Abbreviations
ROMM-Risk of Material Misstatements
TOC-Test of Controls
TOD-Test of Details
MUS- Monetary unit sampling
FAP- First audit partner
PDR- Planned detection risk
TDR- tolerable deviation rate
SDR- special drawings right
EDR- endpoint detection and response
TCWG-those charge with governance
AFRF- applicable financial reporting framework
NOCLAR- Noncompliance with laws and regulations
Chapter 1
Practitioners offer many services to their clients mainly
dealing with financial control and tax matters. These
services include audit and review of financial statements
tax compliance and consulting advisory services. These
services are broadly classified as assurance and non-
assurance engagements
Assurance engagements- is an independent professional
service that aims to improve the quality of information
Audit of F/S is an example of assurance engagement. In
this engagement the practitioner issues a report
containing an opinion about whether the F/S are in
accordance with the generally accepted accounting
principles
Demand of assurance engagements
 Potential bias of information provider- this is
the case when the provider has an incentive to
do so
 Remoteness of information user from
information provider- users do not generally
have access to verify the information for
themselves
 Complexity of subject matter information-
complex subject matter compels users who may
lack the necessary capability to perform the
evaluation themselves to seek practitioner
assistance.
 Expertise and independence of practitioners-
users benefit from assurance engagements not
only from the expertise but also from
independence of practitioners who are able to
act with integrity objectivity and professional
skepticism
 Risk management- as assurance engagement
enhance the credibility of information this
reduces information risk that may bring financial
loss to users because of unwise decisions
Type of assurance engagement
Engagement risk- is the risk that the practitioner
expresses an inappropriate conclusion when the subject
matter information is materially misstated
Reasonable assurance- is a high but less than absolute conclusive evidence is obtained such evidence
assurance that could be wrong
e. Characteristics of the subject matter- in some
Limited assurance- is low level of assurance cases even the subject matter itself is a factor
Objectives Procedure Report that contributes to the fact that absolute
Reasonable assurance engagements assurance cannot be obtained. For example in
To reduce Various A positive form examining prospective financial information
assurance procedures are of conclusion practitioner cannot entirely verify the
engagement risk performed to information being a just products forecast or
to an acceptably obtain sufficient projection
low level appropriate
evidence
Limited Engagement structure
assurance
engagement Engagement With responsible Who evaluates
To reduce Procedures are A negative form structure party’s assertion or measures the
assurance deliberately of conclusion subject matter
engagement risk limited relative to Attestation Yes and available Responsible
to a level that is a reasonable to the users party
acceptable but assurance Direct reporting None or yes but Practitioner
where that risk is engagement. not available to
greater than for a users
reasonable
assurance
engagement Attestation

 Each company measures its reserves and

Limitation of assurance engagements
a. Use of selective testing- of then the practitioner
examines only a sample of the items constituting
the entire population and reaches conclusions
about the population
b. Use of judgment- when the practitioner
performs an engagement the practitioner makes
a lot of decisions however no matter how
professionally and diligently a decision is made
there is always a chance that it could be wrong
c. Inherent limitation of internal control- internal
control is a process that prevents or detect and
correct material misstatements in a subject
matter however as there is no perfect internal
control no matter how well designed there is
always a risk that subject matter may be
materially misstated
d. Persuasive evidence rather than conclusive-
evidence serves as the basis of practitioner
conclusion. However only persuasive not
provides an assertion to the practitioner and to
intended users
 An entity other than the companies measures
the reserves and provides an assertion to the
practitioner and to intended user
Direct reporting engagements
 Each company measures the reserves and
provides the practitioner with a written
representation that measures its reserves against
the established criteria for measuring proven
reserves
 The practitioner directly measures the reserves
of some of the companies
An engagement must have the following elements to be
an assurance engagement
1. A three party relationship: a practitioner a
responsible party and intended users
2. An appropriate subject matter
3. Suitable criteria
 4. Sufficient appropriate evidence
5. A written assurance report
Three party relationships
1. Practitioner- the person who performs the
engagement
2. Responsible party- is the person responsible for
 Direct reporting engagement- a subject
matter without assertion
 Attestation engagement – a subject
matter with assertion
3. Intended users- for whom the assurance report
is prepared
Appropriate subject matter
a. Is identifiable and capable of evaluation or
measurement against the criteria and
b. Can be subjected to procedures for gathering
information
Suitable Criteria- refer to the benchmark used to
evaluate or measure the subject matter, it needs to be
available to the intended users to allow them to
understand how the subject matter has been evaluated
or measured.
The criteria must have the following characteristics to
be considered suitable
a. Relevance- relevant criteria contribute to
conclusions that assist decision making by the
intended users
b. Completeness- criteria are sufficiently complete
when relevant factors that could affect the
conclusion in the context of the engagement
circumstances are not omitted
c. Reliability- reliable criteria allow reasonable
consistent evaluation of measurement of the
subject matter including where relevant
presentation and disclosure when used in similar
circumstances by similarly qualified practitioners
d. Neutrality- neutral criteria contribute to
conclusions that are free from bias.
e. Understandability- understandable criteria
contribute to conclusions that are clear
comprehensive and not subject to significantly
different interpretation
Sufficient appropriate evidence- evidence is the
information obtained by the practitioner in arriving at
the conclusion on which the opinion is based
Written assurance report- at the end of the engagement
the practitioner provides a written report containing a
conclusion that conveys the assurance obtained about
the subject matter information
Non assurance engagements
a. Agreed upon procedures engagement- in a
agreed upon procedures engagement though it
may consist of a three party relationship the
practitioner does not express a written
conclusion designed to enhance the degree of
confidence to the intended users
b. Compilation engagements- in this engagements
the practitioner simply collects classifies and
summarizes financial information
c. Preparation of tax returns where no conclusion
conveying assurance is expressed- in addition
this engagements only involves two party
relationship
d. Consulting- engagements such as management
and tax consulting. This simply involves two party
relationship
e. Engagements to testify may be as an a expert
witness or otherwise in legal proceedings
regarding accounting auditing taxation or other
matters
f. Engagement that include professional opinions
not intended to be and assurance report
Chapter 2
Auditing- an audit is a systematic process of objectively
obtaining and evaluating evidences regarding assertions
about economic actions and events to ascertain the
degree of correspondence between these assertions and
established criteria and communicating the result to the
intended users
Audit according to the subject matter
a. Financial reporting- pertains to preparation of
reliable financial reports
b. Operations – refers to effective and efficient use
of the entity’s resources
c. Compliance- refers to entity’s compliance with
policies laws and regulations
F/S audit- is a reasonable assurance and attestation
assurance engagements
1. Classes of transactions and events
a. Occurrence- transactions and events that
have been recorded have occurred and
pertain to the entity
b. Completeness- all transactions and events
that should have been recorded have been
recorded
c. Accuracy- amounts and other data relating
to recorded transactions and events have
been recorded appropriately
d. Cutoff- transactions and events have been
recorded in the correct accounting period.
e. Classifications- transactions and events have
been recorded in the proper accounts
2. Account balances
a. Existence- assets liabilities and equity
interest exist
b. Rights and obligations- the entity holds or
controls the rights to assets and liabilities are
the obligations of the entity
c. Completeness- all assets liabilities and equity
interest that should have been recorded
have been recorded
d. Valuation and allocation- assets and
liabilities and equity interest are included in
the F/S at appropriate amounts and any
results resulting valuations or allocation
adjustments are appropriately recorded
3. Presentations and disclosure
a. Occurrence and rights and obligations-
disclosed events transactions and other
matters have occurred and pertain to the
entity
b. Completeness- all disclosures that should
have been included in the F/S have been
included
c. Classifications and understandability-
financial information is appropriate
presented and described and disclosures are
clearly expressed
d. Accuracy and valuation- financial and other
information are disclosed fairly and at
appropriate amounts
Operational (performance) audits- this is a study of an
entity’s specific unit for purposes of measuring whether
that unit conducted its operations efficiently and
effectively
Economy and efficiency audit- the appraisal of
management performance from the most efficient point
of view
Effectiveness audit- the evaluation of programs and
activities to determine the extent of achievement of
previously set goals and objectives
Compliance audit- this is an evaluation to determine
whether an entity is following specific policies rules and
regulations set out by some higher authority
Audits according to auditor
a. External audits- these are audits performed by a
professional accountants in public practice who
are independent of the entities whose assertions
are the audit subject matter
b. Internal audits- many large entities employ
internal auditors that perform internal audit.
Internal auditing means a n independent
objective assurance and consulting activity
designed to add value and improve and
organization operations
c. Governmental audits- involves the
determination whether governmental funds are
being handled properly in compliance with the
applicable laws and regulations
Audit risk- is the risk that the auditor gives an
inappropriate audit opinion when the F/S are
materially misstated
ROMM- refers to the likelihood that the F/S are
materially misstated prior to the audit
Detection risk- is the risk that the auditor procedures
will not detect a material misstatement that exists.
 Audit quality- audit quality means that the audit is
performed in accordance with relevant ethical
Professional Judgement- the auditors ability to professional legal and regulatory requirements
exercise professional judgement is as the hallmark of
auditing. Professional judgement is the application of Relevant ethical requirements include the following
relevant training knowledge and experience that fundamental principle of
enables the proper interpretation of
a. Integrity
 Relevant ethical requirements b. Objectivity
 PSAs c. Professional competence and due care
 Informed decisions d. Confidentiality
e. Professional behavior
Professional judgement is necessary regarding decisions
about CHAPTER 3: AUDIT EVIDENCE AND DOCUMENTATION:
THE FRAMEWORK
 Materiality and audit risk
 Nature timing and extend of audit AUDIT EVIDENCE- is all information (oral or
procedures documentary, electronic or manual) used by the auditor
 Evaluating whether sufficient on which the AUDIT OPINION is based.
appropriate audit evidence has been
TWO TYPES OF AUDIT EVIDENCE:
obtained
1. Underlying accounting records – the journals and
 Evaluating managements judgment in
supporting records such as checks and electronic fund
applying the AFRF
transfer records; invoices; contracts; general and
 Drawing of conclusions assessing
subsidiary ledgers
reasonableness of management
2. Other information- all other evidence such as minutes
estimates
of meetings, confirmation from third parties and
Professional Skepticism- is the auditors best method to information obtained from such audit procedures as
detect fraud. Why is it so considering that fraud is often inquiry, observation, inspection
too difficult to detect? Because professional skepticism is
EXAMPLES OF INTERNAL DOCUMENTS
an attitude that includes
- Minutes of meetings
1. A questioning mind
- Employee records
2. Being alert to conditions which may indicate - Sales agreements and invoices
possible misstatement due to error or fraud - Lease contracts
3. Critical assessment of audit evidence - Royalty contracts
- Canceled checks
Maintaining professional skepticism reduces the risk of
- Legal database
 Overlooking unusual circumstances - Purchase orders
- Variance reports
 Over generalizing when drawing conclusions
 Using inappropriate assumptions in performing EXAMPLES OF EXTERNAL DOCUMENTS
procedures and evaluation result
- Confirmation replies from customers
Audit evidence and documentation- all throughout the - Loan agreements
audit process the auditor gathers and accumulates audit - Customer orders
evidence and documentations that supports the opinion - Sales or purchase contracts
- Vendors invoices and monthly statements
AUDIT EVIDENCE is primarily obtained through the
performance of audit procedures. It can be classified
either according to their purpose and type.
AUDIT PROCEDURES ACCORDING TO PURPOSE
1. Risk assessment procedures (RAP) – performed to
obtain an understanding of the entity, its environment
and its internal control to identify and assess the ROMM
at the FS and assertion levels.
2. Further Audit Procedures (FAP) – comprises of
a. tests of controls (TOC) – performed to evaluate the
operating effectiveness of controls in preventing or
detecting and correcting material misstatements at the
assertion level
b. Substantive procedures (SP) – include test of details
(TOD) and substantive analytical procedures (SAP) –
performed to detect material misstatements at the
assertion level.
AUDIT PROCEDURES ACCORDING TO TYPE
1. Inspection – examining records or documents whether
internal or external in paper form, electronic or other
media
2. Observation – looking at a process or procedure being
performed
3. External Confirmation – direct written response to the
auditor from a third party (the confirming party) In paper
form, electronic or other medium.
4. Recalculation- checking the mathematical accuracy of
documents or records such as footing, cross-footing and
test of extensions
5. Reperformance- the auditor’s independent execution
of procedures or controls that were originally performed
as part of the entity’s internal control
6. Analytical Procedures- evaluations of financial
information through analysis of plausible relationships
among both financial and non financial data
7. Inquiry- seeking information of knowledgeable
persons.
The Auditor performs RAP to identify ROMM and FAP to
address detection risk to reduce audit risk to an
acceptably low level.
SUFFICIENCY FO AUDIT EVIDENCE – EXTENT OF TESTING
Sufficiency is the measure of quantity of audit evidence.
The auditors means of selecting items for testing are ALL
ITEMS (100%) , (2) SPECIFIC ITEMS , and (3) AUDIT
SAMPLING .
The quantity of evidence Is affected by:
1. The assessment of the risks of misstatement
2. The quality of audit evidence
APPROPRIATENESS OF AUDIT EVIDENCE – RELEVANCE
AND RELIABILITY
Appropriateness is the measure of quality of audit
evidence, that is, its relevance and reliability.
Relevance- deals with the logical connection with or
bearing upon (1) purpose of the audit procedure, (2) the
assertion, (3) the direction of testing
DIRECTION OF TESTING
Direction of testing involves (1) vouching or (2) tracing.
Vouching refers to the testing recorded transactions to
supporting documents; appropriate when testing for
overstatement to obtain evidence about existence or
occurrence assertion typically for assets and income
accounts.
Tracing involves testing from supporting documents to
records such as the journal and general ledger;
appropriate when testing for understatement to obtain
evidence about completeness assertion typically for
liability and expense accounts.
The Audit evidence is general more reliable when:
a. Obtained from independent sources
b. the related controls are effective
c. Obtained directly than indirectly or by inference
d. In documentary form than oral
e. In original state than by photocopies or facsimiles.
AUDIT DOCUMENTATION
Audit documentation is the record of (1) audit
procedures performed, (2)audit evidence obtained and
(3) conclusions the auditor reached. The auditor
prepares documentation to provide:
 a. A sufficient and appropriate record off the basis
for the auditor’s report;
b. Evidence that the audit was planned and
performed in accordance with PSAs and
applicable legal and regulatory requirements.
PURPOSE OF AUDIT DOCUMENTATION
- Assist audit team plan and perform the audit
- Assist supervision and review of audit work
- Show accountability
- Retain a record for reference in future audits
- Enable quality control reviews and inspections
- Demonstrate that accounting records agreed
with the FS
TYPE OF AUDIT FILES
Audit file refers to folders or other storage media in
physical or electronic form containing records that
comprise audit documentation for a specific engagement
a. Permanent (continuing) – data that are of
continuing interest from year to year
b. Current
EXAMPLE OF PERMANENT FILES
- Debt agreements
- Articles of incorporation
- Flowcharts of internal control
- Analyses of capital stock and owners equity
accounts
EXAMPLE OF CURRENT FILES
- Reconciliation of accounting records of FS
- Lead schedules and supporting detailed
schedules
- Audit programs and documentation of
substantive procedures
- The attorney’s letter and management’s
representation letter
GUIDELINES IN PREPARING WORKING PAPERS
1. Heading – includes client’s name, period covered
and description contents.
2. Indexing and Cross- referencing
Indexing- coding files to aid in organizing working
papers
Cross-Referencing- creates trail through the
working papers.
3. Audit objective – serves as the goal to be
achieved
4. Audit procedures and results – auditors usually
use symbols “tick marks”
5. Conclusion
6. Identifying characteristics of specific items
tested, initials of preparer and reviewer and
dates of preparation and review.
FORM, CONTENT AND EXTENT OF AUDIT
DOCUMENTATION DEPENDE ON FACTOR BELOW
- size and complexity of the entity
- nature of the audit procedures to be performed
- the identified ROMM
- significance of the audit evidence obtained
- nature and extent of exceptions identified.
-need to document a conclusion
- audit methodology and tools used.
INDEXING AUDIT FILES BY AUDIT PHASE AND FS AREA
INDEX BY AUDIT PHASE
Financial Statements, working trial balance, risk
assessment, risk response, conclusion and reporting
INDEX BY FS AREA
Financial Statements, file completion memos, checklists,
working trial balance, cash, receivables, inventory,
taxation , payroll
CHAPTER 4- PERFORMING PRELIMINARY ENGAGEMENT
ACTIVITIES
WHEN IS AN ENGAGEMENT ACCEPTABLE?
- Where the auditor is competent and has
capabilities, time and resources to perform the
engagement
- Complies with relevant ethical requirements
- Considers clients integrity
AUDITOR’S COMPLIANCE WITH RELEVANT ETHICAL
REQUIREMENTS
a. Integrity
b. Objectivity
c. Professional competence and due care
d. Confidentiality
e. Professional behavior
 f. Independence
INTEGRITY OF CLIENT include:
- The identity and reputation of owners and
officers
- Nature of clients business
- Owners and officers attitudes towards
accounting and control
- Indications of an inappropriate limitation In the
scope of work
COMMUNICATION WITH PREDECESSOR AUDITOR
Predecessor auditor- auditor from a different firm who
audited the FS of an entity in the prior period and who
has been replaced by the current auditor.
Successor auditor- initiates the communication , shall
advise client of the intention and request permission to
contact the predecessor auditor preferably in writing. He
may make inquiries of attorneys, CPA’s, banks and other
businesses and searches public databases
DECLINING AN ENGAGEMENT
- Discuss with clients management and TCWG
- If appropriate, determine and discuss reasons for
withdrawal
- Consider professional, regulatory or legal
reportorial requirements
- Document significant issues, consultations,
conclusions and basis
AUDIT PRECONDITIONS
- Use of acceptable FRF available to FS users
- Agreement with management and TCWGs
responsibility
MANAGEMENT AND TCWG’S RESPONSIBILITY
Management refers to persons with executive
responsibility for the conduct of the entity’s operations.
TCWG- persons or organization with responsibility for
overseeing the strategic direction of the entity and
accountability of the entity.
CONTENTS OF THE AUDIT ENGAGEMENT LETTER
- Objective and scope of the audit of the FS
- Responsibilities of the auditor
- Responsibilities of management
- Identification of the AFRF for the preparation of
the FS
- Reference to auditor’s reports and possible
modifications
AUDIT FEES
- Should reflect the fair value of work taking into
account the :
a. The skill and knowledge involved
b. Level of training and experience requirement
c. Time to be consumed
d. Degree of responsibility and urgency
BILLING METHODS USED BY AUDITOR:
1. Fixed or flat fee basis – client is billed a lump
sum, all inclusive amount
2. Actual time charges (per diem) basis – basis of
actual time spent by the staff multiplied by the
rates/hour agreed upon
3. Maximum fee basis – client is charged on a per
diem basis but not to exceed up to a certain
maximum amount
4. Retainer’s fee basis – client is billed a fixed fee
periodically either on a monthly, semi-annually
or annual basis
FACTORS CONSIDERED WHETHER TO SEND A
SEPARATE ENGAGEMENT LETTER TO THE
COMPONENT:
- Who appoints the component auditor
- Whether a separate auditor’s report is to be
issued on the component
- Legal requirements in relation to audit
appointments
- Degree of ownership by parent
- Degree of independence of the component
management from the parent entity
CIRCUMSTANCES THAT A CLIENT MAY REQUEST A
CHANGE MAY INCLUDE:
- Change in circumstances affecting the need for
the service
- Misunderstanding as to the nature of an audit as
originally requested
 - Restriction on the scope of the audit
engagement
CHAPTER 5- PLANNING AN AUDIT
AUDIT PLANNING – involves establishing the overall
strategy and developing an audit plan for the
engagement. The main outputs are:
1. Overall audit strategy (audit planning memorandum) –
a general strategy
2. Detailed audit plan (audit programs/checklists) –
detailed approach for the expected nature, timing and
extent of the audit
THE NATURE AND EXTEND OF ACTIVITIES WILL VARY
ACCORDING TO:
- Size and complexity of the entity
- Auditor’s previous experience
- Changes in circumstances
BENEFITS OF AUDIT PLANNING
- Appropriate attention to important audit areas
- Identify and resolve potential problems timely
- Organize and manage the audit so that it is
performed effectively and efficiently
- Assist in proper selection of team members and
assignment of work to them
- Facilitate direction and supervision of team
members
- Assists in coordination of work done
RESULTS IN PRELIMINARY ENGAGEMENT ACTIVITIES
- Assist the auditor in identifying circumstances
that may adversely affect audit
- Enable the auditor to maintain independence,
identify issues with management integrity,
ensure no misunderstanding as to engagement
terms
OVERALL AUDIT STRATEGY
- Auditor-prepared document that compiles
information about the entity, its environment
and its internal control , significant audit factors
and areas of interest to auditor
IN ESTABLISHING THE STRATEGY, THE AUDITOR IS
REQUIRED TO:
- Identify characteristics of the engagement that
define its scope
- Ascertain reporting objectives to plan the timing
of audit and communications
- Consider significant factors in directing the
engagement team’s efforts
- Consider preliminary engagement activity results
and knowledge gained on other requirements
AUDIT FIRM STRUCTURE
1. Partners – owner of the firm and is responsible
for the audit. Leads the engagement team,
responsible for critical audit decisions, overall
responsibility for the audit quality and signs the
audit report on behalf of the team
2. Managers/Directors- ensures that the audit is
conducted according to direction and strategy
set by the partner. Includes setting up the team,
supervising subordinates and completing
complex audit areas
3. Senior associates- in charge of day to day audit.
They supervise the work of junior associates,
reviews their work, and assists the partner and
manager in drafting the audit report.
4. Junior associates – perform the more detailed
routine audit tasks. They have the most day to
day exposure to the client and its employees
EXPERT – or specialist refers to a person or firm
possessing skill, knowledge and experience in a
particular field other than accounting and auditing
AUDIT PLAN – is more detailed than overall audit
strategy in that it includes the nature, timing and
extent of audit procedures to implement the overall
audit strategy.
AUDIT PROGRAM- list of procedures to gather
evidence. It includes the description of the nature,
timing and extent of planned RAP, FAP at assertion
level and other audit procedures.
CHAPTER 6
MATERIALITY AND THE AUDITOR’S OVERALL
OBJECTIVES
The auditor provides reasonable assurance that FS
are free from material misstatement. The auditor is
only responsible to detect material misstatement in
the FS.
Materiality – is expressed as the smallest aggregate
level of misstatement that could be material to any
one of the statements that comprise the FS.
MATERIALITY VS. AUDIT PROCEDURES AND AUDIT
EVIDENCE
Materiality – has an inverse relationship with audit
procedures and evidence. The lower the materiality
the more extensive procedures are performed and
the more evidence is gathered.
MATERIALITY AND AUDIT RISK
Materiality differs from audit risk. While an audit
risk refers to inappropriate audit opinion issued on
FS, materiality is the total amount of misstatements
in FS which, if exceeded, could influence users’
economic decisions.
If materiality is too high, the auditor may conclude
that a misstatement is immaterial when in fact
material resulting in occurrence of audit risk. (Beta
risk)
The auditor views materiality and audit risk as
inversely related. If materiality is too low, the
auditor may conclude that a misstatement is
material when in fact immaterial resulting in over-
audit as more audit procedures would be performed
than necessary. (Alpha risk)
MATERIALITY LEVELS AND CLEARLY TRIVIAL
MISSTATEMENTS THRESHOLD
a. Materialy for the FS as a whole – general
materiality
b. Materiality for particular classes of
transactions, account balances o disclosure -
particular materiality
c. Performance materiality for a and b.
To avoid dealing with clearly inconsequential
misstatements, the auditor designates a “clearly
trivial misstatement threshold.”
Clearly trivial misstatement threshold – not an
expression of materiality; rather it is an amount
below which misstatements are deemed
unimportant that are neither aggregated with other
misstatements nor required adjustments to FS.
GENERAL MATERIALITY
PSA provide no specific guidance about benchmark.
The rule of thumb;
1. 5 to 10% pre-tax profit from continuing
operations
2. .5 to 2% or revenues
3. 5 to 10% current assets
4. 5 to 10% current liabilities
5. .5 tp 2% of asset
6. 1 tp 5% of equity
Pre-tax profit – often used for profit-oriented
entities.
Total Expenses – may be appropriate for non-profit
entity.
PARTICULAR MATERIALITY – applying a certain
percentage to the specific items.
PERFORMANCE MATERIALITY – at an amount less
than materiality to reduce to a low level the
probability that undetected misstatement exceeds
materiality. It is a form of tolerable misstatement
which addresses the risk that the individually
immaterial misstatement when aggregated may be
material by providing allowance for possible
undetected misstatement.
CLEARLY TRIVIAL MISSTATEMENT THRESHOLD – 1
to 5% of general materiality.
REVISION OF MATERIALITY
a. Changes in entity’s circumstances
b. New information
c. Change in understanding of entity and its
operations.
Chapter 7
The Auditor understands of the entity, its environment,
and its internal control, serves as the foundation of an
effective audit.
Frame reference within which the auditor plans the
audit and exercises professional judgement such as:
 Assessing ROMM
 Establishing Materiality
 Considering appropriateness of accounting
policies, and adequate disclosures
 Identifying special areas, for example, related
party, and going concern
 Developing expectations in performing analytical
procedures
 Responding to assessed ROMM to obtain
evidence; and
 Evaluating sufficiency and appropriateness of
audit service
Overview of the risk assessment process
STEP 1 Design and perform procedures to obtain
understanding
The procedure to obtain understanding is
 Risk assessment procedures
 Information obtained in prior period audit
 Discussion among the audit term
STEP 2 Identify and assess ROMM
 Identify material account balance, class of
transactions, and disclosures
 Identify and relate the risk identified to F/S
assertions
Risk Assessment procedures- are performed to obtain an
understanding of the entity and its environment
including the entity’s internal control, to identify and
assess the risks of material misstatements, whether due
to fraud or errors
The RAP includes:
 Inquires of management and of others within the
entity
 Analytical procedures
 Observation and inspection
Inquiries of Management and others within the entity-
The auditor performs inquiries (e.g., interviews) of
management and those responsible for financial
reporting, and of others within the entity who may have
information to assist in in identifying ROMM such as
TCWG, internal audit personnel, employee involved in
initiating, processing or recording complex or unusual
transactions, in-house legal counsel, marketing or sales
personnel
Analytical Procedures- comparison of auditor’s
expectation and recorded amounts in F/S and necessary
further investigation
Performing analytical procedures involved the following
 Formulate expectation
 Compare the expected amounts to the recorded
amount; and
 Investigate significant differences between
expected and recorded amount
STEP 1 Formulate Expectation
Appropriate expectation is crucial for an effective
analytical procedure, exoectations are developed based
on plausible relationships expected to exist
Examples of Auditor’s Expectations
Financial Information  Comparable
information for prior
periods
 Anticipated results
  Industry information
Relationship  Elements of financial
information with
predictable pattern
 Between financial and
non-financial
information
STEP 2 Compare Expected and recorded amount
This involves calculating the difference between
expected and recorded amounts. When used as
substantive procedures, the auditor uses the
performance materiality
STEP 3 Investigate Significant Differences
Investigating significant differences ( fluctuations or
inconsistent relationship) involve
 Inquiring of management and obtaining evidence
relevant thereto; and
 Performing other necessary audit procedures.
Typical and analytical procedure
The typical and analytical procedures are:
 Trend analysis- This type is based on the
assumptions that performance will continue in
line with previous performance unless something
unusual occurred. This analysis works best when
the account or relationship is fairly predictable as
opposes to volatile conditions
 Ratio analysis- the ratio usually used in this
analysis are very similar with the rations in
financial statements. It is highly effective
technique to highlight account balances that are
out of the line.
 Test of reasonableness- The analysis of account
balances in terms of their reasonableness in light
of expected relationship between accounts.
Big auditing firm have sophisticated statistical analysis
that use a set of computer-assisted techniques such as
regression analysis and data analytics.
Analytical procedures throughout the Three audit
phases
 To obtain understanding of the entity
and its environment
 Detect material misstatements
 Form an overall conclusion about the F/S
Analytical procedures in Risk assessment phase- In this
phase help identify the existence of the unusual
transactions, amounts, ratios, and trends that may
indicate ROMM, especially due to fraud
Observation and Inspection
 Entity’s operations, premises, and plant facilities
(tour)
 Documents, records and control manuals
(business plans)
 Management and TCWG reports (interim F/S and
minutes of the meeting)
 Books, periodicals, and other publications
Use if information obtained in prior period audits- For
continuing clients, auditor’s previous experience and
audit procedures contained prior years working
papers(permanent files) are helpful in obtaining
understanding of the entity, its invironment, and its
internal control about such matters
 Past misstatements and whether they were
corrected timely
 Significant changes in the entity, which may
assist to identify and assess ROMM
Discussion among the engagement team
(“Brainstorming”)- Brainstorming is critical to an
effective and efficient audit. These discussions:
 Provides an opportunity for sharing more
experienced team member’s insight
 Allows team members exchange information
about business risk and ROMM
 Assist team members better understand ROMM
and responses thereof.
 Provides a basis of team members
communication and sharing new information
It is not necessary to include all team members in a
discussion (e.g., in a multi-location audit), nor be
informed of decisions reached
The Six Key Elements of Auditor’s Understanding
External Factors  Industry
 Regulatory environment
 Financial reporting
framework
Nature of Entity  Operations and key
personnel
 Ownership and
governance
 Investment, structure,
and financing
Accounting Policies  Selection and
application
 Reasons for changes
 Appropriateness to
entity
Entity Objectives and  Business plans and
Strategies strategies
 Financial implications
and risk
Measurements and  What is measured
Review of financial  Who reviews financial
performance results
Internal Control  Processes and relevant
Relevant to the Audit controls that address
ROMM
Chapter 8
Overview of Risk Assessment Process
STEP 1 Design and perform procedures to obtain
understanding
 Risk Assessment Procedures (RAP)
 Information obtained in prior period audits
 Discussions among the audit team
(Brainstorming)
STEP 2 Identify and Assess ROMM
 Identify material account balances, class of
transactions, and disclosures
 Identify and relate the risk identified to F/S
assertions
Risk assessment procedures to obtain understandings
of internal control
 Inquiring of entity personnel. However, inquiry
alone is not sufficient
 Observing the application of specific control
 Inspecting documents and reports
 Walkthrough tests.
Internal Control- is a process designed, implemented,
and maintained by TCWG, management and other
personnel to provide reasonable assurance
The ultimate purpose of internal control is to address
entity’s business risk
Business risk- refers to a risk resulting from significant
conditions, events, circumstances, actions, or inactions
that could adversely affect an entity’s ability to achieve
its objectives and execute its strategies, or from the
setting of inappropriate objectives and strategies
The following concepts about internal control can be
deduced
Internal Control is a process- internal control is
neither an end in itself nor a one-off event, but a
series of activities that allows an entity’s unit to
function effectively
Internal control is affected by people- All entity
personnel are involved with internal control’ that
is, from management formulating business
objectives and strategies, as overseen by TCWG,
to security guards safeguarding the entity’s
premises
Internal control can only be expected to provide
reasonable assurance, not absolute assurance-
There is no perfect system, the likelihood that
internal control addresses business risk is
affected by inherent limitations, such as
 Cost-Benefit considerations
 Human Errors
 Circumventions by the collusion of two
or more people
 Inappropriate management override
such as revising terms of a sales contract
or overriding a customer’s credit limit
Internal control is designed towards the
achievements of objectives, such as:
Financial reporting- refer to preparation of control
reliable financial reporting Control Activities  The policies
and
Operation- the entity must operate procedures
effectively and efficiently that help
prevent,
Compliance- The entities must comply with detect , and
applicable laws and regulations correct risk
Monitoring  The process
F/S audit is primarily concerned with that
financial reporting objectives consequently, determines
the auditor scopes out the other two whether
internal
objectives, unless relevant.
control
The Five Internal Control Components and remains
effective and
the Auditor’s Required Understanding
relevant
Control  The control  The assessor
Environment history, of internal
culture, and control
consciousness
 The tone at
The previous exhibit shows the five
the top
 The head and components of effective internal control and
brain of well as their concept and roles
internal (metaphorically). These five components
control should go to work together as a process or
Risk Assessment  The system to be effective
process evaluation of
internal and The best way to address risk is to identify
external and assess them, as performed by the
control entity’s risk assessment process
factors that
impact an
entity’s
achievement Components of internal control and
of its auditor’s understanding
objectives
 The eyes and Pg. 146
senses of
internal Components of Internal Auditor’s
control Control Required
Information  The process Understanding
system and which ensures Control Environment
communication that relevant The Functions, attitudes,
information is awareness, and actions
identified and of TCWG and
communicate management concerning
d timely the internal control and
 The blood and its importance in the
veins of entity. It is the
internal foundation of internal
control as it sets the carry out their t to F/S
tone of an organization responsibilities such as: b. How
that influences the 1. Timely identify transacti
control consciousness. and record valid ons are
THE SEVEN ELEMENTS transactions initiated
ARE: 2. Measure c. Accounti
1. Integrity and present, and ng
ethical values disclose records
2. Commitment to properly and
competence 3. Communicate support
3. Human responsibilities d. Manner
Resource to employee of
policies and processin
practices g
4. Assignment of transacti
authority and ons
responsibility e. Financial
5. Management’s reporting
philosophy and process
operating cycle and
6. Participation by communi
TCWG cation
7. Organization roles
structure Control Policies
Risk assessment Process Policies and procedures
Process for identifying Whether the that help ensure that
business risk relevant toentity has a management directives
financial reporting process are carried out such as
objectives and deciding a. Identifyin 1. Performance
about actions to g reviews
address those risk business 2. Information
risk processing
b. Estimatin 3. Physical
g the information
significan processing
ce of the 4. Physical
risk controls
c. Assessing 5. Segregation of
likelihoo duties
d of Classifications
occurren of control
ce activities
d. Deciding 1. Preventive
actions Control-
to avoids
address errors or
those fraud.
risks. 2. Detective
Information system and communication control-
The identification, About: Identify
capture, and exchange a. Transacti errors or
of information that ons fraud so
enables individual to significan corrective
 actions can  Transactions are appropriately
be taken recorded
3. Compensati  Accounting records are maintained
ng control-
accurately
Provide
assurance in  Receipt and expenditures are
case other properly authorized
direct  Unauthorized transactions are timely
control fail. prevented or detected
Monitoring
A process that assesses
the effectiveness of
internal control
performance over time,
including taking of
necessary corrective
actions such as
1. Ongoing
Monitoring
activities- Part
of normal
recurring Evaluating entity level controls
activities ( sales
and purchase ) Five components
2. Separate Control Environment Entity Level control
evaluations- Risks assessment Entity Level control
Periodically Information system Entity Level control
performed Monitoring Entity Level
( Quarterly and control/Transaction level
annual F/S control
audit) Control Activities Transaction level control
3. A combination
As shown above, the auditor follows a top down
of two
approach to understanding the internal control
(pervasive to specific control) as entity level controls
Entity level and transaction level internal provide the foundation for all the other components of
control internal control

Internal control are broadly categorized as Evaluating control environment

entity level (pervasive) and transaction level
(specific) controls
Integrity and ethical  Conduct interviews
values with a sample of
Entity level pervasive control- this control staff
 Read code of
relate to entity’s overall operations. They
conduct and
typically address governance and
communications to
management and serve to establish the staff.
control environment or “tone at the top” Commitment to  Review hiring and
competence firing policies
Transaction level specific control  Review job
description on
These are specific processes/controls
selected employee
designed to ensure that: files
Participation by  Review and self- Transaction cycles- refer to certain business processes in
TCWG assessment made which related transactions are grouped.
 Review BOD
qualification and Understanding internal control through transactions
minutes of the cycles
meeting
 Attend a meeting as Revenue and Receipt cycle- refers to the processes of
an observer receipt of customer order, extension of credit to
Managements  Review any customers, shipment of goods or rendering of service to
philosophy and documentation customers and receipt cash
operating style  Conduct interviews
with a sample staff Purchasing and payment cycle- purchase to pay business
Organization  Review structure in process. This cycle relates to purchase and payment of
structure light of best
goods and services to vendors
practices
Assignment of  Review any Personnel and payroll cycle- this cycle pertains to the
authority and documentation such
process of hiring employees, receipt of their service and
responsibility as a job descriptions
payment of their compensation
Human resources  Review policies and
policies and practices practices and Inventory and production cycle- encompasses the
compliance
production of raw material to finished product for sale
 Review employee
files for staff
Financing and investing cycle- two major business
evaluations training
functions are associated with this cycle are receiving
etc.
capital funds from investors and using capital funds for
operation or investing those funds temporarily until
The next exhibit present auditors Reponses based on needed for operations?
the result of effectiveness of control environment
Internal control in smaller entities- internal control
Effective control The auditor will have more varies with entity’s size and complexity. Smaller entities
environment confidence in the entity’s use simpler process and procedures to achieve their
internal control. In this case, objectives. There are often few employees because of
some audit procedures may
resources constraints, which may limit
be performed at interim dates
rather than at year end
 Segregation of duties
Ineffective control The auditor needs to perform
 Paper trail of documentation
environment some additional work such as:
(deficiencies exist)  Assigning more
Control strength- is that the person will be
experienced audit
knowledgeable about all aspects of operations, and it is
staff or experts
 Conducting more highly unlikely that material misstatements will not be
audit procedures at addressed
year end rather than
interim Control weakness- is that there is an opportunity
 Intensifying the provided to that substantive procedures strategy is often
nature, timing or more efficient than a test of controls strategy in auditing
extent of substantive smaller entities
procedures
Factors relevant to auditors judgment include:

 Materiality and significance of risk

  Size and nature of entity 2. Detailed es are not
 How a specific control prevents, or detects and analysis obvious
corrects material misstatements and
forces
Objectives of understanding and testing of relevant auditor to
controls understan
da
Evaluating Design and Considering whether the control
implementation of a control is capable of Flowcharts 1. Graphic 1. Time
control preventing or detecting represent consumin
and correcting material ations g
misstatements and 2. Unlikely 2. Weakness
ascertaining it exists and to es are not
the entity uses it overlook obvious
Testing of Operating Evaluating whether the controls
effectiveness of a control properly designed and 3. Easy to
utilized control operates read and
effectively in preventing update
material misstatements Internal 1. Easy to 1. May not
control complete be
questionnaires 2. Unlikely answered
Internal control documentations techniques (ICQ) to adequatel
overlook y
1. Origin of documents and records (how sales controls 2. Questions
invoice are generated) with may be
2. Transactions processing (how sales amounts are comprehe unfit to
nsive list client
determined)
of 3. Not
3. Disposition of documents and records questions process
( documents filling and sending to customers) 3. Weakness overview
4. Indication of relevant control to es
ROMM( separation of duties recording from become
handling cash, authorizations, and verifications obvious
with no
Flowcharts- is a diagram of the same four characteristics responses
identified for narratives. Well prepared flow charts are
advantageous because they provide a concise overview
Entity level control Documentations (pg 153)
of the control and help auditors identify controls and
deficiencies in the system Walkthrough Test-involves tracing transactions through
the information systems relevant to financial reporting.
Internal control questionnaires/ checklist- an Internal
Walkthrough test are normally done after initially
control questionnaires asks a series of questions about
documented understanding of transaction cycle to
the controls in each audit area to identify control
confirm auditors understanding and verify what can go
deficiencies
wrong. Walkthrough tests should be done every audit
Documentations techniques comparison year to determine relevance prior period information
intended to be used for the current year.
Method Advantages Disadvantages
Narratives 1. Tailor 1. Time Deficiencies in internal control
made for consumin
engagem g
ents 2. Weakness
The auditor shall determine whether internal control
deficiencies have been identified. Deficient n internal
control exists when.
 A control is unable to prevent or detect and
corret F/S misstatements timely or
 A necessary control is missing
The procedure to obtain understanding is
 Risk assessment procedures
 Information obtained in prior period audit
 Discussion among the audit term
STEP 2 Identify and assess ROMM

Severity of internal control deficiencies  Identify material account balance, class of

transactions, and disclosures
Deficiency Severity Communications  Identify and relate the risk identified to F/S
to Mgt and TCWG assertions
Control Not allow to Only if it merits
deficiency timely prevent or their attention Quantitative considerations- involves comparison of an
detect and account’s amount with a general materiality, through
correct some auditing firms use performance materiality. The
misstatements.
account is quantitatively material if it exceeds materiality
Material A reasonable Yes
Weakness possibility that a Qualitative consideration- takes into account the
material
possibility of material misstatements, based on auditor’s
misstatements
will not be timely knowledge such as accounts that involves accounting
prevented or estimates or suspicious accounts
detected or
corrected Scoping of material accounts and disclosures
Significant Less severe than Yes
Immaterial accounts and disclosures are usually scoped
deficiency a material
weakness out of any further audit. However before scoping out
account or disclosure consider

Deficiencies of internal control comparison  Possible accumulation of immaterial

misstatements that could be material and
Deficiency Misstatements Misstatements  Whether the F/S area is understated due to
likelihood magnitude fraud or error.
Control Remote Inconsequential
deficiency ROMM- refers to risk that the F/S are materially
Material More than More than misstated prior to audit
Weakness remote inconsequential
Significant More than Material The auditor shall identify and assess the ROMM at the
deficiency remote
 F/S level and
 Assertion level for classes of transactions,
Chapter 9
account balances, and disclosures to provide a
Risk based audit approach- involves identifying and basis for designing and performing FAP
assessing ROMM of F/S that guide the auditor to perform
F/S level ROMM- ROMM at F/S level refer to risks that
appropriate audit procedures
relate pervasively to the F/S as a whole, and potentially
Overview of the risk assessment process affect many assertions. In other words, they relate to
risks that have a potential impact on a large number of
STEP 1 Design and perform procedures to obtain F/S items, though they increase the ROMM at assertion
understanding level.
Examples include  Management override of internal control

Weak control environment, includes management
override of internal control- the entity may not be able
to prevent, detect and correct material misstatements
relating to F/S items
Going concern problem- this affects many measurement
and presentations in F/S
Risks that substantive procedures (SP) alone are not
enough to address- these risks may include risks of
inaccurate or incomplete processing for routine
transactions which are subject to highly automated
processing with little or no manual intervention
Summary of ROMM

Fraud Risk- when management intentionally misstates Significant Risk Risk that requires special
F/S it usually involves many items in the F/S audit consideration
Risk that substantive Risks for which substantive
Declining Economy- when an entity operates in a n procedures alone are not procedures alone do not
economy that experience a crisis, that condition may enough to address provide sufficient
affect many items in F/S such as realizable amounts of appropriate audit evidence
receivables of inventories completeness of experience Other ROMM Risks that could potentially
result in material
and liabilities
misstatements
Assertion level ROMM- the ROMM at assertion level
refer to risks that are confined to one or a few assertions The process of identifying and assessing ROMM
for classes of transactions, account balances, and
disclosures in the F/S for example 1. Identify risk throughout the process of obtaining
an understanding of the entity
1. Risk of theft of cash relating to existence 2. Assess the identified risk
assertion 3. Relate the identified risk to what can go wrong
2. Risk of delayed recording of account payable 4. Consider the likelihood of misstatements
relating to completeness assertion
Process of identifying and Assessing ROMM
Inherent risk- is the susceptibility of an assertion to a
misstatement that could be material before STEP 1 Identify, Assess, and relate risks to F/S
consideration of any related control. For example,
The auditors understanding of the entity is central to
accounts and disclosures involving complex calculations
identifying and assessing to ROMM
or significant estimates relating to valuation assertion
STEP 2 Relate risks to WCGW at the assertion level and
Control risk- is the risk that misstatements that could
relevant controls
occur in an assertion will not be prevented or detected
and corrected on a timely basis by the entity’s internal The auditor related identified risks to assertion level as
control. Hence the control risk is a function of FAP are at assertion level
effectiveness of internal control that always exist
because of the inherent limitations of internal control STEP 3 Consider likelihood and magnitude of
misstatements
Significant risk- is a ROMM that in the auditors
judgement requires special audit considerations. Such as Process of assessing inherent risk
special considerations and factors to consider whether a
 Understanding of the entity and its environment
ROMM is significant risk.
 Identify business risk
Significant Risk resulting from fraud risk  Consider susceptibility to material
misstatements without considering internal
 Revenue recognition control
  Assess level of inherent risk
Likelihood of misstatement- refers to the probability of
occurrence of risk. The auditor could evaluate this
probability as high, moderate or low
Magnitude of misstatements- refers to the impact of
misstatements if it could be material
Process of assessing control risk
 Understanding of the entity’s internal control
 Consider occurrence of material misstatements
that could not be prevented or detected and
corrected by internal control
 Assess level of control risk
Chapter 10
Overall response to address the ROMM at F/S level.
These responses affect virtually every F/S area. These
responses may include
 Maintaining professional skepticism
 Assigning more experienced staff or those with
special skills or experts
 Providing more supervision
 Incorporation additional elements of
unproductivity in FAP
 Making general changes to the nature timing or
extend of procedures
In designing FAP the auditors must consider
 Relevant assertion
 Nature timing and extend
 Significant risk
 Documentation
Relevant assertion- to obtain appropriate evidence the
evidence must pertain to relevant assertion
Nature timing and extent of FAP- ROMM at the
assertion level that may include
 Only TOC
 Only SP
 A combined TOC or SP
Nature of FAP
Purpose- whether to evaluate operating
effectiveness or to detect material
misstatements
Type- such as inspection observation inquiry
confirmation recalculation reperformance or
analytical procedure
Minimum SP- the typical SP performed for each material
class of transactions, account balances and disclosures
irrespective of assessed ROMM to address the risk that
ROMM may have been inappropriately assessed
Examples include
 Obtain a schedule of items that make up a
yearend balance
 Tie out the schedule with the control account
balance
 Perform simple SAP that compare current year
balance with prior year and
 Performa some yearend cutoff procedures
Timing of further audit procedures- refers to when it is
performed whether at an interim date or period end. Can
be performed only at or after period end such as
 Agreeing the F/s to the accounting records
 Examining adjustments made during the
preparations of F/S and
 Procedures to respond to a risk of transactions
not yet finalized at period end
Extend of further audit procedures- refers to the
quantity to be performed
Steps in performing TOC
STEP 1 Identify ROMM
STEP 2 Identify controls that address ROMM
STEP 3 Evaluate D and I Effectiveness of controls
STEP 4 Perform TOC procedures
STEP 5 Evaluate OE of controls and documents
results
Nature of TOC
 Inquiry of client personnel
 Observation
  Inspection  Examining material journal entries and other
 Reperformance adjustments made during F/S preparation

SP may be performed at interim dates or at period end.

Steps in performing SP Performing procedures at interim date may assist the
auditor in identifying and resolving issues early.
STEP 1 Identify ROMM
When SP are performed at an interim date the auditor
STEP 2 Perform SP shall perform
STEP 3 Evaluate and document result of SP  SP combined with TOC for the intervening period
 Further SP only to provide a reasonable basis for
extending the audit conclusion form the interim
Nature of SPs date to the period end

 Inspection
 Observation
 External confirmation
 Recalculation
 Analytical procedures
 Inquiry
TOD of transactions- refer to tests to detect material
misstatements in individual transactions
TOD of balances- refer to tests to detect material
misstatements in the ending balance of a general ledger
account or an F/S line item.
TOD of presentations and disclosures- arise from F/S
presentation and disclosures. As a result specific
procedures may need to be designed that address such
ROMM such as those presented in the next exhibit
Further investigation includes
 Inquiries of persons outside the entity including
bankers, customers
 Inquiries of independent person inside the entity
 Evidence obtained from other auditing
procedure
 Examination of supporting evidence
FCSP- refers to the process of preparing the F/S. auditors
normally view this area as high risk. The SP relating to
FSCP include
 Agreeing or reconciling the F/S with the
underlying accounting records
Extent of SP- the greater the ROMM the greater the
extent of SP. The extent of testing is ordinarily thought of
in terms of the sample size. However other matters are
also relevant, including whether it is more effective to
use other selective means of testing
Chapter 11
Testing all items 100%
100% testing is unlikely in case of TOC it is common for
TOD such as when
 The population constitutes a small number of
large value item
 There is a significant risk and other means do not
provide sufficient appropriate audit evidence
 The use of computer assisted audit techniques
Testing Specific non representative items
Testing specific non representative items may include
 High value or key items
 All items over a certain amount
 Items to obtain information
 Items to test the operation of certain control
activities
However this type of testing does not constitute audit
sampling because the specific items selected do not
represent the population
Audit sampling
Applications of audit procedures to
  Less than 100% of items within a population of
audit evidence
 Such that all sampling units have a chance of
selection
 In order to provide the auditor with a
reasonable basis on which to draw conclusions
about the entire population
Representative sample- is one in which the
characteristics in the sample of audit interest are
approximately the same as those of the population
Sampling risk- is the risk that the auditor’s conclusion
based on a sample may be different from the conclusion
if the entire population were subjected to the same audit
procedure
Sampling risk can lead to two types of erroneous
conclusions
PG 226
 In TOC the controls are ineffective when they are
actually effective.
 In TOC the controls ae effective when they are
actually not
Dealing with sampling risk
Instead the auditor reduces sampling risk to an
acceptably low level by making the sample more
representative of the population
 Increase the sample size and
 Using appropriate sample selections
Non sampling risks- is the risk that the auditor reaches
an erroneous conclusion for any reason not related to
sampling risk such as human error due to
 Use of inappropriate audit procedure
 Failure to recognize misstatements or deviations
in the samples testesd
 Misinterpretation of evidence obtained
Dealing with non sampling risk
Non sampling risk cannot be eliminated due to inherent
limitations of audit. However the audit can manage non
sampling risk by conducting an effective audit through
 Proper planning
 Adequate direction and supervision of audit
team and timely review of their work
The ten step audit sampling process
STEP 1 Define the objective of the test
STEP 2 Define the deviation or misstatement
STEP 3 Identify the relevant population
STEP 4 Determine the relevant sampling unit
STEP 5 Select the appropriate sampling approach
STEP 6 Determine the sufficient sample size
STEP 7 Select the representative sample items
STEP 8 perform the testing and evaluate items
STEP 9 Evaluate the test result and reach conclusion
STEP 10 Complete documentation
The auditor identifies the relevant population by
considering its characteristics such as
 Direction of testing
 Completion of population
 For test of details, stratification or value
weighted selection
Direction of test- refers to vouching or tracing
Direction of deviation- determines the relevant
population. When the deviating results in overstatement
the population should be the record
Direction of misstatements- determines the relevant
population. When testing for overstatements the
population should be the record
Verification of completeness of population
Boundaries  First and last numbers
if a series of
prenumbered
documents
 Beginning and ending
days of an audit period
Totality  Accounting for
 numerical sequence of auditors or judgeme
prenumbered sampling nt to
documents software determi
 Footing population ne
items and comparing sample
to control total size,
evaluate
sample
Stratification- is the process of dividing a population into results
sub populations, it makes sub populations more Estimate
meaningful by having a group of sampling units which sampling risk
have similar characteristics, stratification reduces the
variability of items within each stratum and allows
sample size to be reduced without increasing sampling
risk this improving audit efficiency and effectiveness Tolerable misstatements- refers to monetary amount set
by the auditor that if exceeded by the actual
The population is often stratified by monetary value to misstatements in the population the misstatements is
allow greater effort for larger value items material
Value weighted selection- this is appropriate when Sample selection method- may be probabilistic or non-
monetary unit sampling is used probabilistic
Sampling units- is the individual items constituting Random selection- the selection of sample in such a way
population that every sampling unit has the same probability of
Audit sampling can be applied using either statistical or selection
non-statistical approach Systematic selection- it involves sample selection using a
Statistical sampling Non statistical uniform interval with a starting point selected in the first
sampling interval
Advantages  More  Easy to
MUS- it is the type of probability proportional to size
effective due apply
to aid of and less selection or value weighted selection that is the value of
mathematics costly an item being selected is proportional to its value
 More  Can be
objective as Haphazard selection- this involves selecting sampling
effective nits without any conscious bias or any special reason for
as including or omitting items
statistica
l if Block selection- this involves selecting a blocks of
appropri contiguous items from within the population
ate
judgmen Voided sample- if the audit procedure is not applicable
t applied to the selected item, the auditor shall perform the
Disadvantage  Overvalue  Less procedure on a replacement item
s the evidence objectiv
 Reduces e Missing or lost sample- if the auditor is unable to apply
auditor  Relies the designed audit procedures or suitable alternative
skepticism exclusiv procedures to a selected item the auditor shall treat the
 Increased e on
item as a deviation or a misstatement
cost due to professi
training onal
Deviation and misstatements
Sample deviation rate- is the rate of deviations detected
in the sample. SDR is calculated by dividing the number
of sample deviations by the sample size
Projected deviation rate- also called upper deviation or
precision limit is the rate of deviation that the auditor
estimates to be in the population
Projected misstatements- is the misstatements that the
auditor estimates to be in the population and is
calculated by adjusting the sample misstatements by an
allowance for sampling risk
Difference approach- is calculated by the average
difference between audited and recorded amounts of
the sample items and projects that average difference to
the population
Projected misstatements plus anomalous
misstatements- is the estimated population
misstatements
If the auditor concludes that audit sampling has not
provided a reasonable basis for conclusions about the
population that has been tested the auditor may
 Request management to investigate
misstatements identified and the potential for
further misstatements and necessary
adjustments
 Tailor the nature timing and extent of FAP to
achieve the required assurance
Chapter 12
Fraud vs Error- The difference between fraud and error is
whether the act is intentional or unintentional

Ratio approach- the auditor calculates the ration
between the sum of the audited amounts and the sum of
the recorded amounts of the sample items and projects
this ratio to the population
Fraud- is an intentional act by one or more individual or
more individual among management
Error- is unintentional misstatements or omissions in F/S
in

Fraud is more difficult to detect than error because

MUS fraud is usually concealed by forgery, not recording
transactions misrepresenting or collusion
The steps in projecting misstatements using MUS are

 Calculate the percentage of misstatements in

each item Types of Fraud
 Add up the misstatement percentages netting
Embezzlement- involves theft of funds placed in one’s
overstatements and understatements
trust or care
 Calculate the average percentage misstatement
per item sampled by dividing the total Larceny- involves theft of personal property
misstatement percentages by the number of all
items sampled Forgery- act of forging or producing a copy of a
 Multiply the average percentage misstatement document signature
by the total representative population monetary
Bribery- persuading someone to act in one’s favor
value
illegally by gift
The two general approaches to evaluate the sample
Extortion (blackmail)- obtain something through force or
results for TOC are
threats
 Compare PDR to TDR- if PDR exceeds TDR the
Conspiracy- agreement between two or more people to
control did not operate effectively
commit a crime
 Compare SDR to EDR- If SDR exceeds EDR the
control did not operate effectively
Earnings management- use of accounting to enhance
financial performance
Income smoothing- a form of earnings management in
which revenues and expenses are shifted between
periods to reduce fluctuations in earnings
Auditor- the auditors responsibilities in the F/S is to
obtain reasonable assurance about whether the F/S are
free from material misstatements whether due to fraud
or error. The auditors responsibilities to detect fraud and
error is essentially the same

Forensic audit and F/S audit comparison

Fraud as to intentional misstatements in the F/S is
Forensic audit F/S audit
Fraudulent financial reporting- involving misstatements Objective To prove To evaluate the
including omissions of amounts or disclosures in F/S this oc fairness of F/S
often involves management cu
rr
Misappropriation of assets- involving theft of assets this en
is often perpetrated by ordinary employees in small ce
amounts though ma also involved management an
d
Examples of intentional misstatements in the F/S ex
te
1. Fraudulent financial reporting nt
 Manipulation or falsification of accounting of
records fr
 Misrepresentation in the F/S au
 Intentional misapplication of accounting d
principles Scope To present To express
2. Misappropriation of assets (theft) findings that opinion on the
 Stealing physical assets or intellectual property support legal and fair presentation
 Causing an entity to pay for goods and services administrative of F/S in
not received decisions. accordance with
 Using an entity’s assets for personal use AFRF
Extent of Virtually involves Combination of
procedures 100% 100% specific
Fraudulent financial reporting- usually involves examination and sampling
overstatement of assets and income or understatement examination
of liabilities and expenses Audit period Any period as Typically year-
necessary end F/S
Misappropriation of assets- is often accompanied by Nature of Investigate report Assurance report
misleading records to conceal the fact that the assets are report
missing
Professional judgement- enables the auditor to apply
Fraud as to perpetrator
relevant knowledge and experience in making informed
The two types of fraud perpetrator are management decisions to address circumstances of fraud such as
fraud and employee fraud designing and performing procedures responsive to
ROMM due to fraud
Management fraud- involves members of management
or TCWG Forensic accountants- often refer to them as fraud
triangle because when all three conditions are present it
Employee Fraud-involves ordinary employees is highly likely that fraud has occurred or may be
occurring
Fraud triangle
 Attitudes/Rationalization
 Incentives/ pressures
 Opportunity
Attitude or rationalization- this relates to either the
perpetrators attitude character or set of values or the
entity’s weak control environment that does not create a
culture of honesty
Incentives or rationalization- management and
employees who have an incentive or under pressure may
be motivated to commit fraud
Opportunities- these relate to circumstances that allow
execution of fraud possible such as when a person is
generally trusted internal control is perceived to be easily
overridden or the individual knows about deficiencies in
internal control
Written representations
The auditor shall obtain written representations from
management and where appropriate TCWG that they
 Acknowledge their responsibility for internal
control to prevent and detect fraud
 Have disclosed to auditor their knowledge of
fraud or suspected fraud involving management
employees who have significant roles in internal
control others where the fraud could have a
material effect on the F/S
 Have disclosed to auditor their knowledge of any
allegations of fraud or suspected fraud affecting
F/S communicated by employees former
employees analysts regulators or others
Communication- made even if the matter might be
considered inconsequential
Withdrawing from engagements because of fraud
 The entity takes no appropriate action about
fraud, even if not material to F/S
 The ROMM due to fraud and the results of audit
tests indicate a significant risk of material and
pervasive fraud
 Significant concern about the competence or
integrity of management or TCWG
NOCLAR
Laws and regulations applicable to the entity constitute
the legal and regulatory framework in which it operates
Non compliance- refers to acts of omission or
commission intentional or unintentional committed by
the entity or TCWG
Responsibility for compliance with laws and regulations
These includes
 Maintaining a register of significant laws, and a
record of any complaints received
 Monitoring legal requirements and designing
procedures/internal controls to ensure
compliance with these requirements
 Engaging legal advisors to assist in monitoring
legal requirements
 Developing publicizing implementing and
following a code of conduct
Auditors consideration of laws and regulations
1. Direct effect- obtain sufficient appropriate audit
evidence regarding compliance
2. Indirect effect- limited tit undertaking specified
audit procedures to help identify non-
compliance
3. To respond appropriately to instances of
NOCLAR
Difficulty in detecting noncompliance and dependence
on legal judgement
Laws and regulations are greater because
 Operational in nature and not captured in F/S
 Concealed
 Matter of legal determination by court of law
Chapter 13
Engagement is an engagement in which either
 The F/S for the prior period were not audited
 The F/S for the prior period were audited by a
predecessor auditor
Opening balances- refer to those account balances that
exist at the beginning of the period based upon the
closing balances of the prior period including disclosure
Initial audit- the successor auditor expresses an opinion
that pertains only to the current period of F/S
Auditors opinion
The auditors opinion depends on the results of initial
audit performed relating to
 Opening balances
 Consistency of accounting policy
 Modification to the predecessor auditors opinion
The user auditor’s consideration when the entity uses
the services of a service organization
 To obtain an understating of the nature and
significance of the services provided by the
service organization and their effect on the user
entity’s internal control relevant to the audit
 To design and perform audit procedures
responsive to those risk
Risk assessment – the auditor shall obtain an
understanding of the nature and significance of the
services and their effect on the effectiveness of D and I of
user entity’s internal control relevant to audit sufficient
to identify and assess ROMM
If the user auditor is unable to obtain such
understanding from the user entity the user auditor
shall perform one or more of the following procedures
 Obtain a type 1 or type 2 report if available
 Contact the service organization through the
user entity to obtain information
 Visit the service organization and perform
necessary procedures
 Using another auditor to perform necessary
procedures
The external auditor shall evaluate:
 The objectivity of the internal audit function
 The technical competence of the internal
auditors
 Whether the work of the internal auditors is
likely to be carried out with due professional
care
 Whether there is likely to be effective
communication between the internal auditors
and external auditor.
Determining effect if reliance on the work of internal
auditor
The external auditor shall consider
 The nature and scope of work of internal
auditors
 The assessed ROMM at the assertion level
 The degree of subjectivity involved
Performing procedures to determine adequacy the
work of internal auditor
 The work was performed by internal auditors
having adequate technical training and
proficiency
 The work was properly supervised reviewed and
documented
 Adequate audit evidence has been obtained to
enable the internal auditors to draw reasonable
conclusion
 Conclusion reached are appropriate in the
circumstances and any reports are consistent
with the result of the work
 Any exception or unusual matters disclosed by
the internal auditors are properly resolved
Reporting- the external auditor has a sole responsibility
for the audit opinion expressed and that responsibility is
not reduced by the external auditors use of the work of
the internal auditors.
Expert of Specialist-refers to a person or frim possessing
special skills knowledge and experience in a particular
field
Areas that may need work of experts
 Valuation complex financial instruments
  Appraisal of properties artworks precious stone
and inventory
 Performing actuarial valuations
 Estimating quantities such as mineral reserves
 Estimating useful lives
 Analysis of complex or unusual tax compliance
issues
 Determination of work in progress
 Interpreting legal opinion concerning contracts
statutes and regulations
Auditors expert- an expert whose work is used by the
auditor to assist the auditor in obtaining sufficient
appropriate audit evidence
Managements expert- an expert whose work is used by
the entity to assist the entity in preparing F/S
Sometimes an auditor may obtain expertise in a field
other than accounting or auditing through EXPERIENCE
OR CONTINUING DEVELOPMENT
Determining nature timing and extend of procedures
The auditor shall consider
 The nature of the matter
 The ROMM
 The significance of expert’s work
 The auditor’s knowledge and experience with
work of the expert
 Whether that expert is subject to auditor’s
quality control
Evaluating the adequacy of an expert’s work the auditor
shall consider the
 Relevance and reasonableness of the
findings and consistency with other evidence
 Relevance and reasonableness of assumption
and methods
 Relevance completeness and accuracy of
source data.
If the work of an auditors expert is not adequate the
auditor shall
 Agree with expert on the nature and extent
of further works or
 Perform additional audit procedures
Auditors report- should not refer to the work of an
expert. Such a reference might be misunderstood to be a
modification of the auditors opinion or a division of
responsibility
Group F/S- refers to F/S that include the financial
information of more than one component
Group Audit- is the audit of group F/S. For example
assume an auditor who audits and assumes responsibility
for consolidated F/S
Using the work of components auditors
The group shall obtain an understanding of
 Whether the component auditor understands
and will comply with relevant ethical
requirements and in particular competence
 The components auditors professional
competence
 Whether the group engagements team will be
involved in the work of the component auditor
 Whether the component auditor operates in a
regulatory environment that actively oversee
auditors
A significant component is a component
 That is of individual financial significance to the
group
 That is likely to include significant ROMM of the
group of F/S
A significant component can be identified by using a
benchmark
Communicate group audit requirements to components
auditor
This would include
 Confirmation that the components auditor will
cooperate
 Relevant ethical and independence requirements
 Components materiality
 Identified significant ROMM if group F/S relevant
to component auditor
  A list of related party prepared by group
management and the timely communication of
previously unidentified related parties
Complete audit documentation
The group auditor shall document
 An analysis of components, indicating those
significant and the type of work on components
 The nature timing and extend of the group
auditor involvement in the work of component
auditors and
 Written communications between the group
auditor and components auditor
CHAPTER 14
IT ENVIRONMENT CHARACTERISTICS
a. Lack of transaction trails – IT systems are
designed so that a complete transaction trail
might exist for a short period of time or in
computer readable form. Errors embedded
in an application’s program logic may be
difficult to detect on a timely basis by
manual procedures.
b. Uniform processing of transactions –
computer processing uniformly processes
like transactions. Errors associated with
manual processing are virtually eliminated.
Programming errors ordinarily result in
systematic errors.
c. Lack of segregation of functions – an
individual who has access to computer
program, processing or date may be in a
position to perform incompatible functions.
d. Potential for errors and irregularities – the
potential for human error in the
development, maintenance and execution of
IT may be greater than in manual systems.
The potential for individuals to gain
unauthorized access to data or to alter data
without visible evidence may be greater in IT
than in manual systems. Error or
irregularities occurring during the design or
modification of application program or
systems software can remain undetected for
long period of time.
e. Initiation or execution of transactions. –
include the capability to initiate or cause the
execution of certain types of transactions
automatically. The authorization of these
transaction or procedures may not be
documented in the same way as those in
manual systems.
f. Dependence of other controls over
computer processing. – IT processing may
produce reports and other output that are
used in performing manual controls. The
effectiveness of these manual control
depends on the effectiveness of IT controls.
g. Potential for increased management
supervision. – offer management a variety of
analytical tools that may be used to review
and supervise the operations of the entity.
The availability of additional controls
enhance the entire internal control
structure.
h. Potential for the use of computer-assisted
audit techniques. – processing and analysing
large quantities of data using computers may
provide the auditors with opportunities to
apply computer-assisted audit techniques.
(CAATs)
DATA PROCESSING METHODS
a. Batch processing - transactions are collected
over a certain period of time and submitted
to the computer as a single batch. This
processing results in delayed updating of
 master file and is ideal for large volumes of
transactions.
b. Real time processing – master file is updated
immediately upon entry of the transactions.
This processing is useful in IT systems that
need latest information.
IT CONTROLS
IT controls are general controls and
application controls. The effective of
application control is often dependent on
the effectiveness of general control.
GENERAL CONTROL
Are policies and procedures that relate to many
applications and support the effective functioning of
application controls by helping to ensure the
continued proper operation of information system.
1. IT standards and policies – establish control
environment and risks assessment of the IT
environment.
2. Data center and network operations –
ensure effective and efficient operations of
the IT environment.
3. Software acquisition or development,
change, and maintenance – ensure that
appropriate software is available.
4. Access – both physical (hardware) and logical
(data and programs).
5. Monitoring of IT operations – ensure IT
standards and policies are followed and
implemented.
IT GOVERNANCE STRUCTURE AND SEGRAGATION
OF DUTIES
The most important general IT control is the
assignment of authority and responsibility.
Department organizational structure – headed by
CIO, is involved with two distinct functions:
1. Systems development and
2. Systems operations.
Chief Information Officer - in charge of an entity’s IT
strategy and implementation.
The IT department should not initiate or authorize
transactions, which should come from the user
department.
IT DEPARTMENT ORGANIZATION STRUCTURE
1. Systems Analyst – designs and analyses the
existing IT system requirements of users,
recommends specific changes or purchases
of a new system.
2. Programmer (software engr.) – responsible
for coding, testing and debugging the
application programs and systems from the
specifications provided by the system
analyst.
3. Database Administrator (DBA) – ensure that
a database is always available as needed.
4. Network Technician – helps with the
creation, maintenance and troubleshooting
of computer network hardware and software
products.
5. Webmaster – responsible for the content of
the entity’s website.
6. Computer Operator – responsible for daily
computer operations as well as issues that
may arise.
7. Data Entry Operator – enters data into the
computer.
8. Data Control Group – monitors the
operator’s activities and scheduled jobs in a
control log, follows the progress of
processing, distributes output and ensure
compliance with control totals.
9. Librarian – responsible for custody of the
removable media, program and system
documentation.
10. Help desk – responsible for answering the
technical questions and problems.
APPLICATION IT CONROLS
Apply to the processing of individual applications 2. Financial total – sum of amounts included in
and are manual or automated procedures that a batch
typically operate at a business process level. 3. Hash total – total of certain data in a file

Application IT controls can be detective or RISK RESPONSE

preventive designed to ensure the integrity of
The auditor may use the CAATs in performing TOC
accounting records.
of both general IT controls and application controls
It relates to initiation, recording, processing and and SP.
reporting transactions, and traditionally classified
CAATs – are applications of auditing procedures
as:
using the computer as an audit tool.
1. Input controls - ensure that data to be
PERFORMING SUBSTANTIVE PROCEDURES (SP)
processed are properly authorized, complete
and accurate.
Audit software – computer programs used in
2. Process controls – built-in controls that
planning and performing the audit. It may be:
ensure data are properly processed.
3. Output controls – ensure that processed Generalized Audit Software – used to read, scan,
data are accurate and complete. extract, sort, summarize, export and compare data
CONTROL TOTALS (BATCH PROCESSING) from a client’s systems for further testing.

1. Record count - total of documents Customized Audit Software - programs are written
processed specifically for specific tasks that cannot be
performed in a generalized audit software.

PERFORMING TESTS OF CONTROLS

Black-box Approach “Auditing around the computer” – auditor ignores the internal IT
processing and is only concerned about the inputs and outputs of the computer system. The
auditor manually processes a sample of transactions and compares the results with the
computer output. Its main advantage is its ease of application and does not require a very
high level of IT expertise.

White-box Approach “Auditing through the computer” – the auditor evaluates not only the
inputs and outputs of the computer system, but also the internal processing.

This approach can be accomplished using:

A. Test Data – entering a set of auditor-developed dummy transactions into a client’s

computer system to test operating effectiveness of controls embedded in the
computer program. The test data should include valid and invalid data.

In performing this test, care should be exercised:

1. Not to contaminate client’s actual data with test data

2. Specifically and adequately developed test data.

B. Integrated Test Facility – test actual operation of a computer program by

introducing a dummy unit into a client’s computer system together with the client’s
actual data during the normal processing cycle. Its advantage is it enables continuous
review of the program that provides the auditor assurance that the program tested
has been used throughout the period.
The dummy data should be purged from the computer system after the testing. ITF is
time consuming and more difficult to apply than test data approach.

C. Parallel Simulation – the auditor reprocesses actual client’s data using the auditor’s
program and compares the result with those of the client.
Auditor’s programs – may be a copy of client’s previously auditor-tested program
(controlled reprocessing), a customized audit software (costliest choice), or a general
audit software.
The disadvantage – difficulty of pinpointing differences of client’s and auditor’s
program outputs, time consuming and incompatibility issued of client’s and auditor’s
programs.

D. EMBEDDED AUDIT MODULES – appropriate for sophisticated and advanced IT

environment that do not retain permanent audit trails. It is an audit program code
inserted into an application program designed to perform an audit function and
 creates notifications when transactions meet certain criteria. It gives the auditor
real-time notifications of transactions that might be unusual, high risk, etc. for
further review. An EAM works using audit hooks.

Audit hooks – a program code that captures auditor-defined transactions.

A. Systems control audit review files (SCARF) – a log that records transactions of
special audit significance based on auditor-set criteria.
B. Transaction tagging – assigns an identifier to specific transactions allowing logging or
snapshot of transactions through the information system.
C. Snapshots – takes a screenshot or picture of significant computer program
processing.
D. Extended records – a variation of snapshot. It automatically collates related
snapshots in a single file and provides a more comprehensive audit trail by attaching
additional identifier data.
E. Continuous and intermittent simulation (CIS) – simulates or replicates the
processing of a client’s application system that uses a database management system
(DBMS) to support updating and querying of application files. It identifies any
discrepancies between the application system’s output and the replicated produced
by CIS.

CHAPTER 15

ACCOUNTING SESTIMATE

An approximation of a monetary amount in the absence of a precise of measurement. An

amount measured at fair value where there is estimation uncertainty.

Many items in F/S have to be estimated due to uncertainties inherent in a business. Hence,
accounting estimates inherently present higher ROMM that could even be considered
significant risk.

Management – responsible for making accounting estimates that are reasonable when
preparing and presenting F/S.

AUDITING ACCOUNTING ESTIMATES

The auditor should obtain sufficient appropriate evidence about whether:

a. Accounting estimates in FS are reasonable;

b. Related disclosures in FS are adequate.

RISK ASSESMENT

Obtain understanding of estimation process to identify and assess ROMM, such as:
 a. Requirements of AFRF
b. Circumstances that involve accounting estimates
c. Model/Methodology, D&I of relevant controls, use of management’s expert, etc.

Retrospective review – Review outcomes of Estimates Prepared in Previous Periods.

a. Effectiveness of management’s estimation process

b. Existence of any possible management bias (a possible fraud)
c. Existence of pertinent audit evidence
d. Extent of estimation uncertainty involved.

A difference between the outcome of an accounting estimates and the original estimates
does not necessarily represent a misstatement.

Evaluate Degree of Estimation Uncertainty and Significant risks

Estimation Uncertainty – the susceptibility of an accounting estimate and related disclosure

to an inherent lack of precision in its measurement.

Identifying and assessing ROMM – the auditor shall evaluate the degree of uncertainty
involved.

Accounting estimates that have high estimation uncertainty may give risk to significant
risks.

RISK RESPONSE

Perform Appropriate Responses – auditor’s responses determine whether AFRF has been
appropriately applied and methods are appropriately and applied consistently.

Use Work of an Auditor’s Expert – the auditor shall consider whether specialized skills or
knowledge in relation to accounting estimates are required in order to obtain sufficient
appropriate evidence.

Perform Additional Response to Significant Risks in Accounting Estimates

Evaluate Possible Management Bias

 Identify whether there are indicators of possible management bias such as changes
in estimates calculation and pattern of optimism or pessimism.
 Consider the cumulative effect of management’s bias.

CONCLUSION AND REPORTING

Evaluate Audit Evidence and Misstatement for Reasonableness of Estimates – the

accounting estimates are either reasonable or misstated based on audit evidence.
Point Estimate – the difference between the auditor’s estimate and management’s estimate
constitute a misstatement.

Range Estimate – a management point estimate that lies outside the auditor’s range would
not be supported by audit evidence. The misstatement is no less than the difference
between management’s point estimate and the nearest point of the auditor’s range.

RELATED PARTIES

PAS 24 Related Parties - establishes specific disclosure requirements for related-party

relationship, transactions, and balances. Enables the users of FS to understand the nature
and effects on the FS of related parties.

Without disclosure – FS would potentially be misleading.

Related parties are not independent of each other, there are often higher ROMM in related-
party transaction.

Management – responsible for appropriate accounting for and disclosure of related party
relationships and transactions.

AUDITOR’S OBJECTIVES IN AUDITING RELATED PARTIES

The auditor shall obtain evidence about the sufficiency and appropriateness of related party
disclosure.

RISK ASSESSMENT

Perform RAP to Identify and Assess ROMM, Including significant risks and fraud risk.

RAP – aimed to obtain information relevant to identify ROMM associated with related
parties, and whether suck risks are significant risks or due to fraud.

The auditor shall treat identified significant related-party transactions outside the entity’s
normal course of business as significant risks.

Remain alert for Indication of related Parties When Inspecting Records or Documents

The auditor shall inspect the following for indications of related parties:

1. Bank and legal confirmations

2. Minutes of meetings
3. Other records or documents deemed necessary
Transactions that indicate the existence of related parties may include:

1. Borrowing or lending at rates significantly different from market rate

2. Business with major customers
 3. Other unusual transactions.
RISK RESPONSE

Significant Related-party Transaction outside Normal Course of Business

The auditor shall:

1. Inspect any contracts to evaluate:

a. Rationale of transactions – which may suggest fraud
b. Terms of transactions are consistent with management’s explanations
c. Transactions have been appropriately accounted for and disclosed
2. Obtain evidence that the transaction have been appropriately authorized.
Obtain evidence about assertion that related party transactions are Arm’s length
transactions – if FS have an assertion that a related-party transaction was conducted in an
arm’s length transactions, the auditor shall obtain evidence about the assertion.

CONCLUSION AND REPORTING

Document Results and Findings – the auditor shall document the names identified related
parties and nature of the related-party relationships.

Form Auditor’s Opinion

Modify the auditor’s opinion if:

1. Qualified/Disclaimer of Opinion – unable to obtain sufficient appropriate evidence.

2. Qualified/Adverse Opinion – management’s disclosure in the FS is not considered
adequate.
GOING CONCERN

FS are prepared in a going concern basis. When an entity is no longer a going concern, its FS
are affected pervasively. It’s assets and liabilities are reported at realizable value and
settlement amounts and are usually no longer classified as current or non-current.

Responsibility for Assessment of the Entity’s Ability to Continue as a Going Concern

PAS 1, Presentation of Financial Statements, requires management to assess an entity’s

ability to continue as a going concern. Management is required to take all into account all
available information about the future which is at least but not limited to 12 months from
the date of FS.

If there are material uncertainties that may cast significant doubt on an entity’s ability to
continue as a going concern, the entity is required to disclose in the FS those uncertainties.
Material Uncertainties exist – when the magnitude of its potential impact, clear disclosure
of the nature and implications of the uncertainty if necessary for the presentation of the FS
not to be misleading.

Auditor’s Objective in Considering Going Concern Assumption

a. To obtain evidence about and conclude on the appropriateness of going concern:

b. To conclude whether a material uncertainty exists
c. To report on the auditor’s findings.
EVALUATE MANAGEMENT’S PLANS FOR FUTURE ACTIONS

The auditor shall evaluate management’s plans relating to going concern to determine
whether the plans would improve the situation and whether the plans are feasible.

OBTAIN WRITTEN REPRESENTATIONS

Specific Written Representations – in support of audit evidence obtained regarding

management’s plans for future actions in relation to its going concern assessment and the
feasibility of those plans.

CONCLUDE WHETHER A MATERIAL UNCERTAINTY EXIST

What constitute a material uncertainty is a judgment involving:

1. The nature and materiality of the events or conditions giving rise to uncertainty
2. The ability of the entity to adopt strategies that mitigate the uncertainty.
If there are no alternative plans this is likely to be evidence of a material uncertainty.

INVETORY, LITIGATION AND CLAIMS, AND OPERATING SEGMENT INFORMATION

Auditor’s Objective and Management Responsibility

Auditor’s objective is to obtain SAAE regarding:

a. Existence and condition of inventory

b. Completeness of litigation and claims involving the entity
c. Presentation and disclosure of operating segment information.

CHAPTER 16
CONCLUDING ANALYTICAL PROCEDURE

Concluding (final or overall) analytical procedure – confirm the auditor’s knowledge of FS

based on understanding of the entity and audit evidence obtained.

SUBSEQUENT EVENTS, INCLDUING DISCOVERY OF OMITTED PROCEDURES

Subsequent events refers to:

1. Events occurring between the date of FS and the date of auditor’s report
2. Facts that become known to the auditor after the date of auditor’s report.
Two types of subsequent events:

1. Adjusting events – those that provide evidence of conditions that existed at the date
of FS
2. Non-adjusting events – those that provide evidence of conditions that arose after
the date of FS
AUDITOR’S REPORT KEY DATES

A. Date of FS – date of the end of the latest period covered by the FS

B. Date of approval of FS – all the statements that comprise the FS have been prepared
and those with the recognized authority have asserted that they have taken
responsibility for those FS.
C. Date of auditor’s report – informs the readers the last day the auditor has
responsibility for auditing subsequent events, it is the date the auditor dates the
report on the FS, which:
1. Cannot be dated earlier than the date on which the auditor has obtained SAAE
2. Cannot be earlier that the date of approval of FS
D. Date the FS are issued – date that the auditor’s report and audited FS are made
available to third parties.
RESPONSIBILITY FOR SUBSEQUENT EVENTS

Management – is responsible under PAS 10 (Events after reporting period) to adjust the
entity’s FS for events after the reporting period, including the related disclosure thereof,
up to the date when FS were authorized for issue.

AUDITOR’S OBJECTIVES IN AUDITING SUBSEQUENT EVENTS

a. To obtain SAAE about whether events occurring between the date of FS and the date
of auditor’s report are appropriately reflected.
b. To respond appropriately to facts that become known to the auditor after the date
of the auditor’s report, that, had they been known to the auditor, may have caused
the auditor to amend the auditor’s report.
FACTS AFTER THE DATE OF AUDITOR’S REPORT

a. Before the date the FS are issued; or

b. After the FS have been issued
SUBSEQUENT DISCOVERY OF OMITTED AUDIT PROCEDURES

An omitted procedure may not be important when:

 1. Other procedure compensate the omission
2. Omitted procedure does not impair the auditor’s ability to support opinion as the
omitted procedure relates to an immaterial account.
DATING OF THE NEW AUDITOR’S REPORT

The auditor shall date the new report as a result of auditing facts after the date of
original report or subsequent discovery of omitted procedures:

a. Single Dating – date of subsequent event

b. Dual Dating – dates of original auditor’s report and of the event.
WRITTEN REPRESENTATIONS

Management’s verbal representation to auditor are best documented in a written

representation.

Written representation – is a written statement by management to provide to auditor to

confirm certain matters or support other audit evidence. It is an important source of audit
evidence.

Not used as:

a. Substitute for other audit procedures

b. Sole source of evidence on significant audit matters.
If management modifies or does not provide the requested written representations, it may
alert the auditor that one or more significant issues may exist.

SOURCE OF WRITTEN REPRESENTATIONS: (CCOT)

a. Chief executive officer

b. Chief financial officer
c. Other equivalent person
d. TGWG
DATE OF WRITTEN REPRESENTATIONS

Shall be near as practicable but not after, the date or auditor’s report on the FS to consider
effect of subsequent events.

Auditor’s report – cannot be dated before the date of written representations.

PERIODS COVERED BY WRITTEN REPRESENTATIONS

It covers all the FS and periods referred to in the auditor’s report because management
needs to reaffirm that the written representations it previously made with respect to the
prior periods remain appropriate.
TYPES OF WRITTEN REPRESENTATION

1. When to obtain: In all audits

Consequence if not provided: Disclaimer of Opinion
2. When to obtain:
a. Required by relevant PSAs
b. Necessary to support other audit evidence
Consequence if not provided:

a. Qualified Opinion; or
b. Disclaimer of Opinion
WRITTEN REPRESENTATIONS ABOUT MANAGEMENT’S RESPONSIBILITIES

a. Preparation of the FS
b. Information provided and completeness of transactions
c. Description of management’s responsibilities in the written representations
d. An amount relating to clearly trivial misstatement threshold.
OTHER SPECIFIC WRITTEN REPRESENTATIONS

The auditor may consider:

1. The entity’s past history in carrying out its stated intentions

2. The entity’s reasons for choosing a particular course of action
3. The entity’s ability to pursue a specific course of action
4. The existence or lack of other information that might indicate inconsistency with
management’s judgement or intent
SPECIFIC PSAs THAT REQUIRE WRITTEN REPRESENTATIONS

1. PSA 240 – the auditors responsibility relating to fraud in an Audit of financial

statements
2. PSA 250 – consideration of laws and regulations in an Audit of Financial statements
3. PSA 450 – Evaluation of Misstatements Identified during the Audit
4. PSA 501 – Audit evidence – specific considerations for selected items
5. PSA 540 – auditing accounting estimates, including fair value accounting estimates,
and related disclosures
6. PSA 550 – Related parties
7. PSA 560 – subsequent events
8. PSA 570 – Going concern
9. PSA 710 – Comparative Information – corresponding figures and comparative
financial statements.

CHAPTER 17

DETERMINING SAAE
The sufficiency and appropriateness of audit evidence will primarily be based on the
satisfactory performance of audit procedure that address the assessed ROMM.

Summary Audit Memorandum (SAM) – to aid in evaluating sufficiency and appropriateness

of audit evidence as well as the materiality of identified misstatements.

EVALUATING MATERIALITY OF MISSTATEMENTS

Misstatement is difference between

a. The amount, classification, presentation, or disclosure of a reported FS item

b. The amount, classification, presentation or disclosure that is required for the item.

Type of Misstatements

1. Factual – misstatements about which there is no doubt.

2. Judgemental – misstatements relating to accounting estimates or accounting
policies
3. Projected – auditor’s best estimate of misstatement
4. Uncorrected

In cases where risk of possible undetected material misstatements is greater than

acceptably low:

a. Perform additional procedure using a lower performance materiality

b. Asking management to perform further examination

EVALUATE EFFECT OF UNCORRECTED MISSTATEMENTS

The auditor considers the:

1. Size (quantitative) and nature (qualitative) of misstatements

2. Effect of prior periods uncorrected misstatements

Quantitative Evaluation – comparison of aggregate misstatement with general materiality

or, if applicable, particular materiality.

Qualitative Evaluation – misstatements may be material, even if lower than materiality

such as:

1. Affects compliance with regulatory

2. Relates to an accounting policy
3. Masks a change in earnings
4. Affects important financial ratios
5. Affects management’s compensation, bonuses or other incentives.
COMMUNICATE WITH MANAGEMENT AND TGWG

 The auditor is required to timely communicate all misstatements during the audit
with management.
 The auditor is required to communicate with TGWG uncorrected misstatements and
their effect on opinion.
 The auditor shall request a management written representation whether they
believe the effects of uncorrected misstatements are immaterial.

PERFORMING ENGAGEMENT QUALITY CONTROL REVIEW (EQCR)

Main purpose of EQCR – to ensure audit quality

Engagement Quality Control Review (EQCR) – a process that provides an objective

evaluation, on or before the date of report, of the significant judgements the engagement
team made and the conclusions it reached in formulating the report.

EQCR Reviewer – a partner, suitably qualified external person, or a team made up of such
individuals, none of whom is part of the engagement team, with sufficient and appropriate
experience and authority to objectively evaluate the significant judgements the engagement
team made and the conclusions it reached in formulating the report.

COMMUNICATION WITH TGWG

Significant Audit Findings

1. Qualitative aspects of accounting practices

2. Significant difficulties encountered
3. Matters regarding management
4. Expected modification to the auditor’s report.
5. Significant deficiencies in internal control
6. Audit adjustments and uncorrected misstatements
7. Agreed-upon matters documented in engagement letter.

THE AUDITOR’S OPINION

Pervasive effects on FS are those that:

1. Are not confined to specific elements, accounts, items of FS.

2. If so confined, represent or could represent a substantial proportion of FS
3. In relation to disclosures, are fundamental to users’ understanding of the FS

THE AUDITOR’S REPORTS

The auditor’s report, modified or unmodified, shall be in writing, hardcopy, or electronic.

UNMODIFIED AUDITOR’S REPORT

PSA 700 – does not establish requirements for ordering the elements of auditor’s report.
However, it requires the use of specific findings, which make auditor’s reports more
recognizable.

Elements: (10/15)

1. Title
2. Addressee
3. Report on the Audit of the FS
4. Auditor’s Opinion
5. Basis for Opinion
6. Responsibilities for FS
7. Signature of Auditor
8. Auditor’s Address
9. Date of Auditor’s Report
10. Other information – if applicable

TITLE – clearly indicates that it is the report of an independent auditor to distinguish it from
reports issued by others.

ADDRESSEE – the report shall be addressed normally to those for whom the report is
prepared.

REPORT IN THE AUDIT OF THE FS –serve as the sub-title of the report; its purpose is to
indicate that the section up to auditor’s responsibilities pertain to FS. This may be omitted if
the report does not include ORR.

AUDITOR’S OPINION – the first section of the auditor’s report shall include the auditor’s
opinion

BASIS FOR OPINION:

a. State that audit was conducted in accordance with PSA

b. Describes auditor’s responsibilities
c. A statement that the auditor is independent and has fulfilled other ethical
requirements.
d. States whether the auditor believes that the audit evidence the auditor has obtained
is sufficient and appropriate to provide a basis for the auditor’s opinion.

MATERIAL UNCERTAINTY RELATED TO GOING CONCERN – a form of EOM. This is the case
when going concern is appropriate but a material uncertainty exists, the auditor’s report is
required to highlight the existence of such uncertainty.
KEY AUDIT MATTERS (KAM) – matter that, in the auditor’s professional judgement, were of
most significance in the audit of the FS of the current period.

Communicating KAM provides users with additional information thereby enhancing the
communicative value of the report by providing greater transparency about the audit.

Listed entities – auditor shall communicate KAM.

Matters that give rise to a modified opinion – KAM

KAM – is prohibited for a disclaimer of opinion.

OTHER INFORMATION (OI) – financial or non-financial information in an entity’s annual

report.

Annual Report – a document prepared typically on an annual basis by management or

TCWG, to provide owners with information on the entity’s operations, financial results, and
financial position as set out in the FS.

Misstatement of OI – exists when the OI is innocently stated or otherwise misleading.

Reporting Implications When Auditor’s Opinion is Modified – in case of qualified or adverse

opinion, the auditor shall consider the implications to OI.

Qualified or Adverse Opinion – may not have an impact on OI such as when modification
does not address OI.

When an auditor disclaim and opinion – it does not include a section about OI.

OTHER REPORTING RESPONSIBILITIES – in addition to responsibilities under PSAs. These

ORR shall be addressed in a separate section with a heading titled “Report on Other Legal
and Regulatory Requirements.”

Supplementary Information – information that is presented together with the FS that is not
required by the AFRF used to prepare the FS, presented either:

1. Supplementary schedules
2. Additional notes

Reporting on SI that is integral part of FS may be fulfilled by either:

1. Including in ORR
2. Issuing a separate auditor’s report
NAME OF ENGAGEMENT PARTNER AND SIGNATURE OF THE AUDITOR – shall be included
in auditor’s report for FS audits of listed entities. Auditor’s report shall be signed in the
name of the audit firm, the personal name of the auditor or both.

SEC – requires that the auditor’s report on FS filed with SEC which will likewise be filed with
the BIR shall be manually signed.

In case of auditing firm – the certifying partner shall sign his/her own signature and shall
indicate that he/she is signing for the firm.

The auditor is also required to state the:

a. CPA’s license number

b. Tax Identification Number TIN
c. Privilege Tax Receipt
d. Registration No. with the PRC/BOA
e. SEC accreditation number

AUDITOR’S ADRESS – the location where the auditor practices

MODIFIED AUDITOR’S REPORT – MODIFIED OPINION

The following sections of the report are modified if a modified opinion expressed:

1. Auditor’s Opinion
2. Basis for Opinion
3. Description of Auditor’s responsibilities, in case of disclaimer of opinion
4. Omission of KAM and OI, in case of disclaimer of opinion

BASIS FOR OPINON

Material Misstatement – auditor shall describe and quantify its financial effects

Inability to obtain SAAE – auditor shall include reason for that inability.

Qualified or Adverse Opinion – auditor shall amend the statement about whether the audit
evidence obtained is sufficient and appropriate to provide basis for the auditor’s opinion to
include the word “qualified” or “adverse”

MODIFIED AUDITOR’S REPORT – EOM AND OM

The auditor may modify the auditor’s report by drawing users’ attention to certain matters
in the report by adding EOM and/or OM, without necessarily modifying the Opinion.

EOM – emphasis of matter

OM – other matter

PLACEMENT OF EOM AND OM

The placement depends on:

1. Nature of the information

2. Relative significance of such information to intended users compared to other
auditor’s elements

COMPERRATIVE INFORMATION

It pertains to amounts and disclosures included in the financial statement in respect of one
or more periods in accordance with AFRF.

Two broad approach are:

1. Corresponding figures – amounts and disclosures for prior period included as an

integral part of current period FS and are intended to be read only in relation to
“current period figures”
2. Comparative FS - amounts and disclosures for prior period included for comparison
with the FS of the current period but if audited, are referred to in the auditor’s
opinion.

AUDIT REPORTING – CORRESPONDING FIGURES

The auditor’s opinion shall not refer to the corresponding figures because the auditor’s
opinion is on the current period FS.

CHAPTER 18

AUDITS OF A COMPLETE SET OF SPECIAL PURPOSE FS

Special Purpose FS – RS prepared in accordance with a special purpose framework designed

to meet the financial information needs of specific users.

Special Purpose Framework – FRF designed to meet the financial information needs of
specific users.

AUDITS OF SINGLE FS AND SPECIFIC ELEMENTS, ACCOUNTS, OR ITEMS OF FS

It includes audits of the related disclosures.

Auditor – may or may not be the same auditor of a complete set of FS.
Special Reporting Considerations – this exist when the same auditor is reporting both on
complete set of FS and on single FS or on a specific element of those FS.

a. Whether to publish together with the complete set of FS

b. Considering adverse opinion or disclaimer of opinion on complete set of FS

Publishing Together with the Complete Set of FS – the audited single FS or specific element
of FS may be published together with the audited complete set of FS, however, they should
be differentiated.

Adverse Opinion or Disclaimer of Opinion on Complete set of FS – the auditor shall not
include in the same auditor’s report an unmodified opinion on a single FS that forms part of
those FS or on a specific element of those FS.

Audits of a specific element – the auditor may express an unmodified opinion on that
element if:

a. Not prohibited by law or regulation

b. That opinion is expressed in an auditor’s report that is not published together with
the auditor’s report containing the adverse or disclaimer of opinion; and
c. The element does not constitute a major portion of complete set of FS

ENGAGEMENTS TO REPORT ON SUMMARY FS

Summary FS – historical financial information that is derived from FS but that contains less
detail than the FS while still providing a structure representation consistent with that
provided by the FS of the entity’s economic resources or obligations at a point in time or the
changes therein for a period of time.

Form of Opinion on Summary FS – when the auditor has concluded that an unmodified
opinion on the summary FS is appropriate, the auditor’s opinion shall use one of the
following:

1. The accompanying summary FS are consistent

2. The accompanying summary FS are a fair summary of the audited FS

Modified Opinion on the Summary FS – if the summary FS are not consistent or a fair
summary of the audited FS and management does not agree to make the necessary
changes, the auditor shall express an adverse opinion on the summary FS.

If an adverse opinion is expressed on the audited FS – the auditor shall express a denial
(adverse) of opinion on the summary of FS.

Date of Auditor’s Report on Summary FS – may be dated later than the date of auditor’s
report on audited FS. In such case, the auditor’s report on summary FS shall state that the
summary FS and audited FS do not reflect the effects of events that occurred subsequent to
date of auditor’s report on audited FS.

The auditor shall date the auditor’s report on summary FS no earlier than:

a. Date on which the auditor has obtained SAAE on which to base the opinion and
those with the recognized authority have asserted that they have taken
responsibility for them
b. Date of auditor’s report on audited FS

The auditor may become aware of facts that existed at the date of auditor’s report on
audited FS, but the auditor was unaware. The auditor shall not issue the auditor’s report on
summary FS until the auditor’s consideration of such facts in relation to audited FS.

Information in Documents Containing Summary FS – auditor shall read the information

included in a document containing the summary FS and auditor’s report and consider
whether there is material inconsistency between that information and the summary FS.

Restriction on Distribution or Use or Alerting Readers to Basis of Accounting – when the

distribution or use of auditor’s report on audited FS is restricted or the auditor’s report on
audited FS alerts the reader that the audited FS are prepared in accordance with a special
purpose framework, the auditor shall include a similar restriction or alert in the auditor’s
report on the summary FS.

Auditor Association – if the auditor becomes aware that the entity plans to state that the
auditor has reported in summary FS in a document containing the summary FS but does not
plan to include the related auditor’s report, the auditor shall request management to
include the auditor’s report in the document.

CHAPTER 19 PERFORMING REVIEW ENGAGEMENTS

Nature and Objective of Review Engagements (exhibit 19.1 pp. 460)

 MANAGEMENT (with oversight of TCWG) prepares FS for USERS.

 Auditor/Practitioner reviews (primarily inquiries and analytical procedures) the FS,
evaluates correspondence of FS to AFRF (like PFRS or PFRS for SMEs) and obtains
limited assurance that causes practitioner to believe F/S are not materially
misstated.
 Auditor then issues a report that conveys a limited assurance through negative.

Typical reasons for Review Engagements

  Comply with requirements of a bank loan or a gov’t grant
 Confirm a need for partners to invest additional capital.
 Provide users with some assurance in cases that a F/S audit is not required.
 Obtain limited assurance with regard to not significant components in a group F/S
audit.

Primary Benefit of Review Engagement

 It is less costly than an audit because it provide lower level of assurance, work,
time and effort to accomplish leading lower fees.

Overview of Conduct of Review Engagement

1) PHASE 1: PERFORM PRELIMINARY ENGAGEMENTS ACTIVITIES

2) PHASE 2: PLAN THE ENGAGEMENT
3) PHASE 3: PERFORM THE PLANNED PROCEDURES
4) PHASE 4: FORM CONCLUSION AND REPORT CONTENT

PHASE 1: PERFORM PRELIMINARY ENGAGEMENTS ACTIVITIES

Practitioner determines the acceptability of a review engagement and agree the

terms of the engagement with the client. In order to determine the engagement
acceptability we need to consider the:

 Competence, capabilities, time and resources

 Compliance with relevant ethical requirements including independence
 A rational purpose and appropriateness of engagement
 Determine the integrity of management
Before the work commences the practitioner obtains a signed engagement letter. He
will not accept the engagement if management or TCWG imposes a limitation on the
scope of engagement that will result in disclaimer of conclusion.

PHASE 2: PLAN THE ENGAGEMENT

Practitioner determines materiality, obtains understanding of the client and

designs the review procedures.

 Determine the general materiality and apply it in designing procedures and

evaluating results.
 Obtain understanding of the entity and its environment and AFRF.
  Address in the planned procedures all material items in the F/S including
disclosures, F/S areas where misstatements are likely to arise and specified areas
such as related party transactions etc.

PHASE 3: PERFORM THE PLANNED PROCEDURES

Practitioner shall perform the following planned procedures to obtain sufficient

appropriate evidence:

 Make inquiries of management and others within the entity involved in financial
and accounting matters
 Apply analytical procedures
 Perform additional procedures to either confirm or dispel any matter which may
causeF/S material misstatement.
Practitioner may also decide to perform at interim review the audit procedures in
relation to audit of annual F/S.

PHASE 4: FORM CONCLUSION AND REPORT CONTENT

Practitioner shall perform at the end of review engagement, evaluation of

identified misstatements and also the sufficiency and appropriateness of evidence,
communicate the findings with management and TCWG and lastly form a conclusion and
report content.

Exhibit 19.4 p.465

NATURE OF MATTER EFFECT ON THE F/S

Material but Not Pervasive Material and Pervasive
F/S materially misstated Qualified Conclusion Adverse Conclusion
Inability to obtain evidence Qualified Conclusion Disclaimer of Conclusion

WORDINGS OF CONCLUSION

UNMODIFIED CONCLUSION = Based on our review, nothing has come to our attention that
causes us to believe that F/S are not presented fairly.. (wala na nako gi apil kay taas)

QUALIFIED CONCLUSION-DUE TO MATERIAL MISSTATEMENT = Based on our review, except

for the effects of the matters described in the Basis for Qualified Conclusion paragraph,
nothing has come to our attention…
QUALIFIED CONCLUSION-DUE TO INABILITY TO OBTAIN NECESSARY EVIDENCE = Based on
our review, except for the effects of the matters described in the Basis for Qualified
Conclusion paragraph, nothing has come to our attention…

ADVERSE CONCLUSION = Based on our review, due to the significance of the matters
described in the Adverse Conclusion paragraph, the fs do not present fairly…

DISCLAIMER OF CONCLUSION = Due to the significance of the matters described in the

Disclaimer of Conclusion paragraph, we were unable to obtain sufficient appropriate
evidence to form a conclusion on the fs…

THE PRACTITIONER’S REVIEW REPORT SHALL BE IN WRITING.

THE PRACTITIONER’S REVIEW REPORT MAY BE MODIFIED BY INCLUDING EOM AND OM

PARAGRAPHS OR BY MODIFYING THE PRACTITIONER’S CONCLUSION.

CHAPTER 20 PERFORMING OTHER ASSURANCE ENGAGEMENTS

PROCESS OF PERFORMING OTHER ASSURANCE ENGAGEMENT

PHASE 1: PERFORM PRELIMINARY ENGAGEMENTS ACTIVITIES

Practitioner determines whether the engagement is acceptable by determining (1)

compliance with ethical requirements including independence, (2) practitioner’s
competence and capability and (3) integrity of client.

PHASE 2: PLANNING THE ENGAGEMENT

Practitioner obtains a sufficient understanding of the engagement. It provides the

practitioner with a frame of reference for exercising professional judgment.

PHASE 3: PERFORM THE PLANNED PROCEDURES

Practitioner performs procedures (such as professional judgment and scepticism)
to obtain sufficient and appropriate evidence on which to base the conclusion.

PHASE 4: FORM CONCLUSION AND REPORT CONTENT

Practitioner concludes whether the assurance objective has been meet based on
the evidence obtained. Practitioner’s conclusion based on the type of assurance
engagement:
1) As to structure:
a. Attestation engagement (assertion based) – either in terms of responsible
party’s assertion or directly in terms of subject matter and criteria.
b. Direct reporting engagement – directly in terms of subject matter and
criteria
 2) As to level of assurance:
a. Reasonable assurance engagement – positive form
b. Limited assurance engagement – negative form
The conclusion above are examples of unmodified conclusion.
EXAMINATION OF PROSPECTIVE FINANCIAL INFORMATION
Prospective Financial Info means financial information based on assumptions about
events that may occur in the future and possible actions by entity.
 Highly subjective in nature and preparation requires considerable judgment.
 Can be a (1) forecast (2) a projection or (3) combination of both

Forecast – prepared on the basis of assumptions as to future events which management

expects to take place.

Projection – prepared on the basis of (a) hypothetical assumptions about future events
and management actions which are not necessarily expected to take place or (b) mixture
of best-estimate and hypothetical assumptions.

Management is responsible for preparation and presentation of the prospective financial

information.

ENGAGEMENT OBJECTIVES AND REPORT

Auditor should:
a. Obtain sufficient appropriate evidence as to whether management best-estimate
assumptions are not reasonable and hypothetical assumptions are consistent with
purpose of the info.
b. Report on the reasonableness of management’s assumptions to which the auditor
provides only limited level of assurance.

REPORTING ON THE COMPILATION OF PRO FORMA FINANCIAL INFO

Purpose of it is solely to illustrate the impact of a significant event or transaction
on the unadjusted financial info as if the event had occurred or the transaction had been
undertaken at an earlier date.

Prospectus is a document issued pursuant to legal or regulatory requirements relating to

the entity’s securities.

ASSURANCE REPORTS ON CONTROLS AT A SERVICE ORGANIZATION

This deals with assurance engagements undertaken by a practitioner to provide a
report for use by entities and their auditors on internal controls at a service org. Service
Auditor’s opinion on the type 1 or type 2 report is expressed in the positive form.

OTHER SPECIFIC SUBJECT MATTER ASSURANCE ENGAGEMENTS

 1) LETTERS FOR UNDERWRITER (aka COMFORT LETTERS)
- Underwriters generally ask the entity’s auditor to provide “comfort” on the
financial information included in the prospectus not covered by the auditor’s
report so that they can make appropriate decision.
- Auditors provide positive assurance that they are independent and that their
audit followed the standards. They provide negative assurance on unaudited
condensed and summarized interim information.
2) MANAGEMENT DISCUSSION AND ANALYSIS (MD&A)
- Provides an overview of the previous year’s operations and the upcoming year
outlining future goals.
3) TRUST SERVICES
- Two types of trust services that present practitioners offer:
a) WEBTRUST – provides assurance on electronic commerce (including
websites)
b) SYSTRUST – provides assurance on any defined electronic system.

CHAPTER 21
AGREED-UPON PROCEDURES (AUP) ENGAGEMENTS – involves the auditor performing
certain audit procedures concerning individual items of financial data, a FS or a complete set
of FS, operation of particular financial reporting processes and controls, or specifically, on
application for increase in capital.

ENGAGEMENT OBJECTIVE

 the objective of an AUP or Agreed Upon Procedure if for the auditor to carry out
procedures of an audit nature to which the auditor and the entity and any
appropriate third parties have agreed and to report on factual findings. It is a form
of third-party verification.
 No assurance is expressed. The users of the report assess for themselves the agreed
procedures and auditor’s findings and draw their own conclusion therefrom.
PROCESS OF PERFORMING AN AUP ENGAGEMENT

The practitioner shall conduct an AUP engagement in accordance with Philippine Standard
on Related Services (PSRS) 4400.

PHASE 1 – Process of performing an AUP engagement

In this phase, the auditor determines the acceptability of the engagement and agrees on the
terms of engagement. The practitioner considers:

1. Compliance with ethical requirements

The Ethical Principles are:

a. Integrity
 b. Objectivity
c. Professional competence and due car
d. Confidentiality
e. Professional behaviour
f. Technical standards

2. Appropriateness of AUP engagement – the auditor must first determine the nature
of the engagement so that the appropriate service is provided.
Terms of Engagement (Agreed Upon) – the auditor should ensure with representatives of
the entity and other specified parties who will receive copies of the report of factual findings
that there is a clear understanding regarding the agreed procedures and the conditions of
the engagement.

Engagement Letter (Agreed Upon) - confirms the auditor’s acceptance of the appointment
and helps avoid misunderstanding regarding such matters as the engagement objectives and
scope, the extent of the auditor’s responsibilities and the form of reports to be issued.

PHASE 2 – Planning the Engagement

The auditor should plan the work so that an effective engagement will be performed.

PHASE 3 – Performing Planned Procedures

The auditor should carry out the procedures (of audit nature) agreed upon and use the
evidence obtained as the basis for the report of factual findings. The procedures applied in
an AUP may include:

a. Inquiry and analysis

b. Re-computation
c. Comparison
d. And other clerical accuracy checks, observation, inspection and obtaining
confirmations.
PHASE 4 – Reporting the Factual Findings

The report on an agreed-upon procedures engagement needs to describe the purpose and
the agreed-upon procedures of the engagement in sufficient detail to enable the reader to
understand the nature and the extent of the work performed.

The report of factual findings should contain: (gamay ra, for more refer page 498-499)

a. Title
b. Addressee
c. Identification of specific information subject of agreed-upon procedures
d. A statement that the procedures performed were those agreed upon;
e. A statement that the engagement was performed in accordance with PSRS 4400
COMPILATIONS ENGAGEMENTS – typically includes the preparation of FS however, it may
also include the collection, classification, and summarization of other financial information.
It is often requested to utilize the skills and expertise of a practitioner when:

1. An entity does not have a dedicated accountant

2. There are no external users of the FS as in the case of micro-entities
3. An entity simply wants to utilize an outside expert to prepare and present its
financial information.
The Professional Board of Accountancy through its Resolution 3-2016, as amended by
Resolution 68-2016, requires organizations and persons which/who:

1. Are required to submit annual statutory FS to the BIR and/or SEC

2. Have an annual gross sales/receipt/revenue of P10 Million and over, must have their
FS prepared by a CPA who will have to submit the “Certificate on the Compilation
Service for the Preparation of the Financial Statements and the Notes to the
Financial Statements.”
OBJECTIVE OF A COMPILCATION ENGAGEMENT – for the accountant to use the accounting
expertise, as opposed to auditing expertise, to collect, classify and summarize financial
information.

This ordinarily entails reducing detailed data to a manageable and understandable form
without a requirement to test the assertions underlying that information. The procedures
employed are not designed and do not enable the practitioner to express any assurance on
the financial information.

PROCESS OF PERFORMING A COMPILATION ENGAGEMENT

The practitioner shall conduct the engagement in accordance with Philippine Standards on
Related Services (PSRS). This standard requires practitioners to exercise professional
judgement in conducting the engagement.

PHASE 1 – Performing Preliminary Engagement Activities

The practitioner determines the acceptability of the engagement and agrees on the terms of
the engagement. The practitioner considers:

1. Compliance with ethical requirements

a. Integrity
b. Objectivity
c. Professional competence and due care
d. Confidentiality
e. Professional behaviour
Independence is not a requirement for a compilation engagement being a non-assurance
engagement.
 1. Appropriateness of Engagement - the auditor must first determine the nature of the
engagement so that the appropriate service is provided.
Terms of engagement (Compilation) – the practitioner has determined that the compilation
engagement is acceptable, the practitioner shall record the agreed terms of the engagement
in an engagement letter or other written agreement, prior to performing the engagement.

Engagement letter (Compilation) – will be of assistance in planning the compilation work. It

confirms the accountant’s acceptance of the appointment and helps avoid
misunderstanding regarding such matters as the engagement objectives and scope, the
extent of the accountant’s responsibilities and the form of report to be issued.

PHASE 2 – Planning the Engagement

The practitioner shall plan the engagement so that it will be performed effectively.

The practitioner shall obtain an understanding of the following matters sufficient to be able
to perform the compilation engagement:

1. The entity’s business and operations, including the entity’s accounting system and
accounting records
2. The AFRF, including its application in the entity’s industry.
This understanding provides a frame of reference within which the practitioner exercises
professional judgement in conducting the compilation engagement.

In planning engagement, the practitioner shall consider materiality.

PSRS 4410, does not specifically prescribe compilation engagement procedures.

PHASE 3 – Performing Planned Procedures

The practitioner shall compile the financial information using the records, documents,
explanations and other information, including significant judgements, provided by
management.

PHASE 4 – Reporting on the compiled FS

The last step in performing a compilation engagement is to form an appropriately worded

report.

An important purpose of the practitioners report is to clearly communicate the nature of

the compilation engagement and the practitioner’s role and responsibilities in the
engagement. The practitioner’s report is not a vehicle to express an opinion or conclusion
on the financial information in any form.

The practitioner’s report issued for the compilation engagement shall be in writing, and shall
include the following elements: (gamay ra, for more refer page 505)
a. The report title
b. The addressee
c. A statement that the practitioner has compiled the financial information based on
information provided by management
d. A description of the responsibilities of management, or TCWG as appropriate;
e. Identification of the AFRF;