Professional Documents
Culture Documents
Auditor’ Responsibility
The fair presentation of the financial statements in accordance with the applicable
financial reporting standards is the responsibility of the client’s management. The
auditor’s responsibility is to design the audit to provide reasonable assurance of
detecting material misstatements in the financial statements. These
misstatements may emanate from:
1. Error
2. Fraud, and
3. Noncompliance with laws and regulations
Error
The term “error” refers to unintentional misstatements in the financial statements
including the omission of an amount or a disclosure, such as:
Mathematical or clerical mistakes in the underlying records and accounting
data
An incorrect accounting estimate arising from oversight or misinterpretation
of facts
Mistake in the application of accounting policies
Fraud
Fraud refers to intentional act by one or more individuals among management,
those charged with governance, employees, or third parties, involving the use of
deception to obtain an unjust or illegal advantage. Although fraud is a broad legal
concept, the auditor is primarily concerned with fraudulent acts that cause a
material misstatement in the financial statements.
Types of fraud
1. Fraudulent financial reporting – involves intentional misstatements or
omissions of amounts or disclosure in the financial statements to deceive
financial statement users. This type of fraud is also known as management
fraud because it usually involves members of management or those charged
with governance. This may involve
Manipulation, falsification or alteration of records or documents
Misrepresentation in or intentional omission of the effects of
transactions from records or documents
Recording of transactions without substance
Intentional misapplications of accounting policies
The primary factor that distinguishes fraud from error is whether the underlying
cause of misstatement in the financial statements is intentional or unintentional.
Consequently, the auditor’s responsibility for the detection of fraud and error is
essentially the same.
Universidad de Manila
Atty. Maria Milagros R Lisaca BSA 31
Sources: Salosagcol, Auditing Theory / Cabrera, Auditing & Assurance Services
Auditor’s responsibility
Although the annual audit of financial statements may act as deterrent to fraud and
error, the auditor is not and cannot be held responsible for the prevention of fraud
and error. The auditor’s responsibility is to design the audit to obtain reasonable
assurance that the financial statements are free from material misstatements,
whether caused by error or fraud.
Planning Phase
1. When planning an audit, the auditor should make inquiries of
management about the possibility of misstatements due to fraud and
error. Such inquiries may include:
o Management’s assessment of risks due to fraud
o Controls established to address the risks
o Any material error or fraud that has affected the entity or
suspected fraud that the entity is investigating
The auditor should also inquire of those individual in charge of
governance to seek their views on the adequacy of accounting and
internal control systems in place, the risk of fraud and error, and the
integrity of management.
2. The auditor should assess the risk that fraud or error may cause the
financial statements to contain material misstatements. PSA 240 requires
the auditor to specifically “assess the risk of material misstatements due
to fraud and consider that assessment in designing the audit procedures
to be performed.” The fact that fraud is usually concealed can make it
very difficult to detect. Nevertheless, using auditor’s knowledge of the
business, the auditor may identify events or conditions that provide an
opportunity, a motive, or a means to commit fraud, or indicate that fraud
may already have occurred. Such events or conditions are referred to as
“fraud risk factors”.
Judgments about the increased risk of material misstatements due to
fraud may influence the auditor’s professional judgments in the following
ways:
o The auditor may approach the audit with a heightened level of
professional skepticism
o The auditor’s ability to assess control risk at less than high level
may be reduced and the auditor should be sensitive to the ability of
the management to override controls.
o The audit team may be selected in ways that ensure that the
knowledge, skill and ability of personnel assigned significant
responsibilities are commensurate with the auditor’s assessment of
risk.
o The auditor may decide to consider management selection and
application of significant accounting policies, particularly those
related to income determination and asset valuation.
Universidad de Manila
Atty. Maria Milagros R Lisaca BSA 31
Sources: Salosagcol, Auditing Theory / Cabrera, Auditing & Assurance Services
Testing Phase
3. During the course of the audit, the auditor may encounter circumstances
that may indicate the possibility of fraud or error. For ex.: discrepancies
in the accounting records, missing documents, lack of cooperation from
management
Completion Phase
5. The auditor should obtain a written representation from the client’s
management that:
o It acknowledges its responsibility for the implementation and
operations of accounting and internal control systems that are
designed to prevent and detect fraud and error,
o It believes the effects of those uncorrected financial statement
misstatements aggregated by the auditor during the audit are
immaterial, both individually and in the aggregate, to the financial
statements taken as a whole.
o It has disclosed to the auditor all significant facts relating to any
frauds or suspected frauds known to management that may have
affected the entity; and
o It has disclosed to the auditor the results of its assessment of the
risk that the financial statements may be materially misstated as a
result of the fraud.
Management responsibility
It is management’s responsibility to ensure that the entity’s operations are
conducted in accordance with laws and regulations. The responsibility for the
prevention and detection of noncompliance rests with management. (PSA250)
The following policies and procedures, among others, may assist management in
discharging its responsibilities for the prevention and detection of noncompliance:
Monitoring legal requirements and ensuring that operating procedures are
designed to meet these requirements
Instituting and operating appropriate systems of internal control
Developing, publicizing and following a Code of Conduct
Ensuring employees are properly trained and understand the code of conduct
Monitoring compliance with the Code of Conduct and acting appropriately to
discipline employees who fail to comply with it
Engaging legal advisors to assist in monitoring legal requirement
Maintaining a register of significant laws with which the entity has to comply
within its particular industry and a record of complaints.
Auditor’s responsibility
The auditor should recognize that noncompliance by the entity with laws and
regulations may materially affect the financial statements.
Planning Phase
1. In order to plan the audit, the auditor should obtain a general
understanding of the legal and regulatory framework applicable to the
entity and the industry and how the entity is complying with that
framework.
To obtain the general understanding of the laws and regulations, the
auditor would ordinarily:
o Use the existing knowledge of the entity’s industry and business
o Inquire of management concerning the entity’s policies and
procedures regarding compliance with laws and regulations
o Inquire of management as to the laws and regulations that may be
expected to have a fundamental effect on the operations of the
entity
o Discuss with management the policies or procedures adopted for
identifying, evaluating, and accounting for litigation claims and
assessments
o Discuss the legal and regulatory framework with auditors of
subsidiaries in other countries (for example, if the subsidiary is
required to adhere to the securities regulations of the parent
company)
Universidad de Manila
Atty. Maria Milagros R Lisaca BSA 31
Sources: Salosagcol, Auditing Theory / Cabrera, Auditing & Assurance Services
Testing phase
4. When the auditor becomes aware of information concerning a possible
instance of noncompliance, the auditor should obtain an understanding of
the nature of the act and the circumstance in which it has occurred, and
sufficient other information to evaluate the possible effect on the financial
statements. When evaluating the possible effect on the financial
statements, the auditor considers:
o The potential financial consequences, such as fines, penalties,
damages, threat of expropriation of assets, enforced
discontinuation of operations and litigation
o Whether the potential financial consequences require disclosure
o Whether the potential financial consequences are so serious as to
call into question the fair presentation given by the financial
statements
Completion phase
6. The auditor should obtain written representations that management has
disclosed to the auditor all known actual or possible noncompliance with
laws and regulations that could materially affect the financial statements.
An audit is subject to the unavoidable risk that some material misstatements in the
financial statements will not be detected, even though the audit is properly planned
and performed in accordance with PSAs. This risk is higher with regard to material
misstatements resulting from noncompliance with laws and regulations because:
There are many laws and regulations relating principally to the operating
aspects of the entity that typically do not have a material effect on the
financial statements and are not captured by the accounting and internal
control systems. Auditors are primarily concerned with the noncompliance
that will have a direct and material effect in the financial statements.
Universidad de Manila
Atty. Maria Milagros R Lisaca BSA 31
Sources: Salosagcol, Auditing Theory / Cabrera, Auditing & Assurance Services
Audit opinion
FS – financial statements
A. Assertions about classes of transactions and events for the period under
audit
Occurrence – transactions and events that have been recorded have
occurred and pertain to the entity
Completeness – all transactions and event that should have been
recorded have been recorded
Accuracy – amounts and other data relating to recorded transactions
and events have been recorded appropriately
Cut off – transactions and events have been recorded in the correct
accounting period
Classification – transactions and events have been recorded in the
proper accounts
Audit Procedures
The auditor should use assertions for classes of transactions, account balances, and
presentation and disclosures in sufficient detail to form a basis for the assessment
of risks of material misstatement and the design and performance of further audit
procedures.
Some of the audit procedures used by the auditor to gather sufficient appropriate
evidence include:
Inspection – involves examining of records, documents or tangible assets
Observation – consists of looking at a process or procedure being performed
by others
Inquiry – consists of seeking information from knowledgeable persons inside
or outside the entity
Confirmation – consist of the response to an inquiry to corroborate
information contained in the accounting records
Computation – consists of checking the arithmetical accuracy of source
documents and accounting records or performing independent calculations
Analytical procedure – consists of analysis of significant ratios and trends
including the resulting investigation of fluctuations and relationships that are
inconsistent with other relevant information or deviate from predicted
amounts
Evidence
Audit procedures are the means used by the auditor to obtain sufficient appropriate
evidence. Audit evidence refers to the information obtained by the auditor in
arriving at the conclusions on which the audit opinion is based. Audit evidence will
comprise source documents and accounting records underlying the financial
statements and corroborating information from other sources. At the conclusion of
the audit, the auditor should carefully evaluate the audit evidence obtained in order
to come up with an appropriate opinion.
Accepting an engagement
The first step in the audit process is to make a decision of whether to accept or
reject an audit engagement. This process would require evaluation of the auditor’s
qualification as well as the auditability of the prospective client’s financial
statements. The procedures performed at this stage of the audit are referred to in
PSA 300 as “preliminary planning activities”. These procedures involve:
a. Performing procedures regarding the continuance of the client relationship
and the specific audit engagement
b. Evaluating compliance with ethical requirements, including independence
Universidad de Manila
Atty. Maria Milagros R Lisaca BSA 31
Sources: Salosagcol, Auditing Theory / Cabrera, Auditing & Assurance Services
Audit Planning
In planning an audit, the auditor obtains more detailed knowledge about the client’s
business and industry in order to understand the transactions and events affecting
the financial statements, and to identify potential problems that might encountered
during the audit.
Issuing a Report
On the basis of audit evidence gathered and evaluated, the auditor forms a
conclusion about the financial statements. This conclusion (in the form of an
opinion) is communicated to various interested users through an audit report.
Accepting an Engagement
An important element of a firm’s quality control policies and procedures is a system
for deciding whether to accept or reject an audit engagement. In making this
decision, the firm should consider:
1. Its competence
2. Its independence
3. Its ability to serve the client properly, and
4. The integrity of the prospective client’s management
Competence
One of the primary considerations before accepting an audit engagement is
to determine whether the auditor has the necessary skills and competence to
handle the engagement. According to the Code of Ethics, professional
accountants should not portray themselves as having expertise which they
do not possess. Before accepting the engagement, the auditor should obtain
a preliminary knowledge of the client’s business and industry to determine
whether the auditor has the degree of competence required by the
Universidad de Manila
Atty. Maria Milagros R Lisaca BSA 31
Sources: Salosagcol, Auditing Theory / Cabrera, Auditing & Assurance Services
Independence
Essential to the credibility of the auditor’s report is the concept of
independence. Before accepting an audit engagement, the auditor should
consider whether there are any threats to the audit team’s independence and
objectivity and, if so, whether adequate safeguards can be established.
Integrity of Management
The recent wave of litigation involving auditors has made pre-acceptance
investigation procedures very important. PSA 220 requires the firm to
conduct a background investigation of the prospective client in order to
minimize the likelihood of association with clients whose management lacks
integrity. This task would involve:
Engagement Letter
After accepting the audit engagement, an engagement letter should be prepared.
This serves as the written contract between the auditor and the client. This letter
sets forth:
1. The objective of the audit of financial statements which is to express an
opinion on the financial statements
Universidad de Manila
Atty. Maria Milagros R Lisaca BSA 31
Sources: Salosagcol, Auditing Theory / Cabrera, Auditing & Assurance Services
In addition, the auditor may also include the following items in the engagement
letter:
1. Billing arrangements
2. Expectations of receiving management representation letter
3. Arrangements concerning the involvement of others (experts, other auditors,
internal auditors and other client personnel)
4. Request for the client to confirm the terms of the engagement
Recurring Audits
The auditor does not normally send new engagement letter every year. However,
the following factors may cause the auditor to send a new engagement letter.
Any indication that the client misunderstands the objective and scope of the
audit
Any revised or special terms of the engagement
A recent change of senior management, board of directors or ownership
A significant change in the nature or size of the client’s business
Legal requirements and other government agencies’ pronouncements
Audits of components
When the auditor of a parent entity is also the auditor of its subsidiary, branch or
division, (component), the auditor should consider the following factors in making a
decision of whether to send a separate letter to the component:
Who appoints the auditor of the component
Whether a separate audit report is to be issued on the component
Legal requirements
The extent of any work performed by other auditor
Degree of ownership by parent
Degree of independence of the component’s management