Journal entry testing is fundamental to financial audits, ensuring that transactions are properly recorded and financial statements remain free from material misstatement. Recognizing the significance of this process, the U.S. Public Company Accounting Oversight Board (PCAOB) has published the latest edition of “Audit Focus: Journal Entries,” which highlights key reminders for auditors from PCAOB standards related to the testing of journal entries.

This edition of Audit Focus provides the PCAOB staff’s perspective on common deficiencies identified in audit engagements. It also shares good practices observed in the field to help auditors enhance their procedures. The guidance emphasizes the importance of professional skepticism, the need to assess the risk of management override, and the effective use of data analytics and IT systems in journal entry testing.

A key standard referenced in the publication is PCAOB Auditing Standard (AS) 2401: Consideration of Fraud in a Financial Statement Audit, which mandates that auditors presume the risk of fraud in revenue recognition and evaluate whether journal entries are being used to manipulate financial results. The PCAOB highlights that management override of controls remains a significant audit risk and underscores the need for targeted testing of journal entries, particularly those recorded at period-end, those involving unusual accounts, and those bypassing normal approval processes.

To help auditors implement these principles effectively, here is an Auditor’s Checklist for Journal Entry Testing, incorporating insights from the PCAOB’s guidance, AS 2401 principles, and best practices to help auditors enhance the effectiveness of their procedures.

Auditor’s Checklist for Journal Entry Testing

Understand the Financial Reporting Environment

• Familiarize yourself with the client’s chart of accounts, journal entry workflows, and control processes.
• Identify accounts that are prone to misstatement or manipulation, such as revenue, reserves, and expense accruals.
• Evaluate how journal entries are initiated, posted, and approved within the IT system.
• Review the segregation of duties to ensure that no single individual has complete control over journal entries.

Conduct a Risk-Based Assessment

• Prioritize high-risk journal entries, including:
  • Manual adjustments that bypass automated controls.
  • Unusual account pairings (e.g., revenue credited to an expense account).
  • Large, round-dollar amounts that lack supporting documentation.
• Focus on journal entries created during high-risk periods, such as:
  • Month-end and year-end adjustments that significantly impact financial results.
  • Entries posted after regular business hours or on non-working days.
• Apply materiality thresholds to identify significant journal entries requiring further examination.
• Consider AS 2401’s requirement to assess fraud risks and evaluate whether management could be overriding controls.

Examine End-of-Period Adjustments

• Scrutinize adjustments made near financial close to detect potential earnings manipulation.
• Investigate journal entries with vague descriptions such as “adjustment” or “correction.”
• Confirm that all adjustments are backed by supporting documentation (e.g., invoices, reconciliations, contracts).
• Analyze backdated entries or those that bypass normal approval workflows.

Leverage Data Analytics

• Use data analytics tools like IDEA, ACL, or Excel to:
  • Identify trends, patterns, and anomalies in journal entries.
  • Detect duplicate transactions or irregular postings.
• Perform keyword analysis for terms like “override,” “adjustment,” or “correction.”
• Use visualization tools (e.g., Power BI, Tableau) to map out journal entry activity across different periods.

Evaluate IT and Control Systems

• Review user access logs to verify that only authorized personnel can create and approve journal entries.
• Test automated controls, including:
  • Posting limits to prevent unauthorized adjustments.
  • Validation checks that ensure entries align with predefined accounting policies.
• Confirm that audit trails capture all changes to journal entries, including timestamps and approvals.
• Cross-check IT system functionalities with fraud detection principles outlined in AS 2401.

Apply Professional Skepticism

• Investigate journal entries that lack clear explanations or supporting documentation.
• Scrutinize transactions that seem to artificially boost revenue or reduce expenses.
• Cross-verify management’s explanations with independent evidence such as external contracts or regulatory filings.
• Consider AS 2401’s fraud risk presumption and adapt testing procedures accordingly.

Communicate Findings

• Document anomalies and potential misstatements in the audit workpapers.
• Prepare a summary report highlighting key issues and their potential impact on financial reporting.
• Engage with management to discuss findings and corrective actions.
• Ensure that unresolved risks are addressed in the audit report and communicated to stakeholders.

Embrace Continuous Improvement

• Review prior audit reports to identify recurring journal entry risks.
• Stay updated on emerging risks and PCAOB guidance to refine audit procedures.
• Invest in advanced training and technology to enhance journal entry testing methodologies.

KNAV Comments

Journal entries are the building blocks of the financial reporting framework. Just as the integrity of a structure depends on the strength of its bricks, the reliability of financial statements hinges on the accuracy and validity of journal entries. The numbers presented in financial reports can only be manipulated if the underlying journal entries are misstated or improperly recorded.

Thus, the quality of journal entry testing is a defining factor in the overall quality of financial reporting. Auditors must apply professional skepticism and adopt a targeted, risk-based approach to assess high-risk entries and potential management override. With advancements in data analytics and automated controls, audit professionals have greater capability than ever to detect anomalies, uncover misstatements, and strengthen the audit process.

The PCAOB’s Audit Focus reinforces that effective journal entry testing is more than a compliance exercise—it is a safeguard against financial misreporting. By integrating regulatory guidance with evolving audit methodologies, auditors can enhance their procedures and provide greater assurance to stakeholders.