Auditing Theory

AUDITING THEORY
1. Professional Accountant He or she is a person who, after obtaining

He or she is an individual who holds a valid the required education passes an extensive
certificate issued by the Board of Accountancy (i.e., examination and is licensed by the country to
Certified Public Accountant), whether he/she be in practice as a professional accountant.
public practice, industry, commerce, the public
sector or education.
Regulatory Government Agencies
Scope of Practice of Professional Accountants
9. Professional Regulation Commission (PRC)
3. Practice of Public Accountancy PRC administers, implements and enforces
This shall constitute in a person, be it in the regulatory policies of the National Government
his/her individual capacity, or as a partner or a staff with respect to the regulation and licensing of
member in an accounting or auditing firm, holding various professions under its jurisdiction including
out himself/herself as one skilled in the knowledge, the maintenance of professional standards and
science and practice of accounting, and as a ethics and the enforcement of the rules and
qualified person to render professional services as regulations relative thereto.
a certified public accountant.
10. Professional Regulatory Board of Accountancy
4. Practice in Commerce and Industry (BOA)
This shall constitute in a person involved in This board, consisting of a chairman and six
decision making requiring professional knowledge members, is the agency that is empowered to
in the science of accounting, or when such administer the Accountancy Law. As a licensing
employment of position requires that the holder agency of the government, the board is the only
thereof must be a certified public accountant. body that may issue and revoke CPA certificates
and grant licenses to practice.
5. Practice in Education or Academe
This shall constitute in a person in an 11. Securities and Exchange Commission (SEC)
educational institution which involve teaching of This is the government agency that
accounting, auditing, management advisory regulates the registration and operations of
services, finance, business law, taxation and other corporations, partnerships and other forms of
technically related subjects. associations in the Philippines.
6. Practice in the Government 12. Commission on Audit (COA)

This shall constitute in a person who holds, This is the agency that audits or determines
or is appointed to, a position in the accounting whether government units handle their funds
professional group in government or in a according to existing laws and whether their
government-owned and/or controlled corporation, programs are being conducted efficiently and
including those performing proprietary functions, economically.
where decision making requires professional
knowledge in the science of accounting, or where a 13. Bureau of Internal Revenue (BIR)
civil service eligibility as a certified public The BIR is responsible for enforcement of
accountant is a prerequisite. the tax laws, rules and regulations.
***
Professional Organization
7. Certified Public Accountant
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
15. Philippine Institute of Certified Public 21. International Auditing Practices Committee
Accountants (PICPA) (IAPC)
PICPA is the accredited national The IAPC is a standing committee of the
professional organization of CPAs. It serves all Council of IFAC and is responsible for the
members in the different sectors of the accounting development and issuance on behalf of the Council,
profession. Year-round professional development standards and statements on a variety of audit and
programs and regular fellowship and sport attests functions in order to improve the degree of
activities are sponsored by the association for its uniformity of auditing practices and related
members. services throughout the world.
22. Auditing and Assurance Standards Council

(AASC)
16. Sectoral Professional Organizations The AASC is the body authorized to
establish and promulgate generally accepted
a. Association of CPAs in Public Practice
auditing standards (GAAS) in the Philippines.
(ACPAPP)
b. Association of CPAs in Education
(ACPAE)
Philippine Standards Issued by AASC
c. Association of CPAs in Commerce and
Industry (ACPACI)
24. Philippine Standards on Auditing (PSAs)
d. Government Association of CPAs
These standards are applicable to the audit
(GACPA)
of historical financial information.
Standard Setting Bodies
25. Philippine Standards on Review Engagements
18. International Federation of Accountants (IFAC) (PSREs)
IFAC has as its mission the development These standards are applicable to the
and enhancement of the profession to enable it to review of historical financial information.
provide services of consistently high quality in the
public interest. It is a non-profit, non-governmental, 26. Philippine Standards on Assurance
non-political international organization of Engagements (PSAEs)
accountancy bodies. These standards are applicable to
assurance engagements dealing with subject
19. International Accounting Standards Board matters other than historical financial information.
(IASB)
The Board is committed to developing, in 27. Philippine Standards on Related Services
the public interest, a single set of high quality, (PSRSs)
global accounting standards that require These standards are applicable to related
transparent and comparable information in general services such as compilation engagements,
purpose financial statements. engagements to apply agreed-upon procedures to
information and other related services
20. Financial Reporting Standards Council (FRSC) engagements as specified by the AASC.
As the successor of Accounting Standards ***
Council (ASC), FRSC’s main function is to establish
generally accepted accounting principles (GAAP) in 28. Philippine Standards on Quality Control (PSQC)
the Philippines.
AUDITING THEORY
These standards are to be applied for all

services falling under the AASCs engagement 35. Assertion-Based Engagements
standards. One party measures or evaluates the
subject matter against suitable criteria and makes
29. Philippine Auditing Practice Statements an assertion. Another party provides assurance on
(PAPSs) the reliability of the assertion.
These provide interpretative guidance and
practical assistance to professional accountants in 36. Direct Reporting Engagements
implementing Philippine Standards and promote One party measures or evaluates the
good practice. subject matter against suitable criteria. The same
party reports directly on the subject matter.
30. AASC Bulletins and AASC Alerts
These refer to a regular publication issued Types of Assurance Engagements
by the AASC to provide guidance to auditors in the
application of PSAs. These are not part of PSAs 38. Reasonable Assurance Engagement
and do not change the requirements of relevant It is an engagement that aims to reduce the
PSAs. assurance engagement risk to an acceptably low
level in the circumstances of the engagement as
31. Philippine Framework for Assurance the basis for a positive form of expression in the
Engagements practitioner’s conclusion. “In our opinion, the
This Framework defines and describes the accompanying financial statements present fairly,
elements and objectives of an assurance in all material respects, (or give a true and fair view
engagement, and identifies engagements to which of) the financial position, financial performance and
PSAs, PSREs and PSAEs apply. It does not of itself cash flows of the company for the year ended in
establish standards or provide procedural accordance with IFRSs.”
requirements for the performance of assurance
engagements. 39. Limited Assurance Engagement
It is one that aims to reduce the assurance
Types of Services of Professional Accountants in engagement risk to a level that is acceptable in the
Public Service circumstance of the engagement but where that
risk is greater than for a reasonable assurance
33. Assurance Services or Engagements engagement as a basis for a negative form of
These refer to engagements in which a expression of the practitioner’s conclusion. “In our
practitioner expresses a conclusion designed to opinion, nothing has come to our attention that
enhance the degree of confidence that intended causes us to believe that the accompanying
users can have about the evaluation or financial statements are not presented fairly, in all
measurement of a subject matter that is the material respects, in accordance with PAS.”
responsibility of a party, other than the intended
users or the practitioners, against criteria. 40. Other Assurance Services
These are assurance services performed by
34. Non-Assurance Services or Engagements professional accountants not falling under either
These refer to those that do not result in a reasonable or limited assurance engagement
practitioner’s expression of a conclusion that classification (e.g., annual environmental audit,
provides a level of assurance, whether negative compliance with trading policies and procedures,
assurance or other form of assurance. ISO 9000 certifications, assurance services on
*** information technology, etc.)
AUDITING THEORY
He or she is the person who provides the

Specific Examples of Assurance Engagements assurance to the intended users about a subject
matter that is the responsibility of another party.
42. Independent Financial Statements Audit
Engagement 49. Responsible Party
It is an assurance engagement to provide a He or she (sometimes they) is the person
high (reasonable) level of assurance that the who in a direct-reporting engagement, is
financial statements are free of material responsible for the subject matter (the matter
misstatement. represented by the financial statements); or in an
assertion-based engagement, is responsible for the
43. Review of Financial Statements subject matter information (assertion or the
It involves limited investigation of much specific contents of the financial statements itself),
narrower scope than an audit and undertaken for and may be responsible for the subject matter.
the purpose of providing limited (negative)
assurance that the statements are presented in 50. Intended Users
accordance with identified financial reporting They are the person, persons or class of
standards. person for whom the practitioner prepares the
assurance report. The responsible party can be one
44. Other Review Engagements of the intended users, but not the only one.
Financial institutions may require debtors to ***
engage CPAs to provide assurance about the
debtors’ compliance with certain covenant 51. An Appropriate Subject Matter
provisions stated in the loan agreement. Other It is the matter presented for consideration
examples are review of investment performance in the engagement.
statistics for organizations such as mutual funds
and computer software review. Forms of Appropriate Subject Matter
***
45. Elements of an Assurance Engagement 53. Financial Performance or Conditions
Examples: historical or prospective financial
a. A three-party relationship
position, financial performance and cash flows.
b. An appropriate subject matter
c. Suitable criteria
54. Non-Financial Performance or Conditions
d. Sufficient appropriate evidence
Example: operating efficiency of the
e. A written assurance report
production division of an entity
46. A Three-Party Relationship 55. Physical Characteristics

Assurance engagements always involve Example: capacity of a facility
three separate parties namely, the practitioner,
responsible party and intended user. The last two
will often but not necessarily be from separate 56. Systems and Processes
organizations (e.g., responsible party – accounting Examples: an entity’s internal control or IT
department, intended user – board of directors). system
Components of the Three-Party Relationship 57. Behavior
48. Practitioner
AUDITING THEORY
Examples: corporate governance, 65. Ways of How Criteria Are Made Available to
compliance with regulation, human resource Intended Users
practices
a. Publicly
***
b. Through inclusion in a clear manner in
the presentation of the subject matter
58. Criteria for Appropriateness of Subject Matter
information
Suitable Criteria
c. Through inclusion in a clear manner in
An appropriate subject matter is:
the assurance report
a. Identifiable and capable of consistent d. By general understanding (e.g., criterion
evaluation or measurement against for measuring time in hours and
identified criteria; and minutes)
b. Such that the information can be
66. Audit Evidence
subjected to procedures for gathering
It is all the information used by the auditor
sufficient appropriate evidence to
in arriving at the conclusions on which the audit
support a reasonable assurance or
opinion is based and includes the information
limited assurance conclusion, as
contained in the accounting records underlying the
appropriate.
financial statements and other information.
Characteristics of Suitable Criteria
67. Sufficient Appropriate Evidence
60. Relevance The practitioner plans and performs an
Relevant criteria contribute to conclusions assurance engagement with an attitude of
that assist decision-making by the intended users. professional skepticism to obtain sufficient
appropriate evidence about whether the subject
61. Completeness matter information is free of material
Criteria are sufficiently complete when misstatement.
relevant factors that could affect the conclusions in
the context of the engagement circumstances are 68. Professional Skepticism
not omitted. An attitude of professional skepticism
means the practitioner makes a critical
62. Reliability assessment, with a questioning mind, of the validity
Reliable criteria allow reasonably consistent of evidence obtained and is alert to evidence that
evaluation or measurement of the subject matter contradicts or brings into question the reliability of
including, where relevant, presentation and documents or representations by the responsible
disclosure, when used in similar circumstances by party.
similarly qualified practitioners.
69. Sufficiency of Evidence
63. Neutrality Sufficiency is the measure of the quantity of
Neutral criteria contribute to conclusions evidence.
that are free from bias.
70. Appropriateness of Evidence
64. Understandability Appropriateness is the measure of the
Understandable criteria contribute to quality of evidence; that is, its relevance and
conclusions that are clear; comprehensive, and not reliability.
subject to significantly different interpretations.
***
AUDITING THEORY
71. Relationship between the Quantity of Evidence considered to have an impact on the decision
Needed and the Risk of the Subject Matter making of users.
Information Being Materially Misstated
The greater the risk, the more evidence is 75. Relationship between the Quantity of Evidence
likely to be required (direct relationship). Needed and Materiality
The higher the materiality level, the lower
71. Relationship between the Quantity of Evidence the audit risk and vice versa (inverse relationship).
Needed and the Quality of Such Evidence
The higher the quality of audit evidence, the 76. Relationship between the Quantity of Evidence
less may be required. However, merely obtaining Collected Assurance Engagement Risk
more evidence may not compensate for its poor It is the risk that the practitioner expresses
quality (interrelated). an inappropriate conclusion when the subject
matter information is materially misstated. The
72. Generalizations about the Reliability of lesser evidence collected, the higher the assurance
Evidence engagement risk and vice versa.
a. Evidence is more reliable when it is

77. Written Assurance Report
obtained from independent sources
The practitioner provides a written report
outside the entity.
containing a conclusion that conveys the
b. Evidence that is generated internally is
assurance obtained about the subject matter
more reliable when the related controls
information.
are effective.
c. Evidence obtained directly by the
Specific Examples of Non-Assurance Engagements
practitioner (e.g., observation) is more
reliable than evidence obtained
79. Agreed-upon Procedures Services
indirectly or by inference (e.g., inquiry).
It is a type of engagement in which the party
d. Evidence is more reliable when it exists
engaging the professional accountant or the
in documentary form (e.g., written
intended user determines the procedures to be
record vs. oral representation).
performed and the professional accountant
e. Evidence provided by original
provides a report of factual findings as a result of
documents is more reliable than
undertaking those procedures.
evidence provided by photocopies or
facsimiles.
80. Compilation of Financial or Other Information
73. Corroboration of Evidence Its objective is for the CPA to use
The practitioner ordinarily obtains more accounting expertise, as opposed to auditing
assurance from consistent evidence obtained from expertise, to collect, classify and summarize
different sources or of a different nature that from financial information (preparation of financial
items of evidence considered individually. In statements).
addition, obtaining evidence from different sources
or of a different nature may indicate that an 81. Tax Services
individual item of evidence is not reliable. A CPA is considered qualified to prepare
corporate and individual tax returns for both audit
74. Materiality and non-audit clients.
It is the threshold above which missing or
incorrect information in the financial statements is 82. Management Consulting / Advisory Services
AUDITING THEORY
It refers to the work done by professional Having accepted an assurance engagement,

accountants which focuses on advising companies a practitioner may not change that engagement to
on the best ways to manage and operate their a non-assurance engagement, or from a reasonable
business. assurance engagement to a limited assurance
engagement without reasonable justification which
83. Accounting and Data Processing or may be any of the following but not limited to:
Information Technology System Services
a. A change in circumstances that affects
Services under these items include doing
the intended users’ requirements; or
manual or automated bookkeeping, journalizing
b. A misunderstanding concerning the
and posting adjusting entries or preparing (or
nature of the engagement.
compiling) financial statements. Also, other
businesses have begun to see “outsourcing: as an If such a change is made, the practitioner
alternative for information system, tax, stock and does not disregard evidence that was obtained
transfer agency and internal auditing. prior to the change.
84. Reports on Non-Assurance Engagements 87. Challenges Faced by the Public Accounting
Reports on these types of engagements Profession
must be clearly distinguished from reports on
assurance engagements. So as not to confuse the a. Accounting in highly complex business
users, a report that is not an assurance report environment or increasingly complex
avoids the following: transaction and organizational standard.
b. Computer systems are complex.
a. Implying compliance with the c. Many companies are global.
Framework, PSAs, PSREs and PSAEs; d. There is time pressure to get the audit
b. Inappropriately using the words done and to report more quickly than
“assurance”, “audit” or review”; and ever before.
c. Including a statement that could e. There is a need to generate audit fees
reasonably be mistaken for a sufficient to both attract new people to
conclusion designed to enhance the the profession and retain managers and
degree of confidence of intended users partners, who often operate under
about the outcome of the evaluation or having stress to fulfill this most
measurement of a subject matter important obligation.
against criteria.
88. Expectation Gap
85. Summary of Reports Provided by Different It is the gap between what auditors attempt
Types of Engagements to do in an audit and the user’s expectations of the
a. Audit – Positive assurance on audit.
assertion(s)
b. Review – Negative assurance on
assertion(s) 89. Auditing
c. Agreed-Upon Procedures – Factual It is a systematic process by which a
findings on procedures competent, independent person objectively obtains
d. Compilation – Identification of and evaluates evidence regarding assertions about
information compiled economic actions and events to ascertain the
degree of correspondence between those
86. Conversion of an Assurance Engagement to a
Non-Assurance Engagement
AUDITING THEORY
assertions and established criteria and The likelihood that unreliable information
communicating the results to intended users. will be provided to decision makers. It is the reason
why independent auditing is necessary.
Key Words and Phrases in the Definition of Auditing
100. Factors that Contribute to Information Risk
91. Systematic Process
a. Remoteness of information users from
This implies a structured, logical and
information providers
organized series of steps and procedures.
b. Potential bias and motives of
information provider
92. Competent, Independent Person
c. Voluminous data
The auditor must be qualified to understand
d. Complex exchange transactions
the criteria used and the competence to know how
and what evidence to accumulate to reach the 101. Ways of Reducing Information Risk
proper conclusion.
a. Allow users to verify information.
93. Objectively Obtains and Evaluates Evidence b. User shares information risk with
This means examining the bases for the management.
assertions (representations) and judiciously c. Have the financial statements audited.
evaluating the result without bias or prejudice either General Types of Audit
for or against the individual (or entity) making the
representations. 103. Independent Financial Statements Audit
It consists of methodological review and
94. Assertions about Economic Actions and Events objective examination of financial statements
These are the representations made by the prepared by an enterprise (auditee) to determine if
individual or entity. such statements have been prepared in conformity
with financial reporting practices that are
appropriate for the auditee.
95. Degree of Correspondence
This refers to the closeness with which the 104. Internal Audit
assertions can be identified with established It is an independent, objective assurance
criteria. and consulting activity designed to add value and
improve an organization’s operations. It helps an
96. Established Criteria organization accomplish its objectives by brining a
These are the standards against which the systematic, disciplined approach to evaluate and
assertions or representations are judged. improve the effectiveness of risk management,
97. Communicating the Results control and government processes.
This is often referred to as attestation. The
final stage in the audit process is the audit report – 105. Government Audit
the communication of the findings to users. It involves the determination of whether
government funds are being handled properly and
98. Interested Users in compliance with existing laws and whether the
These are individuals who use (rely on) the programs are being conducted efficiently and
auditor’s findings (e.g., stockholders, management, economically.
creditors, governmental agencies and the public).
*** Types of Auditors
99. Information Risk
AUDITING THEORY
106. Independent or External Auditor It means that there is absolutely no

He or she is a certified public accountant misstatement in the financial statement and thus
(CPA) who examines the financial records and financial statements are absolutely reliable and
business transactions of a company with which he relevant for the user of financial statements.
is not affiliated. ***
107. Internal Auditor 114. Inherent Limitations in an Audit Hindering the

He or she could be from a CPA firm hired by Achievement of Absolute Assurance
the entity as consultant or employee of an
a. The use of testing
individual company who perform independent
b. Inherent limitations of any accounting
appraisal activity within the organization such as
and internal control system (e.g.,
review of accounting, financial and other operations
possibility of collusion)
as a basis for service to management.
c. The fact that most audit evidence is
persuasive rather than conclusive
108. Government Auditor
d. The use of judgment in some aspects of
He or she maintains and examines records
the auditor’s work
of government agencies and of private businesses
or individuals performing activities subject to 115. Persuasive Evidence
government regulations or taxation. It is evidence that has the power to
*** influence or persuade someone to believe in its
truth (e.g., evidence gathered through sampling).
109. Objective and Scope of Independent Audit
Since the objective of an independent audit 116. Conclusive Evidence
is to express an opinion on the company’s financial It is a solid evidence after which no further
statement, the auditor will conduct a critical and proof or inquiry is required & evidence in itself is
systematic examination of the statements and of complete (e.g., evidence gathered if the whole
the related documents, records, procedures and population is tested).
control.
117. Responsibility for the Financial Statement
Types of Assurance While the auditor is responsible for forming
and expressing an opinion on the financial
111. Reasonable Assurance statements, the responsibility of preparing and
It is the level of confidence that the financial presenting the financial statements is that of the
statements are not materially misstated that an management of the entity.
auditor, exercising professional skill and care, is
expected to attain from an audit (also known as 118. Objective and Scope of Internal Auditing
high level of assurance). The objective of internal auditing is to assist
112. Limited Assurance all members of management in the effective
It is the level of assurance obtained where discharge of their responsibilities, by furnishing
engagement risk is reduced to a level that is them with analyses, appraisals, recommendations,
acceptable in the circumstances of the and pertinent comments concerning the activities
engagement, but where that risk is greater than for reviewed.
a reasonable assurance engagement.
119. Independence Required for Internal Auditors
113. Absolute Assurance Internal auditors are required to be
independent so that they would be able to render
AUDITING THEORY
impartial and unbiased judgment in the conduct of

their engagement.
127. Other Types of Audit Classified as Limited
Internal Auditing Approaches and Techniques Assurance Engagements
a. Audits of financial statements prepared

121. Operational Auditing
on an other comprehensive basis, cash
This is a future-oriented, independent and
or tax basis of accounting
systematic evaluation performed by the internal
b. Audits of specified elements, accounts
auditor for management of the operational
or items in a financial statement
activities controlled by top-, middle-, and lower-level
c. Audits of information accompanying the
management for the purpose of improving
basic financial statements (client-
organizational profitability and increasing the
prepared or auditor-submitted
attainment of the other organizational objectives.
documents)
d. Compliance with contractual
122. Management Auditing
agreements
It is an assessment of methods and policies
e. Summarized financial statements
of an organization’s management in the
administration and the use of resources, tactical 128. Auditing and Accounting Distinguished
and strategic planning, and employee and Accounting is the process of recording,
organizational improvement. classifying and summarizing economic events in a
logical manner for the purpose of providing
123. Financial Auditing financial information for decision making. On the
It refers to a historically oriented, other hand, auditing is concerned with the
independent evaluation performed by the internal determination of whether the recorded accounting
auditor for the purpose of ensuring the fairness, information for the entity properly reflects the
accuracy and reliability of the financial data. economic events that occurred during the
accounting period.
Divisions of State or Government Auditing
124. Compliance Audit 129. Philippine Accountancy Act of 2004 (R.A.

It is the examination, audit and settlement in 9298)
accordance with law and regulation. It is an act regulating the practice of
accountancy in the Philippines, repealing for the
125. Financial Audit purpose P.D. No. 692, otherwise known as the
It is the audit of the accounting and financial revised accountancy law, appropriating funds
system and controls to ensure reliability of therefor and for other purposes.
recorded financial data.
130. Objectives of R.A. 9298
126. Performance Audit
It is an objective examination of the a. The standardization and regulation of
financial and operational performance of an accounting education;
organization, programme, activity or function and is b. The examination for registration of
oriented towards opportunities for greater certified public accountants; and
economy, efficiency and effectiveness. c. The supervision, control, and regulation
*** of the practice of accountancy in the
Philippines.
AUDITING THEORY
131. Scope of Practice of Public Accountancy c. Must be a good moral character and
must not have been convicted of crimes
a. Practice of public accountancy
involving moral turpitude; and
b. Practice in commerce and industry
d. Must not have any pecuniary interested,
c. Practice in education or academe
directly or indirectly, in any schools,
d. Practice in the government
college, university or institution
132. Professional Regulatory Board of conferring an academic degree
Accountancy (PRBOA or BOA) necessary for admission to the practice
See no. 10 for relevant notes. of accountancy or where review classes
in preparation for the licensure
133. Composition of BOA examination, are being offered or
The Professional Regulatory Board of conducted, nor shall he/she be a
Accountancy, hereinafter referred to as the Board, member of the faculty or administration
under the supervision and administrative control of thereof at the time of his/her
the Professional Regulation Commission, appointment to the Board.
hereinafter referred to as the Commission, shall be
composed of a chairman and six (6) members to
136. Term of Office of the Members of BOA
be appointed by the President of the Philippines
The chairman and members of the board
from a list of three (3) recommendees each
shall hold office for a term of three years Any
position and ranked by the Commission, from list of
vacancy occurring within the term or a member
five (5) nominees for each position submitted by
shall be filled up for the unexpired portion of the
the accredited national professional organization of
term only No person who has served two (2)
certified public accountants The board shall elect a
successive complete terms shall be eligible for
vice-chairman from among its members for a term
reappointment until the lapse of one (1) year
of one (1) year meetings of the board and in the
Appointment to fill-up an expired term is not to be
event of a vacancy in the office of the chairman, the
considered as a complete term.
vice chairman shall assume such duties and
responsibilities until such time as a chairman is
137. Compensation and Allowances of the Board
appointed.
The chairman and members of the board
shall receive compensation and allowances
134. Accredited Professional Organization (APO)
comparable to that being received by the chairman
Philippine Institute of Certified Public
and members of existing regulatory boards under
Accountants (PICPA)
the commission as provided for in the General
Appropriations Act.
135. Qualification of Members of BOA
A member of the board shall, at the time of
138. Powers and Functions of the Board
his/her appointment, possess the following
The board shall exercise the following
qualifications:
specific powers, functions and responsibilities:
a. Must be a natural born citizen and a
resident of the Philippines;
a. To prescribe and adopt the rules and
b. Must be a duly registered Certified
regulations necessary for carrying out
Public Accountant with at least ten (10)
the provisions of this Act;
years of work experience in any scope
b. To supervise the registration, licensure
of practice of accountancy;
and practice of accountancy in the
Philippines;
AUDITING THEORY
c. To administer oaths in connection with confidential information in the

the administration of this Act; examination questions prior to the
d. To issue, suspend, revoke, or reinstate conduct of the said examination or
the Certificate of Registration for the tampering of grades.
practice of the accountancy profession;
e. To adopt an official seal of the Board;
141. Annual Reporting Requirements for BOA
f. To prescribe and/or adopt a Code of
The Board shall, at the close of each
Ethics for the practice of accountancy;
calendar year, submit an annual report to the
g. Other powers as expressed by the
President of the Philippines through the
provisions of R.A. 9298.
Commission giving a detailed account of its
proceedings and accomplishments during the year
139. Administrative Supervisions of the Board, and making recommendations for the adoption of
Custodian of Its Records, Secretariat and Support measures that will upgrade and improve the
Services conditions affecting the practice of accountancy in
The Board shall be under the administrative the Philippines.
supervision of the Commission All records of the
Board, including applications for examination and 142. The Certified Public Accountant (CPA)
administrative and other investigative cases Examinations
conducted by the Board shall be under the custody All applicants for registration for the
of the Commission The Commission shall practice of accountancy shall be required to
designate the secretary of the Board and shall undergo a licensure to be given by the Board in
provide the secretariat and other support services such places and dates as the Commission may
to implement the provisions of this Act. designate subject to compliance with the
requirements prescribed by the Commission in
140. Grounds for Suspension or Removal of the accordance with Republic Act No 8981.
Members of the Board
The President of the Philippines, upon the 143. Qualifications of Applicants for Examinations
recommendation of the Commission, after giving Any person applying for examination shall
the concerned member an opportunity to defend establish the following requisites to the satisfaction
himself in a proper administrative investigation to of the Board that he/she:
be conducted by the Commission, may suspend or
a. is a Filipino citizen;
remove any member on the following grounds.
b. is of good moral character;
a. Neglect of duty or incompetence; c. is a holder of the degree of Bachelor of
b. Violation or tolerance of any violation of Science in Accountancy conferred by a
this Act and its implementing rules and school, college, academy or institute
regulations or the Certified Public duly recognized and/or accredited by
Accountant’s Code of Ethics and the the CHED or other authorized
technical and professional standards of government offices; and
practice for Certified Public d. has not been convicted of any criminal
Accountants; offense involving moral turpitude.
c. Final judgment of crimes involving moral
144. Scope of Examinations
turpitudes; and
The licensure examination for certified
d. Manipulation or rigging of the certified
public accountants shall cover, but are not limited
accountants licensure examination
to the following subjects:
results, disclosure of secret and
AUDITING THEORY
a. Theory of Accounts examinations unless he/she submits evidence to

b. Business Law and Taxation the satisfaction of the Board that he/she enrolled in
c. Management Services and completed at least twenty-four units of subject
d. Auditing Theory given in the licensure examination.
e. Auditing Problems For purposes of this Act, the examination in
f. Practical Accounting Problems I which the candidate was conditioned together with
g. Practical Accounting Problems II the removal examination on the subject in which
he/she failed shall be counted as one complete
The Board, subject to the approval of the
examination.
Commission, may revise or exclude any of the
subjects and their syllabi, and add new ones as the
148. Oath
need arises.
All successful candidates in the
examination shall be required to take an oath of
145. Rating in the Licensure Examination
profession before an member of the Board or
To be qualified as having passed the
before any government official, authorized by the
licensure examination for accountants, a candidate
Commission or any person authorized by law to
must obtain a general average of seventy-five
administer oaths upon presentation of proof of
percent (75%), with no grades lower than sixty-five
his/her qualification, prior to entering upon the
percent (65%) in any given subject In the event a
practice of the profession.
candidate obtains the rating of seventy-five percent
(75%) and above in at least a majority of subjects
149. Issuance of Certificate of Registration and
as provided for in this Act, he/she shall receive a
Professional Identification Card
conditional credit for the subjects passed:
A certificate of registration shall be issued
Provided, That a candidate shall take an
to examinees who pass the licensure examination
examination in the remaining subjects within two
subject to payment of fees prescribed by the
(2) years from the preceding examination: Provided,
Commission The Certificate of Registration shall
further, That if the candidate fails to obtain at least
bear the signature of the chairperson of the
a general average of seventy-five percent (75%) and
Commission and the chairman and members of the
a rating of at least sixty-five percent (65%) in each
Board, stamped with the official seal of the
of the subjects reexamined, he/she shall be
Commission and of the Board, indicating that the
considered as failed in the entire examination.
person named therein is entitled to the practice of
the profession with all the privileges appurtenant
146. Report of Ratings
thereto The said certificate shall remain in full force
The Board shall submit to the Commission
and effect until withdrawn, suspended or revoked in
the ratings obtained by each candidate within ten
accordance with this Act.
(10) calendar days after the examination, unless
A Professional Identification Card bearing
extended for just cause Upon the release of the
the registration number, date of issuance, expiry
results of the examination, the Commission shall
date, duly signed by the chairperson of the
send by mailing the rating received by each
Commission, shall likewise be issued to every
examinee at his/her given address using the
registrant renewable every three (3) years.
mailing envelope submitted during the
examination.
150. Roster of CPAs
A roster showing the names and place of
147. Failing Candidates to Take Refresher Course
business of all registered certified public
Any candidate who fails in two (2) complete
accountant shall be prepared and updated by the
Certified Public Accountant Board Examinations
shall be disqualified from taking another set of
AUDITING THEORY
Board, and copies thereof shall be made available The Board may, after the expiration of two
to any party as may be deemed necessary. (2) years from the date of revocation of a certificate
of registration and upon application and for
151. Indication of Certificate of Registration, reasons deemed proper and sufficient, reinstate the
Identification Card and Professional Tax Receipt validity of a revoked certificate of registration and
The certified public accountant shall be in so doing, may, in its discretion, exempt the
required to indicate his/her certificate of applicant from taking another examination.
registration number, and date of issuance, the A new certificate of registration to replace
duration of validity, including the Professional Tax lost, destroyed, or mutilated certificate/license may
Receipt number on the documents he/she signs, be issued, subject to the rules promulgated by the
uses or issues in connection with the practice of Board and the Commission, upon payment of the
his/her profession. required fees.
152. Refusal to Issue Certificate of Registration 155. Prohibition in the Practice of Accountancy
and Professional Identification Card Vested Rights to CPAs Registered When R.A. 9298
The Board shall not register and issue a Was Passed
certificate of registration and professional No person shall practice accountancy in this
identification card to any successful examinee country, or use the title “Certified Public
convicted by a court of competent jurisdiction of a Accountant”, or use the abbreviated title “CPA” or
criminal offense involving moral turpitude or guilty display or use any title, sign, card, advertisement, or
of immoral and dishonorable conduct or to any other device to indicate such person practices or
person of unsound mind In the event of refusal to offers to practice accountancy, or is a certified
issue certificate for any reason, the Board shall give public accountant, unless such person shall have
the applicant a written statement setting forth the received from the Board a certificate of
reasons for such action, which statement shall be registration/professional license and be issued a
incorporated in the record of the Board. professional identification card or a valid
temporary/special permit duly issued to him/her by
153. Suspension and Revocation of Certificates of the Board and the Commission.
Registration and Professional Identification Card
and Cancellation of Special Permit 156. Vested Rights: Certified Public Accountants
The Board shall have the power, upon due Registered When This Law is Passed
notice and hearing, to suspend or revoke the All certified public accountants registered at
practitioner’s certificate of registration and the time this law takes effect shall automatically be
professional identification card or suspend him/her registered under the provisions hereof, subject
from the practice of his/her profession or cancel however, to the provisions herein set forth as to
his/her special permit for any of the causes or future requirements Certificates of
grounds mentioned under section 23 of this Act or registration/professional license held by such
for any unprofessional or unethical conduct, persons in good standing shall have the same force
malpractice, violation of any of the provisions of and effect as though issued after the passage of
this Act, and its implementing rules and regulations, this Act.
the Certified Public Accountant’s Code of Ethics
and the technical and professional standards of 157. Limitation of the Practice of Public
practice for certified public accountants. Accountancy
Single practitioners and partnerships for the
154. Reinstatement, Reissuance and Replacement practice of public accountancy shall be registered
of Revoked Loss Certificates certified public accountants in the Philippines:
AUDITING THEORY
Provided, That from the effectivity of this Act, a payment of a required fees and dues Membership
certificate of accreditation shall be issued to in the integrated organization shall not be a bar to
certified public accountants in public practice only membership in any other association of certified
upon showing, in accordance with rules and public accountants.
regulations promulgated by the Board and
approved by the Commission, that such registrant 160. Accreditation to Practice Public Accountancy
has acquired a minimum of three (3) years Certified public accountants, firms and
meaningful experience in any of the areas of public partnerships of certified public accountants,
practice including taxation: Provided, further, That engaged in the practice of public accountancy,
this requirement shall not apply to those already including partners and staff members thereof, shall
granted a certificate of accreditation prior to the register with the Commission and the Board, such
effectivity of this Act The Securities and Exchange registration to be renewed every three (3) years:
Commission shall not register any corporation Provided, That subject to the approval of the
organized for the practice of public accountancy. Commission, the Board shall promulgate rules and
regulations for the implementation of registration
158. Ownership of Working Papers requirements including the fees and penalties for
All working papers, schedules and violation thereof.
memoranda made by a certified public accountant
and his staff in the course of an examination, 161. Continuing Professional Education (CPE)
including those prepared and submitted by the Program
client, incident to or in the course of an All certified public accountants shall abide
examination, by such certified public accountant, by the requirements, rules and regulations on
except reports submitted by a certified public continuing professional education to be
accountant to a client shall be treated confidential promulgated by the Board, subject to the approval
and privileged and remain the property of such of the Commission, in coordination with the
certified public accountant in the absence of a accredited national professional organization of
written agreement between the certified public certified public accountants or any duly accredited
accountant and the client, to the contrary, unless educational institutions For this purpose, a CPE
such documents are required to be produced Council is hereby created to implement the CPE
through subpoena issued by any court, tribunal, or program.
government regulatory or administrative body.
162. Seal and Use of Seal
159. Accredited Professional Organization All licensed Certified Public Accountants
All registered certified public accountants shall obtain and use a seal of a design prescribed
whose names appear in the roster of certified by the Board bearing the registrant’s name,
public accountants shall be united and integrated registration number and title The auditor’s reports
through their membership in a one only registered shall be stamped with said seal, indicating therein
and accredited national professional organization his/her current Professional Tax Receipt (PTR)
of registered and licensed certified public number, date/place of payment when filed with
accountants, which shall be registered with the government authorities or when used
Securities and Exchange Commission as a professionally.
nonprofit corporation and recognized by the Board,
subject to the approval by the Commission The 163. Foreign Reciprocity
members in the said integrated and accredited Subjects or citizens of foreign countries
national professional organization shall receive may be allowed to practice accountancy in the
benefits and privileges appurtenant thereto upon Philippines in accordance with the provisions of
AUDITING THEORY
existing laws, international treaty obligations subject to the approval of the Commission, shall,
including mutual recognition agreements entered upon conviction, be punished by a fine of not less
into by the Philippine government with other than Fifty thousand pesos (P50,000.00) or by
countries A person who is not a citizen of the imprisonment for a period not exceeding two (2)
Philippines shall not be allowed to practice years or both.
accountancy in the Philippines unless he/she can
prove, in the manner provided by the Rules of Court 166. CPAs Legal Liability
that, by specific provision of law, the country of Audit professionals have a responsibility
which he/she is a citizen, subject or national admits under common law to fulfill expressed and implied
citizens of the Philippines to the practice of the contracts with clients. They are liable to their
same profession without restriction. clients for negligence and/or breach of contracts
should they fail to provide services or not exercise
164. Coverage of Temporary/Special Permits due care in their performance.
Special/temporary permit may be issued by
the Board subject to the approval of the 167. Management’s Responsibility of Compliance
Commission and payment of the fees the latter, has with Laws and Regulations
prescribed and charged thereof to the following It is management’s responsibility to ensure
persons: that the entity’s operations are conducted in
accordance with laws and regulations. The
a. A foreign certified public accountant
responsibility for the prevention and detection of
called for consultation or for a specific
noncompliance rests with management.
purpose which, in the judgment of the
The auditor is no, and cannot be held
Board, is essential for the development
responsible for preventing non-compliance. The
of the country: Provided, That his/her
fact that an annual audit is carried out may,
practice shall be limited only for the
however, act as a deterrent. An audit is subject to
particular work that he/she is being
the unavoidable risk that some material
engaged: Provided, further, That there is
misstatements of the financial statements will not
no Filipino Certified Public Accountant
be detected, even though the audit is properly
qualified for such consultation or
planned and performed in accordance with PSAs.
specific purposes;
This risk is higher with regard to material
b. A foreign certified public accountant
misstatements resulting from non-compliance with
engaged as professor, lecturer or critic
laws and regulations.
in fields essential to accountancy
education in the Philippines and his/her
168. Procedures When Noncompliance is
engagement is confined to teaching
Discovered
only; and
When the auditor believes there may be non-
c. A foreign certified public accountant
compliance, the auditor should document the
who is an internationally recognized
findings and discuss them with the following (in
expert or with specialization in any
order of priority):
branch of accountancy and his/her
service is essential for the advancement a. Management
of accountancy in the Philippines. b. Entity’s lawyer if the management does
not provide satisfactory information that
165. Penal Provisions
it is in fact in compliance.
Any person who shall violate any of the
c. Auditor’s own lawyer if it is not
provisions of this Act or any of its Implementing
considered appropriate to consult the
rules and regulations as promulgated by the Board
AUDITING THEORY
entities lawyer or when the auditor is not letter of an agreement; do not interpret agreements
satisfied with the opinion. in an unreasonably technical or legalistic manner in
order to rationalize noncompliance or create
excuses and justifications for breaking
169. Ethics commitments.
Ethics consist of moral principles and
standards of conduct. It is a branch of philosophy 177. Loyalty (Fidelity)
that deals with the study of the rightness or Be faithful and loyal to family, friends,
wrongness of human actions. employers, clients and country; do not use or
disclose information learned in confidence; in a
170. Unethical Behavior professional context, safeguard the influences and
It refers to a conduct that differs from what conflicts of interest.
people believe would have been appropriate given
the circumstances. 178. Fairness
Be fair and open-minded, be willing to admit
171. Reasons Why People Act Unethically error and, where appropriate, change positions and
beliefs, demonstrate a commitment to justice, the
a. The person’s ethical standards are equal treatment of individuals, and tolerance for
different from those of society as a and acceptance of diversity; do not overreach or
whole; or take undue advantage of another’s mistakes or
b. The person chooses to act selfishly. adversities.
In many instances, both reasons exist.
179. Caring for Others
172. Rationalizing Unethical Behavior Be caring, kind, and compassionate; share,
be giving, be of service to others; help those in need
a. Everybody does it. and avoid harming others.
b. If it’s legal, it’s ethical.
c. Likelihood of discovery and 180. Respect for Others
consequences Demonstrate respect for human dignity,
privacy, and the right to self-determination of all
Characteristics and Values Associated with Ethical
people; be courteous, prompt, and decent; provide
Behavior
others with the information they need to make
informed decisions about their own lives; do not
174. Integrity
patronize, embarrass, or demean.
Be principled, honorable, upright,
courageous and act on convictions; do not be two-
181. Responsible Citizenship
faced, or unscrupulous, or adopt an end-justifies-
Obey just laws; if all law is unjust, openly
the-means philosophy that ignores principle.
protest it, exercise all democratic rights and
privileges responsibly by participation (voting and
175. Honesty
expressing informed views), social consciousness,
Be truthful, sincere, forthright,
and public service; when in a position of leadership
straightforward, frank, candid; do not cheat, steal,
or authority, openly respect and honor democratic
lie, deceive, or act deviously.
processes of decision making, avoid unnecessary
secrecy or concealment of information, and assure
176. Promise Keeping
that others have all the information they need to
Be worthy of trust, keep promises, full
make intelligent choices and exercise their rights.
commitments, abide by the spirit as well as the
AUDITING THEORY
182. Pursuit of Excellence 189. Confidentiality

Pursue excellence in all matters, in meeting To respect the confidentiality of information
your personal and professional responsibilities, be acquired as a result of professional and business
diligent, reliable, industrious, and committed; relationships and should not disclose any such
perform all tasks to the best of your ability, develop information to third parties without proper and
and maintain a high degree of competence, be well specific authority unless there is a legal or
informed and well prepared; do not be content with professional right or duty to disclose, nor use the
mediocrity; do not “win at any cost.” information for the personal advantage of the
professional accountant or third parties.
183. Accountability
Be accountable, accept responsibility for 190. Professional Behavior
decisions, for the foreseeable consequences of To comply with relevant laws and
actions and inactions, and for setting an example regulations and avoid any action that discredits the
of others. Parents, teachers, employers, many profession.
professionals, and public officials have a special
obligation to lead by example, to safeguard and 191. Threats to Compliance with Fundamental
advance the integrity and reputation of their Principles
families, companies, profession, and the When a professional accountant identifies
government itself; an ethically sensitive individual threats to compliance with the fundamental
avoids even the appearance of impropriety, and principles and based on an evaluation of those
takes whatever actions are necessary to correct or threats, determines that they are not at an
prevent inappropriate conduct of others. acceptable level, the professional accountant shall
determine whether appropriate safeguards are
CODE OF ETHICS FOR PROFESSIONAL available and can be applied to eliminate the
ACCOUNTANTS IN THE PHILIPPINES threats or reduce them to an acceptable level.
Fundamental Principles of Ethics
186. Integrity Categories of Threats

To be straightforward and honest in all
professional and business relationships. 193. Self-Interest Threat
It refers to the threat that financial or other
187. Objectivity interest will inappropriately influence the
To prevent bias, conflict of interest or undue professional accountant’s judgment or behavior.
influence of others to override professional and
business judgments. 194. Self-Review Threat
It pertains to the threat that a professional
188. Professional Competence and Due Care accountant will not appropriately evaluate the
To maintain professional knowledge and results of a previous judgment made or service
skill at the level required to ensure that a client or performed by the professional accountant, or by
employer receives competent professional service another individual within the professional
based on current developments in practice, accountant’s firm or employing organization, on
legislation and techniques and act diligently and in which the accountant will rely when forming a
accordance with applicable technical and judgment as part of providing a current service.
professional standards.
AUDITING THEORY
195. Advocacy Threat a. Leadership of the firm that stresses the

It is the threat that a professional importance of compliance with
accountant will promote a client’s or employer’s fundamental principles;
position to the point that the professional b. Leadership of the firm that establishes
accountant’s objectivity is compromised. the expectation that the members of an
assurance team will act in the public
196. Familiarity Threat interest;
It refers to the threat that due to a long or c. Policies and procedures to implement
close relationship with a client or employer, a and monitor quality control of
professional accountant will be too sympathetic to engagements;
their interests or too accepting of their work. d. Documented policies regarding the:
 Identification of threats to
197. Intimidation Threat compliance;
It pertains to the threat that a professional  Evaluation of the significance of
accountant will be deterred from acting objectively those threats;
because of actual or perceived pressures, including  Application of safeguards to
attempts to exercise undue influence over the eliminate or reduce the threats to
professional accountant. an acceptable level; and/or
 Termination or decline of the
198. Safeguards against Threats to Compliance relevant engagement when
with Fundamental Principles appropriate safeguards are not
Safeguards are actions or other measures available or cannot be applied;
that may eliminate threats or reduce them to an e. Documented internal policies and
acceptable level. procedures requiring compliance with
the fundamental principles;
Categories of Safeguards that May Eliminate or f. Policies and procedures that will enable
Reduce Threats to an Acceptable Level the identification of interests or
relationships between the firm or
200. Safeguards Created by the Profession, members of engagement teams and
Legislation or Regulation clients; and
g. Others
a. Educational, training and experience
requirements for entry into the ***
profession;
b. Continuing professional development 202. Conflicts of Interest
requirements; It refers to a situation in which the concerns
c. Corporate governance regulations; or aims of two different parties are incompatible.
d. Professional standards; An example relevant to the work of a professional
e. Professional or regulatory monitoring accountant would be: “Advising two clients at the
and disciplinary procedures; and same time who are competing to acquire the same
f. External review by a highly empowered company where the advice might be relevant to the
third party of the reports, returns, parties’ competitive position.”
communications or information
produced by a professional accountant. 203. Second Opinions
It arises when a member or member firm
201. Safeguard in the Work Environment
agrees to give professional advice to a third party in
connection with any matter that has, or might be
AUDITING THEORY
expected to have been, considered by that party's 209. Certificate of Accreditation

auditors. There may be a threat to professional Is issued to certified public accountants in
competence and due care in circumstances where public practice only upon showing, in accordance
the second opinion is not based on the same set of with rules and regulations promulgated by the
facts that were made available to the existing Board (BOA) and approved by the Commission
auditor, or is based on inadequate evidence. (PRC), that such registrant has acquired a minimum
of three (3) years meaningful experience in any of
204. Independence the areas of public practice including taxation.
It refers to the auditor’s independence from
the client company ensuring that the audit opinion 210. Organization of CPA Firms
will not be influenced by any relationship existing
a. Sole proprietorships
between them.
b. Partnerships
Aspects of Independence
206. Independence of Mind 211. Advantages of Sole Proprietorship Form of
It pertains to the state of mind that permits Organization
the expression of a conclusion without being
affected by influences that compromise a. The practitioner is his own boss and is
professional judgment, allowing an individual to act independent.
with integrity, and exercise objectivity and b. He does not keep regular office hours.
professional skepticism. c. He can earn more than a mere salaried
employee can.
207. Independence in Appearance d. He can attain self-fulfillment or
It pertains to the avoidance of facts and satisfaction from the success of his
circumstances that are so significant that a own practice.
reasonable and informed third party, having 212. Disadvantages of Sole Proprietorship Form of
knowledge of all relevant information, including Organization
safeguards applied, would reasonably conclude a
firm’s, or a member of the assurance team’s, a. He assumes all the risk and
integrity, objectivity or professional skepticism had responsibilities of entrepreneurship.
been compromised. b. His income may not be regular and
*** therefore should be supplemented from
other sources.
208. Network and Network Firms c. He must rely on his own judgment in
An accounting network or accounting making decisions.
association is a professional service network 213. Advantages of Partnership Form of
whose principal purpose is to provide members Organization
resources to assist the clients around the world
and hence reduce the uncertainty by bringing a. The practice has greater stability and
together a greater number of resources to work on continuity.
a problem. The networks and associations operate b. Responsibility, risks and cost of practice
independently of the independent members. The can be shared.
largest accounting networks are known as the Big c. Opportunity for specialization is
Four. increased.
AUDITING THEORY
d. A partnership can handle larger He or she is concerned about the overall

engagements more efficiently and quality of each audit. An audit partner signs the
adequately. audit report, accepting ultimate responsibility for
e. Partners can combine their talent, each audit, and is generally involved in maintaining
resources, time and experience to serve client relationships, planning audits and evaluating
the clients better. the audit findings.
214. Disadvantages of Partnership Form of

Organization
a. Personal differences between partners 218. Audit Manager/Supervisor

may arise and therefore good and close He or she administers important aspects of
working relationships may not be audit engagements, scheduling the audit work to be
established. done with client personnel, assigning work to audit
b. One partner may feel that the other staff, supervising staff and reviewing staff work.
partner is not contributing to the welfare
of the firm. 219. Senior (In-Charge) Auditor
He or she works under the direction of audit
215. Prohibition against the Organization of managers and assist them in administering the
Corporations for the Practice of Public audit. They generally participate in audit planning
Accountancy and provide direct supervision to staff auditors.
a. As a legal requirement, corporate They also review work performed by staff auditors
practice of CPAs is prohibited in the and summarize audit findings for the audit partner
Philippines. to review.
b. The reporting requirements of
corporation are generally higher than 220. Staff (Associate) Auditor
those of partnerships. As a professional He or she performs various audit
firm which usually involve sensitive procedures and gather audit evidence to be used as
information, the less transparent the basis for the audit reports. They may perform
better. procedures that relate to a variety of aspects of a
c. Corporate practice also requires annual client’s activities.
audit. No accounting firm want to be ***
audited by their competitors.
d. Tax rate for unincorporated business is 221. Representation Letter to the SEC
generally more favorable than that for A CPA in public practice should file with the
incorporated ones. Securities and Exchange Commission a
e. Major accounting firm enjoys global representation letter for audit clients he has which
exposure. The structure is complex. In are required to file with the said government agency
order to avoid further complication, they (SEC) their financial statements.
may prefer to operate under partnership
in all regions, regardless of the 222. Marketing Professional Services
allowance of corporate practice in some When a professional accountant in public
countries. practice solicits new work through advertising or
other forms of marketing, there may be potential
Public Accounting Firm Organization threats to compliance with the fundamental
principles.
217. Audit Partner
AUDITING THEORY
Moreover, a professional accountant in confidentiality, and professional behavior), which

public practice should not bring the profession into are reinforced in particular by:
disrepute when marketing professional services.
a. The leadership of the firm;
The professional accountant in public practice
b. education and training;
should be honest and truthful and should not:
c. monitoring; and
a. Make exaggerated claims for services d. A process of dealing with non-
offered, qualifications possessed or compliance
experience gained; or
Independence requirements are also
b. Make disparaging references to
needed to be achieved by implementing
unsubstantiated comparisons to the
appropriate safeguards (e.g., At least annually, the
work of another.
firm shall obtain written confirmation of
compliance with its policies and procedures on
independence from all firm personnel required to be
independent by the Revised Code of Ethics).
223. Quality Control System
It refers to a set of policies and procedures 227. Acceptance and Continuance of Client
designed to provide reasonable assurance that the Relationships and Specific Engagements
public accounting firm complies with professional An audit firm shall undertake or continue
standards. relationships and engagements where it can
reasonably assure that:
224. Elements of a System of Quality Control
a. It is competent to perform the
a. Leadership responsibilities for quality engagement and has the capabilities,
within the firm time and resources to do so;
b. Ethical requirements b. It can comply with ethical requirements;
c. Acceptance and continuance of client and
relationships and specific engagements c. It has considered the integrity of the
d. Human resources client and does not have information
e. Engagement performance that would lead it to conclude that the
f. Monitoring client lacks integrity.
225. Leadership Responsibilities for Quality within The specific policies and procedures related
the Firm to this matter will be discussed further during the
The firm’s leadership and the examples it risk assessment phase of the audit.
sets significantly influence the internal culture of
the firm. The promotion of a quality-oriented 228. Where the Firm Obtains Information that
internal culture depends on clear, consistent and Would Have Caused it to Decline an Engagement if
frequent actions and messages from all levels of that Information Had Been Available Earlier
the firm’s management emphasizing the firm’s The policies and procedures on the
quality control policies and procedures. continuance of the engagement and the client
relationship shall include the consideration of:
226. Ethical Requirements
The firm’s policies and procedures a. The professional and legal
emphasize the fundamental principles (integrity, responsibilities that apply to the
objectivity, professional competence and due care, circumstances, including whether there
is a requirement for the firm to report to
AUDITING THEORY
the person or persons who made the e. Appropriate documentation of the work
appointment or, in some cases, to performed and of the timing and extent
regulatory authorities; and of the review; and
b. The possibility of withdrawing from the f. Processes to keep all policies and
engagement or from both the procedures current.
engagement and the client relationship.
231. Supervision
229. Human Resources Supervision involves directing the efforts of
The firm shall establish policies and assistants who are involved in accomplishing the
procedures designed to provide it with reasonable objectives of the audit and determining whether
assurance that it has sufficient personnel with the those objectives were accomplished. Elements of
capabilities, competence and commitment to supervision include instructing assistants, keeping
ethical principles. The following are the personnel informed of significant problems encountered,
issues to be addressed by such policies and reviewing the work performed, and dealing with
procedures: differences of opinion among firm personnel. The
extent of supervision appropriate in a given
a. Recruitment
instance depends on many factors, including the
b. Performance evaluation
complexity of the subject matter and the
c. Capabilities
qualifications of persons performing the work.
d. Competence
e. Career development
232. Review
f. Competence
The work of the members of the audit team
g. Promotion
is important for the success of the engagement.
h. Compensation
Therefore, the firm needs to make sure the good
i. Estimation of personnel needs
quality of each output. This requires proper review
and supervision from the person who has better
experiences and knowledge.
230. Engagement Performance
The firm promotes consistency in the 233. Consultation
quality of the engagement performance through its It includes discussion, at the appropriate
policies and procedures. This is often professional level, with individuals within or outside
accomplished through written or electronic the firm who have specialized expertise, to resolve
manuals, software tools or other forms of standard a difficult or contentious matter.
documentation. Matters addressed may include:
234. Differences of Opinion
a. How engagement teams are briefed on As necessary, the engagement partner
the engagement to obtain informs members of the engagement team that
understanding of the objectives of their they may bring matters involving differences of
work; opinion to the attention of the engagement partner
b. Processes for complying with applicable or others within the firm as appropriate without fear
engagement standards; of reprisals.
c. Processes of engagement supervision,
staff training and coaching; 235. Engagement Quality Control Review
d. Methods of reviewing the work It ordinarily involves discussion with the
performed, the significant judgments engagement partner, a review of the financial
made and the form of report being statements or other subject matter information and
issued; the report, and, in particular, consideration of
AUDITING THEORY
whether the report is appropriate. It also involves a d. The auditor inquires about controls in
review of selected working papers relating to place to mitigate those risks (usually
significant judgments the engagement team made high-risk areas are the main concern)
and the conclusions they reached. e. The auditor tests those controls in place
and subsequently re-assesses the prior
236. Engagement Quality Control Reviewer risk ratings
He or she conducts the review in a timely f. Auditor performs analytical reviews on
manner at appropriate stages during the low risk areas (if adequate, with minimal
engagement so that significant matters may be substantive testing)
promptly resolved to the reviewer’s satisfaction g. Auditor performs analytical reviews on
before the report is issued. medium/high risk areas with intensive
substantive testing.
237. Monitoring
241. Account-Based Audit Approach
Its objective is to provide reasonable
In this audit approach, auditors first obtain
assurance that the policies and procedures relating
an understanding of control and assess control risk
to the system of quality control are relevant,
for particular types of errors and frauds in specific
adequate, operating effectively and complied with
accounts.
in practice. It includes an ongoing consideration
and evaluation of the firm’s system of quality a. Management provides a set of accounts
control including a periodic inspection of a b. Management provides internal control
selection of completed engagements. report (ICR)
c. The auditor proceeds to test each line
238. Documentation item in the Financial Statement, and
Its purpose is to provide evidence of the sample of controls from ICR.
operation of each element of an audit firm’s system
242. Risk
of quality control.
It is the potential for uncontrolled loss of
something of value.
Approaches to Auditing Critical Components of Risk
240. Risk-Based Audit Approach 244. Audit Risk

It is an audit approach that begins with an It refers to the risk that an auditor may give
assessment of the types and likelihood of an unqualified opinion on financial statements that
misstatements in account balance and then adjusts are materially misstated.
the amount and type of audit work, to the likelihood
of material misstatements occurring in account 245. Engagement Risk
balances. It pertains to the economic risk that a CPA
a. The auditor performs an understanding firm is exposed to simply because it is associated
of the business, and assesses the risks with a particular client including loss of reputation,
involved in the industry sector inability of the client to pay the auditor, or financial
(competition, trends, new products on loss because management is not honest and
the market, past client issues) inhibits the audit process. It is controlled by careful
b. Management provides a set of accounts selection and retention of client.
c. The auditor identifies risk areas (low,
medium, high) 246. Financial Reporting Risk
AUDITING THEORY
It is the risk that relate directly to the Phase I-A: Performance of Preliminary
recording of transactions and presentation of Engagement Activities to Decide whether to
financial data in an organization’s financial Accept or Continue an Audit Engagement
statements.
252. Purpose of Performing Preliminary
247. Business Risk Engagement Activities
It refers to the risk that affects the The main purpose of performing preliminary
operations and potential outcomes of engagement activities is to eliminate engagement
organizational activities. risks through the ensuring of the following:
***
a. The auditor maintains necessary
independence and ability to perform
248. Ways to Control Audit Risk
the engagement;
a. Avoid audit risk by not accepting certain b. There are no issues with management
companies as client (i.e., reduce integrity that may affect the auditor’s
engagement risk to zero); and willingness to continue the
b. Set audit risk at a level that the auditor engagement; and
believes will mitigate the likelihood that c. There is no misunderstanding with the
the auditor will fail to identify material client as to the terms of the
misstatements. engagement.
249. Phases of the Risk-Based Audit Process 253. Items to Be Assessed before Accepting an
Engagement
 Phase I: Risk Assessment
Before accepting an engagement with a
o Phase I-A: Performance of
new client, the CPA firm shall assess whether it:
Preliminary Engagement Activities
o Phase I-B: Planning the Audit a. Is competent to perform the
o Phase I-C: Performance of Risk engagement and has the capabilities,
Assessment Procedures including time and resources to do so;
 Phase II: Risk Response b. Can comply with the relevant ethical
o Phase II-A: Designing Overall requirements;
Responses and Further Audit c. Has considered the integrity of the client
Procedures and does not have information that
o Phase II-B: Implementing Responses would lead it to conclude that the client
to Assessed Risk of Material lacks integrity.
Misstatement
 Phase III: Reporting
254. Preconditions for an Audit to Be Established
o Phase III-A: Evaluating the Audit
Evidence Obtained a. Whether the financial reporting
o Phase III-B: Forming an Opinion framework to be applied in the financial
Based on Audit Findings and statements are acceptable; and
Preparing the Auditor’s Report b. Agreement of management that it
acknowledges and understands its
responsibilities.
PHASE I: RISK ASSESSMENT 255. Responsibilities of the Management
AUDITING THEORY
a. For the preparation of financial engagement where there is no

statements in accordance with reasonable justification for doing so.
applicable financial reporting c. If the terms of the audit are changed,
framework; auditor and management shall agree on
b. For the internal control as management and record the new terms of the
determines is necessary to enable the engagement in an engagement letter or
preparation of financial statements that other suitable form of written
are free from material misstatements agreement.
whether due to fraud or error; and
259. Disagreement between the Auditor and
c. To provide the auditor with access to all
Management Regarding a Change in the Terms of
relevant information and persons for
the Audit Engagement
the purpose of the audit.
If the auditor is unable to agree to a change
256. Audit Engagement Letter in the terms of the audit engagement and is not
An engagement letter defines the legal permitted by management to continue the original
relationship (or engagement) between the audit engagement, the auditor shall:
firm and its client(s). This letter states the terms
a. Withdraw from the audit engagement
and conditions of the engagement, principally
where withdrawal is possible under
addressing the scope of the engagement and the
applicable law or regulation; and
terms of compensation for the firm (fees are
b. Determine whether there is any
optional).
obligation, either contractual or
otherwise, to report the circumstances
257. Contents of an Engagement Letter
to other parties, such as those charged
a. The objective and scope of the audit of with governance, owners or regulators.
the financial statements;
Phase I-B: Planning the Audit to Develop an
b. The responsibilities of the auditor;
Overall Audit Strategy and Audit Plan
c. The responsibilities of the management;
d. Identification of the applicable financial
261. Audit Planning
reporting framework for the preparation
It involves the establishment of the overall
of financial statements; and
audit strategy for the engagement and developing
e. Reference to the expected form and
an audit plan, in order to reduce audit risk to an
content of any reports to be issued by
acceptably low level.
the auditor and a statement that there
may be circumstances in which a report
262. Overall Audit Strategy
may differ from its expected form and
It sets the scope, timing and direction of the
content.
audit and guides the development of the more
258. Considerations Relating to Recurring Audits detailed audit plan.
a. The auditor shall assess whether

263. Aspects of Materiality
circumstances require the terms of the
audit engagement to be revised whether a. Quantitative considerations which relate
there is a need to remind the entity of to the peso amount of the error to the
the existing terms of the audit financial statements under examination.
engagement. b. Qualitative considerations which relate
b. The auditor shall not agree to the to the causes of misstatement (e.g.,
change in the terms of the audit attributed to an irregularity or an illegal
AUDITING THEORY
act by the client). In other words, small misstatements exceed materiality for
amounts of misstatement may still be the financial statements as a whole; and
considered material depending on its thus
nature. b. Provide a margin or buffer for possible
undetected misstatements. This buffer
264. Relevance of Materiality in Audit Planning
is between detected but uncorrected
In planning the audit, materiality should be
misstatements in the aggregate and the
considered by the auditor when:
overall or specific materiality.
a. Determining the nature, timing and
269. Planning Materiality
extent of audit procedures;
Auditors make a preliminary assessment of
b. Identifying and assessing the risks of
materiality of the financial statements as a whole
material misstatement; and
by determining the amount by which they believe
c. Determining the nature, timing and
the financial statements could be misstated
extent of further audit.
without affecting users’ decisions. This planning
Levels of Materiality materiality is based on professional judgment and
may change during the engagement if
266. Overall Materiality circumstances change. It is helpful to the auditor in
It refers to the materiality for the financial a way that it allows him or her to plan the
statements as a whole. It is based on the auditor’s appropriate evidence to accumulate. If the auditor
professional judgment as to the highest amount of sets a low peso amount, more evidence is required
misstatements that could be included in the than for a high amount.
financial statements without affecting the
economic decisions taken by a financial statement 270. Relationship between Materiality and Audit
user. Risk
The higher the level of audit risk, the lower
267. Specific Materiality the materiality level can be set to and vice versa
It refers to materiality set for specific (inverse relationship).
aspects of financial information (especially for
sensitive areas such as particular note disclosures,
compliance with legislation or certain terms in a ₱₱₱
contract, or transactions upon which bonuses are
based) which are intended to be lesser in amount
than overall materiality to put more caution in
₱
dealing with said item.
High IR and CR Low IR and CR
268. Performance Materiality Entity Entity
It is set at a lower amount (or amounts)
than overall and specific materiality. The objective In the above illustration, the cylinders refer
is to perform more audit work than would be to the accounting data, the shaded portions to the
required by the overall or a specific materiality to: appropriate level of materiality and the “x” marks to
the misstatements in the financial statements.
a. Ensure that misstatements less than Observe that if the materiality level on the left side
overall or specific materiality are is increased to the same level as the other, more
detected, so as to appropriately reduce misstatements are going to be left undetected. The
the probability that the aggregate of higher the risk, the more thorough the tests should
uncorrected errors and undetected be.
AUDITING THEORY
updated and changed as necessary during the

271. Audit Plan course of the audit.
The audit plan shall include a description of:
275. Documentation
a. The nature, timing and extent of planned
The auditor should document the overall
risk assessment procedures;
audit strategy and the audit plan, including any
b. The nature, timing and extent of planned
significant changes made during the audit
further audit procedures at the assertion
engagement.
level; and
c. Other planned audit procedures that are
276. Additional Considerations in Initial Audit
required to be carried out so the
Engagements
engagement complies with PSAs.
The auditor should perform the following
272. Difference between Overall Audit Strategy activities prior to starting an initial audit:
and Audit Plan
a. Perform procedures regarding the
The overall audit strategy helps the auditor
acceptance of the client relationship
decide on how her or she is going to tackle the
and the specific audit engagement;
audit. That is the big picture. It could be that he or
b. Communicate with the previous auditor
she decides there are no good internal controls. His
in c`ompliance with relevant ethical
or her strategy would then be to not do any test of
requirements; and
controls and concentrate on substantive
c. Expand the planning activities because
procedures. Having decided that, then he or she
the auditor does not ordinarily have
has to plan how he or she will use substantive
previous experience with the entity that
procedures to get sufficient appropriate audit
is considered when planning recurring
evidence.
engagements.
273. Direction, Supervision and Review
The auditor should plan the nature, timing
277. Analytical Procedures
and extent of direction and supervision of
These are auditing procedures that involve
engagement team members and review of their
analysis of relationship between financial and non-
work depending on the following factors:
financial data. These involve investigation of
a. The size and complexity of the entity; identified variances and relationships that seem
b. The area of the audit; inconsistent with each other or with other available
c. The assessed risks of material audit evidence.
misstatement (the higher the risk, the
more extensive are the nature, timing 278. Application of Analytical Procedures in
and extent of direction, supervision and Planning the Audit
review); and When used for planning purposes, analytical
d. The capabilities and competence of the procedures assist the auditors in planning the
individual team members performing nature, timing and extent of audit procedures that
the audit work. will be used for the specific accounts.
274. Changes to Planning Decisions during the 279. Establishment of an Engagement Team or
Course of the Audit Audit Team
Planning an audit is a continual and iterative Factors to be considered in the
process throughout the audit engagement. The establishment of an engagement team:
overall audit strategy and the audit plan should be
AUDITING THEORY
a. Levels of expertise and experience art, mineralogist for the physical characteristics of
b. Qualification to handle audit positions mineral resources, etc.).
(engagement partner, manager, at least
one senior, and one or more staff 283. Use of Client’s Staff
auditors) The auditors may set up the columnar
c. Number of people depends on the size headings for certain working papers and give
and complexity of the audit instructions to the client’s staff as to the
d. Availability of personnel information to be gathered. These working papers
e. Entities in a regulated industry, such as should bear the label “Prepared by Client” or PBC,
banking, requires that the major and also the initials of the auditor who verifies the
members of the audit team have work performed by the client’s staff. Working
necessary knowledge and experience in papers prepared by the client should never be
that industry. accepted at face value; such papers must be
reviewed and tested by the auditors.
280. Consideration of Work Performed by the
Predecessor Auditor
284. Consideration of Work Performed by Internal
Communication with the predecessor
Auditors
auditors can provide the successor CPA with
background information about the client, details a. Internal auditors can enhance internal
about the client’s system of internal control, and control (e.g., review of bank
evidence as to the account balances at the reconciliations), thus reducing the extent
beginning of the year under audit. of substantive testing after the
independent auditor has considered the
281. Consideration of Work Performed by Other degree of subjectivity involved in
Auditors in the Audit of Components evaluating the accumulated audit
evidence.
a. A principal auditor is the auditor with
b. Internal auditors may also assist
responsibility for reporting on the
independent auditors in performing
financial statements of an entity when
specific audit procedures (e.g.,
those financial statements include
observation of client personnel taking
financial information of one or more
the inventory).
components audited by another auditor.
b. Other auditor means an auditor, other 285. Assessment of Going Concern Assumption
than the principal auditor, with Auditors are required to evaluate whether
responsibility for reporting on the substantial doubt exists about an entity’s ability to
financial statements of a component continue as a going concern, based on procedures
which is included in the financial planned and performed to obtain evidence about
statement audited by the principal the management assertions embodied in the
auditor. financial statements. That is, an auditor is not
required to design specific procedures to evaluate
282. Involvement of Experts or Specialists
whether an entity is a going concern.
CPAs may lack the qualifications necessary
to perform certain technical tasks relating to the
286. Identification of Related Parties
audit. A specialist brings unique knowledge and
A related-party transaction is a deal or
judgment in a field other than accounting and
arrangement between two parties who are joined by
auditing (e.g., appraiser for the values of works of
a preexisting business relationship or common
interest. It is important for auditors to identify them
AUDITING THEORY
because they are required to be disclosed in the The following are the contents of the
financial statements if they are material. documentation of the planning process:
a. Audit plans
b. Audit programs
287. Client’s Legal Obligations
c. Time budget
The auditor should review the following:
293. Planning a Repeat Engagement
a. Minutes of directors’ and stockholders’
The auditor should not merely duplicate last
meetings
year’s audit program but should modify his
b. Changes to the articles of incorporation
approach to the audit for any changes in the client’s
or by-laws
operations, internal control structure or business
c. Any significant contracts executed
environment.
during the year
288. Completion of the Initial Audit Program

An audit program is a set of audit Phase I-C: Performance of Risk Assessment
procedures specifically designed for each audit. Procedures to Identify or Assess Risk of Material
The program which includes both substantive tests Misstatement through Understanding the Entity
and tests of controls will enable the auditor to
express an opinion on the financial statements 295. Risk Assessment Procedures
taken as a whole. These are procedures conducted to obtain
an understanding of the entity and its environment,
289. Preparation of a Time Budget including its internal control to assess the risk of
A time budget is an estimate of the total material misstatements thereafter.
hours an audit is expected to take.
Types of Risk Assessment Procedures
290. Assignment of Personnel to the Engagement
Staffing is important for the continuity of the 297. Inquiry
CPA firm’s operation from year to year. Also, the It consists of seeking information of
immersion, familiarity with the technical knowledgeable persons, both financial and non-
requirements and specialization of the audit financial, inside or outside the entity. For example,
personnel are to be considered. the auditor may consider inquiring from the
following:
291. Scheduling of Work
Performing audit work during the interim a. Entity’s external legal counsel
period has numerous advantages in addition to b. Valuation experts
facilitating the timely release of the audited c. Analysts, banks or rating agencies
financial statements. However, this results in d. Those charged with governance
additional risk that must be controlled by the e. Internal audit personnel
auditor. Significant errors or irregularities could f. Employees involved in initiating,
arise in the accounts during the remaining period processing or recording complex or
between the time that the interim test was unusual transactions
performed and the statement of financial position g. In-house legal counsel
date. h. Marketing or sales personnel
292. Documentation of Audit Plan/Audit Program

298. Application of Analytical Procedures
AUDITING THEORY
For example, the auditor reviews the current b. Supplier and customer relationships
ratio over several reporting periods. This c. Barriers to entry
comparison of current assets to current liabilities d. Strength of competitors
should be about the same over time, unless the e. Bargaining power of suppliers of raw
entity has altered its policies related to accounts materials and labor
receivable, inventory, or accounts payable. This is a f. Bargaining power of customers
form of ratio analysis. (See no. for definition.)
305. Regulatory Environment
299. Observation a. Governmental regulations
Observation is one of the audit procedures b. Legal and political environment
that auditors use to obtain an understanding and
gather audit evidence mainly to the real process or 306. Other External Factors
the ways how clients have done some specific a. Economic conditions
business processes. b. Financial trends
c. Changes in technology
d. Widely used accounting methods
300. Inspection 307. Applicable Financial Reporting Framework

Inspection refers to verification or vouching It may be identified through any of the
of documents. The auditor may inspect documents, following (usually in order of hierarchy):
records and internal control manuals. Moreover, a. Legislative and regulatory requirements;
reading interim financial statements, quarterly b. Jurisdiction in which the entity is
management report and minutes of the board of registered or operates
directors’ meetings may also form part of the c. local practice, industry practice, user
inspection procedures done by an auditor. needs or other factors.
***
308. Nature of the Entity
301. Walk-through Test An understanding of the nature of an entity
A walk-through test traces a transaction enables the auditor to understand the classes of
step-by-step through the accounting system from transactions, account balances, and disclosures to
its inception to the final disposition (requires both be expected in the financial statements.
observation and inspection).
309. Objectives and Strategies Related to
302. Use of Information about the Entity and Its Business Risk
Environment Obtained in Prior Periods Business risks result from significant
When the auditor intends to use information conditions, events, circumstances, actions or
about the entity and its environment obtained in inactions that could adversely affect the entity’s
prior periods, the auditor should determine whether ability to achieve its objectives and execute its
changes have occurred that may affect the strategies, or through the setting of inappropriate
relevance of such information in the current audit. objectives and strategies.
Aspects of the Entity and Its Environment to Be 310. Measurement and Review of the Entity’s
Understood by the Auditor Financial Performance
Performance measures, whether external or
304. Industry Conditions internal, create pressures on the entity that, in turn,
may motivate management to take action to
a. Competitive environment
AUDITING THEORY
improve the business performance or to misstate 315. Audit Risk Model

the financial statements. It is a tool used by auditors to understand
the relationship between various risks arising from
311. Understanding the Client’s Internal Control an audit engagement enabling them to mange the
Before auditors can evaluate the overall audit risk.
effectiveness of internal control, they need a
knowledge and understanding of how it works; Audit Risk = Inherent Risk × Control Risk ×
what controls exist and who performs them, how Detection Risk
various types of transactions are processed and
recorded, and what accounting records and
supporting documentation exist,
***
Components of Audit Risk
312. Identifying and Assessing the Risk of Material
Misstatement 317. Inherent Risk
The auditor should identify and assess the It is the susceptibility of an account balance
risks of material misstatement at the financial or class of transactions to misstatement that could
statement level, and at the assertion level for be material, individually or when aggregated with
classes of transactions, account balances and misstatements in other balances or classes,
disclosures. assuming there are no related internal controls.
313. Material Weakness in Internal Control 318. Control Risk

The auditor shall communicate material It is the risk that a misstatement, that could
weaknesses in internal control identified during the occur in an account balance or class of
audit on a timely basis to management at an transactions and that could be material individually
appropriate level of responsibility, and with those or when aggregated with misstatements in other
charged with governance (unless all of those balances or classes, will not be prevented or
charged with governance are involved in the detected and corrected on a timely basis by the
managing entity). accounting and internal control systems.
314. Documentation 319. Detection Risk

The auditor should document: It is the risk that an auditor’s substantive
procedures will not detect a misstatement that
a. The discussion among the engagement
exists in an account balance or class of
team regarding the susceptibility of the
transactions that could be material, individually or
entity’s financial statements to material
when aggregated with misstatements in other
misstatement due to error or fraud, and
balances or classes.
the significant decisions reached;
b. Key elements of the understanding
320. Relationship between the Risks of Material
obtained regarding each of the aspects
Misstatement and Detection Risk
of the entity and its environment;
The higher the assessed degree of risks of
c. The identified and assessed risks of
material misstatement, the lower detection risk
material misstatement (inherent risk and
must be allowed (inverse relationship) to maintain
control risk) at the financial statement
the desired level of audit risk.
level and at the assertion level; and
d. The risks identified and related controls
evaluated.
AUDITING THEORY
321. Assessment of Inherent Risk at the Financial This shall be reached when:
Statement Level
a. the entity’s accounting and internal
a. The integrity of management control systems are not effective; or
b. Management experience and knowledge b. evaluating the effectiveness of the
and changes in management during the entity’s accounting and internal control
period (e.g., inexperience of systems would not be efficient.
management)
325. Assessment of Control Risk at Less than High
c. Unusual pressures on management
Level
(e.g., industry experiencing a large
This shall be reached when the auditor:
number of business failures)
a. is able to identify internal controls
d. The nature of the entity’s business (e.g.,
relevant to the assertion which are likely to
potential for technological
prevent or detect, and correct a material
obsolescence of its products and
misstatement; and
services)
b. plans to perform tests of control to
e. Factors affecting the industry in which
support the assessment.
the entity operates (e.g., economic and
competitive conditions as identified by
326. Substantive Procedures
financial trends and ratios)
These are those activities performed by the
322. Assessment of Inherent Risk at the Account auditor to detect material misstatements or fraud
Balance and Class of Transaction Level at the assertion level.
a. Financial statement accounts likely to

be susceptible to misstatement (e.g.,
327. Relationship between the Nature, Timing and
inventories, related party transactions,
Extent of Substantive Procedures and Detection
intangibles, etc.)
Risk
b. The complexity of underlying
The lower the allowable detection risk there
transactions and other events which
is, the more extensive substantive procedures
might require using the work of an
should be performed (nature – more effective,
expert
timing – year end instead of interim, extent – larger
c. The degree of judgment involved in
sample size).
determining account balances
d. Susceptibility of assets to loss or
328. Summary of the Interrelationship of the
misappropriation (e.g., cash)
Components of Audit Risk
e. The completion of unusual and complex
transactions particularly at or near Control Risk Assessment
period end
High Med Low
f. Transactions not subjected to ordinary
processing Inherent High Lowest Lower Med
323. Preliminary Assessment of Control Risk Risk
Med Lower Med Higher
It is the process of evaluating the Assessme
effectiveness of an entity’s accounting and internal nt Low Med Higher Highes
control systems in preventing or detecting, and t
correcting material misstatements.
*The 3 x 3 group of cells located in the lower right
refer to detection risk.
324. Assessment of Control Risk at a High Level
AUDITING THEORY
c. Participation by those charged with

governance
329. Internal Control d. Management’s philosophy and
It is a process designed and effected by operating style
those charged with governance, management and e. Organizational structure
other personnel to provide reasonable assurance f. Assignment of authority and
about the achievement of the entity’s objectives responsibility
with regard to the reliability of financial reporting, g. Human resources policies and
effectiveness and efficiency of operations and procedures
compliance with applicable laws and regulations.
335. Entity’s Risk Assessment Process
330. Internal Control System Risk assessment is the identification,
It refers to all policies and procedures analysis and management of risks pertaining to the
(internal controls) adopted by the management of preparation of financial statements.
an entity to assist in achieving management’s
objective of ensuring, as far as practicable, the 336. Sources of Risks due to Change
orderly and efficient conduct of its business.
a. Changes in operating environment
331. Objectives of Internal Control b. New personnel
c. New or revamped information systems
a. Reliability of the entity’s financial d. Rapid growth
reporting e. New technology
b. Effectiveness and efficiency of f. New business models, products or
operations activities
c. Compliance with applicable laws and g. Corporate restructurings
regulations h. Expanded foreign operations
332. Elements of Internal Control i. New accounting pronouncements
a. Control Environment 337. Information System

b. Entity’s Risk Assessment Process It consists of infrastructure (physical and
c. Information System and Related hardware components), software, people,
Business Processes procedures and data.
d. Control Activities
e. Monitoring of Controls 338. Objectives of Information System Relevant to
Financial Reporting
333. Control Environment
It refers to the overall attitude, awareness a. Initiate, record, process and report entity
and actions of directors and management transactions (as well as events and
regarding the internal control systems and its conditions) and to maintain
importance in the entity. accountability for the related assets,
liabilities and equity;
334. Factors Comprising the Control Environment b. Resolve incorrect processing of
transactions (e.g., automated suspense
a. Communication and enforcement of files and procedures followed to clear
integrity and ethical values suspense items out on a timely basis);
b. Commitment to competence c. Process and account for system
overrides or bypasses of controls;
AUDITING THEORY
d. Transfer information from transaction These are the policies and procedures that
processing systems to the general help ensure that management directives are carried
ledger; out.
e. Capture information relevant to financial
reporting for events and conditions Major Categories of Internal Control Procedures
other than transactions, such as the
depreciation and amortization of assets 343. Performance Review
and changes in the recoverability of In a performance review, management uses
accounts receivables; and accounting and operating data to assess
f. Ensure information required to be performance, and it then takes corrective action.
disclosed by the applicable financial
a. Comparing actual performance (or
reporting framework is accumulated,
operating results) with budgets,
recorded, processed, summarized and
forecasts, prior period performance, or
appropriately reported in the financial
competitors’ data to measure the extent
statements.
to which targets are being met;
339. Business Processes b. Investigating performance indicators
An entity’s business processes are the based on operating or financial data,
activities designed to develop, purchase, produce, such as quantity or purchase price
sell and distribute an entity’s products and services; variances or the percentage of returns
ensure compliance with laws and regulations; and to total orders; and
record information, including accounting and c. Reviewing functional or activity
financial reporting information. performance, such as the performance
of manager responsible for a bank’s
340. Objectives of Business Processes Relevant to consumer loans with some standard,
Financial Reporting such as economic statistics or targets.
a. Identify and record all valid transactions. 344. Information Processing Controls
b. Describe on a timely basis the These are policies and procedures designed
transactions in sufficient detail to permit to require authorization of transactions and to
proper classification of transactions for ensure the accuracy and completeness of
financial reporting. transaction processing.
c. Measure the value of transactions in a
a. Proper authorization of transactions and
manner that permits recording their
activities
proper monetary value in the financial
b. Segregation of duties
statements.
c. Adequate documents and records
d. Determine the time period in which
d. Regulated access to assets
transactions occurred to permit
e. Independent checks on performance
recording of transactions in the proper
accounting period. 345. Physical Controls
e. Present properly the transactions and a. The physical security of assets, including
related disclosures in the financial adequate safeguards such as secured
statements. facilities over access to assets and records;
b. The authorization for access to computer
341. Control Activities
programs and data files; and
c. The periodic counting and comparison
with amounts shown on control records.
AUDITING THEORY
*** Procedures that ensure that a proper price

is charged and that mathematical accuracy are
present in recording and in developing the
accounting records and the financial statement
346. Monitoring of Controls (e.g., use of price list).
It is the process that an entity uses to
assess the quality of internal control over time. It 355. Presentation and Disclosure
involves assessing the design and operation of Procedures that indicate that a review has
controls on a timely basis and taking corrective been made to ascertain that a transaction has been
action as necessary. recorded in the proper account and that financial
statement disclosures have been reviewed by
347. Objective of the Study of Internal Control competent personnel (e.g., chief accountant).
The whole point of studying internal control ***
is to reasonably asses control risk. The auditor
must consider the design of controls, whether they
have been placed in operation, and, if they are in 356. Documentation of Understanding of Internal
use, their effectiveness. Control
a. Internal Accounting Control

348. Design of Controls
Questionnaire
It refers to the controls that have been
b. Flowcharts
established.
c. Narrative Description
d. Internal Control Checklist
349. Effectiveness of Controls
e. Decision Tables
It refers to how the controls actually
function. 357. Summary of Internal Control Documentation
Requirements
Types of Control Activities that Relate to Financial
Statement Assertions Assessed
Below the
Level of Maximum
Maximum
351. Existence/Occurrence Control Risk
Procedures that require documentation, Document
approvals, authorization, verification and Understanding
reconciliations. of Internal
Control Yes Yes
352. Completeness Obtained to
Procedures that ensure that all transaction Plan the
that occur are recorded such as accounting for a Audit?
numerical sequence of documents. Document
Assessed
Yes No
353. Rights and Obligations Level of
Procedures that ensure that the entity has a Control Risk?
right to assets or an obligation to pay arising from Document the
the transaction (e.g., issuance of sales invoice and Basis for the
No Yes
keeping of acknowledged delivery receipt). Control Risk
Assessment?
354. Valuation or Measurement
AUDITING THEORY
358. Implications of Assessment of Control Risk at 362. Tests of Controls

Maximum Level These are performed to obtain audit
If the controls are initially not considered evidence about the effectiveness of the (1) design
effective or not cost efficient: of the accounting and internal control systems, that
is, whether they are suitably designed to prevent or
a. Assess control risk at maximum (100%).
detect and correct material misstatements; and (2)
b. Set acceptable risk of overreliance on
operation of the internal controls throughout the
internal control at maximum (100%).
period.
c. Perform no tests of controls.
d. Use low risk of incorrect acceptance
363. Relationship Between the Assessed Level of
(decrease detection risk).
Control Risk and the Extent of Test of Control
e. Perform extensive substantive testing.
Required
359. Ways of Performing Extensive Substantive The lower the assessment of control risk,
Testing the more support the auditor should obtain that
accounting and internal control systems are
a. Nature – Using more effective suitably designed and operating effectively.
substantive tests (more persuasive).
b. Timing – Performing substantive tests
at year end. 364. Determining the Necessary Level of Detection
c. Extent – Increasing the extent of Risk
substantive tests by selecting a larger The higher the assessment of inherent and
sample size. control risk, the more audit evidence the auditor
should obtain from the performance of substantive
procedures; thus, reducing detection risk, and
360. Implications of Assessment of Control Risk at therefore audit risk, to an acceptably low level.
Below the Maximum Level
If the controls are initially considered 365. Reportable Conditions
effective: Specifically, these are matters coming to the
auditor’s attention that, in his judgment, should be
a. Reduce control risk. communicated to the audit committee because
b. Reduce acceptable risk of overreliance they represent significant deficiencies in the design
on internal control. or operation of the internal control structure, which
c. Perform test of controls. could adversely affect the organization’s ability to
d. Increase acceptable risk of incorrect record, process, summarize, and report financial
acceptance (increase detection risk). data consistent with the assertions of management
e. Reduce planned substantive tests. in the financial statements. Examples:
361. Ways of Reducing Planned Substantive Tests a. Deficiencies in internal control structure
a. Nature – Using less persuasive (less design
effective) substantive tests b. Failures in the operation of the internal
b. Timing – Performing substantive tests control structure
at interim date 366. Form and Content of Report on Conditions
c. Extent – Decreasing the extent of
substantive test by selecting a smaller a. Preferably in writing.
sample size b. If communicated orally, the auditor
should document the communication by
AUDITING THEORY
appropriate memoranda or notations in from which the financial statements are

the working papers. prepared;
c. Should be able to meet the following: b. Misrepresentation in, or intentional
 Indicate that the purpose of the omission from, the financial statements
audit was to report on the financial of events, transactions or other
statements and not to provide significant information; and
assurance on the internal control c. Intentional misapplication of accounting
structure; principles relating to amounts,
 Include the definition of reportable classification, manner of presentation or
conditions; and disclosure.
 Include the restriction on
distribution: The report should state 370. Misappropriation of Assets (Employee Fraud)
that the communication is intended It occurs when an employee knowingly lies,
solely for the information and the deceives or steals from a company with the intent
use of the audit committee, to obtain benefits or compensation of some type.
management, and others within the The following are some examples:
organization. a. Embezzling receipts;
b. Stealing physical assets or intellectual
property;
c. Causing an entity to pay for goods or
services not received; and
d. Using an entity’s assets for personal
use.
367. Causes of Misstatements in the Financial
***
Statements
a. Fraud 371. Factors Contributing to Commitment of Fraud

b. Error a. Incentive or pressure to commit fraud
b. Perceived opportunity to do so
367. Fraud
c. Rationalization of the act
Fraud, in the context of auditing and
financial reporting, is the intentional or reckless
372. Responsibility for the Prevention and
conduct, acts or emissions that result in material
Detection of Fraud
misstatements in the financial statements.
The primary responsibility for the prevention
and detection of fraud rests with both those
Forms of Fraud
charged with governance of the entity and
management.
369. Fraudulent Financial Reporting (Management
Fraud)
373. Responsibilities of the Auditor
It occurs when there is an intentional
An auditor conducting an audit in
misstatement of amounts or disclosures in the
accordance with PSAs is responsible for obtaining
financial statements with the intent to deceive
reasonable assurance that the financial statements
users of those statements. The following are some
taken as a while are free from material
examples:
misstatement, whether caused by fraud or error.
a. Manipulation, falsification (including
forgery) or alteration of accounting
374. Risk Assessment
records or supporting documentation
AUDITING THEORY
In planning the audit, the auditor should business. For a deeper understanding, it is
assess the risk that fraud and error may cause the recommended that you read about some examples
financial statements or contain material of fraud risk factors in your textbook.
misstatements and should inquire of management
as to any fraud or significant error which has been Some Methods Used in Misappropriation of Assets
discovered.
380. Skimming
375. Detection This refers to the act of taking cash “off the
Based on the risk assessment, the auditor top” of the daily receipts (including receipt for
should design audit procedures to obtain receivable A) of a business without recording them
reasonable assurance that misstatements arising and officially reporting a lower total collection.
from fraud and error that are material to the Examples are:
financial statements taken as a whole are detected. a. When a cashier in a retail store does not
Consequently, the auditor seeks sufficient ring up a transaction and takes the cash; and
appropriate evidence that fraud and error which b. When an employee who has access to
may be material to the financial statements have cash receipts maintains accounts receivable
not occurred or that, if they have occurred, the records can record a sale at an amount lower than
effect of fraud is properly reflected in the financial the invoice amount. When the customer pays, the
statements or the error is corrected. employee takes the difference between the invoice
and the amount recorded as receivable.
376. Likelihood of Detecting Fraud and Error
The likelihood of detecting errors ordinarily 381. Lapping
is higher than that of detecting fraud, since fraud is This technique is used to conceal the fact
ordinarily accompanied by acts specifically that cash has been collected; the shortage in one
designed to conceal its existence. customer’s account is covered with a subsequent
payment made by another customer.
377. Inherent Limitations of an Audit
An audit is subject to the unavoidable risk 382. Kiting
that some material misstatement of the financial It involves counting the cash twice by using
statements will not be detected, even though the the float in the banking system.
audit is properly planned and performed in ***
accordance with PSA. The following are some
helpful points for further understanding: 383. Float
a. Fraud ordinarily involves acts designed It is the gap between the time the check is
to conceal it (e.g., collusion, forgery, deposited or added to an account and the time the
deliberate failure to record transactions, check clears or is deducted from the account it was
or intentional misrepresentations being written on.
made to the auditor).
b. Certain levels of management may be in
a position to override controls that
would prevent similar frauds by other 384. Error
employees. An accounting error is a non-fraudulent and
unintentional discrepancy in financial
378. Fraud Risk Factors documentation. Types of accounting errors include:
These are the factors that make it more
a. Error of omission – a transaction is not
likely that fraud will occur is occurring in a
recorded.
AUDITING THEORY
b. Error of commission – a transaction that 388. Reporting of Fraud and Error to Regulatory
is calculated incorrectly. and Enforcement Authorities
c. Error of principle – a transaction that is The auditor’s duty of confidentiality would
treated not in accordance with generally ordinarily preclude reporting fraud or error to a third
accepted accounting principles (GAAP). party. However, in certain circumstances, the duty
of confidentiality is overridden by statute, law or by
385. Procedures When Errors or Irregularities are
courts of law (e.g., BSP requirements for external
Suspected
auditors of banks).
When an auditor detects factors that
increase audit risk at the financial statement level,
389. Documentation
he or she should respond to such elevated risk by
This shall include:
altering the:
a. The significant decisions reached during
a. Engagement staffing (i.e., assigning
the discussion among the members of
more experienced personnel),
the engagement team regarding the
b. Extent of staff supervision,
susceptibility of the entity’s financial
c. Degree of professional skepticism,
statements to material misstatement
and/or
due to fraud; and
d. Overall strategy for the expected
b. The identified and assessed risks of
conduct and scope of the engagement.
material misstatement due to fraud at
386. Reporting of Fraud and Error Fraud to the financial statement level and
Management assertion level.
The auditor should communicate factual
390. Withdrawal from the Engagement
findings to management as soon as practicable if
If, as a result of a misstatement resulting
the auditor suspects fraud may exist, even if the
from fraud or suspected fraud, the auditor
potential effect in the financial statements would
encounters exceptional circumstances that bring
be immaterial, or fraud or significant error is
into question the auditor’s ability to continue
actually found to exist.
performing the audit, the auditor shall:
In most cases involving fraud, it would be
appropriate to report the matter to a level in the a. Determine if there is a legal
organization structure of the entity above and responsibility to report the matter to the
responsible for the persons believed to be person or persons who made the audit
implicated. When those persons ultimately appointment or, in some cases, to
responsible for the overall direction of the entity are regulatory authorities;
doubted, the auditor would ordinarily seek legal b. Consider whether it is appropriate to
advice to assist in the determination of procedures withdraw from the engagement, where
to follow. withdrawal from the engagement is
legally permitted; and
387. Reporting of Fraud or Error to Users of the c. If the auditor withdraws, discuss with
Auditor’s Report on the Financial Statements the following the auditor’s withdrawal
The findings regarding fraud or error shall and the reasons for the withdrawal:
be reflected and expressed in the auditor’s opinion  Appropriate level of management
if such were left uncorrected and unadjusted or the and those charged with governance;
auditor is precluded by the entity from obtaining and/or
sufficient appropriate evidence.  If there is a legal requirement,
Person or persons who made the
AUDITING THEORY
appointment or, in some cases, to 393. Corporate Governance

regulatory authorities. It is the system by which business
corporations are directed and controlled. It is the
391. Management Representations Regarding
process by which the owners and creditors of an
Internal Control
organization exert control and require
The auditor shall obtain written
accountability of the resources entrusted to the
representations from management that:
organization.
a. It acknowledges its responsibility for the
design, implementation and 394. Aspects of Business Where Accountability is
maintenance of internal control to Required by Owners
prevent and detect fraud;
a. Financial performance
b. It has disclosed to the auditor the
b. Financial transparency
results of its assessment of the risk that
c. Stewardship and protection of
the financial statements may be
resources
materially misstated as a result of fraud;
d. Quality of internal controls
c. It has disclosed to the auditor its
e. Composition of the board of directors
knowledge of fraud or suspected fraud
and the nature of its activities
affecting the entity involving:
f. Management incentive systems being
 Management;
aligned with the stockholders’ best
 Employees who have significant
interests
roles in internal control; or
 Others where the fraud could have a Parties Involved in Corporate Governance
material effect in the financial
statements; and 396. Stockholders
d. It has disclosed to the auditor its They provide effective oversight through
knowledge of any allegations of fraud, or election of board members, approval of major
suspected, affecting the financial initiatives such as buying or selling stocks and
statements communicated by annual reports on management compensation from
employees, former employees, analysts, the board.
regulators or others.
397. Board of Directors
392. Client’s Illegal Acts
It is the major representative of
Determination of the legality or illegality of
stockholders to ensure that the organization is ran
specific client acts is normally beyond the scope of
according to the organization’s charter and that
an independent auditor’s professional competence
there is proper accountability. Some of the specific
and generally should be left to the lawyers. The
activities of the board are:
auditor however should be alert throughout their
audit for information that raises a question a. selecting management,
regarding the possibility of illegal acts. b. reviewing management performance
If the auditors have knowledge of dishonest and determining compensation,
or clearly illegal activity by the client, they should c. declaring dividends,
attempt to assess the impact of the actions on the d. approving major changes such as
financial statements. A legal counsel or specialist mergers, approving corporate strategy,
may have to be consulted. and
e. overseeing accountability activities.
AUDITING THEORY
398. Management 401. Securities and Exchange Commission

It is responsible for the operations (ensuring (Regulator)
that the organization is managed effectively) and Its role is to ensure the accuracy, timeliness
accountability (providing accurate and timely and fairness of public reporting of financial and
accountability to shareholders and other other information for public companies.
stakeholders. Some of the specific activities of the
management are: 402. External Auditors
They perform audits of company financial
a. Formulating strategy and risk
statements to ensure that the statements are free
management,
of material misstatements including
b. Implementing effective internal
misstatements that may be due to fraud.
controls,
c. Developing financial and other reports
403. Internal Auditors
to meet public, stakeholder and
They perform audits of companies for
regulatory requirements,
compliance with company policies and laws, audits
d. Managing and reviewing operations,
to evaluate the efficiency of operations, and
and
periodic evaluation and tests of controls.
e. Implementing an effective ethical
environment.
399. Audit Committees of the Board of Directors Major Corporate Governance Failures Resulting to
They provide oversight of the internal and Financial Reporting Frauds
external audit and the process of preparing the
annual financial statements and public reports on 405. Enron
internal control. Some of their specific activities Covered up financial problems by:
are:
a. Shifting debts to off-statement of
a. Selecting the external audit firm, financial position entities (see no. for
b. Approving any non-audit work further information);
performed by the audit firm, b. Recognizing revenue on impaired assets
c. Selecting and/or approving the by selling them to special-purpose
appointment of the Chief Audit entities that they controlled;
Executive (Internal Auditor), c. Engaging in round-tripping trades (see
d. Reviewing and approving the scope and no. for further information); and
budget of the internal audit function, and d. Numerous other related party
e. Discussing audit findings with internal transactions.
auditor and external auditor and
406. WorldCom
advising the board (and management)
Decreased expenses and increased
on specific actions that should be taken.
revenues through the following:
400. Board of Accountancy (Regulator)
a. Recorded bartered transactions as sales
It is responsible for the setting of:
(e.g., trading the right to use
a. Accounting and auditing standards telecommunication lines in one part of
dictating underlying financial reporting the world to similar rights to another
and auditing concepts; and part of the world);
b. Setting the expectations for audit and b. Used restructuring reserves established
accounting quality. through acquisitions to decrease
AUDITING THEORY
expenses (i.e., over accrued reserves

upon acquiring a company and later 411. Dell
“releasing” those reserves to decrease Misstated operated earnings by
expenses of future periods; and categorizing a rebate from Intel to Dell if Dell
c. Capitalizing telecommunication line promised not to buy chips from a competitor. Net
costs (e.g., rentals paid to other phone income was not misstated, but operating earnings
companies). were misstated by a material amount.
***
407. Lucent
Enhanced quarterly revenues by “channel
412. Off-Statement of Financial Position Entities
stuffing” which involves increasing sales at the end
Off-balance-sheet entities are assets or
of the quarter at amounts greater than customers
debts that do not appear on a company's balance
could actually take. Customers were informally
sheet. In a clean and clear example, a parent
given a very large “grace” period in which they
company can set up a subsidiary company and spin
could pay for the goods, or return the goods.
it off by selling a controlling interest (or the entire
company) to investors. Such a sale generates
408. Parmalat
profits for the parent company from the sale,
Company siphoned cash off of subsidiaries
transfers the risk of the new business failing to the
through complex scheme that:
investors and lets the parent company remove the
a. Overstated cash and included the false subsidiary from its balance sheet.
recording of cash ostensibly held at Too often, however, off–balance-sheet
major banks; and entities are used to artificially inflate profits and
b. Understated debt by entering into make firms look more financially secure than they
complex transactions with off-shore actually are. The parent company lists proceeds
subsidiaries in tax-haven places such as from the sale of these items as assets but does not
the Caribbean. list the financial obligations that come with them as
liabilities.
409. HealthSouth
Recorded fictitious revenue across its 250
clinics and hospitals. Some of the billings actually 413. Round-Tripping Trades
went to the government for Medicare These are trades where the assets sold are
reimbursement. A wide variety of schemes were found returning to the original owner (e.g., Enron)
used including: after initially recognizing sales and profits.
a. Billing group psychiatric sessions as
individual sessions (i.e., with ten people Why the Auditing Profession was Partly Blamed for
in a group the company billed for ten the Recent Corporate Failures
individual sessions instead of one group
session); and 415. Arthur Levitt
b. Using adjusting journal entries to both “Auditors are the public watchdogs in the
reduce expenses and enhance revenues. financial reporting process. We rely on auditors to
put something like the good housekeeping of
410. Adecco approval on the information investors receive. The
Overstated revenue by holding the books integrity of that information must take priority.”
open for 20-35 days after the end of the year to
record sales from the subsequent period as current 416. Arthur Wyatt
period sales.
AUDITING THEORY
“Practicing professionals should place the a. Lay solid foundations for management
public interest above the interests of clients, and oversight;
particularly in a process designed to develop b. Structure the board to add value;
standards expected to achieve fair presentation… c. Promote ethical and responsible
Unfortunately, the auditor is often a participant in decision-making;
aggressively seeking loopholes.” d. Safeguard integrity and financial
*** reporting;
e. Make timely and balanced disclosure
417. Relationship Between Corporate Governance f. Respect the rights of shareholders
and Risk to the Auditor g. Recognize and manage risk
Good governance is important to the h. Encourage enhanced performance
conduct of an audit for one very simple reason: i. Recognize the legitimate interest of
companies with good corporate governance are stakeholders
less risky to audit.
Many audit firms are not willing to accept
potential audit clients unless the clients PHASE II: RISK RESPONSE
demonstrate a strong commitment to good
corporate governance. Phase II-A: Designing Overall Responses and
Further Audit Procedures to Develop Appropriate
418. Relationship Between Corporate Governance Responses to the Assessed Risk of Material
and Non-Audit Services Misstatement
Regarding this, governance issues remain
important in accepting those non-audit clients 423. Objective of Risk Response Phase
especially for internal audit work. It is to obtain sufficient appropriate
evidence to reduce audit risk to an acceptably low
419. Importance of the Audit Committee level.
One of the characteristics of good and
effective corporate governance is the creation of an 424. Overall Responses
audit committee which will oversee the accounting These include:
and financial processing of the company and the
financial statements audit. Here is a summary of a. Professional skepticism
the oversight of the audit committee: b. Level of staff assigned
c. Ongoing staff supervision
a. Financial reporting processes d. Evaluate accounting policies
 Financial reporting e. Nature / timing / extent and
 Internal controls over financial unpredictability of planned procedures
reporting f. Other further procedures
b. Management of credit, market liquidity,
operation, legal and other risk 425. Further Audit Procedures
management activities Audit procedures are the methods or acts
c. Audit functions that auditors use to gather evidence to determine
 External auditors the validity of financial statement assertions. The
 Internal auditors types of audit procedures are categorized as
follows:
420. Summary of Principles of Good Corporate
Governance and Best Practice Recommendations a. Test of controls (see no. 362 for further
information)
AUDITING THEORY
b. Substantive procedures (see no. 326 for b. Tests of balances

further information)
432. Analytical Review Procedures
426. Purpose of Application of Audit Procedures Analytical types of tests involve study and
The auditor applies tests of control or comparison of relationships among accounting
compliance tests when the purpose is to see data and related information. They identify unusual
whether prescribed accounting control procedures fluctuations for investigation and focus on the
are being followed. This evaluation identifies the rationale of relationship.
control procedures that can be relied on in Auditing standards require the application
performing restricted substantive tests. of analytical procedures at the planning and overall
Substantive tests are applied when the final review stages of audits. The auditors may also
auditor’s purpose is to see whether the peso decide to use them during the audit as substantive
amount of an account is properly stated. Thus, tests to provide evidence as to the reasonableness
there is relationship between the amount of of the specific account balances. For related
reliance and the amount of additional work that will information, see no. 277.
be needed. ***
Types of Compliance Tests 433. Tests of Transactions

These are tests of the processing of
428. No Trail individual transactions by inspection of the
This type does not leave a visible trail in the documents and accounting records involved in
supporting documents of the performance of processing.
control procedures by the client’s employee. For
instance, the auditor makes inquiries and 434. Tests of Balances
observation of office personnel and routines to These are tests applied directly to the
determine how control procedures are performed details of balances in general ledger accounts.
and who performed them.
435. Common Analytical Procedures
429. Documentary Trail
a. Comparison of current financial
This type leaves a visible trail in the
information from prior periods (e.g.,
supporting documents. Hence, the auditor inspects
compare inventory levels for the current
the documents supporting a particular type of
year and the of prior years)
transaction to whether a control procedure, such as
b. Comparison of current financial
approval or other checking, was performed and
information with anticipated data (e.g.,
who performed it as indicated by signatures or
compare research and development
initials.
expense to the budgeted amount)
c. Comparison of current financial
Types of Substantive Tests
information with known or predictable
relationships (e.g., compare interest
431. Tests of Details
expense to the average outstanding
This type of substantive test involves
balance of interest-bearing debt)
obtaining evidential matter on the items (or details)
d. Comparison of current financial
involved in an account balance or class of
information with industry information
transactions. Tests of details are also referred to as
(e.g., compare client’s gross profit
follows:
percentage to published industry
a. Tests of transactions averages)
AUDITING THEORY
e. Comparison of current financial orders, receiving reports), titles,

information with current nonfinancial contracts and other documentary
information (e.g., compare production materials (to verify the validity and
records in units to sales) propriety of accounting treatment of
transactions and account balances and
compliance with internal control)
b. Assertion substantiated – occurrence.
436. Audit Techniques
Measurement
These are the basic tools or means
employed to obtain audit evidences. The 442. Observe, Test and Verify
application of these techniques constitutes the
a. Application – observing the taking of
audit procedures.
physical inventories by client personnel;
of actual operation of internal control (to
Common Audit Techniques
determine compliance with prescribed
procedures)
438. Count
b. Assertion substantiated – existence
a. Application – counting of inventory,
443. Extend and Foot
cash, securities, unmatured promissory
notes (to establish existence and where a. Application – rechecking clerical
applicable, ownership and condition of determinations by client (to verify the
assets) accuracy of computations and transfer
b. Assertion substantiated – physical of information made by client)
existence b. Assertion substantiated –
measurement
439. Confirm
444. Compare and Trace
a. Application – obtaining information
directly of details of account balances a. Application – comparing current period
(to verify validity and accuracy of account balances or operating data with
account balances and other information similar information for prior periods and
with outside parties) investigation of unusual data
b. Assertion substantiated – existence, relationship (to disclose and determine
rights and obligations the reasons for significant changes)
b. Assertion substantiated – completeness
440. Inquire
***
a. Application – obtaining client’s
representation letter; explanations to 445. Assertions in the Audit of Financial
many diverse questions raised during Statements
the audit (to obtain knowledge) These are the implicit or explicit claims and
b. Assertion substantiated – representations made by the management
completeness responsible for the preparation of financial
statements regarding the appropriateness of the
441. Examine, Inspect, Review, Trace, Verify and
various elements of financial statements and
Vouch
disclosures.
a. Application – examining (or vouching)
paid checks, vendor’s invoices, approved Types of Financial Statement Assertions Relating
client documents (vouchers, purchase to Classes of Transactions
AUDITING THEORY
Types of Financial Statement Assertions Relating

446. Occurrence to Assets, Liabilities and Equity Balances at the
Transactions recognized in the financial Period End
statements have occurred and relate to the entity.
Example: Salaries and wages expense has 452. Existence
been incurred during the period in respect of the Assets, liabilities and equity balances exist
personnel employed by the entity. at the period end.
Example: Inventory recognized in the
447. Completeness statement of financial position exists at the period
All transactions that were supposed to be end.
recorded have been recognized in the financial
statements. 453. Completeness
Example: Salaries and wages cost in All assets, liabilities and equity balances
respect of all personnel have been fully accounted that were supposed to be recorded have been
for. recognized in the financial statements.
448. Accuracy Example: All inventory units that should
Transactions have been recorded accurately have been recorded have been recognized in the
at their appropriate amounts. financial statements. Any inventory held by a third
Example: Salaries and wages cost has been party on behalf of the audit entity has been included
calculated accurately. Any adjustments such as tax in the inventory balance.
deduction at source have been correctly reconciled
and accounted for.
454. Rights and Obligations
449. Cut-Off The entity has the right to ownership or use
Transactions have been recognized in the of the recognized assets, and the liabilities
correct accounting periods. recognized in the financial statements represent
Example: Salaries and wages cost the obligations of the entity.
recognized during the period relates to the current Example: Audit entity owns or controls the
accounting period. Any accrued and prepaid inventory recognized in the financial statements.
expenses have been accounted for correctly in the Any inventory held by the audit entity on account of
financial statements. another entity has not been recognized as part of
inventory of the audit entity.
450. Classification
Transactions have been classified and 455. Valuation
presented fairly in the financial statements. Assets, liabilities and equity balances have
Example: Salaries and wages cost has been been valued appropriately.
fairly allocated between: Example: Inventory has been recognized at
 Operating expenses incurred in the lower of cost and net realizable value in
production activities; accordance with IAS 2 Inventories. Any costs that
 General and administrative could not be reasonably allocated to the cost of
expenses; and production (e.g., general and administrative costs)
 Cost of personnel relating to any and any abnormal wastage has been excluded from
self-constructed assets other than the cost of inventory. An acceptable valuation basis
inventory. has been used to value inventory cost at the period
end (e.g., FIFO, average cost, etc.).
AUDITING THEORY
Types of Financial Statement Assertions Relating The auditor must decide the extent of
to Presentation and Disclosure testing or the number of items to audit. For
example, when auditing cash receipts, an auditor
457. Occurrence may decide to examine every cash disbursement or
Transactions and events disclosed in the only a sample of them. The sufficiency of the
financial statements have occurred and relate to evidence needed determines the number of items
the entity. to test.
Example: Transactions with related parties
disclosed in the notes to financial statements have 462. Timing of Testing
occurred during the period and relate to the audit Another decision that the auditor must
entity. make is when to perform each audit procedure.
Because an audit usually begins sometime during
458. Completeness the fiscal year being audited and ends one to three
All transactions, balances, events and other months after the end of the fiscal year, a long
matters that should have been disclosed have been period of time for performing the procedure is
disclosed in the financial statements. available.
Example: All related parties, related party
transactions and balances that should have been 463. Interim Work
disclosed have been disclosed in the notes to Audit procedures performed before year-
financial statements. end are referred to as interim work. Performing
tests at interim dates help complete the audit in a
459. Classification and Understandability timely manner. However, problems arise when
Disclosed events, transactions, balances business conditions rapidly change and/or the
and other financial matters have been classified auditor was not able to assess correctly the
appropriately and presented clearly in a manner predictability of the account balances at year-end.
that promotes understandability of information
contained in the financial statements. 464. Year-End Work
Example: The nature of related party Audit procedures performed between year-
transactions, balances and events has been clearly end and the completion of the audit are referred to
disclosed in the notes to financial statements. as year-end work. There is less risk in performing
Users of the financial statements can clearly tests within this timeframe since no further
determine the financial statement captions transactions will affect the account balances
affected by the related party transactions and (except for adjusting events after the reporting
balances can easily ascertain their financial effect. period).
465. Nature of Testing
460. Accuracy and Valuation The selection of particular procedures to
Transactions, events, balances and other achieve specific audit objectives is influenced by
financial matters have been disclosed accurately at the following considerations:
their appropriate amounts.
a. The nature and materiality of the
Example: Related party transactions,
particular component of the financial
balances and events have been disclosed
statements (account balance or class of
accurately at their appropriate amounts.
transaction);
***
b. The nature of the audit objective to be
achieved;
c. The reliance that can be placed on
461. Extent of Testing
internal control structure;
AUDITING THEORY
d. The relative risk of material errors or d. Timeliness of the evidence.

irregularities;
479. Hierarchy of Evidential Matter as to
e. The kinds and competence of available
Competence (Strongest to Weakest)
evidence; and
f. The expected efficiency and a. An auditor’s direct personal knowledge,
effectiveness of possible audit obtained through physical observation
procedures. and his or her own mathematical
computations, is generally considered
the most competent evidence.
466. Audit Evidence b. Documentary evidence obtained directly
It refers to all the information used by the from independent external sources
auditor in arriving at the conclusions on which the (external evidence) is considered
audit opinion is based, and includes both competent.
information contained in the accounting records c. Documentary evidence that has
underlying the financial statements and other originated outside the client’s data
information. processing system but which has been
received and processed by the client
467. Factors Influencing the Auditor’s Judgment (external-internal evidence) is generally
as to What is Sufficient Appropriate Audit considered competent. However, the
Evidence circumstances of internal control quality
are important.
a. Auditor’s assessment of the nature and d. Internal evidence consisting of
level of inherent risk at both the financial documents that are produced, circulated
statement level and the account balance and finally stored within the client’s
or class of transaction level; information system is generally
b. Nature of the accounting and internal considered low in competence.
control systems and the assessment of However, internal evidence is used
control risk; extensively when it is produced under
c. Materiality of the item being examined; satisfactory conditions of internal
d. Experience gained during previous control. Sometimes, internal evidence is
audits; the only kind available.
e. Results of audit procedures, including e. Verbal and written representations given
fraud or error which may have been by the client’s officers, directors, owners
found; and and employees are generally considered
f. Source and reliability of information the least competent evidence. Such
available. representations should be corroborated
with other types of evidence,
480. Factors that Determine the Amount of

478. Factors that Determine the Competence or Evidence to be Gathered (Sufficiency)
Appropriateness of Evidence
a. Materiality (e.g., Peso amount) of the
a. Relevance of the evidence to the item in question;
particular assertion being tested; b. Relative risk of the item (e.g., cash due
b. Objectivity of the evidence; to its liquidity); and
c. Qualifications of the provider of the
evidence; and
AUDITING THEORY
c. Cost in relation to the benefit obtained It consists of checking the mathematical

from obtaining more evidence (may not accuracy of source documents and accounting
be used as sole basis). records or of performing independent calculations.
Procedures for Obtaining Audit Evidence

489. Reperformance
It is the auditor’s independent execution of
482. Inspection
procedures and controls that were originally
It involves the examination of records,
performed as part of the entity’s internal control,
documents or tangible assets.
either manually or through the use of CAATs, for
example, reperforming the aging of accounts
483. Physical Examination and/or Physical Count
receivable.
It is performed to determine the existence
and qualitative characteristics of tangible assets.
490. Analytical Procedures
These consist of evaluations of financial
484. Confirmation
information made by a study of plausible
It is a specific type of inquiry referring to a
relationships among both financial and nonfinancial
process of obtaining representation of information
data.
or of an existing condition directly from a third
party.
Kinds of Confirmation
485. Inquiry
492. Positive External Confirmation Request
Inquiry involves seeking both financial and
It asks the respondent to reply to the auditor
nonfinancial information from knowledgeable
in all cases either by indicating the respondent’s
persons inside or outside the entity. Inquiries may
agreement with the given information, or by asking
include formal written inquiries addressed to third
the respondent to fill in information. A response
parties to informal oral inquiries addressed to
from this type of request is ordinarily expected to
persons inside the entity.
provide reliable audit evidence.
However, a respondent may reply to the
486. Written Representation
confirmation request without verifying that the
It is a written statement by management
information is correct. The auditor may reduce this
provided to the auditor to confirm certain matters
risk by using positive confirmation requests that do
or to support other audit evidence. Written
not state the amount (or other information) on the
representations in this context do not include
confirmation request, but ask the respondent to fill
financial statements, the assertions therein, or
in the amount or furnish other information. On the
supporting books and records.
other hand, use of this type of “blank” confirmation
A written representation provides that the
request may result in lower response rates because
audit evidence is all the information used by the
additional effort is required of the respondents.
auditor in arriving at the conclusions on which the
audit opinion is based.
493. Negative External Confirmation Request
It asks the respondent to reply only in the
487. Observation
event of disagreement with the information
It consists of looking at a process or
provided in the request. However, when no
procedure being performed by others.
response has been received to a negative
confirmation request, the auditor remains aware
488. Recalculation
that there will be no explicit evidence that the
intended third parties have received the
AUDITING THEORY
confirmation requests and verified that the supporting documents (cash

information contained therein is correct. disbursement).
***
Sources of Confirmation for Certain Accounts
494. More Information Regarding Audit
496. Assets
Procedures
a. Cash in Bank – Bank
a. Analyze – to identify and classify items
b. Accounts Receivable – Customer
for further study (account transactions).
c. Notes Receivable – Maker
b. Compare – to observe similarities and
d. Inventory out on Consignment –
differences between related items
Consignee
(beginning balances with last year’s
e. Inventory Held in Public Warehouse –
audit figure).
Public warehouse
d. Confirm – to communicate with outside
f. Cash Surrender Value of Life Insurance
parties to authenticate internal evidence
– Insurance company
(accounts receivable; cash in bank;
accounts payable). 497. Liabilities
e. Count – to enumerate a characteristic
(cash; inventory) a. Accounts Payable – Creditor/supplier
f. Examine – to review critically b. Notes Payable – Lender
(authoritative document such as c. Advances from Customers – Customer
invoices and checks). d. Mortgages Payable – Mortgagee
g. Extend – to add items located in the e. Bonds Payable – Issuer
same row. 498. Owners' Equity
h. Foot – to add items located in the same
column. b. Shares Outstanding – Registrar and
i. Inspect – to scrutinize or critically transfer agent
examine a document (certificate of 499. Other Information
stock).
j. Interrelate – to show relationship a. Insurance Coverage
(interest expense with liabilities) b. Contingent Liabilities
k. Observe – to watch or test a client c. Bond Indenture Agreement
(inventory count). d. Collateral Held by Creditors
l. Reconcile – to establish agreement
500. Evidence about Accounting Estimates
between separate sources of
Accounting estimate means an
information (cash balance per ledger
approximation of the amount of an item in the
with cash balance per bank statement).
absence of a precise means of measurement. The
m. Test – to sample (cash transactions).
auditor should adopt one or a combination of the
n. Trace – to follow a transaction through
following approaches in the audit of an accounting
the steps of the system (bookkeeping
estimate:
procedures).
o. Verify – to prove accuracy of numbers a. Review and test the process used by the
or existence of amount (rent income management;
against lease contract). b. Use an independent estimate for
p. Vouch – to prove accuracy of comparison with that prepared by
accounting entries by tracing to management; or
AUDITING THEORY
c. Review subsequent events which

confirm the estimate made. 504. Reasons for the Use of Sampling
501. Related Parties a. The nature and materiality of the

The term related parties refers to the client balance or class does not demand a
entity and any other party with which the client may 100% audit;
deal, where one party has the ability to influence the b. A decision must be made about the
other to the extent that one party to the transaction balance or class; and
may not pursue its own separate interests. c. The time and cost to audit 100% of the
population would be too great.
502. Related Party Transaction
505. Testing Procedures Which Do Not Involve
It refers to any transaction between the
Sampling
company and related parties (except for normal
compensation arrangements, expense allowances, a. Tests performed on 100% of the items
and similar transactions arising in the ordinary within a population (e.g., large value, low
course of business). volume accounts)
b. Inquiry and observation
c. Analytical procedures
501. Evidence for Related Party Transactions 506. Sampling Risk

Since transactions with related parties are This refers to the risk that the auditors’
not conducted at arm’s length, the auditors should conclusion based on a sample might be different
be aware that the economic substance of these from the conclusion they would reach if they
transactions may differ from their form. Common examined every item in the entire population.
methods of identifying related parties include 507. Non-Sampling Risk
making inquiries of management and reviewing This arises from factors that cause the
SEC filings, stockholders’ listings, and conflict-of- auditor to reach an erroneous conclusion for a
interest statements obtained by the client from its reason not related to the size of the sample (e.g.,
executives. the auditor might use inappropriate procedures or
the auditor might misinterpret evidence and fail to
recognize an error).
502. Audit Sampling Selecting Items for Testing to Gather Audit

It is defined as the application of a Evidence
compliance or substantive procedure to less than
100% of the items within an account balance or 509. Selecting All Items
class of transactions to enable the auditor to obtain
and evaluate evidence of some characteristic of the a. More common for substantive
balance or class to form or assist in forming a procedures than tests of control.
conclusion concerning that characteristic. b. Population composed of small number
of large value items.
503. Sampling c. Used when both inherent and control
It is a process whereby information is risk are high and other means do not
gained concerning the characteristics of population provide sufficient appropriate
(universe or field) of items by means of an evidence.
examination of only a portion of the items d. Also applicable when the repetitive
composing that population. nature of a calculation or other process
AUDITING THEORY
performed by a computer information Sample Risks to Be Considered in Performing

system makes a 100% examination Substantive Tests
cost effective.
519. Risk of Incorrect Rejection or Alpha Risk
510. Selecting Specific Items
It is the risk that the sample supports the
Specific items selected may include:
conclusion that the recorded account balance is
a. High value or key items materially misstated when it is not materially
b. All items over a certain amount misstated.
c. Items relevant to specific information
d. Items involved in a procedure 520. Risk of Incorrect Acceptance or Beta Risk
It is the risk that the sample supports the
511. Audit Sampling conclusion that the recorded account balance is
a. May use either nonstatistical or not materially misstated when it is materially
statistical sampling or both. misstated (detection risk).
b. Statistical sampling allows for the
quantification of sampling risk; 521. Factors to Be Considered in the Design of
nonstatistical sampling does not. Sampling Procedures
a. Audit objectives
Sampling Techniques b. Population
c. Risk and assurance
513. Attribute Sampling Technique d. Tolerable error
It is used when an auditor is interested in e. Expected error in the population
measuring a qualitative feature, such as the f. Stratification
presence or absence of internal control procedure.
522. Audit Objectives
514. Variables Sampling Technique The auditor first considers the specific
It is used by an auditor during substantive objectives to be achieved and the combination of
testing. This provides an estimate of a Peso range audit procedures which is likely to best achieve
within which the true audited value of the those objectives. Consideration of the nature of the
population lies. audit evidence sought and possible error conditions
or other characteristics relating to that audit
Sample Risks to Be Considered in Performing evidence will assist the auditor in defining what
Tests of Controls constitutes an error and what population to use for
sampling.
516. Risk of Overreliance
It is the risk that the sample supports 523. Population
reliance on internal control when this reliance is It is important for the auditor to ensure that
unjustified. the population is:
a. Appropriate to the objective of the
517. Risk of Underreliance sampling procedure (e.g., test for
It is the risk that the sample does not overstatement of accounts payable –
support reliance on internal control when the true population: accounts payable listing;
compliance rate suggests that the auditor should test for understatement of accounts
rely on internal control. payable – population: subsequent
disbursements, unpaid invoices,
AUDITING THEORY
suppliers’ statements, unmatched It is the process of dividing a population into

receiving reports, etc.). subpopulations, that is, a group of sampling units
b. Complete (e.g., conclusions cannot be which have similar characteristics (often monetary
drawn about all vouchers for the period value). The reduction in variability within each
unless the auditor is satisfied that all stratum results in a smaller overall sample size.
vouchers have in fact been filed). Examples:
524. Risk and Assurance a. Account balance or class of

transactions stratified by monetary
a. Audit risk
value to allow greater audit effort to be
 Inherent risk
directed to the larger value items; and
 Control risk
b. Population stratified according to a
 Detection risk
particular characteristic that indicates a
b. Sampling risk
higher risk of error such as the
 Risk of overreliance
stratification by age of accounts
 Risk of underreliance
receivable.
 Risk of incorrect rejection
 Risk of incorrect acceptance 529. Value Weighted Sampling
c. Non-sampling risk In this method, the auditor first divides the
population on the basis of monetary value, for
525. Tolerable Error
example high value, mid value and low value. And
This is the maximum error in the population
then he or she selects more items from high value
that the auditor would be willing to accept and still
item group as compared to others.
conclude that the result from the sample has
achieved his audit objective. 530. Sample Size
In determining the sample size, the auditor
526. Relationship Between Tolerable Error and should consider whether sampling risk is reduced
Required Sample Size to an acceptably low level. Sample size is affected
The smaller the tolerable error, the larger by the level of sampling risk the auditor is willing to
sample size the auditor will require (inverse accept. The lower the risk the auditor is willing to
relationship). accept, the greater the sample size will need to be.
527. Expected Error in the Population 531. Examples of Factors Influencing the Sample
This assessment is based on the auditor’s Size for Tests of Control
prior knowledge or the examination of a small
number of items from the population. The following a. The more assurance the auditor intends
factors should be considered in determining the to obtain from the operating
expected error in the population: effectiveness of controls, the lower the
auditor’s assessment of the risk of
a. Error levels identified in previous audits, material misstatements will be, and the
b. Changes in client procedures, and larger the sample size will need to be.
c. Evidence available from his evaluation b. The lower the tolerable rate of deviation,
of the system of internal control and the larger the sample size needs to be.
from results of analytical review c. The higher the expected rate of
procedures. deviation, the larger the sample size
528. Stratification needs to be so that the auditor is in a
position to make a reasonable estimate
of the actual rate of deviation.
AUDITING THEORY
d. The greater the level of assurance that

the auditor desires that the results of the 533. Summary of the Steps Related to Sampling to
sample are in fact indicative of the Be Followed in the Risk Response Phase
actual incidence of deviation in the
a. Selecting the sample using appropriate
population, the larger the sample size
sampling method and sample size;
needs to be.
b. Performing the Audit Procedure;
532. Examples of Factors Influencing Sample Size c. Evaluation of Sample Results;
for Tests of Details d. Analysis of Errors in the Sample;
e. Projection of Errors; and
a. The higher the auditor’s assessment of
f. Assessing Sampling Risk.
risk of material misstatement, the larger
the sample size needs to be. Audit Sampling Plans
b. The more the auditor is relying on other
substantive procedures to reduce to an
acceptable level the detection risk Audit Sampling
regarding a particular population, the
less assurance the auditor will require Attributes Variables Sampling in
from sampling and, therefore, the Sampling in Tests Substantive Tests of
smaller the sample size can be. of Control Details
c. The greater the level of assurance that
Non- Non-
the auditor requires that the results of Statistical Statistical
statistical statistical
the sample are in fact indicative of the
actual amount of misstatements in the Regular or
Probability or Classical
population, the larger the sample size Classical
Proportional
needs to be. Mean per
Discovery to Size
d. The lower the tolerable misstatement, Unit
the larger the sample size needs to be. Difference
e. The greater the amount of misstatement Sequential or
Estimation
the auditor expects to find in the Stop or Go
Ratio
population, the larger the sample size Estimation
needs to be in order to make a
reasonable estimate of the actual Regression
amount of misstatement in the
534. Statistical Sampling Plan
population.
This is a sampling technique in which an
f. When there is a wide range (variability)
auditor uses the laws of probability to select and
in the monetary size of items in the
evaluate a sample. When using statistical sampling,
population, it may be useful to stratify
auditors must select a random sample, which
the population. When a population is
means every item in the population must have
appropriately stratified, the aggregate
equal chance of being included in the sample.
sample sizes from the strata generally
will be less than the sample size that
Variations of Statistical Sampling Plan
would have been required to attain a
given level of sampling risk, had one
536. Random Sampling
sample been drawn from the whole
A simple random sample is a sample that is
population.
selected in such a way that every item in a
population has an equal chance of being selected.
AUDITING THEORY
This is accomplished by using a printed table of 543. Judgmental Sampling

random numbers or computer software that Under this method, the auditor selects large
generates random numbers. or unusual items from the population and uses
some other judgmental criterion for selection.
537. Systematic Sampling Obviously, this selection method has a conscious
In using this method, the auditor counts bias and cannot be considered a representative
through the population and selects items on the selection method.
basis of a sampling interval which is determined by ***
dividing the number of physical items in the
population by sample size. 544. Logic of Tests of Controls
Recall that there are two main aspects of
538. Stratified Random Sampling internal control: design and operation. It is only the
The auditor groups the population into latter that is being subjected to tests of control.
subpopulations, or strata that are similar in amount Based on the auditor's understanding of accounting
or characteristic. Samples are then drawn from and internal control systems, the auditor identifies
each stratum using one of the random selection the characteristics or attributes that indicate
methods. performance of a control, as well as possible
deviation conditions which indicate departures
539. Sampling with Probability Proportional to from adequate performance. The presence or
Size absence of attributes can then be tested by the
The probability of an item being selected auditor.
under this method is directly proportional to its
Peso amount. 545. Evidence of Performance
*** Audit sampling for tests of control is
generally appropriate when the application of
540. Nonstatistical Sampling Plan control leaves evidence of performance (e.g.,
These plans rely exclusively on subjective initials of the credit manager on a sales invoice
judgment to determine sample size and to evaluate indicating credit approval).
sample results.
546. Steps in the Application of Attributes
Variations of Nonstatistical Sampling Plan Sampling to Test of Controls
a. Determine the control to be tested or

541. Haphazard Sampling
audit objective of the test.
A haphazard sample consists of sampling
b. Define the attributes and deviation
units without any conscious bias that is without any
conditions.
special reason for including or omitting items from
c. Define the population to be sampled and
the sample.
the sampling unit.
d. Specify the risk of assessing control risk
542. Block Selection
too low (overreliance) and the tolerable
A block sample consists of all items in a
deviation rate.
selected time period, numerical sequence or
e. Estimate the expected population
alphabetical sequence (e.g., all cash disbursement
deviation rate.
transactions in the first week of June). This method
f. Determine the sample size.
cannot be generally relied upon to efficiently
g. Select the sample.
produce a representative sample.
h. Perform the test of control procedures
on sample items.
AUDITING THEORY
i. Evaluate the sample results. shipped.

j. Document the sampling procedure.
551. Define the Population to Be Sampled and the
547. Determine the Control to Be Tested or Audit
Sampling Unit
Objective of the Test
Example: The client prepares a serially
Example: The objective is to test the
numbered voucher for every purchase of materials.
effectiveness of internal control over payments for
The receiving report and purchase invoice are
purchases of merchandise which requires the
attached to each voucher. Therefore, the sampling
matching of receiving reports with purchase
unit for the test is an individual voucher. Since the
invoices as a step for the authorization of such
test of controls is being performed during the
payments.
interim period, the population to be tested consists
of 6,350 vouchers (assumed) for purchases of
548. Attributes
materials during the first 10 months of the year
These are characteristics that provide
under audit. If at any point the auditor determines
evidence that an internal control procedure was
that the physical representation of the population
actually performed.
(the 6,350 vouchers) has omitted vouchers that
should be included in the first 10 months, the
auditor should also test those vouchers.
549. Deviation
552. Risk of Assessing Control Risk Too Low
It occurs when a sample item does not have
It is the risk that the actual deviation rate
one or more of the identified attributes.
(deviations detected / sample size) exceeds the
tolerable deviation rate (also known as risk of
550. Define the Attributes and Deviation
overreliance).
Conditions
Example: The following table shows the
553. Specifying the Risk of Assessing Control Risk
attributes and corresponding deviation conditions
too Low
for the internal control of matching receiving
The lower the risk percentage assigned to
reports with purchase invoices.
this, the tighter it is for the internal control to pass
Attribute Deviation the compliance test. And since the results of tests
a. Any purchase a. Any purchase of controls play a major role in determining the
invoice is supported by invoice is not nature, timing and extent of other audit procedures,
a receiving document. supported by a auditors usually specify a low level of acceptable
receiving document. risk of assessing control risk too low (5-10%).
b. Any purchase b. Any purchase
invoice is supported by invoice is supported by 554. Specifying the Tolerable Deviation Rate
a receiving document a receiving document Auditors specify this based on the following:
where the latter is that is applicable to
a. The lower the planned assessment level
applicable only to the another invoice.
of control risk, the lower the tolerable
former.
deviation rate; and
c. Any purchase c. Any difference b. The higher the degree of assurance
invoice and the between the purchase desired from the evidential matter in the
receiving document invoice and the sample, the lower the tolerable deviation
supporting it have a receiving document as rate.
matching information to quantities shipped.
as to quantities
AUDITING THEORY
555. Estimation of the Expected Population

Deviation Rate 560. Performing the Tests of Control Procedures
The following are the common bases for on Sample Items
estimating the expected population deviation rate: When testing the sample items, an auditor
examines each sample item for the attributes of
a. Sample from prior years, as documented
interest. Each item will be classified as to whether it
in working papers;
contains a deviation from the prescribed internal
b. Experience with similar tests on other
control procedure. The auditor performing the test
audit engagements; or
should also be alert for evidence of any unusual
c. By examining a small pilot sample.
matters, such as evidence of fraud or related party
556. Determining the Initial Sample Size transactions.
In determining the sample size, the
following factors shall be considered: 561. Compliance Test Risk Matrix
a. Acceptable level of sampling risk 562. Evaluating the Sample Results

b. Planned reliance on internal control After performing the sampling plan, the
c. Allowable rate of deviation (tolerable auditor summarizes and evaluates the results by
error) following these steps:
d. Likely rate of population deviation
(expected error) a. Determine the sample deviation rate.
e. Required confidence level (risk of b. Determine the upper deviation rate and
assessing control risk too low) the allowance for sampling risk.
f. Number of items in the population c. Compare the upper deviation rate and
the tolerable rate of deviation and
Moreover, the sample size can be evaluate the effectiveness of a control
determined by the use of a statistically-based accordingly.
formula (usually to create a table of statistical d. Consider qualitative information such as
sample sizes) or through the exercise of evidence of deliberate manipulation or
professional judgment objectively applied to the circumvention of internal control.
circumstances. e. Reach an overall conclusion.
557. Selection of the Sample 563. Sample Deviation Rate

After determining the initial sample size, the Formula: Sample Deviation Rate = Number
auditor should select a random sample from the of Deviations Observed / Sample Size
population.
558. Sampling with Replacement 564. Upper Deviation Rate

It means that after an item has been It is basically the sample deviation rate
selected for inclusion in the sample, it is placed adjusted for the effects of sampling risk. Formula:
back in the population so that it is subject to Upper Deviation Rate = Sample Deviation Rate +
selection again. Id an item is selected twice Allowance for Sampling Risk
because the random number is drawn twice, the
item must be included twice. 565. Allowance for Sampling Risk
It is determined from the standard tables
559. Sampling without Replacement showing maximum deviation rates at specific levels
It requires the selected item be included in of risk of overreliance.
the sample only once.
AUDITING THEORY
566. Evaluation of the Effectiveness of a Control the auditor would assess control risk to
Under the Statistical Sampling Plan be maximum.
a. If upper deviation rate is less than or 568. Evidence of Deliberate Manipulation or

equal to the tolerable deviation rate, it is Circumvention of the Internal Control Structure
implied that a control is effective and It is important for the auditor to consider
the results would support assessing qualitative information such as this kind of
control risk below the maximum or evidence. The existence of such matter would
100%. greatly affect the subsequent portions of the audit.
b. If the upper deviation rate is greater than
the tolerable deviation rate, it would
suggest that a control is not effective 569. Conclusion of the Evaluation of Sample
and the result would support assessing Results
control risk at maximum level or 100%. The auditor must relate the assessed
control risk to detection risk for each financial
567. Evaluation of the Effectiveness of a Control
statement assertion.
Under a Nonstatistical Sampling Plan
In this type of application, sampling
deviation rate is compared with tolerable rate or
expected population deviation rate. 570. Logic of Substantive Procedures
Substantive procedures are concerned with
a. If the sampling deviation rate is less amounts and are of two types: analytical
than or equal to the tolerable rate or procedures and tests of details of transactions and
expected population deviation rate, balances. The purpose of substantive procedures is
internal control is considered effective to obtain audit evidence to detect material
and would support assessing control misstatements in the financial statements.
risk below maximum.
b. If the sampling deviation rate is greater Types of Variable Sampling Plan Techniques for
than the tolerable rate or expected Substantive Procedures
population deviation rate, the control is
not considered effective and therefore
a. Sales clerk receives It triggers the start of
purchase order from the sales process.
customer.
b. A sales order is Sales orders shall be
prepared by the sales preprinted,
clerk in eight (8) prenumbered, and
copies. numerically controlled.
c. Two (2) copies of
the sales order are sent
to the customer.
AUDITING THEORY
Phase II-B: Implementing Responses to Assessed Risk of Material Misstatement to Reduce Audit Risk to an
Acceptably Low Level
Tests of Controls for Sale Transactions

5. Existence / Occurrence
Recorded sales are for shipments actually made to customers.
Controls Potential Misstatements Tests of Controls

a. Recording of sales is Sales that did not occur may be Examine approved customer
supported by customer orders, recorded. order, sales order, shipping
sales orders approved by the document, and copy of sales
credit department, and invoice for a sample of entries in
approved and executed the sales journal.
shipping documents.
b. A clerk independent of Errors in recording sales may not Observe procedure and examine
accounts receivable prepares be detected. follow-up files.
and mails monthly statements
to customers for all trade
accounts receivable and
follows up on any complaints.
5. Completeness
All sales transactions that occurred are recorded.

a. Prenumbered shipping Goods may be shipped but not Observe procedure. Examine copy
documents are accounted for billed. of invoices to a sample of
to determine that a sales shipping documents.
invoice is prepared for all
shipments.
b. Prenumbered sales invoices Unrecorded sales may exist. Observe procedure. Examine
are accounted for to determine entries for a sequence of sales
that all sales are recorded. invoices to sales journal.
c. Procedures to ensure timely Sales transactions may be Inquire how procedures are
recording of sales and proper recorded in the wrong period. followed, observe procedures
cut-off are established. being followed and inspect report
on last shipments.

Sales recorded represent only sales transactions.

a. Clerk checks sales order and Consignment transactions may be Observe procedures.
sales invoice for terms to recorded as sales.
determine that transaction is a
sale other than a consignment.
AUDITING THEORY
5. Valuation / Measurement
Sales are correctly billed and recorded.

a. For all goods shipped, goods More or fewer goods may have Observe procedure. For a sample,
are counted and descriptions been shipped than ordered. examine signature on documents
and quantities are compared to Customer returns may occur. evidencing performance.
quantities and descriptions on
sales orders and shipping
documents prior to shipping.
b. Customer credit is approved by Accounts receivable may be Examine sales order for selected
a responsible official prior to uncollectible. transactions.
merchandise shipment.
c. Sales invoices are checked for: Sales/accounts receivable may be Inquire about the updating and
 Proper pricing overstated or understated. use of approved price lists. For a
 Mathematical accuracy sample of invoices, examine
 Terms signature indicating performance
of task.
d. The accounts receivable Likelihood of errors in accounts Observe procedure. Foot
subsidiary ledger is balanced receivable increases. subsidiary ledger.
to the general ledger control
account regularly.
5. Presentation and Disclosure

Sales and accounts receivable are recorded to result in presentation and disclosure in accordance with
PFRS.

a. An independent review is made Revenues may be misclassified. Observe procedure. For a sample
of account coding for recorded of invoices, recheck account
sales. coding.
Tests of Controls for Cash Receipt Transactions
Recorded receipts represent actual collections of cash from customers.

a. A trustworthy employee Cash receipts may be Observe whether a prelisting is
prepares a prelisting of cash misappropriated. prepared and inquire of preparer
AUDITING THEORY
receipts before further about the procedures followed.

processing.
b. A validated deposit slip is Cash receipts may be recorded For a sample of entries in the cash
obtained for daily deposits and that were not deposited. receipts journal, reconcile the total
compared to the cash receipts to validated deposit tickets.
summary.
c. Duties of handling cash Cash may be misappropriated and Observe separation of duties and
receipts are segregated from lapping may occur. inquire of personnel about their
posting to accounts receivable. responsibilities.
d. A bank reconciliation is Bank reconciliations may cover Examine bank reconciliations and
prepared monthly by a person shortages. determine that preparer does not
not involved in handling cash, have conflicting duties.
accounts receivable, or general
ledger records.
5. Completeness / Rights and Obligations

All receipts are processed and recorded.

a. Prelisting of cash receipts and Cash may be misappropriated. Observe monitoring and inquire of
cash register procedures are prelister and cash register
monitored. operator about procedures.
b. Checks are restrictively Cash may be misappropriated. Examine undeposited checks for
endorsed upon receipt. endorsement.
c. Cash receipts are deposited Cash may be unrecorded or Observe the procedure and inquire
intact daily. misappropriated. of personnel who perform the
procedure.
d. A daily cash summary is Cash may be misappropriated. For selected day, trace totals from
prepared and reconciled to cash receipts journal to cash
total of prelisting and over-the- summary and validated deposit
counter receipts and the cash ticket.
receipts journal.
e. The cash receipts journal total Credits posted to customers’ Observe the procedure and inquire
is independently reconciled to accounts may be overstated or of personnel who perform the
the total posted to accounts understated. procedure.
receivable.
Debits to cash and credits to accounts receivable are valued at amounts received.

a. Cash receipts are recorded at A customer may be given credit For a sample of entries in cash
the amount received. for an amount greater than receipts journal, examine
payment. remittance advices.
b. A responsible person approves A customer may take a larger For a sample of entries in cash
cash discounts taken. discount than appropriate. receipts journal, examine
AUDITING THEORY
remittance advices for approval of

discount taken.

Cash receipt transactions are recorded to result in presentation and disclosure in accordance with
PFRS.

a. A supervisor approves account Entries may be made to wrong Observe procedure. Examine
classification made in accounts. approvals by supervisor.
journalizing.
Tests of Controls for Purchase Transactions
Recorded acquisitions are for items that were acquired.

a. Approval of acquisitions is Purchases that did not occur may Examine approval signature.
evidenced by signature on the be recorded.
purchase order.
b. A purchase requisition, Purchases that did not occur may Observe procedure or examine file
purchase order; receiving be recorded. of documents.
report, and vendor’s invoice are
filed in support of each
acquisition.
c. Documents are cancelled so Documents may be reused, and Examine cancellations on
they cannot be reused. acquisitions may be recorded documents.
twice.
5. Completeness
Acquisitions that occurred are recorded.

a. Receiving records are Purchases may be unrecorded. Observe procedure. Account for a
prenumbered and accounted numerical sequence.
for.
b. Vouchers are prenumbered Purchases may be unrecorded. Observe procedure. Account for a
and accounted for. numerical sequence.

Recorded acquisitions are the entity’s purchases and liabilities.

a. Receiving reports are prepared Purchases that are not legitimate Observe procedure.
AUDITING THEORY
by persons having access only business purchases may be

to a blind copy of purchase recorded and paid, or consigned
order details. Consigned goods goods may be recorded as a
are readily identified. purchase.
Acquisitions are recorded for the proper amounts.

a. Invoice amounts are verified by Client could overpay for goods or Examine voucher for signature
reference to purchase orders services. indicating performance.
and receiving reports, and
mathematics on invoice is
rechecked.

Acquisitions are recorded to result in presentation and disclosure in accordance with PFRS.

a. Chart of accounts adequately Purchases may be charged to Examine chart of accounts.
describes accounts to be wrong accounts. Examine signature of employee
debited. Account coding is performing check.
assigned by one person and
checked by another.
Tests of Controls for Cash Payment Transactions
Recorded cash payments occurred.

a. Authorized individual signs and Checks may be written but not Observe procedure. Examine
promptly mails checks after issued or released. documents.
reviewing documentation.
b. A review is made by a person Checks may be written but not Observe procedure. Inquire about
not responsible for handling issued or released. procedures being followed.
disbursements that checks are
processed on a timely basis.
6. Completeness
All cash payments made are recorded.

a. Checks are prenumbered and Checks may be issued but not Observe procedure. Account for
AUDITING THEORY
accounted for. recorded. sequence.

b. Independent bank Account may not reconcile or Observe that person preparing
reconciliation is performed discrepancy may not be disclosed. bank reconciliation is independent
monthly. of cash handling. Inspect
reconciliation.

All cash payments made are for obligations of the entity.

a. Check signer who is Unauthorized payments may be Observe procedure.
independent of voucher made.
preparation examines
supporting documentation
before signing checks.
Debits to various accounts and credits to cash are valued at proper amounts.

a. Amounts (including discounts Improper amounts may be paid Observe procedure. Examine
taken) and calculations on because of math errors or signature on invoice.
vendors’ invoices are incorrect discounts.
independently verified.

Cash payments are recorded to result in presentation and disclosure in accordance with PFRS.

a. Chart of accounts adequately Payments may be credited to Observe procedure. Examine chart
describes accounts to be used, wrong accounts. of accounts. Examine signature of
and account coding is employee performing checks.
assigned to one person and
checked by another.
Tests of Controls for Payroll Transactions
Recorded payroll transactions occurred.
AUDITING THEORY

a. Chart of accounts adequately Payments may be credited to Observe procedure. Examine chart
describes accounts to be used, wrong accounts. of accounts. Examine signature of
and account coding is employee performing checks.
checked by another.
b. Payroll checks are signed and Payroll may include fictitious or Observe separation of duties.
distributed by a person not in former employees.
personnel, payroll accounting,
or supervisor of operations.
5. Completeness
All payroll earned by employees is recorded.

a. Payroll checks are Paychecks may be issued but not Observe procedures. Examine
prenumbered and accounted recorded. bank reconciliation.
for in the bank reconciliation by
a person independent of the
payroll function.

Recorded payroll transactions are for services received.

a. Employees record their time Employees may be paid for hours Observe procedure.
using a time clock but record they did not work.
no other employee’s name.
b. Supervisors approve time Employees may be paid for hours Examine signature on cards.
cards before submitting them they did not work.
to payroll accounting.
Payroll transactions are recorded for the proper amounts.

a. Payroll calculations are Paychecks may be for wrong Examine payroll register for
verified. amounts. signature indicating verification.
b. Control totals of hours worked Employees may be paid for hours Examine reconciliation.
are determined independently they did not work.
AUDITING THEORY
of payroll accounting and

compared to the hours for
which payment is recorded.

Payroll transactions are recorded to result in presentation and disclosure in accordance with PFRS.

a. Account codes assigned are Wages expense may be charged Examine chart of accounts.
reviewed by appropriate levels to wrong accounts. Examine signature of employee
of management. performing check.
Tests of Controls for Production Transactions
Recorded production transactions occurred.

a. A materials requisition is Transactions that did not occur Observe segregation of duties and
prepared by operating may be recorded. examine approval signatures.
personnel and signed by a
warehouse custodian when
goods are transferred to
production.
b. Labor tickets are used by Fictitious time may be assigned to Examine labor tickets.
production employees for jobs.
recording labor.
5. Completeness / Rights and Obligations

All production transactions that occurred are recorded.

a. Production orders are Completed production may not be Observe procedure and account
prenumbered and accounted recorded. for a numerical sequence of
for to determine that all production orders.
production is recorded.
b. Materials requisition are Goods may be issued but not Observe procedure and account
prenumbered and accounted recorded. for a numerical sequence of
for by an accounting clerk. materials requisitions.
c. Time charged on labor tickets Time may be worked in production Observe procedure.
is reconciled to employee time but not recorded.
cards.
AUDITING THEORY
Production transactions are recorded by the proper amounts.

a. Values for transactions are Values may not be based on cost Trace values to bill of materials,
based on a bill of materials, incurred. time cards, and overhead rates.
approved labor tickets and
rates for labor, and
predetermined overhead rates.
b. Overapplied or underapplied Finished goods may be assigned Examine signature indicating
overhead is reviewed with incorrect value. performance.
periodically, and rates are
adjusted as necessary.

Production transactions are recorded to result in presentation and disclosure in accordance with PFRS.

a. Chart of accounts adequately Costs may be assigned to wrong Examine chart of accounts.
describes accounts to be used, accounts. Examine signature of employee
and account coding is performing check.
independently checked.
Tests of Controls for Inventory Warehousing Transactions
Recorded inventory warehousing transactions occurred.

a. A copy of a receiving report Fictitious receipts may be Observe separation of duties and
signed by a receiving clerk is recorded. examine approval signature on
used by inventory accounting receiving report.
to record receipt of goods.
b. A materials requisition is Fictitious issues may be recorded. Observe separation of duties and
prepared and signed by examine approval signature on
appropriate operating materials requisition.
personnel.
5. Completeness
All inventory warehousing transactions that occurred are recorded.

a. Receiving reports and Goods may be received or issued Observe procedure and account
materials requisitions are but not recorded. for a numerical sequence of
prenumbered and accounted receiving reports to determine that
for by a clerk in inventory all have been recorded.
AUDITING THEORY
accounting.
b. An inventory clerk signs a copy Errors may be recorded in the Observe procedure. Examine
of the receiving report after quantity of goods transferred. signature on receiving reports.
counting goods transferred to
his or her area.
c. Access to inventory is limited Goods may be issued but not Observe procedures.
to personnel responsible for its recorded.
custody.

Inventory warehousing transactions are for goods that belong to the entity.

a. Goods received on Goods on consignment may be Inquire about and observe the
consignment are labeled and treated as inventory. procedure.
separated from goods the
entity owns.
Inventory warehousing transactions are recorded for proper amounts.

a. Costs assigned to work in Inventory may be misvalued. Inquire about and observe
process and finished goods are evidence of standards setting,
set by procedures that are review standards and testing of
reviewed and periodically standards.
evaluated. Mathematical
accuracy is tested.

Inventory warehousing transactions are recorded to result in presentation and disclosure in accordance
with PFRS.

a. Chart of accounts adequately Receipt or issue may be charged Examine chart of accounts.
describes accounts to be used, or credited to wrong accounts. Examine signature of employee
and account coding is performing check.
AUDITING THEORY

checked by another.
6. Audit Documentation
It means the record of audit procedures Types of Audit Programs
performed, relevant audit evidence obtained, and (See no. 288 for definition.)
conclusions the auditor reached. It is also known
as working papers or work papers. 6. Standard All-Purpose Audit Program
It lists standard practices applicable to
6. Audit File almost every engagement.
It means one or more folders or other 6. Tailor-Made Audit Program
storage media, in physical or electronic form, It lists the procedures to be followed on a
containing the records that comprise the audit specific audit engagement, indicating any departure
documentation for a specific engagement. from normal practices and specifying the extent of
the tests of transactions.
6. Experienced Auditor
He or she is an individual (whether internal 6. Modified Standard Form Audit Program
or external to the firm) who has practical audit It is a reprinted program that outlines the
experience, and a reasonable understanding of usual audit procedures common to most
audit processes, PSAs and applicable legal and businesses and provides space for an auditor to
regulatory requirements, the business environment indicate other specific procedures applicable to the
in which the entity operates, and auditing and business under examination.
financial reporting issues relevant to the entity’s ***
industry.
6. Working Trial Balance
6. Primary Objective of Audit Documentation Also called as the backbone of the working
Its objective is preparing sufficient and papers, it is a list of the accounts in the client’s
appropriate audit documentation on a timely basis general ledger with columns that, as a minimum
to help enhance the quality of the audit and to include unadjusted amounts directly from the
facilitate review and evaluation of the audit client’s accounting records, proposed adjusting
evidence obtained and conclusions reached before entries, and adjusted (audited) amounts.
the auditor’s report is finalized.
6. Lead or Top Schedule
6. Types of Working Papers It is a working paper that shows the
grouping of related account balances. Each line
a. Audit administrative working papers
item on the trial balance is supported by a lead
b. Working trial balance and lead schedule
schedule, containing the detailed accounts from
c. Supporting schedules and analysis
the general ledger making up the line item total.
d. Adjusting and reclassifying entries
Each detailed account on the lead schedule is, in
e. Audit memoranda and documentation of
turn, supported by appropriate supporting
corroborating information
schedules evidencing the audit work performed and
6. Audit Administrative Working Papers the conclusions reached.
These are working papers designed to aid
the auditors in planning and administration of 6. Supporting Schedules
engagements. These include audit plans and These are the detailed schedules prepared
programs, internal control questionnaires and by auditors in support of specific amounts on the
flowcharts, engagement letters, and time budgets.
AUDITING THEORY
financial statements (e.g., cash count sheet for The current year working paper file is
cash on hand balance) designed to support the assertions embodied in the
financial statements.
6. Accounts Analysis
This working paper shows the activity 6. Permanent File
during the period in a particular statement of Working papers in permanent files contain
financial position account. It starts with the information of continuing interest to the auditor.
beginning balance, shows the transactions These are intended to contain data of a historical or
(additions and reductions) that occurred during the continuing nature pertinent to the current
period, and concludes with the ending balance. examination. These files provide a convenient
source of information about the audit that is of
6. Summary of Adjusting Entries continuing use from year to year.
Adjusting entries are corrections of material
errors in the accounting records discovered by the Other Files Maintained
auditor. These entries must be approved by the
client because management has primary 6. Tax Files
responsibility for the fair presentation of the These files contain information relevant to a
statement. client’s current and past income tax and other
business tax obligations. They serve as basis for
6. Summary of Reclassifying Entries preparing current year’s returns and performing
Reclassifying entries are made in the other tax-related services such as amending prior
statements to present accounting information year returns or representing the client’s tax
properly, even when the general ledger balances are assessment case.
correct (e.g., material credit customer balances in
accounts receivable subsidiary ledger to be 6. Correspondence File
reclassified to advances from customers). This file contains all correspondence or
letters to, from or in behalf of a client.
6. Audit Notes ***
This is the working paper used to note items
of work to be done that cannot be completed by 6. Ownership and Custody of Working Paper
following the usual sequence of audit procedures. All working papers made by a CPA in public
This is also used to record questions concerning practice and his staff, except those submitted to a
the audit investigation. client shall be treated confidential and privileged
and remain property of such CPA in the absence of
6. Outside Documentation a written agreement between the CPA and the
These are composed of documentation client, to the contrary, unless such documents are
gathered by auditors, such as confirmation replies, required to be produced through subpoena issued
and copies of client agreements. They are indexed by any court, tribunal, or government regulatory or
(labeled and arranged) and interfiled (filed together) administrative body.
and procedures are indicated on them in the same
manner as on the other schedule.
PHASE III: REPORTING
Main Divisions of Audit Working Papers
Phase III-A: Evaluating the Audit Evidence Obtained
6. Current Audit File to Determine What Additional Audit Work (If Any) Is
Required
AUDITING THEORY
she shall determine whether the identified

Matters Addressed by the Evaluation of Audit misstatements are indicatives of fraud.
Evidence
6. Evidence
6. Materiality The auditor shall determine whether
The auditor shall assess whether the sufficient appropriate evidence has been obtained
amounts established for overall and performance to reduce detection risk to an acceptably low level.
materiality are still appropriate in the context of the He or she shall consider whether there is a need for
entity’s actual financial results. If a lower further procedures to be performed.
materiality than that initially set is appropriate, the
auditor is required to determine: 6. Analytical Procedures
The auditor shall assess whether the
a. Whether it is necessary to revise
analytical procedures performed at the final review
performance materiality; and
stage of the audit:
b. Whether the nature, timing and extent of
further audit procedures remain a. Corroborate the audit findings; or
appropriate. b. Identify previously unrecognized risks of
material misstatements.
6. Risks
The auditor shall determine whether in the Factors to Be Considered in Evaluating the
light of the audit findings, the assessed risks of Sufficiency and Appropriateness of Audit Evidence
material misstatement at the assertion level is
appropriate. If not, the risk assessments would be 6. Materiality of Misstatements
revised and further planned audit procedures Is a misstatement in the assertion being
modified. addressed significant, and what is the likelihood of
it having a material effect (individually or combined
6. Misstatements with other potential misstatements) on the financial
The auditor shall determine the effect on statements?
the audit of identified misstatements and whether
there is a need to perform additional audit 6. Management Responses
procedures. Revisions to the audit strategy and Is management responsive to audit findings,
detailed audit plans may be required when: and how effective is the internal control in
a. The nature or circumstances of identified addressing risk factors?
misstatements indicate that other misstatement(s)
may exist that, when aggregated with known 6. Quality of Information
misstatements, could exceed performance Are the sources of available information
materiality; or reliable and appropriate for supporting the audit
b. The aggregate of identified and conclusions?
uncorrected misstatements close to or exceeds
performance materiality. 6. Persuasiveness
Is the audit evidence persuasive or
6. Fraud convincing?
The auditor, through the performance of
analytical procedures shall assess whether 6. Previous Experience
previously unrecognized risks of material What has been the previous experience in
misstatement due to fraud are present. Also, he or performing similar procedures and were any
misstatements identified?
AUDITING THEORY
g. Evaluating findings, formulating an

6. Results of Performed Audit Procedures opinion and drafting the auditor’s report
Do the results of performed audit
6. Subsequent Events
procedures support the objectives, and is there is
The term is used to refer to both events
any indication of fraud or error?
occurring between period end and the date of the
auditor’s report, and facts discovered after the date
6. Understanding the Entity
of the auditor’s report.
Do the evidence obtained support or
contradict the results of the risk assessment
Types of Subsequent Events
procedures (which were performed to obtain an
understanding of the entity and its environment,
6. Adjusting Subsequent Events
including internal control)?
These are events that provide further
***
evidence about conditions that existed at the
statement of financial position date. Some
6. Communication with Those Charged with
examples are:
Governance
The auditor shall communicate on a timely a. Loss on receivables resulting from the
basis with those charged with governance the bankruptcy of a major customer that
responsibilities of the auditor in relation to the was in a deteriorating condition at year-
financial statements audit, including that: end.
b. Settlement of litigation for an amount
a. The auditor is responsible for forming
different from an estimate at year-end.
and expressing an opinion on the
financial statements that have been
prepared by management with the 6. Non-Adjusting Subsequent Events
oversight of those charged with These are events that are indicative of
governance; and conditions that arose subsequent to period end.
b. The audit of the financial statements Some examples are:
does not relieve management or those
charged with governance of their a. Sale of a bond or capital stock issue.
responsibilities. b. Loss of plant or inventories as a result
of fire or flood.
Responsibilities of the Auditor Regarding

6. Matters to Be Considered in Completing the Subsequent Events
Audit (Post-Audit Responsibilities)
6. Events Occurring Up to the Date of the Auditor’s
a. Related party transactions (see nos.
Report
501-503)
The auditor should perform procedures
b. Subsequent events review
designed to obtain sufficient appropriate evidence
c. Letters of inquiry / review of contingent
that all events up to the date of the auditor’s report
liabilities
that may require adjustment of, or disclosure in, the
d. Evaluating going concern status (see no.
financial statements have been identified.
285)
6. Facts Discovered After the Date of the Auditor’s
e. Management representation
Report and Before the Financial Statements Are
f. Analytical procedures (see nos. 277 &
Issued
432)
AUDITING THEORY
The auditor ordinarily has no responsibility  It is not probable that an outflow of

to perform procedures or make inquiry of resources embodying economic
subsequent events after the date of the report. benefits will be required to settle the
However, when after the date of the auditor’s report obligation; or
but before the date the financial statements are  The amount of the obligation cannot
issued, a fact becomes known to the auditor that, be measured with sufficient
had it been known to the auditor at the date of the reliability.
auditor’s report, may have caused the auditor to
6. Summary of Accounting Treatments for Loss
amend the auditor’s report, the auditor shall:
Contingencies
a. Discuss the matter with management
and, where appropriate, those charged Chance of Material Required Financial
with governance. Loss Disclosure
b. Determine whether financial statements Remote: The chance None
need amendment and, if so, inquire how that the future event
management intends to address the will occur is slight.
matter in the financial statements. Reasonably possible: Disclose in a note.
The chance that the
6. Procedures If Management Decides to Amend
future event will occur
the Financial Statements Resulting from Discovery
is more than remote
of an Adjusting Subsequent Event After the Date of
but less than likely.
the Auditor’s Report and Before the Financial
Probable: The future If able to estimate,
Statements Are Issued
event is likely to occur. adjust. If unable to
a. Carry out the audit procedures estimate, disclose in a
necessary in the circumstances or the note.
amendment.
b. Extend the audit procedures to the date 6. Audit Inquiry Letter to Client’s Lawyer
of the new auditor’s report; and Also called a lawyer’s letter, it is sent by the
c. Provide a new auditor’s report on the auditor to the client’s lawyer as a primary means of
amended financial statements. The new corroborating the information management
auditor’s report shall not be dated earlier provides about litigation, claims, and assessments.
than the date of approval of the
amended financial statements. 6. Pending Litigations Claims and Assessments
These are situations in which a claimant
6. Contingent Liability
has stated that it has suffered a loss and plans to
It is defined as:
seek remuneration, as well as situations in which a
a. A possible obligation that arises from claimant has filed a lawsuit.
past events and whose existence will be
confirmed only by the occurrence or 6. Unasserted Claim
non-occurrence of one or more It is a potential legal claim that has not yet
uncertain future events not wholly within been made by a claimant (e.g., a manufacturer
the control of the enterprise; or knowingly selling a faulty automobile may have
b. A present obligation that arises from unasserted claims from accident victims who have
past events but is not recognized not yet filed them).
because:
6. Management Representation Letter
AUDITING THEORY
It is a form letter written by a company's The auditor shall express an unmodified

external auditors, which is signed by senior opinion when the auditor concludes that the
company management. The letter attests to the financial statements are prepared, in all material
accuracy of the financial statements that the respects, in accordance with the applicable
company has submitted to the auditors for their financial reporting framework.
analysis.
7. Modified Opinion
6. Purposes of the Client Letter of Representation The auditor shall modify the opinion in the
a. It impresses upon management its auditor’s report if he or she:
responsibility for the assertions in the financial
a. Concludes that, based on the audit
statements.
evidence obtained, the financial
b. It provides written representation to the
statements as a whole are not free from
auditor in support of oral responses from
material misstatements; or
management to inquiries about various aspects of
b. Is unable to obtain sufficient appropriate
the audit.
audit evidence to conclude that the
financial statements as a whole are free
6. Consideration of Omitted Procedures After the
from material misstatements.
Report Date
Contents of the Auditor’s Report
Procedures to follow when an auditor discovers
that an audit procedure was deemed necessary but 6. Title
was omitted: The auditor’s report shall have a title that
clearly indicates that it is the report of an
a. Assess importance of omitted
independent auditor.
procedure to support previously
Example: “Independent Auditor’s Report”
expressed opinion. If omission of
procedure impairs present ability
6. Addressee
support report and persons are relying
The auditor’s report shall be addressed, as
on it, action is necessary.
appropriate, based on the circumstances of the
b. Perform omitted procedures. If unable
engagement.
consult lawyer.
Example: “To the shareholders of ABC
c. If evidence supports previously issued
Company”
report, auditor has no further
responsibility.
6. Auditor’s Opinion
d. If evidence would have affected the
The first section of the auditor’s report shall
previously issued report, follow
include the auditor’s opinion and shall have the
procedures to prevent further reliance
heading “Opinion”.
on report.
Example: “In our opinion, the accompanying
financial statements present fairly, in all material
respects, … in accordance with (the applicable
Phase III-B: Forming an Opinion Based on Audit financial reporting framework).”
Findings and Preparing the Auditor’s Report
6. Basis for Opinion
Forms of Opinion The auditor’s report shall include a section
directly following the Opinion section, with the
6. Unmodified Opinion heading “Basis for Opinion”.
AUDITING THEORY
The name of the engagement partner shall

6. Going Concern be included in the auditor’s report for audits of
Where applicable, a going concern complete sets of general-purpose financial
qualification shall be included in the auditor’s statements of listed entities unless, in rare
report. A going concern qualification means an circumstances, such disclosure is reasonably
opinion of an independent accounting firm auditor expected to lead to a significant personal security
that there is substantial doubt regarding the entity's threat.
ability to continue into the future, generally defined
as the following year. 6. Signature of the Auditor
The auditor’s report shall be signed either in
6. Key Audit Matters the name of the audit firm, the personal name of
Key audit matters are those matters that, in the auditor or both, as appropriate for the particular
the auditor’s professional judgment, were of most jurisdiction.
significance in the audit of the financial statements
of the current period. Key audit matters are 6. Auditor’s address
selected from matters communicated with those The auditor’s report shall name the location
charged with governance. in the jurisdiction where the auditor practices.
6. Responsibilities of Management and Those 6. Date of the Auditor’s Report

Charged with Governance The auditor’s report shall be dated no earlier
The auditor’s report shall include a section than the date on which the auditor has obtained
with a heading “Responsibilities of Management for sufficient appropriate audit evidence on which to
the Financial Statements”. In some jurisdictions, base the auditor’s opinion on the financial
the appropriate reference may be to those charged statements.
with governance (instead of being specifically to 6. Supplementary Information Presented with the
management). Financial Statements
Supplementary information refers to
6. Auditor’s Responsibilities for the Audit of the information presented with the audited financial
Financial Statements statements even though it is not required by the
The auditor’s report shall include a section applicable financial reporting framework. Such
with the heading “Auditor’s Responsibilities for the information shall be covered by the auditor’s
Audit of the Financial Statements”. opinion if through the auditor’s professional
judgment, the supplementary information is an
6. Other Reporting Responsibilities integral part of the financial statements due to its
If the auditor addresses other reporting nature or how it is presented.
responsibilities in the auditor’s report in the
financial statements that are in addition to the
auditor’s responsibilities under the ISAs, these 6. Pervasiveness
other reporting responsibilities shall be addressed It is the term used, in the context of
in a separate section in the auditor’s report with a misstatements, to describe the effects on the
heading titled “Report on Other Legal and financial statements of misstatements or the
Regulatory Requirements” or otherwise as possible effects on the financial statements of
appropriate in the content of the section. misstatements, if any, that are undetected due to
an inability to obtain sufficient appropriate audit
6. Name of the Engagement Partner evidence.
AUDITING THEORY
6. Pervasive Effects on the Financial Statements 6. Summary of Types Modified Opinions

a. Those that are not confined to specific
elements, accounts or items of the financial Auditor’s Judgment about the
statements; Nature of Pervasiveness of the Effects or
b. Those, if so confirmed, that represent or Matter Giving Possible Effects on the
could represent a substantial proportion of the Rise to the Financial Statements
financial statements; or Modification Material but Material and
c. Those, in relation to disclosures, are Not Pervasive Pervasive
fundamental to users’ understanding of the Financial Qualified Adverse
financial statements. statements opinion opinion
Types of Modified Opinions are materially
misstated
6. Qualified Opinion Inability to Qualified Disclaimer of
The auditor shall express a qualified opinion obtain opinion opinion
when: sufficient
appropriate
a. The auditor, having obtained sufficient
audit evidence
appropriate evidence, concludes that
misstatements, individually or in
6. Management-Imposed Limitations
aggregate, are material, but not
If, after accepting the engagement, the
pervasive, to the financial statements; or
auditor becomes aware that management has
b. The auditor is unable to obtain sufficient
imposed a limitation on the scope of the audit that
appropriate audit evidence on which to
the auditor considers that it is likely to result in the
base the opinion, but the auditor
need to express a qualified opinion or disclaim an
concludes that the possible effects on
opinion on the financial statements, the auditor
the financial statements of undetected
shall request that management remove the
misstatements, if any, could be material
limitation.
but not pervasive.
6. Adverse Opinion 6. Refusal by the Management to Remove

The auditor shall express an adverse Limitation
opinion when the auditor, having obtained sufficient If management refuses to remove the
appropriate audit evidence, concludes that limitation, the auditor shall communicate the
misstatements, individually or in aggregate, are matter to those charged with governance and
both material and pervasive to the financial determine whether it is possible to perform
statements. alternative procedures to obtain sufficient
appropriate audit evidence.
6. Disclaimer of Opinion
The auditor shall disclaim an opinion when 6. Options When there is Inability to Obtain
the auditor is unable to obtain sufficient Sufficient Appropriate Evidence
appropriate evidence on which to base the opinion,
a. Qualify the opinion if the possible
and the auditor concludes that the possible effects
effects of undetected material
on the financial statements of undetected
misstatements are not pervasive; or
misstatements, if any, could be both material and
b. If the possible effects of undetected
pervasive.
material misstatements are pervasive:
***
AUDITING THEORY
 Resign from the audit, where that the auditor believes that the audit evidence the
practicable and not prohibited by law auditor has obtained is sufficient and appropriate
or regulation; or to provide a basis for the auditor’s modified audit
 If resignation from the audit before opinion.
issuing the auditor’s report is not
practicable or possible, disclaim an 6. Description of Auditor’s Responsibility When the
opinion on the financial statements. Auditor Disclaims an Opinion
When the auditor disclaims an opinion due
Form and Content of the Auditor’s Opinion When
to an inability to obtain sufficient appropriate audit
the Opinion Is Modified
evidence, the auditor shall amend the introductory
paragraph of the auditor’s report to state that the
6. Auditor’s Opinion
auditor was engaged to audit the financial
When an auditor modifies the audit opinion,
statements (e.g., “Our responsibility is to express
the auditor shall use the heading “Qualified
an opinion on the financial statements based on
Opinion,” “Adverse Opinion,” or “Disclaimer of
conducting the audit in accordance with
Opinion,” as appropriate, for the opinion paragraph.
International Standards on Auditing. Because of the
The following are some phrases indicative of the
matter(s) described…”
types of modification in the auditor’s opinion:
6. Communication with Those Charged with
a. Qualified Opinion – “Except for the Governance Regarding the Modification of
matter(s) described in the Basis for Auditor’s Opinion
Qualified Opinion paragraph, the When the auditor expects to modify the
financial statements present fairly, in all opinion in the auditor’s report, the auditor shall
material respects, the… in accordance communicate with those charged with governance
with the applicable financial reporting the circumstances that led to the expected
framework.” modification and the proposed wording of the
b. Adverse Opinion – “Because of the modification.
matter(s) described in the Basis for
Adverse Opinion paragraph, the financial
statements do not present fairly the… in 6. Electronic Data Processing (EDP)
accordance with the applicable financial It is simply the collecting, processing, and
reporting framework.” distributing of information through the use of an
c. Disclaimer of Opinion – “Because of the electronic digital computer to achieve a desired
significance of the matter(s) described result.
in the Basis for Disclaimer of Opinion
paragraph, the auditor has not been able Computer Hardware Components
to obtain sufficient appropriate audit
evidence to provide a basis for an audit 6. Central Processing Unit (CPU)
opinion; and, accordingly, the auditor It consists of the main storage unit, the
does not express an opinion on the arithmetic and logic unit and the control unit.
financial statements.” Additionally, the CPU controls the input and output
6. Description of Auditor’s Responsibility When the devices.
Auditor Expresses a Qualified or Adverse Opinion
When the auditor expresses a qualified or 6. Main Storage Unit (Memory)
adverse opinion, the auditor shall amend the It is used to temporarily store programs and
description of the auditor’s responsibility to state data for processing.
AUDITING THEORY
The organization owns or leases the

6. Arithmetic and Logic Unit equipment and hires the necessary trained
Arithmetic tasks (addition, subtraction, personnel to program, operate, and control the
multiplication, and division), comparisons, and various applications processed with the equipment.
other types of data transformations are
accomplished by the arithmetic and logic unit. The 6. Service Bureau Computer
data and instructions needed for the operation are The computer is used by an independent
called from the computer’s main storage. After the agency which rents computer time and provides
operation, the results are returned to the main programming, key-punching, and other services.
storage unit.
6. Time-Sharing
6. Control Unit Under this system, the organization
It unit regulates the activities of the other acquires a keyboard device capable of transmitting
units and devices by retrieving machine language and receiving data and, by agreement, the right to
instructions from the main storage units and then use a central computer facility. This facility will
interpreting the instructions. Next, the control unit furnish service to several users at the same time.
generates the signals and commands that cause The user company does most of its own
the other units and devices to perform their programming and treats the computer as though
operations at the appropriate times. the company were the only one using it.
6. Input Device 6. Facilities Management

It permits the computer to receive both data This is the latest type of computer service
and instructions for processing (e.g., keyboard, arrangement to be developed. It falls somewhere
mouse, optical disk drive, etc.). between the captive computer and the service
bureau categories. Under facilities management,
6. Output Device the organization needing computer services may
It returns information from the computer to lease or purchase the necessary hardware and
the user (e.g., printer, monitor, optical disk install it on its own premises. Then by negotiation,
authoring device, etc.). an outside contractor with the necessary staff of
*** programmers and operators agrees to manage the
facility.
6. Software ***
It is a series of programs or routines that
provide instructions for operating the computer. 6. Batch Data processing
There are two broad categories of computer It is an efficient way of processing high
software – application programs (e.g., Microsoft volumes of data is where a group of transactions is
Excel, Google Chrome, Etc.) and systems software collected over a period of time. Data is collected,
(Microsoft Windows, MacOS, etc.). entered, processed and then the batch results are
produced. An example is payroll and billing
6. Computer Installations systems.
These are the facilities where the computer
hardware and personnel are located. 6. Direct Random-Access Data Processing
Instead of processing transactions in
Types of Computer Installations batches, the data is processed as the transactions
are entered into the system. It is also known as
6. In-House or Captive Computer real-time data processing.
AUDITING THEORY
a. Documents are not maintained in

6. Database Processing readable form.
A database is a set of interconnected files b. Processing of transactions is more
that users can access to obtain specific consistent.
information. A database eliminates the need for c. Duties are consolidated.
separate, and often repetitive, application-specific d. Reports can be generated easily.
files (e.g., files for payroll and files for personnel
Major Types of Computer Fraud
information are maintained interconnectedly).
6. Salami Technique
6. Control in Small Computer Environments
Computer programs are modified to
Small computer environments refer to the
inappropriately round off calculations to the benefit
use of micro- and minicomputers in data
of the fraud perpetrator. The amounts available
processing. No matter how small the computer
from rounding are then placed in an account
may become, the control objectives remain the
controlled by the perpetrator. In some of the most
same. Segregation of duties becomes especially
famous cases, the payment of centavos of interest
difficult in small computer environments because
detoured from bank accounts amounted to thefts
one individual may perform all recordkeeping
of millions of Pesos.
(processing) as well as maintain other non-
recordkeeping responsibilities. Some of the points
6. Trojan Horse
of emphasis in this environment are:
It is an unauthorized program placed within
a. Security over software and/or data is an authorized one. Trojan horses typically are
more critical than security over designed to wait until a specific time, when they act
hardware (which can easily be and then erase all evidence of their existence. For
replaced). example, a Trojan horse can be used to destroy
b. Independent verification of the important data and then destroy itself. Fired
applications being processed ion the employees have used Trojan horses to destroy their
small computer system should be made employer’s data.
to prevent the system from being used
for personal projects. 6. Virus Programs
c. Centralized authorization to purchase These are programs with unauthorized
hardware and software should be information or instructions. They can spread by the
required to ensure that “fly-by-night” electronic transfer of information between systems
equipment and “garage-developed” or the physical exchange of media, such as disks
software are not purchased and that carried from one system to another.
corporate-wide discounts can be
obtained. 6. Trapdoors
These are unauthorized entry points into
6. Distributed Systems
programs or databases. Through a trapdoor,
These represent a network of remote
individuals can change data or instructions without
computer sites each having a small computer
approval.
connected to the main computer system.
Distributed systems reduce the load on the main
computer by transferring edit or simple processing
6. Auditor’s Responsibilities with Respect to
function to the remote sites.
Internal Control Over EDP Systems
6. Impact of Computers on Accounting Systems
AUDITING THEORY
The auditor’s responsibilities with respect to a. Organizational and operation controls

internal control over EDP systems remains the b. Systems development and
same as with manual systems, that is to obtain an documentation controls
understanding adequate: c. Hardware and systems software
controls
a. To aid in planning and the remainder of
d. Access controls
the audit; and
e. Data and procedural controls
b. To assess control risk.
6. Organizational and Operation Controls
6. Effects of Computer Systems in the Study of
Controls:
Internal Control
Computer systems may: a. Segregate functions between the EDP
department and user departments.
a. Result in transaction trails that exist for
b. Do not allow the EDP department to
a short period of time or only in
initiate or authorize transactions.
computer readable form;
c. Segregate functions within the EDP
b. Include program errors that cause
department.
uniform mishandling of transactions
(clerical errors become less frequent); Key Functions Within the EDP Department
c. Include computer controls that need to
be relied upon instead of segregation of 6. Systems Analyst
functions; He or she is responsible for analyzing the
d. Involve increased difficulty in detecting present user environment and requirements and
unauthorized access; recommending the specific changes which can be
e. Allow increased management made, recommending the purchases of new
supervisory potential resulting from system, and designing a new EDP system.
more timely reports; 6. Applications Programmer
f. Include less documentation of initiation He or she is responsible for writing, testing,
and execution of transactions; and and debugging the application programs from the
g. Include computer controls that affect specifications (whether general or specific)
the effectiveness of related manual provided by the systems analyst.
control procedures that use computer
output. 6. Systems Programmer
He or she is responsible for implementing,
Types of Internal Control Over EDP Activities
modifying, and debugging the software necessary
for making the hardware work (e.g., operating
6. General Controls
system, telecommunications monitor and the
These are controls that affect multiple
database management system).
application systems (e.g., payroll, accounts
payable, and accounts receivable).
6. Operator
He or she is responsible for the daily
6. Application Controls
computer operations of both the hardware and the
These are specialized controls that relate to
software.
specific application instead of multiple
applications.
6. Data Librarian
He or she is responsible for the custody of
6. Categories of General Controls
the removable media (i.e., magnetic tapes or disks),
AUDITING THEORY
and for maintenance of program and system d. Management, users, and EDP personnel
documentation. must approve new systems before they
are placed into operation.
6. Quality Assurance e. All master and transaction file
This function is established primarily to conversion should be controlled to
ensure that new systems under development and prevent unauthorized changes and to
old systems being changed are adequately verify the results on a 100% basis.
controlled and that they meet the users’ f. After a new system is operating there
specifications and follow department should be proper approval of all
documentation standards. program changes.
g. During the change process,
6. Control Group programmers should not have access to
It acts as a liaison between users and the live data files or production programs.
processing center. This group records input data in h. Proper documentation standards should
a control log, follows the progress of processing, exist to assure continuity of the system.
distributes output, and ensures compliance with
Hardware and Systems Software Controls
control totals.
6. Parity Check
6. Data Security
A special bit is added to each character
It is responsible for maintaining the integrity
stored in the memory that can detect if the
of the online access control security software.
hardware loses a bit during the internal movement
Passwords and IDs are issued to users and follow
of a character similar to a check digit.
up is done on all security violations.
6. Echo Check
6. Database Administrator
During the sending and receiving of
He or she is responsible for maintaining the
characters, the receiving hardware repeats back to
database and restricting access to the database to
the sending hardware what it received and the
authorized personnel.
sending hardware automatically resends any
6. Network Technicians
characters that it detects were received incorrectly.
Using line monitoring equipment, they can
see each key stroke made by any user. This group
6. Diagnostic Routines
must have strict accountability controls.
Hardware or software supplied by the
manufacturer check the internal operations and
6. Systems Development and Documentation
devices within the computer system. These
Controls
routines are often activated when the system is
Controls:
booted up.
a. User departments must participate in
systems design. 6. Boundary Protection
b. Each system must have written Most CPUs have multiple jobs running
specifications which are reviewed and simultaneously (multiprogramming environment).
approved by management and by user To ensure that these simultaneous jobs cannot
departments. destroy or change the allocated memory of another
c. Both users and EDP personnel must test job, the system contains boundary protection
new systems. controls.
6. Periodic Maintenance
AUDITING THEORY
The system should be examined periodically The board is programmed with a unique
(often weekly) by a qualified service technician. “key” that makes data unreadable to anyone who
Such service can help to prevent unexpected might intercept a data transmission.
hardware failures.
Data and Procedural Controls
Physical Access Controls
6. Operations Run Manual
6. Limited Physical Access It specifies, in detail, the “how to’s” for each
The physical facility that houses EDP application to enable the computer operator to
equipment, files, and documentation should have respond to any errors that may occur.
controls to limit access only to authorized
individuals (e.g., guard, automated key cards, 6. Backup-and-Recovery
manual key locks, etc.). To ensure the preservation of historical
records and the ability to recover from an
6. Visitor Entry Logs unexpected error, files created within EDP are
Any individual entering a secure are must be backed up in a systematic manner.
either pre-approved by management and waring an
ID badge or authorized by an appropriate individual, 6. Processing Control
recorded in a visitor’s log, and escorted while in the It should be monitored by the control group
secure area. to ensure that processing is completed in a timely
manner, all hardware errors have been corrected,
Electronic Access Controls and output has been properly distributed.
6. Access Control Software (User Identification) 6. File Protection Ring

The most used electronic access control is It is a processing control to ensure that an
a combination of a unique identification code and a operator does not use a magnetic tape as a tape to
confidential password. Passwords should be either write on when it actually has critical information on
reissued periodically or periodically expire and it. If the ring is on the tape, data can be written on
force users to change their password to ensure that the tape.
only the individual that is assigned to the account
has access to it. 6. Internal and External Labels
External labels are paper labels, attached on
6. Call Back a reel of tape or other storage medium which
It is a specialized form of user identification identify the file. Internal labels perform the same
that is used in highly sensitive systems. In a call function through the use of machine-readable
back system, the user dials up the system, identification in the first record of a file. The use of
identifies him/herself, and is disconnected from the labels allows the computer operator to determine
system. Then either (1) an individual manually whether the correct file has been selected for
looks up the authorized telephone number for the processing.
individual or (2) the system automatically looks up
the authorized telephone number of that individual, Application Controls for Input
calls back the individual, and reestablishes
communications. 6. Input Controls
a. Input data should be properly authorized
6. Encryption Boards and approved.
AUDITING THEORY
b. The system should verify all significant test for scores over 100). A reasonableness check
data fields used to record information (editing the is similar to a validity check (see no. ).
data).
c. Conversion of data into machine-readable 6. Memo Driven Input
form should be controlled and verified for accuracy. If input is being entered into a CRT, then the
d. Movement of data between processing operator should be greeted by a menu and
steps and departments should be controlled. prompted as to the proper response to make [e.g.,
e. The correction of errors and What scored did you get on the Auditing part of the
resubmission of corrected transactions should be CPA Exam (75-100)?].
reviewed and controlled.
6. Field Checks
6. Preprinted Form Checks that make certain only numbers,
Information is pre-assigned to a place and a alphabetical characters, special characters, and
format on the input form used. The form reduces proper positive and negative signs are accepted
the possibility that computer input operators will into a specific data field where they are required.
miss or ignore input data recorded by users. This
control is used when large quantity of repetitive 6. Validity Check
data is inputted. A check which allows only “valid
transactions or data to be entered into the system
6. Check Digit (e.g., field accepting “male” or “female” response
An extra digit is added to an identification only).
number to detect certain types of data
transmission or transportation errors. It is used to 6. Missing Data Check
verify that the number was entered into the If blanks exist in input data where they
computer system correctly. should not (e.g., an employee’s division number), an
error message would result.
6. Control, Batch, or Proof Total
A total of one numerical field for all the 6. Field Size Check
records of a batch that normally would be added If an exact number of characters is to be
(e.g., total sales persons). inputted, an error message would result if the
number of characters inputted is less than or
6. Hash Totals greater than the requirement.
A total of one field for all the records of a
batch where the total is a meaningless total for 6. Logic Check
financial purposes (e.g., a mathematical sum of It ensures that illogical combinations of
account numbers added together). inputs are not accepted into the computer (e.g., the
field total for raw material is validated by footing
6. Record Count price times quantity).
A control total used for accountability to
ensure all the records received are processed. Application Controls for Processing
6. Reasonableness and Limit Tests 6. Processing Controls

These tests determine if amounts are too a. Control totals should be produced and
high, too low, or unreasonable (e.g., for a field that reconciled with input control totals – proof of batch
indicates auditing exam scores, a limit check would totals.
AUDITING THEORY
b. Controls should prevent processing the Time restraints and output page generation
wrong file and detect errors in file manipulation – constraints are often automated within the job
label checks. being run to ensure that, if processing is being done
c. Limit and reasonableness checks should in error, the job will not utilize resources needlessly.
be incorporated into programs to prevent illogical
results such as reducing inventory to a negative 6. Error Message Resolution
value. Following each job, the system provides
d. Run-to-run totals should be verified at technical codes indicating the perceived success of
appropriate points in the processing cycle. This the job run. The operator should be trained to
ensures that records are not added or lost during recognize these codes and take appropriate action
the processing runs. detailed in the operations run manual.
6. Checkpoint / Restart Capacity
If a particular program requires a significant
amount of time to process, it is desirable to have 6. Computer Information System
software within the application that allows the It is a system composed of people and
operator the ability to restart the application at the computers that processes or interprets
last checkpoint passed as opposed to restarting information.
the entire application.
6. Review of the CIS
6. Error Resolution Procedure If the client uses CIS, the auditor must be
Individual transactions may be rejected capable of understanding the entire system to
during processing as a result of the error detection evaluate the client’s internal control. The auditor’s
controls in place. There should be complementary primary concern therefore is to determine whether
controls that ensure those records are corrected the system provides reasonable assurance that
and reentered into the system. Logging of errors in errors and irregularities have been and will be
a suspense file of “suspended” transactions is prevented or detected on a timely basis by
often used to control error resolution. employees in the course of their normal activities.
Application Controls for Output 6. Compliance Testing of CIS Controls

After reviewing the CIS controls, the auditor
6. Output Controls attempts to gather evidence to provide reasonable
a. Output control totals should be reconciled assurance that the prescribed controls are
with input and processing control totals. functioning properly.
b. Output should be scanned and tested by
comparison to original source documents. Types of Compliance Tests Applicable to CIS
c. Systems output should be distributed Environments
only to authorized users.
6. Control Total 6. Auditing Around (without Using) the Computer
The user of the application will frequently It means the auditor does not use the
give the operator the expected result of processing computer to perform tests, select samples, etc. If
ahead of time to allow the operator to verify that there is an adequate audit trail, the auditor can do
processing was completed properly to notify the the following:
user if the totals did not agree. a. Examine for evidence of controls (i.e.,
error logs, batch control records, etc.);
6. Limiting the Quantity of Output and Total b. Trace transactions using printouts to
Processing Time follow input documents through final report; and
AUDITING THEORY
c. Process sample transactions manually d. Examining records which meet criteria

and compare with the printouts. specified by the auditor (e.g., property acquisitions
6. Auditing Through (with the Use of) Computer in excess of P10,000)
The auditor can use a computer program e. Selecting audit samples
(provided by the client or prepared by the auditor) f. Comparing data that exist on separate
to examine data files and perform many of the files
clerical tasks previously performed by a junior g. Summarizing data
auditor. h. Comparing data obtained through other
audit procedures with client records
Substantive Testing of Computer-Based Records i. Identify weaknesses in internal control
j. Prepare flowcharts of client transaction
6. Substantive Testing without Using the Computer cycles and of client programs
Printouts are used to test the correctness of k. Prepare graphic displays of data for
accounts and as a basis from which samples will easier analysis
be selected for further testing or confirmation. l. Correspondence (e.g., engagement letters,
representation letters, attorney’s letters)
6. Substantive Testing with the Use of a Computer 6. Test Data
Auditor uses a program written to gain A set of dummy transactions is developed
access to the computer-based records. Once by the auditor and processed by the client’s
access has been achieved, the auditor can use the computer programs to deter
computer to perform those procedures which are
clerical in nature.
***
6. Sources of Programs Used for Substantive

Testing of Computer-Based Records
a. Auditor written programs
b. Auditee programs – coded by the
company’s own programmer to meet the auditor’s
needs. This will require additional precautions on
the part of the auditor.
c. Utility programs – provided by software
vendors and used to obtain data.
d. Generalized computer audit programs –
offer audit-oriented functions for use in accessing
and testing records.
Audit Techniques Using Computers
6. Audit Software
Some of the audit procedures that may be
performed by generalized audit software include:
a. Testing client calculations
b. Making additional calculations
c. Extracting data from client files

Auditing Theory

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Auditing Theory

Uploaded by

Copyright:

Available Formats

AUDITING THEORY

1. Professional Accountant He or she is a person who, after obtaining

6. Practice in the Government 12. Commission on Audit (COA)

22. Auditing and Assurance Standards Council

These standards are to be applied for all

He or she is the person who provides the

46. A Three-Party Relationship 55. Physical Characteristics

Components of the Three-Party Relationship 57. Behavior

a. Evidence is more reliable when it is

It refers to the work done by professional Having accepted an assurance engagement,

106. Independent or External Auditor It means that there is absolutely no

107. Internal Auditor 114. Inherent Limitations in an Audit Hindering the

impartial and unbiased judgment in the conduct of

a. Audits of financial statements prepared

124. Compliance Audit 129. Philippine Accountancy Act of 2004 (R.A.

c. To administer oaths in connection with confidential information in the

a. Theory of Accounts examinations unless he/she submits evidence to

182. Pursuit of Excellence 189. Confidentiality

Fundamental Principles of Ethics

186. Integrity Categories of Threats

195. Advocacy Threat a. Leadership of the firm that stresses the

expected to have been, considered by that party's 209. Certificate of Accreditation

d. A partnership can handle larger He or she is concerned about the overall

214. Disadvantages of Partnership Form of

a. Personal differences between partners 218. Audit Manager/Supervisor

Moreover, a professional accountant in confidentiality, and professional behavior), which

240. Risk-Based Audit Approach 244. Audit Risk

PHASE I: RISK ASSESSMENT 255. Responsibilities of the Management

a. For the preparation of financial engagement where there is no

a. The auditor shall assess whether

updated and changed as necessary during the

288. Completion of the Initial Audit Program

292. Documentation of Audit Plan/Audit Program

300. Inspection 307. Applicable Financial Reporting Framework

improve the business performance or to misstate 315. Audit Risk Model

313. Material Weakness in Internal Control 318. Control Risk

314. Documentation 319. Detection Risk

a. Financial statement accounts likely to

c. Participation by those charged with

a. Control Environment 337. Information System

*** Procedures that ensure that a proper price

a. Internal Accounting Control

358. Implications of Assessment of Control Risk at 362. Tests of Controls

appropriate memoranda or notations in from which the financial statements are

a. Fraud 371. Factors Contributing to Commitment of Fraud

appointment or, in some cases, to 393. Corporate Governance

398. Management 401. Securities and Exchange Commission

expenses (i.e., over accrued reserves

b. Substantive procedures (see no. 326 for b. Tests of balances

Types of Compliance Tests 433. Tests of Transactions

e. Comparison of current financial orders, receiving reports), titles,

Types of Financial Statement Assertions Relating

d. The relative risk of material errors or d. Timeliness of the evidence.

480. Factors that Determine the Amount of

c. Cost in relation to the benefit obtained It consists of checking the mathematical

Procedures for Obtaining Audit Evidence

confirmation requests and verified that the supporting documents (cash

c. Review subsequent events which

501. Related Parties a. The nature and materiality of the

501. Evidence for Related Party Transactions 506. Sampling Risk

502. Audit Sampling Selecting Items for Testing to Gather Audit

performed by a computer information Sample Risks to Be Considered in Performing

suppliers’ statements, unmatched It is the process of dividing a population into