Professional Documents
Culture Documents
Auditing Theory
Auditing Theory
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
15. Philippine Institute of Certified Public 21. International Auditing Practices Committee
Accountants (PICPA) (IAPC)
PICPA is the accredited national The IAPC is a standing committee of the
professional organization of CPAs. It serves all Council of IFAC and is responsible for the
members in the different sectors of the accounting development and issuance on behalf of the Council,
profession. Year-round professional development standards and statements on a variety of audit and
programs and regular fellowship and sport attests functions in order to improve the degree of
activities are sponsored by the association for its uniformity of auditing practices and related
members. services throughout the world.
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
48. Practitioner
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
Examples: corporate governance, 65. Ways of How Criteria Are Made Available to
compliance with regulation, human resource Intended Users
practices
a. Publicly
***
b. Through inclusion in a clear manner in
the presentation of the subject matter
58. Criteria for Appropriateness of Subject Matter
information
Suitable Criteria
c. Through inclusion in a clear manner in
An appropriate subject matter is:
the assurance report
a. Identifiable and capable of consistent d. By general understanding (e.g., criterion
evaluation or measurement against for measuring time in hours and
identified criteria; and minutes)
b. Such that the information can be
66. Audit Evidence
subjected to procedures for gathering
It is all the information used by the auditor
sufficient appropriate evidence to
in arriving at the conclusions on which the audit
support a reasonable assurance or
opinion is based and includes the information
limited assurance conclusion, as
contained in the accounting records underlying the
appropriate.
financial statements and other information.
Characteristics of Suitable Criteria
67. Sufficient Appropriate Evidence
60. Relevance The practitioner plans and performs an
Relevant criteria contribute to conclusions assurance engagement with an attitude of
that assist decision-making by the intended users. professional skepticism to obtain sufficient
appropriate evidence about whether the subject
61. Completeness matter information is free of material
Criteria are sufficiently complete when misstatement.
relevant factors that could affect the conclusions in
the context of the engagement circumstances are 68. Professional Skepticism
not omitted. An attitude of professional skepticism
means the practitioner makes a critical
62. Reliability assessment, with a questioning mind, of the validity
Reliable criteria allow reasonably consistent of evidence obtained and is alert to evidence that
evaluation or measurement of the subject matter contradicts or brings into question the reliability of
including, where relevant, presentation and documents or representations by the responsible
disclosure, when used in similar circumstances by party.
similarly qualified practitioners.
69. Sufficiency of Evidence
63. Neutrality Sufficiency is the measure of the quantity of
Neutral criteria contribute to conclusions evidence.
that are free from bias.
70. Appropriateness of Evidence
64. Understandability Appropriateness is the measure of the
Understandable criteria contribute to quality of evidence; that is, its relevance and
conclusions that are clear; comprehensive, and not reliability.
subject to significantly different interpretations.
***
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
71. Relationship between the Quantity of Evidence considered to have an impact on the decision
Needed and the Risk of the Subject Matter making of users.
Information Being Materially Misstated
The greater the risk, the more evidence is 75. Relationship between the Quantity of Evidence
likely to be required (direct relationship). Needed and Materiality
The higher the materiality level, the lower
71. Relationship between the Quantity of Evidence the audit risk and vice versa (inverse relationship).
Needed and the Quality of Such Evidence
The higher the quality of audit evidence, the 76. Relationship between the Quantity of Evidence
less may be required. However, merely obtaining Collected Assurance Engagement Risk
more evidence may not compensate for its poor It is the risk that the practitioner expresses
quality (interrelated). an inappropriate conclusion when the subject
matter information is materially misstated. The
72. Generalizations about the Reliability of lesser evidence collected, the higher the assurance
Evidence engagement risk and vice versa.
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
84. Reports on Non-Assurance Engagements 87. Challenges Faced by the Public Accounting
Reports on these types of engagements Profession
must be clearly distinguished from reports on
assurance engagements. So as not to confuse the a. Accounting in highly complex business
users, a report that is not an assurance report environment or increasingly complex
avoids the following: transaction and organizational standard.
b. Computer systems are complex.
a. Implying compliance with the c. Many companies are global.
Framework, PSAs, PSREs and PSAEs; d. There is time pressure to get the audit
b. Inappropriately using the words done and to report more quickly than
“assurance”, “audit” or review”; and ever before.
c. Including a statement that could e. There is a need to generate audit fees
reasonably be mistaken for a sufficient to both attract new people to
conclusion designed to enhance the the profession and retain managers and
degree of confidence of intended users partners, who often operate under
about the outcome of the evaluation or having stress to fulfill this most
measurement of a subject matter important obligation.
against criteria.
88. Expectation Gap
85. Summary of Reports Provided by Different It is the gap between what auditors attempt
Types of Engagements to do in an audit and the user’s expectations of the
a. Audit – Positive assurance on audit.
assertion(s)
b. Review – Negative assurance on
assertion(s) 89. Auditing
c. Agreed-Upon Procedures – Factual It is a systematic process by which a
findings on procedures competent, independent person objectively obtains
d. Compilation – Identification of and evaluates evidence regarding assertions about
information compiled economic actions and events to ascertain the
degree of correspondence between those
86. Conversion of an Assurance Engagement to a
Non-Assurance Engagement
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
assertions and established criteria and The likelihood that unreliable information
communicating the results to intended users. will be provided to decision makers. It is the reason
why independent auditing is necessary.
Key Words and Phrases in the Definition of Auditing
100. Factors that Contribute to Information Risk
91. Systematic Process
a. Remoteness of information users from
This implies a structured, logical and
information providers
organized series of steps and procedures.
b. Potential bias and motives of
information provider
92. Competent, Independent Person
c. Voluminous data
The auditor must be qualified to understand
d. Complex exchange transactions
the criteria used and the competence to know how
and what evidence to accumulate to reach the 101. Ways of Reducing Information Risk
proper conclusion.
a. Allow users to verify information.
93. Objectively Obtains and Evaluates Evidence b. User shares information risk with
This means examining the bases for the management.
assertions (representations) and judiciously c. Have the financial statements audited.
evaluating the result without bias or prejudice either General Types of Audit
for or against the individual (or entity) making the
representations. 103. Independent Financial Statements Audit
It consists of methodological review and
94. Assertions about Economic Actions and Events objective examination of financial statements
These are the representations made by the prepared by an enterprise (auditee) to determine if
individual or entity. such statements have been prepared in conformity
with financial reporting practices that are
appropriate for the auditee.
95. Degree of Correspondence
This refers to the closeness with which the 104. Internal Audit
assertions can be identified with established It is an independent, objective assurance
criteria. and consulting activity designed to add value and
improve an organization’s operations. It helps an
96. Established Criteria organization accomplish its objectives by brining a
These are the standards against which the systematic, disciplined approach to evaluate and
assertions or representations are judged. improve the effectiveness of risk management,
97. Communicating the Results control and government processes.
This is often referred to as attestation. The
final stage in the audit process is the audit report – 105. Government Audit
the communication of the findings to users. It involves the determination of whether
government funds are being handled properly and
98. Interested Users in compliance with existing laws and whether the
These are individuals who use (rely on) the programs are being conducted efficiently and
auditor’s findings (e.g., stockholders, management, economically.
creditors, governmental agencies and the public).
*** Types of Auditors
99. Information Risk
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
131. Scope of Practice of Public Accountancy c. Must be a good moral character and
must not have been convicted of crimes
a. Practice of public accountancy
involving moral turpitude; and
b. Practice in commerce and industry
d. Must not have any pecuniary interested,
c. Practice in education or academe
directly or indirectly, in any schools,
d. Practice in the government
college, university or institution
132. Professional Regulatory Board of conferring an academic degree
Accountancy (PRBOA or BOA) necessary for admission to the practice
See no. 10 for relevant notes. of accountancy or where review classes
in preparation for the licensure
133. Composition of BOA examination, are being offered or
The Professional Regulatory Board of conducted, nor shall he/she be a
Accountancy, hereinafter referred to as the Board, member of the faculty or administration
under the supervision and administrative control of thereof at the time of his/her
the Professional Regulation Commission, appointment to the Board.
hereinafter referred to as the Commission, shall be
composed of a chairman and six (6) members to
136. Term of Office of the Members of BOA
be appointed by the President of the Philippines
The chairman and members of the board
from a list of three (3) recommendees each
shall hold office for a term of three years Any
position and ranked by the Commission, from list of
vacancy occurring within the term or a member
five (5) nominees for each position submitted by
shall be filled up for the unexpired portion of the
the accredited national professional organization of
term only No person who has served two (2)
certified public accountants The board shall elect a
successive complete terms shall be eligible for
vice-chairman from among its members for a term
reappointment until the lapse of one (1) year
of one (1) year meetings of the board and in the
Appointment to fill-up an expired term is not to be
event of a vacancy in the office of the chairman, the
considered as a complete term.
vice chairman shall assume such duties and
responsibilities until such time as a chairman is
137. Compensation and Allowances of the Board
appointed.
The chairman and members of the board
shall receive compensation and allowances
134. Accredited Professional Organization (APO)
comparable to that being received by the chairman
Philippine Institute of Certified Public
and members of existing regulatory boards under
Accountants (PICPA)
the commission as provided for in the General
Appropriations Act.
135. Qualification of Members of BOA
A member of the board shall, at the time of
138. Powers and Functions of the Board
his/her appointment, possess the following
The board shall exercise the following
qualifications:
specific powers, functions and responsibilities:
a. Must be a natural born citizen and a
resident of the Philippines;
a. To prescribe and adopt the rules and
b. Must be a duly registered Certified
regulations necessary for carrying out
Public Accountant with at least ten (10)
the provisions of this Act;
years of work experience in any scope
b. To supervise the registration, licensure
of practice of accountancy;
and practice of accountancy in the
Philippines;
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
Board, and copies thereof shall be made available The Board may, after the expiration of two
to any party as may be deemed necessary. (2) years from the date of revocation of a certificate
of registration and upon application and for
151. Indication of Certificate of Registration, reasons deemed proper and sufficient, reinstate the
Identification Card and Professional Tax Receipt validity of a revoked certificate of registration and
The certified public accountant shall be in so doing, may, in its discretion, exempt the
required to indicate his/her certificate of applicant from taking another examination.
registration number, and date of issuance, the A new certificate of registration to replace
duration of validity, including the Professional Tax lost, destroyed, or mutilated certificate/license may
Receipt number on the documents he/she signs, be issued, subject to the rules promulgated by the
uses or issues in connection with the practice of Board and the Commission, upon payment of the
his/her profession. required fees.
152. Refusal to Issue Certificate of Registration 155. Prohibition in the Practice of Accountancy
and Professional Identification Card Vested Rights to CPAs Registered When R.A. 9298
The Board shall not register and issue a Was Passed
certificate of registration and professional No person shall practice accountancy in this
identification card to any successful examinee country, or use the title “Certified Public
convicted by a court of competent jurisdiction of a Accountant”, or use the abbreviated title “CPA” or
criminal offense involving moral turpitude or guilty display or use any title, sign, card, advertisement, or
of immoral and dishonorable conduct or to any other device to indicate such person practices or
person of unsound mind In the event of refusal to offers to practice accountancy, or is a certified
issue certificate for any reason, the Board shall give public accountant, unless such person shall have
the applicant a written statement setting forth the received from the Board a certificate of
reasons for such action, which statement shall be registration/professional license and be issued a
incorporated in the record of the Board. professional identification card or a valid
temporary/special permit duly issued to him/her by
153. Suspension and Revocation of Certificates of the Board and the Commission.
Registration and Professional Identification Card
and Cancellation of Special Permit 156. Vested Rights: Certified Public Accountants
The Board shall have the power, upon due Registered When This Law is Passed
notice and hearing, to suspend or revoke the All certified public accountants registered at
practitioner’s certificate of registration and the time this law takes effect shall automatically be
professional identification card or suspend him/her registered under the provisions hereof, subject
from the practice of his/her profession or cancel however, to the provisions herein set forth as to
his/her special permit for any of the causes or future requirements Certificates of
grounds mentioned under section 23 of this Act or registration/professional license held by such
for any unprofessional or unethical conduct, persons in good standing shall have the same force
malpractice, violation of any of the provisions of and effect as though issued after the passage of
this Act, and its implementing rules and regulations, this Act.
the Certified Public Accountant’s Code of Ethics
and the technical and professional standards of 157. Limitation of the Practice of Public
practice for certified public accountants. Accountancy
Single practitioners and partnerships for the
154. Reinstatement, Reissuance and Replacement practice of public accountancy shall be registered
of Revoked Loss Certificates certified public accountants in the Philippines:
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
Provided, That from the effectivity of this Act, a payment of a required fees and dues Membership
certificate of accreditation shall be issued to in the integrated organization shall not be a bar to
certified public accountants in public practice only membership in any other association of certified
upon showing, in accordance with rules and public accountants.
regulations promulgated by the Board and
approved by the Commission, that such registrant 160. Accreditation to Practice Public Accountancy
has acquired a minimum of three (3) years Certified public accountants, firms and
meaningful experience in any of the areas of public partnerships of certified public accountants,
practice including taxation: Provided, further, That engaged in the practice of public accountancy,
this requirement shall not apply to those already including partners and staff members thereof, shall
granted a certificate of accreditation prior to the register with the Commission and the Board, such
effectivity of this Act The Securities and Exchange registration to be renewed every three (3) years:
Commission shall not register any corporation Provided, That subject to the approval of the
organized for the practice of public accountancy. Commission, the Board shall promulgate rules and
regulations for the implementation of registration
158. Ownership of Working Papers requirements including the fees and penalties for
All working papers, schedules and violation thereof.
memoranda made by a certified public accountant
and his staff in the course of an examination, 161. Continuing Professional Education (CPE)
including those prepared and submitted by the Program
client, incident to or in the course of an All certified public accountants shall abide
examination, by such certified public accountant, by the requirements, rules and regulations on
except reports submitted by a certified public continuing professional education to be
accountant to a client shall be treated confidential promulgated by the Board, subject to the approval
and privileged and remain the property of such of the Commission, in coordination with the
certified public accountant in the absence of a accredited national professional organization of
written agreement between the certified public certified public accountants or any duly accredited
accountant and the client, to the contrary, unless educational institutions For this purpose, a CPE
such documents are required to be produced Council is hereby created to implement the CPE
through subpoena issued by any court, tribunal, or program.
government regulatory or administrative body.
162. Seal and Use of Seal
159. Accredited Professional Organization All licensed Certified Public Accountants
All registered certified public accountants shall obtain and use a seal of a design prescribed
whose names appear in the roster of certified by the Board bearing the registrant’s name,
public accountants shall be united and integrated registration number and title The auditor’s reports
through their membership in a one only registered shall be stamped with said seal, indicating therein
and accredited national professional organization his/her current Professional Tax Receipt (PTR)
of registered and licensed certified public number, date/place of payment when filed with
accountants, which shall be registered with the government authorities or when used
Securities and Exchange Commission as a professionally.
nonprofit corporation and recognized by the Board,
subject to the approval by the Commission The 163. Foreign Reciprocity
members in the said integrated and accredited Subjects or citizens of foreign countries
national professional organization shall receive may be allowed to practice accountancy in the
benefits and privileges appurtenant thereto upon Philippines in accordance with the provisions of
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
existing laws, international treaty obligations subject to the approval of the Commission, shall,
including mutual recognition agreements entered upon conviction, be punished by a fine of not less
into by the Philippine government with other than Fifty thousand pesos (P50,000.00) or by
countries A person who is not a citizen of the imprisonment for a period not exceeding two (2)
Philippines shall not be allowed to practice years or both.
accountancy in the Philippines unless he/she can
prove, in the manner provided by the Rules of Court 166. CPAs Legal Liability
that, by specific provision of law, the country of Audit professionals have a responsibility
which he/she is a citizen, subject or national admits under common law to fulfill expressed and implied
citizens of the Philippines to the practice of the contracts with clients. They are liable to their
same profession without restriction. clients for negligence and/or breach of contracts
should they fail to provide services or not exercise
164. Coverage of Temporary/Special Permits due care in their performance.
Special/temporary permit may be issued by
the Board subject to the approval of the 167. Management’s Responsibility of Compliance
Commission and payment of the fees the latter, has with Laws and Regulations
prescribed and charged thereof to the following It is management’s responsibility to ensure
persons: that the entity’s operations are conducted in
accordance with laws and regulations. The
a. A foreign certified public accountant
responsibility for the prevention and detection of
called for consultation or for a specific
noncompliance rests with management.
purpose which, in the judgment of the
The auditor is no, and cannot be held
Board, is essential for the development
responsible for preventing non-compliance. The
of the country: Provided, That his/her
fact that an annual audit is carried out may,
practice shall be limited only for the
however, act as a deterrent. An audit is subject to
particular work that he/she is being
the unavoidable risk that some material
engaged: Provided, further, That there is
misstatements of the financial statements will not
no Filipino Certified Public Accountant
be detected, even though the audit is properly
qualified for such consultation or
planned and performed in accordance with PSAs.
specific purposes;
This risk is higher with regard to material
b. A foreign certified public accountant
misstatements resulting from non-compliance with
engaged as professor, lecturer or critic
laws and regulations.
in fields essential to accountancy
education in the Philippines and his/her
168. Procedures When Noncompliance is
engagement is confined to teaching
Discovered
only; and
When the auditor believes there may be non-
c. A foreign certified public accountant
compliance, the auditor should document the
who is an internationally recognized
findings and discuss them with the following (in
expert or with specialization in any
order of priority):
branch of accountancy and his/her
service is essential for the advancement a. Management
of accountancy in the Philippines. b. Entity’s lawyer if the management does
not provide satisfactory information that
165. Penal Provisions
it is in fact in compliance.
Any person who shall violate any of the
c. Auditor’s own lawyer if it is not
provisions of this Act or any of its Implementing
considered appropriate to consult the
rules and regulations as promulgated by the Board
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
entities lawyer or when the auditor is not letter of an agreement; do not interpret agreements
satisfied with the opinion. in an unreasonably technical or legalistic manner in
order to rationalize noncompliance or create
excuses and justifications for breaking
169. Ethics commitments.
Ethics consist of moral principles and
standards of conduct. It is a branch of philosophy 177. Loyalty (Fidelity)
that deals with the study of the rightness or Be faithful and loyal to family, friends,
wrongness of human actions. employers, clients and country; do not use or
disclose information learned in confidence; in a
170. Unethical Behavior professional context, safeguard the influences and
It refers to a conduct that differs from what conflicts of interest.
people believe would have been appropriate given
the circumstances. 178. Fairness
Be fair and open-minded, be willing to admit
171. Reasons Why People Act Unethically error and, where appropriate, change positions and
beliefs, demonstrate a commitment to justice, the
a. The person’s ethical standards are equal treatment of individuals, and tolerance for
different from those of society as a and acceptance of diversity; do not overreach or
whole; or take undue advantage of another’s mistakes or
b. The person chooses to act selfishly. adversities.
In many instances, both reasons exist.
179. Caring for Others
172. Rationalizing Unethical Behavior Be caring, kind, and compassionate; share,
be giving, be of service to others; help those in need
a. Everybody does it. and avoid harming others.
b. If it’s legal, it’s ethical.
c. Likelihood of discovery and 180. Respect for Others
consequences Demonstrate respect for human dignity,
privacy, and the right to self-determination of all
Characteristics and Values Associated with Ethical
people; be courteous, prompt, and decent; provide
Behavior
others with the information they need to make
informed decisions about their own lives; do not
174. Integrity
patronize, embarrass, or demean.
Be principled, honorable, upright,
courageous and act on convictions; do not be two-
181. Responsible Citizenship
faced, or unscrupulous, or adopt an end-justifies-
Obey just laws; if all law is unjust, openly
the-means philosophy that ignores principle.
protest it, exercise all democratic rights and
privileges responsibly by participation (voting and
175. Honesty
expressing informed views), social consciousness,
Be truthful, sincere, forthright,
and public service; when in a position of leadership
straightforward, frank, candid; do not cheat, steal,
or authority, openly respect and honor democratic
lie, deceive, or act deviously.
processes of decision making, avoid unnecessary
secrecy or concealment of information, and assure
176. Promise Keeping
that others have all the information they need to
Be worthy of trust, keep promises, full
make intelligent choices and exercise their rights.
commitments, abide by the spirit as well as the
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
the person or persons who made the e. Appropriate documentation of the work
appointment or, in some cases, to performed and of the timing and extent
regulatory authorities; and of the review; and
b. The possibility of withdrawing from the f. Processes to keep all policies and
engagement or from both the procedures current.
engagement and the client relationship.
231. Supervision
229. Human Resources Supervision involves directing the efforts of
The firm shall establish policies and assistants who are involved in accomplishing the
procedures designed to provide it with reasonable objectives of the audit and determining whether
assurance that it has sufficient personnel with the those objectives were accomplished. Elements of
capabilities, competence and commitment to supervision include instructing assistants, keeping
ethical principles. The following are the personnel informed of significant problems encountered,
issues to be addressed by such policies and reviewing the work performed, and dealing with
procedures: differences of opinion among firm personnel. The
extent of supervision appropriate in a given
a. Recruitment
instance depends on many factors, including the
b. Performance evaluation
complexity of the subject matter and the
c. Capabilities
qualifications of persons performing the work.
d. Competence
e. Career development
232. Review
f. Competence
The work of the members of the audit team
g. Promotion
is important for the success of the engagement.
h. Compensation
Therefore, the firm needs to make sure the good
i. Estimation of personnel needs
quality of each output. This requires proper review
and supervision from the person who has better
experiences and knowledge.
230. Engagement Performance
The firm promotes consistency in the 233. Consultation
quality of the engagement performance through its It includes discussion, at the appropriate
policies and procedures. This is often professional level, with individuals within or outside
accomplished through written or electronic the firm who have specialized expertise, to resolve
manuals, software tools or other forms of standard a difficult or contentious matter.
documentation. Matters addressed may include:
234. Differences of Opinion
a. How engagement teams are briefed on As necessary, the engagement partner
the engagement to obtain informs members of the engagement team that
understanding of the objectives of their they may bring matters involving differences of
work; opinion to the attention of the engagement partner
b. Processes for complying with applicable or others within the firm as appropriate without fear
engagement standards; of reprisals.
c. Processes of engagement supervision,
staff training and coaching; 235. Engagement Quality Control Review
d. Methods of reviewing the work It ordinarily involves discussion with the
performed, the significant judgments engagement partner, a review of the financial
made and the form of report being statements or other subject matter information and
issued; the report, and, in particular, consideration of
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
whether the report is appropriate. It also involves a d. The auditor inquires about controls in
review of selected working papers relating to place to mitigate those risks (usually
significant judgments the engagement team made high-risk areas are the main concern)
and the conclusions they reached. e. The auditor tests those controls in place
and subsequently re-assesses the prior
236. Engagement Quality Control Reviewer risk ratings
He or she conducts the review in a timely f. Auditor performs analytical reviews on
manner at appropriate stages during the low risk areas (if adequate, with minimal
engagement so that significant matters may be substantive testing)
promptly resolved to the reviewer’s satisfaction g. Auditor performs analytical reviews on
before the report is issued. medium/high risk areas with intensive
substantive testing.
237. Monitoring
241. Account-Based Audit Approach
Its objective is to provide reasonable
In this audit approach, auditors first obtain
assurance that the policies and procedures relating
an understanding of control and assess control risk
to the system of quality control are relevant,
for particular types of errors and frauds in specific
adequate, operating effectively and complied with
accounts.
in practice. It includes an ongoing consideration
and evaluation of the firm’s system of quality a. Management provides a set of accounts
control including a periodic inspection of a b. Management provides internal control
selection of completed engagements. report (ICR)
c. The auditor proceeds to test each line
238. Documentation item in the Financial Statement, and
Its purpose is to provide evidence of the sample of controls from ICR.
operation of each element of an audit firm’s system
242. Risk
of quality control.
It is the potential for uncontrolled loss of
something of value.
Approaches to Auditing Critical Components of Risk
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
It is the risk that relate directly to the Phase I-A: Performance of Preliminary
recording of transactions and presentation of Engagement Activities to Decide whether to
financial data in an organization’s financial Accept or Continue an Audit Engagement
statements.
252. Purpose of Performing Preliminary
247. Business Risk Engagement Activities
It refers to the risk that affects the The main purpose of performing preliminary
operations and potential outcomes of engagement activities is to eliminate engagement
organizational activities. risks through the ensuring of the following:
***
a. The auditor maintains necessary
independence and ability to perform
248. Ways to Control Audit Risk
the engagement;
a. Avoid audit risk by not accepting certain b. There are no issues with management
companies as client (i.e., reduce integrity that may affect the auditor’s
engagement risk to zero); and willingness to continue the
b. Set audit risk at a level that the auditor engagement; and
believes will mitigate the likelihood that c. There is no misunderstanding with the
the auditor will fail to identify material client as to the terms of the
misstatements. engagement.
249. Phases of the Risk-Based Audit Process 253. Items to Be Assessed before Accepting an
Engagement
Phase I: Risk Assessment
Before accepting an engagement with a
o Phase I-A: Performance of
new client, the CPA firm shall assess whether it:
Preliminary Engagement Activities
o Phase I-B: Planning the Audit a. Is competent to perform the
o Phase I-C: Performance of Risk engagement and has the capabilities,
Assessment Procedures including time and resources to do so;
Phase II: Risk Response b. Can comply with the relevant ethical
o Phase II-A: Designing Overall requirements;
Responses and Further Audit c. Has considered the integrity of the client
Procedures and does not have information that
o Phase II-B: Implementing Responses would lead it to conclude that the client
to Assessed Risk of Material lacks integrity.
Misstatement
Phase III: Reporting
254. Preconditions for an Audit to Be Established
o Phase III-A: Evaluating the Audit
Evidence Obtained a. Whether the financial reporting
o Phase III-B: Forming an Opinion framework to be applied in the financial
Based on Audit Findings and statements are acceptable; and
Preparing the Auditor’s Report b. Agreement of management that it
acknowledges and understands its
responsibilities.
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
act by the client). In other words, small misstatements exceed materiality for
amounts of misstatement may still be the financial statements as a whole; and
considered material depending on its thus
nature. b. Provide a margin or buffer for possible
undetected misstatements. This buffer
264. Relevance of Materiality in Audit Planning
is between detected but uncorrected
In planning the audit, materiality should be
misstatements in the aggregate and the
considered by the auditor when:
overall or specific materiality.
a. Determining the nature, timing and
269. Planning Materiality
extent of audit procedures;
Auditors make a preliminary assessment of
b. Identifying and assessing the risks of
materiality of the financial statements as a whole
material misstatement; and
by determining the amount by which they believe
c. Determining the nature, timing and
the financial statements could be misstated
extent of further audit.
without affecting users’ decisions. This planning
Levels of Materiality materiality is based on professional judgment and
may change during the engagement if
266. Overall Materiality circumstances change. It is helpful to the auditor in
It refers to the materiality for the financial a way that it allows him or her to plan the
statements as a whole. It is based on the auditor’s appropriate evidence to accumulate. If the auditor
professional judgment as to the highest amount of sets a low peso amount, more evidence is required
misstatements that could be included in the than for a high amount.
financial statements without affecting the
economic decisions taken by a financial statement 270. Relationship between Materiality and Audit
user. Risk
The higher the level of audit risk, the lower
267. Specific Materiality the materiality level can be set to and vice versa
It refers to materiality set for specific (inverse relationship).
aspects of financial information (especially for
sensitive areas such as particular note disclosures,
compliance with legislation or certain terms in a ₱₱₱
contract, or transactions upon which bonuses are
based) which are intended to be lesser in amount
than overall materiality to put more caution in
₱
dealing with said item.
High IR and CR Low IR and CR
268. Performance Materiality Entity Entity
It is set at a lower amount (or amounts)
than overall and specific materiality. The objective In the above illustration, the cylinders refer
is to perform more audit work than would be to the accounting data, the shaded portions to the
required by the overall or a specific materiality to: appropriate level of materiality and the “x” marks to
the misstatements in the financial statements.
a. Ensure that misstatements less than Observe that if the materiality level on the left side
overall or specific materiality are is increased to the same level as the other, more
detected, so as to appropriately reduce misstatements are going to be left undetected. The
the probability that the aggregate of higher the risk, the more thorough the tests should
uncorrected errors and undetected be.
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
274. Changes to Planning Decisions during the 279. Establishment of an Engagement Team or
Course of the Audit Audit Team
Planning an audit is a continual and iterative Factors to be considered in the
process throughout the audit engagement. The establishment of an engagement team:
overall audit strategy and the audit plan should be
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
a. Levels of expertise and experience art, mineralogist for the physical characteristics of
b. Qualification to handle audit positions mineral resources, etc.).
(engagement partner, manager, at least
one senior, and one or more staff 283. Use of Client’s Staff
auditors) The auditors may set up the columnar
c. Number of people depends on the size headings for certain working papers and give
and complexity of the audit instructions to the client’s staff as to the
d. Availability of personnel information to be gathered. These working papers
e. Entities in a regulated industry, such as should bear the label “Prepared by Client” or PBC,
banking, requires that the major and also the initials of the auditor who verifies the
members of the audit team have work performed by the client’s staff. Working
necessary knowledge and experience in papers prepared by the client should never be
that industry. accepted at face value; such papers must be
reviewed and tested by the auditors.
280. Consideration of Work Performed by the
Predecessor Auditor
284. Consideration of Work Performed by Internal
Communication with the predecessor
Auditors
auditors can provide the successor CPA with
background information about the client, details a. Internal auditors can enhance internal
about the client’s system of internal control, and control (e.g., review of bank
evidence as to the account balances at the reconciliations), thus reducing the extent
beginning of the year under audit. of substantive testing after the
independent auditor has considered the
281. Consideration of Work Performed by Other degree of subjectivity involved in
Auditors in the Audit of Components evaluating the accumulated audit
evidence.
a. A principal auditor is the auditor with
b. Internal auditors may also assist
responsibility for reporting on the
independent auditors in performing
financial statements of an entity when
specific audit procedures (e.g.,
those financial statements include
observation of client personnel taking
financial information of one or more
the inventory).
components audited by another auditor.
b. Other auditor means an auditor, other 285. Assessment of Going Concern Assumption
than the principal auditor, with Auditors are required to evaluate whether
responsibility for reporting on the substantial doubt exists about an entity’s ability to
financial statements of a component continue as a going concern, based on procedures
which is included in the financial planned and performed to obtain evidence about
statement audited by the principal the management assertions embodied in the
auditor. financial statements. That is, an auditor is not
required to design specific procedures to evaluate
282. Involvement of Experts or Specialists
whether an entity is a going concern.
CPAs may lack the qualifications necessary
to perform certain technical tasks relating to the
286. Identification of Related Parties
audit. A specialist brings unique knowledge and
A related-party transaction is a deal or
judgment in a field other than accounting and
arrangement between two parties who are joined by
auditing (e.g., appraiser for the values of works of
a preexisting business relationship or common
interest. It is important for auditors to identify them
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
because they are required to be disclosed in the The following are the contents of the
financial statements if they are material. documentation of the planning process:
a. Audit plans
b. Audit programs
287. Client’s Legal Obligations
c. Time budget
The auditor should review the following:
293. Planning a Repeat Engagement
a. Minutes of directors’ and stockholders’
The auditor should not merely duplicate last
meetings
year’s audit program but should modify his
b. Changes to the articles of incorporation
approach to the audit for any changes in the client’s
or by-laws
operations, internal control structure or business
c. Any significant contracts executed
environment.
during the year
For example, the auditor reviews the current b. Supplier and customer relationships
ratio over several reporting periods. This c. Barriers to entry
comparison of current assets to current liabilities d. Strength of competitors
should be about the same over time, unless the e. Bargaining power of suppliers of raw
entity has altered its policies related to accounts materials and labor
receivable, inventory, or accounts payable. This is a f. Bargaining power of customers
form of ratio analysis. (See no. for definition.)
305. Regulatory Environment
299. Observation a. Governmental regulations
Observation is one of the audit procedures b. Legal and political environment
that auditors use to obtain an understanding and
gather audit evidence mainly to the real process or 306. Other External Factors
the ways how clients have done some specific a. Economic conditions
business processes. b. Financial trends
c. Changes in technology
d. Widely used accounting methods
Aspects of the Entity and Its Environment to Be 310. Measurement and Review of the Entity’s
Understood by the Auditor Financial Performance
Performance measures, whether external or
304. Industry Conditions internal, create pressures on the entity that, in turn,
may motivate management to take action to
a. Competitive environment
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
321. Assessment of Inherent Risk at the Financial This shall be reached when:
Statement Level
a. the entity’s accounting and internal
a. The integrity of management control systems are not effective; or
b. Management experience and knowledge b. evaluating the effectiveness of the
and changes in management during the entity’s accounting and internal control
period (e.g., inexperience of systems would not be efficient.
management)
325. Assessment of Control Risk at Less than High
c. Unusual pressures on management
Level
(e.g., industry experiencing a large
This shall be reached when the auditor:
number of business failures)
a. is able to identify internal controls
d. The nature of the entity’s business (e.g.,
relevant to the assertion which are likely to
potential for technological
prevent or detect, and correct a material
obsolescence of its products and
misstatement; and
services)
b. plans to perform tests of control to
e. Factors affecting the industry in which
support the assessment.
the entity operates (e.g., economic and
competitive conditions as identified by
326. Substantive Procedures
financial trends and ratios)
These are those activities performed by the
322. Assessment of Inherent Risk at the Account auditor to detect material misstatements or fraud
Balance and Class of Transaction Level at the assertion level.
d. Transfer information from transaction These are the policies and procedures that
processing systems to the general help ensure that management directives are carried
ledger; out.
e. Capture information relevant to financial
reporting for events and conditions Major Categories of Internal Control Procedures
other than transactions, such as the
depreciation and amortization of assets 343. Performance Review
and changes in the recoverability of In a performance review, management uses
accounts receivables; and accounting and operating data to assess
f. Ensure information required to be performance, and it then takes corrective action.
disclosed by the applicable financial
a. Comparing actual performance (or
reporting framework is accumulated,
operating results) with budgets,
recorded, processed, summarized and
forecasts, prior period performance, or
appropriately reported in the financial
competitors’ data to measure the extent
statements.
to which targets are being met;
339. Business Processes b. Investigating performance indicators
An entity’s business processes are the based on operating or financial data,
activities designed to develop, purchase, produce, such as quantity or purchase price
sell and distribute an entity’s products and services; variances or the percentage of returns
ensure compliance with laws and regulations; and to total orders; and
record information, including accounting and c. Reviewing functional or activity
financial reporting information. performance, such as the performance
of manager responsible for a bank’s
340. Objectives of Business Processes Relevant to consumer loans with some standard,
Financial Reporting such as economic statistics or targets.
a. Identify and record all valid transactions. 344. Information Processing Controls
b. Describe on a timely basis the These are policies and procedures designed
transactions in sufficient detail to permit to require authorization of transactions and to
proper classification of transactions for ensure the accuracy and completeness of
financial reporting. transaction processing.
c. Measure the value of transactions in a
a. Proper authorization of transactions and
manner that permits recording their
activities
proper monetary value in the financial
b. Segregation of duties
statements.
c. Adequate documents and records
d. Determine the time period in which
d. Regulated access to assets
transactions occurred to permit
e. Independent checks on performance
recording of transactions in the proper
accounting period. 345. Physical Controls
e. Present properly the transactions and a. The physical security of assets, including
related disclosures in the financial adequate safeguards such as secured
statements. facilities over access to assets and records;
b. The authorization for access to computer
341. Control Activities
programs and data files; and
c. The periodic counting and comparison
with amounts shown on control records.
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
In planning the audit, the auditor should business. For a deeper understanding, it is
assess the risk that fraud and error may cause the recommended that you read about some examples
financial statements or contain material of fraud risk factors in your textbook.
misstatements and should inquire of management
as to any fraud or significant error which has been Some Methods Used in Misappropriation of Assets
discovered.
380. Skimming
375. Detection This refers to the act of taking cash “off the
Based on the risk assessment, the auditor top” of the daily receipts (including receipt for
should design audit procedures to obtain receivable A) of a business without recording them
reasonable assurance that misstatements arising and officially reporting a lower total collection.
from fraud and error that are material to the Examples are:
financial statements taken as a whole are detected. a. When a cashier in a retail store does not
Consequently, the auditor seeks sufficient ring up a transaction and takes the cash; and
appropriate evidence that fraud and error which b. When an employee who has access to
may be material to the financial statements have cash receipts maintains accounts receivable
not occurred or that, if they have occurred, the records can record a sale at an amount lower than
effect of fraud is properly reflected in the financial the invoice amount. When the customer pays, the
statements or the error is corrected. employee takes the difference between the invoice
and the amount recorded as receivable.
376. Likelihood of Detecting Fraud and Error
The likelihood of detecting errors ordinarily 381. Lapping
is higher than that of detecting fraud, since fraud is This technique is used to conceal the fact
ordinarily accompanied by acts specifically that cash has been collected; the shortage in one
designed to conceal its existence. customer’s account is covered with a subsequent
payment made by another customer.
377. Inherent Limitations of an Audit
An audit is subject to the unavoidable risk 382. Kiting
that some material misstatement of the financial It involves counting the cash twice by using
statements will not be detected, even though the the float in the banking system.
audit is properly planned and performed in ***
accordance with PSA. The following are some
helpful points for further understanding: 383. Float
a. Fraud ordinarily involves acts designed It is the gap between the time the check is
to conceal it (e.g., collusion, forgery, deposited or added to an account and the time the
deliberate failure to record transactions, check clears or is deducted from the account it was
or intentional misrepresentations being written on.
made to the auditor).
b. Certain levels of management may be in
a position to override controls that
would prevent similar frauds by other 384. Error
employees. An accounting error is a non-fraudulent and
unintentional discrepancy in financial
378. Fraud Risk Factors documentation. Types of accounting errors include:
These are the factors that make it more
a. Error of omission – a transaction is not
likely that fraud will occur is occurring in a
recorded.
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
b. Error of commission – a transaction that 388. Reporting of Fraud and Error to Regulatory
is calculated incorrectly. and Enforcement Authorities
c. Error of principle – a transaction that is The auditor’s duty of confidentiality would
treated not in accordance with generally ordinarily preclude reporting fraud or error to a third
accepted accounting principles (GAAP). party. However, in certain circumstances, the duty
of confidentiality is overridden by statute, law or by
385. Procedures When Errors or Irregularities are
courts of law (e.g., BSP requirements for external
Suspected
auditors of banks).
When an auditor detects factors that
increase audit risk at the financial statement level,
389. Documentation
he or she should respond to such elevated risk by
This shall include:
altering the:
a. The significant decisions reached during
a. Engagement staffing (i.e., assigning
the discussion among the members of
more experienced personnel),
the engagement team regarding the
b. Extent of staff supervision,
susceptibility of the entity’s financial
c. Degree of professional skepticism,
statements to material misstatement
and/or
due to fraud; and
d. Overall strategy for the expected
b. The identified and assessed risks of
conduct and scope of the engagement.
material misstatement due to fraud at
386. Reporting of Fraud and Error Fraud to the financial statement level and
Management assertion level.
The auditor should communicate factual
390. Withdrawal from the Engagement
findings to management as soon as practicable if
If, as a result of a misstatement resulting
the auditor suspects fraud may exist, even if the
from fraud or suspected fraud, the auditor
potential effect in the financial statements would
encounters exceptional circumstances that bring
be immaterial, or fraud or significant error is
into question the auditor’s ability to continue
actually found to exist.
performing the audit, the auditor shall:
In most cases involving fraud, it would be
appropriate to report the matter to a level in the a. Determine if there is a legal
organization structure of the entity above and responsibility to report the matter to the
responsible for the persons believed to be person or persons who made the audit
implicated. When those persons ultimately appointment or, in some cases, to
responsible for the overall direction of the entity are regulatory authorities;
doubted, the auditor would ordinarily seek legal b. Consider whether it is appropriate to
advice to assist in the determination of procedures withdraw from the engagement, where
to follow. withdrawal from the engagement is
legally permitted; and
387. Reporting of Fraud or Error to Users of the c. If the auditor withdraws, discuss with
Auditor’s Report on the Financial Statements the following the auditor’s withdrawal
The findings regarding fraud or error shall and the reasons for the withdrawal:
be reflected and expressed in the auditor’s opinion Appropriate level of management
if such were left uncorrected and unadjusted or the and those charged with governance;
auditor is precluded by the entity from obtaining and/or
sufficient appropriate evidence. If there is a legal requirement,
Person or persons who made the
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
399. Audit Committees of the Board of Directors Major Corporate Governance Failures Resulting to
They provide oversight of the internal and Financial Reporting Frauds
external audit and the process of preparing the
annual financial statements and public reports on 405. Enron
internal control. Some of their specific activities Covered up financial problems by:
are:
a. Shifting debts to off-statement of
a. Selecting the external audit firm, financial position entities (see no. for
b. Approving any non-audit work further information);
performed by the audit firm, b. Recognizing revenue on impaired assets
c. Selecting and/or approving the by selling them to special-purpose
appointment of the Chief Audit entities that they controlled;
Executive (Internal Auditor), c. Engaging in round-tripping trades (see
d. Reviewing and approving the scope and no. for further information); and
budget of the internal audit function, and d. Numerous other related party
e. Discussing audit findings with internal transactions.
auditor and external auditor and
406. WorldCom
advising the board (and management)
Decreased expenses and increased
on specific actions that should be taken.
revenues through the following:
400. Board of Accountancy (Regulator)
a. Recorded bartered transactions as sales
It is responsible for the setting of:
(e.g., trading the right to use
a. Accounting and auditing standards telecommunication lines in one part of
dictating underlying financial reporting the world to similar rights to another
and auditing concepts; and part of the world);
b. Setting the expectations for audit and b. Used restructuring reserves established
accounting quality. through acquisitions to decrease
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“Practicing professionals should place the a. Lay solid foundations for management
public interest above the interests of clients, and oversight;
particularly in a process designed to develop b. Structure the board to add value;
standards expected to achieve fair presentation… c. Promote ethical and responsible
Unfortunately, the auditor is often a participant in decision-making;
aggressively seeking loopholes.” d. Safeguard integrity and financial
*** reporting;
e. Make timely and balanced disclosure
417. Relationship Between Corporate Governance f. Respect the rights of shareholders
and Risk to the Auditor g. Recognize and manage risk
Good governance is important to the h. Encourage enhanced performance
conduct of an audit for one very simple reason: i. Recognize the legitimate interest of
companies with good corporate governance are stakeholders
less risky to audit.
Many audit firms are not willing to accept
potential audit clients unless the clients PHASE II: RISK RESPONSE
demonstrate a strong commitment to good
corporate governance. Phase II-A: Designing Overall Responses and
Further Audit Procedures to Develop Appropriate
418. Relationship Between Corporate Governance Responses to the Assessed Risk of Material
and Non-Audit Services Misstatement
Regarding this, governance issues remain
important in accepting those non-audit clients 423. Objective of Risk Response Phase
especially for internal audit work. It is to obtain sufficient appropriate
evidence to reduce audit risk to an acceptably low
419. Importance of the Audit Committee level.
One of the characteristics of good and
effective corporate governance is the creation of an 424. Overall Responses
audit committee which will oversee the accounting These include:
and financial processing of the company and the
financial statements audit. Here is a summary of a. Professional skepticism
the oversight of the audit committee: b. Level of staff assigned
c. Ongoing staff supervision
a. Financial reporting processes d. Evaluate accounting policies
Financial reporting e. Nature / timing / extent and
Internal controls over financial unpredictability of planned procedures
reporting f. Other further procedures
b. Management of credit, market liquidity,
operation, legal and other risk 425. Further Audit Procedures
management activities Audit procedures are the methods or acts
c. Audit functions that auditors use to gather evidence to determine
External auditors the validity of financial statement assertions. The
Internal auditors types of audit procedures are categorized as
follows:
420. Summary of Principles of Good Corporate
Governance and Best Practice Recommendations a. Test of controls (see no. 362 for further
information)
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
Types of Financial Statement Assertions Relating The auditor must decide the extent of
to Presentation and Disclosure testing or the number of items to audit. For
example, when auditing cash receipts, an auditor
457. Occurrence may decide to examine every cash disbursement or
Transactions and events disclosed in the only a sample of them. The sufficiency of the
financial statements have occurred and relate to evidence needed determines the number of items
the entity. to test.
Example: Transactions with related parties
disclosed in the notes to financial statements have 462. Timing of Testing
occurred during the period and relate to the audit Another decision that the auditor must
entity. make is when to perform each audit procedure.
Because an audit usually begins sometime during
458. Completeness the fiscal year being audited and ends one to three
All transactions, balances, events and other months after the end of the fiscal year, a long
matters that should have been disclosed have been period of time for performing the procedure is
disclosed in the financial statements. available.
Example: All related parties, related party
transactions and balances that should have been 463. Interim Work
disclosed have been disclosed in the notes to Audit procedures performed before year-
financial statements. end are referred to as interim work. Performing
tests at interim dates help complete the audit in a
459. Classification and Understandability timely manner. However, problems arise when
Disclosed events, transactions, balances business conditions rapidly change and/or the
and other financial matters have been classified auditor was not able to assess correctly the
appropriately and presented clearly in a manner predictability of the account balances at year-end.
that promotes understandability of information
contained in the financial statements. 464. Year-End Work
Example: The nature of related party Audit procedures performed between year-
transactions, balances and events has been clearly end and the completion of the audit are referred to
disclosed in the notes to financial statements. as year-end work. There is less risk in performing
Users of the financial statements can clearly tests within this timeframe since no further
determine the financial statement captions transactions will affect the account balances
affected by the related party transactions and (except for adjusting events after the reporting
balances can easily ascertain their financial effect. period).
465. Nature of Testing
460. Accuracy and Valuation The selection of particular procedures to
Transactions, events, balances and other achieve specific audit objectives is influenced by
financial matters have been disclosed accurately at the following considerations:
their appropriate amounts.
a. The nature and materiality of the
Example: Related party transactions,
particular component of the financial
balances and events have been disclosed
statements (account balance or class of
accurately at their appropriate amounts.
transaction);
***
b. The nature of the audit objective to be
achieved;
c. The reliance that can be placed on
461. Extent of Testing
internal control structure;
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
485. Inquiry
492. Positive External Confirmation Request
Inquiry involves seeking both financial and
It asks the respondent to reply to the auditor
nonfinancial information from knowledgeable
in all cases either by indicating the respondent’s
persons inside or outside the entity. Inquiries may
agreement with the given information, or by asking
include formal written inquiries addressed to third
the respondent to fill in information. A response
parties to informal oral inquiries addressed to
from this type of request is ordinarily expected to
persons inside the entity.
provide reliable audit evidence.
However, a respondent may reply to the
486. Written Representation
confirmation request without verifying that the
It is a written statement by management
information is correct. The auditor may reduce this
provided to the auditor to confirm certain matters
risk by using positive confirmation requests that do
or to support other audit evidence. Written
not state the amount (or other information) on the
representations in this context do not include
confirmation request, but ask the respondent to fill
financial statements, the assertions therein, or
in the amount or furnish other information. On the
supporting books and records.
other hand, use of this type of “blank” confirmation
A written representation provides that the
request may result in lower response rates because
audit evidence is all the information used by the
additional effort is required of the respondents.
auditor in arriving at the conclusions on which the
audit opinion is based.
493. Negative External Confirmation Request
It asks the respondent to reply only in the
487. Observation
event of disagreement with the information
It consists of looking at a process or
provided in the request. However, when no
procedure being performed by others.
response has been received to a negative
confirmation request, the auditor remains aware
488. Recalculation
that there will be no explicit evidence that the
intended third parties have received the
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
a. Audit objectives
Sampling Techniques b. Population
c. Risk and assurance
513. Attribute Sampling Technique d. Tolerable error
It is used when an auditor is interested in e. Expected error in the population
measuring a qualitative feature, such as the f. Stratification
presence or absence of internal control procedure.
522. Audit Objectives
514. Variables Sampling Technique The auditor first considers the specific
It is used by an auditor during substantive objectives to be achieved and the combination of
testing. This provides an estimate of a Peso range audit procedures which is likely to best achieve
within which the true audited value of the those objectives. Consideration of the nature of the
population lies. audit evidence sought and possible error conditions
or other characteristics relating to that audit
Sample Risks to Be Considered in Performing evidence will assist the auditor in defining what
Tests of Controls constitutes an error and what population to use for
sampling.
516. Risk of Overreliance
It is the risk that the sample supports 523. Population
reliance on internal control when this reliance is It is important for the auditor to ensure that
unjustified. the population is:
a. Appropriate to the objective of the
517. Risk of Underreliance sampling procedure (e.g., test for
It is the risk that the sample does not overstatement of accounts payable –
support reliance on internal control when the true population: accounts payable listing;
compliance rate suggests that the auditor should test for understatement of accounts
rely on internal control. payable – population: subsequent
disbursements, unpaid invoices,
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
527. Expected Error in the Population 531. Examples of Factors Influencing the Sample
This assessment is based on the auditor’s Size for Tests of Control
prior knowledge or the examination of a small
number of items from the population. The following a. The more assurance the auditor intends
factors should be considered in determining the to obtain from the operating
expected error in the population: effectiveness of controls, the lower the
auditor’s assessment of the risk of
a. Error levels identified in previous audits, material misstatements will be, and the
b. Changes in client procedures, and larger the sample size will need to be.
c. Evidence available from his evaluation b. The lower the tolerable rate of deviation,
of the system of internal control and the larger the sample size needs to be.
from results of analytical review c. The higher the expected rate of
procedures. deviation, the larger the sample size
528. Stratification needs to be so that the auditor is in a
position to make a reasonable estimate
of the actual rate of deviation.
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
566. Evaluation of the Effectiveness of a Control the auditor would assess control risk to
Under the Statistical Sampling Plan be maximum.
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
Phase II-B: Implementing Responses to Assessed Risk of Material Misstatement to Reduce Audit Risk to an
Acceptably Low Level
5. Completeness
All sales transactions that occurred are recorded.
5. Valuation / Measurement
Sales are correctly billed and recorded.
5. Existence / Occurrence
Recorded receipts represent actual collections of cash from customers.
5. Valuation / Measurement
Debits to cash and credits to accounts receivable are valued at amounts received.
5. Existence / Occurrence
Recorded acquisitions are for items that were acquired.
5. Completeness
Acquisitions that occurred are recorded.
5. Valuation / Measurement
Acquisitions are recorded for the proper amounts.
5. Existence / Occurrence
Recorded cash payments occurred.
6. Completeness
All cash payments made are recorded.
5. Valuation / Measurement
Debits to various accounts and credits to cash are valued at proper amounts.
5. Existence / Occurrence
Recorded payroll transactions occurred.
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
5. Completeness
All payroll earned by employees is recorded.
5. Valuation / Measurement
Payroll transactions are recorded for the proper amounts.
5. Existence / Occurrence
Recorded production transactions occurred.
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
5. Valuation / Measurement
Production transactions are recorded by the proper amounts.
5. Existence / Occurrence
Recorded inventory warehousing transactions occurred.
5. Completeness
All inventory warehousing transactions that occurred are recorded.
accounting.
b. An inventory clerk signs a copy Errors may be recorded in the Observe procedure. Examine
of the receiving report after quantity of goods transferred. signature on receiving reports.
counting goods transferred to
his or her area.
c. Access to inventory is limited Goods may be issued but not Observe procedures.
to personnel responsible for its recorded.
custody.
6. Valuation / Measurement
Inventory warehousing transactions are recorded for proper amounts.
financial statements (e.g., cash count sheet for The current year working paper file is
cash on hand balance) designed to support the assertions embodied in the
financial statements.
6. Accounts Analysis
This working paper shows the activity 6. Permanent File
during the period in a particular statement of Working papers in permanent files contain
financial position account. It starts with the information of continuing interest to the auditor.
beginning balance, shows the transactions These are intended to contain data of a historical or
(additions and reductions) that occurred during the continuing nature pertinent to the current
period, and concludes with the ending balance. examination. These files provide a convenient
source of information about the audit that is of
6. Summary of Adjusting Entries continuing use from year to year.
Adjusting entries are corrections of material
errors in the accounting records discovered by the Other Files Maintained
auditor. These entries must be approved by the
client because management has primary 6. Tax Files
responsibility for the fair presentation of the These files contain information relevant to a
statement. client’s current and past income tax and other
business tax obligations. They serve as basis for
6. Summary of Reclassifying Entries preparing current year’s returns and performing
Reclassifying entries are made in the other tax-related services such as amending prior
statements to present accounting information year returns or representing the client’s tax
properly, even when the general ledger balances are assessment case.
correct (e.g., material credit customer balances in
accounts receivable subsidiary ledger to be 6. Correspondence File
reclassified to advances from customers). This file contains all correspondence or
letters to, from or in behalf of a client.
6. Audit Notes ***
This is the working paper used to note items
of work to be done that cannot be completed by 6. Ownership and Custody of Working Paper
following the usual sequence of audit procedures. All working papers made by a CPA in public
This is also used to record questions concerning practice and his staff, except those submitted to a
the audit investigation. client shall be treated confidential and privileged
and remain property of such CPA in the absence of
6. Outside Documentation a written agreement between the CPA and the
These are composed of documentation client, to the contrary, unless such documents are
gathered by auditors, such as confirmation replies, required to be produced through subpoena issued
and copies of client agreements. They are indexed by any court, tribunal, or government regulatory or
(labeled and arranged) and interfiled (filed together) administrative body.
and procedures are indicated on them in the same
manner as on the other schedule.
PHASE III: REPORTING
Main Divisions of Audit Working Papers
Phase III-A: Evaluating the Audit Evidence Obtained
6. Current Audit File to Determine What Additional Audit Work (If Any) Is
Required
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
Resign from the audit, where that the auditor believes that the audit evidence the
practicable and not prohibited by law auditor has obtained is sufficient and appropriate
or regulation; or to provide a basis for the auditor’s modified audit
If resignation from the audit before opinion.
issuing the auditor’s report is not
practicable or possible, disclaim an 6. Description of Auditor’s Responsibility When the
opinion on the financial statements. Auditor Disclaims an Opinion
When the auditor disclaims an opinion due
Form and Content of the Auditor’s Opinion When
to an inability to obtain sufficient appropriate audit
the Opinion Is Modified
evidence, the auditor shall amend the introductory
paragraph of the auditor’s report to state that the
6. Auditor’s Opinion
auditor was engaged to audit the financial
When an auditor modifies the audit opinion,
statements (e.g., “Our responsibility is to express
the auditor shall use the heading “Qualified
an opinion on the financial statements based on
Opinion,” “Adverse Opinion,” or “Disclaimer of
conducting the audit in accordance with
Opinion,” as appropriate, for the opinion paragraph.
International Standards on Auditing. Because of the
The following are some phrases indicative of the
matter(s) described…”
types of modification in the auditor’s opinion:
6. Communication with Those Charged with
a. Qualified Opinion – “Except for the Governance Regarding the Modification of
matter(s) described in the Basis for Auditor’s Opinion
Qualified Opinion paragraph, the When the auditor expects to modify the
financial statements present fairly, in all opinion in the auditor’s report, the auditor shall
material respects, the… in accordance communicate with those charged with governance
with the applicable financial reporting the circumstances that led to the expected
framework.” modification and the proposed wording of the
b. Adverse Opinion – “Because of the modification.
matter(s) described in the Basis for
Adverse Opinion paragraph, the financial
statements do not present fairly the… in 6. Electronic Data Processing (EDP)
accordance with the applicable financial It is simply the collecting, processing, and
reporting framework.” distributing of information through the use of an
c. Disclaimer of Opinion – “Because of the electronic digital computer to achieve a desired
significance of the matter(s) described result.
in the Basis for Disclaimer of Opinion
paragraph, the auditor has not been able Computer Hardware Components
to obtain sufficient appropriate audit
evidence to provide a basis for an audit 6. Central Processing Unit (CPU)
opinion; and, accordingly, the auditor It consists of the main storage unit, the
does not express an opinion on the arithmetic and logic unit and the control unit.
financial statements.” Additionally, the CPU controls the input and output
6. Description of Auditor’s Responsibility When the devices.
Auditor Expresses a Qualified or Adverse Opinion
When the auditor expresses a qualified or 6. Main Storage Unit (Memory)
adverse opinion, the auditor shall amend the It is used to temporarily store programs and
description of the auditor’s responsibility to state data for processing.
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
6. Salami Technique
6. Control in Small Computer Environments
Computer programs are modified to
Small computer environments refer to the
inappropriately round off calculations to the benefit
use of micro- and minicomputers in data
of the fraud perpetrator. The amounts available
processing. No matter how small the computer
from rounding are then placed in an account
may become, the control objectives remain the
controlled by the perpetrator. In some of the most
same. Segregation of duties becomes especially
famous cases, the payment of centavos of interest
difficult in small computer environments because
detoured from bank accounts amounted to thefts
one individual may perform all recordkeeping
of millions of Pesos.
(processing) as well as maintain other non-
recordkeeping responsibilities. Some of the points
6. Trojan Horse
of emphasis in this environment are:
It is an unauthorized program placed within
a. Security over software and/or data is an authorized one. Trojan horses typically are
more critical than security over designed to wait until a specific time, when they act
hardware (which can easily be and then erase all evidence of their existence. For
replaced). example, a Trojan horse can be used to destroy
b. Independent verification of the important data and then destroy itself. Fired
applications being processed ion the employees have used Trojan horses to destroy their
small computer system should be made employer’s data.
to prevent the system from being used
for personal projects. 6. Virus Programs
c. Centralized authorization to purchase These are programs with unauthorized
hardware and software should be information or instructions. They can spread by the
required to ensure that “fly-by-night” electronic transfer of information between systems
equipment and “garage-developed” or the physical exchange of media, such as disks
software are not purchased and that carried from one system to another.
corporate-wide discounts can be
obtained. 6. Trapdoors
These are unauthorized entry points into
6. Distributed Systems
programs or databases. Through a trapdoor,
These represent a network of remote
individuals can change data or instructions without
computer sites each having a small computer
approval.
connected to the main computer system.
Distributed systems reduce the load on the main
computer by transferring edit or simple processing
6. Auditor’s Responsibilities with Respect to
function to the remote sites.
Internal Control Over EDP Systems
6. Impact of Computers on Accounting Systems
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
and for maintenance of program and system d. Management, users, and EDP personnel
documentation. must approve new systems before they
are placed into operation.
6. Quality Assurance e. All master and transaction file
This function is established primarily to conversion should be controlled to
ensure that new systems under development and prevent unauthorized changes and to
old systems being changed are adequately verify the results on a 100% basis.
controlled and that they meet the users’ f. After a new system is operating there
specifications and follow department should be proper approval of all
documentation standards. program changes.
g. During the change process,
6. Control Group programmers should not have access to
It acts as a liaison between users and the live data files or production programs.
processing center. This group records input data in h. Proper documentation standards should
a control log, follows the progress of processing, exist to assure continuity of the system.
distributes output, and ensures compliance with
Hardware and Systems Software Controls
control totals.
6. Parity Check
6. Data Security
A special bit is added to each character
It is responsible for maintaining the integrity
stored in the memory that can detect if the
of the online access control security software.
hardware loses a bit during the internal movement
Passwords and IDs are issued to users and follow
of a character similar to a check digit.
up is done on all security violations.
6. Echo Check
6. Database Administrator
During the sending and receiving of
He or she is responsible for maintaining the
characters, the receiving hardware repeats back to
database and restricting access to the database to
the sending hardware what it received and the
authorized personnel.
sending hardware automatically resends any
6. Network Technicians
characters that it detects were received incorrectly.
Using line monitoring equipment, they can
see each key stroke made by any user. This group
6. Diagnostic Routines
must have strict accountability controls.
Hardware or software supplied by the
manufacturer check the internal operations and
6. Systems Development and Documentation
devices within the computer system. These
Controls
routines are often activated when the system is
Controls:
booted up.
a. User departments must participate in
systems design. 6. Boundary Protection
b. Each system must have written Most CPUs have multiple jobs running
specifications which are reviewed and simultaneously (multiprogramming environment).
approved by management and by user To ensure that these simultaneous jobs cannot
departments. destroy or change the allocated memory of another
c. Both users and EDP personnel must test job, the system contains boundary protection
new systems. controls.
6. Periodic Maintenance
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
The system should be examined periodically The board is programmed with a unique
(often weekly) by a qualified service technician. “key” that makes data unreadable to anyone who
Such service can help to prevent unexpected might intercept a data transmission.
hardware failures.
Data and Procedural Controls
Physical Access Controls
6. Operations Run Manual
6. Limited Physical Access It specifies, in detail, the “how to’s” for each
The physical facility that houses EDP application to enable the computer operator to
equipment, files, and documentation should have respond to any errors that may occur.
controls to limit access only to authorized
individuals (e.g., guard, automated key cards, 6. Backup-and-Recovery
manual key locks, etc.). To ensure the preservation of historical
records and the ability to recover from an
6. Visitor Entry Logs unexpected error, files created within EDP are
Any individual entering a secure are must be backed up in a systematic manner.
either pre-approved by management and waring an
ID badge or authorized by an appropriate individual, 6. Processing Control
recorded in a visitor’s log, and escorted while in the It should be monitored by the control group
secure area. to ensure that processing is completed in a timely
manner, all hardware errors have been corrected,
Electronic Access Controls and output has been properly distributed.
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
b. The system should verify all significant test for scores over 100). A reasonableness check
data fields used to record information (editing the is similar to a validity check (see no. ).
data).
c. Conversion of data into machine-readable 6. Memo Driven Input
form should be controlled and verified for accuracy. If input is being entered into a CRT, then the
d. Movement of data between processing operator should be greeted by a menu and
steps and departments should be controlled. prompted as to the proper response to make [e.g.,
e. The correction of errors and What scored did you get on the Auditing part of the
resubmission of corrected transactions should be CPA Exam (75-100)?].
reviewed and controlled.
6. Field Checks
6. Preprinted Form Checks that make certain only numbers,
Information is pre-assigned to a place and a alphabetical characters, special characters, and
format on the input form used. The form reduces proper positive and negative signs are accepted
the possibility that computer input operators will into a specific data field where they are required.
miss or ignore input data recorded by users. This
control is used when large quantity of repetitive 6. Validity Check
data is inputted. A check which allows only “valid
transactions or data to be entered into the system
6. Check Digit (e.g., field accepting “male” or “female” response
An extra digit is added to an identification only).
number to detect certain types of data
transmission or transportation errors. It is used to 6. Missing Data Check
verify that the number was entered into the If blanks exist in input data where they
computer system correctly. should not (e.g., an employee’s division number), an
error message would result.
6. Control, Batch, or Proof Total
A total of one numerical field for all the 6. Field Size Check
records of a batch that normally would be added If an exact number of characters is to be
(e.g., total sales persons). inputted, an error message would result if the
number of characters inputted is less than or
6. Hash Totals greater than the requirement.
A total of one field for all the records of a
batch where the total is a meaningless total for 6. Logic Check
financial purposes (e.g., a mathematical sum of It ensures that illogical combinations of
account numbers added together). inputs are not accepted into the computer (e.g., the
field total for raw material is validated by footing
6. Record Count price times quantity).
A control total used for accountability to
ensure all the records received are processed. Application Controls for Processing
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel
AUDITING THEORY
b. Controls should prevent processing the Time restraints and output page generation
wrong file and detect errors in file manipulation – constraints are often automated within the job
label checks. being run to ensure that, if processing is being done
c. Limit and reasonableness checks should in error, the job will not utilize resources needlessly.
be incorporated into programs to prevent illogical
results such as reducing inventory to a negative 6. Error Message Resolution
value. Following each job, the system provides
d. Run-to-run totals should be verified at technical codes indicating the perceived success of
appropriate points in the processing cycle. This the job run. The operator should be trained to
ensures that records are not added or lost during recognize these codes and take appropriate action
the processing runs. detailed in the operations run manual.
6. Checkpoint / Restart Capacity
If a particular program requires a significant
amount of time to process, it is desirable to have 6. Computer Information System
software within the application that allows the It is a system composed of people and
operator the ability to restart the application at the computers that processes or interprets
last checkpoint passed as opposed to restarting information.
the entire application.
6. Review of the CIS
6. Error Resolution Procedure If the client uses CIS, the auditor must be
Individual transactions may be rejected capable of understanding the entire system to
during processing as a result of the error detection evaluate the client’s internal control. The auditor’s
controls in place. There should be complementary primary concern therefore is to determine whether
controls that ensure those records are corrected the system provides reasonable assurance that
and reentered into the system. Logging of errors in errors and irregularities have been and will be
a suspense file of “suspended” transactions is prevented or detected on a timely basis by
often used to control error resolution. employees in the course of their normal activities.
6. Audit Software
Some of the audit procedures that may be
performed by generalized audit software include:
a. Testing client calculations
b. Making additional calculations
c. Extracting data from client files
“We waste our time waiting for the ideal path to appear. But it never does. Because we forget that paths are made by walking, not waiting. And no, you should not feel more confident before you take the
next step. Taking the next step is what gradually builds your confidence.” - Marcandangel