Ringkasan Audit 1

Disusun oleh : Muhammad Firman (Akuntansi FE UI 2012)
PENGAUDITAN I
CHAPTER 1  Is it managed properly?
International Auditing Overview  Is there integrity in its database?
 Do directors have proper and adequate information
to make decisions?
 Are there adequate controls?
Early Accounting  What effect do the company’s products and by-
The first stage of bookkeeping specific economic items were products have on the environment?
represented by tokens .There was a specific token for
sheep, another for wine, another for a day's work, International Financial Reporting Standards
etc.Around 3000 BC the second stage of recording International Financial Reporting Standards (IFRS) are the
economic activities began to develop. Scribes began to standards that are applied for financial accounting.
utilize a more complex system of notation, in which tokens  Now used by all foreign registered SEC firms
were replaced by pictographs on wet clay using a reed  IFRS were formerly called International on
stylus. Accounting Standards (IAS)
Historical background The International Accounting Standards Board (IASB) has
Records of auditing activity in cuneiform in early accounting standard setting responsibilities for IFRS.
Mesopotamian times (around 3,000 BCE). Ancient China,  The EU has agreed to apply most of the IFRS from
Greece and Rome. The Latin meaning of the word 'auditor' 2005.
was a 'hearer or listener' because in Rome auditors heard  US to apply to foreign firms now and all SEC traded
taxpayers, Modern auditing dates to beginning of the in the future
modern corporation
Auditing Standards and Regulation are Rapidly Changing
Brief history of auditing
The attitude of profit maximization from end middle ages - Jurisdictions Using Clarified ISAs Already, or Committed to
merchant houses in Italy.Double-entry bookkeeping was Using Them in the Near Future (86) :
first described in Italy (Pacioli 1496).Industrial Revolution
Great- Britain 1780 lead to the emergence of large industrial Europe (33): Albania, Armenia, Belgium, Bulgaria, Croatia,
companies. 1853 the Society of Accountants in Edinburgh Cyprus, Czech Republic, Denmark, Estonia, Finland,
was founded. France (Experts Comptables), Georgia, Greece, Hungary,
The Auditor, Corporations and Financial Information Iceland, Ireland, Kosovo, Latvia, Lithuania, Luxembourg,
Investors and creditors may have different objectives than Malta, Moldova, Netherlands, Norway, Romania, Serbia,
management (e.g., management prefers higher salaries and Slovakia, Slovenia, Sweden, Switzerland, Turkey, Ukraine,
benefits (expenses), whereas investors wish higher profits United Kingdom
and dividends). Investors and creditors must depend on fair
reporting of the financial statements. To give them Americas (17): Argentina, Bahamas, Barbados, Brazil,
confidence in the financial statements, an auditor provides Canada, Cayman Islands, Chile, Costa Rica, El Salvador,
an independent and expert opinion on the fairness of the Guyana, Jamaica, Mexico, Panama, Puerto Rico (private
reports, called an audit opinion. companies), Trinidad and Tobago, Uruguay, USA (private
companies)
The financial statements are the responsibility of
management and the auditor’s responsibility is to lend Asia Pacific (18): Australia, Bangladesh, China, Hong Kong,
them credibility. By the audit process, the auditor enhances India, Indonesia, Japan, Kazakhstan, Malaysia, Mongolia,
the usefulness and the value of the financial statements, Nepal, New Zealand, Pakistan, Philippines, Singapore, South
but he also increases the credibility of other non-audited Korea, Sri Lanka, Thailand
information released by management.
Africa/Middle East (18): Botswana, Ghana, Kenya, Lebanon,
The Expectations of Auditors Lesotho, Malawi, Mauritius, Namibia, Rwanda, Sierra Leone,
The importance of the company as a potential generator of South Africa, Swaziland, Tanzania, Tunisia, Uganda, United
wealth is increasingly understood, and so is the impact that Arab Emirates (Abu Dhabi and Dubai), Zambia, Zimbabwe
a company’s activities have on society and the environment.
Public expectations go further and include questions such
as: US GAAS for private companis and ISA now the same
As part of the redrafting, the US Audit Standards Board
 Is the company a going concern? converged the clarified standards with those issued by the
 Is it free of fraud? International Auditing and Assurance Standards Board. All
but one of the new standards are effective for engagements
beginning on or after Dec. 15, 2012.
M a t a k u l i a h l a i n y a n g b e l u m a d a d i P D F i n i a k a n s a y a u p d a t e d i www. a k u n t a n s i d a n b i s n i s . wo rd p re s s . c o m
Contac t me : muhammad.f irman177@gmail.com /@f irmanmhmd (Line) 781
PE1
International Auditing and Assurance Standards Board 600 Special Considerations - Audits of Group Financial
(IAASB) Issues: Statements (including the work of a competent auditor)
1. International Standards on Auditing (ISAs) as the 610 Using the Work of Internal Auditors
standards to be applied by auditors in reporting on 620 Using the Work of an Auditor’s Expert
historical financial information. 700-799 Audit Conclusions And Reporting
2. International Standards on Assurance Engagements 700 Forming an Opinion and Reporting on Financial
(ISAEs) as the standards to be applied by Statements
practitioners in assurance engagements dealing
with information other than historical financial 705 Modifications to the Opinion in the Independent
information Auditor’s Report
3. International Standards on Quality Control (ISQCs) 706 Emphasis of Matter Paragraphs and Other Matter
as the standards to be applied for all services falling Paragraphs in the Independent Auditor's Report
under the Standards of the IAASB, and 710 Comparative Information-Corresponding Figures and
4. International Standards on Related Services (ISRSs) Comparative Financial Statements
as the standards to be applied on related services, 720 The Auditor’s Responsibilities Relating to Other
as it considers appropriate Information in Documents Containing Audited Financial
5. International Standards on Review Engagements Statements
(ISREs) as the standards to be applied to the review
of historical financial information. 800-899 Specialized Areas
800 Special Considerations-Audits of Financial Statements
ISAs Prepared in Accordance with Special Purpose Frameworks
805 Special Considerations – Audits of Singel Financial
100-999 International Standards on Auditing (ISAs) Statements and Specific Elements, Accounts or Items of a
100-199 Introductory Matters Financial Statement
120 Framework of International Standards on Auditing 810 Engagement to Report on Summary Financial
200-299 General Principles And Responsibilities Statements
200 Overall Objective of the Independent Auditor, and the
Conduct of an Audit in Accordance with International INTERNATIONAL AUDITING PRACTICE NOTES
Standards on Auditing IAPN 1000, Special Considerations in Auditing Financial
210 Agreeing the Terms of Audit Engagements Instruments
220 Quality Control for an Audit of Financial Statements
230 Audit Documentation Audit Definition
240 The Auditor’s Responsibility Relating to Fraud in an “An audit is a systematic process of objectively obtaining
Audit of Financial Statements and evaluating evidence regarding assertions about
250 Consideration of Laws and Regulations in an Audit of economic actions and events to ascertain the degree of
Financial Statements correspondence between these assertions and established
260 Communication with Those Charged with Governance criteria and communicating the results to interested users.”
265 Communicating Deficiencies in Internal Control to
Those Charged with Governance and Management Requirements of a Financial Statement Audit
300-499 Risk Assessment And Response To Assessed Risks ISA 200 gives requirements relating to an audit of financial
300 Planning an Audit of Financial Statements statements.
315 Identifying and Assessing the Risks of Material  The auditor is required to comply with relevant
Misstatement through understanding the Entity and Its ethical requirements, including those pertaining to
Environment independence
320 Materiality in Planning and Performing an Audit  The auditor shall plan and perform an audit with
330 The Auditor’s Responses to Assessed Risks professional skepticism recognizing that
402 Audit Considerations Relating to an Entity Using a circumstances may exist that cause the financial
Service Organization statements to be materially misstated.
450 Evaluation of Misstatements Identified during the Audit  The auditor shall exercise professional judgment in
500-599 Audit Evidence planning and performing an audit of financial
500 Audit Evidence statements.
501 Audit Evidence – Specific Considerations for Selected  To obtain reasonable assurance, the auditor must
Items obtain sufficient appropriate audit evidence to
reduce audit risk to an acceptably low level and
505 External Confirmations thereby enable the auditor to draw reasonable
510 Initial Audit Engagements—Opening Balances conclusions on which to base the auditor’s opinion.
520 Analytical Procedures
530 Audit Sampling Key Definitions
540 Auditing Accounting Estimates and Related Disclosures 1. Professional skepticism—An attitude that includes a
Including Fair Value Accounting Estimates, and Related questioning mind, being alert to conditions which
Disclosures may indicate possible misstatement due to error or
550 Related Parties fraud, and a critical assessment of evidence.
560 Subsequent Events 2. Material misstatement – A significant mistake in
570 Going Concern financial information which would arise from errors
580 Written Representations and fraud if it could influence the economic
600-699 Using Work Of Others
PE1
decisions of users taken on the basis of the financial  overall financial statements may be misstated,
statements. usually caused by poor control environment.
3. Professional judgment—The application of relevant  misstatement in relation to classes of transactions,
training, knowledge and experience, within the account balances, and disclosures.
context provided by auditing, accounting and
ethical standards, in making informed decisions ISRE
about the courses of action that are appropriate in 2000-2699 International Standards on Review Engagements
the circumstances of the audit engagement. (ISREs)
4. Sufficient appropriate audit evidence – Sufficiency is 2400 Engagements to Review Financial Statements
the measure of the quantity (amount) of audit (Previously ISA 910)
evidence. Appropriateness is the measure of the 2410 Review of Interim Financial Information Performed by
quality of audit evidence and its relevance to a the Independent Auditor of the Entity
particular assertion and its reliability.
ISAE
Objectives of an audit of financial statements 3000-3699 International Standards on Assurance
ISA 200 states the overall objectives of an audit of financial Engagements (ISAEs)
statements is : 3000 Assurance Engagements Other than Audits or Reviews
of Historical Financial Information
1. to obtain reasonable assurance about whether the 3400 The Examination of Prospective Financial Information
financial statements as a whole are free from (Previously ISA 810)
material misstatement, whether due to fraud or 3402, Assurance Reports on Controls at a Third Party
error, thereby enabling the auditor to express an Service Organization
opinion on whether the financial statements are
prepared, in all material respects, in accordance ISRS
with an applicable financial reporting framework 4000-4699 International Standards on Related Services
and to report on the financial statements, and (ISRSs)
2. communicate as required by the ISAs, in accordance 4400 Engagements to Perform Agreed-upon Procedures
with the auditor’s findings Regarding Financial Information (Previously ISA 920)
4410 Engagements to Compile Financial Information
Terms used 'give a true and fair view' or ‘present fairly, in (Previously ISA 930)
all material respects’ are equivalent terms.
TYPES OF AUDIT
Management is Responsible for Financial Statements and
Internal Controls Audit of financial statements
An audit in accordance with ISAs is conducted on the Examine financial statements, determine if they give a true
premise that management and those charged with and fair view or fairly present the financial statements.
governance have acknowledged certain responsibilities that
are fundamental to the conduct of the audit, such as Operational Audit
financial statements, accounting methods and internal A study of a specific unit of an organization for the purpose
control. of measuring its performance.
The concept of materiality is applied by the auditor both in Compliance Audit
planning and performing the audit, and in evaluating the A review of an organization’s procedures and financial
effect of identified misstatements on the audit and the records performed to determine whether the organization
financial statements. Misstatements, including omissions, is following specific procedures, rules, or regulations set out
are considered to be material if, individually or in the by some higher authority.
aggregate, they could reasonably be expected to influence
the economic decisions of users taken on the basis of the Types of Auditors
financial statements. Internal auditors are employed by individual companies to
investigate and appraise the effectiveness of company
Judgments about materiality are made in the light of operations for management.
surrounding circumstances, and are affected by the
auditor’s perception of the financial information needs of Independent auditors are typically certified either by a
users of the financial statements, and by the size or nature professional organization or government agency.
of a misstatement, or a combination of both.
Certification of the Auditor
Inherent Limitations in an Audit of Financial Statements  Certified Public Accountant (CPA)
Certain inherent limitations in an audit affect the auditor’s  Chartered Accountant (CA)
ability to detect material misstatements.  Contador Público (CP)
1. Test and sampling  Other
2. Internal control
3. Audit evidence Management Assertions and Audit Objectives
4. Audit process permeated by judgment The audit starts with the financial statements prepared by
the client and the claims or “assertions” that the client
Risk makes about these numbers.
PE1
It is the auditor's job to validate management's assertions. Objective: The client acceptance phase of the audit plan,
In order to do so, the auditor will identify audit objectives, Phase I, involves deciding whether to accept a new client or
which can be regarded as the auditor's counterpart of continue with an existing one.
management assertions.
Procedures:
Management assertions (1) Evaluate the client's background and reasons for the
Management assertions are implied or expressed audit.
representations by management about classes of (2) Determine whether the auditor is able to meet the
transactions and related accounts in the financial ethical requirements regarding the client.
statements. An example of a management assertion is that (3) Determine need for other professionals.
(4) Communicate with predecessor auditor;
“the company’s financial statements are prepared based on (5) Prepare client proposal.
international accounting standards.” (6) Select staff to perform the audit,
(7) Obtain an engagement letter.
Assertions about classes of transactions and events for the
period under audit Phase II Planning the audit
Objective: Determine the amount and type of evidence and
1. Occurrence. Transaction and events that have been review required to give the auditor assurance that there is
recorded have occurred and pertain to the entity. no material misstatement of the financial statements.
2. Completeness – All transactions and events that
should have been recorded have been recorded. Procedures
3. Accuracy - Amounts and other data relating to (1) Perform audit procedures to understand the entity and
recorded transactions and events have been its environment, including the entity’s internal control;
recorded appropriately. (2) Assess the risks of material misstatements of the
4. Cutoff - Transactions and events have been financial statements.
recorded in the correct accounting period. (3) Determine materiality;
5. Classification - Transactions and events have been (4) Prepare the planning memorandum and audit program,
recorded in the proper accounts. containing the auditor’s response to the identified risks.
6. Assertions about account balances at the period
end. Phase III Testing and Evidence
7. Existence:- Assets, liabilities and equity interests Objective : Test for evidence supporting internal controls
exist. and the fairness of the financial statements.
8. Rights and obligations:- An entity holds or controls
the rights to assets, and liabilities are the Procedures:
obligations of the entity. (1) Tests of controls;
9. Completeness—All assets, liabilities and equity (2) Substantive tests of transactions;
interests that should have been recorded have been (3) Analytical procedures;
recorded. (4) Tests of details of balances.
10. Valuation and allocation —Assets, liabilities, and (5) Search for unrecorded liabilities.
equity interests are included in the financial
statements at appropriate amounts and any Phase IV, Evaluation and Reporting
resulting valuation or allocation adjustments are Objective: Complete the audit procedures and issue an
appropriately recorded. opinion.
11. Assertions about presentation and disclosure
12. Occurrence and rights and obligations—Disclosed Procedures:
events, transactions, and other matters have (1) Evaluate governance evidence;
occurred and pertain to the entity. (2) Perform procedures to identify subsequent events;
13. Completeness—All disclosures that should have (3) Review financial statements and other report material;
been included in the financial statements have been (4) Perform wrap-up procedures;
included. (5) Prepare Matters of Attention for Partners;
14. Classification and understandability—Financial (6) Report to the board of directors;
information is appropriately presented and (7) Prepare Audit report.
described, and disclosures are clearly expressed.
15. Accuracy and valuation—Financial and other International Public Accountancy Firms
information are disclosed fairly and at appropriate
amounts. “The Big Four”:
1. Deloitte & Touche;
Audit Process Model 2. PriceWaterhouseCoopers;
Phase I - Client Acceptance 3. Ernst & Young;
Phase II - Planning 4. KPMG
Phase III - Testing and Evidence
Phase IV - Evaluation and Judgment Audit Staff
1. Staff Accountants (or Junior Assistants then Senior)
Phase I Client Acceptance 2. Senior Accountants (or Supervisor)
3. Managers
4. Partners/Directors
PE1
CHAPTER 2 The International Forum of Independent Audit Regulators

The Audit MArket (IFIAR) Core Principles
1. comprehensive and well defined accounting and
auditing principles and standards
2. legal requirements for the preparation and
publication of financial statements according to
Management controls the accounting systems, the internal those principles and standards;
controls, and the financial reports to investors. 3. an enforcement system for preparers of financial
Management is not independent or objective because their statements to ensure compliance with accounting
success depends on positive reports. standards
The auditor increases the confidence of the report users by 4. corporate governance practices that support
giving an independent opinion on the fairness of these high‐quality corporate reporting and auditing
reports. practice; and
5. effective educational and training arrangements for
Demand for audit services explained by several different accountants and auditors.
theories:
1. The Policeman Theory PCAOB’s Audit Standards
2. The Lending Credibility Theory PCAOB has passed 16 audit standards as of December 2010.
3. The Theory of Inspired Confidence They also enforce as “temporary standards” the existing
4. Agency Theory audit standards by the Audit Standards Board called
Statements of Audit Standards (SAS)
Agency Theory
A company is viewed as the result of 'contracts', in which PCAOB’s Audit Standards – US classes
several groups make some kind of contribution to the 1. AS No. 1: References in Auditors’ Reports to the
company, given a certain 'price'. Standards of the Public Company Accounting
Oversight Board
Management is seen as the “agent,” trying to obtain 2. AS No. 3: Audit Documentation
contributions from “principals” such as bankers, 3. AS No. 4: Reporting on Whether a Previously
stockholders and employees. Reported Material Weakness Continues to Exist
4. AS No. 5: An Audit of Internal Control Over Financial
Management tries to do what is best for management and Reporting That Is Integrated with An Audit of
has a considerable advantage over the principals regarding Financial Statements
information about the company (information asymmetry). 5. AS No. 6: Evaluating Consistency of Financial
Cost of an agency relationship are monitoring costs, Statements
bonding costs, and residual loss. 6. AS No. 7: Engagement Quality Review
7. PCAOB’s Audit Standards – US classes
Audits Required 8. AS No. 8: Audit Risk
In most countries, audits are now legally required for some 9. AS No. 9: Audit Planning
types of companies (statutory audits) . E.g., listed 10. AS No. 10: Supervision of the Audit Engagement
companies, companies receiving government money, 11. AS No. 11: Consideration of Materiality in Planning
certain industries and Performing an Audit
12. AS No. 12: Identifying and Assessing Risks of
Major bourses (including NYSE, NASDAQ, London Stock Material Misstatement
Exchange, Tokyo NIKKEI, and Frankfurt DAX) have listing 13. AS No. 13: The Auditor's Responses to the Risks of
rules that require all companies to have an audited annual Material Misstatement
report. 14. AS No. 14: Evaluating Audit Results
15. AS No. 15: Audit Evidence
Audit Regulation
Although there is regulation around the world, two that Communications With Audit Committees (PCAOB Audit
may be the most influential are: Standard 16)
 The Sarbanes-Oxley Act of 2002 required the U.S. http://pcaobus.org/Rules/Rulemaking/Docket030/Release_
Securities and Exchange Commission (SEC) to create 2012-004.pdf (August 15, 2012)
a Public Company Accounting Oversight Board
(PCAOB).  Replaces AU 310 and 380
 European Union Eighth Council Directive  Requires the auditor to record the terms of the
84/253/EEC and EU Directive 2006/43/EC engagement in an engagement letter, to have the
engagement letter signed and determine that the
Independent Oversight audit committee has acknowledged and agreed to
1. International Forum of Independent Audit the terms.
Regulators (IFIAR),  Adds a requirement for the auditor to communicate
2. In Australia - Financial Reporting Council, to the audit committee significant unusual
3. In the UK -The Review Board, transactions that are outside the normal course of
4. In the Netherlands - Authority for the Financial business for the company or that otherwise appear
Markets (AFM), to be unusual and to communicate the auditor's
5. France - Autorité des marchés financiers(AMF) understanding of the business rationale for such
6. USA -Public Company Accounting Oversight Board transactions.
PE1
 improves and enhances current auditor An engagement quality review and concurring approval of
communication requirements (pages 9-12) issuance are required for each audit engagement and for
each engagement to review interim financial information
PCAOB Audit Standard # 1: References in Auditors’ Reports The objective of the engagement quality reviewer is to
to the Standards of the Public Company Accounting perform an evaluation of the significant judgments made by
Oversight Board the engagement team and the related conclusions reached
adopted as interim standards, on an initial, transitional in forming the overall conclusion on the engagement in
basis, GAAP in AICPA’s Auditing Standards Board's order to determine whether to provide concurring approval
Statement on Auditing Standards No. 95. the auditor in of issuance . An engagement quality reviewer must have
their opinion must refer to "the standards of the Public competence, independence, integrity, and objectivity
Company Accounting Oversight Board (United States)."
Auditing Standard # 8: Audit Risk
PCAOB Audit Standard # 3: Audit Documentation This standard discusses the auditor's consideration of audit
This standard establishes general requirements for risk. Risk of material misstatement at the assertion level
documentation the auditor should prepare and retain in consists of the following components: Inherent risk and
connection with engagements. Audit documentation is the Control risk
written record of the basis for the auditor's conclusions that The auditor uses the assessed risk of material misstatement
provides the support for the auditor's representations, to determine the appropriate level of Detection risk for a
whether those representations are contained in the financial statement assertion.
auditor's report or otherwise
Auditing Standard # 9: Audit Planning
The auditor must retain audit documentation for seven Establishes requirements regarding planning an audit.
years from the date the auditor grants permission to use The engagement partner is responsible for planning the
the auditor's report in connection with the issuance of the audit.Planning the audit includes establishing the overall
company's financial statements ( report release date ) audit strategy for the engagement and developing an audit
plan, which includes, in particular, planned risk assessment
PCAOB Audit Standard # 4: Reporting on Whether a procedures and planned responses to the risks of material
Previously Reported Material Weakness Continues to Exist misstatement.
Establishes requirements and provides direction that apply
when an auditor is engaged to report on whether a Auditing Standard # 10: Supervision of the Audit
previously reported material weakness in internal control Engagement
over financial reporting continues to exist as of a date This standard establishes requirements regarding
specified by management supervision of the audit engagement, including supervising
the work of engagement team members.
PCAOB Audit Standard # 5: An Audit of Internal Control The engagement partner is responsible for the engagement
Over Financial Reporting That Is Integrated with An Audit and its performance including PCAOB standards and the
of Financial Statements work of engagement personnel, specialists, other auditors,
This standard establishes requirements when an auditor is internal auditors, and others who are involved in testing
engaged to perform an audit of management's assessment controls
of the effectiveness of internal control over financial
reporting ("the audit of internal control over financial Auditing Standard # 11: Consideration of Materiality in
reporting") that is integrated with an audit of the financial Planning and Performing an Audit
statements. establishes requirements regarding the auditor's
consideration of materiality in planning and performing an
If one or more material weaknesses exist, the company's audit. the Supreme Court of the United States - a fact is
internal control over financial reporting cannot be material if there is "a substantial likelihood that the …fact
considered effective. The audit of internal control over would have been viewed by the reasonable investor as
financial reporting should be integrated with the audit of having significantly altered the 'total mix' of information
the financial statements. made available.“
PCAOB Audit Standard # 6: Evaluating Consistency of To obtain reasonable assurance about whether the financial
Financial Statements statements are free of material misstatement, the auditor
This standard establishes requirements for the auditor's should plan and perform audit procedures to detect
evaluation of the consistency of the financial statements. misstatements that, individually or in combination with
The auditor should recognize the following matters in an other misstatements, would result in material misstatement
explanatory (matter of emphasis) paragraph a relating to of the financial statements.
the consistency of the company's financial statements in the
auditor's report if those matters have a material effect on Auditing Standard No. 12: : Identifying and Assessing Risks
the financial statements: of Material Misstatement
1. A change in accounting principle Establishes requirements regarding the process of
2. An adjustment to correct a misstatement in identifying and assessing risks of material misstatement of
previously issued financial statements. the financial statements. The auditor should perform risk
assessment procedures that are sufficient to provide a
reasonable basis for identifying and assessing the risks of
Auditing Standard # 7: Engagement Quality Review material misstatement, whether due to error or fraud.
PE1
This standard discusses the following risk assessment Appropriateness is the measure of the quality of audit
procedures: evidence, i.e., its relevance and reliability.
1. Obtaining an understanding of the company and its
environment (paragraphs 7-17); List of PCAOB Temporary Standards
2. Obtaining an understanding of internal control over 1. AU Section 100 - Statements on Auditing Standards
financial reporting (paragraphs 18-40); -- Introduction
3. Considering information from the client acceptance 2. AU Section 200 - The General Standards
and retention evaluation, audit planning activities, 3. AU Section 300 - The Standards of Field Work
past audits, and other engagements performed for 4. AU Section 400 - The First, Second, and Third
the company (paragraphs 41-45); Standards of Reporting
4. Performing analytical procedures (paragraphs 46- 5. AU Section 500 - The Fourth Standard of Reporting
48); 6. AU Section 600 - Other Types of Reports
5. Conducting a discussion among engagement team 7. AU Section 700 - Special Topics AU Section 800 -
members regarding the risks of material Compliance Auditing
misstatement (paragraphs 49-53); 8. AU Section 900 - Special Reports of the Committee
6. Inquiring of the audit committee, management, and on Auditing Procedures
others within the company about the risks of
material misstatement (paragraphs 54-58) Big Four Firms & Non-Big Four
Deloitte, Ernst & Young, KPMG, PricewaterhouseCoopers
Auditing Standard No. 13: The Auditor's Responses to the
Risks of Material Misstatement Second Tier – Grant Thornton; BDO Seidman; McGladrey &
Establishes requirements regarding designing and Pullen; Moss Adams; Myer, Hoffman & McCann; Crowe
implementing appropriate responses to the risks of material Group, American Express, BKD
misstatement. Responses that have an overall effect on how
the audit is conducted ("overall responses"), (paragraphs 5- Legal liability of the auditor
7) - e.g., appropriate staff assignment, supervision, varies from country to country, district to district.
unpredictable audit procedures . Responses involving the based on one or more of the following:
nature, timing, and extent of the audit procedures to be 1. common law,
performed, (paragraphs 8-46). 2. civil liability under statutory law,
3. criminal liability under statutory law, and
Auditing Standard No. 14: Evaluating Audit Results 4. liability for members of professional accounting
Establishes requirements regarding the auditor's evaluation organizations.
of audit results and determination of whether he or she has
obtained sufficient appropriate audit evidence which should Common Law Ultramares - Touche case (Ultramares
include evaluation of the following: Corporation v Touche et al.)
1. The results of analytical procedures performed in the accountants were negligent for not finding that a
the overall review of the financial statements material amount of accounts receivable had been falsified
("overall review"); when careful investigation would have shown it to be
2. Misstatements accumulated during the audit, fraudulent, not liable to a third party bank because the
including, in particular, uncorrected misstatements; creditors were not a primary beneficiary, or known party,
3. The qualitative aspects of the company's accounting called the Ultramares doctrine, that ordinary negligence is
practices; not sufficient for a liability to a third party because of lack of
4. Conditions identified during the audit that relate to privity of contract between the third party and the auditor.
the assessment of the risk of material misstatement
due to fraud ("fraud risk"); Caparo Industries, PLC v Dickman
5. The presentation of the financial statements, The question in Caparo was the scope of the assumption of
including the disclosures; responsibility of the auditor if a clean opinion was given for
6. The sufficiency and appropriateness of the audit negligent accounts, and what the limits of liability ought to
evidence obtained. be.
Auditing Standard No. 15: Audit Evidence The House of Lords of the UK, following the Court of Appeal,
Explains what constitutes audit evidence and establishes set out a "three-fold test“ for an obligation (duty of care) to
requirements regarding designing and performing audit arise from negligence
procedures to obtain sufficient appropriate audit evidence. 1. harm must be reasonably foreseeable
Audit evidence is all the information, whether obtained 2. the parties must be in a relationship of proximity
from audit procedures or other sources, that is used by the and
auditor in arriving at the conclusions on which the auditor's 3. it must be fair, just and reasonable to impose
opinion is based. liability.
AS #15 Sufficient Appropriate Audit Evidence Civil Liability Under Statutory Law
Sufficiency is the measure of the quantity of audit evidence The Securities Act of 1933 established the first U.S.
affected by the following: statutory civil recovery rules for third parties against
Risk of material misstatement or the risk associated with auditors. Original purchasers have recourse against the
the control (risk increase -> amount of evidence increases) auditor for up to the original purchase price if the financial
Quality of the audit evidence obtained. statements are false or misleading.
PE1
The auditor has the burden of demonstrating that risks resulting from litigation for audit firms European
reasonable investigation was conducted or that all the loss Union Commissioner Charlie McCreevy has said:
of the purchaser of securities (plaintiff) was caused by
factors other than the misleading financial statements. “We have concluded that unlimited liability combined with
insufficient insurance cover is no longer tenable. It is a
Sarbanes Oxley Act of 2002 Civil Penalties for CEOs and potentially huge problem for our capital markets and for
CFOs auditors working on an international scale. The current
If there is a material restatement of a company’s reported conditions are not only preventing the entry of new players
financial results due to the material noncompliance of the in the international audit market, but are also threatening
company, as a result of misconduct, the CEO and CFO shall existing firms.”
reimburse the company for any bonus or incentive or
equity-based compensation received within the 12 months Suggested Solutions to Auditor Liability
following the filing with the financial statements Some countries (e.g. Germany) have put a legally
subsequently required to be restated (Section 304) determined cap on the liability of auditors (to the client in
the case of Germany)
Financial statements filed with the SEC by any public
company must be certified by CEOs and CFOs. If all A system of proportionate liability - an audit firm is not
financials do not fairly present the true condition of the liable for the entire loss incurred by plaintiffs but only to the
company CEOs and CFOs may receive fines of up to $1 extent to which the loss is attributable to the auditor.
million. If certifications are made knowing the statements In order to protect the personal wealth of audit partners,
are incorrect, the fine can be up to $5 million. some audit firms are structured as a limited liability
partnership (e.g. in the UK).
Criminal Liability Under Statutory Law
The Securities Exchange Act of 1934 in the United States To make insurance of all liability risks compulsory using
sets out (Rule 10b-5) criminal liability for the auditor to new legislation was one of the recommendations of a EU
employ any device, scheme or artifice to defraud or commission.Exclude certain activities with a higher risk
intentionally or recklessly misrepresent information for profile from the auditors' liability. A mechanism to achieve
third party use. this outcome would be to introduce so-called safe harbour
provisions by legislation.
Sarbanes Oxley Act of 2002 Criminal Penalties for CEOs,
CFOs and Auditors Audit Expectations with regard to the following duties of
To knowingly destroy, create, manipulate documents auditors: giving an opinion on
and/or impede or obstruct federal investigations is 1. the fairness of financial statements;
considered felony, and violators will be subject to fines or 2. the company's ability to continue as a going
up to 20 years imprisonment, or both concern;
3. the company's internal control system;
All audit reports or related workpapers must be kept by the 4. the occurrence of fraud; and
auditor for 7 years. Failure to do this may result in 10 years 5. the occurrence of illegal acts.
imprisonment.
The Fairness Of Financial Statements;
CFOs and CEOs who falsely certify financial statements or The Company's Ability To Continue As A Going Concern;
internal controls are subject to 10 years imprisonment. A large part of the financial community (users of audit
Willful false certification may result in a maximum of 20 services) expects that financial statements with an
years imprisonment unmodified (unqualified) audit opinion are completely free
from error. The inherent limitations of auditing not
Liabilities as Members of Professional Organizations accepted.
Nearly all national audit professions have some sort of
disciplinary court. The disciplinary court makes its judgment In most national regulations, auditors need to determine
and determines the sanction. It may be: whether the audited entity is able to continue as a going
1. a fine; concern.
2. a reprimand (either oral or written);
3. a suspension for a limited period of time (e.g. 6 Opinion on the Company’s Internal Control System
months); or The objective of the auditor is to identify and assess the
4. a lifetime ban from the profession. risks of material misstatement … through understanding the
entity and its environment, including the entity’s internal
In order to hold the auditor successfully legally liable in a control.
civil suit, the following conditions have to be met: - US
Classes The United States Sarbanes-Oxley Act of 2002 requires that
An audit failure/neglect has to be proven (negligence issue). company officers certify that internal controls are effective
The auditor should owe a duty of care to the plaintiff (due and requires that an independent auditor verify
professional care). management’s analysis
The plaintiff has to prove a causal relationship between her Company's Internal Control
losses and the alleged audit failure (causation issue). The Section 404 of the Sarbanes-Oxley Act requires each annual
plaintiff must quantify her losses (quantum issue). financial report of a company to contain an “internal control report”
which should:
PE1
state the responsibility of management for establishing and 1 harmonizing the definitions regarding internal control and
maintaining an adequate internal control structure and its components;
procedures for financial reporting, and contain an 2 helping management in assessing the quality of internal
assessment, as of the end of the fiscal year, of the control;
effectiveness of the internal control structure and 3 creating internal control benchmarks, enabling
procedures for financial reporting. management to compare the internal control in their own
company to the state-of-the-art; and
Companies must select suitable criteria (COSO-based) 4 creating a basis for the external reporting on the
against which it may evaluate the effectiveness of internal adequacy of the internal controls.
controls for authorization, safeguarding assets, and properly
recording of transactions. An independent auditor attests to Combined Code UK
any difference between management’s assertions under In 1998 London Stock Exchange published a new Listing Rule
404 and the audit evidence on internal controls together with related Principles of Good Governance and
Code of Best Practice (called ‘the Combined Code).
Opinion on the Occurrence of Fraud
Both governments and the financial community expect the The combined code combines the recommendations of the
auditor to find existing fraud cases and report them. Audit so-called Cadbury, Greenbury, and Hampel committees on
history as gone from the fraud detection as the objective of corporate governance.
an audit to not taking any responsibility for fraud, to the
current position that the auditor is responsible for obtaining The Sarbanes-Oxley Act of 2002 Restrictions on Auditors
reasonable assurance the financial statements are free from  Auditors must report to the audit committee
material statement, whether caused by fraud or error.  The lead audit partner and audit review partner
must be rotated every five years.
The Occurrence of Fraud  A second partner must review and approve audit
ISA 240- the responsibility for the prevention and detection reports.
of fraud and error rests with both those charged with the  It is a felony with penalties of up to 20 years in jail
governance and the management. to willfully fail to maintain “all audit or review work
papers” for seven years.
ISA 210 states that when planning and performing audit  Auditors are prohibited from offering certain
procedures and in evaluating and reporting the results, information system and accounting services.
auditors should consider the risk of misstatements in
financial statements resulting in fraud.
CHAPTER 3
In planning the audit, the auditor must assess the risk that Ethics for Porfessional Accountants
material fraud or error has occurred.
US Fraud Standard – US Classes
WHAT ARE ETHICS?
Auditing Standard Number 99 (SAS 99) A sense of agreement in a society as to what is right and
The standard requires that as part of the planning process wrong. Ethics represent a set of moral principles, rules of
the audit team must consider how and where the client’s conduct or values. Ethics apply when an individual has to
financial statements may be susceptible to fraud. Gather make a decision from various alternatives regarding moral
information by inquiring of management and consider ing principles.
fraud risk factors
Ethical principles
The Occurrence of Illegal Acts
Both ISA 250 and most national regulators state that the
auditor’s responsibility in this area is restricted to designing
and executing the audit in such a way that there is a
reasonable expectation of detecting material illegal acts
which have a direct impact on the form and content of the
financial statements. The professional regulations in some
countries require the auditor to inform members of the
audit committee or board of directors
Responses to Accounting Controversies
In response to the controversies there have been in two
landmark studies (the COSO Report and the Cadbury Report
which lead to the Combined Code and the Turnbull Report)
and most recently have been legislated into the US
accounting profession by the Sarbanes-Oxley Act of 2002.
COSO Report
The COSO report was published by the Committee of Objectives of Accountantancy Profession
Sponsoring Organizations of the Treadway Commission. The Generally, to meet the public’s interest :
COSO report envisaged:
PE1
“A distinguishing mark of the accountancy profession is its 5. Professional Behavior (Sec 150)
acceptance of the responsibility to act in the public interest.
Therefore, a professional accountant’s responsibility is not Principles
exclusively to satisfy the needs of an individual client or Integrity to be straightforward and honest in all professional
employer.” Code of Ethics and business relationships.
PCAOB Ethics – US Classes Objectivity: To not allow bias, conflict of interest or undue
ET Section 100 INDEPENDENCE, INTEGRITY, AND influence of others to override professional or business
OBJECTIVITY judgments. In the auditing sense bias is associated with
money and personal association, e.g., if possible gains of
Independence ET Section 101 wealth, prospects of a better income, or personal
http://pcaobus.org/Standards/EI/Pages/ET101.aspx relationships as with family or friends are involved, this may
bias the auditor’s work. There exist religious and cultural
Integrity and Objectivity ET Section 102 biases that may also affect an auditor’s work and these
http://pcaobus.org/Standards/EI/Pages/ET102.aspx biases have been well studied.
The Code is divided into three parts: A, B, and C: Professional Competence and Due Care: to maintain
Part A establishes the fundamental principles of professional knowledge and skill at the level required to
professional ethics for professional accountants and ensure that a client or employer receives competent
provides a conceptual framework for applying those professional service based on current developments in
principles. practice, legislation and techniques and act diligently and in
accordance with applicable technical and professional
Parts B and C illustrate how the conceptual framework is to standards.
be applied in certain situations.
 Part B applies to professional accountants in public Confidentiality: To respect the confidentiality of information
practice. acquired as a result of professional and business
 Part C applies to professional accountants in relationships and, therefore, not disclose any such
business. information to third parties without proper and specific
authority, unless there is a legal or professional right or duty
Part A – Fundamental Principles to disclose, nor use the information for the personal
Part A establishes the fundamental principles of advantage of the professional accountant or third parties.
professional ethics for professional accountants and
provides a conceptual framework that professional Professional Behavior: to comply with relevant laws and
accountants shall apply to: regulations and avoid any action that discredits the
1. Identify threats to compliance with the profession.
fundamental principles;
2. Evaluate the significance of the threats identified; Disclosure of Confidential Information
and May be disclosed when disclosure is authorized by the
3. Apply safeguards, when necessary, to eliminate the client, required by law (eg evidence in legal proceedings),
threats or reduce them to an acceptable level. where there is a professional duty or right to disclose (such
as in a peer review quality control program) or to comply
Safeguards are necessary when the threats are not at a level with technical standards or ethics requirements.
at which a reasonable and informed third party would be
likely to conclude, weighing all the specific facts and Professional Behavior that discredits the profession
circumstances available to the professional accountant at example
that time, that compliance with the fundamental principles In marketing and promoting themselves and their work,
is not compromised. professionals should be honest and truthful and not:
Make exaggerated claims for the services they are able to
Conceptual Framework Approach offer, the qualifications they possess, or experience they
A conceptual framework requires a professional accountant have gained; or Make disparaging references or
to identify, evaluate and address threats to compliance with unsubstantiated comparisons to the work of others.
the fundamental principles, rather than merely comply with
a set of specific rules which may be arbitrary. Threats and Safeguards (no longer related just to
Independence, but to ethics)
When an accountant identifies threats to compliance with Compliance with the fundamental principles may potentially
the fundamental principles and determines that they are be threatened by a broad range of circumstances. Many
not at an acceptable level, he/she shall determine whether threats fall into the following categories:
appropriate safeguards are available and can be applied to 1. Intimidation threats
eliminate the threats or reduce them to an acceptable level. 2. Self-interest threats
3. Self-review threats
The IFAC Code of Ethics for Professional Accountants 4. Advocacy threats
fundamental principles for ALL Accountants: 5. Familiarity threats
1. Integrity (Sec 110)
2. Objectivity (Sec 120) Safeguards are actions or other measures that may
3. Professional Competence and Due Care (Sec 130) eliminate threats or reduce them to an acceptable level.
4. Confidentiality (Sec 140)
PE1
Intimidation Threat Advocacy Threat

Intimidation Threat -occurs when a member of the An Advocacy Threat – occurs when a member of the
assurance team may be deterred from acting objectively assurance team promotes, or seems to promote, an
and exercising professional skepticism by threats, actual or assurance client’s position or opinion. That is, the auditor
perceived, from the directors, officers or employees of an subordinates his judgment to that of the client.
assurance client.
Examples of circumstances that create advocacy threats :
Examples of Intimidation Threats 1. Selling, underwriting or otherwise dealing in
1. Being threatened with dismissal from a client financial securities or shares of an assurance client;
engagement. 2. Acting as an advocate on behalf of an assurance
2. Being threatened with litigation. client in litigation or disputes with third parties.
3. Being pressured to reduce inappropriately the
extent of work performed in order to reduce fees. Familiarity Threat
4. An audit client indicating that it will not award a Familiarity Threat ─ occurs when an auditor becomes too
planned non assurance contract to the firm if the sympathetic to the client’s interests because he has a close
firm continues to disagree with the client’s relationship with an assurance client, its directors, officers
accounting treatment. or employees.
5. A professional accountant feeling pressured to
agree with the judgment of a client employee Familiarity Threats Circumstances (In Part B)
because the employee has more expertise on the  Immediate family member or close family member
matter in question. who is a director, officer, or influential employee of
6. A professional accountant being informed by a the assurance client;
partner of the firm that a planned promotion will  A member of the assurance team having a close
not occur unless the accountant agrees with an family member who, as an employee of the
audit client’s inappropriate accounting treatment. assurance client, is in a position to exert direct and
significant influence over the subject matter of the
Self-Interest Threat engagement;
A Self-interest threat occurs when an auditor could benefit  A director or officer of the client or an employee in
from a financial interest in, or other self-interest conflict a position to exert significant influence over the
with, an assurance client. subject matter of the engagement having recently
served as the engagement partner.
Self Interest Threats Circumstances (In Part B)  Acceptance of gifts or preferential treatment from a
 A financial interest in a client or jointly holding a client, unless the value is trivial or inconsequential.
financial interest with a client.  Senior personnel having a long association with the
 Undue dependence on total fees from a client. assurance client.
 Having a close business relationship with a client.
 Concern about the possibility of losing a client. Immediate Family Member - US
 Potential employment with a client. Under PCAOB’s Rule 3501 Definitions, “the term
 Contingent fees relating to an assurance "immediate family member" means a person's spouse,
engagement. spousal equivalent, and dependents.”
 Discovering a significant error when evaluating the
results of a previous professional service performed Safeguards
by a member of the professional accountant’s firm. Safeguards that may eliminate or reduce such threats to an
acceptable level fall into two broad categories:
Self-Review Threat 1. Safeguards created by the profession, legislation or
Self-Review Threat – occurs when regulation;
(1) results of a previous engagement needs to be re- 2. Safeguards in the work environment.
evaluated in reaching conclusions on the present assurance
engagement Safeguards created by the profession, legislation or
(2) when a member of the assurance team previously was regulation include:
an employee of the client (especially a director or officer) in 1. Educational, training and experience requirements
a position to exert significant influence over the subject for entry into the profession.
matter of the assurance engagement. 2. Continuing professional development requirements.
3. Corporate governance regulations.
Reporting on the operation of financial systems after being 4. Professional standards.
involved in their design or implementation. Having prepared 5. Professional or regulatory monitoring and
the original data used to generate records that are the disciplinary procedures
subject matter of the engagement. A member of the 6. External review by a third party of the reports,
assurance team being, or having recently been, a director or returns, communications or information produced
officer of that client. A member of the assurance team by a professional accountant.
being, or having recently been, employed by the client in a
position to exert direct and significant influence over the Firm-wide safeguards in the work environment may include:
subject matter of the engagement. Performing a service for 1. Leadership that stresses the importance of
a client that directly affects the subject matter information compliance with the fundamental principles and the
of the assurance engagement. duty to act in the public interest.
2. Quality control policies
PE1
3. Documented policies regarding the need to identify existing client may cause threats to compliance with the
threats to compliance with the fundamental fundamental principles
principles, evaluate the significance of those
threats, and apply safeguards Safeguards such as seeking client permission to contact the
4. A disciplinary mechanism to promote compliance existing accountant, describing the limitations surrounding
with policies and procedures. any opinion and providing the existing accountant with a
copy of the opinion may be required.
Examples of engagement-specific safeguards in the work
environment Fees and Other Types of Remuneration
1. Having a professional accountant who was not a An auditor may quote whatever fee deemed to be
member of the assurance team review the appropriate. However, a self-interest threat to professional
assurance work performed or otherwise advise as competence and due care is created if the fee quoted is so
necessary. low that it may be difficult to perform the engagement.
2. Consulting an independent third party, such as a
committee of independent directors, a professional Accepting a referral fee or commission relating to a client
regulatory body or another professional creates a self-interest threat to objectivity and professional
accountant. competence and due care.
3. Discussing ethical issues with those charged with
governance of the client. Marketing Professional Services
When a professional accountant in public practice solicits
professional accountant in public practice new work through advertising or other forms of marketing,
A professional accountant in public practice is a professional there may be potential threats to compliance with the
accountant, irrespective of functional classification (for fundamental principles.
example, audit, tax or consulting) in a firm that provides
professional services. This term is also used to refer to a What Advertising Cannot Do
firm of professional accountants in public practice. An accountant should not bring the profession into
disrepute when marketing professional services. She should
Professional Appointment be honest and truthful and should not:
Client Acceptance - consider whether acceptance would  Make exaggerated claims for services offered,
create any threats to compliance with the fundamental qualifications possessed or experience gained; or
principles  Make disparaging references to unsubstantiated
comparisons to the work of another.
Engagement Acceptance - agree to provide only those
services that the accountant is competent to perform. Example of Bad Advertising
“At our firm we believe the financial success of any business
Safeguards for Accepting an Audit Engagement requires regular monitoring and attention to the smallest
Safeguards, including the following ,shall be applied to detail. Without the objective oversight of a practiced eye,
eliminate any threats or reduce them to an acceptable level: huge opportunities can slip by unnoticed, and minor
 Before accepting the engagement state that contact problems can quickly evolve into significant issues. That’s
with the existing accountant will be requested why the experts at our firm maintain a close relationship
 Asking the existing accountant to provide known with our clients all year round, rather than merely reviewing
information on any facts or circumstances that the financial records annually.”
proposed accountant needs to be aware of before
deciding whether to accept the engagement; or Gifts and Hospitality
 Obtaining necessary information from other Self-interest threats to objectivity may be created if a gift
sources. from a client is accepted; intimidation threats to objectivity
may result from the possibility of such offers being made
Information from Existing Auditor public.
Once client permission is obtained, the existing accountant
should provide information honestly and unambiguously. If Gifts or hospitality which are acceptable are those which a
the proposed accountant is unable to communicate with reasonable and informed third party, having knowledge of
the existing accountant, the proposed accountant should try all relevant information, would consider clearly insignificant.
to obtain information about any possible threats by other
means such as through inquiries of third parties or Custody of Client Assets
background investigations on senior management. To safeguard against a self interest threat to objectivity , a
professional accountant in public practice entrusted with
Conflicts of Interest money (or other assets) belonging to others should:
An accountant should take reasonable steps to identify 1. Keep such assets separately from personal or firm
circumstances that could pose a conflict of interest and assets; and
apply safeguards when necessary to eliminate the threats. 2. Use such assets only for the purpose for which they
are intended
Second Opinions 3. At all times, be ready to account for those assets,
Providing a second opinion on the application of and any income, dividends or gains generated
accounting, auditing, reporting or other standards or 4. Comply with all relevant laws and regulations
principles by or on behalf of a company that is not an relevant to the holding of and accounting for such
assets
PE1
Objectivity – All Services and the substance of any relevant discussions that support
When providing any professional service the auditor should those conclusions. E.g.,
consider whether there are threats to compliance with the  the nature of the threat and the safeguards in place
fundamental principle of objectivity resulting from having  If no safeguards are necessary, the rationale
interests in, or relationships with, a client or directors,
officers or employees. Engagement Period
Independence from the audit client is required both during
In an assurance service the auditor is required to be the engagement period and the period covered by the
independent of the assurance client. Independence of mind financial statements.
and in appearance is necessary to express a conclusion, and
be seen to express a conclusion, without bias, conflict of Financial Interests
interest or undue influence of others. If a member of the audit team, a member of that
individual’s immediate family, or a firm has a direct financial
European Union Auditor Independence interest or a material indirect financial interest in the audit
Member States shall prescribe that auditors shall not carry client, the self-interest threat created would be so
out statutory audits if they are not independent in significant that no safeguards could reduce the threat to an
accordance with the law of the Member State which acceptable level .
requires the audit.
Business, Family and Personal Relationships
An auditor must be independent from his audit client both A close business relationship between a firm, or a member
in mind and appearance. The auditor should not audit a of the audit team, or a member of that individual’s
client if there are any financial, businesses, employment or immediate family, and the audit client or its management,
other relationships between them that a “reasonable and arises from a commercial relationship or common financial
informed third party” would conclude compromised interest and may create self-interest or intimidation threats.
independence. The business relationship must not be entered into because
NO safeguards would be sufficient and the individual with
PCAOB Ethics and Independence rules concerning the relationship must be removed from the audit team
independence, tax services, and contingent fees –US
Classes Provision of Non-assurance Services to Audit Clients
 Not independent if the audit firm provided any Providing non-assurance services to assurance clients may
service or product to an audit client for a contingent create threats to the independence of the firm or members
fee or a commission. of the audit team. Providing certain non-assurance services
 Not independent if the firm provided assistance in to an audit client may create a threat to independence so
planning, or provided tax advice on, certain types of significant that no safeguards could reduce the threat to an
potentially abusive tax transactions to an audit acceptable level.
client or persons employed by that client and must
seek audit committee approval for any tax services Examples: services that assume a management
 Firms must be independent of their audit clients responsibility, bookkeeping, tax planning that impacts the
throughout the audit period financial statements, internal audit services, IT, valuation,
legal, corp finance
Independence – Mind and Appearance
The conceptual framework involves two views of Fees
independence to which the auditor must comply: Professional fees should be a fair reflection of the value of
1. Independence of Mind is the state of mind that the professional service performed for the client, taking into
permits the expression of a conclusion without account the skill and knowledge required, the level of
being affected by influences that compromise training and experience of the persons performing the
professional judgment, thereby allowing an services, the time necessary for the services and the degree
individual to act with integrity and exercise of responsibility that performing those services entails. The
objectivity and professional skepticism. IESBA Ethics Code discusses threats to independence in
2. Independence in Appearance is the avoidance of pricing auditing services in terms of size, whether fees are
facts and circumstances that are so significant that overdue, and contingent fees.
a reasonable and informed third party would be
likely to conclude, weighing all the specific facts and Size of client fees and unpaid fees
circumstances, that a firm’s, integrity, objectivity or If an audit client is a public interest entity and, for two
professional skepticism has been compromised. consecutive years, the total fees from the client represent
more than 15% of the total fees received by the audit firm,
Independence—Assurance Engagements the firm must disclose to the audit client that fact and
In the case of an assurance engagement it is in the public discuss safeguards it will apply. The Code warns that a self-
interest and, therefore, required by the Code of Ethics, that interest threat may be created if fees due from an
members of assurance teams, firms and, when applicable, assurance client for professional services remain unpaid for
network firms be independent of assurance clients a long time.
Documentation of Independence Compensation and Evaluation Policies
The professional accountant must document conclusions A self-interest threat is created when a member of the audit
regarding compliance with independence requirements, team or a key audit partner is evaluated on or compensated
for selling non-assurance services to that audit client.
PE1
Actual or Threatened Litigation CHAPTER 4

When litigation takes place, or appears likely, between the An Auditor’s Services
audit firm or a member of the audit team and the audit
client, self-interest an d intimidation threats are created.If
safeguards do not reduce the threats to an acceptable level,
the only appropriate action is to withdraw from, or decline,
the audit engagement. Besides the International Framework for Assurance
Engagements, ISAs, ISREs and ISAEs, practitioners who
Independence requirements for assurance engagements perform assurance engagements are governed by The IEASB
that are not audit or review engagements Code of Ethics for Professional Accountants International
The IESBA Code of Ethics for Professional Accountants Standards on Quality Control (ISQCs)
Section 291 (see Illustration 3.4 for contents) addresses
independence requirements for assurance engagements IAASB’s Engagement Standards
that are not audit or review engagements. Some engagement standards are based on “International
Framework for Assurance Engagements” (assurance
Part C – employees, management, volunteers engagements), and others result from the “Related Services
Part C of the IESBA Code describes how the conceptual Framework” (related services engagements). Three sets of
framework contained in Part A applies in certain situations standards (ISAs, ISREs (historical financial) and ISAEs (not
to a salaried employee, a partner, director, an owner based on historical f/s) share the assurance engagement
manager, or a volunteer (professional accountant in framework and one standard set (ISRS) is based on the
business) related services framework. ISAs, ISREs, ISAEs and ISRSs are
collectively referred to as the IAASB’s Engagement
Part C also addresses circumstances in which compliance Standards.
with the fundamental principles may be compromised by
potential conflicts, preparation and reporting information, Assurance Engagements on Subject Matters Other than
acting with sufficient expertise, financial interests, and Historical Financial Information (ISAEs)
inducements. The ISAE standards are divided into two parts:
1. ISAEs 3000 – 3399 which are topics that apply to all
A professional accountant in business shall not knowingly assurance engagements
engage in any business, occupation, or activity that impairs 2. ISAEs 3400 – 3699 which are subject specific
or might impair integrity, objectivity or the good reputation standards, for example standards relating to
of the profession and as a result would be incompatible examination of prospective financial information,
with the fundamental principles.
Not all engagements performed by practitioners are
Potential Conflicts assurance engagements
There may be times when responsibilities to an employing Frequently performed engagements that are not covered by
organization and professional obligations to comply with the Assurance Framework are:
the fundamental principles are in conflict. Pressure may be 1. Engagements covered by International Standards
applied to act contrary to law or regulation or to technical for Related Services (ISRS), such as agreed-upon
or professional standards, or facilitate unethical or illegal procedures and compilations.
earnings management strategies. 2. The preparation of tax returns where no conclusion
conveying assurance is expressed.
Other Sections of Part C 3. Consulting (or advisory) engagements, such as
There are other sections in Part C which address specific management and tax consulting.
aspects of the work of professional accountants in business.
These sections include discussion of Related Services Framework (ISRSs)
1. preparation and reporting of information (Sec. Standards under this framework, International Standards on
320,), Related Services (ISRSs), are applied currently to two audit
2. acting with sufficient expertise (sec. 330), services:
3. financial interests (Sec. 340),  Agreed-upon procedures (ISRS 4400) Agreed-upon
4. inducements (Sec. 350), procedures are assurance based on audit
procedures in a very limited “agreed upon” area
Enforcement of Ethical Requirements with a proscribed set of users.
In many countries an auditor who violates the ethical  Compilations (ISRS 4410 ). Compilations offer no
standard may be disciplined by law or by the professional assurance whatsoever.
organization. The penalties range from a reprimand to
expulsion or fine. Assurance Engagements Defined
Assurance engagement means an engagement in which a
International Ethics Standards Board of Accountants (IESBA) practitioner expresses a conclusion designed to enhance the
has no authority to require disciplinary action for violation degree of confidence of the intended users (other than the
of the Code of Ethics. responsible party) about the outcome of the evaluation or
measurement of a subject matter against criteria
five elements that all assurance engagements exhibit
1. a three party relationship involving a practitioner; a
responsible party; and the intended users,
2. appropriate subject matter,
PE1
3. suitable criteria, 3. national standards

4. Sufficient appropriate evidence 4. Global Reporting Initiative
5. an written assurance report. 5. PCAOB internal control report criteria
6. Applicable law, regulation or contract
Three Party Relationship 7. An agreed level of performance
The practitioner (e.g., auditor, accountant, expert) gathers 8. Internal control framework
evidence to provide a conclusion to the intended users
about whether a subject matter (e.g., financial statements) Characteristics of Suitable Criteria
conforms, in all material respects, with identified criteria. 1. Relevance
2. Completeness
The responsible party (usually management or the board of 3. Reliability
directors) is one who is responsible for the subject matter 4. Neutrality
or subject matter information (assertion). 5. Understandability
The intended users are the person or persons for whom the Sufficient Appropriate Audit Evidence
practitioner prepares the assurance report. Sufficiency is the measure of the quantity of evidence. The
quantity of evidence needed is affected by the risk of the
Subject Matter subject matter information being materially misstated (the
The assurance engagement evaluates whether the subject greater the risk, the more evidence is likely to be required)
matter conforms to suitable criteria that will meet the and also by the quality of such evidence (the higher the
needs of an intended user. A subject matter of an quality, the less may be required). Appropriateness is the
assurance is the topic about which the assurance is measure of the quality of evidence; that is, its relevance and
conducted its reliability.
Subject matter information Assurance Report
The outcome of the evaluation or measurement of a subject The practitioner provides a written report containing a
matter. It is the subject matter information about which the conclusion that conveys the assurance obtained about the
practitioner gathers sufficient appropriate evidence to subject matter information. ISAs, ISREs and ISAEs establish
provide a reasonable basis for expressing a conclusion in an basic elements for assurance reports.
assurance report
Reasonable and Limited Assurance Engagements
The subject matter, and subject matter information, of an “Reasonable assurance engagement” and “limited
assurance engagement can take many forms, such as: assurance engagement” distinguish between the two types
1. Financial performance or conditions (for example, of assurance engagement
historical or prospective financial position, financial
performance and cash flows) for which the subject The objective of a reasonable assurance engagement is a
matter information may be the recognition, reduction in assurance engagement risk to an acceptably
measurement, presentation and disclosure low level as the basis for a positive form of expression of
represented in financial statements. the practitioner’s conclusion. E.g, “presents fairly in all
material respects”
2. Non-financial performance or conditions (for
example, performance of an entity) for which the The objective of a limited assurance engagement is a
subject matter information may be key indicators of reduction in assurance engagement risk to a level that is
efficiency and effectiveness acceptable in the circumstances but greater than a
reasonable assurance engagement as the basis for a
3. Physical characteristics (for example, capacity of a negative form of expression of the practitioner’s conclusion.
facility) for which the subject matter information E.g., “nothing has come to our attention that causes us to
may be a specifications document. believe that financial statements do not conform, in all
material respects, with IFRS”.
4. Systems and processes (for example, an entity’s
internal control or IT system) for which the subject Assurance Report Standard Elements
matter information may be a statement of The standard elements of the report include the title,
effectiveness. addressee, the identification of the subject matter
information , identification of the criteria, identification of
5. Behavior (for example, corporate governance, the responsible party and their responsibilities, the
compliance with regulation, human resource practitioner’s responsibilities, a statement that the
practices) for which the subject matter information engagement was performed in accordance with ISAEs,
may be a statement of compliance or a statement summary of the work performed, practitioner’s conclusion,
of effectiveness. assurance report date, practitioner’s name and specific
location, and, if appropriate, a description of any significant
Suitable Criteria inherent limitations, or a statement restricting the use to
Suitable criteria are the benchmarks (standards, objectives certain intended users .
or set of rules) used to evaluate the subject matter of an
assurance engagement.
1. International Financial Reporting Standards
2. U.S. Generally Accepted Accounting Principles Basic Elements on the assurance report
PE1
1. A title that clearly indicates the report is an previous connection with the audit, to understand the
independent assurance report. significant professional judgments made in reaching
2. An addressee identifies the party or parties to conclusions on significant matters arising during the audit.
whom the assurance report is directed.
3. A statement to identify the responsible party and to Professional Skepticism
describe the responsible party’s and the The ISAs require that the auditor’s professional actions
practitioner’s responsibilities. including planning and performing an assurance
4. the assurance report refer specifically to being engagement must be carried out with an attitude of
performed in accordance with that specific ISAEs. professional skepticism recognizing that circumstances may
5. The name of the firm or the practitioner, and a exist that cause the subject matter information to be
specific location materially misstated.
Assurance Report Basic Elements Professional skepticism is an attitude that includes a
1. A title questioning mind, being alert to conditions which may
2. An addressee: indicate possible misstatement due to error or fraud, and a
3. A description of the subject matter. critical assessment of audit evidence.
4. A statement restricting the use of the assurance
report International Standard on Quality Control 1 (ISQC 1)
5. identification the responsible party ISQC 1 applies to all firms of professional accountants in
6. Statement - performed in accordance with ISAEs. respect to audits and reviews, other assurance, and related
7. A summary of the work performed services engagements.
8. Identification of the criteria
9. The practitioner’s conclusion ISQC 1 gives the requirements designed to enable the firm
10. The assurance report date. to meet the objective of quality control. In addition, it
11. The name and location of the firm or the contains related guidance in the form of application and
practitioner other explanatory material.
Qualified Conclusions, Adverse Conclusions and ISA 220 deals with quality control procedures for audits of
Disclaimers of Conclusion financial statements.
The practitioner should not express unqualified conclusion
when the following circumstances exist and, the effect of The audit firm must establish, maintain, document and
the matter is or may be material: communicate to their personnel a system of quality
 There is a limitation on the scope of the control that includes policies and procedures that address
practitioner’s work preventing gathering sufficient each of the following elements:
appropriate audit evidence 1. Leadership responsibilities for quality within the
 In those cases where the responsible party’s firm.
assertion is not fairly stated and the subject matter 2. Relevant ethical requirements.
information is materially misstated 3. Acceptance and continuance of client relationships
and specific engagements.
Professional Judgment 4. Human resources.
The nature of the International Standards requires the 5. Engagement performance.
professional accountant to exercise professional judgment 6. Monitoring.
in applying them. Professional judgment is the application
of relevant training, knowledge and experience, within the CHAPTER 5
context provided by auditing, accounting and ethical Client Acceptance
standards, in making informed decisions about the courses
of action that are appropriate in the circumstances of the
audit engagement.
Client Acceptance Phase Objectives
Professional Judgment required for 1. Examination of the proposed client to determine if
The critical elements of auditing including criteria, there is any reason to reject the engagement
independence of mind, sufficient appropriate audit (acceptance OF the client) and convincing the client
evidence, determining and communicating significant to hire the auditor (acceptance BY the client) .
deficiencies in internal control, and determination of 2. Decide on acquiring a new client or continuation of
whether an audit objective has been achieved requires the relationship with and existing client
professional judgment. 3. Determine the type and amount of staff
The assessment of risks is a matter of professional Client Acceptance Procedures
judgment, rather than a matter capable of precise 1. Evaluate the clients background and reasons for the
measurement.Professional judgment is required in audit.
determination of the level of supervision of the engagement 2. Determine whether the auditor is able to meet the
team. ethical requirements regarding the client
3. Determine need for other professionals.
Documenting Professional Judgment 4. Communicate with predecessor auditor.
The auditor is required to prepare audit documentation 5. Prepare client proposal.
sufficient to enable an experienced auditor, having no 6. Select staff to perform the audit.
PE1
7. Obtain an engagement letter. Review existing partner and staff competencies:

1. knowledge of relevant industries or subject matters;
Knowledge of a Client’s Business Helps Auditors 2. experience with relevant regulatory or reporting
to evaluate the engagement risks associated with accepting requirements,
the specific engagement and to help the auditor in 3. ability to complete the engagement within the
determining whether all professional and ethical reporting deadline;
requirements (including independence, competence, etc.)
regarding this client can be met. Group Engagement Partner, Specialist, Component Auditor
An outside specialist such as IT, environmental or tax
preliminary examination of clients specialist, may be needed to properly audit the client.
New and existing clients
1. visiting their premises, ISA 600 applies when an auditor, acting as a group
2. reviewing annual reports, engagement partner, decides to use the work of a
3. having discussions with client's management and component auditor in the audit of group financial
staff statements.
4. accessing public news and public information
databases, usually via the Internet. Component auditor – An auditor who, at the request of the
group engagement team, performs work on financial
For an existing one, prior years' working papers should be information related to a component for the group audit.
reviewed. For a new client, consult prior auditors and The group audit partner is solely responsible for the
increase preliminary information search. direction, supervision and performance of the group audit
engagement and whether the auditor’s report that is issued
Evaluate governance, internal controls and possible risks is appropriate in the circumstances. (Some countries (US)
with client's management and staff including allow divided responsibility, other’s don’t.(UK, Australia,
1. Changes in management, organizational structure, Japan))
and activities of the client.
2. Current government regulations Auditor’s Expert
3. Current business developments ISA 620 defines an Auditor’s expert as an individual or
4. Current or impending financial difficulties or organization possessing expertise in a field other than
accounting problems. accounting or auditing, whose work in that field is used by
5. Susceptibility of the entity’s financial statements to the auditor to assist the auditor in obtaining sufficient
material misstatement due to error or fraud.(ISA appropriate audit evidence.
240 & ISA 315)
6. Existence of related parties. (ISA 550) When using an expert’s work the auditor MUST :
7. New or closed premises and plant facilities. Determine expert’s
8. Recent or impending changes in technology, types 1. Competence (professional certifications)
of products or services and production or 2. Capabilities
distribution methods. 3. Objectivity
9. Changes in the accounting system and the system of
internal control. The auditor shall agree, in writing when appropriate, with
the auditor’s expert:
New Client Review 1. The nature, scope and objectives of that expert’s
 publicly available information, work
 past company financial statements, 2. The respective roles and responsibilities of the
 reports to stockholders, auditor and that expert
 government financial reports (e.g., U.S. SEC 10K 3. The nature, timing and extent of communication
report) 4. The need for the auditor’s expert to observe
 company premises via tour confidentiality
 previous auditor relationship
Reference to the Auditor’s Expert in the Auditor’s Report
Ability to Meet Audit Team Ethics and Competence The auditor shall not refer to the work of an auditor’s
 Independence of auditor (personal investments, expert in an auditor’s report containing an unmodified
client business relationships, non-audit services, (unqualified) opinion unless required by law or regulation to
unpaid fees) do so.
 Litigation
 Technical training and proficiency required in the If the auditor makes reference to the work of an auditor’s
circumstances expert in the auditor’s report because such reference is
relevant to an understanding of a modification to the
 Partner rotation (SOx 5yrs, EU 7yrs) auditor’s opinion, the auditor shall indicate in the auditor’s
report that such reference does not reduce the auditor’s
Specific Competencies responsibility for that opinion.
On the basis of the specific circumstances of the client and
its industry, the auditor should determine if the necessary Prior Auditor- First Time Engagements
expertise regarding the industry, specific GAAP issues, or IESBA Code of Ethics recommends that the new auditor
certain non-audit skills are available to the audit team. communicate directly with the previous auditor.
PE1
The proposed accountant should request permission from Generally the Engagement Letter Should Also Include
the client to communicate with existing accountant. 1. Access to all information of which management is
aware that is relevant to the preparation of the
When the prior accountant receives the communication, he financial statements such as records,
should ordinarily reply advising of any reasons why the documentation and other matters;
proposed accountant should not accept the appointment.
2. Additional information that the auditor may request
First time engagements require evidence that opening from management for the purpose of the audit;
balances are not misstated, prior balances are correctly
brought forward, and proper accounting applied. (ISA 510) 3. Unrestricted access to persons within the entity
from whom the auditor determines it necessary to
Continuing Client Audit Proposal obtain audit evidence.
 A review on how the auditing firm can add value
 Plans for further improvement in value added CHAPTER 6
 A description of the audit team Main Audit oncepts and Planning the Audit
 Fee proposal (ISA 300,315,320)
New Client Audit Proposal
1. An executive summary
2. Client’s business and audit expectations
3. Strengths of the audit firm Planning Defined
4. Audit team International Standards on Auditing (ISA) 300, ' 'Planning an
5. Audit approach Audit of Financial Statements', states, “the objective of the
6. Client’s internal auditors auditor is to plan the audit so that it will be performed in an
7. Transition needs effective manner… The auditor shall establish an overall
8. Other services of the audit firm audit strategy that sets the scope, timing and direction of
9. After service monitoring the audit, and that guides the development of the audit
10. Fee details plan”
11. Appendix
Planning - Phase II of the Audit Process Model- OBJECTIVE
professional fees should be a fair reflection of The objective of planning is to determine the amount and
1. the skill and knowledge required for the type of type of evidence and review required to give the auditor
professional services involved assurance that there is no material misstatement of the
2. the level of training and experience of the persons financial statements.
performing the services
3. the time necessarily to perform services; Planning - Phase II of the Audit Process PROCEDURES
4. the degree of responsibility that performing those 1 Perform audit procedures to understand the entity and its
services entails. environment, including the entity’s internal control.
5. No contingency fees 2 Assess the risks of material misstatements of the financial
statements.
Commissions and Referral Fees 3 Determine materiality.
If proper safeguards are in place An auditor may receive a 4 Prepare the planning memorandum and audit program
referral fee or commission. For example, when she does containing the auditor’s response to the identified risks.
not provide the specific service required, a fee may be
received for referring a client to another accountant or ISAs on Audit Risk
other expert. 1. ISA 315 Identifying and Assessing the Risks of
Material Misstatement through Understanding the
A auditor may also pay a referral fee to obtain a client for Entity and Its Environment
example, where the client requires specialist services not 2. ISA 330 The Auditor’s Responses to Assessed Risks
offered by the existing auditor. 3. ISA 500 Audit Evidence
The agreed terms of the audit engagement shall be Procedures to Obtain a Risk Understanding (ISA 315)
recorded in an audit engagement letter or other suitable 1. Inquiries of management
form of written agreement and shall include: 2. Analytical procedures
1. The objective and scope of the audit; 3. Observation and inspection
2. The responsibilities of the auditor;
3. The responsibilities of management; Inquires of management and personnel
4. Identification of the applicable financial reporting Objectives? (profit, investment, product) Expectations?
framework; and (customers, suppliers, product, shareholders, banks,
5. Reference to the expected form and content of any government) Reports? (SEC, public, government) Business
reports to be issued by the auditor and a statement operations? (market, locations); Investments
that there may be circumstances in which a report
may differ from its expected form and content Observation and Inspection
Observe core activities, read management reports, internal
control manuals, View facilities (inventory, fixed assets,
PE1
cleanliness, employee work habits, internal control, 2. Understand the risks that threaten the client’s
segregation of duties) business objectives.
Audit Team Discussion 3. Understand the key processes and related
The auditor must document the discussion among the competencies to realize strategic advantage.
engagement team and the significant decisions reached. ISA 4. Measure and benchmark process performance.
315 requires that the engagement partner and other key 5. Document the understanding of the client’s ability
engagement team members discuss the susceptibility of the to create value and generate future cash flows
entity’s financial statements to material misstatement. using a client business model, process analysis, key
Understanding of the Entity performance indicators, and a business risk profile.
Industry, regulation, financial reporting framework 6. Use the comprehensive business knowledge
Nature of the entity including: decision frame to develop expectations about key
1. Business operations, assertions embodied in the overall financial
2. Types of investments statements.
3. Capital Structure and Financing 7. Compare reported financial results to expectations
4. Ownership and governance structures and design additional audit test work to address any
Accounting Policies gaps between expectations.
Objectives and strategies
Measurement and review of financial performance. Measurement And Review Of The Entity’s Financial
Performance
Business Operations Review internally-generated information used by
Information acquired about business operations may management for analyzing financial performance
include: 1. Key performance indicators and key ratios, trends
1. nature of revenue sources and operating statistics.
2. products and services 2. Employee performance measures and incentive
3. market compensation policies
4. location of company facilities 3. Use of forecasts, budgets variance analysis,
5. employment segment information and divisional, departmental
6. key suppliers and customers or other level performance reports
4. Comparisons of performance with that of
Investments competitors
Important transactions for which information should be 5. Period-on-period financial performance
gathered include:
1. acquisitions, mergers and disposals of business Analytical Procedures
divisions The auditor ordinarily applies analytical procedures at the
2. use of derivative financial instruments planning stage to assist in understanding the business and
3. type of major investments by the company in identifying areas of potential risk. Analytical procedures
4. capital investment activities in planning the audit use information that is both financial
5. investment in non-consolidated entities such as and non-financial (e.g. the relationship between sales and
joint ventures, special purpose entities and square footage of selling space or volume of goods sold).
partnerships.
Based on the Evidence, Assess Risk
financial accounting policies To assess the misstatement risks, the auditor performs four
1. Company accounting policies tasks.
2. Judgmental accounting valuations 1. Identify risks by developing an understanding of the
3. Presentation and disclosure company environment, including relevant controls
4. Fair value accounting that relate to the risks, key transactions, fairness of
5. Accounting for unusual or complex transactions account balances and key financial statement
disclosures.
Investigate Company’s Legal Position 2. Relate the identified risks to what could make
1. corporate charter and bylaws, management’s assertions about completeness,
2. minutes of the board of directors and stockholders existence, valuation, occurrence, and measurement
meetings, of transactions or assertions about rights,
3. contracts. obligations, presentation and disclosure go wrong.
3. Determine whether the risks are of a magnitude
The Entity’s Objectives, Strategies and Related Business that could result in a material misstatement of the
Risks financial statements.
The auditor will also consider the entity’s objectives and 4. Consider the likelihood that the risks will result in a
strategies, and the related business risks that may affect the material misstatement of the financial statements.
financial statements. Significant conditions, events,
circumstances or actions that could adversely affect the Business Risk
entity’s ability to achieve its objectives and execute its Business risks result from significant conditions, events,
strategies create business risks. circumstances or actions that could adversely affect the
entity’s ability to achieve its objectives and execute its
Auditors may use a strategy-oriented framework, which strategies.
involves the following steps: 1. Operations in regions that are economically
1. Understand the client’s strategic advantage. unstable.
PE1
2. Operations exposed to volatile markets. 5. Whether the risk involves significant transactions
3. High degree of complex regulation. with related parties.
4. Going concern and liquidity issues including loss of 6. The degree of subjectivity in the measurement of
significant customers. financial information related to the risk.
5. Constraints on the availability of capital and credit.
6. Changes in the industry in which the entity Relationship between Inherent, Control and Detection RIsk
operates.
Audit Risk
Audit risk is the risk that the auditor expresses an
inappropriate audit opinion when the financial statements
are materially misstated. It includes:
1. Risks of material misstatement
2. Inherent risk
3. Control risk
4. Detection risk
.
Risk of Material Misstatement - Inherent risk
Inherent risk is the susceptibility of an assertion about a
class of transaction, account balance or disclosure to
misstatements that could be material, before consideration
of any related controls.
Risk of Material Misstatement - Control risk
The risk that a misstatement that could occur in an
assertion about a class of transaction, account balance or
disclosure and that could be material, will not be prevented,
or detected and corrected, on a timely basis by the entity’s
internal control.
Materiality
Detection risk Judgments about materiality are made in light of
The risk that an auditor’s substantive procedures will not surrounding circumstances, and are affected by the size or
detect a misstatement that exists and that could be nature of a misstatement, or a combination of both.
material. Judgments about matters that are material to users of the
Audit Risk F (IR, CR, DR) financial statements are based on a consideration of the
common financial information needs of users as a group.
Interrelationship of the components of Audit Risk The possible effect of misstatements on specific individual
users, whose needs may vary widely, is not considered.
Materiality Size, Nature, Circumstances
1. Size of the Item. The most common application of
materiality has to do with the size of the item
considered.
2. Nature of the Item. The nature of an item is a
qualitative characteristic.
3. Circumstances The materiality of an error depends
upon the circumstances of its occurrence.
Low Materiality Level
Significant Risk There are additional costs for an auditor to audit with a
Significant risks generally relate to judgmental matters and lower materiality.
significant non-routine transactions. Risks of material  The lower the materiality, the more costly is the
misstatement may be greater for significant judgmental audit.
matters requiring accounting estimates or revenue  If any error of whatever small size needs to be
recognition and for assumptions about the effects of future
events (e.g. fair value) than for ordinary transactions. found in the audit, the auditor would spend
significantly more time than when a certain level of
In determining what a significant risk is the auditor imprecision (higher materiality level) is considered
considers a number of matters, including the following: acceptable.
1. Whether the risk is a risk of fraud. The audit standards define fraud as “an intentional act by
2. The likelihood of the occurrence of the risk.
3. Whether the risk is related to recent significant one or more individuals among management, those charged
economic, accounting, or other developments and, with governance, employees, or third parties, involving the
therefore, requires specific attention. use of deception to obtain an unjust or illegal advantage.”
4. The complexity of transactions that may give rise to The risk of not detecting fraud is higher than the risk of not
the risk. detecting error because fraud may involve sophisticated
PE1
and carefully organized schemes designed to conceal it Management’s process for identifying and responding to
(such as forgery, deliberate failure to record transactions). the risks of fraud, including any specific risks of fraud that
Collusion may cause the auditor to believe that audit has been brought to management’s attention, and classes
evidence is persuasive when it is, in fact, false. Because of transactions, account balances, or disclosures for which a
management is frequently in a position to manipulate risk of fraud is likely to exist.
accounting records or override controls, the risk of the
auditor not detecting management fraud is greater than for the auditor must design and perform audit procedures to:
employee fraud. 1. Test the appropriateness of journal entries
recorded in the general ledger and other
Two types of intentional misstatements adjustments made in the preparation of the
1. Fraudulent financial reporting involves intentional financial statements; review journal entries or any
misstatements including omissions of amounts or adjustments made at the end of a reporting period;
disclosures in financial statements to deceive and test journal entries throughout the audit
financial statement users. period.
2. Misappropriation of assets involves the theft of an 2. Review accounting estimates for biases and
entity’s assets and is often perpetrated by evaluate whether they represent a risk of material
employees in relatively small and immaterial misstatement due to fraud.
amounts. 3. For significant transactions that are outside the
normal course of business for the entity
Necessary for fraud to occur:
Perceived Pressure Reporting the Fraud
A situation where someone believes that they have a need The auditor will report to those charged with governance
to commit a fraud any identified or suspected fraud involving management,
employees who have significant roles in internal control, or
Perceived Opportunity others. If the auditor has identified or suspects a fraud, she
A situation where someone believes they have a favorable must determine whether there is a responsibility to report it
or promising combination of circumstances to commit an to third parties outside the entity (such as government
undetectable fraud regulators). the auditor’s legal responsibilities may override
the duty of confidentiality in some circumstances
Rationalization
To devise a self-satisfying but incorrect reasons for one’s Auditor’s Expert
behavior An auditor’s expert is an individual or organization
possessing expertise in a field other than accounting or
Fraud Triangle - Three Elements Are Common to Every auditing, whose work in that field is used by the auditor to
Fraud assist the auditor in obtaining sufficient appropriate audit
evidence.
When using an expert’s work the auditor MUST :
Determine expert’s
1. Competence (professional certifications)
2. Capabilities
3. Objectivity
The auditor shall agree, in writing when appropriate, with
the auditor’s expert:
1. The nature, scope and objectives of that expert’s
work
2. The respective roles and responsibilities of the
auditor and that expert
3. The nature, timing and extent of communication
Discussion with Engagement Team and Risk Assessment 4. The need for the auditor’s expert to observe
Procedures confidentiality
ISA 315 requires a discussion among the engagement team
members which places particular emphasis on how and Using the Work of the Auditee’s Internal Auditors
where the entity’s financial statements may be susceptible The internal audit function is an appraisal activity
to material misstatement due to fraud, including how fraud established or provided as a service to the entity. Its
might occur, setting aside beliefs that the that management functions include, amongst other things, examining,
and those charged with governance are honest and have evaluating and monitoring the adequacy and effectiveness
integrity. of internal control.
Risk assessment procedures that may indicate fraud Internal auditors are those individuals who perform the
include inquiries of management regarding: activities of the internal audit function.
Management’s assessment of the risk that the financial
statements may be materially misstated due to fraud, If Internal Auditor’s Work is Used in the Audit
including the nature, extent and frequency of such If the external auditor uses specific work of the internal
assessments auditors, the external auditor must include in the audit
PE1
documentation the conclusions reached regarding the 8. Level of reliance on the client’s CIS systems
evaluation of the adequacy of the work of the internal 9. Quality of the accounting and internal control
auditors and the audit procedures performed by the systems
external auditor on that work. 10. Audit approach
11. Timing and scheduling of audit work
Auditee Use of a Service Organization 12. Audit budget
A service organization is a third-party organization (or
segment of a third-party organization) that provides The Audit Plan (Program)
services to user entities that are part of those entities’ The audit plan includes the details of the planned audit
information systems relevant to financial reporting. procedures for material classes of transactions, account
balances, and disclosures.
the auditor must obtain that understanding of the controls
of the service organization from one or more of the As the auditor performs audit procedures outlined in the
following procedures: audit plan, the audit plan is updated and changed to reflect
1. obtaining a type 1 or type 2 report the further audit procedures considered necessary given
2. contacting the service organization the circumstances.
3. visiting the service organization and performing
procedures CHAPTER 7
4. or using another auditor to perform procedures
that will provide the necessary controls information Internal Control and Control Risk
at the service organization
Type 1 and 2 Internal Control Reports
The Type 1 report is a report on the description and design
of controls at a service organization encompassing:
(a) a description by management of the service
organization, service organization’s system, control COSO says Internal Control is A process, effected by an
objectives and related controls entity’s board of directors, management and other
(b) a report by the service auditor conveying her opinion of personnel, designed to provide reasonable assurance
the service organization’s system. regarding the achievement of objectives in the following
categories: effectiveness and efficiency of operations,
The Type 2 report, called “report on the description, design, reliability of financial reporting, compliance with applicable
and operating effectiveness of controls at a service laws and regulations and safeguarding of assets against
organization” encompasses: unauthorized acquisition, use or disposition
(a) management’s description of the service organization,
service organization’s system, control objectives and related International Federation of Accountants Internal Control
controls, and, in some cases, their operating effectiveness Definition
throughout a specified period; Internal control— The process designed, implemented and
(b) a report by the service auditor conveying her opinion on maintained by those charged with governance,
the description of the service organization’s system, control management and other personnel to provide reasonable
objectives and related controls, the suitability of the design assurance about the achievement of an entity’s objectives
of the controls to achieve the specified control objectives, with regard to reliability of financial reporting, effectiveness
and the operating effectiveness of the controls; and efficiency of operations, and compliance with
(c) a description of the service auditor’s tests of the controls applicable laws and regulations.
and the results thereof.
Internal control is geared to the achievement of objectives
Discussions with Those Charged with Governance in one or more separate overlapping categories:
The auditor may seek the views of those charged with 1 effective operations — relating to effective and efficient
governance about the appropriate person(s) in the entity’s use of the entity's resources
governance structure with whom to communicate, the 2 financial reporting — relating to preparation of reliable
allocation of responsibilities between those charged with published financial statements
governance and management, the entity’s objectives and 3 compliance — relating to the entity's compliance with
strategies, and the related business risks that may result in applicable laws and regulations
material misstatements, significant communications with 4 safeguarding of assets
regulators and matters they believe warrant particular
attention during the audit. Which of the three categories of management control
objectives is the most important to:
Typically, an audit planning memorandum would contain The External Auditors?
the following sections: Management?
1. Background information Government Auditors?
2. Objectives of the audit Internal Auditors?
3. Assessment of engagement risk The shareholders?
4. Other auditors or experts Employees?
5. Materiality
6. Inherent risks US Securities Exchange Commission rules require that
7. Conclusions regarding the control environment management must base its evaluation of the effectiveness
of the company's internal control over financial reporting on
PE1
a suitable, recognized control framework established by a IT Risks

body or group that followed due-process procedures, 1. Reliance on systems or programs that are
including the broad distribution of the framework for public inaccurately processing data, processing inaccurate
comment. Two frameworks: data, or both.
1. The report of the Committee of Sponsoring 2. Unauthorized access to data that may result in
Organizations of the Treadway Commission (known destruction of data or improper changes to data
as the COSO report) 3. The possibility of IT personnel gaining access
2. The Financial Reporting Council, Internal Control privileges beyond those necessary to perform their
Revised Guidance for Directors on the Combined assigned duties thereby breaking down segregation
Code, October 2005 (known as the Turnbull Report). of duties.
4. Unauthorized changes to data in master files.
Management Control Objectives 5. Unauthorized changes to systems or programs.
1. Effective Operations goal safeguarding of assets 6. Failure to make necessary changes to systems or
(cash, accounts receivable, accounting records) programs.
7. Input by people or systems without authorized
2. Financial Reporting Need for accurate information access.
because management has a responsibility to see 8. Potential loss of data or inability to access data as
that statements are prepared fairly in accordance required
with accounting standards. Auditor is interested
primarily in financial reporting controls (especially Components of COSO Internal Control are
controls over transactions). 1. Control Environment,
2. Risk Assessment,
3. Compliance Companies must comply with many 3. Control Activities / Control Procedures,
laws and regulations including company law, tax law 4. Information and Communication and
and environmental protection regulations. 5. Monitoring.
Auditor’s Primary Control Consideration and Emphasis
To understand an entity’s internal control, the auditor will
evaluate the design and implementation of a control. The
auditor's primary consideration is whether, and how, a
specific control prevents, or detects and corrects, material
misstatements in classes of transactions, account balances
or disclosures. The heaviest emphasis by auditors is on
controls over classes of transactions rather than account
balances or disclosures.
Design and Implementation of Controls
To understand the entity’s internal control the auditor will
evaluate the design of a control and judge whether it has
been implemented. He determines if the control is
designed to prevent, detect, or correct transactions that
misstate the account balances. Implementation of a control
means that the control exists and that the entity is using it.
Information Technology Controls - General
General IT controls are policies and procedures that relate
to many applications and support the effective functioning
of application controls by helping to ensure the continued
proper operation of information systems
For example:
controls over data center and network operations; system Control Environment
software acquisition, change and maintenance; access Control environment—Includes the governance and
security; back-up and recovery; and application system management functions and the attitudes, awareness and
acquisition, development, and maintenance. actions of those charged with governance and management
concerning the entity’s internal control and its importance
IT Controls – Application controls in the entity.
Application controls are controls that apply to applications
that initiate, record, process, and report transactions (such
as MS Office, SAP, QuickBooks), rather than the computer Cumulative Effect of Controls
system in general. When analyzing the control environment, the auditor must
think about the collective effect of various control
Examples are chart of accounts, edit checks of input data, environment elements. Strengths in one of the elements
numerical sequence checks, and manual follow-up of might mitigate weaknesses in another element.
exception reports.
PE1
For example, an active and independent board of directors Management assesses risks as part of designing and
may influence the philosophy and operating style of senior operating the internal control system to minimize errors
management. Alternatively, human resource policies and irregularities. Auditors assess risks to decide the
directed toward hiring competent accounting personnel evidence needed in the audit. If management effectively
might not mitigate a strong bias by top management to assesses and responds to risks, the auditor will typically
overstate earnings. need to accumulate less audit evidence than when
management fails to, because control risk is lower.
Elements Contributing to a Successful Control Environment
1. Communication and enforcement of integrity and Identify Risks
ethical values; A technique to identify risks involves identifying and
2. Commitment to competence; prioritizing high risk activities:
3. Participation by those charged with governance - 1. identify the essential resources of the business and
independence and integrity of the board of determine which are most at risk;
directors; 2. identify possible liabilities which may arise;
4. Management's philosophy and operating style - 3. review the risks that have arisen in the past;
leadership via control by example; 4. consider any additional risks imposed by new
5. Organizational structure; objectives or new external factors; and
6. Assignment of authority and responsibility; and 5. seek to anticipate change by considering problems
7. Human resource policies and practices. and opportunities on a continuing basis.
Integrity and Ethical Values and Commitment to Information Systems, Communication, and Related
Competence Business Processes
The integrity and ethical values of the people who create, Every enterprise must capture pertinent information related
administer, and monitor controls determines their to both internal and external events and activities in both
effectiveness. Management might remove incentives and financial and non-financial forms. The information must be
temptations that prompt personnel to engage in fraudulent identified by management as relevant and then
or unethical behavior. A company’s control environment communicated to people who need it in a form and time
will be more effective if its culture is one in which quality frame that allows them to do their jobs.
and competence are openly valued.
Communication
Participation of Those Charged with Governance Not just a matter of reporting, communication occurs in a
The guidance and oversight responsibilities of an active and broader sense, flowing down, across, and up the
involved board of directors who possess an appropriate organization. All personnel must receive a clear message
degree of management, technical, and other expertise is from top management that control responsibilities must be
critical to effective internal control. Because the board must taken seriously.
be prepared to question and scrutinize management’s
activities, present alternative views and have the courage to Employees must understand their own role in the internal
act in the face of obvious wrongdoing, it is necessary that control system, as well as how individual activities relate to
the board contain at least a critical mass of independent the work of others, and how to report significant
(non-executive) directors information to senior management.
Management’s Philosophy and Operating Style and Contents of an Information System
Organizational Structure Accounting system
Management’s philosophy and operating style is their 1. Production system
attitude about, and approach to, financial reporting, 2. Personnel system
accounting issues, and to taking and managing business risk. 3. Systems software
Management philosophy may create significant risk. 4. Applications for word-processing, presentations,
Important organizational considerations are clarity of lines data bases, etc. and all records and files generated
of authority and responsibility; the level at which policies by these applications
are established; adherence to these policies; adequacy of 5. information about external events, activities and
supervision; and appropriateness of organizational structure conditions
for the entity.
Two Elements of Control Procedures
Assignment of authority and responsibility; Human Control procedures may be divided into two elements: a
Resource Policies and Practices policy establishing what should be done and procedures to
Responsibility and delegation of authority should be clearly effect that policy. Examples are:
assigned. How responsibility is distributed is usually spelled 1. A policy is that a securities dealer retail branch
out in formal company policy manuals. With trustworthy manager must monitor (conduct performance
and competent employees, weaknesses in other controls reviews of) customer trades.
can be compensated and reliable financial statements might 2. A procedure to effect that policy world be a review
still result. Honest, efficient people are able to perform at a of daily reports of customer trade activities with
high level even when there are few other controls to attention given to the nature and volume of
support them. securities traded
Risk Assessment Control Activities (Control Procedures)
PE1
Control procedures implement the control policies by Segregation of duties entail three fundamental functions
specific routine tasks, performed at particular times by which must be separated and adequately supervised:
designated people, held accountable by adequate 1. authorization
supervision and evidence of performance. 2. recording
1. Authorization of transactions and activities, General 3. custody
Controls;
2. Performance reviews; Monitoring of Controls
3. Information processing: accuracy, adequate Monitoring is assessing the design of controls and their
documents and records, Application controls; operation on a timely basis and taking necessary corrective
4. Physical control over assets and records; actions. Ongoing monitoring information comes from
5. adequate Segregation of duties. several sources: exception reporting on control activities,
reports by government regulators, feedback from
Authorization employees, complaints from customers, and most
Proper authorization importantly from internal auditor reports.
Appropriate delegation of authority sets limits on what
levels of risk are acceptable Evaluation of Monitoring
When evaluating the ongoing monitoring the following
General Controls issues might be considered:
1. access to the computer system is limited to people 1. Periodic comparisons of amounts recorded with the
who have a right to the information accounting system and with physical assets.
2. back-up and recovery procedures 2. Responsiveness to internal and external auditor
3. User ID and general system access recommendations to strengthen internal controls.
3. Extent to which training seminars, planning sessions
Performance Reviews and other meetings provide information on
Performance reviews are independent checks on effective operation of controls.
performance by a third party not directly involved in the 4. Effectiveness of internal audit activities
activity. These control activities include reviews and 5. Extent to which personnel obtain evidence on
analyses of actual performance versus budgets and actual internal control function
performance; relating different sets of data – operating or
financial – to one another; comparing internal data with Hard and Soft Control
external sources of information; and review of functional or Management designs and sets in place a set of rules,
activity performance. physical constraints and activities called “internal controls”.
Due to the explicit, formal and tangible character of these
Information Processing Adequate Documents controls, these controls are generally referred to as hard
1. Well-designed documents in a manual system and controls.
preformatted input screens in a CIS
2. Assets are properly controlled and all transactions Soft controls are the intangible factors in an organization
correctly recorded that influence the behavior of managers and employees.
3. Document prepared at the time a transaction takes Whereas soft controls are founded in the culture or climate
place of an organization, the hard-controls are more explicit,
4. Document simple enough to be clearly understood, formal and visible.
5. Document designed for multiple use to minimize
the number of different forms Seven factors influence the way people examine their
6. Document constructed in a manner that encourages control activities
correct preparation. 1. Clarity for directors, managers and employees as to
what constitutes desirable and undesirable
Information Processing: Application Controls behavior
1. The chart of accounts 2. Role-modeling among administrators, management
2. Use of serial numbers on documents and input or immediate supervisors
transactions 3. Achievability of goals, tasks and responsibilities set
3. Checks, tickets, sales invoices, purchase orders, 4. Commitment in the organization
stock certificates and many other business papers 5. Transparency of behavior
4. Systems manuals for computer accounting software 6. Openness to discussion of viewpoints, emotions,
should provide sufficient information to make the dilemmas and transgressions
accounting functions clear 7. Enforcement of behavior, such as appreciation
5. Passwords that allow only authorized people desirable behavior, sanctioning of undesirable
admittance to the computer software on line behavior
Physical Controls Design and Implementation of Internal Control
Physical controls are procedures to ensure the physical Evaluating the design of a control involves considering
security of assets. Only individuals who are properly whether the control, individually or in combination with
authorized should be allowed access to the company’s other controls, is capable of effectively preventing, or
assets. Direct physical access to assets may be controlled detecting and correcting, material misstatements.
through physical precautions
Implementation of a control means that the control exists
Segregation of Duties and that the entity is using it. There is little point in
PE1
assessing the implementation of a control that is not Auditing Standard No. 12, Identifying and Assessing Risks of
effective, and so the design of a control is considered first. Material Misstatement, establishes requirements regarding
An improperly designed control may represent a significant performing analytical procedures as a risk assessment
deficiency in internal control. procedure in identifying and assessing risks of material
misstatement.
Methods for Obtaining Controls Audit Evidence
Risk assessment procedures to obtain audit evidence about Auditing Standard No. 14, Evaluating Audit Results,
the design and implementation of relevant controls may establishes requirements regarding performing analytical
include: procedures as part of the overall review stage of the audit.
(1) Inquiring of entity personnel.
(2) Observing and re-performing the application of a specific CAAT
control. CAAT - Computer-assisted audit techniques—Applications
(3) Inspecting documents and reports, of auditing procedures using the computer as an audit tool.
(4) Tracing transactions through the information system
CAATs can be used to select sample transactions from key
electronic files, to sort transactions with specific
CHAPTER 8 characteristics, or to test an entire population.
Analytical Procedures CAATs generally include data manipulation, calculation,
data selection, data analysis, identification of unusual
transactions, regression analysis, and statistical analysis.
Theoretical view of analytical review
The review process consists of four diagnostic processes:
Analytical Procedures 1. mental representation,
Analytical procedures (AP) are evaluations of financial 2. hypothesis generation,
information through analysis of plausible relationships 3. information search,
among both financial and non-financial data. 4. hypothesis evaluation.
AP includes investigation as necessary of fluctuations or
relationships that differ from expected values by a Performing analytical procedures may be thought of as a
significant amount. four-phase process:
1. Phase One – formulate expectations (expectations),
Analytical Procedures 2. Phase Two –compare the expected value to the
A basic premise of using analytical procedures is that there recorded amount (identification),
exist plausible relationships among data and these 3. Phase Three – investigate possible explanations for
relationships can reasonably be expected to continue. a difference between expected and recorded values
(investigation),
General Analytical Procedures 4. Phase Four – evaluate the impact of the differences
1. Trend analysis is the analysis of changes in an between expectation and recorded amounts on the
account balance over time. audit and the financial statements (evaluation).
2. Ratio analysis is the comparison of relationships
between financial statement accounts, the Formulating Expectations
comparison of an account with non-financial data, Expectations are developed by identifying plausible
or the comparison of relationships between firms in relationships that are reasonably expected to exist based on
an industry. the auditor’s understanding of the client and of his industry.
3. Reasonableness testing is the analysis of account These relationships may be determined by comparisons
balances or changes in account balances within an with the following sources:
accounting period in terms of their 1. comparable information for prior periods,
“reasonableness” in light of expected relationships 2. anticipated results (such as budgets and forecasts,
between accounts. or auditor expectations),
4. Statistical analysis is the analysis of data using 3. similar industry information, and
statistical methods 4. non-financial information
5. Data mining is a set of computer-assisted
techniques that use sophisticated statistical designing and performing substantive analytical
analysis, including artificial intelligence techniques, procedures ISA 520
to examine large volumes of data with the objective 1. Determine suitability of a particular analytical
of indicating hidden or unexpected information or procedures for given assertions.
patterns. For these tests auditors generally use 2. Evaluate the reliability of data from which the
computer aided audit software (CAATs). auditor’s expectation of recorded amounts or ratios
is developed.
Required Analytical Procedures 3. Develop an expectation of recorded amounts or
The auditor’s responsibility is to perform analytical ratios that is sufficiently precise to identify a
procedures near the end of the audit that assist the auditor misstatement .
when forming an overall conclusion on the financial 4. Determine the amount of any difference of
statements. recorded amounts from expected values that is
acceptable
PCAOB Audit Standard 12 and 14
PE1
The effectiveness of an analytical procedure is a function

of the nature of the account and other characteristics of
the account.
nature of the account
1. balance based on estimates or accumulations of
transactions
2. the number of transactions represented by the
balance
3. the control environment.
characteristic of the account
1. number of transactions
2. fixed vs. variable
3. level of detail (aggregation)
4. reliability of the data
Comparison of the five methods
Trend Analysis number of independent predictive variables considered
1. It works best when the account or relationship is 1. Trend analysis single, financial predictor
fairly predictable 2. Ratio analysis two or more financial or non-financial
2. The number of years used in the trend analysis is a 3. Reasonableness tests, statistical analysis, data
function of the stability of operations. mining many variables
3. The most precise trend analysis would be on use of external data (reasonableness tests)
disaggregated data (for example, by segment, statistical precision (most precise with statistics and data
product, or location, and monthly or quarterly mining analysis)
rather than on an annual basis).
4. At an aggregate level it is relatively imprecise Going Concern Problem Indications
because a material misstatement is often small Financial Indications
relative to the aggregate account balance. Net liability, borrowings near maturity, adverse ratios,
losses, late payments, change to cash on delivery
Ratio Analysis
 It’s most appropriate when the relationship Operating Indications
between accounts is fairly predictable and stable Management turnover, loss of market or license or supplier,
 It’s more effective than trend analysis because shortages and labor problems
comparisons between the balance sheet and
income statement can often reveal unusual Other indications
fluctuations that an analysis of the individual Non-compliance with statutory requirements, legal
accounts would not. proceedings, changes in legislation
 Like trend analysis, ratio analysis at an aggregate
level is relatively imprecise. Analytical Procedures Are Used Throughout the Audit
 to assist the auditor in planning the nature, timing
There are five types of ratio analysis analytical procedures and extent of audit procedures
1. ratios that compare client and industry data;  as a risk assessment procedure in identifying and
2. ratios that compare client data with similar prior assessing risks of material misstatement.
period data;  as substantive procedures;
3. ratios that compare client data with client-  as an overall review of the financial statements in
determined expected results; the final stage of the audit
4. ratios that compare client data with auditor-
determined expected results; and “The auditor shall design and perform analytical procedures
5. ratios that compare client data with expected near the end of the audit that assist the auditor when
results using non-financial data. forming an overall conclusion as to whether the financial
statements are consistent with the auditor’s understanding
Reasonableness Testing of the entity.” - ISA 520
analysis of account balances or changes in account balances
in light of expected relationships between accounts. Analytical Procedures As Substantive Tests
involves the development of an expectation based on Substantive procedures in the audit are designed to reduce
financial data, non-financial data, or both. detection risk relating to specific financial statement
assertions. Substantive tests include tests of details (either
of balances or of transactions) and analytical procedures.
Auditors use analytical procedures to identify situations that
require increased use of other procedures (i.e. tests of
control, substantive audit procedures), but seldom to
reduce audit effort.
PE1
Substantive Analytical Procedures Advantages and 6. Review inventory quantities and unit costs for
Disadvantages negative or unusually large amounts
Advantages: 7. Isolate all inventory items that have not moved
1. understanding of the client’s business obtained since a specified date
during planning procedures. 8. Review assets for negative net book values
2. enable auditors to focus on a few key factors that
affect the account balance. Structured GAS Approach to Analytical Procedures – 4
3. more efficient in performing understatement tests. Phases
Before analysis may begin, Format the data so that it might
Disadvantages: be read with the software .
1. time consuming to design and require greater
organization Phase One in performing analytical procedures -
2. less effective when applied to the entity as a whole expectations
3. will not necessarily deliver the desired results every 1. Determine appropriate base data and an
year. appropriate level of disaggregation.
4. in periods of instability and rapid change, difficult to 2. Use regression analysis techniques to develop from
develop a sufficiently precise expectation the base data a plausible relationship between the
5. Require corroboration amounts to be tested and one or more independent
sets of data
Corroborate Explanations For Significant Differences 3. Based on this relationship, use GAS software to
Found With Analytical Procedures calculate the expectations based on the current-
The following techniques may be used: period values of the predicting variables.
1. inquiries of persons outside the client’s organization
2. Inquiries of independent persons inside the client’s Phase Two in performing analytical procedures –
organization identification
3. evidence obtained from other auditing procedures Use GAS’s statistical techniques to assist in identifying
4. examination of supporting evidence significant differences for investigation based on the
regression model, audit judgments as to monetary precision
CAATs generally include file interrogation tools (MP), required audit assurance (R factor), and the direction
1. data manipulation, of the test.
2. calculation,
3. data selection, Phase Three in performing analytical procedures -
4. data analysis, investigation
5. identification of exceptions and unusual Investigate and corroborate explanations for significant
transactions (e.g., Benford’s law), differences between the expectations and the recorded
6. regression analysis, amounts
7. statistical analysis.
Phase Four in performing analytical procedures -
GAS evaluation
Generalized audit software (GAS) packages contain Evaluate findings and determine the level of assurance, if
numerous computer-assisted audit techniques for both any, to be drawn from the analytical procedures.
doing analytical procedures and statistical sampling bundled
into one piece of software (e.g., ACL, Idea). File Data Mining Techniques
interrogation is a CAAT that allows the auditor to perform Data mining is a set of computer-assisted techniques that
automated audit routines on client computer data. use sophisticated statistical analysis, including artificial
intelligence techniques, to examine large volumes of data
File Interrogation Audit Tasks Using GAS with the objective of indicating hidden or unexpected
1. Convert client data into common format information or patterns.Data mining can be used in all types
2. Analyse data of databases or other information repositories. Data to be
3. Compare data on separate files mined can be numerical data, textual data or even graphics
4. Confirm the accuracy of calculations and make and audio.
computations
5. Sample statistically Data Mining Analytical Procedures
6. Test for gaps or duplicates in a sequence. GAS has been criticized because it cannot complete any
data analysis by itself. Data mining, on the other hand,
Examples Analyzing Data with GAS? analyzes data automatically. Data mining methods include
1. Identify all inventory items relating to products no data description, dependency analysis, classification and
longer sold prediction, cluster analysis, outlier analysis and evolution
2. Select all inventory items with no recorded location analysis The most frequently used algorithms are decision
3. Summarize inventory items by location to facilitate trees, apriori algorithms, and neural networks.
physical observation
4. Review account receivable balances for amounts data description, dependency analysis,and classification
over credit limits or older than a specified period The objective of data description is to provide an overall
5. Summarize accounts receivable by age for description of data, either in itself or in each class or
comparison to the client’s schedules concept. main approaches in obtaining data description –
data characterization and data discrimination. The purpose
PE1
of dependency analysis is to search for the most significant The auditor may respond to an ineffective control
relationship across large number of variables or attributes. environment by:
Classification is the process of finding models, also known as 1. Conducting more audit procedures as of the period
classifiers, or functions that map records into one of several end rather than at an interim date.
discrete prescribed classes. 2. Obtaining more extensive audit evidence from
substantive procedures.
cluster analysis, outlier analysis and evolution analysis 3. Increasing the number of locations to be included in
 The objective of cluster analysis is to separate data the audit scope.
with similar characteristics from the dissimilar ones.
 Outliers are data items that are distinctly dissimilar The auditor must include in the audit documentation the
to others and can be viewed as noises or errors. overall responses to address the assessed risks of material
 Objective of evolution analysis is to determine the misstatement and the nature, timing and extent of the
most significant changes in data sets over time. further audit procedures performed. The auditor should
also document the linkage of those procedures with the
Data mining most frequently uses three algorithms. assessed risks at the assertion level; and the results of the
A decision tree is a predictive model that classifies data with audit procedures, including the conclusions where these are
a hierarchical structure. The apriori algorithm attempts to not otherwise clear.
discover frequent item sets using rules to find associations
between the presence or absence of items. A neural Persuasive Evidence
network is a computer model based on the architecture of The higher the auditor’s assessment of risk, the more
the brain. persuasive audit evidence she needs. When obtaining more
persuasive audit evidence because of a higher assessment
of risk, the auditor may increase the quantity of the
CHAPTER 9 evidence, or obtain evidence that is more relevant or
Auditor’s Response to Assessed Risk reliable.
Evidence
Evidence is anything that can make a person believe that a
fact, proposition, or assertion is true or false. Audit
“The objective of the auditor is to obtain sufficient evidence is information used by the auditor in arriving at
appropriate audit evidence regarding the assessed risks of the conclusions on which the auditor’s opinion is based (ISA
material misstatement, through designing and 500) It includes the accounting records and other
implementing appropriate responses to those risks.” - ISA information underlying the financial statements.
330 Audit evidence is different from the legal evidence.
Audit Procedures Responsive to the Assessed Risks of  In a civil lawsuit, evidence must be strong enough to
Material Misstatement incline a person to believe one side or the other.
The auditor must design and perform further audit  In a criminal case evidence must establish proof of a
procedures whose nature, timing and extent are based on, crime beyond a reasonable doubt.
and are responsive to, the assessed risks.  Audit evidence provides only reasonable assurance
1. The nature of an audit procedure refers to its
purpose (that is, test of controls or substantive ASSERTIONS about classes of transactions and events for
procedure) and its type (that is, inspection, the period under audit
observation, inquiry, confirmation, recalculation, Occurrence Transactions and events that have
reperformance, or analytical procedure). been recorded have occurred and
2. Timing of an audit procedure refers to when it is pertain to the entity.
performed, or the period or date to which the audit
evidence applies.
3. Extent of an audit procedure refers to the quantity Completeness All transactions and events that should
to be performed, for example, a sample size or the have been recorded have been
number of observations of a control activity. recorded.
Overall responses to address the assessed risks of material
misstatement include: Accuracy Amounts and other data relating to
1. Emphasizing to the engagement team the need to recorded transactions and events have
maintain professional skepticism. been recorded appropriately.
2. Assigning more experienced staff or those with
special skills or using experts. Cutoff Transactions and events have been
3. Providing more supervision. recorded in the correct accounting
4. Incorporating additional elements of period
unpredictability in audit procedures.
5. Making general changes to the nature, timing or Classification Transactions and events have been
extent of audit procedures. recorded in the proper accounts
Response to Ineffective Control Environment ASSERTIONS about account balances at the period end
PE1
Existence Assets, liabilities, and equity interests

exist In designing and performing tests of controls, the auditor
Rights and The entity holds or controls the rights to must:
obligations assets and liabilities are the obligations  Perform other audit procedures in combination
of the entity with inquiry to obtain audit evidence about the
operating effectiveness of the controls, including:
Completeness All assets, liabilities and equity interests how the controls were applied at relevant times;
that should have been recorded have the consistency with which they were applied; and
been recorded by whom or by what means they were applied.
 Determine whether the controls to be tested
Valuation and Assets, liabilities and equity interests are depend upon other controls (indirect controls), and,
Allocation included in the financial statements at if so, whether it is necessary to obtain audit
appropriate amounts and any resulting evidence supporting the effective operation of
valuation adjustments are appropriately those indirect controls.
recorded
The auditor may test the operating effectiveness of
controls at the same time as evaluating their design and
implementation.
For example, the auditor’s risk assessment procedures may
have included inquiring about management’s use of
budgets, observing management’s comparison of monthly
budgeted and actual expenses, and inspecting reports about
the variances between budgeted and actual amounts. These
audit procedures provide knowledge about budgeting
ASSERTIONS about presentation and disclosure policies and whether they have been implemented, but may
Occurrence and rights and Disclosed matters have also provide audit evidence about the effectiveness of the
obligations occurred and pertain to the operation of budgeting policies in preventing or detecting
entity. material misstatements in the classification of expenses.
Completeness All disclosures that should Substantive Procedures

have been included in the Defined
financial statements have A Substantive procedure is an audit procedure designed to
been included detect material misstatements at the assertion level.
Classification and financial information is Two types – (1) tests of details of classes of transactions,
understandability(not in appropriately presented and account balances, and disclosures and (2) substantive
text) described, and disclosures are analytical procedures
clearly expressed
Accuracy and valuation Financial and other
information are disclosed
fairly and at appropriate
amounts
Test of Controls
Test of controls are audit procedures designed to evaluate
the operating effectiveness of controls in preventing, or
detecting and correcting, material misstatements at the
assertion level. The greater the reliance the auditor places Nature of Substantive procedures
on the effectiveness of a control, the more persuasive the Tests of details of transactions are audit procedures
audit evidence the auditor must obtain. - ISA 330. related to examining the processing of particular classes of
transactions through the accounting systems.
The auditor must design and perform tests of controls to
obtain sufficient appropriate audit evidence as to the Tests of balances are substantive tests that provide either
operating effectiveness of relevant controls if: reasonable assurance of the validity of a general ledger
 The auditor’s assessment of risks of material balance or identifies a misstatement in the account.
misstatement at the assertion level includes an
expectation that the controls are operating Analytical procedures
effectively (the auditor will rely on the operating
effectiveness of controls in determining substantive
procedures); or
 Substantive procedures alone cannot provide
sufficient appropriate audit evidence at the Tests of Balances
assertion level.
PE1
Tests of Balances are used to examine the actual details 4. persuasiveness of the audit evidence;
making up high turnover accounts such as cash, Accounts 5. understanding of the entity and its environment,
Receivable, Accounts Payable, etc.. including its internal control.
Why is tests of balances so important?
Because the auditor’s ultimate objective is to express an
opinion on financial statements that are made up of
account balances.
Tests of Balances
In tests of balances the auditor is concerned with
overstatement or understatement of the line item in the
financial statement.
 Test makes use of the inherent properties of
double-entry accounting systems.
 From the auditor’s perspective, this means that a
test of one side of the transaction simultaneously
tests the other side of the transactions.
Interim Testing Using Substantive Procedures
In some instances, primarily as a practical matter,
substantive procedures may be performed at an interim
date. Only using interim testing procedures will increase the
risk that misstatements existing at the period end will not
be detected. Performing audit procedures at an interim
date may assist the auditor in identifying and resolving
issues at an early stage of the audit. Relevance of evidence is the logical connection of the
evidence to the audit objective being tested.
Search for Unrecorded Liabilities
To search for unrecorded liabilities, the auditor reviews Reliability is the quality of information when it is free from
disbursements made by the client for a period after the material error and bias and can be depended upon by users
balance sheet date. Due to pressure from vendors, most to represent faithfully that which it either purports to
unrecorded accounts payable are paid within a reasonable represent or could reasonably be expected to represent.
time after the balance sheet date. By reviewing cash
disbursements subsequent to the balance sheet date, the Reliability of audit evidence
auditor has a good idea of the potential population of  Audit evidence obtained directly by the auditor
unrecorded accounts payable. (e.g., observation, re-performance) is more reliable
than audit evidence obtained indirectly or by
Sufficient Appropriate Audit Evidence inference.
The objective of the auditor is to design and perform audit  Audit evidence is more reliable when it exists in
procedures in such a way as to enable the auditor to obtain documentary form, whether paper, electronic, or
sufficient appropriate audit evidence to be able to draw other medium.
reasonable conclusions on which to base the auditor’s  Audit evidence is more reliable when it is obtained
opinion. – ISA 500. Reasonable assurance is obtained when from independent sources outside the entity.
the auditor has obtained sufficient appropriate audit  Audit evidence provided by original documents is
evidence to reduce audit risk to an acceptably low level. – more reliable than audit evidence provided by
ISA 200 photocopies or facsimiles.
 The effectiveness of the client’s internal control
Sufficiency is the measure of the quantity of audit structure has a significant impact on reliability of
evidence evidence.
Appropriateness is the measure of quality of audit evidence,
its reliability, & its relevance in providing support for, or Documentation as Evidence
detecting, misstatements in transactions, balances, An audit performed in accordance with ISAs rarely involves
disclosures and related assertions the authentication of documents, nor is the auditor trained
as or expected to be an expert in such authentication.
The auditor’s judgment as to what constitutes sufficient However, there may be circumstances where the auditor
appropriate audit evidence is influenced by has reason to believe that a document used as evidence
1. the significance of the potential misstatement and may not be authentic. In such a case, the auditor must
the likelihood of having a material effect on the investigate further.
financial statements: the more material the item,
the greater the sufficiency and appropriateness of Persuasive Evidence
evidence; Unlike legal evidence, audit evidence does not have to be
2. the effectiveness of management’s responses and conclusive to be useful. Ordinarily, the auditor finds it
controls to address the risks necessary to rely on audit evidence that is persuasive rather
3. the experience gained during previous audits with than conclusive and will often seek audit evidence from
respect to similar potential misstatements different sources or of a different nature to support the
PE1
same assertion. Not all the information available is management. The court stated he was, “too easily satisfied
examined. Conclusions can be reached about controls, with glib answers to his inquiries.”
transactions, or the account balance by using a sample of
the available information that is analyzed by statistical Observation
sampling or judgment. Observation consists of looking at a process or procedure
being performed by others. For example, the observation
Legal Proof and Evidence by the auditor of the counting of inventories by the entity’s
personnel or by the performance of internal control
Legal standards of proof procedures that leave no audit trail. Observation should be
1. beyond a reasonable doubt supported by other types of evidence.
2. preponderance of evidence
3. clear and convincing evidence count of physical inventory
4. probable cause ISA 501 “When inventory is material to the financial
statements, the auditor should obtain sufficient appropriate
Legal evidence audit evidence regarding its existence and condition by:
proof results direct or circumstantial 1. Attendance at physical inventory counting.
Source 2. Performing audit procedures over the entity’s final
 real tangible and can be presented to a court for inventory records to determine whether they
inspection accurately reflect actual inventory count results.”
 testimonial evidence given by witnesses under oath.
 original documentary evidence Alternative procedures for attending physical inventory
include :
Accounting records generally include the records of initial inspection of documentation of the subsequent sale of
entries and supporting records. specific inventory items acquired or purchased prior to the
Initial entries include: checks and electronic fund transfers; physical inventory counting, may provide sufficient
contracts, invoices; shipping notices, purchase orders, sales appropriate audit evidence about the existence and
orders, the general and subsidiary ledgers, journal entries condition of inventory.
and other adjustments to the financial statements.
Inspection
Supporting records examples are computer files, databases, Inspection involves examining records or documents,
work sheets, spreadsheets, computer and manual logs, whether internal or external, in paper form, electronic form,
computations, reconciliations, and disclosures. or other media, or a physical examination of an asset.
Internal documents and external documents.
CHAPTER 10 1. Internal documents processed under good internal
Audit Evidence (ISA 500-800) controls are more reliable than those processed
under weak controls.
2. External documents may be processed by both
internal and external parties representing
Audit Procedures for Gathering Evidence agreement.
Evidence-gathering techniques are techniques employed by 3. External documents like title to property, insurance
an auditor to obtain evidence. policies and contracts are very reliable evidence.
Evidence-gathering techniques are: Vouching and Tracing

1. Inquiry Vouching is the use of documentation to support recorded
2. Observation transactions or amounts. It is an audit process whereby the
3. Inspection (physical evidence and examination of auditor selects sample items from an account and goes
documents) backward through the accounting system to find the source
4. Recalculation documentation that supports the item selected.
5. Reperformance Tracing is an audit procedure whereby the auditor selects
6. Confirmation sample items from basic source documents and proceeds
7. Analytical procedures. forward through the accounting system to find the final
Inquiry recording of the transactions (e.g., in the ledger).
Inquiry consists of seeking information of knowledgeable Recalculation & Reperformance
persons inside (client) or outside the entity. Largest amount Recalculation consists of checking the mathematical
of audit evidence in an audit is obtained from client inquiry accuracy of documents or records.
cannot be regarded as conclusive because it is not from an
independent source and might be biased . Inquiry alone Reperformance is the auditor’s independent execution of
ordinarily does not provide sufficient audit evidence of the procedures or controls that were originally performed as
absence of a material misstatement at the assertion level, part of the entity’s internal control, either manually or
nor of the operating effectiveness of controls. through the use of CAATs.
Famous court case of Escott et al. vs. Bar Chris Corp. 1968,
wherein the court ruled against the auditor because he did
not seek supporting evidence related to inquiries made with
PE1
Recalculation information provided in the request. Use for large

Examples: number small balances, low control risk, response is
1. Extending sales invoices expected
2. Adding journals and subsidiary records
3. Checking calculations of depreciation audit sampling objective
4. Checking mechanical accuracy of records The objective of the auditor, when using audit sampling, is
and ledgers. to provide a reasonable basis for drawing conclusions about
the population (e.g., invoices, shipping documents, and
Reliability of Procedures other original source material) from which the sample is
A list of the most reliable to the least reliable evidence selected.
gathering techniques are in general:
1 Recalculation Audit sampling
2. Inspection. Audit sampling (sampling) is the application of audit
3 Reperformance. procedures to less than 100% of items within a population
4 Observation. of relevant items such that all sampling units have a chance
5 Confirmation. of selection in order to provide the auditor with a
6 Analytical procedures. reasonable basis on which to draw conclusions about the
7 Inquiry. entire population. Audit sampling can use either a statistical
or a non-statistical approach.
Cost of Procedures
The auditor considers the relationship between the cost of Sampling Risk
obtaining audit evidence and the usefulness of the Sampling risk is the risk that the auditor’s conclusion based
information obtained. The evidence-gathering procedures on a sample may be different from the conclusion if the
in order of cost from most costly to least costly are in entire population were subjected to the same audit
general: procedure.
1 Confirmation. Sampling risk can lead to two types of erroneous
2 Inspection. conclusions:
3 Recalculation  For test of controls, controls are more effective
4. Reperformance than they actually are, or for test of details, that a
5 Observation. material misstatement does not exist when in fact it
6 Analytical procedures. does.
7 Inquiry.  For test of controls, controls are less effective than
they actually are, or with a test of details, material
EXTERNAL CONFIRMATION misstatement exists when in fact it does not.
Defined: An external confirmation represents audit
evidence obtained by the auditor as a direct written Audit of Estimates
response to the auditor from a third party (the confirming Some financial statement items cannot be measured
party), in paper form, or by electronic or other medium. precisely, but can only be estimated. These items are
accounting estimates.
Four Key Characteristics:
1. Information is requested by auditor. An accounting estimate is an approximation of a monetary
2. Request and response is in writing, sent to the amount in the absence of a precise means of measurement.
auditor. This term is used for an amount measured at fair value
3. Response comes from an independent third party. where there is estimation uncertainty, as well as for other
4. Positive confirmation involves a receipt of amounts that require estimation.
information.
Testing Estimates
Confirmation In order to provide a basis for the identification and
1. An auditor may use a confirmation in response to a assessment of the risks of material misstatement for
significant risk accounting estimates, the auditor must obtain an
2. The auditor must ordinarily confirm accounts understanding of how management identifies accounting
receivable. estimates that are needed and how these estimates are
3. Written confirmations received from third parties made.
are highly persuasive, but very costly and an
inconvenience for those who are asked to supply The auditor must gain an understanding of the data on
them. which they are based, including:
1. The method and model used in making the
 Positive confirmation: A request that the confirming accounting estimate;
party respond directly to the auditor indicating 2. Relevant controls;
whether the confirming party agrees or disagrees 3. Whether management has used an expert;
with the information in the request, or providing 4. The assumptions underlying the accounting
the requested information.(Reliable evidence) estimates;
5. Whether there has been, or ought to have been, a
 Negative confirmation: A request that the change from the prior period in the methods for
confirming party respond directly to the auditor making the accounting estimates, and if so, why;
only if the confirming party disagrees with the and
PE1
6. Whether and, if so, how management has assessed  Another entity that is under common control with
the effect of estimation uncertainty. the reporting entity through having: Common
controlling ownership; Owners who are close family
Written Representations and Documentation on Audit of members; or Common key management.
Estimates
The auditor must obtain written representations from Two aspects of related party transactions of which an
management and those charged with governance, saying auditor must be aware are:
that they believe significant assumptions used in making 1. Adequate disclosure of related party transactions.
their accounting estimates are reasonable. 2. The possibility that the existence of related parties
increases the risk of management fraud.
The auditor must include in the audit documentation the
basis for the conclusions about the reasonableness of Related Party risk assessment procedures
accounting estimates and their disclosure that give rise to  Inquire of management and others within the entity
significant risks; and indicators of possible management about the existence of transactions that are both
bias, if any. significant and non-routine
 Where a party appears to actively exert dominant
Evaluation of Misstatements Identified During the Audit influence over the entity, perform procedures
The objective of the auditor is to evaluate the effect of intended to identify the parties to which the
identified misstatements on the audit; and the effect of dominant party is related
uncorrected misstatements on the financial statements.  Review appropriate records or documents for
Uncorrected misstatements are misstatements that the transactions that are both significant and non-
auditor has accumulated during the audit and that have not routine including
been corrected. 1. Bank and legal confirmations obtained by the
auditor; and
Generally if misstatements are found, the auditor asks 2. Minutes of meetings of shareholders and those
management to correct them. charged with governance, and other relevant
 If management corrects the misstatements that statutory records.
were detected, the auditor must still perform
additional audit procedures to determine whether Written Representations by Management
misstatements remain. A written statement by management is provided to the
 If management refuses to correct some or all of the auditor to confirm certain matters or to support other audit
misstatements communicated by the auditor, the evidence.
auditor should take into account management’s
reasons for not making the corrections. The objectives of the auditor are:
1. To obtain written representations from
The auditor must request a written representation from management that they believe that they have
management and those charged with governance whether fulfilled their responsibility for the preparation of
they believe the effects of uncorrected misstatements are the financial statements and for the completeness
immaterial, individually and in aggregate, to the financial of the information provided to the auditor
statements as a whole. 2. To support other audit evidence relevant to the
financial statements
In their workpaper documentation the auditor must
include: Written Representations by Management (Management
1. The amount below which misstatements would be Representations Letter)
regarded as clearly trivial; Is the written communication from the client’s management
2. All misstatements accumulated during the audit and to the auditor formalizing statements that the client has
whether they have been corrected; and made about matters that are pertinent to the audit and
3. The auditor’s conclusion as to whether uncorrected matters that are material to the financial
misstatements are material, individually or in statements.
aggregate and the basis for that conclusion.
Management Representations Letter Contains
Related Parties 1. Management’s responsibility for the fair
Parties are considered to be related if one party has the presentation of the financial statements.
ability to control the other party or exercise significant 2. Availability of all financial records and related data.
influence over the other party in making 3. Information regarding related party
financial and operation decisions. transactions.
4. Plans or intentions that may affect the carrying
ISA Defines Related party value or classification of assets.
 A person or other entity that has control or 5. Disclosure of compensating balances and other
significant influence, directly or indirectly through arrangements involving restrictions on cash
one or more intermediaries, over the reporting balances.
entity.
 Another entity over which the reporting entity has
control or significant influence, directly or indirectly
through one or more intermediaries
PE1
CHAPTER 10 - Appendix Audit Testing

Audit Sampling and Other Selective Testing Audit sampling is used for both tests of controls (attributes
sampling) and for substantive procedures (usually, variables
Procedures sampling)
For control sampling the auditor identifies
1. the characteristics or attributes that indicate
performance of a control
Audit Sampling 2. possible deviations which indicate in-adequate
“Audit sampling” (sampling) involves the application of performance.
audit procedures to less than 100% of items within an 3. presence or absence of attributes by testing
account balance or class of transactions such that all
sampling units have a chance of selection. From the sample Substantive procedures audit sampling is used to verify
the auditor forms a conclusion about the population from assertions about a financial statement amount (for
which the sample is drawn. Audit sampling can use either a example, the existence of accounts receivable), or to make
statistical or a non-statistical approach. an independent estimate of some amount (for example, the
value of obsolete inventories).
Sampling Terms
“Population” means the entire set of data from which a Non-sampling risk
sample is selected and about which the auditor wishes to Includes all aspects of audit risk that are not due to
draw conclusions. For example, all of the items in an sampling
account balance or a class of transactions constitute a Examples are:
population. 1. The failure to select appropriate audit procedures
2. The failure to recognize misstatements in
“Error” means either control deviations, when performing documents examined
tests of control, or misstatements, when performing 3. Misinterpreting the results of audit tests.
substantive procedures. “Sampling risk” arises from the
possibility that the auditor’s conclusion, based on a sample Sampling Risk
may be different from the conclusion reached if the entire It is the risk that the auditor’s conclusion, based on a
population were subjected to the same audit procedure. sample, might be different from the conclusion that would
be reached if the test were applied in the same way to the
Types of Sampling Risk entire population
There are two types of sampling risk: 1. Tests of controls risks include the risk of assessing
1. The risk the auditor will conclude, in the test of control risk too high or too low
control, that control risk is lower than it actually is, 2. Substantive test risks include incorrect rejection and
or in the case of a substantive test, that a material incorrect acceptance
error does not exist when in fact it does.
2. The risk the auditor will conclude, in a test of Sampling risk and non-sampling risk
control, that control risk is higher than it actually is, When performing tests of control, the auditor may find no
or in the case of a substantive test, that a material errors in a sample and conclude that control risk is low,
error exists when in fact it does not. when the rate of error in the population is, in fact,
unacceptably high (sampling risk). Or there may be errors in
Terms: Statistical Sampling the sample which the auditor fails to recognize (non-
“Statistical sampling” means any approach to sampling that sampling risk).
has the following characteristics:
(a) Random selection of a sample; and For example, the auditor may choose an inappropriate
(b) Use of probability theory to evaluate sample results, analytical procedure (non-sampling risk) or may find only
including measurement of sampling risk. minor misstatements in a test of details when, in fact, the
population misstatement is greater than the tolerable
A sampling approach that does not have characteristics (a) amount (sampling risk).
and (b) is considered non-statistical sampling.
Sampling risk can be reduced by increasing sample size,
More Sampling Terms while non-sampling risk can be reduced by proper
“Sampling unit” means the individual items constituting a engagement planning, supervision, and review.
population, for example checks listed on deposit slips, credit
entries on bank statements, sales invoices or debtors’ Appropriate Tests of Control
balances, or a monetary unit. Audit sampling for tests of control is generally appropriate
when application of the control leaves evidence of
“Stratification” is the process of dividing a population into performance (for example, initials of the credit manager on
subpopulations, each of which is a group of sampling units a sales invoice indicating credit approval, or evidence of
which have similar characteristics (often monetary value). authorization of data input to a microcomputer based data
processing system).
“Tolerable error” means the maximum error in a population
that the auditor is willing to accept.
PE1
Substantive Tests of Details 3. When performing tests of control, the auditor

When performing substantive tests of details, audit generally makes a preliminary assessment of the
sampling and other means of selecting items for testing and rate of error the auditor expects to find in the
gathering audit evidence may be used to: population to be tested and the level of control risk.
 verify one or more assertions about a financial
statement amount (for example, the existence of Sample Population: Appropriate and Complete
accounts receivable), Appropriate to the objective of the sampling procedure,
 to make an independent estimate of some amount which will include consideration of the direction of testing.
(for example, the value of obsolete inventories).
For example:
In obtaining evidence, the auditor should use professional 1. to test for overstatement of accounts payable, the
judgment to assess audit risk and design audit procedures population could be defined as the accounts
to ensure this risk is reduced to an acceptably low level payable listing.
2. to test for understatement of accounts payable, the
Since detection risk covers all substantive procedures, the population is subsequent disbursements, unpaid
acceptable level of sampling risk is dependent on the invoices, suppliers’ statements, unmatched
amount of audit evidence obtained from substantive receiving reports, etc.
procedures as well as the assessments of inherent and
control risk. Complete. For example,
 if the auditor intends to select payment vouchers
There is no clear-cut formula that determines an exact level from a file, conclusions cannot be drawn about all
of acceptable sampling risk based on the risk assessments. It vouchers for the period unless the auditor is
is generally accepted that audit evidence obtained from satisfied that all vouchers have in fact been filed.
other procedures will increase the acceptable level of  Similarly, if the auditor intends to use the sample to
sampling risk draw conclusions about the operation of an
accounting and internal control system during the
Selection of Items for Testing financial reporting period, the population needs to
Appropriate means of selecting items for testing are: include all relevant items from throughout the
 Selecting all items (100% examination),Rarely done entire period.
–only for substantive tests
 Selecting specific items Stratification
Audit efficiency may be improved if the auditor stratifies a
Audit sampling population by dividing it into discrete sub-populations
Audit sampling can be applied using either non-statistical or which have an identifying characteristic.
statistical sampling methods.  In substantive procedures, an account balance or
class of transactions is often stratified by monetary
Specific Items (Judgmental) Sampling value.
A judgmental sample is selected from a population based on  A population may be stratified according to a
such factors as knowledge of the client’s business, particular characteristic that indicates a higher risk
preliminary assessments of inherent and control risks, and of error, for example, when testing the valuation of
the characteristics of the population being tested. accounts receivable, balances may be stratified by
age.
Specific items selected may include:
1. High value or key items Value Weighted Selection
2. All items over a certain amount It will often be efficient in substantive testing to identify the
3. Items to obtain information sampling unit as the individual monetary units (e.g. dollars)
4. Items to test procedures that make up an account balance or class of transactions.
This does not constitute audit sampling because it cannot Monetary unit sampling is the most efficient and effective
be projected to the entire population. sampling technique in the auditor’s toolbox. It is particularly
useful when testing for overstatements, and it is advisable
statistical or non-statistical sampling approach? to use it in cases where the population is available in
Non-statistical sampling used in tests of control where the machine-readable format.
nature and cause of errors will often be more important
than the statistical analysis of the mere presence or absence Sample Size
(the count) of errors. When applying statistical sampling, Sample size is affected by the level of sampling risk that the
the sample size can be determined using either probability auditor is willing to accept. The lower the risk the auditor is
theory or professional judgment, but the items selected willing to accept, the greater the sample size will need to
must be at random to make the sample statistically valid. be.
Design of the Sample The tolerable rate is the maximum rate of deviation from
1. Consider the specific objectives to be achieved and policy that an auditor will accept without modifying the
the combination of audit procedures used planned assessed level of control risk. When the planned
2. Definite what constitutes an error and what assessed level of control risk is low, and the degree of
population to use for sampling. assurance desired from the sample is high, the tolerable
PE1
rate should be low. (Especially when other tests of controls An increase in the total error that the Decrease
are not done) auditor is willing to accept (tolerable
error)
Examples of Factors Influencing Sample Size for Tests of
Control An increase in the amount of error the Increase
FACTOR EFFECT ON auditor expects to find in the population
SAMPLE Stratification of the population when Decrease
SIZE appropriate
An increase in the auditor’s intended Increase The number of sampling units in the Negligible
reliance on accounting and internal control population Effect
systems
Selecting the Sample
An increase in the rate of deviation from the Decrease The auditor should select items for the sample with the
prescribed control procedure that the expectation that all sampling units in the population have a
auditor is willing to accept chance of selection.
Statistical sampling requires that sample items are selected
An increase in the rate of deviation from the Increase at random so that each sampling unit has a known chance
prescribed control procedure that the of being selected. The sampling units might be physical
auditor expects to find in the population items (such as invoices) or monetary units. With non-
statistical sampling, an auditor uses professional judgment
to select the items for a sample.
An increase in the auditor’s required Increase
confidence level (or conversely, a decrease Sample Selection Methods
in the risk that the auditor will conclude that Use of a computerized random number generator or
the control risk is lower than the actual random number tables.
control risk in the population) 1. Systematic selection, in which the number of
sampling units in the population is divided by the
An increase in the number of sampling units Negligible sample size to give a sampling interval.
in the population effect 2. Haphazard selection, in which the auditor selects
the sample without following a structured
technique. Haphazard selection is not appropriate
when using statistical sampling.
3. Block selection involves selecting a block(s) of
Examples of Factors Influencing Sample Size for contiguous items from within the population. Block
Substantive Procedures selection cannot ordinarily be used in audit
FACTOR EFFECT ON sampling.
SAMPLE
SIZE Performing the Audit Procedure
If a selected item is not appropriate for the application of
An increase in the auditor’s assessment of Increase the procedure, the procedure is ordinarily performed on a
inherent risk replacement item. Example another check substituted for
voided check
An increase in the auditor’s assessment of Increase
control risk Sometimes however, the auditor is unable to apply the
planned audit procedures to a selected item because, for
An increase in the use of other substantive Decrease instance, documentation relating to that item has been lost.
procedures directed at the same financial If suitable alternative procedures cannot be performed on
statement assertion that item, the auditor ordinarily considers that item to be in
error.
An increase in the auditor’s required Increase
confidence level (or conversely, a decrease Nature and Cause of Errors
in the risk that the auditor will conclude that
a material error does not exist, when in fact When conducting tests of control and errors are identified,
it does exist) the auditor needs to consider matters such as:
 the direct effect of identified errors on the financial
statements; and
Examples of Factors Influencing Sample Size for  the effectiveness of the accounting and internal
Substantive Procedures control systems and their effect on the audit
approach when, for example, the errors result from
FACTOR EFFECT ON management override of an internal control.
SAMPLE SIZE
PE1
Analyzing Errors Discovered  The auditor projects the total error for the
In analyzing the errors discovered, the auditor may observe population to obtain a broad view of the scale of
that many have a common feature, for example, type of errors, and to compare this to the tolerable error.
transaction, location, product line or period of time.  Tolerable error is will be an amount less than or
equal to the auditor’s preliminary estimate of
In such circumstances, the auditor may decide to identify all materiality.
items in the population that possess the common feature,
and extend audit procedures in that stratum. In addition, Evaluating the Sample Results
such errors may be intentional, and may indicate the The auditor should evaluate the sample results to
possibility of fraud. determine whether the preliminary assessment of the
relevant characteristic of the population is confirmed or
Projecting Errors needs to be revised.
For substantive procedures, the auditor should project  In test of controls, an unexpectedly high sample
monetary errors found in the sample to the population, and error rate may lead to an increase in the assessed
should consider the effect of the projected error on the level of control risk.
particular test objective and on other areas of the audit.  In a substantive procedure, an unexpectedly high
error amount in a sample may cause the auditor to
believe that an account balance or class of
transactions is materially misstated.
CHAPTER 11
Completing The Audit
Audit Process Model – Phase IV Evaluation and Reporting

Objective: Complete the audit procedures and issue an
opinion.
Procedures
(1) Evaluate governance evidence.
(2) Perform procedures to identify subsequent events.
(3) Review financial statements and other report material.
(4) Perform wrap-up procedures.
(5) Prepare Matters for Attention of Partners.
(6) Report to the board of directors.
(7) Prepare Audit report.
ISQC 1 says The objective of the firm is to establish and
maintain a system of quality control to provide it with
reasonable assurance that:
1. The firm and its personnel comply with professional
standards and applicable legal and regulatory
requirements;
2. Reports issued by the firm or engagement partners
are appropriate in the circumstances.
Audit firm policies and procedures
General firm activities for which quality control policies and
procedures are required include leadership responsibilities
for quality within the firm, ethical requirements, acceptance
and retention of clients, HR, engagement performance, and
monitoring.
Evaluation of Sample Results
The auditor should consider the sample results, the nature The firm’s chief executive officer (partners, board or
and cause of any errors identified, and their possible effect equivalent) shall assume ultimate responsibility for the
on the particular test objective and on other areas of the firm’s system of quality control.
audit.
The firm shall establish policies and procedures designed to
For substantive procedures, the auditor should project provide it with reasonable assurance that the firm and its
monetary errors found in the sample to the population, and personnel comply with relevant ethical requirements.
should consider the effect of the projected error.
PE1
The work performed by each person in the audit team  Review guarantees of indebtedness disclosed on
should be reviewed by personnel of at least equal bank confirmations
competence to consider whether:  Inspect other documents for client guarantees
1. The work has been performed in accordance with  Determine if there are any side letters*
the audit program; Agreements made outside the standard company contracts.
2. The work performed and the results obtained have These otherwise undisclosed agreements may be signed by
been adequately documented; senior officers, but not approved by the board of directors.
3. All significant audit matters have been resolved or
are reflected in audit conclusions; Legal letters- are the primary procedure auditors rely on for
4. The objectives of the audit procedures have been discovering litigation, claims and assessments that affect
achieved; and the client.
5. The conclusions expressed are consistent with the
results of the work performed and support the  Legal letters are obtained from the clients legal
audit opinion. counsel
 Attorney Letter informs the auditor of pending
Sarbanes-Oxley Act (SOx) litigation or other information involving legal
The Sarbanes-Oxley Act (SOx) addresses overall review counsel that is relevant to the financial statements.
procedures required of the auditor such as second partner
review, partner rotation, and quality control. It also Legal Letter
discusses the client’s audit committee responsibilities and The attorney letter should request evidence relating to:
inspection by PCAOB. 1. Existence of conditions or circumstances indicating
a possible loss from litigation, claims or assessments
PCAOB conducts a program of inspections of audit firms to 2. The period in which the underlying cause occurred.
determine if they comply with professional standards and 3. Likelihood of an unfavorable outcome
quality control. 4. Amount of potential loss, including court costs
SOx requires every public accounting firm to use quality Written Representations by Management
control policies relating to A written statement by management is provided to the
(i)monitoring of professional ethics and independence from auditor to confirm certain matters or to support other audit
entities on which the firm issues audit reports; evidence.
(ii) consultation within the firm on accounting and auditing
questions; The objectives of the auditor are:
(iii) supervision of audit work; 1. To obtain written representations from
(iv) hiring, professional development, and advancement of management that they believe that they have
personnel; fulfilled their responsibility for the preparation of
(v) the acceptance and continuation of audit engagements; the financial statements and for the completeness
(vi) internal inspection of the information provided to the auditor
2. To support other audit evidence relevant to the
SOx Company Audit Committee financial statements
Under SOx Sec 301 public company audit committees are
directly responsible for the appointment, compensation, Review for Contingent Liabilities and Commitments
and oversight of the work of any registered public Contingent liability is a potential future obligation to an
accounting firm employed by their company (including outside party for an unknown amount resulting from the
resolution of disagreements between management and the outcome of a past event.
auditor regarding financial reporting).
Commitments are agreements that the entity will hold to a
Audit firm reports directly to the audit committee. Auditors fixed set of conditions, such as the purchase or sale of
may also have to discuss accounting complaints with the merchandise at a stated price, at a future date, regardless
Audit Committee. of what happens to profits or to the economy as a whole.
Evaluate Governance Evidence Subsequent Events
The important governance information to be gathered from Subsequent events are events occurring between the date
the client includes: of the financial statements and the date of the auditor’s
1. a legal letter, report, and facts that become known to the auditor after
2. a written representations by management the date of the auditor’s report.
(management representations letter)
3. information about contingent liabilities and Types of Events After the F/S Date
commitments Financial frameworks usually identify two types of events
4. identification of related parties. after the date of the financial statements:
1. Those that provide evidence of conditions that
Field Procedures to Obtain Evidence Concerning Claims existed at the date of the financial
Against Client statements(requires adjustment to the financial
Read corporate meetings minutes statements)
 Read contracts, leases, correspondence and other 2. Those that provide evidence of conditions that
certain documents arose after the date of the financial statements.(if
material, requires disclosure).
PE1
The London Stock Exchange Code of Best Practice state

The auditor shall take into account the auditor’s risk that: The directors should report on the effectiveness of the
assessment in determining the nature and extent of such company's system of internal control and that the business
audit procedures, which shall include the following: is a going concern, with supporting assumptions or
1. Obtaining an understanding of any procedures qualifications as necessary.
management has established to ensure that Under the Sarbanes-Oxley Act (SOx) auditors have
subsequent events are identified. responsibility considering certain governance disclosures
2. Inquiring of management and those charged with connected with the financial statements.
governance as to whether any subsequent events  The company must disclose whether or not, and if
have occurred which might affect the financial not, the reason why, it has adopted a code of
statements. ethics.
3. Reading minutes of the meetings of the entity’s  SOx Section 407 requires company disclosure of
owners and management that have been held after whether or not, and if not, the reasons, their audit
the date of the financial statements and inquiring committee is comprised of at least one member
about matters discussed for which minutes are not who is a financial expert.
yet available.
4. Reading the entity’s latest subsequent interim Other Information In Annual Reports
financial statements. ‘The auditor should read the other information (in
5. Reading the entity’s latest available budgets, cash documents containing audited financial statements) to
flow forecasts and other related management identify material inconsistencies with the audited financial
reports for periods after the date of the financial statements’. (ISA 720)
statements;
6. Consider whether written representations covering Other information, on which the auditor may have to
particular subsequent events may be necessary to report, includes
support other audit evidence and thereby obtain 1. an annual report,
sufficient appropriate audit evidence. 2. a report by management or the board of directors
on operations
Events Between the Balance Sheet Date and the Issuance 3. financial summary or highlights,
of the Statements 4. employment data,
When management amends the financial statements 5. planned capital expenditures,
1. The auditor reviews for subsequent events 6. financial ratios
2. Issue or Reissue New Audit Report 7. names of officers and directors,
8. selected quarterly data
When management does not amend the financial 9. documents used in securities offerings.
statements
1. Qualified Opinion or an Adverse Opinion Material Inconsistency
(before report was released) is given A material inconsistency exists when other information
2. Notify the top management not to use the F.S. & contradicts information contained in the audited financial
auditor’s report. (after report was released) statements. A material inconsistency may raise doubts
about the audit conclusions drawn from audit evidence
Discovery Of Facts After The Financial Statements Have obtained and, possibly, about the basis for the auditor’s
Been Issued. opinion on the financial statements.
After the financial statements have been issued the auditor
has no obligation to perform any audit procedures Wrap-Up Procedures
regarding such financial statements.If, however, the auditor Wrap-up procedures are those procedures done at the end
becomes aware of a fact which existed at the date of the of an audit that generally cannot be performed before the
auditor’s report, the new or amended auditor’s report other audit work is complete. They include supervisory
should include an emphasis of a matter paragraph. review, final analytical procedures, working capital review,
evaluating audit findings for material misstatements,
Review Financial Statements and Other Report Material review of laws and regulation, and evaluation of going
The final review of the financial statements involves concern.
procedures to determine if disclosures of financial
statements and other required disclosures (for corporate Supervisory Review
governance, management reports, etc.) are adequate. 1. Review starts with the in-charge (senior) accountant
Adequate disclosure includes consideration of all the reviewing the work of the staff accountant
financial statements, including related footnotes. 2. The manager and partner in charge of the audit
review the work submitted by the in-charge
Review Financial Statements and Other Report Material accountant
1. Financial Statement Disclosures 3. For larger audits, there is an additional review of
2. Disclosure Checklist the engagement is performed by a manager or
3. Corporate Governance Disclosures partner not working on the engagement
4. Fair Values 4. In auditing firms with multiple offices, it is common
5. Other Information In The Annual Report practice for review teams to visit the various offices
periodically and review selected engagements
Corporate Governance
Working Paper Review
PE1
Working papers (or ‘work papers’) are a record of the 3. discussions of accounts that required special
auditor’s planning; nature, timing and extent of the auditing consideration
procedures performed; results of such procedures and the 4. compliance with statutory laws, ISAs and IASs
conclusions drawn from the evidence obtained. 5. comments on accounting systems
6. comments on management letters
Two functions: 7. discussion of any matters that were outstanding at
1. Aid in conduct in supervision of audit. that date.
2. Support for auditor’s opinion, especially
representation. Reports to The Board of Directors
The Board of Directors has significant influence over
Evaluating Audit Findings For Material Misstatements accounting and financial policies of the entity. The auditor
When the audit tests for each item in the financial must communicate their important findings to the
statements are completed, the staff auditor doing the work Board.Board has responsibility for hiring independent
will sign off completion of steps, identify monetary auditor.
misstatements in the financial statements, and propose
adjustment to the financial statements. Typical areas of discussion in the Long-Form report to the
board of directors is information which the client has
Monetary misstatement are misstatement that cause a omitted from its notes and the errors the auditor has found
distortion of financial statement.Results from mistakes in in performing his work.
processing transactions, mistakes in selection of accounting
principles, and mistakes in facts or judgment about SEC Report to Audit Committee
accounting estimates. SEC requires auditors to report to the audit committee of
the publicly traded company
Review Laws and Regulation 1. all critical accounting policies and practices to be
The auditor should: used;
1. know the laws that apply to their client, 2. all alternative treatments of financial information
2. review the criteria required to comply with that within generally accepted accounting principles that
statute, have been discussed; and
3. test for the client company’s compliance. 3. other material written communications such as any
management letter or schedule of unadjusted
Going Concern differences.
The going concern assumption is that the enterprise is
normally viewed as a going concern, that is, as continuing in CHAPTER 11 - Appendix
operation for the foreseeable future. Audit Documentation and Working Papers
An entity's continuance as a going concern is assumed in
the preparation of the financial statements in the absence
of information to the contrary.
Definition:
For example, assets and liabilities are recorded on the basis Audit documentation is the principal record of the basis for
the entity will be around long enough to pay the liabilities the auditor’s conclusions and provides the principal support
and fully depreciate the assets. for the representations in the auditor’s report.
Procedures if Going Concern Doubt “Documentation means the material (working papers)
If there is significant doubt of the entity’s ability to continue prepared by and for, or obtained and retained by the
as a going concern, the auditor should auditor in connection with the performance of the audit.
1. Review management’s plans for future actions Working papers may be in the form of data stored on paper,
based on its going concern assessment; film, electronic media or other media.” ISA 230
2. Seek written representations from management
regarding its plans for future action; and Audit documentation includes records on the planning and
3. Gather sufficient appropriate audit evidence to performance of the work, the procedures performed,
confirm or dispel whether or not a material evidence obtained, and conclusions reached by the auditor.
uncertainty exists through carrying out procedures
considered necessary. Working Papers
 Are a direct aid in the planing, performance, and
Matters For Attention Of Partners (MAPs) supervision of the audit;
Matters for Attention of Partners (MAPs) is a report by  Record the audit evidence resulting from the audit
audit managers to be reviewed by the partner or director work performed to provide support for the
detailing the audit decisions reached by managers or auditor’s opinion including the representation.
partners and the reasons for those decisions.  Assist in review of the audit work.
Items included in the MAP:  Provide proof of the adequacy of the audit
1. a cover page signed by audit manager and partners
stating the basic conclusions of the audit Significant Matters
2. general matters, management comments, ISA 230 states: “The auditor should record in the working
comments on results papers information on planning the audit, the nature,
timing and extent of the audit procedures performed and
PE1
the results thereof, and the conclusions drawn from the Permanent File
audit evidence obtained.” The permanent file is audit work papers containing all the
data which are of continuing
PCAOB’s documentation standard defines significant interest from year to year.
matters: “The auditor must document significant findings or The permanent file is intended to contain data of historical
issues, actions taken to address them (including additional or continuing nature pertinent to the current audit. This file
evidence obtained), and the basis for the conclusions provides a convenient source of information about the audit
reached.” that is of continuing interest.
Form and Content of the Working Papers The permanent file usually includes the following:
PCAOB : “Audit documentation must contain sufficient 1. Copies or excerpts of company documents
information to enable an experienced auditor, having no 2. Prior year analysis
previous connection with the engagement: 3. Internal control information including: internal
(1) to understand the nature, timing, extent, and results of control questionnaires, flow charts, organization
the procedures performed, evidence obtained, and charts , and a listing of controls and
conclusions reached, and control weakness.
(2) to determine who performed the work and the date
such work was completed as well as the person who Current Work Paper Files
reviewed the work and the date of such review.” The current work paper file contains all documentation
applicable to the year under audit.
 The working papers should convey the auditor’s
reasoning on all matters which require the exercise The current file ordinarily includes client summary
of judgment and the auditor’s conclusions. information such as description of the client, client
 The extent of what is included in working papers is industry, client internal controls and the auditor’s
a matter of professional judgment. All auditing materials.
firms around the world have their own workpaper
formats. Current Work Paper Files
 Working papers are designed and organized to The current file work papers will usually contain
meet the circumstances and the auditor’s needs for accounting-related information such as trial balances, lead
each individual audit. schedules, analyses of transactions and balances and, if
necessary, recommended journal entries to correct the
The working papers should contain at a minimum: accounts records.
1. information on planning the audit work;
2. the nature, timing, and content of the audit The largest portion of working papers includes the detailed
procedures performed; schedules prepared by the client or the auditors in support
3. the results of the audit procedures; and of specific amounts on the financial statements.
4. the conclusions drawn leading to an opinion.
Lead Schedules
Document Retention  Each line item in the trial balance is supported by a
‘The auditor should adopt appropriate procedures for lead schedule, containing the detailed accounts
maintaining the confidentiality and safe custody of the from the general ledger making up the line item.
working papers and for retaining them for a period  Each detailed account on the lead schedule is, in
sufficient to meet the needs of the practice and in turn, supported by audit work performed and the
accordance with legal and professional requirements of conclusions drawn.
record retention.’  The major types of supporting schedules are
account analysis, list schedules, reconciliation of
PCAOB (Audit Standard #3) says when additions are made, amounts, tests of reasonableness, procedures
the documentation added must indicate the date the description, informational and outside
information was added, by whom it was added, and the documentation.
reason for adding it.
Preparation of work papers
Working papers are the property of the auditor. Proper preparation of work papers requires structuring the
information so that its is easy to interpret and gives the
PCAOB and SOX Retention extent of the work in a concise form.
PCAOB’s Documentation Standard # 3 states: “The auditor
must retain audit documentation for seven years from the Individual work papers should be properly identified with
date the auditor grants permission to use the auditor's the client’s name, the period covered, a description of
report in connection with the issuance of the company's contents of the work paper, the date of preparation, an
financial statements (report release date), unless a longer index code, and the initials of the person who prepares it.
period of time is required by law.”
Tick Marks and Indexing
SEC regulation specifies detailed requirements regarding The preparation of work papers has strong traditional
the types of document (e.g. working papers, memos, elements that indicate the audit work performed, cross
correspondence, etc. that contain conclusions, opinions, references and suggested adjustment. These elements are:
analyses, etc.) that should be retained 1. Tick marks
2. Indexing
PE1
3. Adjusting journal company’s ability to record, process, summarize, and report

financial data and have identified for the company’s
auditors any material weaknesses in internal controls; and
any fraud, whether or not material, that involves
Tick Marks management or other employees who have a significant
 Tick marks are symbols used by the auditor to role in the company’s internal controls;
indicate the nature and extent of procedures
applied in specific circumstance. Old Style Audit Report (3 paragraph)
 Tick marks are notations directly on the working
papers schedules.
 Tick marks are generally done by hand with a pen or
pencil alongside a specific item.
Indexing
Work papers are indexed, i.e., cross referenced to aid in the
organizing and filing. Indexing work papers requires coding
the individual sheets of paper so that needed information
may be found easily. Systems of indexing used include:
1. Sequential numbering
2. Combinations of letters and numbers, and
3. Digit position index numbers
Adjusting journal entry
An adjusting journal entry is the correcting entry required at
the end of the reporting period due to a mistake made in
the accounting records; also called “correcting entry”.
The auditor does not make entries in the client’s records.
The auditor makes the entries on the work papers and
reviews their entry with the client.
CHAPTER 12
Audit Reports and Documentation
Management Responsibility for Audit Report - SOx

Sox Requires that the principal executive officer or officers
and the principal financial officer or officers, certify in each
report filed with the SEC the following:
1. the signing officer has reviewed the report;
2. the report does not contain any untrue statement
of a material fact or omit to state a material fact;
3. the financial statements, and other financial
information, fairly present in all material respects
the financial condition of the company;
4. the signing officers
 are responsible for establishing and maintaining
internal controls; Contents of the PCAOB Combined Financial Statement and
 have evaluated the effectiveness of the company’s Internal Control Auditor's Report
internal controls; and 1. title,
 have presented in the report their conclusions 2. Addressee (not required PCAOB AS 5)
about the effectiveness of their internal controls 3. opening or introductory paragraph
based on their evaluation; 4. scope paragraph (describing the nature of an audit)
5. Definition paragraph
Corporate Responsibility for Audit Report under SOx 6. Limitations paragraph
(cont.) 7. opinion paragraph containing an expression of
Requires that the principal executive officer or officers and opinion on the financial statements,
the principal financial officer or officers, certify in each 8. the date of the report, the auditor's address, and
report filed with the SEC the following: auditor’s signature US Classes
1. the signing officers have disclosed to the company’s
auditors and the audit committee of the board of Example PCAOB sample combined financial statement and
directors internal control audit report from Audit Standard No. 5
all significant deficiencies in the design or operation of U.S. Classes
internal controls which could adversely affect the
PE1
20X8, based on [Identify control criteria, for example,

Report of Independent Registered Public Accounting Firm "criteria established in Internal Control—Integrated
Framework issued by the Committee of Sponsoring
[Introductory paragraph] Organizations of the Treadway Commission (COSO)." ].
We have audited the accompanying balance sheets of W [Signature]
Company as of December 31, 20X8 and 20X7, and the [City and State or Country]
related statements of income,stockholders' equity and [Date]
comprehensive income, and cash flows for each of the years
in the three-year period ended December 31, 20X8. We also
have audited management's assessment, included in the
accompanying [title of management‘s report], that W ISA 700 Auditors Opinion on F/S
Company maintained effective internal control over  Title: “Independent Auditor’s Report”
financial reporting as of December 31, 20X8, based on  [Appropriate Addressee]
[Identify control criteria, for example, "criteria established in  Introductory Paragraph (Report on Financial
Internal Control—Integrated Framework issued by the Statements)
Committee of Sponsoring Organizations of the Treadway  Management’s Responsibility for the Financial
Commission (COSO)." ]. W Company's management is Statements
responsible for these financial statements, for maintaining  Auditor’s Responsibility
effective internal control over financial reporting, and for its  Opinion
assessment of the effectiveness of internal control over  Report on Other Legal and Regulatory
financial reporting. Our responsibility is to express an Requirements [Form and content of this section of
opinion on these financial statements and an opinion on the the auditor’s report will vary depending on the
company's internal control over financial reporting based on nature of the auditor’s other reporting
our audits. responsibilities.]
[Scope paragraph]  *Auditor’s signature+
We conducted our audits in accordance with the standards  *Date of the auditor’s report+
of the Public Company Accounting Oversight Board (United  [Auditor’s address+
States). Those standards require that we plan and perform
the audits to obtain reasonable assurance about whether
the financial statements are free of material misstatement ISA 700 Sample Financial Statement Audit Report
and whether effective internal control over financial Independent Auditor’s Report
reporting was maintained in all material respects. Our [Appropriate Addressee]
audits of the financial statements included examining, on a
test basis, evidence supporting the amounts and disclosures Report on the Financial Statements :
in the financial statements, assessing the accounting We have audited the accompanying financial statements of
principles used and significant estimates made by ABC Company, which comprise the statement of financial
management, and evaluating the overall financial statement position as at December 31, 20X1, and the statement of
presentation. Our audit of internal control over financial comprehensive income, statement of changes in equity and
reporting included obtaining an understanding of internal statement of cash flows for the year then ended, and a
control over financial reporting, assessing the risk that a summary of significant accounting policies and other
material weakness exists, testing and evaluating the design explanatory information.
and operating effectiveness of internal control based on the
assessed risk, and performing such other procedures as we Included in the Audit Report
considered necessary in the circumstances. We believe that  A title, e.g. “Independent Auditor’s Report”
our audits provide a reasonable basis for our opinions.  An addressee, as required by the circumstances of
the engagement, e.g.”Shareholders of ABC
[Inherent limitations paragraph] company”
Because of its inherent limitations, internal control over  An introductory paragraph that identifies the
financial reporting may not prevent or detect financial statements audited
misstatements. Also, projections of any evaluation of
effectiveness to future periods are subject to the risk that Management’s Responsibility for the Financial Statements
controls may become inadequate because of changes in Management is responsible for the preparation and fair
conditions, or that the degree of compliance with the presentation of these financial statements in accordance
policies or procedures may deteriorate. with International Financial Reporting Standards, and for
such internal control as management determines is
[Opinion paragraph] necessary to enable the preparation of financial statements
In our opinion, the financial statements referred to above that are free from material misstatement, whether due to
present fairly, in all material respects, the financial position fraud or error.
of W Company as of December 31, 20X8 and 20X7, and the
results of its operations and its cash flows for each of the Auditor’s Responsibility
years in the three-year period ended December 31, 20X8 in Our responsibility is to express an opinion on these financial
conformity with accounting principles generally accepted in statements based on our audit. We conducted our audit in
the United States of America. Also in our opinion, W accordance with International Standards on auditing. Those
Company maintained, in all material respects, effective standards require that we comply with ethical requirements
internal control over financial reporting as of December 31, and plan and perform the audit to obtain reasonable
PE1
assurance about whether the financial statements are free

from material misstatement.
The Audit Report Management Responsibility and Auditor The objectives of the auditor are:
Responsibility 1. To form an opinion on the financial statements
A description of the responsibility of management for the based on an evaluation of the conclusions drawn
preparation of the financial statements. from the audit evidence obtained and
A description of the auditor’s responsibility to express an 2. To express clearly that opinion through a written
opinion on the financial statements and the scope of the report that also describes the basis for that opinion.
audit, that includes:
1. A reference to International Standards on Auditing The report must be dated.
and the law or regulation; and The auditor shall date the report no earlier than the date on
2. A description of an audit in accordance with those which the auditor has obtained sufficient appropriate audit
standards. evidence on which to base the auditor’s opinion on the
financial statements including evidence that:
An audit involves performing procedures to obtain audit (a) all the statements that comprise the financial
evidence about the amounts and disclosures in the financial statements, including the related notes, have been
statements. The procedures selected depend on the prepared;
auditor’s judgment, including the assessment of the risks of (b) those with recognized authority have asserted that they
material misstatement of the financial statements, whether have taken responsibility for those financial statements.
due to fraud or error. In making those risk assessments, the
auditor considers internal control relevant to the entity’s The opinion expressed in the auditor's report may be one
preparation and fair presentation of the financial of four types:
statements in order to design audit procedures that are Unmodified (unqualified),
appropriate in the circumstances, but not for the purpose of
expressing an opinion on the effectiveness of the entity’s Three Modified Opinions:
internal control. An audit also includes evaluating the 1. qualified,
appropriateness of accounting policies used and the 2. adverse, or
reasonableness of accounting estimates made by 3. disclaimer of opinion
management, as well as evaluating the overall presentation
of the financial statements. Unqualified Audit Opinion – Also called Unmodified
Opinion
We believe that the audit evidence we have obtained is Unmodified (unqualified) opinion—The opinion expressed
sufficient and appropriate to provide a basis for our audit by the auditor when the auditor concludes that the financial
opinion. statements are prepared, in all material respects, in
accordance with the applicable financial reporting
Opinion framework.
In our opinion, the financial statements present fairly, in all
material respects, (or give a true and fair view of) the Most common type of audit report
financial position of ABC Company as at December 31, 20X1,  Called “clean opinion”
and (of) its financial performance and its cash flows for the  Used for more than 90 per cent of all audit reports
year then ended in accordance with International Financial  Other audit reports are referred to as ‘modified
Reporting Standards. opinion. (adverse opinion, disclaimer of opinion,
and qualified opinion).
Report on Other Legal and Regulatory Requirements
*Form and content of this section of the auditor’s report will An Unmodified (Unqualified) Audit Opinion should be
vary depending on the nature of the auditor’s other expressed when the auditor concludes that the financial
reporting responsibilities.] statements are prepared, in all material respects, in
accordance with the applicable financial reporting
[Auditor’s signature+ framework.
*Date of the auditor’s report+ Evaluation of the compliance to the reporting framework
include consideration of these qualitative aspects
*Auditor’s address+  whether the financial statements adequately
disclose the significant accounting policies selected
Included in the Audit Report Opinion and Signatures and they are consistent and appropriate;
An opinion paragraph containing an expression of opinion  accounting estimates made by management are
on the financial statements and a reference to the reasonable;
applicable financial reporting framework used to prepare  information presented in the financial statements is
the financial statements (including identifying the relevant, reliable, comparable, and understandable;
jurisdiction of origin of the financial reporting framework  disclosures to enable the intended users to
that is not International Financial Reporting Standards or understand the effect of material transactions and
International Public Sector Accounting Standards, events on the information conveyed in the financial
1. The auditor’s signature; statements; and
2. The date of the auditor’s report; and
3. The auditor’s address.
PE1
 terminology used in the financial statements, In our opinion, except for the possible effects of the matter
including the title of each financial statement, is described in the Basis for Qualified Opinion paragraph, the
appropriate. financial statements present fairly, in all material respects,
 whether the financial statements achieve fair (or give a true and fair view of) the financial position of ABC
presentation. If they are prepared in accordance Company as at December 31, 20X1, and (of) its financial
with a fair presentation framework, performance and its cash flows for the year then ended in
accordance with International Financial Reporting
at least two circumstances where the auditor may not be Standards.
able to express an unmodified opinion:
1. A limitation in scope; Auditor’s Adverse Opinion ( ISA 705)
2. The auditor’s judgment about the pervasiveness of The auditor shall express an adverse opinion when the
the effects or possible effects of the matter on the auditor, having obtained sufficient appropriate audit
financial statements. evidence, concludes that misstatements, individually or in
the aggregate, are both material and pervasive to the
The circumstances described in 1 – scope limitation financial statements.
– could lead to a modified opinion or a disclaimer of
opinion. The circumstances described in 2 Auditor’s Disclaimer of Opinion (ISA 705)
– disagreement with management – could lead to a The auditor shall disclaim an opinion when the auditor is
modified opinion or an adverse opinion. unable to obtain sufficient appropriate audit evidence on
which to base the opinion, and the auditor concludes that
The objective of the auditor is to express clearly an the possible effects on the financial statements of
appropriately modified opinion on the financial undetected misstatements, if any, could be both material
statements that is necessary when and pervasive or interaction of multiple uncertainties on F/S
1. The auditor concludes, based on the audit evidence ISA 705 Appendix Types of Modified Opinions
obtained, that the financial statements as a whole Auditor’s Judgment about the
are not free from material misstatement; or Pervasiveness of the Effects or
2. The auditor is unable to obtain sufficient Possible Effects on the Financial
appropriate audit evidence to conclude that the Statements
financial statements as a whole are free from Nature of Matter Material but Material and
material misstatement. Giving Not Pervasive
Rise to the Pervasive
Auditor’s Qualified Opinion Modification
Express a qualified opinion when: Financial Qualified Adverse opinion
 The auditor, having obtained sufficient appropriate statements are opinion
audit evidence, concludes that misstatements, materially
individually or in the aggregate, are material, but misstated
not pervasive, to the financial statements; or Inability to obtain Qualified Disclaimer of opinion
 The auditor is unable to obtain sufficient sufficient opinion
appropriate audit evidence on which to base the appropriate audit
opinion, but the auditor concludes that the possible evidence
effects on the financial statements of undetected
misstatements, if any, could be material but not
pervasive.
Basis for Modification Paragraph
Auditors Responsibility When the auditor modifies the opinion on the financial
We believe that the audit evidence we have obtained is statements, the auditor shall, in addition to the specific
sufficient and appropriate to provide a basis for our elements required by ISA 700, include a paragraph in the
qualified audit opinion. auditor’s report that provides a description of the matter
giving rise to the modification. The auditor shall place this
Basis for Qualified Opinion paragraph immediately before the opinion paragraph in the
ABC Company’s investment in XYZ Company, a foreign auditor’s report and use the heading “Basis for Qualified
associate acquired during the year and accounted for by the Opinion,” “Basis for Adverse Opinion,” or “Basis for
equity method, is carried at xxx on the statement of Disclaimer of Opinion,” as appropriate.
financial position as at December 31, 20X1, and ABC’s share
of XYZ’s net income of xxx is included in ABC’s income for An Emphasis of a Matter Paragraph with an Unmodified
the year then ended. We were unable to obtain sufficient (Unqualified) Opinion
appropriate audit evidence about the carrying amount of An auditor’s unqualified report is sometimes expanded
ABC’s investment in XYZ as at December 31, 20X1 and ABC’s upon to explain matters that do not affect the auditor’s
share of XYZ’s net income for the year because we were opinion, but should be emphasized to the financial
denied access to the financial information, management, statement user.
and the auditors of XYZ. Consequently, we were unable to
determine whether any adjustments to these amounts were ISA 706 “Emphasis of Matter Paragraphs and Other
necessary. Matters Paragraphs in the Independent Auditor’s Report”
The auditor’s report should emphasize a matter when it is
Qualified Opinion necessary to:
PE1
1. EofM: Draw users’ attention to matters presented 4. Litigation, long-term contracts, recoverability of
or disclosed in the financial statements that are of asset values, losses on discontinued operations
such importance that they are fundamental to To highlight a material matter regarding a going concern
users’ understanding of the financial statements; or problem.
2. Other Matter: Draw users’ attention to any matters Going Concern
other than those presented or disclosed in the In a going concern judgment, the objectives of the auditor
financial statements that are relevant to users’ are:
understanding of the audit, the auditor’s 1. To obtain sufficient appropriate audit evidence
responsibilities or the auditor’s report. about the appropriateness of management’s use of
the going concern assumption in the preparation
Report of Independent Registered Public Accounting Firm and presentation of the financial statements;
2. To conclude, based on the audit evidence obtained,
[Standard Introductory Paragraph] whether a material uncertainty exists related to
[Management Responsibility Paragraph] events or conditions that may cast significant doubt
[Auditor Responsibility Paragraphs] on the entity’s ability to continue as a going
[Opinion Paragraph] concern; and
Required Emphasis Paragraph[s] 3. To determine the implications for the auditor’s
[Emphasize those matters that are important in report.
understanding the financial statement presentation,
including significant management judgments and estimates The Going Concern disclosure should:
and areas with significant measurement uncertainty. 1. describe the principal conditions that raise doubt;
Discuss the audit procedures performed on these significant 2. state that there are doubts about going concern,
matters. This discussion should not include matters that the therefore the entity may be unable to realize its
company has not disclosed in the financial statements and assets and discharge its liabilities in the normal
should make reference to the notes in the financial course of business;
statements that disclose each matter.] 3. state that the financial statements do not include
any adjustments relating to the recoverability and
“Without qualifying our opinion we draw attention to Note classification of recorded asset amounts or to
X to the financial statements. The Company is the amounts and classification of liabilities that may be
defendant in a lawsuit alleging infringement of certain necessary should the entity be unable to continue
patent rights and claiming royalties and punitive damages. as a going concern.
The Company has filed a counter action, and preliminary
hearings and discovery proceedings on both actions are in Lack of Consistency
progress. The ultimate outcome of the matter cannot Lack of consistency in the application of accounting
presently be determined, and no provision for any liability principles in the current period in relation to the preceding
that may result has been made in the financial statements.” period may require a modification to an unmodified opinion
[Signature] based on standards in many countries.
[City and State or Country]
[Date] Reports involving other auditors and experts
ISA 620 suggests that when expressing an unmodified
(unqualified) opinion the auditor should not refer to the
work of an expert in her report as such a reference might be
When the auditor includes an Emphasis of Matter misunderstood to be a qualification of the auditor's opinion
paragraph in the auditor’s report, the auditor shall: or a division of responsibility. If the auditor references the
1. Include it immediately after the Opinion paragraph work of an expert in the auditor’s report because it is
in the auditor’s report; relevant to a modification to the auditor’s opinion, the
2. Use the heading “Emphasis of Matter,” auditor shall indicate this does not reduce the auditor’s
3. Include in the paragraph a clear reference to the responsibility for that opinion.
matter being emphasized and to where relevant
disclosures that fully describe the matter can be Communications With Those Charged With Governance
found in the financial statements; and The objective of the auditor is to provide those charged
4. Indicate that the auditor’s opinion is not modified in with governance with timely observations arising from the
respect of the matter emphasized audit that are significant and relevant to their responsibility
to oversee the financial reporting process including:
An auditor might write an Emphasis of a Matter paragraph: 1. Qualitative aspects of the entity’s accounting
If there is a significant uncertainty which may affect the practices
financial statements, the resolution of which is dependent 2. Significant difficulties encountered during the audit
upon future events 3. Significant matters arising from the audit that were
discussed with management
Examples of uncertainties that might be emphasized include 4. Other matters arising from the audit that are
1. the existence of related party transactions, significant to the oversight of the financial reporting
2. important accounting matters occurring subsequent process
to the balance sheet date
3. matters affecting the comparability of financial Governance Structures
statements with those of previous years (e.g. The structures of governance vary from country to country
change in accounting methods) reflecting cultural and legal backgrounds.In some countries,
PE1
the supervision function, and the management function are A long- form report ordinarily includes:
legally separated into different bodies, such as a supervisory 1. Overview of the Audit Engagement
(wholly or mainly non-executive) board and a management 2. Analysis of Financial Statements
(executive) board. In other countries, like the U.S., both 3. Risk Management and Internal Control
functions are the legal responsibility of a single, unitary 4. Optional Topics
board. 5. Auditor independence and quality control
6. Fees
Auditor Communications to Governance Entity
Audit matters of governance interest to be communicated Management Letter
by the auditor to the board or audit committee ordinarily The management letter identifies issues not required to be
include: disclosed in the Annual Financial Report but represent the
1. Material deficiencies in internal control; auditors concerns and suggestions noted during the audit.
2. Non-compliance with laws and regulations. An evaluation is made of the present system, pointing out
3. Fraud involving management problem areas. Recommendations for improvement are
4. Questions regarding management integrity; cited. Also included is a discussion of any problem which
5. The general approach and overall scope of the may require immediate action to correct.
audit;
6. The selection of, or changes in, significant In order to form an opinion, the auditor shall conclude as to
accounting policies and practices that have a whether the auditor has obtained reasonable assurance
material effect on the financial statements; about whether the financial statements as a whole are free
from material misstatement, whether due to fraud or error.
Audit matters of governance interest to be communicated
by the auditor to the board or audit committee ordinarily The auditor’s conclusion shall take into account:
include: 1. Whether sufficient appropriate audit evidence has
1. The potential effect on the financial statements of been obtained;
any significant risks and exposures, such as pending 2. Whether uncorrected misstatements are material,
litigation, that requires disclosure in the financial individually or in aggregate; and – next slide
statements;
2. Significant audit adjustments to the accounting The auditor’s conclusion shall also take into account
records; whether the financial statements :
3. Material uncertainties related to the entity’s ability 1. Are prepared, in all material respects, in accordance
to continue as a going concern; with the requirements of the applicable financial
4. Disagreements with management about matters reporting framework
that could be significant to the entity’s financial 2. Disclose significant accounting policies
statement. 3. Use estimates made by management that are
5. Expected modifications to the auditor’s report reasonable
4. Use information that is relevant, reliable,
Reporting Fraud and Error comparable, and understandable
If the auditor has identified a fraud or has obtained 5. Provide adequate disclosures and uses appropriate
information that indicates that a fraud may exist, the terminology
auditor shall communicate these matters on a timely basis
to the appropriate level of management The auditor shall XBRL
determine whether there is a responsibility to report the XBRL is a freely licensed, open technology standard that
occurrence or suspicion to a party outside the entity. The makes it possible to store and/or transfer data along with
auditor’s legal responsibilities may override the duty of the complex hierarchies, data-processing rules and
confidentiality in some circumstances. descriptions.
 Permits the automatic exchange and reliable
Reporting of Non-compliance with Laws extraction of financial information across all
 If non compliance is suspected, the auditor should software formats and technologies, including the
communicate to those charged with governance. Internet
 If the auditor concludes that the noncompliance has  Reduces the need to enter financial information
a material effect on the financial statements, and more than one time, reducing the risk of data entry
has not been properly reflected in the financial error and eliminating the need to manually key
statements, the auditor should express a qualified information for various formats
or an adverse opinion.
 The auditor shall determine whether the auditor Continuous Reporting and Auditing
has responsibility to report the identified or Continuous reporting is the real-time disclosure of
suspected non-compliance to parties outside the transaction data.
entity.
Embedded audit modules (EAM) are database software
Long-Form Audit Report routines that are placed at predetermined points to gather
In many countries it is customary for the auditor to prepare information about transactions or events within the system
a ‘long-form’ report to the Audit Committee of an entity’s that auditors deem to be material. EAMs allow auditors to
board of directors in addition to the publicly published proactively monitor auditable conditions.
‘short-form’ report discussed in this chapter.
PE1
12. Frequent changes of auditors
A component could be a head office, parent, division,

CHAPTER 13 location, business unit, branch, subsidiary, activity, shared
Overview of a Group Audit service center, joint venture, associated company, or other
entity whose financial information is included in the group
financial statements. Determining what is a component will
require professional judgment and is guided by: the
structure of the group, the flow of the financial information
Definitions and the audit approach.
A component auditor is the auditor who, at the request of
the group engagement team, performs work on the Type of Work to be performed for components
financial information related to a component. Significant Audit of financial statements (component
components materiality)
A component is an entity or business activity which financial Components  Audit of the financial information;
information is included in the group financial statements. likely to  Audit of one or more account
The group engagement partner is the partner or other include balances, classes of transactions or
person in the firm who is responsible for the group audit significant disclosures relating to the
engagement and its performance, and for the auditor’s risks significant risks;
report on the group financial statements that is issued on  Specified audit procedures relating
behalf of the firm. to the significant risks
Important matters to be considered from management of Not significant  Analytical procedures

the group to be audited are: components  If not sufficient audit evidence is
1. The structure of the group company; available: the group engagement
2. Significant components; team selects not significant
3. The use of service organizations; components and performs or
4. A description of group-wide controls; request the component auditor to
5. The complexity of the consolidation process; perform one or more of the
6. Component auditors not being part of the network following procedures: audit of the
of the group auditor; financial information, audit of one
7. Having unrestricted access to relevant persons and or more account balances, classes
information; of transactions or disclosures, a
8. Ability to perform work on the financial information review or specific procedures.
of the components.
Understanding the Group Being Audited, Its Components
and Their Environments Information Required in Group Auditor Communication to
Matters to be considered are: the Component Auditor
1. Industry, regulatory and other external factors; 1. Confirmation that the component auditor will
2. The applicable financial reporting framework; cooperate with the group engagement team;
3. The nature of the entity; 2. Work to be performed by the component auditor;
4. Objectives and strategies and related business risks; 3. Ethical requirements that are relevant to the group,
5. Measurement and review of the entity’s in particular the independence requirements;
performance; 4. Component materiality and the threshold above
6. Instructions issued by group management to which misstatements cannot be regarded as clearly
components: accounting manual, reporting package trivial to the group financial statements;
and a timetable; 5. Identified significant risks of material misstatements
7. Identification and assessment of risks of fraud of the group financial statements due to fraud or
error, that are relevant to the work of the
Risks of material misstatement of the group financial component auditor;
statements that should be considered are:
1. A complex group structure or complex transactions; Communications from Group to Component Auditor
2. Poor corporate governance (cont.)
3. Ineffective group-wide controls; 1. List of related parties;
4. Components operating in foreign jurisdictions; 2. Timetable;
5. Business activities that involve high risk; 3. Dates of planned visits;
6. Specific consolidation items; 4. List of key contacts;
7. Unusual related party relationships and 5. Work to be performed on intra-group transactions;
transactions; 6. Guidance on other statutory reporting
8. Reconciliation issues; responsibilities;
9. Components’ accounting policies differ from group 7. Specific instructions for subsequent events;
policies; 8. Findings of the group engagement team’s tests of
10. Components with different financial year-ends; control activities of a processing system that is
11. Aggressive tax planning; common for all or some components and tests of
PE1
controls to be performed by the component and revenue, the basis on which the testing will be made
auditor; and the gauge or monetary precision or materiality, the
amount of maximum misstatements allowed.
9. Findings of internal audit; Investments Audit : Objectives & Audit Program
10. Request for timely communication of audit For investments audit procedures there are three
evidence that contradicts the audit evidence on objectives:
which the group engagement team originally based  Objective II is Investments exist and are owned by
the risk assessment at group level; the entity. (The financial statement assertions of
11. Request for a written representation on component management are existence and ownership).
management’s compliance with the applicable
financial reporting framework; Procedure Number 3 (from Objective II) is agree to
12. Matters to be documented including unusual authorization in the minutes of the Board of Directors
events;  MaasTec this year bought controlling interest in
13. Request for reporting: significant accounting, Newco, Design Information Planning and
financial reporting and auditing matters, going Programming Resources (DIPPER), Financial
concern issues, litigation or claim events, significant Investment National Enterprises (FINE) and 15 per
deficiencies in internal control and information that cent of Zap. Check the minutes of the board of
indicates the existence of fraud. directors to see if the board of directors authorized
the purchases.
Contents of Group Audit Instructions
1. General Objective II
2. Specific procedures Ask management for purchase agreements for Newco,
3. Company DIPPER and FINE. The team traces the purchase amounts to
4. Audit scope, fees & coverage the bank statement to verify the amount and payment.
5. Critical and Significant audit concerns . Review a due diligence report for the purchase of FINE.
6. Management Letters
7. New Accounting Standards One purchase agreement shows Sister Information Systems
8. Independence (SIS), not MaasTec (who was thought to be the owner), has
entered into a share purchase agreement to purchase all
Contents of Audit Planning Memo- Strategy Part shares of Newco. A discussion with management indicates
1. Introduction that Newco is owned by SIS, which is owned by Brother,
2. Follow- up from last year which is supposedly owned by MaasTec. There is no
3. Insights documentation supporting ownership of Brother by
4. Initial Risk analysis MaasTec. Send a confirmation letter to Newco to determine
5. Internal controls & control procedures ownership.
6. Identification of Critical Audit Objectives
7. Client Service Aspects item- action Expenses and Payables OBJECTIVES
8. Important contacts 1. All unpaid amounts due to suppliers or others for
9. Service Audit Team goods and services received prior to year-end are
included or otherwise accrued. (Completeness,
Audit Planning Memo – Plan Part existence, accuracy, and ownership.)
The plan part of the audit planning memorandum 2. All cash disbursements are valid and properly
summarizes technical matters,client service matters and recorded (i.e., they are for goods and services
logistical matters.It expands on the strategy part and received by the entity; classification as asset,
provides an overview of the client company, the industry expense, liability, and other accounts is
environment, significant audit concerns, and areas of appropriate.) (Existence and accuracy.)
interest to the audit team.The audit program primarily 3. Accounting principles are appropriate and applied
focuses on substantive year-end procedures to provide consistently (e.g., interest adjustments, if required,
guidance for the audit work in a practical way are recognized.) (Valuation,
presentation and disclosures.)
Contents of Audit Planning Memo - Plan Part 4. Review liabilities recorded after the end of the
1. Introduction period and review subsequent cash payments.
2. Audit approach 5. Vouch claims for credit from suppliers (e.g.,
3. Critical audit objectives receivables from suppliers) to supporting
4. Significant audit areas and accounting issues documents
5. Fees 6. Trade accounts receivable represent uncollected
6. Timetable sales or other charges to bona fide customers and
7. Client contacts are owned by the entity. (Existence and ownership.)
8. MaasTec Firm service team 7. All cash collections are accurately recorded.
(Completeness and accuracy.)
Audit Program (Audit Plan) 8. Valuation of trade receivables is appropriate (i.e.,
The audit plan, traditionally called “audit program” is a set provision is made for uncollectable amounts).
of standardized audit procedures that are needed to (Valuation, presentation and disclosures.)
substantially test the account balances and transactions
outlined in the audit planning memorandum.The audit Revenue and Receivables Procedures
program starts out with the basic data about value of assets
PE1
1. Vouch sales from shipping records to sales  You also take a look at the sales budget to see what
authorization, sales invoices, and sales I register, products sales are based on.
including relevant data (e.g. party, price,  You look at inventory turnover on a historical basis
description, quantity, and dates). and determine that the product management
2. Test sales invoice price of items to authorized lists. intends to cancel is a very slow-moving product and
3. Test processing to general and subsidiary ledgers. should have increased allowances for obsolescence.
4. Determine sequential numbering of sales invoices.
5. Analyze the VAT-payable to total sales Asset Balances / Expenses Objective
(Netherlands). Objective: Amounts prepaid, deferred or capitalized provide
6. Evaluate propriety and consistency of accounting future benefits; amounts and related amortization are
principles. calculated correctly; and write-down or loss provision is
7. Verify cut-off for sales, cash receipts, returns, etc. recorded. (existence, accuracy, valuation, ownership,
8. Verify the mathematical accuracy of relevant presentation and disclosure)
supporting schedules and agree to trial balance and
subsidiary records. Asset Balances / Expenses Audit Program
9. Confirm recorded receivables (amount, date, terms, Audit procedure number 6 is: Test write-offs during the
interest rate, etc.). period.
■ Does the Board of Directors authorize assumptions by
Revenue and Accounts Receivable Audit Program which the write-offs are calculated?
Confirm recorded receivables. ■ Have these assumptions changed because of change in
 Check replies to confirmations and investigate financial accounting standards?
exceptions. ■ Are the projections management used to determine
 Send second requests where replies to positive recoverability of assets reasonable and are they upgraded
requests are not received. (Exceptions to sending on a regular basis?
second requests for nonresponding positive ■ Are the valuation methods used in the projections the
confirmations should be rare and the reasons for same as those used in the financial statements?
not sending them should be fully documented.) ■ Is the allocation of overheads properly and consistently
 Investigate undelivered requests returned by post done?
office. If possible obtain better addresses and mail ■ Is the recovery of goodwill amortized over a reasonable
again. period of time?
Trade Accounts Receivable Audit Program Contents of Completion Memorandum
Confirm recorded receivable (amount, date, terms, interest 1. General
rate, etc.). 2. Critical audit areas
 Where replies are not received to positive requests 3. Accounting issues
for confirmation apply alternative audit procedures 4. Special audit problems (FINE)
(e.g. check subsequent remittance advices, shipping 5. Other matters
documents, billing records, customer orders and 6. Outstanding matters
correspondence files.) 7. Attached schedules
 Summarize results of confirmation requests and
alternative procedures. General – Completion Memo
The first item in the completion memorandum is the
Inventory and Cost of Sales OBJECTIVES statement that the engagement manager and partner have
Inventory is accurately compiled and priced in conformity reviewed the audit papers related to critical areas. The
with acceptable methods (e.g., FIFO, LIFO) consistently other important elements to discuss immediately are audit
applied. (Accuracy.) schedules, going concern considerations and your overall
opinion on the work.
Inventory Audit Program
 Test priced inventory listing. Critical Audit Areas / Accounting Issues / Other Matters
 Check the mathematical accuracy of the  Critical Areas are those to do with risk and
listing. significant concerns.
 Agree test counts with recorded quantities.  Accounting issues are broadly defined. Other topics
 Compare items on final inventory listing to physical described in the completion memorandum are
inventory tags, sheets, or lists, and vice versa. foreign exchange, pension plan and postretirement
 Determine that unused, voided, and no-quantity benefits.
tags are accounted for property.  Other matters are a round-up of miscellaneous
 Reconcile totals with general ledger control matters including illegal and questionable acts,
 Ascertain that corrections and adjustments to the management letter, summary of unadjusted audit
final listing are proper. differences and the status of statutory financial
 Scan the inventory listing and investigate unusual statements.
quantities or amounts.
Obsolete Inventory
 To review if inventory is obsolete you talk to
management and see if they have any products or
product lines they plan to cancel in the future.
PE1
Illustrative Audit Procedure 3

CHAPTER 14 – Appendix A Non-executive directors should be appointed for specified
The Combined code (UK), July 2003 : An Example of terms subject to re-election and to Companies Act
Auditors’ review of Corporate Governance Best provisions relating to the removal of a director.
Practices 1. –inspect the service contracts letter of appointment
of all directors who were members of the board at
any time during the period under review
2. –check whether the non-executive directors’
contracts specify the terms of appointment;
Directors 3. –consider, for those non-executive directors who
Some key provisions came to the end of their term during the period,
Example of audit implications whether there is evidence that their re-
Audit procedures appointment was formally considered by the board.
Some key provisions CHAPTER 14 – Appendix B

1. The chairman should ensure that new directors Governance and Auditing in a Public Interest
receive a full, formal and tailored introduction on Contexy
joining the board.
2. The board should identify in the annual report each
non-executive director it considers to be
independent.
3. Except small companies and the chairman, at least
half of the board should comprise non-executive The Example of Bank Auditing and its Relation to Banking
directors. Supervision
4. A mostly independent nomination committee which Principal–Agent Relationship.
should lead the process for board appointments  Shareholders have appointed a board of directors
and make recommendations to the board. who govern a company on their behalf. The board is
5. All directors should be subject to election by responsible for arranging appropriate management
shareholders at the first annual general meeting of the company and faithfully reporting the results
after their appointment, and to re-election to the shareholders.
thereafter at intervals of no more than three years.  Information asymmetry between principals and
The names of directors should be accompanied by agents calls for the basic function of the auditor.
sufficient biographical details.  With banks everyone who has an interest in the
6. Non-executive directors should be appointed for stability of the financial system (“public interest”)
specified terms subject to re-election and to are the principles
Companies Act provisions relating to the removal of  As everybody is a principal to an interrelated
a director, and re-appointment should not be complex of agents, the expectation that auditors
automatic. could reduce the information asymmetry
sufficiently is modified.
Audit Implications
The control environment could be considered weak if there International Auditing Practice Statement 1004 (IAPS
are insufficient non-executive directors.If directors are not 1004)
properly trained can they make strategic decisions about Issued by Basel Committee on Banking Supervision and
the company’s operations? International Auditing Practices Committee
 Describes the roles and responsibilities of a bank’s
With more independent directors, the directors may not board of directors and management, the bank’s
have the necessary understanding of the company’s internal and external auditors, and the banking
business and industry it operates in to make informed supervisors
strategic decisions.With directors being up for re-election  Sets out the primary responsibility of the board of
every three years there may be less continuity on the board. directors and management.
 Examines the essential features of the role of
Illustrative Audit Procedure 1 external auditors and banking supervisors.
The board should have a formal schedule of matters  reviews the relationship between
specifically reserved to it for decision  the banking supervisor and the bank’s external
1. –inspect the schedule of specific matters noting auditor
when this was last updated;
2. –inspect the board minutes recording adoption of The Responsibilities of Bank•fs Board of Directors and
the most recent schedule; Management
3. –consider whether the contents of the schedule are Those who are charged with the governance of the bank
likely to be adequate for the business taking into should insure
account its size, nature and complexity;  those entrusted with banking tasks have sufficient
4. –consider whether the schedule of matters appears expertise and integrity
to be followed by reference to board minutes  adequate policies, practices and procedures related
throughout the period, and to any transactions, of to the different activities of the bank are
which we are aware, that would appear to require established and complied with
board approval  appropriate management information systems
PE1
 appropriate risk management policies and KAP ABC yang digunakan sebagai dasar dalam penawaran
procedures; umum saham perdana tersebut. Pada Akhir tahun 2014,
 statutory and regulatory directives, including telah terjadi overstated nilai penjualan dan laba bersih
directives regarding solvency and liquidity, are untuk tahun yang berakhir pada 31 Desember 2013. Hal
observed; tersebut tidak ditemukan dalam proses audit yang
 the interests not only of the shareholders but also dilakukan oleh KAP ABC.
of the depositors and other creditors are
adequately protected Pertanyaan :
a. Apakah menurut saudara,KAP ABC melakukan kelalaian
Role of the Bank’s External Auditor and of the Banking (Negligence). Jelaskan pendapat saudara !
Supervisor b. Jelaskan tanggung jawab auditor dalam mengidentifikasi
1. Characteristics that distinguish banks dan melaporkan error dan irregularity dalam laporan
2. Role of the banking supervisor keuangan
“key objective or prudential supervision is to
maintain stability and confidence in the financial SOAL 2 : ETHICS FOR PROFESSIONAL ACCOUNTANT
system, thereby reducing the risk of loss to
depositors and other creditors.” PT ABC adalah perusahaan nonpublik yang selama ini
3. Banking license diaudit oleh KAP Budi dan Rekan, Tahun 2015,perusahaan –
Lists the basic requirements for a banking license perusahaan berencana go Public dan mengundang
ordinarily found in most systems beberapa KAP untuk tender termasuk KAP yang terdahulu.
4. Capital base accord – adequate capital base Hasil diskusi dan asesmen manajemen sbb :
5. Bank risks credit risk, market risk, liquidity risk, a. Supaya tidak repot dan lebih murah maka jasa perpajakan
operational risk, legal risk, and reputational risk. dan audit akan diberikan pada satu KAP
6. Supervisors’ efforts b. Karena KAP Budi dan rekan agak ketat dan sulit
berkomunikasi dengan PT ABC maka manajemen
Relationship Between Banking Supervisor and External memutuskan untuk tidak memakai jasa KAP Budi dan rekan
Auditor c. KAP John dan rekan dipilih oleh manajemen ,khususnya
The supervisor monitors the present and future viability of atas saran Direktur Keuangan karena alasan antara lain L
banks and uses their financial statements in assessing their - KAP John dan rekan menawarkan harga paket Jasa (butir
condition and performance. The external auditor is 1) yang lebih murah
primarily concerned with reporting on the bank’s financial - Audit manager yang ditugaskan memimpin audit adalah
statements.The supervisor is concerned with the keponakan dari Direktur Keuangan PT ABC. Dengan
maintenance of a sound system of internal control and the hubungan ini diharapkan proses audit akan berjalan dengan
external auditor is concerned with the assessment of lancar. Disamping itu juga, Audit Manager ini berencana
internal control. Both must be satisfied that there are akan membeli saham PAAT ABC jika IPO nanti.
adequate records, banking supervisor to determine
profitability and the external auditor with material KAP John dan rekan menerima penugasan dari PT ABC
misstatements. Saudara diminta untuk menganalisa situasi ini dari tinjauan
etika
Governance Communications
Audit matters that need reporting include only those SOAL 3 : AN AUDIT SERVICES
matters that have come to the attention of the auditor as a
result of the performance of the audit. Certain audit Kecuali untuk jasa konsultasi, standar penugasan
matters of governance interest are likely to be of interest to (engagement standards) yang dikeluarkan oleh
banking supervisors, particularly where those matters may International Auditing and Assurance Standards Board
require urgent action by the supervisor. When required by (IAASB) mengatur pekerjaan-pekerjaan yang dilakukan oleh
the supervisory, legal, or regulatory framework, or by a Auditor. Standar-standar tersebut dapat diklasifikasikan
formal agreement or protocol, auditors communicate menjadi pedoman untuk (a) assurance engagement dan (b)
directly to the banking supervisor. The auditor considers related services
communicating such matters to the banking supervisor
when management or those charged with governance do Pertanyaan :
not do so. a. Sebutkan dan jelaskan secara ringkas standar-standar
penugasan tersebut
b. Berdasarkan standar-standar tersebut, kategorikan jasa-
UTS SEMESTER GENAP 2014/2015 jasa yang dapat diberikan oleh auditor. Jelaskan secara
PENGAUDITAN I
OPEN BOOK ringkas jasa-jasa tersebut
c. Sebutkan satu saja jasa dari jasa-jasa yang disebutkan
dalam butir (b) di atas yang tidak boleh dilakukan oleh
praktisi yang sedang melakukan pekerjaan audit atas
laporan keuangan historis,sebutkan alasannya
SOAL 1 : THE AUDIT MARKET SOAL 4 : THE RISK BASED APPROACH TO AUDIT
PT 123 melakukan penawaran umum saham perdana ke Pada Bulan Juli 2014,Kantor Akuntan Publik XYZ baru saja
publik atau masyarakat pada akhir Juni 2014 dengan nilai mendapatkan satu klien,PT ABC Tbk. ("ABC” ) . PT ABC
sebesar Rp 250 Milyar. Laporan Keuangan PT 123 untuk adalah entitas yang sahamnya terdatar di pasar modal
tahun yang berakhir 31 Desember 2013 telah diaudit oleh
PE1
dengan Tahun Buku 31 desember. Direktur utama ABC, Roni Management Responsibiliy for the financial statements
menginformasikan bahwa dia bermaksud untuk mengubah
ABC menjadi entitas tertutup (go private) dengan usulan Management isrepsonsible for the preparations and fair
tersebut, suatu entitas baru akan didirikan oleh Rono, presentation of these financial statements in accorance wit
dimana dia akan menjadi direktur utamanya. Entitas baru Indonesian Financial Accounting Standards, and or such
tersebut akan membeli seluruh saham dari pemegang internal control as management determines is necessary to
saham publik, keucali yang dimiliki oleh kelompok yang enable the preaparation of financial statements that are
melakukan buy-out,dan dilakukan pada harga pasar. free from materil misstatement,wheter due to fraud of error
ABC didirkan tahun 1980,dengan bisnis utamanya UAS SEMESTER GENAP 2014/2015
meneyediakan pendanaan untuk kepemilikan rumah PENGAUDITAN I
dengan syarat ringan,antara lain uang muka yang lebih OPEN BOOK
rendah dibandingkan intitusi pendanaan lain (misalnya
perbankan). Mayoritas nasabah ABC terdiri dari perorangan
dan keluarga yang selain tidak mampu mebayar uang muka
yang diminta oleh Perbankan, juga memiliki penghasilan
yang cukup rendah sehingga sulit untuk mendapatkan
pembiayaan dari Insitutis konvensional SOAL I : PRE-PLANNING ACTIVITIES (CLIENT ACCEPTANCES)
Umumnya ,nasabah ABC (Sekitar 90%) dari total nasabah Tahap paling awal dari Proses pengauditan adalah evaluasi
mempunyai tingkat pendapatan Tahunan antara Rp 35 Juta Apakah perushaaan yang meminta lpaoran keuangannnya
sampai Rp 45 juta. Pangsa pasar ABC terutama di Jawa diaudit dapat diterima sebagai klien . Sementara itu, sebuah
Barat dan Jawa Timur. Akan tetapi, berdasarka riset terbaru kantor akuntan publik adlaah bentuk badan usaha yang
oleh AVC, pasar di jawa Tengah juga kelihatannya cukup pendapatan utamanya berasal dari pemberian Jasa Audit.
menjanjikan. Meskipun persaingan di pasar cukup ketat, Seleksi klien,dengan demikian,akan mengurangi peluang
Roni merasa bahwa ABC merupakan yang erbaik dalam memperoleh pendapatan dan bertentangan dengan tujuan
melayani pendanaan rumah bagi nasabah yang tidak cocok usaha
untuk dilayani oleh insititusi konvensional
Jawablah pertanyaan-pertanyaan berikut. Kaitkan jawaban
Pada Akhir Tahun 2014, diperkirakan harga-harga secara saudara dengan resiko terkait atau pelanggaran etika yang
umum akan meningkat pula mungkin terjadi.
Diminta : 1. Mengapa seorang akuntan publik harus melakukan

a. Identifikasikan resiko bisnis yang dihadapi oleh ABC ! seleksi terhadap perusahaan yang akan diteirma sebagai
b. Berdasarkan risiko bisnis yangd iidentifikasi, bidang- klien ?
bidang berisiko tinggi (high risk areas) mana dari suatu audit 2. Jelaskan faktor-faktor yang perlu diperhatikan dalam
yang harus difkouskan oleh tim perikatan audit dan jelaskan proses evaluasi penerimaan klien audit (Bedakan antara
bagaimana nasing-masing resiko bisnis mempengaruhi Klien baru dan klien lama)
bidang-bidang beresiko tinggi tersebut ! 3. Jelaskan pengaruh faktor-faktor tersebut dalam
pertanyaan (2) dengan perencanaan audit yang akan
SOAL 5 : OVERALL OBJECTIVES OF THE AUDITOR AND THE saudara buat
CONDUCT OF AN AUDIT IN ACCORDANCE WITH ISA
SOAL II : UNDERSTANDING THE ENTITIY (RISK ASSESSMENT
Audit Risk sering disingkat sebagai AR dan dirumuskan AND MATERIALITY)
sebagai berikut :
Susy,CPA diminta untuk menerima perikatan audit atas
AR = IR (Inhenerent Risk) X CR (Control risk) X DR (Detection sbeuah institusi keuangan kecil, Susy sebelumnya belum
Risk) pernah mengaudit institusi keuangan
Diminta :
Pertanyaan : a. Jelaskan pemahaman apa saja yang harus diperoleh Susy
a. Terangkan arti dari tiap resiko tersebut di atas ! tentang Klien dan lingkungan bisnis klien tersebut untuk
b. Terangkan hubungan dari Audit risk,dengan Inherent dapat membuat perencanaan atas audit klien tersebut
isk,Control Risk dan Detection Risk b. Susy menilai bahwa resiko auditu untuk lien tersebut
c . Berikan contohnya untuk masing-masing resiko tersebut! adalah rendah. Apakah anda setuju dengan penilaian Susi
tersebut, Jelaskan !
SOAL 6 : INTRODUCTION TO AUDITORS REPORT c. Hayes,et.al (2005) menjelaskan bahwa terdapat “ Inverse
relationship between materiality and Audit Risk”. Jelaskan !
a. Apa Alasannya Auditor’s Report harus diberi Judul :
Laporan Auditor Independen SOAL III : INTERNAL CONTROL AND CONTROL RISK
b. Apa Alasannya Auditors Report ditujukan kepada
Pemegang saham perusahaan Andi dan Aria adalah dua orang Sahabat sejak masa kuliah
c. Sebutkan 3 Hal yang paling penting yang disebutkan pada dan saat ini mereka bekerja pada dua KAP yang berbeda.
paragraf tentang tanggng jawab manajemen yang Dalam Salah satu perbincangan di akhir minggu mereka
dicantumkan pada UAQditors rpeort,sebagai berikut : berdiskusi tentang pentingnya memahami dan me-review
efektivitas struktur pengendalian Intern untuk menentukan
jumlah bahan bukti audit (Audit Evidence) yang harus
diperoleh dalam suatu penugasan Andi berpendapat bahw
PE1
auntuk setiap pemeriksaan laporan keuangan, tanpa Situasi 1 : Kinerja keuanga perusahaan saat ini sedang
memperdulikan besar atau kecilnya perusahaan yang dalam tekanan,karena persaingan yang luar biasa dalam
diperiksa,struktur pengendalian intern harus dievaluasi kondisi pasar yang sudah jenuh
dengan hati-hati. Dalam setiap penugasan, KAP-nya
mengharuskan diselesaikannya suatu daftar pertanyaan Situasi 2 : Manajemen perusahaan sangat kuat pada konsep
(kuesioner) pendenalian Intern yang standar serta marketing,sehingg sleuruh biaya dan usaha semata-mata
dibuatnya bagan arus (flow chart) untuk setiap sistem dan hanya untuk marketing. Akibatnya,laporan keuanga tidak
control yang utaman pada perushaaan. Selain itu,sebagai pernah dilihat dan budget untuk bagian akuntansi sangatlah
dasar untuk menentukan besarnya bahan bukti audit yang rendah
harus diperoleh, KAP-nya menghendaki dilakukan
pemahaman atas struktur pengendalian intern dan Situasi 3 : Pemilik perusahaan beranggapan bahwa
penetapan (assesment) tingkat resiko pengendalian membayar pajak adalah suatu pemborosan,karena selama
20 tahu berusaha,para pemilik perusahaan ini belum
Aria menjawab,dia yakin bahwa sebagianbesar perusahaan melihat secara pasti manfaat membayar pajak. Sehingga
kecil yang diauditnya tidak memiliki struktur pengendalian manajemen perusahaan telah terbiasa melakukan rekayasa
intern yang efektif,oleh karenanya dia tidak laba untuk menurunkan jumlah pajak penghasilan
memyelenggarakan pemahaman atas struktur pengendalian
intern dan penetapan tingkat resiko pengendalian atas Situasi 4 : Jumlah aset perusahaan secara signifikan
perusahaan dengan struktur pengendalian intern yang tidak ditentukan berdasarkan estimasi yang sangat rumit
efektif. Kemudian, selanjutnya dia menjawab mengapa ia
harus membuang banyak waktu untuk mengevaluasi suatu Situasi 5 :
pengendalian Intern yang telah dikatahui sejak semla Perusahaan X Corp,adalah perusahaan multinasional dan
mengandung begitu banyak kelemahan dimana waktu yang mempunyai anak perusahaan di beberapa negara. Di
digunakan untuk menguji kebenaran laporan keuangan negara-negara tertentu, GCG tidaklah populer,sedangkan
perusahaan tersebut regulasi yang dikeluarkan pemerintah setempat dapat
dengan mudah dibuat atau diubah sesuai dengan
a. Berikan tanggapan anda terhadap pendapat Andi dan kebutuhan
Aria dan berikan acuannya
b. Apakah suatu sistem pengendalian intern yang dinilai Situasi 6 :
sangat efektif harus dilakukan pengujian pengendalian (test Setiap tahun,untuk mempertahankan laba dan
of contrl) dan berikan alasannya ! bonus,manajemen perusahaan mencoba melakukan
c. Dalam kaitannya dengan komponen Internal pada COSO, manipulasi laporan keuangan dengan cara yang canggih dan
jelaskan mengapa control environment menjadi dasar dari bervariasi
Internal Contro
SOAL IV : INTERNAL CONTROL AND FRAUD RISK (ISA 240)
Dr. Donal Cressey ,seorang Criminologist,melakukan riset
tentang Fraud yang difokuskan pada Fraudsters. Menurut
Dr. Cressey, ada 3 hal yang mendorong terjadinya sebuah
fraud, yaitu Pressure (dorongan), opportunity (peluang),dan
rationalization (rasionalisasi). Sebagai auditor,anda harus
mampu melihat situasi dan kondisi yang dapat memicu
terjadinya fraud,misalnya :
Situasi :
Kondisi perekonomian saat ini sedang tidak terlalu kondusif
bagi Industri tekstil dan Garmen,sehingga revenue atau
pendapatan perusahaan tidak stabil,sedangkan biaya
operasi secara konstan naik setiap bulannya. Manajemen
perusahaan memperoleh tekanan untuk tetap menjaga
kestabilan harga saham di Bursa saham
Jawaban
Pressure, karena bila manajemen tidak dapat menjaga
kinerja perusahaan,seperti stabilitas laba perusahaan akan
mebgakibatkan para pemegang saham melepaskan
kepemilikan sahamnya, bila hal ini terjadi maka harga sama
perusahaan akan terpuruk
Pertanyaan :
Berikut ini ada 6 situasi yang dapat memicu terjadinya
Fraud, klasifikasikan dan terangkan dengan singkat tiap-tiap
situasi dibawah ini,sesuai dengan kondisi yang mendorong
terjadinya Fraud.
PE1
PENGAUDITAN II
The insurance hypothesis suggests that the auditor can
CHAPTER 1 provide insurance to people relying upon the audited
Why are Auditors needed ? information, as they can recover damages from negligent
auditors. A successful damages claim against the auditor is
effectively the equivalent of a successful claim against an
Auditing insurance company.
Auditing has become headline news after recent corporate
scandals, and the competence and independence of Accuracy of accounts
auditors have been questioned, focusing attention on the Difficulties in proving the accuracy of accounts include:
purpose of audit and the way in which companies are (a)insufficient evidence;
managed. (b)judgement involved in the preparation of accounts in
such matters as: useful lives of fixed assets;saleability or
Several important auditing issues are considered: usability of stock; collectability of debtors;and profit to be
(a) the distinction between the position of manager and of taken up on a long-term contract.
owner not involved in management;
(b)audit as a search for evidence; The most that can be expected is that financialstatements
(c)the use of simple procedures to test management give a reasonable picture; what isreasonable depends on
assertions viewpoint and theinformation available to the user. In most
(d) the idea that information breeds information; bookkeeping areas accuracy is expected :
(e) the importance of management integrity;
(f) professional scepticism; (a) debtors properly recorded;
(g) the distinction between personal and business expenses; (b)stock accurately counted; and
(h) the role of the accounting system in achieving accurate (c)trade creditors and fixed assets completely and
bookkeeping accurately determined.
(i) the use of information from an independent source;
(j) actual personal experience as a valuable source of Truth and fairness is not easily defined but we expect
evidence. accounts:
(1) not to mislead the reader;
Justifications of audit (2) to contain a certain degree of accuracy;
Three justifications of audit are: (3)to be supplemented by explanatory notes;
 the information hypothesis; (4)to give a reasonable view of financial affairs and results;
 agency theory; (5)to be proved true and fair (or not) on the basis of
 the insurance hypothesis. sufficient, appropriate audit evidence.
The information hypothesis suggests auditors are needed Framework of audit assignment
because information becomes more reliable as the result of The typical basis framework for a larger audit assignment
audit, and is therefore more useful to decision makers. comprises:
Agency theory suggests audit is justified because providers (1) preliminary stages;
of resources cannot trust managers to use resources (2) systems work and transaction testing;
properly on their behalf .Basic ideas behind of agency (3) preparation for final work;
theory are: (4) final work..
(a)principals and agents both try to maximize their own AUDIT PROCESS
wealth; Preliminary stages
(b) a monitoring mechanism in the form of a financial report
is required, and is advantageous to both principals and 30 March 2006
agents; Firm asked to carry out work.
(c) different groups of rational individuals have different
information, allowing informed individuals to profit at 3 April 2006
other’s expense; Meeting to discuss terms of reference; forms the basis for
(d)agents recognize that principals will be more willing to the letter of engagement.
believe performance reports if verified by an independent
party; (e) professional external auditors are the most cost- 24–28 April 2006
effective monitoring device. Visit company to familiarize audit firm with industry and
company. Meet with management. Prepare first (global)
plan and free estimate.
PE1

Ringkasan Audit 1

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Ringkasan Audit 1

Hochgeladen von

Copyright:

Verfügbare Formate

Disusun oleh : Muhammad Firman (Akuntansi FE UI 2012)

CHAPTER 2 The International Forum of Independent Audit Regulators

Intimidation Threat Advocacy Threat

Actual or Threatened Litigation CHAPTER 4

3. suitable criteria, 3. national standards

7. Obtain an engagement letter. Review existing partner and staff competencies:

a suitable, recognized control framework established by a IT Risks

The effectiveness of an analytical procedure is a function

Existence Assets, liabilities, and equity interests

Completeness All disclosures that should Substantive Procedures

Evidence-gathering techniques are: Vouching and Tracing

Recalculation information provided in the request. Use for large

CHAPTER 10 - Appendix Audit Testing

Substantive Tests of Details 3. When performing tests of control, the auditor

Audit Process Model – Phase IV Evaluation and Reporting

The London Stock Exchange Code of Best Practice state

3. Adjusting journal company’s ability to record, process, summarize, and report

Management Responsibility for Audit Report - SOx

20X8, based on [Identify control criteria, for example,

assurance about whether the financial statements are free

12. Frequent changes of auditors

A component could be a head office, parent, division,

Important matters to be considered from management of Not significant  Analytical procedures

Illustrative Audit Procedure 3

Some key provisions CHAPTER 14 – Appendix B

Diminta : 1. Mengapa seorang akuntan publik harus melakukan

Das könnte Ihnen auch gefallen