  2. Observation
  3. Examination or Inspection of Evidence
  4. Re-performance
  5. Computer Assisted Audit Technique (CAAT)

A graphic illustrating the 5 types of methods used during an audit

1. Inquiry

Inquiry is a fairly straightforward testing method wherein the auditors ask questions of the organization’s managers, accountants and any other key staff to help determine some relevant information. The auditor may ask about business processes and the appropriate recording of financial transactions to make sure the company is doing everything possible to avoid risks.

One example of inquiry commonly used is asking the business owner how the company’s financial records are stored. The auditor takes the responses into account—but does not accept the answers alone as confirmation—to establish additional testing criteria since this method is often used in conjunction with other, more reliable methods.

2. Observation

Another simple, basic and effective testing method involves an auditor’s observation of tasks, procedures and conditions. Management will declare that certain noted records have been appropriately secured in a locked drawer. Then, in order to verify that certain stated records have been securely stored in locked cabinets, the auditor will watch an employee unlock the specified drawer during normal daily activities and reveal the records. This testing method is most often used when there is no documentation of the operation of a control.

3. Examination or Inspection of Evidence

This testing method helps auditors determine whether manual controls are being consistently performed and properly documented. For example, an auditor may check to make sure that backups are scheduled to run on a regular basis. He or she will check to see if forms are being filled out correctly. Examination of evidence also includes the review of written documentation and records that might include visitor logs, employee manuals and system databases.

4. Re-performance

Re-performance is used when inquiry, observation, and physical examination and inspection have failed to provide the requisite assurance that a control is operating effectively. This method is also helpful in determining whether automated controls are operating effectively. It is the strongest type of testing to highlight the operating effectiveness of a control. Using this method, the auditor must manually execute the control in question, such as re-performing a calculation that is usually automated.

5. Computer Assisted Audit Technique (CAAT)

The CAAT method of testing is often used to analyze large volumes of data, but it can also be used to analyze every transaction, rather than just a sample of all performed transactions. There is a specially designed software used to perform a CAAT. The test can range from the use of a fairly simple spreadsheet to using highly specialized databases or additional software designed specifically for data analytics, such as IBM Analytics or Apache Hadoop.

Do You Need Assistance with any of the Five Test Methods for Your Upcoming Audit?

Do you need more information about any of the five test methods? Maybe you need some guidance on choosing the right method, or methods, for your organization. Our auditing team at I.S. Partners, LLC. is here and happy to clarify this important aspect of your upcoming audit.

We ensure that the audit testing procedures comply with the guidance laid out by the AICPA, which means the tests confirm design and operating effectiveness.

Call us at 215-675-1400, or send us a message if you have additional questions about SOC examinations and testing methods.

Author Picture

Request a Quote

Get hassle-free pricing in 3 easy steps:

  • Step 1: Send us a message
  • Step 2: Allow us to create a customized plan
  • Step 3: We’ll get you an accurate, no-obligation quote
[form_name]

Start Here

Request a Quote

Please fill out the fields below and one of our specialists will contact you shortly. Want to speak to us now? Call us at (866) 335-6235

Request a Quote (Keep)

I.S. Partners is serious about privacy. We will never share your information with third parties. Please read our Privacy Policy for more information.

Sending
I.S. Partners

Your choice regarding cookies on this site

This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. To find out more about the cookies we use, see our Privacy Policy.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference not to be tracked.