(NFJPIA-R4) Auditing Comprehensive Handout
Uploaded by
aruray0611(NFJPIA-R4) Auditing Comprehensive Handout
Uploaded by
aruray06110
AUDITING
COMPREHENSIVE
HANDOUT
1
AUDITING
THEORY
2
FUNDAMENTALS OF ASSURANCE ENGAGEMENTS
Assurance Services/Engagements:
● Assurance services – independent professional services in which a practitioner issues a written
communication that expresses a conclusion designed to enhance the degree of confidence of the
intended users other than the responsible party about the outcome of the evaluation or
measurement of a subject matter against criteria
● Assurance engagement – an engagement in which a practitioner expresses a conclusion designed
to enhance the degree of confidence of the intended users other than the responsible party about
the outcome of the evaluation or measurement of a subject matter against criteria
Objective of an Assurance Engagement, In General:
Assurance engagements performed by professional accountants are intended to enhance the
credibility of information about the outcome of the evaluation or measurement of a subject matter against
criteria, thereby improving the likelihood that the information will meet the needs of an intended user.
Assurance engagements enhance the degree of confidence of the intended user because the quality of
information for decision making is improved.
Objective of Assurance Engagements:
According to the Philippine Framework for Assurance Engagements, an assurance engagement is
conducted:
a. To provide a high level of assurance that the subject matter conforms in all material respects with
identified suitable criteria; or
b. To provide a moderate level of assurance that the subject matter is plausible in the circumstances.
Types of Assurance Engagements and their Objectives:
1. Reasonable assurance engagements – engagements that provide high, but not absolute, level of
assurance
● Also called high-level engagements
3
● The objective of a reasonable assurance engagement is a reduction in assurance
engagement risk to an acceptably low level as the basis for a positive form of expression of
the practitioner‘s conclusion.
2. Limited assurance engagements – engagements that provide only a “moderate” or “limited” level
of assurance
● The objective of a limited assurance engagement is a reduction in assurance engagement
risk to an acceptable level as the basis for a negative form of expression of the practitioner‘s
conclusion. Thus, the risk in limited assurance engagement is greater than for a reasonable
assurance engagement.
Assurance Engagement Risk:
● Assurance engagement risk is the risk that the practitioner expresses an inappropriate conclusion
when the subject matter information is materially misstated.
● Components of assurance engagement risk:
1. Risk of material misstatement – the risk that the subject matter is materially misstated
a. Inherent risk – the susceptibility of the subject matter information to a material
misstatement, assuming that there are no related controls
b. Control risk – the risk that a material misstatement that could occur will not be
prevented, or detected and corrected, on a timely basis by related internal controls
2. Detection risk – the risk that the practitioner will not detect a material misstatement that
exists
Assertion-based and Direct Reporting Engagements:
1. Assertion based engagements – evaluation or measurement of the subject matter is performed by
the responsible party, and the subject matter information is in the form of an assertion by the
responsible party that is made available to the interested users
● Assertion-based engagements are also known as attestation engagements
● Examples of assertion-based engagements:
a. Audit engagements
b. Review engagements
4
2. Direct reporting engagements – the practitioner either directly performs the evaluation or
measurement of the subject matter, or obtains a representation from the responsible party that has
performed the evaluation or measurement that is not available to the intended users
Range of Assurance Engagements:
a. Engagements to report on a broad range of subject matters covering financial and non-financial
information
b. Attest and direct reporting engagements
c. Engagements to report internally and externally, and
d. Engagements in the private and public sector
Examples of Assurance Engagements:
1. Audits of financial statements
2. Examination of prospective financial statements
3. Reporting on compliance with laws, rules and regulations
Requirements before a practitioner can accept an assurance engagement:
Only where the practitioner‘s knowledge of the engagement circumstances indicates that:
1. Relevant ethical requirements, such as independence and professional competence will be
satisfied; and
2. The assurance engagement exhibits all of the following characteristics:
a. The subject matter is appropriate
b. The criteria to be used are suitable and are available to the intended users
c. The practitioner has access to sufficient appropriate evidence to support the
practitioner‘s conclusion;
d. The practitioner‘s conclusion, in the form appropriate to either a reasonable
assurance engagement or a limited assurance engagement, is to be contained in a
written report, and
e. The practitioner is satisfied that there is a rational purpose for the engagement.
5
Elements of Assurance Engagements:
Not all engagements performed by practitioners are assurance engagements. An assurance engagement
must have the following elements:
1. Three party relationship (involving a practitioner, a responsible party and intended users)
2. Appropriate subject matter
3. Suitable criteria
4. Sufficient appropriate evidence
5. Written assurance report in the form appropriate to a reasonable assurance engagement or a
limited assurance engagement
Three Party Relationship:
a. Practitioner – CPA in public practice who performs the assurance engagement
b. Responsible party – person/s who is responsible for the subject matter or the assertion (subject
matter information)
For example, an entity‘s management is responsible for the preparation and presentation of
financial statements or the establishment and implementation of internal control.
c. Intended user/s – person, persons or class of persons for whom the practitioner prepares the
assurance report; they are the users to whom the practitioner usually addresses the report
Appropriate Subject Matter:
Subject matter refers to the information to be evaluated or measured against the criteria. Subject
matter information means the outcome of the evaluation or measurement of a subject matter.
Requirements for subject matter to be considered appropriate:
a. Identifiable
b. Capable of consistent evaluation and measurement against suitable criteria
c. In the form that can be subjected to procedures for gathering evidence to support that
evaluation or measurement
6
Suitable Criteria:
Criteria refer to the standard or benchmark used to evaluate or measure the subject matter of an
assurance engagement, including, where relevant, benchmarks for presentation and disclosure. Without
frame of reference provided by suitable criteria, any conclusion is open to individual interpretation and
misunderstanding.
Five characteristics of suitable criteria:
a. Relevance – relevant criteria contribute to conclusions that assist decision-making by the
intended users
b. Completeness – criteria are sufficiently complete when relevant factors that could affect the
conclusions in the context of the engagement circumstances are not omitted. Complete
criteria include, where relevant, benchmarks for presentation and disclosure.
c. Reliability – reliable criteria allow reasonably consistent evaluation or measurement of the
subject matter when used in similar circumstances by similarly qualified practitioners
d. Neutrality – neutral criteria contribute to conclusions that are free from bias
e. Understandability – understandable criteria contribute to conclusions that are clear,
comprehensive, and not subject to significantly different interpretations
Two types of criteria:
1. Established criteria – are those criteria that are embodied in laws or regulations or issued by
authorized or recognized bodies of experts that follow a transparent due process Examples:
2. Specifically developed criteria – those criteria specifically designed for the purpose of the
engagement
Sufficient Appropriate Evidence:
The practitioner shall plan and perform the engagement with an attitude of professional skepticism
to obtain sufficient appropriate evidence that the assertions are free of material misstatements.
7
Written Assurance Report:
A written assurance report should be in the form appropriate to a reasonable assurance
engagement or a limited assurance engagement.
The practitioner should provide a written report containing a conclusion that conveys the assurance
obtained about the subject matter information. In addition, the practitioner considers other reporting
responsibilities, including communicating with those charged with governance when it is appropriate to do
so.
Levels of assurance provided in the written report:
Type or level
Form of conclusions Example
of assurance
Reasonable Positive form of expression of the “In our opinion internal control is effective, in all
assurance practitioner‘s conclusion material respects, based on XYZ criteria.”
“Based on our work described in this report,
Limited
Negative form of expression of the nothing has come to our attention that causes
assurance
practitioner‘s conclusion us to believe that internal control is not effective,
in all material respects, based on XYZ criteria.”
Attestation Services:
An attestation service is a type of assurance service in which a practitioner is engaged to issue a
written communication that expresses a conclusion about the reliability of a written assertion that is the
responsibility of another party. Attestation generally refers to an expert's written communication of a
conclusion about the reliability of someone else's assertions.
8
The subject matter of attestation services include:
● Financial and non-financial in nature
● Future-oriented financial information (such as the examination of prospective financial
information)
● Management's discussion and analysis
● Effectiveness of internal control
● Compliance with statutory, regulatory, and contractual obligations
Relationships among Auditing, Attestation, and Assurance Services:
a. Similarity: These services are often used interchangeably because they encompass the same
decision-process
b. Main difference/distinction: Scope of services
● “Assurance services” is broader in scope and in concept than either auditing or attestation.
It encompasses both audit and attestation services. Otherwise stated, attestation and audit
services are subsets of assurance services.
● “Attestation services” is broader than audit because attest function is beyond historical FS.
Attestation services cover even non-GAAP FS.
● Auditing, particularly FS audit, is a type of assurance and attestation service that involves
examination of historical FS prepared in accordance with GAAP.
Non-assurance Engagements:
Not all engagements are assurance engagements. Other engagements performed by practitioners
that do not meet the definition of assurance engagement are classified as non-assurance engagements
or services. Non-assurance engagements are those that do not result in the practitioner‘s expression of a
conclusion that provides a level of assurance, whether negative assurance or other form of assurance. The
practitioner does not convey to the intended users any assurance as to the reliability of an assertion.
The practitioner‘s primary purpose for performing non-assurance services is to provide advice and
technical assistance that will enable a client to conduct its business more effectively.
9
Examples of non-assurance engagements:
1. Related services, such as:
a. Agreed-upon procedures engagements, and
b. Compilations of financial or other information engagements
2. Tax services (such as the preparation of tax returns where no conclusion conveying
assurance is expressed)
3. Consulting (or advisory) engagements, such as management and tax consulting
Levels of Assurance for Audit, Review, Agreed-upon Procedures and Compilation
The basic distinction between audit, review and related services is the level of assurance provided by
the auditor in the engagement.
Assurance refers to the practitioner‘s satisfaction as to the reliability of an assertion being made by
one party for use by another party. The level of assurance is the degree of the practitioner‘s satisfaction or
degree of certainty the practitioner has attained and wishes to convey to intended users. Such level or
degree of assurance depends on the procedures performed and the evidence collected by the practitioner.
Engagements and level of assurance:
1. Audit: The auditor provides a reasonable (high, but not absolute) level of assurance that the
information subject to audit is free of material misstatement. This is expressed positively in
the audit report as reasonable assurance.
2. Reviews: The auditor provides a moderate/limited level of assurance that the information
subject to review is free of material misstatement. This is expressed in the form of negative
assurance.
3. Agreed-upon procedures: No assurance is expressed. The auditor simply provides a report of
the factual findings. Users of the report assess for themselves the procedures and findings
reported by the auditor and draw their own conclusions from the auditor's work.
4. Compilation: Although the users of the compiled information derive some benefit from the
accountant's involvement, no assurance is expressed in the report.
10
Philippine Framework for Assurance Engagements:
The Framework:
● Defines and describes the elements and objectives of an assurance engagement.
● Identifies engagements to which assurance engagement standards (PSAs, PSREs, and PSAEs)
apply
● Provides frame of reference for:
a. Practitioners who perform assurance engagements (such as audit and review
engagements)
b. Others involved with assurance engagements (such as the intended users and the
responsible party), and
c. The International Auditing and Assurance Standards Board (IAASB) in its development
of assurance engagement standards which will be adopted by the AASC for
application in the Philippines.
● Distinguishes assurance engagements and non-assurance engagements (non-assurance
engagements are not covered by the Framework).
● Sets out characteristics that must be exhibited before a practitioner can accept an
assurance engagement.
Reports on Non-Assurance Engagements:
a. Should not use the words “assurance”, “audit” or “review”
b. Should not imply compliance with assurance engagement standards (PSAs, PSREs or PSAEs)
c. Should not include a statement that may be misinterpreted as assurance engagements
Practitioner’s association with the subject matter: A practitioner is associated with financial information
when:
a. The practitioner reports on information about that subject matter, that is, the practitioner attaches a
report to that financial information; or
b. The practitioner consents to the use of the his name in a professional connection with that subject
matter
11
If the practitioner is not associated in this manner, third parties can assume no responsibility of the
practitioner.
Remedies in case of inappropriate use of the practitioner’s name by other party:
If the practitioner learns that a party is inappropriately using the practitioner‘s name in association
with a subject matter, the practitioner should:
● Require the other party (i.e., management) to cease associating the practitioner with the subject
matter
● Consider what other steps may be needed, such as informing any known third party users of the
inappropriate use of the practitioner‘s name
● Seek legal advice
12
INTRODUCTION TO AUDITING
Auditing, Defined:
Auditing is “a systematic process of objectively obtaining and evaluating evidence regarding
assertions about economic actions and events to ascertain the degree of correspondence between those
assertions and established criteria and communicating the results to the interested users.”
Two processes of auditing:
a. Investigative process – involves the systematic gathering and evaluation of evidence as a
basis for determining whether assertions made by responsible person correspond with the
established criteria
b. Reporting process – involves communicating the audit opinion to interested users
Important Concepts:
1. Systematic process – auditing involves structured/logical series of sequential steps
or procedures known as the audit process
2. Objectively obtaining and evaluating evidence – auditing involves gathering and
evaluating sufficient appropriate audit evidence that will support the auditor‘s
opinion
● Objectivity refers to the combination of impartiality, intellectual honesty and
freedom from conflicts of interest.
● Audit evidence is the information obtained by the auditor in arriving at the
conclusions on which the audit opinion is based.
3. Assertions about economic actions and events – assertions are the subject matter
of auditing
13
● In the context of audit of financial statements, assertions are
representations of management, explicit or otherwise, that are embodied in
the financial statements.
● Audit evidence gathered and evaluated by the auditor may support or
contradict the assertions of management.
4. Established criteria – the standards or benchmarks that are needed to judge the
validity of the assertions on the financial statements
● In the context of audit of financial statements, the established criteria are the
applicable financial reporting framework (for example, the PFRS).
5. Ascertain the degree of correspondence between assertions and established
criteria – The auditor‘s objective is to determine whether the assertions conform
with established criteria, that is, whether the financial statements are prepared, in all
material respects, in accordance with the applicable financial reporting framework
(such as the PFRS).
6. Communicating the results to the interested users – The ultimate objective of
audit is the communication of audit findings/opinion on the fairness of the financial
statements to interested users.
● Communicating results is achieved through issuance of a written audit
report which contains the audit opinion (or disclaimer of opinion).
● Interested users are the wide variety of financial statements users who rely
on the auditor‘s opinion such as the stockholders, creditors, potential
investors and creditors, management, government agencies, and the public
(in general).
14
FS Audit is an Assurance Engagement:
Financial statements audit engagement is an assurance engagement because it provides a
reasonable (high but not absolute) level of assurance that the subject matter conforms in all material
respects with identified suitable criteria. It has the elements of an assurance engagement as follows:
1. Three Party Relationship:
a. Practitioner: Independent or External auditor
b. Responsible party: Client‘s management
c. Intended users: Users of financial statements
2. Subject matter: Assertions/Financial statements of the client company
3. Criteria: Applicable financial reporting framework / GAAP in the Philippines (PFRS)
4. Sufficient appropriate evidence: Auditor obtains sufficient appropriate audit evidence as a basis for
audit conclusion/opinion
5. Written Assurance Report: Independent auditor‘s report contains the audit conclusion/opinion
Need for Independent Audit of Financial Statements:
The primary economic reason for an audit of financial statements is the demand by external users
for reliable or fairly stated financial statements that they will use in making economic decisions. Thus, the
market for auditing services is driven by demand by external financial statements users.
An audit can help reduce information risk, that is, the risk that the financial statements that will be
used for decision-making are materially misleading, unreliable or inaccurate.
Examples of Instances Requiring Independent Financial Statements Audit:
● Application for a bank loan
● Establishing credit worthiness for purchase of merchandise, equipment, or other assets
● Reporting financial position, operating results, and cash flows to absentee owners (stockholders or
partners)
15
● SEC requirements:
➢ Issuance of securities by a corporation
➢ Annual FS by a corporation with securities listed on a stock exchange or traded over the
counter
Audit of Financial Statements:
Audit of financial statements is the objective examination of financial statements to enable the
auditor to express an opinion on whether the financial statements are prepared, in all material respects, in
accordance with an applicable financial reporting framework.
Purpose of an Audit of Financial Statements:
The purpose of an audit is to enhance the degree of confidence of intended users in the financial
statements. Such purpose is achieved by the expression of an opinion by the auditor on whether the
financial statements are prepared, in all material respects, in accordance with an applicable financial
reporting framework.
Overall Objectives of the Independent Auditor:
a. To obtain reasonable assurance about whether the financial statements as a whole are free from
material misstatement, whether due to fraud or error.
● Reasonable assurance means high, but not absolute, level of assurance
● Reasonable assurance is the basis for the auditor‘s opinion. Reasonable assurance is achieved
when the auditor has obtained sufficient appropriate audit evidence to reduce audit risk to an
acceptably low level.
b. To report on the financial statements and to communicate such report in accordance with the
auditor‘s findings.
16
Auditor’s opinion and reasonable assurance:
● The auditor's opinion, as expressed in the auditor‘s report, enhances the credibility of the financial
statements by providing a reasonable assurance that the financial statements are fairly
presented or free from material misstatement.
Audit opinion is based on whether reasonable assurance is obtained:
1. When reasonable assurance is obtained: Auditor shall express an unqualified opinion
2. When reasonable assurance cannot be obtained: The auditor is required to:
a. Express a qualified opinion in the auditor‘s report
b. If qualified opinion is insufficient in the circumstances:
● Disclaim an opinion or
● Withdraw from the engagement, where withdrawal is legally permitted
Audit Opinion and Audit Report:
Audit opinion:
● In a financial statement audit, the auditor obtains sufficient appropriate audit evidence to be able to
draw conclusions on which to base that opinion. The auditor‘s opinion is on the fairness of the
audited financial statements.
● The auditor's opinion helps establish the credibility of the financial statements.
Auditor’s report:
● the primary product of an audit engagement
● the end product of the audit process
● a written report that contains auditor‘s opinion about the fairness of the FS
● the medium through which the auditor communicates the results of his or her work
17
Importance of audit opinion/audit report:
● It lends credibility to the FS.
● It provides increased assurance (reasonable assurance) to users as to the fairness of the FS.
Scope of an Audit of Financial Statements:
● The auditor‘s opinion on the financial statements deals with whether the financial statements are
prepared, in all material respects, in accordance with the applicable financial reporting framework.
● The auditor‘s opinion or the audit of financial statements is:
➢ NOT an assurance as to future viability of the entity.
➢ NOT an assurance as to efficiency or effectiveness with which client‘s management has
conducted the affairs of the entity.
➢ NOT attestation as to the financial strength of an entity, the wisdom of its management
decisions, or the risk of doing business with it.
➢ NOT a certification or guarantee as to accuracy or fairness of the financial statements.
● When an applicable law or regulation requires an auditor to provide opinions on other specific
matters (such as the effectiveness of internal control, or the consistency of a separate management
report with the financial statements) the auditor would be required to undertake further work if he
had additional responsibilities to provide such opinions.
Financial Statements:
Financial statements are a structured representation of historical financial information (including
related notes which comprise a summary of significant accounting policies and other explanatory
information), intended to communicate an entity‘s economic resources or obligations at a point in time or
the changes therein for a period of time in accordance with a financial reporting framework.
End Products of Audit Engagement:
a. Independent auditor‘s report – the primary product of audit engagement
18
b. Certain other communication and reports – other communication and reporting responsibilities to
users, management, those charged with governance, or parties outside the entity, in relation to
matters arising from the audit (as may be required by the PSAs or by applicable laws or regulations)
Examples:
● Communication with those charged with governance
● Auditor‘s responsibilities relating to fraud in an audit of financial statements
Management Responsibility for the Financial Statements:
An audit in accordance with PSAs is conducted on the premise that management and, where
appropriate, those charged with governance have acknowledged and understand that they have
responsibility over the financial statements.
Management responsibility over the financial statements includes:
1. Responsibility for the preparation and presentation of the financial statements in accordance
with the applicable financial reporting framework which includes:
a. Identification of applicable financial reporting framework, in the context of any
relevant laws or regulations
b. Preparing the financial statements in accordance with that framework
c. Adequate description of that framework in the financial statements
d. Making reasonable accounting estimates
e. Selecting and applying appropriate accounting policies
2. Responsibility for designing, implementing and maintaining internal control that is relevant or
necessary to enable the preparation of financial statements that are free from material
misstatement, whether due to fraud or error, and
3. Responsibility to provide the auditor with:
a. All information (such as records, documentation and other matters) that are relevant
to the preparation and presentation of the financial statements
b. Any additional information that the auditor may request from management for the
purpose of the audit; and
19
c. Unrestricted access to persons within the entity from whom the auditor determines it
necessary to obtain audit evidence.
Applicable Financial Reporting Framework:
Applicable financial reporting framework means the financial reporting framework adopted by
management (and, where appropriate, those charged with governance) in the preparation of the financial
statements that is acceptable in view of the nature of the entity and the objective of the financial
statements, or that is required by law or regulation.
The applicable financial reporting framework often encompasses financial reporting standards
established by:
● An authorized or recognized standards setting organization (such as PFRSC)
● Legislative or regulatory requirements
Other sources of applicable financial reporting framework:
● The legal and ethical environment (including statutes, regulations, court decisions, and
professional ethical obligations in relation to accounting matters)
● Published accounting interpretations of varying authority issued by standards setting,
professional or regulatory organizations
● Published views of varying authority on emerging accounting issues issued by standards
setting, professional or regulatory organizations
● General and industry practices widely recognized and prevalent; and
● Accounting literature
Where conflicts exist between the financial reporting framework and the sources from which direction
on its application may be obtained, or among the sources that encompass the financial reporting
framework, the source with the highest authority prevails.
20
Financial reporting frameworks encompass primarily the financial reporting standards established
by an organization that is authorized or recognized to promulgate standards to be used by entities for
preparing general purpose financial statements that are often designed to achieve fair presentation, for
example, International Financial Reporting Standards (PFRSs).
Basic Distinction between Auditing and Accounting:
● Auditing involves verification of FS and its fairness of presentation while accounting involves
preparation and presentation of FS
● Accounting precedes auditing because without FS there could be no FS audit.
● Auditing begins when accounting ends.
● The end product of the accounting process is a set of FS while the end product of the audit process is
an auditor‘s report.
● An auditor must be proficient/expert in accounting (since the auditor will use GAAP in evaluating the
fairness of the FS) as well as in auditing (specifically in accumulation and interpretation of audit
evidence); an accountant need not be proficient in auditing
● Separate disciplines: Auditing is a separate discipline or field of study
● With different frameworks/foundations:
➢ Accounting – Framework for Preparation of FS
➢ Auditing – a) Philippine Framework for Assurance Engagements, and b) Framework of
Philippine Standards on Auditing
● Auditing – governed by GAAS; Accounting – governed by GAAP/PFRS
● Dissimilar bodies of knowledge (accounting – GAAP; auditing – GAAS)
Requirements Relating to an Audit of Financial Statements:
1. Relevant ethical requirements – The auditor shall comply with relevant ethical requirements,
including those pertaining to independence, relating to financial statement audit engagements.
Relevant ethical requirements ordinarily comprise:
21
a. Code of Ethics for Professional Accountants in the Philippines (the Code of Ethics) promulgated by
the Board of Accountancy
Compliance with the Code of Ethics is necessary in order to ensure the highest quality of
performance and to maintain public confidence in the profession and in the context of audit of
financial statements, maintain public confidence in the auditor‘s work.
(1) Part A of the Code of Ethics – establishes the fundamental principles of professional ethics
relevant to the auditor when conducting an audit of financial statements and provides a conceptual
framework for applying those principles
The fundamental principles of professional ethics are:
a) Integrity
b) Objectivity
c) Professional competence and due care
d) Confidentiality, and
e) Professional behavior
(2) Part B of the Code of Ethics – illustrates how the conceptual framework is to be applied in
specific situations
(3) Independence
Independence requirements comprise of both:
a) Independence of mind
b) Independence in appearance
b. National requirements that are more restrictive
c. Philippine Standard on Quality Control (PSQC) – require the CPA firm to establish and maintain its
system of quality control designed to provide it with reasonable assurance that the firm and its
personnel comply with relevant ethical requirements, including those pertaining to independence
22
2. Professional skepticism – The auditor shall plan and perform an audit with professional skepticism
recognizing that circumstances may exist that cause the financial statements to be materially
misstated.
Professional skepticism is an attitude that includes a questioning mind, a critical assessment of
validity of audit evidence, and being alert to conditions which may indicate possible misstatement
due to error or fraud.
Professional skepticism is necessary to the critical assessment of audit evidence.
This includes:
a. Questioning contradictory audit evidence
b. Considering the reliability of documents and responses to inquiries and other information
obtained from management and those charged with governance
c. Considering the sufficiency and appropriateness of audit evidence obtained in the light of the
circumstances (for example, in the case where fraud risk factors exist and a single document,
of a nature that is susceptible to fraud, is the sole supporting evidence for a material financial
statement amount)
3. Professional judgment – The auditor shall exercise professional judgment in planning and
performing an audit of financial statements.
Professional judgment is essential to the proper conduct of an audit. This is because
interpretation of relevant ethical requirements and the PSAs and the informed decisions required
throughout the audit cannot be made without the application of relevant knowledge and experience
to the facts and circumstances.
4. Sufficiency and appropriateness of audit evidence and audit risk – To obtain reasonable
assurance, the auditor shall obtain sufficient appropriate audit evidence to reduce audit risk to an
acceptably low level and thereby enable the auditor to draw reasonable conclusions on which to
base the auditor‘s opinion.
23
a. Sufficiency and appropriateness of audit evidence
Audit evidence includes information used by the auditor in arriving at the conclusions on
which the auditor‘s opinion is based. Audit evidence includes both:
● Information contained in the accounting records underlying the financial statements and
● Other information
Sufficiency is the measure of the quantity of audit evidence. Sufficiency is influenced or
affected by:
(1) The auditor‘s assessment of the risks of misstatement (the higher the assessed risks, the
more audit evidence is likely to be required) and
(2)The quality of such audit evidence (the higher the quality, the less may be required)
Appropriateness is the measure of the quality of audit evidence; that is, its relevance and its
reliability in providing support for the conclusions on which the auditor‘s opinion is based. The
reliability of evidence is influenced by its source and by its nature, and is dependent on the individual
circumstances under which it is obtained.
Whether sufficient appropriate audit evidence has been obtained to reduce audit risk to an
acceptably low level, and thereby enable the auditor to draw reasonable conclusions on which to
base the auditor‘s opinion, is a matter of professional judgment.
b. Audit risk
Audit risk is the risk that the auditor expresses an inappropriate opinion when the financial
statements are materially misstated. Audit risk is a function of the risks of material misstatement
and detection risk.
Risk of material misstatements is the risk that the financial statements are materially misstated
prior to audit. Risk of material misstatement may exist at two levels:
24
1. Overall financial statement level – refer to risks of material misstatement that relate
pervasively to the financial statements as a whole and potentially affect many assertions
2. Assertion level – refer to risks of material misstatement that relate to classes of transactions,
account balances, and disclosures
Risk of material misstatement at the assertion level has two components:
(a)Inherent risk – the susceptibility of an assertion about a class of transaction, account
balance or disclosure to a misstatement that could be material, either individually or
when aggregated with other misstatements, before consideration of any related
controls
(b)Control risk – the risk that a misstatement that could occur in an assertion about a
class of transaction, account balance or disclosure and that could be material, either
individually or when aggregated with other misstatements, will not be prevented, or
detected and corrected, on a timely basis by the entity‘s internal control
Detection risk is the risk that the procedures performed by the auditor to reduce audit
risk to an acceptably low level will not detect a misstatement that exists and that could be
material, either individually or when aggregated with other misstatements.
Detection risk relates to the nature, timing and extent of the auditor‘s procedures that
are determined by the auditor to reduce audit risk to an acceptably low level. It is therefore a
function of the effectiveness of an audit procedure and of its application by the auditor.
5. The auditor shall conduct an audit in accordance with Philippine Standards on Auditing (PSA)
● PSAs contain basic audit principles and essential procedures together with related guidance
in the form of explanatory and other material which the auditor should follow
An audit in accordance with PSAs includes:
a. Compliance with PSAs relevant to the audit
25
1) Compliance with all PSAs relevant to the audit (a PSA is relevant to the audit when
the PSA is in effect and the circumstances addressed by the PSA exist)
2) Having an understanding of the entire text of a PSA (including its application and
other explanatory material) to understand its objectives and to apply its requirements
properly
3) Prohibition from the auditor from representing compliance with PSAs in the auditor‘s
report when he has not complied with the requirements of PSAs relevant to the audit
b. The use of the objectives stated in relevant PSAs in planning and performing the audit
to achieve the overall objectives of the auditor.
● In using the objectives, the auditor is required to have regard to the
interrelationships among the PSAs. This is because the PSAs deal in some
cases with general responsibilities and in others with the application of those
responsibilities to specific topics.
c. In addition, the auditor should also consider Philippine Auditing Practice Statements
(PAPSs). PAPSs provide interpretative guidance and practical assistance to auditors in
implementing the PSAs and to promote good practice in the accountancy profession.
Contents/Structure of the PSAs
a. Objectives – each PSA contains one or more objectives which provide a link between the
requirements and the overall objectives of the auditor The objectives in individual PSAs serve to
focus the auditor on the desired outcome of the PSA.
b. Requirements (requirements are expressed in the PSAs using ―shall‖) – the requirements of the
PSAs are designed to enable the auditor to achieve the objectives specified in the PSAs, and thereby
the overall objectives of the auditor
c. Related guidance in the form of application and other explanatory material that are designed to
support the auditor in obtaining reasonable assurance
26
Application and other explanatory material:
- It provides further explanation of the requirements of a PSA and guidance for carrying them
out
- It may explain more precisely what a requirement means or is intended to cover
- It may include examples of procedures that may be appropriate in the circumstances.
- While such guidance does not in itself impose a requirement, it is relevant to the proper
application of the requirements of an PSA.
- It may also provide background information on matters addressed in a PSA.
- It may include appendices which form part of the application and other explanatory material.
- When appropriate, it may include additional considerations specific to audits of smaller
entities and public sector entities.
General Types of Audit:
1. According to objectives or nature of assertion
a. Financial statement audit – an audit conducted to determine whether the financial
statements of an entity are fairly presented in accordance with an identified financial
reporting framework (or PFRS)
b. Compliance audit - a review of an entity‘s degree of compliance with applicable laws and
rules/regulations or contracts; usually performed by government auditors
Examples: Examination conducted by:
i) BIR examiners: compliance of taxpayers with tax law, rules or regulations
ii) BSP examiners: compliance of banks with banking laws, rules or regulations
iii) COA auditors: compliance of government transactions/expenditures with the
requirements of applicable laws, rules or regulations
c. Operational audit - involves a systematic review and evaluation of the specific operating
units (or procedures, methods or activities) of an organization in relation to specified
objectives for the purpose of measuring/assessing its performance in terms of efficiency and
effectiveness of operations, identifying opportunities for improvement and making
recommendations to improve performance (such as introduction of controls to reduce
waste).
27
● Also called performance audit or management audit
● Example: Evaluation of a company‘s computerized accounting system
● Usually performed by internal auditors
● Efficiency relates to use of its resources, while effectiveness relates to accomplishing
objectives.
2. According to types of auditor or their affiliation with the entity being examined:
a. External / Independent audit - performed by practitioners or independent CPAs who offer
their professional services for a fee to various clients on a contractual basis
● Independent or external auditors are not employees of the client
● External audit complements internal audit
b. Internal audit - audit performed by entity‘s own employees known as internal auditors;
internal auditors investigate and apprise the effectiveness and efficiency of operations and
internal controls of the firm
28
GENERALLY ACCEPTED AUDITING STANDARDS
Auditing Standards:
● Popularly known as the Generally Accepted Auditing Standards (GAAS)
● The general guidelines that the auditors must follow in conducting the audit.
● The minimum standards of auditor‘s performance that must be achieved on each audit
engagement
● The guidance for measuring the quality of the auditor‘s performance
GAAP vs. GAAS:
● GAAP: the principles for the preparation and presentation of financial statements that are
used by the auditor as criteria in determining the overall fairness of the financial
statements; foundation of accounting
● GAAS: standards/measures/guidance that the auditors must follow when conducting an
audit; foundation of auditing
THE 10 GENERALLY ACCEPTED AUDITING STANDARDS (GAAS):
GENERAL STANDARDS – standards/criteria which present guidance in the personal qualifications an
auditor must possess to undertake the audit engagement
1. Adequate technical training and proficiency: This standard refers to professional competence
● Professional competence of the auditor is primarily met by having professional
education/training and practical experience in auditing
● Competence can also be acquired by the auditor through the following:
➢ Continuing professional development
➢ Consulting others if additional technical information is needed
➢ Coaching by more experienced staff
➢ Research to obtain knowledge of client business and industry
● Competence does not include warranting the infallibility of the work performed.
29
2. Independence: This standard requires that the auditor must be impartial when dealing with the
client or without bias with respect to the client entity. The auditor must be independent in fact and in
appearance.
a. Independence of mind – The state of mind that permits the expression of a conclusion
without being affected by influences that compromise professional judgment; this is also
known as “independence in fact” or “independence in mental attitude.”
b. Independence in appearance – The avoidance of facts and circumstances or situations that
are so significant that would lead a reasonable and informed third party or the public to
believe or conclude that the auditor is not independent.
3. Due professional care: This standard requires that an auditor, in fulfilling his duties, should act
diligently and carefully, exercise reasonable prudence, and apply judgment in a conscientious
manner, carefully weighing the relevant factors before reaching a decision.
STANDARDS OF FIELD WORK – the standards / criteria for planning and evidence-gathering
1. Adequate planning and proper supervision:
● Planning involves establishing the overall audit strategy for the engagement and developing an
audit plan. The auditor should also supervise the work of assistants. Supervision is critical because of
assistants‘ lack of experience.
● Audit programs are designed to enumerate appropriate action, and all work of staff auditors should
be reviewed by a qualified auditor. Audit program is developed before substantive testing to ensure
that adequate planning has occurred.
2. Sufficient understanding of the entity and its environment, including internal control:
● As part of the planning activities, the auditor is required to obtain sufficient understanding of the
entity and its environment. This means that the auditor should obtain a more detailed knowledge of
the client's business and the environment/industry in which the entity operates.
30
● A sufficient understanding of internal control is to be obtained to plan the audit. Appropriate internal
controls provide the auditor with confidence that material misstatements will be prevented or
detected on a timely basis.
➢ Strong internal control implies that the auditor will require less evidence.
➢ Weak internal control implies that the auditor will require more evidence.
3. Sufficient appropriate audit evidence:
● The auditor should obtain sufficient appropriate audit evidence by performing audit procedures to
be able to draw reasonable conclusions on which to base the opinion regarding the financial
statements under audit.
STANDARDS OF REPORTING – standards on auditor‘s expression of audit opinion through a medium known
as the auditor‘s report
1. Whether the financial statements are in accordance with GAAP/PFRS: Conformity with GAAP/PFRS
is explicit in the auditor‘s report
● Explicit statement means that the auditor should state whether or not the financial
statements subject to audit are prepared in accordance with GAAP/PFRS.
● When an overall opinion cannot be expressed, as where the auditor disclaims an opinion, the
reasons therefore should be stated.
2. Consistent application of GAAP/PFRS: Consistency is implicit in the auditor‘s report
● If there is no material consistency as to application of GAAP/PFRS, no statement as to
consistency is required in the auditor‘s report. However, if a material inconsistency exists,
auditor shall identify such inconsistency in the auditor‘s report.
3. Adequacy of informative disclosures: Adequacy of disclosure is implicit in the auditor‘s report. If
informative disclosure is adequate, no statement as to adequacy of disclosure is required in the
auditor‘s report. However, if informative disclosure is inadequate, auditor must state such
inadequacy in the auditor‘s report.
31
4. Opinion regarding the financial statements taken as a whole: expression of audit opinion is explicit
in the auditor‘s report
Objective of 4th standard of reporting:
● To indicate the character of the engagement and the degree of responsibility assumed by
the auditor. This would prevent FINANCIAL STATEMENTS users from misinterpreting the degree
of responsibility the auditor is assuming/taking.
● Reference to the expression "taken as a whole" in the fourth generally accepted auditing
standard of reporting means that the audit opinion applies equally to a complete set of
financial statements and to each individual financial statement.
32
NATURE OF SYSTEM OF QUALITY CONTROL
System of Quality Control in an Audit Engagement: Policies and procedures to provide
reasonable assurance that all audits are conducted in accordance with PSAs and that audit reports
issued are appropriate in the circumstances
QC policies vs. QC procedures:
a. Quality control policies – are the objectives and goals to be achieved
b. Quality control procedures – are steps/procedures to be taken to:
● accomplish the policies adopted, or
● implement and monitor compliance with those policies
Mandatory requirement for CPA firms to establish SQC: Under Philippine Standard on Quality Control 1
(PSQC 1) CPA firms are required to establish and implement a system of quality control.
Nature and Extent of a System of Quality Control: The nature and extent of the SQC developed by CPA firms
vary from firm to firm due to various factors such as:
a. Size of the CPA firm
b. Nature of its practice
c. Operating characteristics
d. Its organization
e. Geographical dispersion
f. Cost-benefit consideration
g. Whether it is part of a network
Elements of System of Quality Control: Although the nature and extent of the system of quality control
developed by CPA firms vary from one firm to another, a system of quality control must have the following
elements:
33
1. Leadership responsibilities for quality within the firm – The CPA firm should establish policies and
procedures that:
● Promote an internal culture based on recognition that quality is essential in the performance
of the engagements
● Require CPA firm‘s leader (CEO/ managing board of partners or its equivalent), to assume
ultimate responsibility for the firm‘s system of quality control.
2. Ethical requirements, including independence – The CPA firm should establish policies and
procedures to provide reasonable assurance that the firm and its personnel comply with relevant
ethical requirements (including independence):
3. Acceptance and continuance of client relationships and specific engagements – The CPA firm
should establish policies and procedures to provide reasonable assurance that the CPA firm will only
undertake or continue relationships and engagements where it:
a. Has considered the client‘s integrity
b. Is competent to perform the engagement and has the capabilities, time and resources to do
so; and
c. Can comply with ethical requirements
4. Human resources – The CPA firm should establish policies and procedures to provide reasonable
assurance that it has sufficient personnel with the capabilities, competence, and commitment to
ethical principles necessary to perform the engagement.
5. Engagement performance – The CPA firm should establish policies and procedures to provide
reasonable assurance that engagements are performed in accordance with professional standards
and regulatory and legal requirements, and that the firm or engagement partner issue reports that
are appropriate in the circumstances.
6. Monitoring – The CPA firm should establish policies and procedures to provide reasonable
assurance that quality control are relevant, adequate and operating effectively and complied with in
practice and should include an ongoing consideration and evaluation of the firm‘s system of quality
control, including a periodic inspection of a selection of completed engagements.
34
Distinction between GAAS/PSA and SQC: GAAS/PSAs relate to each individual audit engagement, whereas
SQC relates to all professional activities/services of the firms practice as a whole.
Quality Review Committee:
● To ensure that CPAs work to the highest standards, the government thru the Professional Regulatory
Board of Accountancy (BOA) has required all CPA firms and individual CPAs in public practice to
obtain a certificate of accreditation to practice public accountancy. Such certificate is valid for three
(3) years and can be renewed after complying with the requirements of the BOA.
● As a condition to the renewal of the certificate of accreditation to practice public accountancy, the
BOA requires individual CPAs and CPA firms to undergo a quality control review to ensure that these
CPAs comply with accounting and auditing standards and practices.
● The BOA has created a Quality Review Committee (QRC) which shall conduct a quality review on
applicants for registration to practice public accountancy.
Functions of the Quality Review Committee:
● Conducts quality review on applicants for registration, or renewal thereof, to practice public
accountancy
● Render a report on such quality review, which shall be attached to the application for registration
● Recommend to BOA revocation of registration and professional ID cards of CPAs for not observing
the SQC requirements
Quality review – an oversight into (or study or appraisal of) the quality of audit of FS through a review of
quality control measures established by CPA firms and individual CPAs in public practice to ensure
compliance with accounting and auditing standards and practices
35
PRELIMINARY ENGAGEMENT ACTIVITIES
(PRE-PLANNING ACTIVITIES)
Purpose of Preliminary Engagement Activities:
Preliminary engagement activities assist the auditor in identifying and evaluating events or
circumstances that may adversely affect the auditor‘s ability to plan and perform the audit engagement.
Such activities help ensure that:
a. There are no issues with client management‘s integrity that may affect the willingness to continue
the engagement
b. The auditor maintains the necessary independence and ability to perform the engagement
c. There is no misunderstanding with the client as to the terms of the engagement
Preliminary Engagement Activities:
1. Perform procedures regarding acceptance or continuance of the client relationship
● Acceptance or selection procedures – in case of initial audit (prospective/new client)
a. Evaluate integrity of the client‘s management
● Evaluation of management integrity is necessary to avoid association with clients whose
management lacks integrity.
● Most of litigations involving CPAs are due to lack of integrity of client‘s management.
● Lack of management integrity usually results to high audit risk.
● Factors to consider in evaluating client‘s integrity:
➢ Identity, attitude and business reputation of the client (such as its principal owners,
key management or those charge with corporate governance, and related parties, if
any)
➢ Nature of the client‘s operations
➢ Indications of an inappropriate limitation in the scope of work
➢ Involvement in money laundering or other criminal activities
➢ The reasons for the proposed appointment of the CPA firm or auditor and
non-reappointment of the previous CPA firm or auditor
36
b. Other Considerations
● Auditability of client‘s financial statements – determine whether the auditor will be able to
accumulate sufficient appropriate audit evidence to render an opinion on the financial
statements by considering:
a. The adequacy of accounting records
b. Quality of internal control
● High level of public scrutiny and media interest
● The financial health of the client
● Ability to pay audit fees
● Continuance or retention procedures – in case of recurring audit (or existing client)
To ensure the audit firm‘s continuing compliance with acceptance and continuance procedures,
existing clients should be evaluated once a year or upon occurrence of the following:
● Changes in management, directors or ownership
● Nature of client‘s business
2. Evaluate compliance with ethical requirements, including independence
a. Independence – The CPA firm or auditor shall identify, evaluate and respond to any threat to
independence
b. Professional competence – determine if the CPA firm or auditor has the necessary skills and
competence
c. Ability to serve the client properly – the CPA firm or auditor must have
3. Establish an understanding of the terms of the engagement
● The CPA firm or auditor shall accept or continue an audit engagement only when:
a. The preconditions for an audit are present:
(1) Management has used acceptable financial reporting framework (or suitable criteria
or appropriate basis for) in the preparation of the financial statements
(2)Management agrees to the premise that it has acknowledged and understood its
responsibilities
37
b. There is a common understanding between the auditor and management (and, where
appropriate, those charged with governance) of the terms of the audit engagement.
● Preliminary conference: A preliminary conference with the client is scheduled after the CPA has
determined that:
➢ The firm is independent
➢ The firm is competent to perform the audit
➢ The firm can serve the client properly, and
➢ The client‘s reputation is one of integrity
● Engagement letter – an agreement between the CPA firm or auditor and the client for the conduct
of the audit. It is a letter from the auditor to the client management, and when signed by the client it
serves as a formal written contract between them.
Form and Contents of the Engagement Letter:
The form and content of engagement letters may vary for each client. Engagement letters should be
adapted according to individual requirements and circumstances of the engagement. Generally,
engagement letters should include reference to:
Principal Contents:
a. Objective and scope of the audit of the financial statements
b. Responsibilities of the auditor
c. Responsibilities of management
d. Identification of financial reporting framework for the preparation of the financial statements
e. Reference to any form and content of any reports to be issued by the auditor and a statement that
there may be circumstances in which a report may differ from its expected form and content
38
AUDIT PLANNING
Audit Planning:
Audit planning involves establishing the overall audit strategy for the engagement and developing
an audit plan, in order to reduce audit risk to an acceptably low level
Objective of the auditor in planning the audit: So that the audit will be performed in an effective manner
Who are involved in planning the audit: Engagement partner and other key members of the
engagement team (because of their experience and insight to enhance the effectiveness and efficiency
of the planning process)
Nature of Planning:
Planning is not a discrete phase of an audit, but rather a continual and iterative process that often
begins shortly after (or in connection with) the completion of the previous audit and continues until the
completion of the current audit engagement. In other words, planning is a continuous function that last
throughout the audit.
Factors that affect the nature and extent of audit planning:
The nature and extent of planning activities will vary according to the following factors:
a. The size and complexity of the entity – big companies and companies with more complex
operations require more audit planning time
b. Changes in circumstances that occur during the audit engagement – for example, expansion of
operation because of diversification
c. The auditor’s previous experience with and understanding of the entity – more work is required to
obtain information regarding a new client than for an existing client
● Initial audit requires more audit time because the auditor has no previous knowledge or is
unfamiliar with the client‘s business, industry and internal control which need to be carefully
studied.
39
● Recurring audit requires lesser audit time because of auditor‘s previous knowledge of the
entity and its industry
d. The composition and size of the audit team
Planning stage of audit – the time before fieldwork starts, when the auditor is gathering information about
the client and its environment and designing overall audit strategy and audit plan
PLANNING ACTIVITIES FOR THE AUDIT ENGAGEMENT:
In order to reduce audit risk to an acceptably low level, the auditor shall:
1. Establish an overall audit strategy that sets the scope, timing and direction for the audit, and that
guides the development of the more detailed audit plan
2. Develop an audit plan that addresses the various matters identified in the overall audit strategy
Audit plan includes a description of:
a. The nature, timing and extent of planned risk assessment procedures
b. The nature, timing and extent of planned further audit procedures (at the assertion level) – to be
performed during testing stage
Further audit procedures include:
(1) Tests of controls – tests of the operating effectiveness of internal control
(2)Substantive tests/procedures – include tests of details and analytical procedures
c. Other planned audit procedures (that are required to be carried out to comply with PSAs)
Audit Planning Also Involves:
1. Modifying (updating) the overall audit strategy and the audit plan as necessary during the course of
the audit
2. Planning the nature, timing and extent of direction, supervision of the engagement team members
and the review of their work
3. Other planning considerations:
● The auditor should consider the work of experts and other independent auditors
40
a. Considering the work of an expert – An expert is a person or firm possessing special
skill, knowledge and experience in a particular field or discipline other than accounting
and auditing.
b. Considering the work of other independent auditors – applicable when a component
of the entity is to be audited by other independent auditor
● Discussing planned audit procedures with client management
● Audit engagement team discussions
4. Developing the audit program:
● An audit program is a listing of audit procedures (tests of controls and/or substantive tests)
that the auditor will perform to gather sufficient appropriate evidence.
5. The auditor should document the planning activities
Concept of materiality:
● Materiality is the amount (threshold or cut-off point) at which judgment of informed decision
makers based on the financial statement may be altered (changed or influenced).
● An item or information is material if its omission or misstatement could influence the economic
decisions of users taken on the basis of the financial statements.
● In determining appropriate level of materiality, the auditor uses professional judgment using his
perception of the needs of reasonable users of the financial statements.
Uses of materiality in planning the audit:
a. To determine the nature, timing and extent of risk assessment procedures
b. To identify and assess risk of material misstatement, and
c. To determine the nature, timing and extent of further audit procedures
41
Inverse relationship between materiality and audit procedures/evidence:
● More evidence will be required for a low peso amount of materiality than for a high peso amount.
● The lower the tolerable misstatement, the more extensive the required audit procedures.
Materiality levels:
a. Materiality at financial statement as a whole – it is the smallest aggregate level that could
misstate/distort any of the financial statements
b. Materiality at assertion level – materiality level for individual or particular class of transactions,
account balance, or disclosure where appropriate; this is also known as tolerable misstatement
c. Performance materiality – amount or amounts set by the auditor
Risk of material misstatement (RMM) – the risk that the financial statements contain a material
misstatement.
Components of RMM:
The risks of material misstatement are a combination of inherent risk and control risk:
1. Inherent risk – the susceptibility of an assertion to a misstatement that could be material, either
individually or when aggregated with other misstatements, assuming there are no related controls
to mitigate such risks
Examples of inherent risk:
● Cash is more susceptible to theft than an inventory of coal
● Complex calculations are more likely to be misstated than simple calculations
2. Control risk – the risk that a material misstatement, either individually or when aggregated with
other misstatements, that could occur will not be prevented or detected and corrected on a timely
basis by the entity‘s internal control
42
Risk of material misstatement (inherent risk and control risk) cannot be eliminated or controlled by the
auditor because these are entity‘s risks that exist independently of the audit of financial statements.
Causes of misstatements of the financial statements:
1. Errors – refer to mistakes or unintentional misstatements or omissions of amounts or disclosures in
the financial statements.
Examples:
● Mistakes in gathering or processing data from which FS are prepared
● Incorrect accounting estimate arising from oversight or misinterpretation of facts
2. Fraud – intentional misstatements or omissions of amounts or disclosures in the financial
statements
- The term “fraud” refers to an intentional act by one or more individuals among
management, those charged with governance, employees or third parties, involving the
use of deception to obtain an unjust or illegal advantage.
The factor that distinguishes fraud from error is whether the underlying action is intentional or
unintentional.
Two types of Fraud:
a. Fraudulent financial reporting (or management fraud) – intentional misstatements committed by
members of management or those charged with governance or oversight to render financial
statements misleading to deceive users of the financial statements
b. Misappropriation of assets (employee fraud or defalcation) – theft of assets and is often
perpetrated by non-management employees.
Examples:
● Misappropriating collections on accounts receivable
● Colluding with a competitor by disclosing technological data in return for payment
43
Steps in assessing Audit Risk:
1. Set the desired level of Audit Risk
Audit risk – the risk that the auditor gives an inappropriate audit opinion when the financial
statements are materially misstated; it is the risk that the auditor may unknowingly fail to modify
appropriately the opinion on financial statements that are materially misstated
2. Assess the level of Inherent Risk (such as low, medium, or high) – for example, low level if likelihood of
misstatement is low
● Inherent risk – the susceptibility of an assertion to a misstatement that could be material,
either individually or when aggregated with other misstatements, assuming there are no
related controls to mitigate such risks
● Sources of assessment include knowledge of entity and its environment and preliminary
analytical procedures.
3. Assess the level of Control Risk (such as low, medium, or high) – for example, low control risk if
internal control is effective, or high control risk if internal control is not effective
● Control risk – the risk that a material misstatement, either individually or when aggregated
with other misstatements, that could occur will not be prevented or detected and corrected
on a timely basis by the entity‘s internal control
● Sources of assessment include knowledge of internal control and observation and inspection
4. Determine the acceptable level of detection risk: The acceptable level of detection risk depends on
the assessed level of inherent and control risk (inverse relationship)
● Detection risk – the risk that the auditor will not detect such a material misstatement that
exists/occurs in an assertion
● The auditor uses the Audit Risk Model:
Audit Risk = Inherent risk x Control risk x Detection risk
Acceptable level of Detection risk = Audit risk .
Inherent Risk x Control risk
5. Design audit substantive tests
44
CONSIDERATION OF INTERNAL CONTROL
REFERENCES:
PSA 330: The Auditor’s Responses to Assessed Risks
PSA 265: Communicating Deficiencies in Internal Control to those Charged with Governance and
Management
Basic Concepts and Elements of Internal Control
● Internal control (IC) – the process designed, implemented and maintained by those charged with
governance, management and other personnel to provide reasonable assurance about the
achievement of an entity’s objectives.
Essential concepts of internal control
● Internal control is a process. Internal control is not an end in itself but a means of achieving the
entity's objectives.
● Internal control is affected by those charged with governance, management and other personnel.
Internal control is accomplished by people at every level of organization.
Responsibilities:
● Management: to design, implement and maintain internal control to assist in achieving the entity's
objective.
● Those charged with governance: to ensure the integrity of accounting and financial reporting
systems through oversight of management.
● Staff personnel: to perform their respective functions in order to accomplish the objectives of the
entity.
Primary purpose/reason for establishing internal control is to provide reasonable assurance about the
achievement of an entity’s objectives.
45
Internal control can be expected to provide reasonable assurance of achieving the entity's objectives –
this is due to inherent limitations of any system of internal control; although internal control is designed to
prevent, detect and correct problems, an effective internal control can only minimize but not eliminate
material misstatements, whether due to fraud or error. Inherent limitations of internal control include the
following:
● Management overriding the internal control.
● Circumvention of internal controls through the collusion among employees.
● The cost-benefit relationship is a primary criterion in designing internal control, that is, the cost of a
control should not exceed its expected benefits. This is known as the concept of reasonable
assurance.
● Most internal controls tend to be directed at routine transactions rather than non-routine
transactions.
● The potential for human error due to carelessness, distraction, mistakes of judgment and the
misunderstanding of instructions. Human error may include errors in the design or use of automated
controls.
● The possibility that procedures may become inadequate due to changes in conditions, and
compliance with procedures may deteriorate.
● Segregation of duties may be difficult to achieve in a smaller entity.
Internal control is designed to help achieve the entity's objectives. Internal control is geared towards the
achievement of the entity's objectives.
Entity’s objectives: what an entity strives to achieve. Categories of entity's objectives are the following:
● Financial reporting objective – this objective relates to reliability of financial reporting.
● Operational effectiveness objective – this objective is intended to enhance effectiveness and
efficiency of operations.
● Compliance objective – this objective relates to entity’s compliance with applicable laws and
regulations.
46
Classification of Internal Control
According to objectives:
a. Financial reporting controls – controls to achieve reliability of financial reporting objective.
b. Operational effectiveness controls – controls to achieve operational effectiveness objectives.
c. Compliance controls – controls to achieve compliance objective.
● There is a direct relationship between the entity’s objectives and the internal control it
implements to provide reasonable assurance about their achievement. Both the entity’s
objectives and controls relate to financial reporting, operations and compliance.
According to functions:
● Preventive controls – to deter problems before they arise.
Examples:
•Segregation of employee duties.
•Control physical access to assets, facilities and information.
● Detective controls – to discover problems as they arise.
Examples:
•Preparing bank reconciliation.
•Preparing monthly trial balance.
● Corrective controls – to remedy problems discovered with detective controls.
Example:
•Maintaining backup copies of transactions and master files.
47
Benefits of Strong Internal Control
a. Reduced cost of an external audit.
b. Availability of reliable data for decision-making purposes.
c. Protection of important documents and records.
d. Assurance of compliance with applicable laws and regulations.
Components of Internal Control
The interrelated components of internal control represent means used by an entity to help it achieve its
objectives (CRIME). The five interrelated and essential components or aspects of internal control include the
following:
● Control environment – the overall tone of the organization.
● Risk assessment – management’s identification and assessment of risks.
● Information, financial reporting and communication systems – a means of recording transactions
and communicating responsibilities.
● Monitoring the controls – assessment of internal control performance over time.
● Existing control activities – control policies and procedures.
Component 1 – Control Environment:
● It sets the tone of an organization, influencing the control consciousness of its people.
● It includes the governance and management functions the attitudes, awareness, and actions of
those charged with governance and management concerning the entity’s internal control and its
importance in the entity.
● It is a set of characteristics that defined good control working relationships in an entity.
● It is the foundation for effective internal control for it provides an appropriate foundation for other
components of internal control.
Elements of Control Environment:
● Integrity and ethical values – The entity should establish ethical standards. Ethical standards
influence the effectiveness of the design, administration and monitoring of controls.
● Participation by those charged with governance (BOD and audit committee).
48
● Management’s philosophy and operating style –Management’s approach to taking and managing
business risks, attitudes and actions toward financial reporting, and attitudes toward information
processing and accounting functions and personnel.
● Assignment of authority and responsibility – How authority and responsibility for operating
activities are assigned and how reporting relationships and authorization hierarchies are
established.
● Commitment to competence – Management’s consideration of the competence levels for
particular jobs and how those levels translate into requisite skills and knowledge.
● Personnel or Human resource policies and procedures –The entity must implement appropriate
policies for recruitment/hiring, orientation, training, evaluating, counseling, promoting,
compensating, and remedial actions because the competence of the entity's employees will bear
directly on the effectiveness of the entity's internal control.
● Organizational structure – The framework within which an entity’s activities for achieving its
objectives are planned, executed, controlled and reviewed.
Component 2 – Risk Assessment
An entity’s risk assessment for financial reporting purposes is its identification, analysis, and management
of risks relevant to the preparation of financial statements that are fairly presented in conformity with
generally accepted accounting principles.
Matters the auditor should consider are how management:
● Identifies business risks (inherent and residual risks) relevant to financial reporting.
● Estimates the significance of the risks.
● Assesses the likelihood of their occurrence.
● Decides upon actions to manage them.
Component 3 – Information and Communication System
Information and communication systems support the identification, capture, and exchange of information
in a timely and useful manner.
49
The auditor shall obtain an understanding of the information system, including the related business
processes, relevant to financial reporting, including the following areas:
● The classes of transactions in the entity’s operations that are significant to the financial statements.
● The procedures, within both information technology (IT) and manual systems, by which those
transactions are initiated, recorded, processed, corrected as necessary, transferred to the general
ledger and reported in the financial statements.
● The related accounting records, supporting information and specific accounts in the financial
statements that are used to initiate, record, process and report transactions; this includes the
correction of incorrect information and how information is transferred to the general ledger.
Component 4 – Control Activities
Control activities are the policies and procedures that help ensure management’s directives are carried
out and that necessary steps to address risks are taken.
Control activities address risks that if not mitigated would threaten the achievement of the entity’s
objectives.
The auditor should obtain a sufficient understanding of control activities to assess the risks of material
misstatement at the assertion level and to design further audit procedures responsive to assessed risks.
Categories of Control activities: Categories of specific control activities that may be relevant to an audit:
a. Prenumbering of documents – helps to assure that:
➢ All transactions are recorded (completeness).
➢ No transactions are recorded more than once (existence).
b. Authorization of transactions – authorization should occur before commitment of resources.
c. Independent checks to maintain asset accountability –independent checks involve the verification
of work previously performed by others.
50
d. Documentation – provides evidence of the underlying transactions and is a basis for establishing
responsibility for the execution and recording of transactions.
e. Performance reviews – includes review of the following:
➢ Reviews and analyses of actual performance versus budgets, forecasts, and prior period
performance.
➢ Relating different sets of data to one another, together with analyses of the relationships and
investigative and corrective actions.
➢ Comparing internal data with external sources of information.
➢ Review of functional or activity performance.
f. Information processing controls – ensure that transactions are valid, properly authorized, and
completely and accurately recorded.
•Application controls – controls which apply to the processing of individual applications.
•General controls – which are controls that relate to many applications and support the
effective functioning of application controls by helping to ensure the continued proper
operation of information systems. General controls apply to information processing
throughout the company.
Physical controls – are physical controls for safeguarding assets involve security devices and limited
access to programs and to restricted areas, including computer facilities.
● Physical segregation and security of assets, including adequate safeguards such secured facilities
over access to assets and records.
● Authorization for access to computer programs and data files.
● Authorized access to assets and records.
● Required signatures on documents for the removal or disposition of asset.
● Periodic counting and comparison with amounts shown on control records.
● The extent to which physical controls intended to prevent theft of assets are relevant to the reliability
of financial statement preparation, and therefore the audit, depends on circumstances such as
when assets are highly susceptible to misappropriation.
51
Segregation of duties – involves ensuring that individuals do not perform incompatible duties. Duties
should be segregated such that the work of one individual provides a crosscheck on the work of another
individual. A proper segregation of duties (or incompatible functions) requires that one person should not
be responsible for all phases of a transaction. It requires assigning different people the responsibilities of:
● Authorizing transactions.
● Recording transactions – recordkeeping.
● Maintaining custody of assets involved in the transactions.
Component 5 – Monitoring the Controls
● Monitoring is a process that assesses the quality of internal control performance on an ongoing
basis.
● Management’s monitoring of controls includes considering whether they are operating as intended
and that they are modified as appropriate for changes in conditions.
● Monitoring assesses the effectiveness of the internal control’s performance over time.
● The objective is to ensure the controls are working properly and, if not, to take necessary corrective
actions.
● Management accomplishes monitoring of controls through ongoing activities, separate evaluations
or a combination of the two.
Considering Internal Control
● Considering internal control – involves study and evaluation of internal control.
● Reasons/purpose of the auditor’s study and evaluation of internal control:
a. Primary: to provide a basis for planning the audit to determine the nature, timing, and extent
of audit procedures.
b. Secondary: to provide a basis for constructive suggestions to management about
improvements in internal control structure.
52
Steps in consideration of internal control:
● Obtain sufficient understanding of the internal control relevant to the audit – involves obtaining
understanding of the design and operation of internal control relevant to the audit.
a. Evaluate the design of relevant control – involves determining whether the control,
individually or in combination with other controls, is capable of effectively preventing or
detecting and correcting material misstatements.
b. Determine whether the control has been implemented – whether the control is placed in
operation; a control has been implemented if the control exists and is being used by the
entity.
Procedures to obtain evidence about the design and implementation of controls:
● Inquiry of entity personnel (inquiry alone is not sufficient).
● Inspecting documents and records.
● Observing of application of specific controls.
● Performing a “walk-through” test – tracing a transaction through the accounting system, from initial
recording to presentation in the financial statements.
Perform preliminary assessment of control risk – the assessment of control risk is based on understanding
of internal control.
Assess control risk at a high level:
● If internal control is poor or not effective, or
● If it is inefficient to rely on internal control (inefficient to perform tests of controls).
- Auditor’s response if control risk is assessed at a high/maximum level:
a. Skip or do not perform tests of controls.
b. Rely primarily on substantive tests.
53
Assess control risk at less than high level:
● If internal control is effective or reliable, and
● If it is inefficient to obtain evidence to justify the assessment of control risk at less than high level.
a. Auditor’s response if control risk is assessed at less than high/maximum level:
b. Perform tests of controls – to confirm operating effectiveness of controls.
Perform tests of controls – tests of controls are performed when the auditor plans to rely on internal
control; the auditor will only test those controls that he plans to rely upon (controls that are likely to prevent
or detect and correct material misstatement relevant to the financial statements).
Tests of controls
● Tests performed to test the operating effectiveness (as to design and operation) of internal controls
that are likely to detect or prevent material misstatements in support of a reduced assessed level of
control risk. Thus, tests of controls are performed to substantiate the reduced assessed level of
control risk.
● Tests performed confirm that the controls tested are working effectively.
● Unlike substantive tests of details, tests of controls are not required audit procedure.
● The greater the reliance the auditor plans to place on internal control, the more extensive the tests of
those controls that need to be performed.
● Tests of controls generally consist of one (or combination of the following evidence gathering
techniques:
a. Inquiry
b. Observation
c. Inspection
d. Reperformance
Required Documentation
Document the understanding of accounting and internal control systems.
54
● Form of documentation may vary.
● One form or a combination of forms of documentation may be used at the same time.
● Forms of documentation:
- Internal control questionnaire – consists of a list of questions on internal control be
answered by "Yes" or "No" response. A negative response is designed to draw attention to a
possible weakness in internal control. Written explanations are required for "No" answers.
- Flowcharts – pictorial/symbolic diagram depicting the operation of a program/system or the
sequential flow of authority, processes, transactions and documents.
a. Systems flowcharts – used to evaluate internal control because it shows the origin of
each document in the system, its subsequent processing, and its final disposition.
b. IT flowcharts – used in evaluating the internal control in an automated/computerized
accounting environment.
- Internal control checklists – a detailed listing of ideal control measures (the auditor
tickmarks the controls adopted by the client).
- Narrative memoranda – a written version of a flowchart. It is a description of the auditor's
understanding of the system of internal control.
- Decision trees or tables
a. Decision trees –are graphic illustrations that depict the logic of an operation or
process. They generally employ questions with "Yes" or "No" answers, which direct the
user to the next relevant questions.
b. Decision tables–are graphic illustrations that depict the logical relationships of a
system in table form. Both approaches document the auditor's understanding of a
process.
55
Document the assessed level of control risk
● If the control risk is assessed at a high level, the auditor should document his conclusion that control
risk is at a high level.
● If the control risk is assessed at less than high level, the auditor should document:
- His conclusion that control risk is at less than high level, and
- The basis for that assessment – results of tests of controls confirming the assessment of
control risk at below high/maximum level.
Communicating with those charged with governance and management
● The auditor should communicate audit matters of governance interest arising from the audit of
financial statements with those charged with governance of an entity.
● Governance refers to the role of persons entrusted with the supervision, control and direction of an
entity.
● Those charged with governance ordinarily are accountable for ensuring that the entity achieves its
objectives, financial reporting, and reporting to interested parties.
Reportable Conditions
● Significant deficiencies/weaknesses in the design or operation of the internal control which have
come to the auditor’s attention that should be reported to the appropriate level of management
such as the highest official of the company or those charged with governance (usually to the entity’s
audit committee of the board of directors) in writing, in a formal management letter (the
by-product of the audit engagement) at the earliest opportunity so that appropriate corrective
actions may be taken as soon as possible.
Significant Deficiency
● A deficiency may be of such magnitude as to be considered a material weakness in internal control.
A material internal control weakness is a condition in which material errors or fraud would
ordinarily not be detected within a timely period by employees in the normal course of performing
their assigned functions.
56
No expression of opinion on entity’s internal control
● Consideration of internal control in financial statement audit is not sufficient to express an opinion
on an entity’s controls because only those controls on which an auditor intends to rely are reviewed,
tested, and evaluated. Moreover, the auditor is not required to identify or search for internal control
weaknesses. Examples of significant weaknesses in internal control include:
- Weak control environment (such as ineffective oversight, poor attitude toward internal
control, or instances found of management override or fraud).
- Weaknesses in IT general controls.
- Significant business risks that have not been addressed by policies, procedures or internal
controls.
- Significant internal control activities or application controls not operating as designed, not
applied consistently by appropriate individuals, or not monitored by appropriate individuals.
57
AUDITING IN A CIS (IT) ENVIRONMENT
Risk Assessments and Internal Control:
CIS Characteristics and Consideration
Organizational Structure
● Characteristics of a CIS organizational structure includes:
- Concentration of functions and knowledge: Generally the number of persons involved in the
processing of financial information is significantly reduced.
- Concentration of programs and data: Transaction and master file data are often
concentrated, usually in machine-readable form
Nature of Processing
System characteristics that may result from the nature of CIS processing include
● Absence of input documents - Data may be entered directly into the computer system without
supporting documents.
● Lack of visible audit trail - The transaction trail may be partly in machine-readable form and may
exist only for a limited period of time.
● Lack of visible output - Certain transactions or results of processing may not be printed or only
summary data may be printed.
● Ease of access to data and computer programs - Data and computer programs may be assessed
and altered at the computer or through the use of computer equipment at remote locations.
Internal Controls in a CIS Environment
General CIS Controls – To provide a reasonable level of assurance that the overall objectives of internal
control are achieved. It may includes:
● Organization and management controls – designed to define the strategic direction and establish
an organizational framework over CIS activities, including:
58
- Strategic information technology plan
- CIS policies and procedures
- Segregation of incompatible functions
- Monitoring of CIS activities performed by third party consultants.
● Development and maintenance controls - They typically are designed to establish control over:
- Project initiation, requirements definition, systems design, testing, data conversion, go-live
decision, migration to production environment, documentation of new or revised systems,
and user training.
- Acquisition and implementation of off-the-shelf packages
- Acquisition, implementation, and maintenance of system software
● Delivery and support controls – designed to control the delivery of CIS services and include:
- Establishment of service level agreements against which CIS services are measured.
- Performance and capacity management controls.
- Disaster recovery/contingency planning, training, and file backup.
● Monitoring controls – designed to ensure that CIS controls are working effectively as planned. These
include:
- Monitoring of key CIS performance indicators.
- Internal external CIS audits.
CIS Application Controls - CIS
application controls include:
● Controls over Input – designed to provide reasonable assurance that:
- Transactions are properly authorized before being processed by the computer.
- Transactions are accurately converted into machine readable form and recorded in the
computer data files.
59
- Transactions are not lost, added, duplicated or improperly change.
- Incorrect transactions are rejected, corrected and, if necessary, resubmitted on a timely
basis.
● Controls over processing and computer data files – designed to provide reasonable assurance
that:
- Transactions, including system generated transactions, are properly processed by the
computer.
- Transactions are not lost, added, duplicated or improperly changed.
- Processing errors (i.e., rejected data and incorrect transactions) are identified and corrected
on a timely basis.
● Controls over output – designed to provide reasonable assurance that:
- Results of processing are accurate.
- Access to output is restricted to authorized personnel on a timely basis.
- Output is provided to appropriate authorized personnel on a timely basis.
Review of general CIS controls
General CIS controls that relate to some or all applications are typically interdependent controls in that their
operation is often essential to the effectiveness of CIS application controls.
Review of CIS application controls
CIS application controls which the auditor may wish to test include:
- Manual controls exercised by the user
- Controls over system output
- Programmed control procedures
60
CIS ENVIRONMENTS – STAND-ALONE PERSONAL COMPUTERS
A personal computer (PC) can be used in various configurations. These include:
- A stand-alone workstation operated by a single user or a number of users at different times.
- A workstation which is part of a Local Area Network (LAN) of PCs.
- A workstation connected to a server.
CIS ENVIRONMENTS – ON-LINE COMPUTER SYSTEMS
● On-line systems allow users to directly initiate various functions such as:
- Entering transactions
- Making inquiries
- Requesting reports
● Types of terminals used in on-line systems:
General purpose terminals
a. Basic keyboard and screen
b. Intelligent terminal
c. PCs
Special purpose terminals
a. Point-of-sale devices
b. Automated teller machines (ATM)
● Types of on-line computer systems:
- On-line/ real time processing.
- On-line/batch processing.
NETWORK ENVIRONMENT
Basic types of networks:
- Local area network (LAN)
- Wide area network (WAN)
- Metropolitan area network (MAN)
61
CIS ENVIRONMENTS – DATABASE SYSTEMS
● DATABASE – a collection of data that is shared and used bymany different users for different
purposes.
● Two components of database systems:
- Database
- Database management system (DBMS)
● Characteristics of database systems:
- Data sharing
- Data independence
SOFTWARE
Consists of computer programs which instruct the computer hardware to perform the desired processing.
Types of computer programs
● Operating System
- Multiprogramming
- Multiprocessing
- Virtual Storage
● Database Management System (DBMS)
ELECTRONIC DATA INTERCHANGE (EDI)
– the electronic exchange of transactions, from one entity’s computer to another entity’s computer through
an electronic communications network. EDI controls include:
- Authentication
- Encryption
Audit Approaches
● Auditing around the computer – the auditor ignores or bypasses the computer processing function
of an entity’s EDP system.
62
● Auditing with the computer – the computer is used as an audit tool.
● Auditing through the computer – the auditor enters the client’s system and examines directly the
computer and its system and application software.
COMPUTER ASSISTED AUDIT TECHNIQUES (CAATs) FOR TESTS OF CONTROLS
● Program Analysis
- Code review
- Comparison programs
- Flowcharting software –
- Program tracing and mapping
- Snapshot
● Program Testing
Historical audit techniques
- Test Data
- Integrated test facility (ITF)
- Parallel Simulation
63
AUDIT EVIDENCE
REFERENCES:
PSA 500: Audit Evidence
PSA 501: Audit Evidence – Specific considerations for Selected Items
PSA 505: External Confirmations
PSA 520: Analytical Procedures
PSA 230: Audit Documentation
ASSERTIONS AND AUDIT OBJECTIVES
Nature of Assertions
They are a collection of claims and assertions, made implicitly or explicitly by the entity’s management,
about the recognition, measurement, presentation, and disclosure of information in the financial
statements.
Examples of Assertion :
- Existence
- Completeness
- Valuation
- Accuracy
Levels of Assertions:
- Financial Statements Level
- Account balance or class of transactions level
Categories of Assertions used by the Auditor:
● Assertions about classes of transactions and events for the period under audit:
- Completeness
- Occurrence
64
- Cutoff
- Accuracy
- Classification
● Assertions about account balances at the period end :
- Completeness
- Valuation and Allocation
- Existence
- Rights and Obligation
● Assertions about presentation and disclosure
- Completeness
- Occurrence and Rights and Obligation
- Classification and Understandability
- Accuracy and Valuation
Auditor’s Use of Relevant Assertions:
● The auditor uses relevant assertions in developing audit objectives that will be the basis for
designing audit procedures.
● Relevant assertions
- Existence assertion, not valuation, is typically relevant to the audit of a cash account.
- The valuation assertion would be more relevant to assessing the inventory balance than
assessing sales balance.
Audit Objectives
● The auditor develops audit objectives that relate to management assertions about the financial
statement components.
● To achieve audit objectives, the auditor shall design audit procedures and gather sufficient
appropriate audit evidence whether the assertions are in accordance with the applicable financial
reporting framework.
65
● Audit objectives are used to verify management assertions. Thus, there should be proper matching
of auditor’s objectives with management assertions.
Types of Audit Objectives:
● Whether general or specific:
- General audit objectives
- Specific audit objectives
● Whether substantive or compliance
- Substantive audit objectives
- Compliance audit objectives
Audit procedures
Primary Purpose of Audit Procedures:
Audit procedures are performed to gather necessary (not all) corroborative evidence to achieve audit
objectives in order to result to sufficient appropriate audit evidence on the fairness of the presentation of
the entity’s financial statements.
Nature, Timing and Extent of Audit Procedures:
● Nature of an audit procedure – refers to- Its purpose (i.e., test of controls or substantive procedure)
● Timing of an audit procedure – refers to when to perform the audit procedure, or the period or date
to which the audit evidence applies.
● Extent of an audit procedure – refers to the quantity to be performed or the extent of testing or the
number of items to be examined.
Audit Procedures for Obtaining Audit Evidence:
● Risk assessment procedures – procedures to obtain an understanding of the entity and its
environment, including its internal control, in order to identify and assess the risks of material
misstatement (RMM).
66
● Further audit procedures – The auditor shall design and perform audit procedures whose nature,
timing, and extent are based on and are responsive to the assessed RMM at the assertion level. It
includes:
- Test of controls (Compliance Test)
- Substantive procedure
Types of Substantive Procedure
● Test of details
● Directional Testing
- Tracing
- Vouching
a. Test of details of transactions
- Applicability of test of details of transactions:
- Test of transactions
- Test of details
b. Test of details of balances - direct testing of accounts ending balance.
● Substantive analytical procedures – these are analytical procedures performed during testing
phase to substantiate predictable relationships among both financial and non-financial data.
Audit Procedures According to Types:
● Inspection
● Observation
● External confirmation
● Recalculation
● Reperformance
● Analytical procedures
● Inquiry
67
Audit Techniques
The auditor applies audit techniques (methods) to gather corroborative evidence and uses his professional
judgment to determine which audit techniques would best result to the audit
evidence he needs. Examples:
- Confirm
- Inspect
- Count
- Compare
- Inquire
- Trace
- Vouch
- Verify
Audit Program - is a detailed listing of the nature, timing and extent of planned audit procedures (tests of
controls and/or substantive tests) that the auditor will perform to gather sufficient appropriate evidenced.
Audit evidence - refers to all the information used by the auditor in arriving at the conclusions on which the
audit opinion is based. Thus, audit evidence supports the opinion and the auditor's report.
Nature of Audit Evidence:
● Accounting records (Underlying data) - accounting records/data prepared by the client’s
personnel and from which financial statements are prepared.
● Corroborating evidence – corroborating information that are used by the auditor to verify the
fairness of the accounting records.
Types of Audit Evidence:
- Physical Evidence
- Mathematical recomputation
- Documentation
68
- Representation by third parties
- Representation by client personnel
- Results of analytical procedures
- Internal control
- Subsequent events
Sufficient Appropriate Audit Evidence
● Sufficiency – the measure of the quantity or amount of audit evidence that the auditor shall
accumulate.
● Appropriateness – measures the quality of audit evidence, that is, its relevance and its reliability in
providing support for the conclusions on which the auditor's opinion is based.
- Relevance
- Reliability
Persuasive Evidence - Audit evidence is persuasive if it is sufficient both in quantity and quality to support
audit opinion.
Information produced by a management expert as audit evidence -
A management expert is an individual or organization possessing expertise in a field other than accounting
or auditing, whose work in that field is used by the entity to assist the entity in preparing the financial
statements.
● Evaluate the competence, capabilities and objectivity of that expert.
- Competence
- Capability
- Objectivity
● Obtain an understanding of the work or field of expertise of that management’s expert.
● Evaluate the appropriateness of that expert’s work as audit evidence for relevant assertion.
69
The auditor shall consider:
- The relevance and reasonableness of that expert’s findings or conclusions, their consistency
with other audit evidence, and whether they have been appropriately reflected in the
financial statements.
- If the expert’s work involves use of significant assumptions and methods, the relevance and
reasonableness of those assumptions and methods.
- If that expert’s work involves significant use of source data the relevance, completeness, and
accuracy of that source data.
70
AUDIT SAMPLING
REFERENCE:
PSA 530: Audit Sampling
Definition of terms:
● Sampling – testing of less than 100% of the items within a population to form a conclusion about the
population.
● Audit sampling – applying audit procedures to less than 100% of the items within an account
balance or class of transactions, such that all sampling units have a chance of selection, to form a
conclusion about the balance or class.
● Error – either control deviations, when performing tests of control, or misstatements, when
performing substantive procedures.
● Anomalous error – means an error that arises from an isolated event that has not recurred other
than on specifically identifiable occasions and is therefore not representative of errors in the
population.
● Sampling risk – the possibility that the auditor’s conclusion, based on a sample may be different
from the conclusion reached if the entire population were subjected to the same audit procedure.
● Non-sampling risk – arises from factors that cause the auditor to reach an erroneous conclusion for
any reason not related to the size of the sample. For example, most audit evidence is persuasive
rather than conclusive, the auditor might use inappropriate procedures, or the auditor might
misinterpret evidence and fail to recognize an error.
71
● Population – the entire set of data from which a sample is selected and about which the auditor
wishes to draw conclusions. For example, all of the items in an account balance or a class of
transactions constitute a population. A population may be divided into strata, or sub-populations,
with each stratum being examined separately. The term population is used to include the term
stratum.
● Confidence levels – the mathematical complements of sampling risks.
● Sampling unit – the individual items constituting a population, for example checks listed on deposit
slips, credit entries on bank statements, sales invoices or debtors’ balances, or a monetary unit.
● Stratification – the process of dividing a population into subpopulations, each of which is a group of
sampling units which have similar characteristics (often monetary value).
● Tolerable error
➢ Tolerable error amount – in substantive procedures, it is the maximum total error in a
population that the auditor is willing to accept.
➢ Tolerable deviation rate – in tests of control, it is the maximum rate of deviation from the
prescribed control procedure the auditor is willing to accept without changing control risk
assessment or planned reliance on internal control.
● Expected error
➢ Expected error amount – in substantive tests, it is the auditor's best estimate of the amount
of error the auditor expects to find in the population.
➢ Expected deviation rate – in tests of control, it is the auditor's best estimate of the rate of
deviation from a prescribed control procedure in the population.
Whether audit sampling is a required: Audit sampling is not required part of any audit procedure because
when designing audit procedures, the auditor should determine appropriate means of selecting items for
testing as follows:
72
● Selecting all items (100% examination).
● Selecting specific items from a population judgmentally based on such factors as knowledge of the
client’s business, preliminary assessments of inherent and control risks, and the characteristics of the
population being tested (subject to nonsampling risk).
● Audit sampling: Sampling is essential throughout audits as auditors attempt to gather sufficient
appropriate evidence in a cost efficient manner.
Approaches to audit sampling:
Statistical sampling
● In statistical sampling, auditors specify the sampling risk they are willing to accept and then
calculate the sample size that provides that degree of reliability. Results are evaluated
quantitatively.
● Statistical sampling measures quantitatively the risk from testing only part of an audit population.
● Any approach to sampling that has the following characteristics:
- Random selection of a sample; and
- Use of probability theory to evaluate sample results, including measurement of sampling risk.
● Advantages of statistical sampling: Conclusions may be drawn in more precise ways when using
statistical sampling because it enables the auditor to:
- Measure the sufficiency of the audit evidence obtained.
- Provide an objective basis for quantitatively evaluating sample results.
- Design an efficient sample.
- Quantify sampling risk so as to limit/control risk to an acceptable level.
● Random sample selection: should be used in statistical sampling. Such methods give all items in
the population an equal chance to be included in the sample to be audited.
Nonstatistical sampling – Auditors use their judgment in determining sample size, and sample results are
evaluated judgmentally. Conclusions may be drawn in more precise ways when using statistical
sampling methods.
73
● It is acceptable for auditors to use either or combination of statistical and nonstatistical sampling.
● Both sampling approaches involve judgment in planning, executing the sampling plan, and
evaluating the results of the sample.
● Sampling methods are used by auditors in both control testing and substantive testing.
● Statistical sampling is a mathematical approach to inference, whereas nonstatistical sampling is a
more subjective approach.
Auditor’s professional judgment:
The auditor must exercise professional judgment in both statistical and nonstatistical sampling to:
● Define the population and the sampling unit.
● Select the appropriate sampling method.
● Evaluate the appropriateness of audit evidence.
● Evaluate the nature of deviations or errors.
● Consider sampling risk.
● Evaluate the results obtained from the sample and project those results to the population.
Types of sampling:
● Attribute sampling – estimates the quality characteristic of a population; it estimates the rate of
deviation for internal controls that the auditor decides to rely upon.
● Variables sampling – estimates the numerical quantity of a population.
Sampling risk:
● The possibility that the auditor’s conclusion, based on a sample may be different from the
conclusion reached if the entire population were subjected to the same audit procedure.
● The risk that the sample is not representative of the population and that the auditor's conclusion will
be different from the conclusion had the auditor examined 100% of the population.
● The possibility that even though a sample is properly chosen, it may not be representative of the
population.
74
Two types of sampling risk:
● Risk that affects audit effectiveness and may lead to an inappropriate audit opinion (“Beta risk” or
“Type II error”).
● Risk affects audit efficiency as it would usually lead to additional work to establish that initial
conclusions were incorrect (“Alpha risk” or “Type I error”).
Aspects of audit risk: (Sampling risk and Nonsampling risk)
Sampling risk: aspects of audit risk that are due to sampling; the risk or the possibility that, when a test of
controls or a substantive test is restricted to a sample, the auditor's conclusions may be different from the
conclusions which would have been reached had the tests been applied to all items in the account balance
or class of transactions.
● Sampling risks in substantive testing: (Risk of incorrect acceptance and risk of incorrect rejection)
- Risk of incorrect acceptance – the risk that the recorded account balance (based on the
sample) is not materially misstated when in fact it is materially misstated (i.e., sample results
fail to identify an existing material misstatement).
- Risk of incorrect rejection – the risk that the recorded account balance (based on the
sample) is materially misstated when in fact it is not materially misstated (i.e., sample results
mistakenly indicate a material misstatement).
● Sampling risks in tests of controls: (Risk of assessing control risk to low and Risk of assessing
control risk to high)
- Risk of assessing control risk too low – the risk that the assessed level of control risk (based
on the sample) is lower than the true level of control risk (i.e., sample results indicate a lower
deviation rate than actually exists in the population).
- Risk of assessing control risk too high – the risk that the assessed level of control risk (based
on the sample) is higher than the true level of control risk (i.e., sample results indicate a
greater deviation rate than actually exists in the population).
75
Nonsampling risk: all aspects of audit risk that are not due to sampling. Nonsampling risk is the possibility
that auditors will arrive at an erroneous conclusion not because of the chosen sample but due to other
factors.
● Nonsampling risk is always present and cannot be measured.
● Nonsampling risk can be controlled by adequate planning and supervision of audit work and proper
adherence to quality control standards.
Types of statistical plans:
Attribute sampling – sampling in tests of controls
● Attribute sampling is a statistical sampling method used to estimate the rate (%) of occurrence
(exception) of a specific characteristic or attribute
● Attribute sampling models:
- Discovery sampling – a special type of attribute sampling appropriate when the auditor
believes the population deviation rate is zero or near zero.
- Stop-or-go sampling (sequential sampling) – is designed to avoid oversampling for
attributes by allowing the auditor to stop an audit test before completing all steps.
Variables sampling – sampling in substantive tests:
● Probability-proportional-to-size (PPS) sampling – sampling technique where the sampling unit is
defined as an individual peso in a population. Once a peso is selected, the entire account
(containing that peso) is audited.
● Classical variables sampling – a statistical sampling method used to estimate the numerical
measurement of a population, such as a peso value (e.g., accounts receivable balance).
➢ Three commonly used classical variables sampling:
1. Mean-per-unit estimation - a sampling plan that uses the average value of the
items in the sample to estimate the true population value (i.e., estimate = average
sample value x number of items in population).
76
2. Ratio estimation – a sampling plan that uses the ratio of the audited (correct) values
of items to their book values to project the true population value.
3. Difference estimation – a sampling plan that uses the average difference between
the audited (correct) values of items and their book values to project the actual
population value.
Principal sample selection methods:
Appropriate sample selection methods could reduce sampling risk.
● Random-number sampling – use of a computerized random number generator or random number
tables.
● Systematic selection – the number of sampling units in the population is divided by the sample size
to give a sampling interval regardless of the amount involved (for example 50, and having
determined a starting point within the first 50, each 50th sampling unit thereafter is selected).
● Haphazard selection – the auditor selects the sample without following a structured technique, but
the method is intended to avoid or predictability (for example avoiding difficult to locate items, or
always choosing or avoiding the first or last entries on a page) and thus attempt to ensure that all
items in the population have a chance of selection.
Other sample selection methods:
● Value-weighted selection – sets the high-value items as priority to be included in the sample.
● Block selection – involves selecting a block(s) of contiguous items from within the population. Block
selection cannot ordinarily be used in audit sampling because most populations are structured such
that items in a sequence can be expected to have similar characteristics to each other, but different
characteristics from items elsewhere in the population.
● Stratification – grouping of items of similar size and each group is treated as a separate population.
For example, assume 1,000 items are stratified into two groups: the 100 largest items will all be
examined individually, but sampling techniques will be applied to the remaining 900 items. In this
case, the population size for the sampling application would be 900, not 1,000. Stratification is used
when there is a wide range (variability) in the monetary size of items in the population.
77
COMPLETING THE AUDIT
REFERENCES:
PSA 520: Analytical Procedures
PSA 550: Related Parties
PSA 560: Subsequent Events
PSA 570: Evaluation of Going Concern Status
PSA 580: Written Representations
Reviewing Related Party Transactions
Related party transaction – a transfer of resources, services or obligations between related parties,
regardless of whether a price is charged.
The auditor shall inquire of management regarding:
● The identity of the entity’s related parties (relationships and transactions), including changes from
the prior period.
● The nature of the relationships between the entity and these related parties.
● Whether the entity entered into any transactions with these related parties during the period and, if
so, the type and purpose of the transactions.
Management’s responsibility
- Identification and disclosure of:
➢ Related parties; and
➢ Related party transactions
Auditor’s responsibility
● Review related party transactions to ensure that they have been properly identified, recorded and
disclosed in the financial statements.
● Obtain a written representation from management concerning:
- Completeness of information on identification of related parties; and
- Adequacy of disclosure in the FS.
78
Reasons for the review
The auditor should modify the auditor’s report in case of:
- Inability to obtain sufficient appropriate audit evidence concerning related parties and transactions
with such parties.
- Inadequate disclosure in the FS
Perform Subsequent Events Review
● Subsequent events refer to events occurring between period end (the date of the financial
statements or the balance sheet date) and the date of the auditor’s report that may affect the
financial statements and the auditor’s report.
● These events are also called post-balance sheet events/transactions since they occur after or
subsequent to the balance sheet date.
Types of subsequent events:
A. Those requiring adjustment – those that provide evidence of conditions that existed at the date of
the financial statements.
● Examples:
- Settlement of litigation in excess of the amount recorded.
- Loss on uncollectible accounts resulting from of customer’s continued deteriorating financial
condition leading to bankruptcy.
B. Those requiring disclosure – events that are indicative of conditions that arose after the date of the
financial statements.
● Examples:
- Issuance of bonds/stocks after the BS date.
- Major purchase of a business.
Subsequent events relevant to the auditor: limited to those subsequent events (both requiring adjustment
or disclosure) that occur subsequent to the date of the FS and the date of the auditor’s report.
79
Auditor’s responsibility for subsequent events:
Perform audit procedures designed to identify subsequent events.
The auditor should perform procedures designed to obtain sufficient appropriate audit evidence that all
events up to the date of the auditor’s report that may require adjustment of, or disclosure in, the financial
statements have been identified. These procedures would include:
● Reviewing procedures management has established to ensure that subsequent events are
identified.
● Inquiry
● Reading the entity’s latest available interim financial statements as well as budgets and cash flow
forecasts and other related management reports; compare them with the financial statements
under audit.
To consider/evaluate the effect of subsequent events (whether such events are properly accounted for and
adequately disclosed) on the financial statements and on the auditor’s report.
Litigations and Claims
● Litigation and claims involving an entity may have a material effect on the financial statements and
thus may be required to be disclosed and/or provided for in the financial statements.
Audit procedures regarding litigation and claims:
● Identify existence of any litigation and claims: The auditor should carry out procedures to
identify existence of any litigations and claims involving the entity which may result in a
material misstatement of the financial statements. Such procedures would include the
following:
➢ Make appropriate inquiries of management including obtaining representations.
➢ Review minutes of those charged with governance and correspondence with the
entity’s legal counsel.
80
● Communicate directly with the entity’s lawyers: The auditor should seek direct
communication with the entity’s lawyers when litigation or claims have been identified or
when the auditor believes they may exist. The letter would ordinarily specify the following:
➢ A list of litigation and claims.
➢ Management’s assessment of the outcome of the litigation or claim and its estimate
of the financial implications, including costs involved.
● If management refuses to give the auditor permission to communicate with the entity’s legal
counsel, this would be a scope limitation and should ordinarily lead to a qualified opinion or a
disclaimer of opinion.
● Where the entity’s legal counsel refuses to respond in an appropriate manner and the auditor is
unable to obtain sufficient appropriate audit evidence by applying alternative audit procedures, the
auditor would consider whether there is a scope limitation which may lead to a qualified opinion or a
disclaimer of opinion.
Performing Wrap-Up Procedures
Performing analytical procedures in the overall review at/near the end of the audit
● Analytical procedures involve analysis of significant ratios and trends including the resultant
investigation of fluctuations and relationships that are inconsistent with other relevant information or
expectation:
➢ Purpose of performing analytical procedures in the overall review stage of the audit: to
ensure that the auditor’s overall conclusion as to whether the financial statements as a whole
are consistent with the auditor’s understanding of the entity.
➢ Auditor’s focus when performing analytical procedures in the overall review stage:
- Identifying unusual fluctuations or transactions or unexpected account balances that
were not previously identified.
- Assessing the validity of the conclusions reached and evaluating the overall financial
statements presentation.
81
Assessing going concern assumption
Financial statements are ordinarily prepared based on going concern basis, contrary to the quitting
concern basis, in the absence of information to the contrary.
Going concern assumption – an entity is ordinarily viewed as continuing in business for the foreseeable
future with neither the intention nor the necessity of liquidation, ceasing trading or seeking protection from
creditors pursuant to laws and regulations.
Management’s responsibility:
● Management should assess the entity’s ability to continue as a going concern – making a judgment
about the future outcome of uncertain events or conditions (for a period of one year from balance
sheet date).
● To disclosure (based on the result of assessment)
Disclosure requirements if FS are not prepared on a going concern basis:
● The fact that FS are not prepared on a going concern basis.
● The basis on which the FS are prepared.
● The reasons why the entity is not regarded as a going concern.
Auditor’s responsibility:
● Overall evaluation of the appropriateness of management’s use of the going concern assumption in
the preparation of the financial statements.
● Identifying material uncertainties about the entity’s ability to continue as a going concern that need
to be disclosed in the financial statements.
● Whether such events or conditions are adequately disclosed in the financial statements.
● Consider report modification because of these events or conditions.
● If conditions or events such as those identified previously create substantial doubt as to the ability of
the entity to continue as a going concern, the auditor should consider whether management has
feasible plans.
82
Factors that can mitigate the adverse effects of identified material going concern uncertainty:
● The auditor should consider whether management has plans for and the ability to implement
alternative means of maintaining adequate cash flows to mitigate events and conditions that may
cast doubt about the entity’s ability to continue as a going concern.
● Examples of mitigating factors: - When there is a history of profitable operations and a ready
access to financial resources.
Management has plans and ability to maintain adequate cash flows by alternative means, such as:
- Disposal of assets (including disposal of operations producing negative cash flows).
- Borrowing money or restructuring debt.
- Leasing (instead of purchasing) of PPE items.
● Availability of alternative source of supply in case of loss of a principal supplier
Audit procedures to identify conditions and events that may cast doubt about an entity’s ability to
continue as a going concern:
● Analytical procedures
● Subsequent events review
● Review of compliance with debt and loan agreements
● Reading minutes of meetings
Management Representation Letter
● Auditor’s responsibility: The auditor should obtain appropriate written representations from
management.
● Management’s responsibility: Management has responsibility to provide written representations
(this responsibility is included in the engagement letter that sets out the terms of engagement).
● Purposes of a management representation letter:
- Main: To emphasize or impress upon management its ultimate responsibility for the financial
statements.
83
- Other purposes:
- It confirms oral representations made by management during the audit.
- It reduces the possibility of misunderstanding between the auditor and the client
concerning the matters that are the subject of the representations.
Forms of management representations: Management representations may be verbal, whether solicited or
unsolicited, or written, whether explicitly such as contained in a management representation letter or
implicitly such as contained in financial information provided. The forms of representations include:
- A representation letter from management – known as the management representation letter or
client’s representation letter.
- A letter from the auditor (confirmatory letter) – outlining the auditor’s understanding of
management’s representations, duly acknowledged and confirmed by management.
- Relevant minutes of meetings (of the board of directors or similar body).
- Signed copy of the financial statements.
- Matters communicated in discussions or electronically such as e-mails or telephone messages.
- Schedules, analyses, and reports prepared by the entity, and management’s notations and
comments therein.
Basic elements of a management representation letter:
● Addressee: Should be addressed to the auditor.
● Contents: Should contain the specified information.
● Date: Should be appropriately dated (ordinarily coincides with date of the auditor’s report.
● Signatory: Should be appropriately signed by the members of management who have primary or
overall responsibility for financial and operating aspects of the entity.
Appropriate signatory of a management representation letter:
- Owner-manager
- Chief/senior executive officer
- Chief/senior financial officer
- Other members of management
84
Basic contents of management representation letter:
- That management acknowledges its responsibility for the fair presentation of the financial
statements in accordance with the applicable financial reporting framework.
- That management has approved the financial statements.
- That management acknowledges its responsibility for the design and implementation of internal
control to prevent and detect error.
- That management believes the effects of those uncorrected financial statement misstatements
aggregated by the auditor during the audit are immaterial, both individually and in the aggregate, to
the financial statements taken as a whole.
Classification of matters to be included in a management representation letter:
Written confirmation or representations should be obtained for all significant representations provided to
the auditor for all financial statements on which the auditor reports. These representations are grouped
below:
- Representations that directly relate to items that are material, either individually or in aggregate, to
the financial statements.
- Representations not directly related to items that are material to the financial statements but are
significant, either individually or in aggregate, to the engagement.
- Representations that are relevant to management’s judgments or estimates that are material, either
individually or in aggregate, to the financial statements.
Limitations of management representations:
although management representations are considered part of evidential matter, they (are):
- Not a substitute for performing other audit procedures or a means to reduce the auditor’s
responsibility.
- Not as the sole source of evidence on significant audit matters.
- Cannot be substitute for other audit evidence that the auditor could reasonably expect to be
available.
85
Auditor’s responsibility on representations relating to matters that are material to the financial
statements:
- Seek corroborative audit evidence from sources inside or outside the entity.
- Evaluate whether the representations made by management appear reasonable and consistent
with other audit evidence obtained, including other representations.
Legal representation letter – client’s letter of inquiry to lawyer who have been consulted by the client
concerning litigation, claims, or assessments to provide corroborative evidential matter; such letter of
inquiry should be mailed only by the auditor after preparation by the client and review by the auditor.
Application of materiality:
● Representations may be limited to matters that are considered either individually or collectively
material to the financial statements.
● Materiality limits would not apply when obtaining written client representation on:
- Fraud or irregularities involving management.
- Availability of minutes of meetings.
Effect if management refuses to provide the necessary written representations: Refusal by management
to provide a written representation requested by the auditor that the auditor deems necessary constitutes a
scope limitation and would result in a qualified opinion or a disclaimer of opinion.
When management representation is contradicted by other audit evidence: The auditor should
investigate the circumstances and, when necessary, reconsider the reliability of other representations made
by management.
Subsequent Discovery of Omitted Procedures After Submission of the Audit Report
● Omitted audit procedures may be discovered (after the audit report has been submitted) during a
firm's internal inspection program or during peer review.
86
● Auditor’s action:
- The auditor should assess the importance of the omitted procedures to his ability to support
the audit opinion.
- The auditor should determine whether other audit procedures that were applied tend to
compensate for the omitted audit procedures. If so, no further action is necessary.
- If, on the other hand, the omitted audit procedures impair the auditor's ability to support the
previously issued opinion, and there are people relying (or likely to rely) on the report, then
the auditor should promptly undertake to apply the omitted procedures or the corresponding
alternative procedures.
- If, after applying the omitted procedures, the auditor determines that the financial
statements are materially misstated and that the auditor's report is inappropriate, the auditor
should discuss the matter with the management and take steps to prevent future reliance on
the report.
87
FORMING AN OPINION AND AUDITOR’S REPORT
REFERENCES:
PSA 700: Forming an Opinion and Reporting on Financial Statements
PSA 701: Communicating Key Audit Matters in the Independent Auditor’s Report
PSA 705: Modifications to the Opinion in the Independent Auditor’s Report
PSA 706: Emphasis of Matter Paragraphs and Other Matter Paragraphs in the Independent Auditor’s Report
PSA 710: Comparative Information – Corresponding Figures and Comparative Financial Statements
PSA 720: The Auditor’s Responsibility in Relation to Other Information in Documents Containing Audited
Financial Statements
AUDITOR’S OPINIONS
Types of Auditor’s Opinions
● Unmodified (unqualified) opinion—The opinion expressed when the FSs are prepared, in all material
respects, in accordance with the applicable financial reporting framework.
● Modified opinion—The three types of are:
- Qualified opinion – the auditor is satisfied that the FSs are presented fairly, except for a
specific aspect of them.
- Adverse opinion – the auditor does not believe the FSs are fairly presented.
- Disclaimer of opinion – the auditor does not know if the FSs are presented fairly.
Auditor’s Reports
The auditor’s report shall be in writing (hard copy format or an electronic medium).Standard Auditor’s
Report.
The following are the parts of a standard auditor’s report with unqualified opinion without emphasis of
matter paragraph and other matter paragraph:
88
Title
● The auditor’s report shall have a title that clearly indicates that it is the report of an independent
auditor. For example, “Independent Auditor’s Report,” affirms that the auditor has met all of the
relevant ethical requirements regarding independence and distinguishes the independent auditor’s
report from reports issued by others.
Addressee
● The auditor’s report is normally addressed to those for whom the report is prepared, often either to
the shareholders and/or to those charged with governance of the entity.
Auditor’s Opinion
● The section in the auditor’s report shall include:
- Reference to the financial statements that have been audited.
- Description of the financial statements and the matters they present.
- Description of the applicable financial reporting framework and how it may affect the
auditor’s opinion.
Basis for Opinion
● The Basis for Opinion section provides important context about the auditor’s opinion. Accordingly,
this PSA requires the Basis for Opinion section to directly follow the Opinion section in the auditor’s
report.
Key Audit Matters
● Law or regulation may require communication of key audit matters for audits of entities other than
listed entities, for example, entities characterized in such law or regulation as public interest entities.
89
Management’s Responsibilities
● Management and, where appropriate, those charged with governance accept responsibility for the
preparation of the financial statements in accordance with the applicable financial reporting
framework, including, where relevant, their fair presentation.
Auditor’s Responsibilities
● The auditor’s report explains that the objectives of the auditor are to obtain reasonable assurance
about whether the financial statements as a whole are free from material misstatement, whether
due to fraud or error, to issue an auditor’s report that includes the auditor’s opinion.
Other Reporting Responsibilities
● In some jurisdictions, the auditor may have additional responsibilities to report on other matters that
are supplementary to the auditor’s responsibilities under the PSAs. For example, the auditor may be
asked to report certain matters if they come to the auditor’s attention during the course of the audit
of the financial statements.
Name of the Engagement Partner
● Naming the engagement partner in the auditor’s report is intended to provide further transparency
to the users of the auditor’s report of a complete set of general purpose financial statements of a
listed entity.
Signature of the Auditor
● The auditor’s signature is either in the name of the audit firm, the personal name of the auditor or
both, as appropriate for the particular jurisdiction.
Date of the Auditor’s Report
● The date of the auditor’s report informs the user of the auditor’s report that the auditor has
considered the effect of events and transactions of which the auditor became aware and that
occurred up to that date.
90
Modifications to Auditor’s Report
● The instances of modifications include when the auditor:
- Adds “Emphasis of Matter Paragraph”
- Includes “Other of Matter Paragraph”
- Provides modified auditor’s opinion
Emphasis of Matter Paragraph
● A paragraph included in the auditor’s report that refers to a matter appropriately presented or
disclosed in the FSs, in the auditor’s judgment, is of such importance that it is fundamental to users’
understanding of the FSs.
Other Matter Paragraph
● A paragraph included in the auditor’s report that refers to a matter other than those presented or
disclosed in the FSs that, in the auditor’s judgment, is relevant to users’ understanding of the audit,
the auditor’s responsibilities or the auditor’s report.
Modified Auditor’s Opinions
Description of Introductory Paragraph
● Qualified or Adverse Opinion – No modification made.
● Disclaimer of Opinion – Amend this paragraph of the auditor’s report to state that the auditor was
only engaged (not audited) to audit the FSs.
Description of Auditor’s Responsibility Paragraph
● Qualified or Adverse Opinion – Amend this section to state that the auditor believes that the audit
evidence the auditor has obtained is sufficient and appropriate to provide a basis for the auditor’s
modified audit opinion.
● Disclaimer of Opinion – Amend this section to state only the following: “Our responsibility is to
express an opinion on the financial statements based on conducting the audit in accordance with
Philippine Standards on Auditing.
91
Basis for Modification Paragraph
● The auditor shall include additional paragraph on the standard auditor’s report immediately before
the opinion paragraph, and use the heading “Basis for Qualified Opinion,” “Basis for Adverse Opinion,”
or “Basis for Disclaimer of Opinion,” as appropriate.
Opinion Paragraph
● The auditor shall use the heading “Qualified Opinion,” “Adverse Opinion,” or “Disclaimer of Opinion,”
as appropriate, for the opinion paragraph.
Supplementary Information Presented with the Financial Statements
Supplementary information – information that is presented together with the FSs that is not required by the
applicable FRF used to prepare the FSs, normally presented in either supplementary schedules or as
additional notes.
Comparative Information
The two broad approaches to the auditor’s reporting responsibilities in respect of comparative information
are:
● Corresponding figures – comparative information where amounts and other disclosures for the
prior period are included as an integral part of the current period FSs, and are intended to be read
only in relation to the amounts and other disclosures relating to the current period (referred to as
“current period figures”)
● Comparative FSs –comparative information where amounts and other disclosures for the prior
period are included for comparison with the FSs of the current period but, if audited, are referred to in
the auditor’s opinion.
Audit Procedures
The auditor shall evaluate whether:
● The comparative information agrees with the amounts and other disclosures presented in the prior
period or, when appropriate, have been restated; and
92
● The accounting policies reflected in the comparative information are consistent with those applied
in the current period or, if there have been changes in accounting policies, whether those changes
have been properly accounted, presented and disclosed.
- If the auditor becomes aware of a possible material misstatement in the comparative
information while performing the current period audit, the auditor shall perform such
additional audit procedures necessary to obtain SAAE, including requesting written
representations for all periods referred to in the auditor’s opinion.
Audit Reporting
The essential audit reporting differences between the approaches are:
● For corresponding figures, the auditor’s opinion on the FSs refers to the current period only; whereas
● For comparative FSs, the auditor’s opinion refers to each period for which FSs are presented.
Corresponding figures
● The auditor’s opinion shall not refer to the corresponding figures because the auditor’s opinion is on
the current period FSs includes corresponding figures, except:
- Modifications in the auditor's report on the prior period remain unresolved.
- Misstatement in prior period FSs.
- Prior period FSs not audited.
- Prior period FSs audited by a predecessor auditor.
● If the auditor obtains audit evidence that a material misstatement exists in the prior period FSs on
which an unmodified opinion has been previously issued, and the corresponding figures have not
been properly restated, the auditor shall express a qualified opinion or an adverse opinion in the
auditor’s report on the current period FSs.
● When the prior period FSs that are misstated have not been amended and an auditor’s report has
not been reissued, but the corresponding figures have been properly restated or appropriate
disclosures have been made in the current period FSs, the auditor’s report may include an Emphasis
of Matter paragraph.
93
Prior period FSs audited by a predecessor auditor
● The auditor shall state (if nor prohibited by law to do so) in an Other Matter paragraph in the
auditor’s report:
- That the FSs of the prior period were audited by the predecessor auditor;
- The type of opinion expressed and, if the opinion was modified, the reasons therefore; and
The date of that report.
Comparative financial statements
● The auditor’s opinion shall refer to each period for which FSs are presented on which an audit opinion
is expressed.
Opinion on Prior Period FSs Different from Previous Opinion
● The opinion expressed on the prior period FSs may be different from the opinion previously expressed
if the auditor becomes aware of circumstances or events that materially affect the FSs of a prior
period during the course of the audit of the current period. The auditor shall disclose the substantive
reasons for the different opinion in an Other Matter paragraph.
Prior Period FSs Audited by a Predecessor Auditor
● In addition to expressing an opinion on the current period’s FSs, the auditor shall state in an Other
Matter paragraph:
- That the FSs of the prior period were audited by a predecessor auditor;
- The type of opinion expressed and, if the opinion was modified, the reasons therefore; and
- The date of that report, unless the predecessor auditor’s report on the prior period’s FSs is
reissued with the FSs.
Other Information in Documents Containing Audited Financial Statements
● Other information refers to financial and non-financial information (other than the FSs and the
auditor’s report thereon) which is included, either by law, regulation or custom, in a document
containing audited FSs and the auditor’s report thereon. Other information may comprise, for
example:
94
- A report by management or those charged with governance operations.
- Financial summaries or highlights.
- Employment data.
- Planned capital expenditures.
- Financial ratios.
- Names of officers and directors.
- Selected quarterly data.
● The auditor’s opinion does not cover other information and the auditor has no specific responsibility
for determining whether or not other information is properly stated. However, the auditor reads the
other information because the credibility of the audited FSs and the auditor’s report may be
undermined by material inconsistencies between the audited FSs and other information.
Restriction on Distribution or Use or Alerting Readers to the Basis of Accounting
● When distribution or use of the auditor’s report on the audited FSs is restricted, or the auditor’s report
on the audited FSs alerts readers that the audited financial statements are prepared in accordance
with a special purpose framework, the auditor shall include a similar restriction or alert in the
auditor’s report on the summary FSs.
95
Republic Act No. 9298 – PHILIPPINE ACCOUNTANCY ACT OF 2004
(and its Implementing Rules and Regulations)
Objectives of the Philippine Accountancy Act:
a. The standardization and regulation of accounting education;
b. The examination for registration of CPAs; and
c. The supervision, control, and regulation of the practice of accountancy in the Philippines.
Scope of Practice of Accountancy:
Practice of accountancy shall include, both not limited to the following:
1. Practice of Public Accountancy – Practice of public accountancy shall constitute in a person,
be it his/her individual capacity, or as a partner or as a staff member in an accounting or
auditing firm, holding out himself/herself as one skilled in the knowledge, science and
practice of accounting, and as a qualified person to render professional services as a
certified public accountant.
2. Practice in Commerce and Industry – Practice in commerce and industry shall constitute in
a person:
a. Involved in decision making requiring professional knowledge in the science of accounting,
(as well as the accounting aspects of finance and taxation); or
b. When the CPA represents his employer before government agencies on tax and other
matters related to accounting
c. When such employment or position requires that the holder thereof must be a CPA.
The IRR provides that business or company in the private sector should employ a duly
registered CPA if:
a. Paid-up capital is at least P5.0 million; and/or
b. Annual revenue is at least P10.0 million
96
3. Practice in Education / Academe – Practice in education or the academe shall constitute in
a person in an educational institution which involve teaching of accounting, auditing,
management advisory services, finance, business law, taxation, and other technically related
subjects.
4. Practice in Government – Practice in the government shall constitute in a person who holds,
or is appointed to, a position in an accounting professional group in government or in a
government-owned and/or controlled corporation, including those performing proprietary
functions, where decision making requires professional knowledge in the science of
accounting, or where a civil service eligibility as a CPA is a prerequisite.
Limitations of the Practice of Public Accountancy:
● Single practitioners (individual CPAs) and Partnership of CPAs shall be registered CPAs in the
Philippines.
● The SEC shall not register any corporation organized for the practice of public accountancy. In other
words, corporation form of CPA firm is not allowed.
● A certificate of accreditation issued only after showing that the registrant has acquired the
minimum 3 years meaningful experience in any of the areas of accountancy (whether in the public
accountancy, commerce and industry, education/academe and government)
Certificate of Accreditation – a certificate under seal, issued by the PRC upon the recommendation by
the BOA, attesting that Individual CPAs, including the staff members thereof, firms including the sole
proprietors and the staff members thereof and partnerships of CPAs including the partners and the staff
members thereof, are duly accredited to practice public accountancy in the Philippines.
Prohibition in the Practice of Accountancy:
Non-CPAs:
● Are not allowed to practice accountancy in the Philippines
97
● Cannot use the title “Certified Public Accountant” or “CPA”
● Should not indicate (thru display or use any title, sign, card, advertisement, or other device)
that he practices or offers to practice accountancy or that he is a CPA
Non-Filipino professional accountants/CPAs:
● Are also not allowed to practice accountancy in the Philippines, unless:
a. Through foreign reciprocity
b. With valid temporary/special permit duly issued by the BOA and the PRC
Professional Regulatory Board of Accountancy (BOA):
● The BOA is the official government agency empowered to enforce RA 9298.
● BOA is under the supervision and administrative control of the Professional Regulation Commission
(PRC)
Composition of BOA:
● BOA shall be composed of a chairman and 6 members (all of which are to be appointed by the
President of the Philippines)
● BOA shall elect a vice-chairman from among its members for a term of 1 year.
According to the IRR, the 4 sectors in the practice of accountancy shall as much as possible be equitably
represented in the BOA.
Term of office of BOA members:
● The Chairman and the members of the BOA members shall hold office for a term of 3 years.
● Any vacancy during the term of a member shall be filled up for the unexpired portion of the term
only. Appointment to fill up an unexpired term is not to be construed as a complete term.
● No person who has served 2 successive complete terms shall be eligible for reappointment until the
lapse of 1 year.
● No person shall serve in the BOA for more than 12 years. (addition under the IRR)
98
CPA Examinations:
All applicants for registration for the practice of accountancy shall be required to undergo a
licensure examination to be given by the BOA in such places and dates as the PRC may designate subject
to compliance with the requirements prescribed by the PRC in accordance with Republic Act No. 8981.
1. Qualifications of Applicants for CPA Examinations:
a. Must be a Filipino citizen
b. Must be of good moral character
c. Must be a holder of the degree of BSA conferred by a school, college, academy or institute duly
recognized and/or accredited by the CHED or other authorized government offices, and
d. Has not been convicted of any criminal offense involving moral turpitude
2. Scope of Examinations:
The CPA examination shall cover the following subjects:
1. Financial Accounting and Reporting
2. Advanced Financial Accounting and Reporting
3. Management Advisory Services
4. Auditing
5. Taxation
6. Regulatory Framework for Business Transactions
3. Rating in the CPA Examinations:
● To pass the CPA exams – 75%; 65%: A candidate must obtain at least a general average of
75%, with no grades lower than 65% in any given subject.
● Conditional status: If a candidate obtains a rating of 75% and above in at least a majority of
the subjects tested, he/she will be given conditional credits for the subjects passed.
4. Removal Examination:
● The candidates with conditional status shall take an examination in the remaining subjects
within 2 years from the preceding examination.
99
● If the candidate fails to obtain at least a general average of 75% and a rating of at least 65%
in each of the subjects reexamined, he/she shall be considered as failed in the entire
examination.
● The original exam and the removal exam are counted as one exam only.
5. Candidates required to take Refresher Course:
● Any candidate who fails in 2 complete CPA exams shall be disqualified from taking another
set of examinations unless he/she submits evidence to the satisfaction of the BOA that
he/she enrolled in and completed a refresher course with at least 24 units of subjects given in
the CPA exams.
Ownership of Working Papers:
All working papers, schedules and memoranda made by a CPA and his staff in the course of an
examination, including those prepared and submitted by the client, incident to or in the course of an
examination, by such CPA, except reports submitted by a CPA to a client shall be treated confidential and
privileged and remain the property of such CPA in the absence of a written agreement between the CPA
and the client, to the contrary, unless such documents are required to be produced through subpoena
issued by any court, tribunal, or government regulatory or administrative body.
● Working papers – owned/property of the CPA/Practitioner
● Practitioner must observe the rule on confidentiality (subject to certain exceptions such as
production of documents through subpoena issued by any court, tribunal, or government
regulatory or administrative body).
Accredited Professional Organization (APO) – PICPA:
All registered CPAs whose names appear in the roster of CPAs shall be united and integrated
through their membership in a one and only registered and accredited national professional organization of
registered and licensed CPAs, which shall be registered with the SEC as a nonprofit corporation and
recognized by the BOA, subject to the approval by the PRC.
100
The members in the said integrated and accredited national professional organization shall receive
benefits and privileges appurtenant thereto upon payment of required fees and dues. Membership in the
integrated organization shall not be a bar to membership in any other association of CPA.
Continuing Professional Education (CPE) Program:
● Rationale: Voluntary compliance with the CPE program is an effective and credible means of
ensuring competence, integrity and global competitiveness of professional in order to allow them to
continue the practice of their profession.
● CPE Objective:
a. To provide and ensure the continuous education of a registered professional with the latest trends
in the profession brought about by modernization and scientific and technological advancements;
b. To raise and maintain the professional's capability for delivering professional services;
c. To attain and maintain the highest standards and quality in the practice of his profession;
d. To make the profession globally competitive; and
e. To promote the general welfare of the public.
● Continuing Professional Education (CPE) – refers to the inculcation assimilation and acquisition of
knowledge, skills, proficiency and ethical and moral values, after the initial registration of a
professional that raise and enhance the professional's technical skills and competence
● CPE program – consists of properly planned and structured activities, the implementation of which
requires the participation of a determinant group of professionals to meet the requirements of
voluntarily maintaining and improving the professional standards and ethics of the profession
101
AUDITING
PRACTICE
102
AUDIT PROGRAM FOR CASH
Audit Procedures:
1. Conduct a cash count of undeposited collections, petty cash, and other funds.
● Obtain custodian's signature to acknowledge return of items counted.
● Reconcile items counted with general ledger balances.
● Trace undeposited collections counted to bank reconciliation.
● Follow up dispositions of items in cash counted:
- Undeposited collections should be traced to bank deposits.
- Checks accommodated in petty cash should be deposited after the count to establish their
validity.
- IOUs in the petty cash should be confirmed and traced to collections in the next payroll
period.
- Expense vouchers should be traced to the succeeding replenishment voucher.
● Coordinate cash count with count of marketable securities and other negotiable assets of the client.
● Obtain confirmation of year-end fund balances of cash not counted in branches or other offices.
2. Confirm bank balance by direct correspondence with all banks in which the client has had deposits
and loans during the year.
3. Obtain barık reconciliation.
● Check arithmetical accuracy of reconciliation.
● Trace balance per book to the general ledger balance of the cash account.
● Trace balance per bank to bank statement and compare with the amount confirmed by the bank.
● Establish authenticity of reconciling items by reference to their respective sources, like:
- Bank debit or credit advices.
- Duly approved journal vouchers.
103
● Investigate checks outstanding for a long period of time.
- Consider adjustment, especially if the check is already stale.
- Consider the possibility of an erroneous preparation of the check.
● Investigate any unusual reconciling items.
● Where internal control over cash is weak, consider preparing a proof of cash reconciliation.
4. Obtain cutoff bank statement showing the client's transactions with the bank at least one week after
the reporting date, and:
● Trace year-end reconciling items, like:
- Deposit of the year-end undeposited collections.
- Completeness of year-end outstanding checks.
- Corrections of bank errors.
● Examine supporting documents of year-end outstanding checks that did not clear in the cutoff bank
statement.
5. Obtain a list of interbank transfers of funds a few days before and after the reporting date.
● Vouch supporting documents.
● Ascertain that the related receipts and disbursements were booked by the client within the same
day or at least within the same month.
6. Test reasonableness of cutoff by:
● Comparing dates of checks returned with cutoff bank statement to dates of recording in the cash
disbursements register.
● Tracing receipts recorded a few days before the reporting date to bank deposits.
7. Inspect savings account passbook and certificates of deposits.
104
● Reconcile with book balances.
● Update interest earned posting on passbooks, if necessary.
● Compare balances with bank confirmation reply.
8. Determine any restrictions on availability of cash.
9. Determine propriety of financial statement presentation and adequacy of disclosures.
105
AUDIT PROGRAM FOR RECEIVABLES
Audit Procedures:
1. Obtain a list of aged accounts receivable balances from the subsidiary ledger, and:
● Foot and cross-foot the list.
● Check if the list reconciles with the general ledger control account.
● Trace individual balances to the subsidiary ledger.
● Test the accuracy of the aging.
● Adjust non-trade accounts erroneously included in customers' accounts.
● Investigate and reclassify significant credit balances.
2. Test accuracy of balances appearing in the subsidiary ledger.
3. Confirm accuracy of individual balances by direct communication with customers.
● Investigate exceptions reported by customers and discuss with appropriate officer for proper
disposal.
● Send a second request for positive confirmation requests without any replies from customers.
● If the second request does not produce a reply from the customer, perform extended procedures,
like:
- Reviewing collections after year-end.
- Checking supporting documents.
- Discussing the account with appropriate officer.
● Discuss with appropriate officer, confirmation requests returned by the post office and perform
extended procedures..
● Prepare a summary of confirmation results.
106
4. Review correspondence with customers for possible adjustments.
5. Test propriety of cutoff:
● Examine sales recorded and shipments made a week before and after the end of the reporting
period and ascertain whether the sales were recorded in the proper period.
● Investigate large amounts of sales returned shortly after the end of the reporting period.
6. Perform analytical-procedures, like:
● Gross profit ratio
● Accounts receivable turnover
● Ratio of accounts written off to sales or balance of accounts receivable
● Compare with prior year and industry averages
7. Review individual balances and age of accounts with appropriate officer, and:
● Determine accounts that should be written off.
● Determine adequacy of allowance for doubtful accounts.
8. Obtain analyses of significant other receivables.
9. Ascertain whether some receivables factored, discounted, or assigned. are pledged,
10. Determine propriety of financial statement presentation and adequacy of disclosures.
11. Obtain receivable representation letter from client.
107
AUDIT PROGRAM FOR INVENTORIES
Audit Procedures:
1. Observe physical inventory counts.
● Test shipping and receiving cutoff procedures.
● Account for all inventory tags and count sheets used in recording the physical inventory counts.
● Test the clerical accuracy of inventory listings.
● Trace test counts recorded during the physical inventory observation to the inventory listing.
● Reconcile physical counts to perpetual records and general ledger balances and investigate
significant variations.
● Test inventory transactions between a preliminary physical inventory date and the end of the
reporting period.
2. Obtain confirmation of inventories at locations outside the entity.
3. Review perpetual inventory records, production records, and purchasing records for indications of
current activities.
4. Analytically review the relationship of inventory balances to recent purchasing, production, and sales
activities, and to anticipated sales volume.
5. Examine paid vendors' invoices, consignment agreements, and contracts.
6. Review direct labor rates.
7. Test the computation of standard overhead rates.
108
8. Examine analysis of purchasing and manufacturing standard cost variances.
9. Examine inventory turnover analysis.
10. Review industry experience and trends.
11. Tour the plant. Inquire of production and sales personnel concerning possible excess or obsolete
inventory items.
12. Examine sales after year-end and open purchase order commitments.
13. Obtain confirmation of inventories pledged under loan agreements.
14. Review drafts of the financial statements.
15. Compare the disclosures made in the financial statements to the requirements of PFRS.
109
AUDIT PROGRAM FOR INVESTMENTS
Audit Procedures:
1. Prepare or obtain an analysis of the investment account and:
● Trace to applicable general ledger balances.
● Vouch changes during the year by reference to board minutes and brokers' advices.
● Verify completeness of dividend and interest revenues, and where necessary, by reference to outside
published sources.
● Check footings and cross-footings.
2. Conduct securities count and:
● Inspect securities as to registered owner.
● Reconcile and compare details with investment analysis.
3. For securities held by an outside custodian:
● Arrange for a visit to the custodian and conduct a count; or
● Confirm from the custodian the details of securities held for the account of the entity.
4. Review minutes, agreements, and confirmation replies for evidence of liens, pledges, or other security
interests in the entity's investments and of commitments to acquire or dispose of investments.
5. Inspect market quotations, financial statements of investee(s), and other evidence to determine the
current value of investments.
6. Discuss with the entity the process used by management in classifying its investments.
110
7. Determine whether the client's investment activities are consistent with its business model for
managing financial assets.
8. Determine whether the decline in fair value of held-for- collection financial assets below amortized
cost is other than temporary and is properly recognized.
9. Verify computations of gains and losses from disposals of investments..
10. Verify calculations of amortization of premium or discount on held-for-collection financial assets.
11. Determine propriety of financial statement presentation and adequacy of disclosures.
111
AUDIT PROGRAM FOR PROPERTY, PLANT, AND EQUIPMENT
Audit Procedures:
EXAMINATION OF OPENING BALANCES
1. For a recurring engagement:
● Trace opening balances to last year's working papers.
2. For an initial audit where the previous years were audited:
● Vouch significant transactions to ascertain:
- Authorization
- Propriety of accounting
- Accounting principles applied
● Obtain permission from the client to refer to the working papers of the predecessor auditor. .
● Vouch documents evidencing ownership
3. For an initial audit where the previous years were unaudited:
● To the extent necessary to form an opinion on the accuracy of the opening balances, vouch
significant transactions to ascertain:
- Authorization
- Propriety of accounting
- Accounting policies applied
● Vouch documents evidencing ownership.
EXAMINATION OF CURRENT YEAR TRANSACTIONS
1. Obtain or prepare schedules of the property, plant, and equipment accounts and:
● Check footings and cross-footings.
● Determine if the schedules are in agreement with the general ledger control accounts.
112
● Trace individual balances to the detailed records or property cards.
● Consider physical inspection of significant items.
2. For acquisitions or debits to property, plant, and equipment accounts:
● Determine authorization by examining invoices, capital expenditure authorizations, leases, and other
evidence (e.g., in-house construction work orders) supporting additions to property, plant, and
equipment during the period. Test calculations of capitalized interest to determine the
appropriateness of rates, amounts, and capitalization periods used.
● Ascertain the business reasons for unusual additions.
3. For disposals or credits to property, plant, and equipment accounts:
● Examine authorizations and other data supporting retirements, sales, and other disposals of
property, plant, and equipment items.
● Test the computations of the resulting gains and losses.
● Determine that the assets disposed of and the related accumulated depreciation have been
properly derecognized.
● Ascertain the business reasons for unusual disposals.
4. For impaired property, plant, and equipment:
● Determine whether management has appropriately identified indications of impairment.
● Determine that the methods and assumptions used by management in estimating recoverable
value are reasonable.
● Ascertain if the impairment was properly recorded.
5. Examine lease contracts to determine whether leases are properly classified as finance or operating
and determine whether the proper accounting has been performed and appropriate disclosures have
been made.
113
6. Examine support for significant charges to repairs, maintenance, and other expense accounts to
determine if they should be capitalized to property, plant, and equipment.
7. Test computations of depreciation, depletion, and amortization to determine the appropriateness of
the methods and estimated lives used. Determine if they are consistent with the methods and lives used
in prior periods.
8. Review minutes of meetings, legal documents, and other evidence for evidence of liens, pledges, and
restrictions on property, plant, and equipment.
9. Search for unrecorded retirements by:
● Examination of cash receipts, tax declarations, insurance records, credits to scrap sales, and inquiry
of knowledgeable company personnel. A tour of the company plant to observe indications of
equipment removals.
10. Identify properties that are:
● Idle
● No longer in use
● Obsolete
and determine proper accounting recognition.
11. Reconcile payments to government for taxes and registration fees with recorded assets.
12. Ascertain that fully depreciated assets still in use or those that are held for sale are not further
depreciated.
13. Determine and discuss with appropriate official, the adequacy of insurance coverage.
114
14. Determine that property, plant, and equipment that are being held for disposal are carried at
appropriate amounts.
15. Determine propriety of financial statement presentation and adequacy of disclosures.
115
AUDIT PROGRAM FOR ACCOUNTS PAYABLE
Audit Procedures:
1. Obtain a list of accounts payable from the subsidiary ledger, and:
● Check its footing.
● Check if the list reconciles with the general ledger control account.
● Trace individual balances to the subsidiary ledger.
● Test accuracy of balances in the subsidiary ledger.
● Adjust non-trade accounts erroneously included in suppliers' accounts.
● Investigate and reclassify significant debit balances.
2. Confirm accuracy of individual balances appearing in the subsidiary ledger by requesting statements
of accounts from suppliers, and:
● Reconcile suppliers' statements of accounts with client records and investigate any discrepancy.
● If suppliers do not respond with the requests, perform extended procedures, like:
- Reviewing payments after year-end.
- Checking supporting documents.
- Discussing the account with appropriate officer.
3. Review correspondence with suppliers for possible adjustments.
4. Test propriety of cutoff:
● Examine purchases recorded and suppliers' deliveries made a week before and after the end of the
reporting period and ascertain whether the purchases were recorded in the proper period.
● Investigate large amounts of purchases returned shortly after the end of the reporting period.
116
5. Ascertain whether some payables are secured with asset pledges.
6. Compare payments after the reporting date with year- end schedule of accounts payable.
7. Review propriety of financial statement presentation and adequacy of disclosures.
8. Perform analytical review procedures.
9. Obtain accounts payable representation letter.
117
AUDIT PROGRAM FOR NONCURRENT LIABILITIES
Audit Procedures:
1. Obtain schedule/s of noncurrent liabilities, indicating:
As to general nature:
● Description or nature of the noncurrent liabilities.
● Creditor/s
● Original principal amount
● Interest rate
● Collateral and/or guarantees
● Terms, restrictions, conditions, and requirements imposed by the creditors
As to principal amount outstanding:
● Beginning-of-the-year balance
● Additions during the year
● Repayments or renewals during the year
● Balance at year-end
As to interest:
● Accrued or prepaid at the beginning of the year
● Amount incurred during the year
● Payments during the year
● Accrued or prepaid at year-end
2. Foot and cross-foot the schedule.
3. Verify accuracy of the schedule.
118
As to general nature:
● Obtain copies or excerpts of debt instruments and trace data to the schedule.
● As to principal amount outstanding:
● Trace beginning balances to last year's working papers, or in an initial audit, establish accuracy of
beginning balances by:
- Reference to debt instruments and prior year's recordings
- Tracing to beginning ledger balances
- Trace proceeds to cash receipts records for new liabilities incurred in the current year.
- Trace payments to cash disbursements records and canceled checks.
- Vouch to supporting documents the renewals in the current year.
- Agree working paper ending balances with the general ledger accounts.
As to interest:
● Trace beginning balances to last year's working papers, or in an initial audit:
- Establish accuracy by an independent computation based on debt instruments.
- Trace to beginning ledger balances.
● Recompute the interest:
- Incurred
- Accrued
- Prepaid
● Trace payments to cash records and canceled checks.
4. Verify authorizations by reference to minutes of the board of directors' meetings.
5. Confirm directly with the creditors or trustees the following:
● Principal amount still outstanding
● Interest rates
● Interest accrued
● Collateral and/or guarantees
119
6. Determine client's compliance with loan agreements.
7. Account for the used and unused debt instruments like bond certificates and promissory notes.
8. Ascertain proper cancelation of paid or retired debt instruments.
9. Recompute the accuracy of any discount or premium amortization.
10. Reconcile interest payments with recorded liabilities.
11. Verify propriety of financial statement presentation and adequacy of disclosures.
120
AUDIT PROGRAM FOR SHAREHOLDERS’ EQUITY
Audit Procedures:
1. Obtain a copy of the latest articles of incorporation and determine, for each class of share capital, the:
● authorized share capital;
● par or stated value; and
● preferences and limitations, if any.
2. Obtain a schedule of the share capital, subscribed share capital, and treasury share accounts
indicating the number of shares and amounts for the:
● beginning-of-year balances;
● additions and deductions for the current year; and
● end-of-year balances.
3. Foot and cross-foot the schedule.
4. Verify accuracy of the schedule.
● Trace beginning balances to last year's working papers or in case of an initial audit, establish
accuracy of beginning balances by:
- Test-tracing prior years' recordings and supporting documents.
- racing beginning balances to general ledger balances.
● Trace proceeds to cash receipts records for additional issues or subscriptions to share capital and
reissues of treasury shares.
● Trace payments for share capital retirements and acquisitions of treasury shares to cash
disbursements records and canceled checks.
● Agree working paper ending balances with the general ledger balances.
● Trace authorizations by reference to minutes of meetings of the board of directors and shareholders.
121
5. Where the client is being serviced by an independent transfer agent or registrar:
● Confirm share capital issued and treasury shares.
● Arrange for the inspection and count of treasury shares.
6. Where the client does not maintain an independent transfer agent or registrar:
● Obtain from the corporate secretary a schedule of:
- shareholders;
- subscribers;
- subscriptions receivable; and
- treasury shares. Foot and cross-foot the schedule..
● Test-trace to stock and transfer book.
● Trace balances per schedule to general ledger balances.
● Inspect and account for unissued, canceled, treasury share certificates.
● Determine if the treasury shares had been properly endorsed in favor of the corporation.
7. Confirm subscriptions receivable and consider collectibility.
8. Review articles of incorporation, by-laws, and minutes of meetings of the board of directors and
shareholders relating to share capital and related accounts.
9. Obtain schedules of other equity accounts, indicating:
● beginning-of-year balances;
● additions and deductions during the current year; and
● end-of-year balances.
10. Foot and cross-foot the schedules.
122
11. Verify the accuracy of the schedules.
● Trace beginning balances to last year's working papers or, in case of an initial audit, establish
accuracy of beginning balances by:
- Test-tracing to prior year's recordings and supporting documents.
- Tracing beginning balances to general ledger balances.
● For current year transactions:
- ascertain authorization; and
- determine propriety of accounting treatment.
● Agree working paper ending balances with general ledger balances.
12. Reconcile dividends paid to rates authorized in directors' minutes of meetings.
13. Ascertain compliance with the requirements of the Securities and Exchange Commission (SEC) and
other regulatory bodies and contractual obligations relating to capitalization of retained earnings.
14. Determine propriety of financial statement presentation and adequacy of disclosures.
123
AUDIT OF OTHER INCOME STATEMENT ITEMS
The specific audit objectives in the audit of operating expenses and other revenue and expenses are to
determine that:
● Operating expenses represent all amounts incurred for period-type expenditures (revenue
expenditures) in the company's operations and are properly recorded.
● All other revenue and expenses are properly recorded and represent unusual or infrequent
transactions (i.e., of a non-operating nature) that occurred during the current period.
● Operating expenses and other revenue and expenses are properly described and classified, and
adequate disclosures concerning these amounts have been made.
The audit of these accounts typically includes analytical review and one or more detail tests such as
analyses of accounts, vouching, cutoff tests, and review of financial statement presentation and
disclosures.
124
REFERENCES:
Pinnacle Handouts
(Compiled notes sourced from an anonymous user, referred to as tenoriaericaten)
CPAR AT Lectures
(Compiled notes sourced from an anonymous user, referred to as learningmaterials2024)
Auditing Theory Review Notes
(Compiled notes sourced from an anonymous user, referred to as learningmaterials2024)
CPA Examination Reviewer: Auditing Practice by Gerardo S. Roque
(Compiled notes sourced from an anonymous user)
You might also like
- Operational Auditing Essentials by MurdockNo ratings yetOperational Auditing Essentials by Murdock37 pages
- Income Taxes Week 1 Slides - With Ex SolutionNo ratings yetIncome Taxes Week 1 Slides - With Ex Solution30 pages
- Solution Manual Intermediate AccountingNo ratings yetSolution Manual Intermediate Accounting231 pages
- Accounting For Merchandising ActivitiesNo ratings yetAccounting For Merchandising Activities59 pages
- Introduction To Financial Statements and AuditNo ratings yetIntroduction To Financial Statements and Audit26 pages
- Database Management System: Ais Hall CH 9No ratings yetDatabase Management System: Ais Hall CH 910 pages
- Chapter - 5 Audit Working Papers By: Ghalib HussainNo ratings yetChapter - 5 Audit Working Papers By: Ghalib Hussain3 pages
- IMA Ethical Standards for Management AccountantsNo ratings yetIMA Ethical Standards for Management Accountants1 page
- Week 2 - Lesson 2 Costs in Managerial AccountingNo ratings yetWeek 2 - Lesson 2 Costs in Managerial Accounting7 pages
- ISA-400-Audit Risk, ISA-550-Related Parties ISA-600-Groups Audit, and ISA-620-Using The Work of An Auditor's ExpertNo ratings yetISA-400-Audit Risk, ISA-550-Related Parties ISA-600-Groups Audit, and ISA-620-Using The Work of An Auditor's Expert18 pages
- Lecture Topic 3b - Investing in Common StocksNo ratings yetLecture Topic 3b - Investing in Common Stocks52 pages
- Audit Assertions and Procedures ExplainedNo ratings yetAudit Assertions and Procedures Explained2 pages
- Degree of Confidence: Auditing Theory Review NotesNo ratings yetDegree of Confidence: Auditing Theory Review Notes103 pages
- Notes From Sir Red Sirug Handouts On Auditing TheoryNo ratings yetNotes From Sir Red Sirug Handouts On Auditing Theory104 pages
- Risk-Based Approach To Conducting A Quality AuditNo ratings yetRisk-Based Approach To Conducting A Quality Audit55 pages
- Legal Liability in Auditing: Key ConceptsNo ratings yetLegal Liability in Auditing: Key Concepts8 pages
- Statutory Audit Ready Reckoner 2025 1748721502No ratings yetStatutory Audit Ready Reckoner 2025 174872150287 pages
- CA Inter Audit A MTP 1 September 2025 WWW Castudynotes ComNo ratings yetCA Inter Audit A MTP 1 September 2025 WWW Castudynotes Com13 pages
- Quality Assurance Handbook For Financial AuditsNo ratings yetQuality Assurance Handbook For Financial Audits234 pages
- Independent Auditor's Report2 2025 - Revenue by FundingNo ratings yetIndependent Auditor's Report2 2025 - Revenue by Funding3 pages
- CA Inter Audit Sept25 Important Questions ListNo ratings yetCA Inter Audit Sept25 Important Questions List165 pages
