Professional Documents
Culture Documents
Week 1-APC 302 Handout-Prelim
Week 1-APC 302 Handout-Prelim
ANTHONY’S COLLEGE
Business Education Department
San Jose de Buenavista, 5700 Antique
Tel. No. (036) 5409238; 5400898; 5409971 Tel. No.: (036) 5409196
Website: www.sac.edu.ph Email: info@sac.edu.ph; bused@sac.edu.ph
In SAC, we
care!
APC 302
AUDITING AND ASSURANCE:
CONCEPTS AND APPLICATION 1
(WEEK 1 HANDOUT)
In SAC, we
APC 302 – AUDITING AND ASSURANCE: CONCEPTS AND APPLICATION 1 care!
PRELIM
WEEK 1: OVERVIEW OF THE CORE CONCEPTS OF FINANCIAL STATEMENTS AUDIT: CORE CONCEPTS OF A RISK-BASED APPROACH
TO CONDUCTING A QUALITY AUDIT
Auditing
- is a systematic process by which a competent, independent person objectively obtains and evaluates evidence regarding assertions about
economic actions and events to ascertain the degree of correspondence between those assertions and established criteria and communicating the
results to interested users.
OVERALL OBJECTIVES OF THE INDEPENDENT AUDITOR AND THE CONDUCT OF AN AUDIT IN ACCORDANCE WITH PHILIPPINE
STANDARDS ON AUDITING (PSR200)
-The Philippine Standard on Auditing (PSA) establishes the independent auditor's overall responsibilities when conducting an audit of financial
statements. Specifically, it sets out the overall objectives of the independent auditor, and explains the nature and scope of an audit designed to
enable the independent auditor to meet those objectives. It also explains the scope, authority and structure of the PSAs, and includes requirements
establishing the general responsibilities of the independent auditor applicable in all audits, including the obligation to comply with the PSAs.
OBJECTIVES OF AN AUDIT
-In conducting an audit of financial statements, the overall objectives of the auditor are:
1. To obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to
fraud or error, them by enabling the auditor to express an opinion on whether the financial statements are prepared, in all material
respects, in accordance with an applicable financial reporting framework; and
2. To report on the financial statements, and communicate as required by the PSAs, in accordance with the auditor's findings.
*The purpose of an audit is to enhance the degree of confidence of intended users in the financial statements. This is achieved by the expression of
an opinion by the auditor on whether the financial statements are prepared, in all material respects, in accordance with an applicable financial
reporting framework. In the case of most general-purpose frameworks, that opinion is on whether the financial statements are presented fairly, in all
material respects, in accordance with the framework. An audit conducted in accordance with PSAs and relevant ethical requirements enables the
auditor to form that opinion.
*An audit of financial statements is an assurance engagement, as defined in the Philippine Framework for Assurance Engagements. The Framework
defines and describes the elements and objectives of an assurance engagement. The PSAs apply the Framework in the context of an audit of
financial statements and contain the basic principles and essential procedures, together with related guidance, to be applied in such an audit.
1
ST. ANTHONY’S COLLEGE
Business Education Department
San Jose de Buenavista, 5700 Antique
Tel. No. (036) 5409238; 5400898; 5409971 Tel. No.: (036) 5409196
Website: www.sac.edu.ph Email: info@sac.edu.ph; bused@sac.edu.ph
In SAC, we
APC 302 – AUDITING AND ASSURANCE: CONCEPTS AND APPLICATION 1 care!
PRELIM
-The auditor should not represent compliance with Philippine Standards on Auditing unless the auditor has complied fully with all of the Philippine
Standards on Auditing relevant to the audit. The auditor may, in exceptional circumstances, judge it necessary to depart from a basic principle or an
essential procedure that is relevant in the circumstances of the audit, in order to achieve the objective of the audit. In such a case, the auditor is not
precluded from representing compliance with PSAs, provided the departure is appropriately documented as required by PSA 230 (Clarified), "Audit
Documentation."
PROFESSIONAL SKEPTICISM
-The auditor should plan and perform an audit with an attitude of professional skepticism recognizing that circumstances may exist that cause the
financial statements to be materially misstated.
-An attitude of professional skepticism means the auditor makes a critical assessment, with a questioning mind, of the validity of audit evidence
obtained and is alert to audit evidence that contradicts or brings into question the reliability of documents and responses to inquiries and other
information obtained from management and those charged with governance. For example, an attitude of professional skepticism is necessary
throughout the audit process for the auditor to reduce the risk of overlooking unusual circumstances, of over generalizing when drawing conclusions
from audit observations, and of using faulty assumptions in determining the nature, timing and extent of the audit procedures and evaluating the
results thereof. When making inquiries and performing other audit procedures, the auditor is not satisfied with less-than persuasive audit evidence
based on a belief that management and those charged with governance are honest and have integrity. Accordingly, representations from
management are not a substitute for obtaining sufficient appropriate audit evidence to be able to draw reasonable conclusions on which to base the
auditor's opinion.
REASONABLE ASSURANCE
-An auditor conducting an audit in accordance with PSAs obtains reasonable assurance that the financial statements taken as a whole are free from
material misstatement, whether due to fraud or error. Reasonable assurance is a concept relating to the accumulation of the audit evidence
necessary for the auditor to conclude that there are no material misstatements in the financial statements taken as a whole. Reasonable assurance
relates to the whole audit process.
*An auditor cannot obtain absolute assurance because there are inherent limitations in an audit that affect the auditor's ability to detect material
misstatements. These limitations result from factors such as the following:
1. The use of testing.
2. The inherent limitations of internal control (for example, the possibility of management override or collusion).
3. The fact that most audit evidence is persuasive rather than conclusive.
*Also, the work undertaken by the auditor to form an opinion is permeated by judgment, in particular regarding:
1. The gathering of audit evidence, for example, in deciding the nature, timing and extent of audit procedure; and
2. The drawing of conclusions based on the audit evidence gathered, for example, assessing the reasonableness of the estimates made by
management in preparing the financial statements.
*Further, other limitations may affect the persuasiveness of evidence available to draw conclusions on particular assertions (for example,
transactions between related parties). In these cases, certain PSAs identify specified audit procedures which will, because of the nature of the
particular assertions, provide sufficient appropriate audit evidence in the absence of:
a. Unusual circumstances which increase the risk of material misstatement beyond that which would ordinarily be expected; or
b. Any indication that a material misstatement has occurred.
*Accordingly, because of the factors described above, an audit is not a guarantee that the financial statements are free from material misstatement,
because absolute assurance is not attainable. Further, an audit opinion does not assure the future viability of the entity nor the efficiency or
effectiveness with which management as conducted the affairs of the entity.
In SAC, we
APC 302 – AUDITING AND ASSURANCE: CONCEPTS AND APPLICATION 1 care!
PRELIM
oversight from those charged with governance. The audit of the financial statements does not relieve management or those charged with
governance of their responsibilities.
Account-based audit
-is an approach wherein the auditor obtains an understanding of control and assesses control risk for particular types of errors and frauds in specific
accounts and cycle.
*An "event" is simply a business or fraud risk factor that, if it actually occurred, would adversely affect the entity's ability to achieve its objective of
preparing financial statements that do not contain material misstatements resulting from error and fraud. This would also include risks resulting from
the absence of internal control to mitigate the potential for material misstatements in the financial statements.
Figure 1-2 shows the schematic risk-based audit process in accordance with the guidelines provided by the International Federation of Accountants.
3
ST. ANTHONY’S COLLEGE
Business Education Department
San Jose de Buenavista, 5700 Antique
Tel. No. (036) 5409238; 5400898; 5409971 Tel. No.: (036) 5409196
Website: www.sac.edu.ph Email: info@sac.edu.ph; bused@sac.edu.ph
In SAC, we
APC 302 – AUDITING AND ASSURANCE: CONCEPTS AND APPLICATION 1 care!
PRELIM
4
ST. ANTHONY’S COLLEGE
Business Education Department
San Jose de Buenavista, 5700 Antique
Tel. No. (036) 5409238; 5400898; 5409971 Tel. No.: (036) 5409196
Website: www.sac.edu.ph Email: info@sac.edu.ph; bused@sac.edu.ph
In SAC, we
APC 302 – AUDITING AND ASSURANCE: CONCEPTS AND APPLICATION 1 care!
PRELIM
Figure 1-3 presents the Relevant Philippine Standards in Auditing (PSAS) to be used in the Risk-Based Audit Process
5
ST. ANTHONY’S COLLEGE
Business Education Department
San Jose de Buenavista, 5700 Antique
Tel. No. (036) 5409238; 5400898; 5409971 Tel. No.: (036) 5409196
Website: www.sac.edu.ph Email: info@sac.edu.ph; bused@sac.edu.ph
In SAC, we
APC 302 – AUDITING AND ASSURANCE: CONCEPTS AND APPLICATION 1 care!
PRELIM
6
ST. ANTHONY’S COLLEGE
Business Education Department
San Jose de Buenavista, 5700 Antique
Tel. No. (036) 5409238; 5400898; 5409971 Tel. No.: (036) 5409196
Website: www.sac.edu.ph Email: info@sac.edu.ph; bused@sac.edu.ph
In SAC, we
APC 302 – AUDITING AND ASSURANCE: CONCEPTS AND APPLICATION 1 care!
PRELIM
Nature of Risk
Risk
-is a concept used to express uncertainty about events and/or their outcomes that could have a material effect on the organization
The four critical components of risk that are may relevant give to conducting the audit are:
1. Audit Risk - The risk that an auditor may give unqualified opinion on financial statements that are materially misstated.
7
ST. ANTHONY’S COLLEGE
Business Education Department
San Jose de Buenavista, 5700 Antique
Tel. No. (036) 5409238; 5400898; 5409971 Tel. No.: (036) 5409196
Website: www.sac.edu.ph Email: info@sac.edu.ph; bused@sac.edu.ph
In SAC, we
APC 302 – AUDITING AND ASSURANCE: CONCEPTS AND APPLICATION 1 care!
PRELIM
2. Engagement Risk - The economic risk that a CPA firm is exposed to because it is associated with a particular client including loss of
reputation, inability of the client to pay the auditor, or financial loss because management is not honest and inhibits the audit process.
Engagement risk is controlled by careful selection and retention of client.
3. Financial Reporting Risk- Those risks that relate directly to the recording of transactions and the presentation of financial data in an
organization's financial statements.
4. Business Risk- Those risks that affect the operations and potential outcomes of organizational activities.
The following considerations are important in integrating the concepts of materiality and risk in the conduct of a risk-based audit:
1. Risky areas of a business must be identified by the auditors to determine which account balances are more prone to material
misstatements, how the misstatements might occur and how a client might be able to cover them up.
2. Auditors need to develop approaches and methodologies to allocate overall assessments of materiality to individual account balances
because some account balances may be more important to users.
3. Audits involve testing or sampling and thus cannot provide absolute (100%) assurance that the financial statements are free of material
misstatements without inordinately driving up the cost of audits.
4. Not all clients are worth accepting. Since audits rely on testing and to some extent on the integrity of management, there are some clients
that an audit firm should not accept because the engagement risk is too high.
5. Competition for clients among audit firms is high. Clients choose auditors based on a number of factors including fees, service, industry
knowledge, personal rapport and ability to assist the client.
6. Auditors should understand society's expectations of financial reporting to reduce audit risk to an acceptably low level and therefore
minimize lawsuits that the users may possibly bring forth.
*Although audit risk is a concept, it is often illustrated using quantitative examples. For instance, the relationship between engagement risk and audit
risk may be presented as follows:
Setting audit risk at 1% is equivalent to performing a statistical test using 99% confidence level. Audit risk set at 1% implies that the auditor
is willing to take a 1% chance of issuing an unqualified opinion on materially misstated financial statements.
Audit risk set at 5%, implies that the auditor is willing to take a 5% chance of issuing an unqualified opinion on materially misstated
financial statements.
High levels of audit risk are appropriate for client with lower levels of engagement risk.
*Based on the assessment of engagement risk, the auditor sets the desired audit risk. Audit risk oftentimes illustrated using numeric or quantitative
examples. In fact, many audit firms use the measures associated with statistical sampling to set audit risk, e.g., setting audit risk at a 1% level for
high-risk clients and 5% for lower-risk clients. Other auditing firms use a broader description of audit risk as high, moderate or low and adjust the
nature of their audit procedures accordingly.
The following general observations are considered to have influenced the implementation of the audit risk model:
The better the company's internal controls, the lower the likelihood of material misstatement.
Unusual or complex transactions are more likely to be erroneously recorded than a recurring or routine transactions
The amount and persuasiveness of audit evidence gathered should vary inversely with audit risk; i.e., lower audit risk requires gathering
more persuasive evidence.
AR = IR x CR x DR
Where:
Inherent risk (IR) is the initial susceptibility of a transaction or accounting adjustment to be recorded in error, or for the transaction not to be
recorded in the absence of internal controls.
Control risk (CR) is the risk that the client's internal control system will fail to prevent or detect a misstatement.
8
ST. ANTHONY’S COLLEGE
Business Education Department
San Jose de Buenavista, 5700 Antique
Tel. No. (036) 5409238; 5400898; 5409971 Tel. No.: (036) 5409196
Website: www.sac.edu.ph Email: info@sac.edu.ph; bused@sac.edu.ph
In SAC, we
APC 302 – AUDITING AND ASSURANCE: CONCEPTS AND APPLICATION 1 care!
PRELIM
Detection risk (DR) is the risk that the audit procedures will fail to detect a material misstatement.
*Stated differently, audit risk is the risk that the auditor may give an unqualified opinion on materially misstated financial statements. It is influenced
by:
(IR) the likelihood that a transaction, estimate, or adjustment might be recorded incorrectly;
(CR) the likelihood that the client's internal control processes would fail to prevent or detect the misstatement and
(DR) the likelihood that, if a misstatement occurred, the auditor's procedures would fail to detect the misstatement.
*The audit risk model may also be illustrated using a quantitative approach with probability assessments applied to each of the model's component.
Illustrative Case I: Quantitative Example of Audit Risk: High Risk of Material Misstatement
XYZ Mining Corporation, an audit client of Aquino and Marcos CPAs, has many complex transactions and weak internal control. The auditors assess
both inherent risk and control risk at their maximum. This implies that the client does not have effective control (CR) and there is a high risk that the
transaction would be recorded incorrectly (IR).
The auditors believe that engagement risk is high and have set audit risk at the 0.01 level. This means that the auditors do not want to take much of
a risk that the misstatement goes undetected in the financial statements.
The effect on the extent of audit procedures and thus, detection risk is as follows:
In this particular case, detection risk and audit risk are the same because the auditor cannot rely on internal control to prevent or detect
misstatements.
This illustration therefore yields the instinctive result:
"Poor controls and a high likelihood of misstatement would lead to extended audit work to maintain audit risk at an acceptable level."
Illustrative Case II: Quantitative Example of Audit Risk: Low Risk of Material Misstatement
Zoren Trading Corporation is an audit client of Cayetano and Loren CPAs. Zoren has simple transactions, well-trained accounting personnel
effective control and no incentive to misstate the financial statements.
The auditor's previous audit experience with the client; an understanding of the client's internal controls and the results of preliminary testing this
year indicate a low risk of material misstatement existing in the accounting records. The auditor assesses inherent risk as low as 50% and control
risk of 20%.
*The auditor could therefore design tests of the accounting records with a lower detection risk, in this situation 50%, because only minimal
substantive tests of account balances are needed to provide corroborating evidence on the expectations that the accounts are not materially
misstated. The auditor, however would have had to test whether the controls are operating effectively in order to support a control risk assessment
below 100%.
9
ST. ANTHONY’S COLLEGE
Business Education Department
San Jose de Buenavista, 5700 Antique
Tel. No. (036) 5409238; 5400898; 5409971 Tel. No.: (036) 5409196
Website: www.sac.edu.ph Email: info@sac.edu.ph; bused@sac.edu.ph
In SAC, we
APC 302 – AUDITING AND ASSURANCE: CONCEPTS AND APPLICATION 1 care!
PRELIM
The following general observations on an audit client influence the implementation of the audit risk model:
1. High-risk activities
-This includes operations or events where a material misstatement could easily occur. For example, an inventory of high-value diamonds
or gold bars held by a jeweler, or a new / complex accounting system being introduced.
2. Existence of large non-routine transactions
Identified significant related party transactions outside the entity's normal course of business are to be treated as giving rise to
significant risks. This includes infrequent and large transactions.
For example:
Unusual volume of routine transactions with a related party;
A major sales or supply contract;
The purchase or sale of major business assets or business segments; and
Sale of the business to a third party.
Routine non-complex transactions that are subject to systematic processing are less likely to give rise to significant risks.
CPA firms in determining their approach to implementing the audit risk model should consider the following limitations:
1. Inherent risk is difficult to formally assess. Some transactions because of their complexity are more susceptible to error but it is quite
difficult to assess that level of risk independent of the client's accounting system.
2. The model treats each risk component as separate and independent when in fact the components are not independent. It is also quite
difficult to separate a client’s material controls and inherent risk
3. Audit risk is judgmentally determined.
4. Audit technology is not fully developed that each component of the model can be accurately assessed. Auditing is based on testing, and
precise estimates of the model’s components are not possible. Auditors can however, make subjective assessments and use the audit risk
model as guide.
10