Scribd Logo
Upload

Welcome to Scribd!

  • Chapter 2 PHASE I Risk Assessment Preliminary Engagement Activities

    Uploaded by

    Roselyn Igarta
    606 views14 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    606 views14 pages

    Chapter 2 PHASE I Risk Assessment Preliminary Engagement Activities

    Uploaded by

    Roselyn Igarta

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    of 14
    7 TNT APPLICATION OF THE RISK-BASED AUDIT PROCESS PHASE I - RISK ASSESSMENT Chapter 2 Phase | — Risk Assessment : Preliminary Engagement Activities 3 Phase I — Risk Assessment: Planning the Audit and Development of Overall Audit Strategy 4 Phase | — Risk Assessment: Performance of Risk Assessment Procedures Scanned with CamScanner Chapter PHASE I - RISK ASSESSMENT: PRELIMINARY ENGAGEMENT ACTIVITIES Expected Learning Outcomes ‘After studying the chapter, you should be able to: 1. Describe the activities involved in new client acceptance and continuance decision. 2. Understand the Quality Control Policies Relative to Client Selection and Retention. 3. Know the Process to accept or continue with an Audit Engagement. 4. Explain the preconditions for an audit. 5. Know how to document the agreed terms of engagement. QBS Scanned with CamScanner CHAPTER 2 PHASE I - RISK ASSESSMENT: PRELIMINARY ENGAGEMENT ACTIVITIES CLIENT ACCEPTANCE AND CONTINUANCE DECISION Introduction One of the most important decisions that an audit firm can make is determining what engagements to accept or which client relationships to retain. A poor decision can lead to unbillable time, unpaid fees additional stress on partners and staff, potential lawsuits and worst of all, loss of reputation. Even though obtaining and retaining clients is not easy in a competitive profession such as public accounting, a CPA firm must use care in deciding which clients are acceptable. The firm’s legal and professional responsibilities are such that clients whio lack integrity or argue constantly about’ the Proper conduct of the audit and fees can cause more problems than they are worth. Some. CPA firms now refuse clients in certain’ high-risk industries, such as savings and loans, health, and casualty insurance companies, and may even discontinue auditing existing clients in those industries, New Client Investigation Before accepting a new client, most CPA firms investigate the company to determine its acceptability. To extent possible, the prospective client’s standing in the business community, financial stability, and relations with its previous CPA firm should be evaluated. For example, many CPA firms use considerable caution in accepting new clients in newly formed, rapidly growing businesses. Many of these businesses fail financially and expose the CPA firm to significant Potential liability. For prospective clients that have Previously been audited by another CPA firm, the new (successor) auditor should endeavor to communicate with the Predecessor auditor. The Purpose of the requirement is to help the successor auditor evaluate whether to accept the engagement. The communication may, for example, inform the successor auditor that the client lacks integrity or that there have been disputes over accounting principles, audit procedures, or fees. oo Scanned with CamScanner Phase I~ Risk Assessment: Preliminary Engagement Activities _25 Even when a prospective client has been audited by another CPA firm, other investigations are often made. Sources of eae include local attorneys, ‘other CPAs, banks, and other businesses. In some cases, the auditor may hire a professional investigator to obtain information about the reputation and background of the key members of management. More extensive investigation is appropriate when there has been no previous auditor, when a predecessor auditor will not provide the desired information, or if any indication of problems arises ” from the communication. Many practitioners take advantage of the Internet as a search tools to learn more about the potential new client and its key operations,by studying available client — sites and by using search engines for other sites that discuss the potential client. Continuing Clients Many CPA firms evaluate existing clients annually to determine whether there are reasons for not continuing to do the audit previous conflicts over such things as the appropriate scope of the audit, the type of opinion to issue, or fees may cause the auditor to discontinue association® The auditor may also determine that the client lacks integrity and therefore should no longer bea client21f the client files a lawsuit against a CPA firm or vice, versa, the firm cannot do the audit. similarly, if there are unpaid fees for services performed-more than | year previously, the CPA firm cannot do the current year audit’ To do an audit in either of these circumstances violates the Code of Ethics for Professional Conduct rules on independence. Even if none of the previously discussed conditions exists, the CPA firm may {decide not to continue doing audits for a client because of excessive risk. For example, a CPA firm might decide that there is considerable risk of regulatory conflict between a governmental agency and a client, which could result in financial failure of the client and ultimately lawsuits against the CPA firm. Even if the engagement is profitable, the risk may exceed the short-term benefits of doing the audit. Investigation of new clients and reevaluation of existing ones is an essential part of deciding acceptable audit risk. Assume a potential client in a reasonably risky industry, where management has & reputation of integrity, but is also known to take aggressive financial risks. If the CPA firm decides that acceptable audit risk is extremely low, it may choose not to accept the engagement. If the CPA firm concludes that acceptable audit risk is low but the client is still acceptable, it is Scanned with CamScanner aCe eee R aaits with a lo le audit ient: Au bl likely to affect the fee proposed to the client. Aue a po vaflected fa risk will normally result in higher audit costs, which shoul igher audit fees. QUALITY CONTROL POLICIES RELATIVE T! AND RETENTION 0 CLIENT SELECTION ‘A. The firm shall implement policies and procedures for the acceptance and continuance of client relationships and specific oe sated to provide the firm with reasonable assurance that it wa only. lertake or continue relationship s and engagements where the firm: rm the engagement and has the capabilities, a) Is competent to perfo including time and resources to do so; b) Cam comply with relevant ethical requirements; and of the client, and does not: have c) Has considered the integrity 7 information that would lead it to conclude that the client lacks integrity.. The auditor shall be satisfied that appropriate procedures regarding the acceptance and continuance of client relationships and audit engagements have been followed, and shall determine that the conclusions reached in this regard are appropriate. B. If the auditor obtains information that would have caused the firm to decline the audit engagement has that information been available earlier, the engagement partner shall communicate that information promptly to the firm, so that the firm and the engagement partner can take the necessary action. C. The auditor shall undertake the following activities prior to starting a0 initial audit: a) Performing procedures regarding the acceptance of the client relationship and the specific audit engagement; and b) Communicating with the predecessor auditor, where there has been # change of auditors, in compliance with relevant ethical requirements. =| Scanned with CamScanner Phase I~ Ri hase I~ Risk Assessment: Preliminary Engagement Activities _27 D.. Strict client acceptance / continuance guidelines shoyld be established to screen out the following: oan ve are in financial and/or organizational difficulty — For ple, clients that could go bankrupt or clients with poor internal accounting controls and sloppy records Clients that constitute a disproportionate percentage of the firm's total. practice — Clients may attempt to idence the ae into allowing unacceptable accounting practices or. issuing inappropriate opinions. © Disreputable clients — External audit firms cannot afford to have their good reputation tamished by serving a disreputable client or by associating with a clear that has disreputable management. © Clients that offer an unreasonably low free for the auditor's services — In response, the auditor may attempt to cut corners imprudently or lose money on the engagement. Conversely, auditors may bid for audits at unreasonably low prices. PROCESS TO ACCEPT OR CONTINUE WITH AN AUDIT ENGAGEMENT Determine the nature of the engagement and whether it can be undertaken in accordance with the firm’s policy. Then address the following questions, and document the findings and conclusions. : L. Are the engagement risks acceptable to the firm? 1 2. What are the values (“tone at the top”) and future goals of the entity? How competent are the entity’s senior management and staff? 3. Has the firm conducted an Internet search and had discussions with firm personnel and other third parties (such as bankers) to. identify any reasons why the firm should not accept the engagement? Are there difficult or, time-consuming issues to address (accounting policies, estimates, compliance with legislation, etc.) |. What changes have taken place this period that will impact the engagement (business trends and initiatives, personnel changes, financial reporting, IT systems, purchase / sale of assets, regulations, etc.)? Is there a high level of public scrunity and media interest? Scanned with CamScanner 28 Chapter 2 7. Is the entity in good financial health and does the firm’s professional fees? / oo ; 8. Will the entity provide help to firm in Soe ata and preparing schedules, analysis of balances, providing ' sy he firm communicated with the Predecessor reasons: for not accepting the it have the ability to Pay 9. For new engagements, has t! auditor to determine if there are any engagement? i red? II. Does the firm have the competence, resources, and time required? ‘What is the nature and scope of the audit? ‘What accounting framework will be used? How will the auditor’s report and financial statements be used? ‘What is the deadline (if any) for completing the audit? Does the firm have sufficient personnel with the necessary competence and capabilities? 6. Do the selected firm personnel have: - _ Knowledge of relevant industries or subject matters, 4. WO - _ Experience with relevant regulatory or reporting requirements, or - Ability to gain the necessary skills and knowledge effectively? 7. Are experts available, if needed? 8.. Where applicable, are there quilified persons available to perform the engagement quality control review? 9. Can the firm and the available staff (in light of timing requirements for other clients) complete the engagement within the reporting deadline? An external audit firm should not undertake an engagement that itis not qualified to handle. Doing so is especially important for smaller, growing firms that may be tempted to agree to conduct an audit for which they are not qualified or not large enough to perform. Statistics show that firms covered by a professional liability insurance plan ‘that are most susceptible to Iitigation are those with staffs of eleven to twenty-five auditors. They appear 8 to low audit quality and exposure to subsequent litigation. Scanned with CamScanner Phase I - Ris ase I~ Risk Assessment: Preliminary Engagement Activities - 29 UIs the firm / staff independent and free from conflict? i. Can the firm and the en, onan a yement Ftependeney rene cneagement team comply with thicl and Where conflicts of interest, lack of i been identified: st, lack of independence, or other threats have Has appropriate action been taken to eliminate those threats or reduce them to an acceptable level by applying safeguards, or Have steps been taken to withdraw from the engagement? If the entity being audited is a component of a larger group, the group engagement team may request certain work to be performed on the financial information of the component. In such cases, the group engagement would first obtain an understanding of the following: - Whether the component auditor understands and will comply with the ethical (including independence) requirements that are relevant to the group audit, = The component auditor’s professional competence, - Whether the group engagement team will be able to be involved in the work of the component auditor to the extent necessary to obtain sufficient appropriate audit evidence, and - Whether the component auditor operates in regulatory environment that actively oversees auditors. IV. Can the client be trusted? 1. Is there any reason (or recent event) that casts doubt on the integrity of the principal owners, senior management, and those charged with government of the entity? Consider the entity’s operations, including business practices, the business’ reputation, and history of any ethical or regulatory infringements. 2. Are there any indications that the entity might be involved in money laundering or other criminal activities? 3. What is the identity and business reputation of related parties? 4. Does management have a poor attitude toward internal control and an aggressive attitude toward interpretation of accounting standards? Consider corporate culture, organizational structure, risk tolerance, complexity of transactions, etc. Scanned with CamScanner 30 | Chapter 2 To ensure that the information obtained from the or 2 forint, consid, what third-party information could be obtained to i =e CY ASPECts of i risk assessment. This simp! ld avert pro! A ater on. Examples include information from s previous financial statemens income tax returns, credit reports, and possibly (after receiving permission from the prospective client) discussion with key advisors such as banker, etc. 7 le step CO ources such as ing information on a prospective ies and collecti aware of: Before contracting third parti client, take steps to ensure that all partners and staff are © The firm’s policies to protect confidential information maintained on clients; ‘© Requirements of any privacy legislation; and «Requirements ofthe applicable code of ethics. Figure 2-1 shows a sample questionnaire that could be used in assessing client acceptance / continuance. Figure 2-1 Ilustrative Questionnaire That Could Be Used in Assessing Client Acceptance / Continuance (Partial) Client: CYZ Company Yes [ No | Comments Have the audit preconditions been met? Have the acceptance / continuance requirements in the firm's quality control manual been followed? ‘Any change in the terms of Teference or requirements for the audit engagement? ‘Any independence issues or conflicts of interest? Consider: family / personal relationships with key client people, non-audit services such as accounting, financial interest, and other business relationships. fal ‘Any circumstances that would cast doubt on the integrit clients owners? Consider convictions, spec be proceedings/sanctions, suspicion or confirmation of illegal acts or fraud, police investigations, and any negative publicity. dl Scanned with CamScanner Phase I Risk Assessment: Preliminary Engagement Activities 31 Does the firm have the capacity in time, competencies, and: resources to complete the enga ement i accords wi professional and firm standards? : a ne ‘Are there any issues identified in previous audits and other engagements for this entity that need to be addressed? ‘Are there any new circumstances that increase our | engagement risk? Can the client continue to pay our fees? Conclusion: Overall assessment of engagement risk (Low, Moderate or High) We should client. (Chats Garcia Santos & Associates, CPAs *accept/ decline * continue with / discontinue with PRECONDITIONS FOR AN AUDIT In order to establish whether the preconditions for an audit are present, the auditor shall: 2) Determine whether the financial reporting framework to be applied in the preparation of the financial statements is acceptable; and b) Obtain the agreement of management that it acknowledges and understand its responsibility: (i) For the preparation of the financial statements in accordance with the practicable financial reporting framework, including where relevant their presentation; | (ii) For such intemal control as management determines is necessary to enable the presentation of ‘financial statements that are free from tmaterial misstatement, whether due to fraud or error; and Scanned with CamScanner 32_Chapter 2 (ii) To provide the auditor with: ; : © Access to all information of which management is aware that jg relevant to the preparation of the financial statements such a. records, documentation and other matter; Additional information that the ah May request frojy management for the purpose of the audit; an © Unrestricted access to persons within the entity from whom the auditor determines is necessary to obtain audit evidence. Where management does not acknowledge its responsibilities or agree to provide the written representations, the auditor will not be able to obtain sufficient appropriate audit evidence. In such circumstances, or where the financial reporting framework is not acceptable, the auditor is required by PSA to decline the engagement unless required by law or regulation. Likewise, the auditor should determine whether management or those charged with governance imposes any type of limitation on the scope of the audit. This could include unrealistic deadlines, not accepting certain firm’s staff to perform the work, and denial of access to a facility, key personnel, or relevant documents, If such a limitation would result in a disclaimer of opinion, the firm would decline the engagement, unless the firm is required by law or regulation to proceed with the engagement. AGREEING THE TERMS OF ENGAGEMENT Engagement Letter A clear understanding of the terms of the engagement should exist between the client and the CPA firm. PSA requires that auditors must document theit understanding of an engagement in the working papers, including the engagements objectives the responsibilities ofthe auditor and management, and the engagement’s limitations. This is typically done with an engagement letter. The engagement letter is an agreement between the Ci oo the conduct ofthe audit and related services.” FS firm and the clie The engagement letter states the scope of the work to be done on the audit so thet there should be no doubt in the mind of the cli : lent, external auditor, or the cout system as to the expectations agreed to by the external auditor and the client. Scanned with CamScanner we Phase I~ Risk Assessment: Preliminary Engagement Activities 33. The agreed terms of the audit engagement shall be recorded in an audit engagement letter or other suitable form of written agreement apd shall include: a) The objective accounting framework, and the form of auditor’s report resulting from scope of the audit of the financial statements; Identification of the applicable financial reporting framework for the preparation of the financial statements; ¢) Reference to the expected form and content of any reports to ued by the auditor and a statement that there may be circumstances in which a report may differ from its expected form and content; d) The responsibilities of the auditor; e) The responsibilities of management; and f) Arrangements on how the audit will be conducted, involvement of other auditors and experts, if any, dispute resolution, obligation and the basis on the computation of fees and billing. b) The client should confirm the:terms of the engagement by acknowledging receipt of the engagement letter. Figure 2-2 presents a sample engagement letter. If the terms of the audit engagement are changed, the auditor and management shall agree on and record the new terms of the engagement in an engagement letter or other suitable form of written agreement.

    You might also like