The Audit Experience AS/2

Performance SupportPreparing Audit

Documentation
The information in this performance support is provided to help you prepare audit documentation
for all of your audit work throughout the engagementfrom planning and controls to substantive
procedures. This document discusses the importance of why all work needs to be documented,
details what to document in your working papers, defines review notes, provides guidance and
procedures for clearing review notes, and tips on how to safeguard your audit documentation.
This performance support will cover the following topics (click on a link to go to the topic):
WHY DO YOU DOCUMENT YOUR WORK?
WHAT NEEDS TO BE DOCUMENTED?
o Details of Work Performed Illustration
o Referencing and Symbol Illustration
o Tickmark Worksheet Illustration
WHAT IS A REVIEW NOTE AND HOW DO I DEALWITH IT?
o Review Note IllustrationTemplate
o Review Note IllustrationExcel
WHAT DOES IT MEAN TO SAFEGUARD MY AUDIT DOCUMENTATION?
WHY DO YOU DOCUMENT YOUR WORK?
Documentation is a key part of our audit; it provides support for the audit opinion given on the
financial statements and is evidence of the work we have done. Our documentation should be
detailed enough to enable an experienced auditor, having no previous connection with the audit,
to understand the nature, timing, and extent of the audit procedures performed, the results of the
audit procedures performed, the audit evidence obtained, any significant matters arising during
the audit, and conclusions reached.
If you do not document your work properly, then the audit field senior or audit manager may
think that you have not understood your assignment or have not completed the audit procedures.
Proper documentation will also help to reduce the amount of review notes (review notes are
described later in this performance support) you receive, as your work will be easier to follow,
and you will not have to spend time amending poor documentation. Documentation prepared at
the time the work is performed is likely to be more accurate than documentation prepared
subsequently, therefore audit documentation should be prepared on a timely basis.

2000-2012 Deloitte Global Services LimitedPartners in Learning

The Audit Experience AS/2

The regulatory environment has become more rigorous over time, with the auditing standards we
need to comply with becoming stricter. Proper and timely documentation of the work performed
is the best way to demonstrate compliance with these regulations and standards.
A common view to documentation is if its not documented, its not done.
For further information, refer to the Audit Approach Manual (AAM) P020: Prepare and Control
Audit Documentation and P040: Review of Audit Documentation.
WHAT NEEDS TO BE DOCUMENTED?
Audit documentation is the record of audit procedures performed, relevant audit evidence
obtained, and conclusions the auditor reached (terms such as working papers or workpapers
are also sometimes used. The term refers to both electronic (Word, Excel, AS/2 documents) and
manual (hard copy paper) documents. The terms working papers or workpapers are also
sometimes used.
Your audit documentation would typically include the following:
Identify the audit engagement. This means stating the entity name and period end (e.g.,
XYZ Company, year ended December 31, 2012).
Who performed the work
Audit documentation needs to have a preparer signoff. This means that any review notes
on the work can be directed to the appropriate person, even if the audit fieldwork has
been finished.
You will also need to sign off the detailed audit procedure(s) in the Risk Assessment and
Audit Plan (RAAP) and Model Audit Program (MAP), including references to the audit
documentation where the testing was performed.
When you sign off on a working paper within AS/2, you also need to update the header
and footer to ensure the signoff is updated in the document. You can update the headers
and footers for all documents at once using the AS/2 Document Manager button. Click
on Refresh Documents and select Update headers and footers.
When the work was performed
The date the work was performed will allow the reviewer to establish a timeline for the
audit. If audit work is done in stages (e.g., partial testing at interim and completion of
testing of the risks at year-end), or if subsequent events occur, it will be clear when the
initial work was performed and what evidence was available at that time. This is
especially important if there is more than one audit visit, or if an audit takes place over
several months.

2000-2012 Deloitte Global Services LimitedPartners in Learning

The Audit Experience AS/2

o For example, you have performed audit procedures for the inventory balance at the
year-end on 31 December, attending the entitys inventory count and found no errors.
Two weeks later, the warehouse burns down and the entire inventory is destroyed. By
dating your work, the field senior can tell that it was performed before the fire and
thus needs to be updated for this subsequent event.
Details of the work performed
The audit documentation should also state the risk that is being addressed, the audit
procedures performed, and the results of the audit testing performed on the identified
risks. The substantive procedures to perform can be found in the Model Audit Programs,
both regarding test of controls and substantive procedures to address the risks identified.
Click on the link (by holding down the Ctrl key) to be taken to Details of Work
Performed Illustration.
A key/legend to any symbols/highlighting used in the audit documentation.
A key/legend at the bottom of the audit documentation or in the tickmark sheet will
explain the meaning of any symbols or highlighting used. Even if a symbol/highlighting
seem obvious (such as ^ symbol to show that the numbers add up correctly) you need
to explain what it means. You should ask your field senior if there any common symbols
that you should use.
Click on the link (by holding down the Ctrl key) to be taken to Referencing and Symbol
Illustration.
Referencing the work performed. All work performed should be cross referenced to and
from any other audit documentation that it supports, or is supported by.
o Referencing is a top-down approach.
o First, reference from the general ledger (top) to the leadsheet (down). It is essential
that the leadsheet matches the general ledger because, as auditors, we provide an
opinion on the financial statements produced from the general ledger.
o Then, reference from the leadsheet (top) to the audit documentation (down) where we
are performing our audit procedures. The audit documentation where we document
our testing should be referenced, finally, to any supporting documentation included in
the audit file.
o Referencing and cross referencing should be done in red so that it is clear to see.
Manual (i.e., hard copies of audit documentation or working papers) should be denoted
with an M.
Cross-reference all audit documentation.

2000-2012 Deloitte Global Services LimitedPartners in Learning

The Audit Experience AS/2

Wherever you have referenced to, that audit documentation should show a reference
from, bringing you back to the original audit documentation. This means that whatever
audit documentation the field senior reviews, they will be able to find all of the linked
documentation.
For example: If the Nat West bank reconciliation is put on file and is given 5114 as its
audit documentation reference number, the period-end balance should be referenced TO
the cash leadsheet on audit documentation 5110. Likewise, the Nat West balance listed
on the cash leadsheet (audit documentation 5110) must also show a reference FROM the
Nat West bank reconciliation audit documentation 5114. This way, whether looking at
the bank reconciliation or at the cash leadsheet, the reviewer will be able to find the other
piece of information.
As mentioned above, you must also fill in the relevant SAS documents (e.g., MAP) for
the tests performed and reference to the audit documentation where you have documented
the audit work performed to address the risks.
Click on the link (by holding down the Ctrl key) to be taken to Referencing and Symbol
Illustration.
Link the audit documentation where you have performed testing of risks to further
information needed to support the work performed.
If there is too much information to put on the face of a working paper then it should be
put in a tickmark. Tickmarks are used to provide additional context and/or support for
information contained in a Working Paper or within an engagement item. A tickmark is a
reference to a separate worksheet within the audit documentation where more details are
given. This is to prevent the leadsheet and document, where testing is performed, from
becoming too crowded with information, allowing the reviewer to see all of the pertinent
information on the main working paper, such as what work was done and the results of
the testing to address the risks of material misstatement. The reviewer can then go to the
tickmark worksheet to see further details; usually found as the last worksheet within the
audit documentation.
A tickmark reference should be put next to the information that needs further explanation.
This clearly identifies what work was performed relative to the specific information,
prevents reviewer confusion of what the tickmark is referring to, and allows for clean,
easy-to-read audit documentation.
Some member firms have guidelines for the type of information that should or should not
be included in a tickmark, such as, details of errors found. Some member firms prefer to
have this documented in the working paper so they can easily identify errors found.
Check with your member firm on preferences in documentation.

2000-2012 Deloitte Global Services LimitedPartners in Learning

The Audit Experience AS/2

o Click on the link (by holding down the Ctrl key) to be taken to Tickmark Worksheet
Illustration.
Each field senior may have different preferences for how work is documented and therefore it is
important to check with your field senior before starting any work.
For additional guidance on what needs to be documented, refer to the following:
Performance SupportUsing the Model Audit Program
Performance SupportWorking with AS/2
AAM - P020: Prepare and Control Audit Documentation and P040: Review of Audit
Documentation

2000-2012 Deloitte Global Services LimitedPartners in Learning

The Audit Experience AS/2

Details of Work Performed Illustration

2000-2012 Deloitte Global Services LimitedPartners in Learning

The Audit Experience AS/2

Referencing and Symbol Illustration

2000-2012 Deloitte Global Services LimitedPartners in Learning

The Audit Experience AS/2

2000-2012 Deloitte Global Services LimitedPartners in Learning

The Audit Experience AS/2

Tickmark Worksheet Illustration

Per Details of Work

Performed Illustration,
these are the tickmark s
referenced on the working
paper

This information is too detailed to include on

the face of the working paper, therefore we
document the details in tickmarks shown
here.

Any result, misstatement, identified etc.

should be documented in the main working
paper. Further detail can still be in the

Any unused tickmarks should be left blank and any information in old tickmarks should
be deleted and the tickmark left blank. For example, if there is existing information for the
prior period, that is no longer applicable or incorrect in the current period, you should
either delete the old information and leave the tickmark blank or update the information
for current period.

WHAT IS A REVIEW NOTE AND HOW DO I DEAL WITH IT?

A review note is a tool used by reviewers to comment on your audit documentation. These will
be raised by your field senior, audit manager, and/or engagement partner throughout the audit
and are comments you must address.
Review notes can cover all kind of points, from asking you to expand on an explanation you
documented to asking you to increase your sample size and do additional testing. You can also
raise review notes as reminders for yourself or for other team members if you have not
completed your audit section before your last day on the engagement.
Review notes may be raised in different ways:
1) Using the Review Note Template working paper:

2000-2012 Deloitte Global Services LimitedPartners in Learning

The Audit Experience AS/2

Review Note Templatethis is a Word template within AS/2. Reviewers may use this
template for leaving queries on SAS documents and manual audit documentation as a
review note cannot be created directly in these documents. That does not mean the
reviewer will not use this template for Word and Excel files as well.
2) Word and Excel electronic review notes using AS/2 Tools:
Word and Excel review noteselectronic review notes created using AS/2 Tools within
Word and Excel. Reviewers may use this method to attach their comment directly to the
audit work about which they have a comment.
3) Manual hand written review note document (occasionally used).
Click on the link (by holding down the Ctrl key) to be taken to Review Note Illustration
Template or Review Note IllustrationExcel
See below for some general dos and do nots of review notes:
a

When you receive your reviewed audit documentation, read all the review notes first.
If you have any questions about any of them, make sure you talk to the reviewer
before attempting to answer them.

Review notes need to be cleared in the audit documentation and not in the actual
review note. This is because at the end of the audit, all review notes are removed
from the file. Thus, if the audit work is included in the review note, it will be lost.

For example, the field senior may leave a review note asking you to document the
entity staff with whom you spoke, and when you spoke with them. During
completion of your testing, you would document this in the audit documentation. In
the review note, you would write that you had updated the audit documentation as
asked.

When you clear a review note, you should put your initials and a short comment on
the work you have done to address the comment in the review note. This allows the
reviewer to see quickly what additional work you have done without re-reviewing all
of the audit documentation.

You must clear all review notes on your work prior to the issuing of the audit report.
These could be from your field senior, audit manager, or audit engagement partner.

You should never delete a review note raised by someone else unless you have been
specifically asked to do so. Reviewers will delete a review note once they are
satisfied that it has been addressed appropriately.

For more information on Review note template and Excel review notes, refer to Performance
SupportWorking with AS/2.

2000-2012 Deloitte Global Services LimitedPartners in Learning

10

The Audit Experience AS/2

Review Note Illustration- Template

Review Note IllustrationExcel

2000-2012 Deloitte Global Services LimitedPartners in Learning

11

The Audit Experience AS/2

WHAT DOES IT MEAN TO SAFEGUARD MY AUDIT DOCUMENTATION?
As audit documentation is the evidence of your audit testing to address the risks identified, you
need to ensure that it is not lost or compromised.
Listed below are some basic safeguarding measures:
All of your audit documentation must be backed up at the end of each day to ensure that,
if anything should happen to your laptop, or if you are unexpectedly unable to come into
work the next day, your progress to-date will not be lost.
Your audit documentation may be backed up with the entire AS/2 file by your field
senior, or you can transfer your files to a USB stick. However, make sure that you do not
keep your USB stick and laptop in the same place. If one goes missing, then the backup
will be missing as well!
If using a USB stick to transfer/backup information, make sure that it is password
protected. This way, if anything is on the USB stick when you transfer information, or if
the USB stick is lost, no one other than yourself can access this information.
Never leave your laptop unattended without locking it up first; this includes both
physically locking down the equipment and electronically locking the screen. You must
follow the firms security policies at all times; ask your field senior if you are unsure as to
what they are.
Do not leave your working papers or entity documents visible when you leave the audit
room (e.g., when going for lunch). Entity staff could come into the audit room and catch
sight of some confidential information, such as the entitys payroll report.

2000-2012 Deloitte Global Services LimitedPartners in Learning

12

The Audit Experience AS/2

Note that this performance support does not replace the AAM. It should be read in conjunction
with the applicable AAM topics, as the manual states the requirements of our audit approach and
it provides further guidance.

2000-2012 Deloitte Global Services LimitedPartners in Learning

13