AUDITING THEORY RED SIRUG

INTRODUCTION TO AUDITING

Overview of Auditing

Auditing, Defined:
Auditing is “a systematic process of objectively obtaining and evaluating evidence regarding assertions
about economic actions and events to ascertain the degree of correspondence between those assertions
and established criteria and communicating the results to the interested users.”

Two processes of auditing:

a. Investigative process – involves the systematic gathering and evaluation of evidence as a basis
for determining whether assertions made by responsible person correspond with the established
criteria
b. Reporting process – involves communicating the audit opinion to interested users

Important Concepts:
1. Systematic process – auditing involves structured/logical series of sequential steps or
procedures known as the audit process

2. Objectively obtaining and evaluating evidence – auditing involves gathering and

evaluating sufficient appropriate audit evidence that will support the auditor’s opinion
· Objectivity refers to the combination of impartiality, intellectual honesty and
freedom from conflicts of interest.
· Audi evidence is the information obtained by the auditor in arriving at the
conclusions on which the audit opinion is based.

3. Assertions about economic actions and events – assertions are the subject matter of auditing
· In the context of audit of financial statements, assertions are representations of
management, explicit or otherwise, that are embodied in the financial statements. Assertions
include the accounts, balances/amounts and disclosures appearing on the face of the
financial statements (and in the notes to financial statements) and which the management
claims to be free of misstatements.
· Audit evidence gathered and evaluated by the auditor may support or contradict the
assertions of management.

4. Established criteria – the standards or benchmarks that are needed to judge the validity of
the assertions on the financial statements
· In the context of audit of financial statements, the established criteria are the
applicable financial reporting framework (for example, the PFRS).

5. Ascertain the degree of correspondence between assertions and established criteria

– The auditor’s objective is to determine whether the assertions conform with established
criteria, that is, whether the financial statements are prepared, in all material respects, in
accordance with the applicable financial reporting framework (such as the PFRS).

6. Communicating the results to the interested users – The ultimate objective of audit is the
communication of audit findings/opinion on the fairness of the financial statements to interested
users.
· Communicating results is achieved through issuance of a written audit report which
contains the audit opinion (or disclaimer of opinion).
· Interested users are the wide variety of financial statements users who rely on the
auditor’s opinion such as the stockholders, creditors, potential investors and creditors,
management, government agencies, and the public (in general).

FS audit is an Assurance Engagement:

Financial statements audit engagement is an assurance engagement because it provides a reasonable
(high but not absolute) level of assurance that the subject matter conforms in all material respects with
identified suitable criteria. It has the elements of an assurance engagement as follows:
1. Three Party Relationship:
a. Practitioner: Independent or External auditor
b. Responsible party: Client’s management
c. Intended users: Users of financial statements
2. Subject matter: Assertions/Financial statements of the client company

AT – Introduction to Auditing Red Sirug Page 1

 3. Criteria: Applicable financial reporting framework / GAAP in the Philippines (PFRS)
4. Sufficient appropriate evidence: Auditor obtains sufficient appropriate audit evidence as a
basis for audit conclusion/opinion
5. Written Assurance Report: Independent auditor’s report contains the audit
conclusion/opinion

Basic Distinctions between Auditing and Accounting:

· Auditing involves verification of financial statements as to its fairness of presentation while
accounting involves preparation and presentation of financial statements
· Auditing begins when accounting ends. Accounting precedes auditing because without financial
statements there could be no audit of financial statements.
· The end product of the accounting process is a set of financial statements while the end product of
the audit process is an auditor’s report.
· An auditor must be proficient/expert in accounting (since the auditor will use GAAP in evaluating
the fairness of the financial statements) as well as in auditing, specifically, in accumulation and
interpretation of audit evidence. An accountant need not be proficient in auditing.
· Auditing is considered as a separate discipline or field of study.
· As to frameworks/foundations:
Accounting – Framework for Preparation of Financial Statements
Auditing – Philippine Framework for Assurance Engagements
· Auditing is governed by generally accepted auditing standards (GAAS) while accounting is governed
by GAAP/PFRS

Elements of Theoretical Framework of Auditing:

Auditing concepts and standards are based on the following postulates and assumptions which form
part of the elements of theoretical framework of auditing:
1. An audit benefits the public. – the primary beneficiary of reliable financial statements are the
wide variety of users (intended users)
2. Financial data and statements to be audited are verifiable. – if financial statements are not
verifiable, there can be no audit
· Financial statements or data are verifiable if two or more qualified individuals, working
independently, each reach essentially similar conclusions.
3. The auditor should always maintain independence with respect to the client whose
financial statements are subject to audit. – audit opinion and the audit report would be of
little or no value if auditor is not independent
4. Effective internal control system reduces the possibility of errors and fraud affecting
the financial statements. – Internal control affects the reliability of the financial statements. The
stronger the internal control is, the lesser the possibility of errors and fraud, and consequently, the
more reliance on internal control can be placed or assurance that it can generate reliable
accounting data and financial statements.
5. There should be no long-term conflict between the auditor and the client management.
– Short-term conflicts may exist between the management who prepare the data and auditors who
examine the data but such conflicts must be resolve since both must be interested in fairness of
the financial statements.
6. Consistent application of GAAP results in fair presentation of FS. – The criterion in financial
statement audit is an identified or applicable financial reporting framework, which is usually the
PFRS.
7. What was held true in the past will continue to hold true in the future in the absence of
known conditions to the contrary. – Experience and knowledge accumulated from auditing a
client in prior years can be used to determine the appropriate audit procedures that need to be
performed.

Need for Independent Audit of Financial Statements:

The market for auditing services is driven demand by external users for reliable, dependable or fairly
stated financial statements that they will use in making economic decisions. Such demand is the primary
economic reason for an audit of financial statements. Users demand for reliable financial statements
because of information risk, that is, the risk that the financial statements that will be used for decision-
making are materially misleading, unreliable or inaccurate.

Four primary factors that contribute to information risk (causes of information risk):
1. Remoteness of information users from information providers
2. Potential bias and motives of information provider
3. Voluminous data, and
4. Complex exchange transactions

AT – Introduction to Auditing Red Sirug Page 2

 Methods or ways to reduce information risk:
1. Allow users to verify information such as in case of due diligence audit
2. Let users share information risk with management
3. Have the financial statements audited – the most commonly used method

Four Conditions/Reasons that gave rise to a Demand for Independent Audit:

a. Potential conflict of interest between users and preparers of the financial
information can result in biased information – Client management may not be objective in
financial reporting. It may provide impressive but biased, unrealistic, or misleading financial
statements to obtain benefits that it seeks. On the other hand, financial statement users need
unbiased, realistic, or reliable financial statements.
b. Remoteness of users – Users do not have access to entity’s records to personally verify
the reliability of the financial information.
c. Complexity of subject matter requires expertise – Expertise is often required for
information preparation and verification. Users of financial statements are not equipped with the
necessary skills, competence, and knowledge of complexities of accounting and auditing to
determine whether the financial statements are reliable.
d. Consequence for decision making – Financial statements are used for important
decisions that involve significant amount of money. If a decision is based on misleading financial
information, it could have substantial financial or economic consequences on decision makers.

Another condition that gave rise to demand for audit of financial statements is the stewardship or
agency theory which means that management wants the credibility an audit adds to the financial
statement to enhance stewardship of the financial statement and to lessen the owner’s mistrust of
the management.

Examples of Instances Requiring Independent Financial Statements Audit:

· Application for a bank loan
· Establishing credit worthiness for purchase of merchandise, equipment, or other assets
· Reporting financial position, operating results, and cash flows to absentee owners (stockholders or
partners)
· SEC requirements:
Issuance of securities by a corporation
Annual financial statements by a corporation with securities listed on a stock exchange or
traded over the counter
· Sale of a business (such as merger) requires due diligence audit
· Termination of a partnership
· Preparation of income tax returns
· Establishing losses from fire, theft and burglary
· Bankruptcy and insolvency cases

Audit of Financial Statements

Audit of financial statements is the objective or independent examination of financial statements of

an entity to enable the auditor to express an opinion on thereon, that is, whether the financial statements
are prepared, in all material respects, in accordance with an applicable financial reporting framework.

In an audit of financial statements, the entity subject to audit may be profit-oriented or not,
irrespective of size and legal form.

Synonymous terms:
Audit of financial statements is sometimes called:
· Independent audit because in an audit of financial statements the auditor is independent
of the client subject to audit.
· External audit because it is performed by an external auditor who is not an employee of
the client subject to audit.
· Independent financial statement audit
· Financial statement audit
· Financial audit

Various descriptions:
Independent auditing has been described in a variety of ways, as follows:
· It involves objective examination of and reporting on financial statements prepared by
management
· It is a discipline which attests to the results of accounting and other functional operations

AT – Introduction to Auditing Red Sirug Page 3

 and data.
· It lends credibility to the financial statements.
· It provides increased assurance to users as to the fairness of the financial statements.
· Its essence is to determine whether the client’s financial statements are fairly stated.
· It enhances the degree of confidence of interested users in the financial statements.
· It provides reasonable assurance that the financial statements fairly reflect the economic
substance of the transactions and events reflected in those statements.

Purpose of an Audit of Financial Statements:

The purpose of an audit is to enhance the degree of confidence of intended users in the financial
statements. Such purpose is achieved by the expression of an opinion by the auditor on whether the
financial statements are prepared, in all material respects, in accordance with an applicable financial
reporting framework.

Objective of an Audit of Financial statements:

The objective of an audit of financial statements is to enable the auditor to express an opinion on
whether the financial statements are prepared, in all material respects, in accordance with an identified
financial reporting framework.

Overall Objectives of the Independent Auditor:

a. To obtain reasonable assurance about whether the financial statements as a whole are free from
material misstatement, whether due to fraud or error.

· Reasonable assurance means high, but not absolute, level of assurance

· Reasonable assurance is the basis for the auditor’s opinion. Reasonable assurance is
achieved when the auditor has obtained sufficient appropriate audit evidence to reduce audit
risk to an acceptably low level.

b. To report on the financial statements and to communicate such report in accordance with
the auditor’s findings.

Auditor’s opinion and reasonable assurance:

The auditor's opinion, as expressed in the auditor’s report, enhances the credibility of the
financial statements by providing a reasonable assurance that the financial statements are fairly
presented or free from material misstatement.

Audit opinion is based on whether reasonable assurance is obtained:

1. When reasonable assurance is obtained: Auditor shall express an unqualified
opinion
2. When reasonable assurance cannot be obtained: The auditor is required to:
a. Express a qualified opinion in the auditor’s report
b. If qualified opinion is insufficient in the circumstances:
· Disclaim an opinion or
· Withdraw from the engagement, where withdrawal is legally permitted

Audit Opinion and Audit Report:

· Audit opinion:
® In a financial statement audit, the auditor obtains sufficient appropriate audit evidence to be
able to draw conclusions on which to base the audit opinion. The auditor’s opinion is on the
fairness of the audited financial statements.
® The auditor's opinion helps establish the credibility of the financial statements.
· Auditor’s report:
® The primary product of an audit engagement
® The end product of the audit process
® A written report that contains auditor’s opinion about the fairness of the financial statements
® The medium through which the auditor communicates the results of his or her work

Importance of audit opinion/audit report:

· It lends credibility to the financial statements.
· It provides increased assurance (reasonable assurance) to users as to the fairness of the
financial statements.

Financial statement audit (or the audit opinion and auditor’s report) is:
· NOT a certification or guarantee as to accuracy or fairness of the financial statements.
· NOT an assurance as to future viability of the entity.

AT – Introduction to Auditing Red Sirug Page 4

 · NOT an assurance as to efficiency or effectiveness of the client’s business operations.
· NOT attestation as to the financial strength of an entity, the wisdom of its management
decisions, or the risk of doing business with it.

Standard Independent Auditor’s Report (pls. refer to PSA 700 or page 1079 of your textbook)

Scope of an Audit of Financial Statements:

The auditor’s work is related to his responsibilities:
· Express an audit opinion on the financial statements: The primary responsibility of the
auditor is to express an opinion on the financial statements. The audit opinion deals with whether
the financial statements are prepared, in all material respects, in accordance with the applicable
financial reporting framework.
· Opinion on other specific matters: When an applicable law or regulation requires an auditor to
provide opinions on other specific matters (such as the effectiveness of internal control, or the
consistency of a separate management report with the financial statements) the auditor would be
required to undertake further work if he had additional responsibilities to provide such opinions.

Financial Statements:
· Financial statements are a structured representation of historical financial information
(including related notes which comprise a summary of significant accounting policies and
other explanatory information), intended to communicate an entity’s economic resources or
obligations at a point in time or the changes therein for a period of time in accordance with
a financial reporting framework.
· The term “financial statements” ordinarily refers to a complete set of financial statements,
but can also refer to a single financial statement.

End Products of Audit Engagement:

a. Independent auditor’s report – the primary product of financial statement audit engagement
b. Certain other communication and reports – other communication and reporting
responsibilities to users, management, those charged with governance, or parties outside the
entity, in relation to matters arising from the audit (as may be required by the PSAs or by
applicable laws or regulations)
Examples:
· Communication with those charged with governance
· Auditor’s responsibilities relating to fraud in an audit of financial statements

Management Responsibility for the Financial Statements:

An audit in accordance with PSAs is conducted on the premise that management and, where
appropriate, those charged with governance have acknowledged and understand that they have
responsibility over the financial statements. This responsibility includes not only the preparation and
presentation of the financial statements but also internal control and providing the auditor with information
that is necessary in the conduct of audit.

Management responsibility over the financial statements includes:

1. Responsibility for the preparation and presentation of the financial statements in
accordance with the applicable financial reporting framework which includes:
a. Identification of applicable financial reporting framework, in the context of any relevant
laws or regulations
b. Preparing the financial statements in accordance with that framework
c. Adequate description of that framework in the financial statements
d. Making reasonable accounting estimates
e. Selecting and applying appropriate accounting policies
2. Responsibility for designing, implementing and maintaining internal control that is relevant
or necessary to enable the preparation of financial statements that are free from material
misstatement, whether due to fraud or error, and
3. Responsibility to provide the auditor with:
a. All information (such as records, documentation and other matters) that are relevant to
the preparation and presentation of the financial statements
b. Any additional information that the auditor may request from management for the
purpose of the audit; and
c. Unrestricted access to persons within the entity from whom the auditor determines it
necessary to obtain audit evidence.

Auditor’s Responsibility Vs. Client Management’s Responsibility:

AT – Introduction to Auditing Red Sirug Page 5

 · The client management, with oversight from those charged with governance, has the
responsibility for the preparation and presentation of the financial statements in accordance with
the applicable financial reporting framework. In other words, the management is primarily
responsible for the fairness of the financial statements.
· The auditor’s responsibility for the financial statements is confined or limited to the
expression of opinion on them. The audit of the financial statements does not relieve management
or those charged with governance of their responsibilities over the financial statements because the
auditor merely audits the financial statements.

However, an auditor may make suggestions on the form and content of financial statements or may
draft statement.

Applicable Financial Reporting Framework:

Applicable financial reporting framework means:
· The financial reporting framework adopted by management (and, where appropriate, those
charged with governance) in the preparation of the financial statements that is acceptable in view
of the nature of the entity and the objective of the financial statements, or
· The financial reporting framework that is required by law or regulation

Financial reporting frameworks encompass primarily the financial reporting standards established
by an organization that is authorized or recognized to promulgate standards to be used by entities for
preparing general purpose financial statements are often designed to achieve fair presentation, for
example, Philippine Financial Reporting Standards (PFRSs).

Sources of Applicable Financial Reporting Framework:

1. Main sources: The applicable financial reporting framework often encompasses financial reporting
standards established by:
· An authorized or recognized standards setting organization
· Legislative or regulatory requirements
2. Other sources:
· The legal and ethical environment (including statutes, regulations, court decisions, and
professional ethical obligations in relation to accounting matters)
· Published accounting interpretations of varying authority issued by standards setting,
professional or regulatory organizations
· Published views of varying authority on emerging accounting issues issued by standards
setting, professional or regulatory organizations
· General and industry practices widely recognized and prevalent; and
· Accounting literature

Where conflicts exist between the financial reporting framework and the sources from which direction
on its application may be obtained, or among the sources that encompass the financial reporting
framework, the source with the highest authority prevails.

Acceptability of the Financial Reporting Framework

The auditor should determine whether the financial reporting framework adopted by management in
preparing the FS is acceptable. An acceptable financial reporting framework is what is referred to as the
“applicable financial reporting framework.” The auditor determines whether the financial reporting
framework adopted by management is acceptable in view of the nature of the entity (for example, whether
it is a business enterprise, a public sector entity or a not for profit organization) and the objective of the FS.

In financial statements audit, financial reporting frameworks that are acceptable as valid criteria
include:
1. Philippine Financial Reporting Standards (PFRSs)
2. Philippine Accounting Standards (PASs)
3. International Accounting Standards (IASs)
4. Other authoritative basis

Financial statements need to be prepared in accordance with one, or a combination of the above-cited
financial reporting framework.

Requirements Relating to an Audit of Financial Statements:

1. Relevant ethical requirements – The auditor shall comply with relevant ethical requirements,
including those pertaining to independence, relating to financial statement audit engagements.

AT – Introduction to Auditing Red Sirug Page 6

 Relevant ethical requirements ordinarily comprise:
a. Code of Ethics for Professional Accountants in the Philippines (the Code of Ethics)
promulgated by the Board of Accountancy

Compliance with the Code of Ethics is necessary in order to ensure the highest quality of
performance and to maintain public confidence in the profession and in the context of audit of
financial statements, maintain public confidence in the auditor’s work.

(1) Part A of the Code of Ethics – establishes the fundamental principles of

professional ethics relevant to the auditor when conducting an audit of financial statements
and provides a conceptual framework for applying those principles
The fundamental principles of professional ethics are:
a) Integrity
b) Objectivity
c) Professional competence and due care
d) Confidentiality, and
e) Professional behavior
(2) Part B of the Code of Ethics – illustrates how the conceptual framework is to be
applied in specific situations
(3) Independence requirements
· It is in the public interest that the auditor be independent of the entity subject to the
audit.
· The auditor’s independence from the entity safeguards the auditor’s ability to form an
audit opinion without being affected by influences that might compromise that opinion.
· Independence enhances the auditor’s ability to act with integrity, to be objective and
to maintain an attitude of professional skepticism.
Independence requirements comprise of both:
a) Independence of mind
b) Independence in appearance
b. National requirements that are more restrictive
c. Philippine Standard on Quality Control (PSQC) – require the CPA firm to establish and
maintain its system of quality control designed to provide it with reasonable assurance that the
firm and its personnel comply with relevant ethical requirements, including those pertaining to
independence

2. Professional scepticism – The auditor shall plan and perform an audit with professional
scepticism recognizing that circumstances may exist that cause the financial statements to be
materially misstated.

Professional skepticism is an attitude that includes a questioning mind, a critical assessment of

validity of audit evidence, and being alert to conditions which may indicate possible misstatement
due to error or fraud.
· Professional skepticism is necessary because of the possibility that the financial statements
may be materially misstated. For example, the auditor would ordinarily expect to find
evidence to support management representations and not assume they are necessarily
correct.
· In planning and performing the audit, the auditor neither assumes that the management is
honest nor assumes unquestioned honesty.

Professional skepticism is necessary to the critical assessment of audit evidence. This includes:
a. Questioning contradictory audit evidence
b. Considering the reliability of documents and responses to inquiries and other
information obtained from management and those charged with governance
c. Considering the sufficiency and appropriateness of audit evidence obtained in the light
of the circumstances (for example, in the case where fraud risk factors exist and a single
document, of a nature that is susceptible to fraud, is the sole supporting evidence for a
material financial statement amount)

Professional skepticism includes being alert to:

· Audit evidence that contradicts other audit evidence obtained.
· Information that brings into question the reliability of documents and responses to
inquiries to be used as audit evidence.
· Conditions that may indicate possible fraud.
· Circumstances that suggest the need for audit procedures in addition to those required
by the PSAs.

AT – Introduction to Auditing Red Sirug Page 7

 Maintaining professional skepticism throughout the audit is necessary to reduce the risks of:
· Overlooking unusual circumstances.
· Over generalizing when drawing conclusions from audit observations.
· Using inappropriate assumptions in determining the nature, timing and extent of the
audit procedures and evaluating the results thereof.

A belief that they are honest and have integrity does not relieve the auditor of the need to
maintain professional skepticism in conducting the audit.

3. Professional judgement – The auditor shall exercise professional judgment in planning and
performing an audit of financial statements.

Professional judgment is essential to the proper conduct of an audit. This is because interpretation
of relevant ethical requirements and the PSAs and the informed decisions required throughout the
audit cannot be made without the application of relevant knowledge and experience to the facts
and circumstances.

Professional judgment is necessary on decisions about:

· Materiality
· Audit risk
· Nature, timing and extent of audit procedures used to meet the requirements of the
PSAs and gather audit evidence
· Evaluating whether sufficient appropriate audit evidence has been obtained
· Evaluation of management’s judgments in applying the entity’s applicable financial
reporting framework.
· Drawing of conclusions based on the audit evidence obtained (for example, assessing
the reasonableness of the estimates made by management in preparing the financial
statements)

Professional judgment needs to be exercised throughout the audit. It also needs to be

appropriately documented. In this regard, the auditor is required to prepare audit
documentation sufficient to enable an experienced auditor, having no previous connection with
the audit, to understand the significant professional judgments made in reaching conclusions
on significant matters arising during the audit.

4. Sufficiency and appropriateness of audit evidence and audit risk – To obtain reasonable
assurance, the auditor shall obtain sufficient appropriate audit evidence to reduce audit risk to an
acceptably low level and thereby enable the auditor to draw reasonable conclusions on which to
base the auditor’s opinion.

a. Sufficiency and appropriateness of audit evidence

Audit evidence includes information used by the auditor in arriving at the conclusions on
which the auditor’s opinion is based.
· Audit evidence is necessary to support the auditor’s opinion and report.
· Most of the auditor’s work in forming the auditor’s opinion consists of obtaining and
evaluating audit evidence.
· Audit evidence is cumulative in nature and is primarily obtained from audit procedures
performed during the course of the audit.
· Audit evidence comprises both information that supports and corroborates
management’s assertions, and any information that contradicts such assertions.
· Audit evidence includes both:
(a) Information contained in the accounting records underlying the financial
statements and
(b) Other information

Sufficiency is the measure of the quantity of audit evidence. Sufficiency is influenced or

affected by:
(1) The auditor’s assessment of the risks of misstatement (the higher the assessed
risks, the more audit evidence is likely to be required) and
(2) The quality of such audit evidence (the higher the quality, the less may be
required)

Appropriateness is the measure of the quality of audit evidence; that is, its relevance
and its reliability in providing support for the conclusions on which the auditor’s opinion is
based. The reliability of evidence is influenced by its source and by its nature, and is dependent
on the individual circumstances under which it is obtained.

AT – Introduction to Auditing Red Sirug Page 8

 • The sufficiency and appropriateness of audit evidence are interrelated.
• Whether sufficient appropriate audit evidence has been obtained to reduce audit risk
to an acceptably low level, and thereby enable the auditor to draw reasonable
conclusions on which to base the auditor’s opinion, is a matter of professional
judgment.
• Obtaining more audit evidence may not compensate for its poor quality.

Sources of audit evidence:

a. Primarily obtained from audit procedures performed during the course of the audit
b. May be obtained from other sources such as:
• Previous audits (provided the auditor has determined whether changes have
occurred since the previous audit that may affect its relevance to the current
audit) or
• A firm’s quality control procedures for client acceptance and continuance
• The entity’s accounting records
• An expert employed or engaged by the entity
• In some cases, the absence of information (for example, management’s
refusal to provide a requested representation) is used by the auditor, and
therefore, also constitutes audit evidence.

b. Audit risk
Audit risk is the risk that the auditor expresses an inappropriate opinion when the financial
statements are materially misstated. Audit risk is a function of the risks of material
misstatement and detection risk.

Audit risk does not include the risk that the auditor might express an opinion that the
financial statements are materially misstated when they are not. Audit risk is a technical
term related to the process of auditing; it does not refer to the auditor’s business risks such
as loss from litigation, adverse publicity, or other events arising in connection with the audit
of financial statements.

Components of audit risk:

1. Risk of material misstatements is the risk that the financial statements are materially
misstated prior to audit.
Risk of material misstatement may exist at two levels:
· Overall financial statement level – refer to risks of material misstatement that
relate pervasively to the financial statements as a whole and potentially affect many
assertions
· Assertion level – refer to risks of material misstatement that relate to classes of
transactions, account balances, and disclosures
Risks of material misstatement at assertion level (inherent risk and control risk) are the
entity’s risks; they exist independently of the audit of the financial statements. Such
risks are assessed in order to determine the nature, timing and extent of further audit
procedures necessary to obtain sufficient appropriate audit evidence.
Risk of material misstatement at the assertion level has two components:
(a) Inherent risk – the susceptibility of an assertion about a class of transaction,
account balance or disclosure to a misstatement that could be material, either
individually or when aggregated with other misstatements, before consideration of
any related controls
(b) Control risk – the risk that a misstatement that could occur in an assertion about
a class of transaction, account balance or disclosure and that could be material,
either individually or when aggregated with other misstatements, will not be
prevented, or detected and corrected, on a timely basis by the entity’s internal
control

Control risk is a function of the effectiveness of the design, implementation and

maintenance of internal control by management to address identified risks that
threaten the achievement of the entity’s objectives relevant to preparation of
the entity’s financial statements. However, internal control, no matter how well
designed and operated, can only reduce, but not eliminate, risks of material
misstatement in the financial statements, because of the inherent limitations of
internal control. Accordingly, some control risk will always exist.

AT – Introduction to Auditing Red Sirug Page 9

 2. Detection risk is the risk that the procedures performed by the auditor to reduce audit
risk to an acceptably low level will not detect a misstatement that exists and that could be
material, either individually or when aggregated with other misstatements.

Detection risk relates to the nature, timing and extent of the auditor’s procedures that
are determined by the auditor to reduce audit risk to an acceptably low level. It is therefore
a function of the effectiveness of an audit procedure and of its application by the auditor.

5. The auditor shall conduct an audit in accordance with PSAs

· PSAs contain basic audit principles and essential procedures together with related
guidance in the form of explanatory and other material which the auditor should follow

An audit in accordance with PSAs includes:

a. Compliance with PSAs relevant to the audit
1) Compliance with all PSAs relevant to the audit (a PSA is relevant to the audit
when the PSA is in effect and the circumstances addressed by the PSA exist)
2) The use of the objectives stated in relevant PSAs in planning and performing the
audit to achieve the overall objectives of the auditor.
The auditor is required to use the objectives to evaluate whether sufficient
appropriate audit evidence has been obtained in the context of the overall
objectives of the auditor. If as a result the auditor concludes that the audit
evidence is not sufficient and appropriate, then the auditor may follow one or more
of the following approaches:
• Evaluate whether further relevant audit evidence has been, or will
be, obtained as a result of complying with other PSAs;
• Extend the work performed in applying one or more requirements;
or
• Perform other procedures judged by the auditor to be necessary in
the circumstances.

3) In addition, the auditor should also consider Philippine Auditing Practice Statements
(PAPSs). PAPSs provide interpretative guidance and practical assistance to auditors in
implementing the PSAs and to promote good practice in the accountancy profession.

Departure from a relevant requirement in a PSA:

· In exceptional circumstances wherein the auditor may judge it necessary to depart from a
relevant requirement in a PSA, the auditor shall perform alternative audit procedures to achieve
the aim of that requirement.

· The need for the auditor to depart from a relevant requirement is expected to arise only
where the requirement is for a specific procedure to be performed and, in the specific
circumstances of the audit, that procedure would be ineffective in achieving the aim of the
requirement.

Concept of Reasonable Assurance:

· Although an audit of financial statements in accordance with PSAs lends credibility to the
financial statements, such audit is designed to provide only reasonable assurance, rather than
absolute assurance, that the financial statements taken as a whole are free from material
misstatement, whether due to fraud or error. In other words, the level of assurance provided by an
audit of detecting a material misstatement is reasonable assurance.
· Reasonable assurance means high, but not absolute, assurance. Reasonable assurance refers to
the conclusion of the auditor or the gathering of the audit evidence necessary for the auditor to
conclude that there are no material misstatements in the financial statements, taken as a whole.
· Reasonable assurance relates to the whole audit process. Reasonable assurance is achieved when
the auditor has reduced audit risk to an acceptably low level by designing and performing audit
procedures to obtain sufficient appropriate audit evidence to be able to draw reasonable
conclusions on which to base an audit opinion.
· Absolute assurance in audit of financial statements is not attainable. Accordingly, the audit opinion
is not a guarantee or certification that the financial statements are free from material
misstatements.
· Reasonable assurance recognizes the existence of audit risk. It is the complement of audit
risk.

Limitations of Financial Statements Audit:

AT – Introduction to Auditing Red Sirug Page 10

 The auditor is not expected to, and cannot, reduce audit risk to zero and cannot therefore obtain
absolute assurance that the financial statements are free from material misstatement due to fraud or error
because there are inherent limitations of an audit that affect the auditor’s ability to detect material
misstatements.

The inherent limitations of an audit arise from:

• Nature of financial reporting – The nature of financial reporting requires management
judgments such as those as to application of the entity’s applicable financial reporting
framework and as to making reasonable accounting estimates.
• Time and cost constraint – The audit should be conducted within a reasonable period of
time and at a reasonable cost.
• Possibility of incompleteness of information – There is the possibility that management
or others may not provide, intentionally or unintentionally, the complete information.
Accordingly, the auditor cannot be certain of the completeness of information, even though the
auditor has performed audit procedures to obtain assurance that all relevant information has
been obtained.
• Undetected fraud – Fraud is specifically designed not to be detected. Fraud may involve
sophisticated and carefully organized schemes designed to conceal it. Therefore, audit
procedures used to gather audit evidence may be ineffective for detecting an intentional
misstatement that involves, for example, collusion to falsify documentation which may cause
the auditor to believe that audit evidence is valid when it is not. The auditor is neither trained
as nor expected to be an expert in the authentication of documents. Thus, there is always the
possibility that fraud will not be detected.
• Auditor has no specific legal powers – An audit is not an official investigation into alleged
wrongdoing. Accordingly, the auditor is not given specific legal powers, such as the power of
search, which may be necessary for such an investigation.
• Need for auditor’s judgment – The auditor’s work requires exercise of professional
judgment such in the following matters:
® Identifying and addressing risk factors
® Deciding what evidence to gather
® Making decisions about materiality and audit risk
® Gathering and evaluating audit evidence (for example, in deciding the nature, timing and
extent of audit procedures)
® Evaluating management’s judgments in applying the entity’s applicable financial reporting
framework.
® Assessing the sufficiency and appropriateness of audit evidence
® Drawing of conclusions based on the evidence gathered
® Forming an opinion (the phrase “in our opinion” in the auditor’s report is intended to inform
that auditors based their conclusions on professional judgment)
• Use of testing – The auditor uses testing and other means of examining populations in a
manner that provides a reasonable basis for the auditor to draw conclusions about the
population. An audit is conducted on a test basis or by examining only sample of less than
100% of a population. This may introduce some risk that a misstatement will not be detected.
• Direction of audit work – Audit effort is directed to areas most expected to contain risks of
material misstatement, whether due to fraud or error, with correspondingly less effort directed
at other areas.
• Possibility of occurrence of non-compliance with laws and regulations. Auditor’s
responsibility is to detect non-compliance with material direct-effect on the financial
statements.
• Inherent limitations of accounting and internal control – Although the auditor performs
audit procedures to detect material misstatements, such procedures may not be effective in
detecting misstatements resulting from the possibility of:
® Management override of controls
® Circumvention of internal control
® Collusion among employees
• Reliance on management representation – Some audit evidence must be obtained by
obtaining oral or written representations from management because many financial statements
assertions cannot be audited.
• Nature of audit evidence available – This is the fact that most of the evidence available to
the auditor is persuasive, rather than conclusive, in nature.
• Availability of audit evidence – Insufficient support may be available for drawing absolute
conclusions on specific assertions such as fair value estimates.
• Other limitations may affect the persuasiveness of audit evidence available to draw
conclusions on particular assertions – For example, existence and completeness of related
parties transactions and relationships.

AT – Introduction to Auditing Red Sirug Page 11

 Note:
· Physical limitations of auditors due to fatigue and stress are not a limitation of audit.
· Because of the inherent limitations of an audit, there is an unavoidable risk that some material
misstatements of the financial statements may not be detected, even though the audit is
properly planned and performed in accordance with PSAs. Accordingly, the subsequent
discovery of a material misstatement of the financial statements resulting from fraud or error
does not by itself indicate a failure to conduct an audit in accordance with PSAs.

Concept of Materiality and Audit Risk:

The auditor obtains and evaluates audit evidence to obtain reasonable assurance about whether the
financial statements are fair or are presented fairly, in all material respects, in accordance with the
applicable financial reporting framework. The term " present fairly, in all material respects ": The
auditor considers only those matters that are significant to the financial statements users.

1. Materiality – the magnitude of misstatement or omission; the ability to influence the economic
decision of reasonable financial statement user

When is information material? Information is material if it could influence the economic decision
of financial statements users. In other words, if it is probable that the judgment of a reasonable
person would have been changed or influenced by the omission or misstatement of information,
then that information is material.

2. Audit Risk – the risk that audit opinion is inappropriate when the financial statements are
materially misstated
· Specifically, audit risk is the risk that the auditor expresses an unqualified (or clean) audit
opinion when the financial statements are materially misstated.
· The concept of reasonable assurance acknowledges the existence of audit risk.

General Types of Audit

1. According to objectives or nature of assertion

a. Financial statement audit – an audit conducted to determine whether the financial
statements of an entity are fairly presented in accordance with an identified financial reporting
framework (namely, the PFRS)

An of financial statements is the type of audit most frequently performed by CPAs (due to the
widespread use of audited financial statements) on a fee basis and for more than one client.

b. Compliance audit: a review of an entity’s degree of compliance with applicable laws and
rules/regulations or contracts
· Compliance audits are usually performed by government auditors

Examples: Examination conducted by:

i) BIR examiners: compliance of taxpayers with tax law, rules or regulations
ii) BSP examiners: compliance of banks with banking laws, rules or regulations
iii) COA auditors: compliance of government transactions/expenditures with the
requirements of applicable laws, rules or regulations

c. Operational audit involves a systematic review and evaluation of the specific operating units
(or procedures, methods or activities) of an organization in relation to specified objectives for the
purpose of measuring/assessing its performance in terms of efficiency and effectiveness of
operations, identifying opportunities for improvement and making recommendations to improve
performance (such as introduction of controls to reduce waste).
· Also called performance audit or management audit
· Example: Evaluation of a company’s computerized accounting system ·
Operational audits are usually performed by internal auditors

Internal auditor's responsibilities in operational audits:

In operational audits, the company's management is responsible for setting operating
standards. In contrasts, the internal auditor's responsibilities are to determine that:
a. Management has established such standards.
b. The standards are being met.
c. Deviations from established standards are being identified and corrected.
d. Corrective action has been taken.

AT – Introduction to Auditing Red Sirug Page 12

 Objective of operational auditing:
a. To assess performance in terms of efficiency and effectiveness of operations
Efficiency relates to use of its resources, while effectiveness relates to accomplishing
objectives.
(1) Effectiveness – To verify fulfillments of plans and sound business requirements
(2) Efficiency – To determine whether the entity is managing or utilizing its resources
economically and efficiently
b. To identify areas for improvement
c. To develop recommendations to improve performance (such as introduction of controls to
reduce waste)

Operational audit includes:

· Program or effectiveness audit: an audit to determine whether the entity has been
effective in achieving the desired results or benefits of the program or activity
· Economy audit: an audit to determine whether company objectives or goals are met at a
cost commensurate with the task
· Efficiency audit: whether company objectives or goals are met at the least or minimal
costs or resources

Major differences between financial and operational auditing:

· The financial audit is oriented to the past whereas an operational audit concerns
performance for the future.
· The financial audit report is distributed to many readers whereas the operational audit
report goes to a few managers.
· Financial audits are limited to matters that directly affect the financial statements whereas
operational audits cover any aspect of efficiency and effectiveness.

2. According to types of auditor or their affiliation with the entity being examined:
a. External / Independent audit: performed by practitioners or independent CPAs who offer
their professional services for a fee to various clients on a contractual basis
· Independent or external auditors are not employees of the client
· External audit complements internal audit

b. Internal audit: audit performed by entity’s own employees known as internal auditors;
internal auditors investigate and apprise the effectiveness and efficiency of operations and internal
controls of the firm

i) Internal auditing: An independent appraisal function or control or activity established

within an entity to examine and evaluate its activities or other controls as a service to the
entity. It is an independent, objective assurance and consulting activity designed to add value
and improve an organization’s operations. It helps an organization to accomplish its objectives
by bringing a systematic disciplined approach to evaluate and improve the effectiveness of risk
management, control, and governance processes.

· Internal auditing is an appraisal control that measures and evaluates other controls. The
increased complexity and sophistication of business operations have required
management to rely on this appraisal control.
· Internal auditors review the adequacy of the company's internal control system
primarily to ascertain whether the system provides reasonable assurance that the
company's objectives and goals will be achieved efficiently and economically.
· Internal auditors assist in the prevention of fraud by examining and evaluating the
system of internal control.
· Internal auditors are required to review the means employed by the company to
safeguard its assets from various types of losses such as those resulting from fire, theft,
unscrupulous or illegal activities, and exposure to the elements.

ii) Overall objective of internal auditing: to assist the members of the organization,
particularly management and board of directors, in the effective discharge of their
responsibilities; in short, to provide assistance to or serve the needs of management or board
of directors

Internal auditing includes the audit of:

a. Financial and operating information;
b. Compliance with policies, plans, procedures, laws, regulations, and contracts;

AT – Introduction to Auditing Red Sirug Page 13

 c. The means of safeguarding assets and verifying their existence;
d. The economy and efficiency with which resources are employed; and
e. Operations or programs to ascertain whether results are consistent with
established objectives and goals and whether they are being carried out as prescribed.

· Internal auditors usually perform operational audits

· Internal auditors usually focus on improving the efficiency and effectiveness of their
employer, unlike external auditors (public accounting firms) whose focus is the fairness
of the FS of their clients.

c. Government auditing: audit performed by government employees whose main concern is to

determine whether persons or entities comply with government laws, rules and regulations

Scope of government audit: may extend beyond financial statements audit to include:
i) Financial statements audit
ii) Performance audit (includes (a) program results (effectiveness) audit and (b) economy and
efficiency audit)
iii) Compliance audit

The Commission on Audit (COA) auditors perform financial audit and performance audit.
Performance audits include economy, efficiency, and program audits. Included in the scope of
financial and performance audits is determining whether the entity has complied with applicable
laws and regulations. Thus, government auditors are required to prepare a written report on the
entity's internal control and assessment of control risk made as part of a financial statement
audit.

The government auditor's report should include the following:

· The scope of the auditor's work in obtaining an understanding of the entity's internal
control and in his/her assessment of control risk.
· The entity's significant controls including those that are established to ensure
compliance with laws and regulations that have a material impact on the financial
statements.
· The conditions, including the identification of material weaknesses, identified/
discovered as a result of the auditor's work.

However, the report should not give any form of assurance on the design and effectiveness of
the entity's internal control.

The audit of a government program involves obtaining information about the costs, outputs,
benefits, and effects of the program. Auditors attempt to measure the accomplishments and
relative success of the program based on the actual intent of the legislation that established the
program.

Types of Auditors:
1. Independent auditors or external auditors – are CPA firms and individual practitioners who
perform audit services on contractual basis for more than one client
· Independent auditor – because the auditor is independent with respect to the client whose
FS are being audited; External auditor – the auditor is an outsider (not an employee of the
client)
· Practitioners perform operational audits and compliance audits as part of consultancy services
2. Internal auditors – they are employed by the entity thus they are not independent. However, to
operate effectively, an internal auditor must be independent of the line functions of the entity.
Internal auditors perform operational and compliance audits.
3. Government auditors – employed in government agencies
· BIR examiners perform compliance audits
· BSP examiners perform compliance and operational audits
· COA auditors perform compliance and operational audits

The relationship between an external auditor and an internal auditor is that both of them use
basically an identical approach; however, there are differences in the application of auditing techniques.

The Audit Committee:

The audit committee is composed of outside directors who are independent of management. The
primary purpose is to assure that the directors are exercising due care and external and internal auditors
are independent of management.

AT – Introduction to Auditing Red Sirug Page 14

 Functions of the audit committee:
· Select the external auditors.
· Review the external auditor's overall audit plan.
· Evaluate the results of external and internal audits.
· Review the internal auditing work schedule, budget, etc.
· Meet regularly with the internal auditing director.
· The above functions should increase public confidence on the fair presentation of the company's
financial statements.

Distinctions: Types of audit according to objectives or nature of assertion/data

Point of distinction Financial Statement Audit Compliance audit Operational audit

Primary objective To enable the auditor to express To determine To assess entity’s
an opinion on the fairness of the degree of performance (in terms
FS compliance of efficiency and
effectiveness)
Subject matter Assertion that the FS are Assertion that the Assertion that the
(Assertion) presented in accordance with organization has organization’s
identified financial reporting complied with laws, activities/operations are
framework (GAAP) regulations and conducted effectively
specific procedures and efficiently in
relation to specified
objectives
Established criteria GAAP – Identified financial Applicable laws, Objectives (as set by
reporting framework (as by regulations and the board of directors)
standard setting bodies) specific procedures
(as set by
authoritative
bodies)
Sufficient Audit findings whether the FS are Findings on degree Findings on assessment
appropriate in accordance with Identified of compliance of performance /
evidence / outcome financial reporting framework operations
(GAAP)
Communication of Auditor’s report containing an Reports on the Recommendations or
results to intended opinion whether the FS are fairly degree of suggestions on how to
users presented in accordance with compliance with improve operations
identified financial reporting applicable laws,
framework (GAAP) regulations or
specific procedures
Users of audit Different groups for different Authoritative bodies Management of the
report purposes; wide variety of users that sets down the entity
(both internal and external users) regulations, rules
and procedures
Type of auditor Independent / external auditors – Government Internal auditors
performing the practitioners auditors
audit

AT – Introduction to Auditing Red Sirug Page 15